NIHVIVO-3523 Break up the CommonIdentifierBundleFactory into several pieces: one for each type of Identifier. Add some unit tests.

This commit is contained in:
j2blake 2011-12-23 17:33:48 +00:00
parent f63722a2fe
commit 5051c56f7a
13 changed files with 841 additions and 262 deletions

View file

@ -0,0 +1,277 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import static org.junit.Assert.assertEquals;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import org.junit.Before;
import org.junit.Test;
import stubs.edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDaoStub;
import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub;
import stubs.javax.servlet.ServletContextStub;
import stubs.javax.servlet.http.HttpServletRequestStub;
import stubs.javax.servlet.http.HttpSessionStub;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasPermission;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
/**
* Can we tell whether a user is logged in as root?
*/
public class HasPermissionFactoryTest extends AbstractTestClass {
private static final String USER_URI = "http://userUri";
private UserAccount user;
private LoginStatusBean lsb;
private PermissionSet emptyPublicPermissionSet;
private PermissionSet publicPermissionSet1;
private PermissionSet publicPermissionSet2;
private PermissionSet emptyLoggedInPermissionSet;
private PermissionSet loggedInPermissionSet1;
private PermissionSet loggedInPermissionSet2;
private Permission permissionP1a;
private Permission permissionP1b;
private Permission permissionP2;
private Permission permissionLI1;
private Permission permissionLI2a;
private Permission permissionLI2b;
private WebappDaoFactoryStub wdf;
private UserAccountsDaoStub uaDao;
private ServletContextStub ctx;
private HttpSessionStub session;
private HttpServletRequestStub req;
private HasPermissionFactory factory;
private IdentifierBundle actualIds;
private IdentifierBundle expectedIds;
@Before
public void setup() {
user = new UserAccount();
user.setUri(USER_URI);
lsb = new LoginStatusBean(USER_URI, AuthenticationSource.INTERNAL);
uaDao = new UserAccountsDaoStub();
uaDao.addUser(user);
wdf = new WebappDaoFactoryStub();
wdf.setUserAccountsDao(uaDao);
ctx = new ServletContextStub();
ctx.setAttribute("webappDaoFactory", wdf);
session = new HttpSessionStub();
session.setServletContext(ctx);
req = new HttpServletRequestStub();
req.setSession(session);
factory = new HasPermissionFactory(ctx);
preparePermissions();
preparePermissionSets();
}
private void preparePermissions() {
permissionP1a = new MyPermission("permissionP1a");
permissionP1b = new MyPermission("permissionP1b");
permissionP2 = new MyPermission("permissionP2");
permissionLI1 = new MyPermission("permissionLI1");
permissionLI2a = new MyPermission("permissionLI2a");
permissionLI2b = new MyPermission("permissionLI2b");
PermissionRegistry.createRegistry(
ctx,
list(permissionP1a, permissionP1b, permissionP2, permissionLI1,
permissionLI2a, permissionLI2b));
}
private void preparePermissionSets() {
emptyPublicPermissionSet = new PermissionSet();
emptyPublicPermissionSet.setUri("java:emptyPS");
emptyPublicPermissionSet.setLabel("emptyPublicPermissionSet");
emptyPublicPermissionSet.setForPublic(true);
publicPermissionSet1 = new PermissionSet();
publicPermissionSet1.setUri("java:publicPS1");
publicPermissionSet1.setLabel("publicPermissionSet1");
publicPermissionSet1.setForPublic(true);
setPermissions(publicPermissionSet1, permissionP1a, permissionP1b);
publicPermissionSet2 = new PermissionSet();
publicPermissionSet2.setUri("java:publicPS2");
publicPermissionSet2.setLabel("publicPermissionSet2");
publicPermissionSet2.setForPublic(true);
setPermissions(publicPermissionSet2, permissionP2);
emptyLoggedInPermissionSet = new PermissionSet();
emptyLoggedInPermissionSet.setUri("java:emptyPS");
emptyLoggedInPermissionSet.setLabel("emptyLoggedInPermissionSet");
loggedInPermissionSet1 = new PermissionSet();
loggedInPermissionSet1.setUri("java:loggedInPS1");
loggedInPermissionSet1.setLabel("loggedInPermissionSet1");
setPermissions(loggedInPermissionSet1, permissionLI1);
loggedInPermissionSet2 = new PermissionSet();
loggedInPermissionSet2.setUri("java:loggedInPS2");
loggedInPermissionSet2.setLabel("loggedInPermissionSet2");
setPermissions(loggedInPermissionSet2, permissionLI2a, permissionLI2b);
uaDao.addPermissionSet(emptyLoggedInPermissionSet);
uaDao.addPermissionSet(loggedInPermissionSet1);
uaDao.addPermissionSet(loggedInPermissionSet2);
// "public" permission sets are added for specific tests.
}
// ----------------------------------------------------------------------
// the tests
// ----------------------------------------------------------------------
@Test
public void notLoggedInNoPublicSets() {
expectedIds = new ArrayIdentifierBundle();
actualIds = factory.getIdentifierBundle(req);
assertEquals("no public sets", expectedIds, actualIds);
}
@Test
public void notLoggedInEmptyPublicSet() {
uaDao.addPermissionSet(emptyPublicPermissionSet);
expectedIds = new ArrayIdentifierBundle();
actualIds = factory.getIdentifierBundle(req);
assertEquals("empty public set", expectedIds, actualIds);
}
@Test
public void notLoggedInOnePublicSet() {
uaDao.addPermissionSet(publicPermissionSet1);
expectedIds = new ArrayIdentifierBundle(id(permissionP1a),
id(permissionP1b));
actualIds = factory.getIdentifierBundle(req);
assertEqualIds("one public set", expectedIds, actualIds);
}
@Test
public void notLoggedInTwoPublicSets() {
uaDao.addPermissionSet(publicPermissionSet1);
uaDao.addPermissionSet(publicPermissionSet2);
expectedIds = new ArrayIdentifierBundle(id(permissionP1a),
id(permissionP1b), id(permissionP2));
actualIds = factory.getIdentifierBundle(req);
assertEqualIds("two public sets", expectedIds, actualIds);
}
@Test
public void loggedInNoSets() {
LoginStatusBean.setBean(session, lsb);
expectedIds = new ArrayIdentifierBundle();
actualIds = factory.getIdentifierBundle(req);
assertEquals("no logged in sets", expectedIds, actualIds);
}
@Test
public void loggedInEmptySet() {
LoginStatusBean.setBean(session, lsb);
user.setPermissionSetUris(list(emptyLoggedInPermissionSet.getUri()));
expectedIds = new ArrayIdentifierBundle();
actualIds = factory.getIdentifierBundle(req);
assertEquals("empty logged in set", expectedIds, actualIds);
}
@Test
public void loggedInOneSet() {
LoginStatusBean.setBean(session, lsb);
user.setPermissionSetUris(list(loggedInPermissionSet1.getUri()));
expectedIds = new ArrayIdentifierBundle(id(permissionLI1));
actualIds = factory.getIdentifierBundle(req);
assertEqualIds("one logged in set", expectedIds, actualIds);
}
@Test
public void loggedInTwoSets() {
LoginStatusBean.setBean(session, lsb);
user.setPermissionSetUris(list(loggedInPermissionSet1.getUri(),
loggedInPermissionSet2.getUri()));
expectedIds = new ArrayIdentifierBundle(id(permissionLI1),
id(permissionLI2a), id(permissionLI2b));
actualIds = factory.getIdentifierBundle(req);
assertEqualIds("two logged in sets", expectedIds, actualIds);
}
// ----------------------------------------------------------------------
// helper methods
// ----------------------------------------------------------------------
private void setPermissions(PermissionSet ps, Permission... permissions) {
List<String> uris = new ArrayList<String>();
for (Permission p : permissions) {
uris.add(p.getUri());
}
ps.setPermissionUris(uris);
}
private HasPermission id(Permission p) {
return new HasPermission(p);
}
private <T> List<T> list(T... elements) {
List<T> l = new ArrayList<T>();
for (T element : elements) {
l.add(element);
}
return l;
}
private void assertEqualIds(String message, IdentifierBundle expected,
IdentifierBundle actual) {
Set<HasPermission> expectedSet = new HashSet<HasPermission>();
for (Identifier id : expected) {
expectedSet.add((HasPermission) id);
}
Set<HasPermission> actualSet = new HashSet<HasPermission>();
for (Identifier id : actual) {
actualSet.add((HasPermission) id);
}
assertEqualSets(message, expectedSet, actualSet);
}
private static class MyPermission extends Permission {
public MyPermission(String uri) {
super(uri);
}
@Override
public boolean isAuthorized(RequestedAction whatToAuth) {
return false;
}
}
}

View file

@ -0,0 +1,99 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import static org.junit.Assert.assertEquals;
import org.junit.Before;
import org.junit.Test;
import stubs.edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDaoStub;
import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub;
import stubs.javax.servlet.ServletContextStub;
import stubs.javax.servlet.http.HttpServletRequestStub;
import stubs.javax.servlet.http.HttpSessionStub;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
/**
* Can we tell whether a user is logged in as root?
*/
public class IsRootUserFactoryTest extends AbstractTestClass {
private static final String PLAIN_USER_URI = "http://userUri";
private static final String ROOT_USER_URI = "http://rootUri";
private WebappDaoFactoryStub wdf;
private UserAccountsDaoStub uaDao;
private ServletContextStub ctx;
private HttpSessionStub session;
private HttpServletRequestStub req;
private IsRootUserFactory factory;
private IdentifierBundle actualIds;
private IdentifierBundle expectedIds;
@Before
public void setup() {
UserAccount plainUser = new UserAccount();
plainUser.setUri(PLAIN_USER_URI);
UserAccount rootUser = new UserAccount();
rootUser.setUri(ROOT_USER_URI);
rootUser.setRootUser(true);
uaDao = new UserAccountsDaoStub();
uaDao.addUser(plainUser);
uaDao.addUser(rootUser);
wdf = new WebappDaoFactoryStub();
wdf.setUserAccountsDao(uaDao);
ctx = new ServletContextStub();
ctx.setAttribute("webappDaoFactory", wdf);
session = new HttpSessionStub();
session.setServletContext(ctx);
req = new HttpServletRequestStub();
req.setSession(session);
factory = new IsRootUserFactory(ctx);
}
@Test
public void notLoggedIn() {
expectedIds = new ArrayIdentifierBundle();
actualIds = factory.getIdentifierBundle(req);
assertEquals("empty bundle", expectedIds, actualIds);
}
@Test
public void loggedInNotRoot() {
LoginStatusBean lsb = new LoginStatusBean(PLAIN_USER_URI,
AuthenticationSource.EXTERNAL);
LoginStatusBean.setBean(session, lsb);
expectedIds = new ArrayIdentifierBundle();
actualIds = factory.getIdentifierBundle(req);
assertEquals("not root", expectedIds, actualIds);
}
@Test
public void loggedInAsRoot() {
LoginStatusBean lsb = new LoginStatusBean(ROOT_USER_URI,
AuthenticationSource.EXTERNAL);
LoginStatusBean.setBean(session, lsb);
expectedIds = new ArrayIdentifierBundle(IsRootUser.INSTANCE);
actualIds = factory.getIdentifierBundle(req);
assertEquals("root", expectedIds, actualIds);
}
}

View file

@ -0,0 +1,72 @@
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
import static org.junit.Assert.assertEquals;
import org.junit.Before;
import org.junit.Test;
import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub;
import stubs.javax.servlet.ServletContextStub;
import stubs.javax.servlet.http.HttpServletRequestStub;
import stubs.javax.servlet.http.HttpSessionStub;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser;
/**
* The simplest of the IdentifierBundleFactory classes.
*/
public class IsUserFactoryTest extends AbstractTestClass {
private static final String USER_URI = "http://userUri";
private WebappDaoFactoryStub wdf;
private ServletContextStub ctx;
private HttpSessionStub session;
private HttpServletRequestStub req;
private IsUserFactory factory;
private IdentifierBundle actualIds;
private IdentifierBundle expectedIds;
@Before
public void setup() {
wdf = new WebappDaoFactoryStub();
ctx = new ServletContextStub();
ctx.setAttribute("webappDaoFactory", wdf);
session = new HttpSessionStub();
session.setServletContext(ctx);
req = new HttpServletRequestStub();
req.setSession(session);
factory = new IsUserFactory(ctx);
}
@Test
public void notLoggedIn() {
expectedIds = new ArrayIdentifierBundle();
actualIds = factory.getIdentifierBundle(req);
assertEquals("empty bundle", expectedIds, actualIds);
}
@Test
public void loggedIn() {
LoginStatusBean lsb = new LoginStatusBean(USER_URI,
AuthenticationSource.EXTERNAL);
LoginStatusBean.setBean(session, lsb);
expectedIds = new ArrayIdentifierBundle(new IsUser(USER_URI));
actualIds = factory.getIdentifierBundle(req);
assertEquals("user id", expectedIds, actualIds);
}
}

View file

@ -36,7 +36,7 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.CommonIdentifierBundleFactory;
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
@ -163,7 +163,7 @@ public class AuthenticateTest extends AbstractTestClass {
new ConfigurationPropertiesStub().setBean(servletContext);
ActiveIdentifierBundleFactories.addFactory(servletContext,
new CommonIdentifierBundleFactory(servletContext));
new HasRoleLevelFactory(servletContext));
}
private UserAccount createUserFromUserInfo(UserInfo userInfo) {