NIHVIVO-3523 Break up the CommonIdentifierBundleFactory into several pieces: one for each type of Identifier. Add some unit tests.
This commit is contained in:
j2blake
parent
f63722a2fe
commit
5051c56f7a
13 changed files with 841 additions and 262 deletions
|
|
@ -1,243 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.common;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
/**
|
||||
* Create Identifiers that are recognized by the common policy family.
|
||||
*/
|
||||
public class CommonIdentifierBundleFactory implements IdentifierBundleFactory {
|
||||
private static final Log log = LogFactory
|
||||
.getLog(CommonIdentifierBundleFactory.class);
|
||||
|
||||
private final ServletContext context;
|
||||
|
||||
public CommonIdentifierBundleFactory(ServletContext context) {
|
||||
this.context = context;
|
||||
}
|
||||
|
||||
@Override
|
||||
public IdentifierBundle getIdentifierBundle(ServletRequest request,
|
||||
HttpSession session, ServletContext unusedContext) {
|
||||
|
||||
// If this is not an HttpServletRequest, we might as well fail now.
|
||||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
|
||||
ArrayIdentifierBundle bundle = new ArrayIdentifierBundle();
|
||||
|
||||
bundle.addAll(createUserIdentifiers(req));
|
||||
bundle.addAll(createRootUserIdentifiers(req));
|
||||
bundle.addAll(createRoleLevelIdentifiers(req));
|
||||
bundle.addAll(createBlacklistOrAssociatedIndividualIdentifiers(req));
|
||||
bundle.addAll(createExplicitProxyEditingIdentifiers(req));
|
||||
bundle.addAll(createPermissionIdentifiers(req));
|
||||
|
||||
return bundle;
|
||||
}
|
||||
|
||||
/**
|
||||
* If the user is logged in, create an identifier that shows his URI.
|
||||
*/
|
||||
private Collection<? extends Identifier> createUserIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
LoginStatusBean bean = LoginStatusBean.getBean(req);
|
||||
if (bean.isLoggedIn()) {
|
||||
return Collections.singleton(new IsUser(bean.getUserURI()));
|
||||
} else {
|
||||
return Collections.emptySet();
|
||||
}
|
||||
}
|
||||
|
||||
private Collection<? extends Identifier> createRootUserIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if ((user != null) && user.isRootUser()) {
|
||||
return Collections.singleton(new IsRootUser());
|
||||
} else {
|
||||
return Collections.emptySet();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an identifier that shows the role level of the current user, or
|
||||
* PUBLIC if the user is not logged in.
|
||||
*/
|
||||
private Collection<? extends Identifier> createRoleLevelIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req);
|
||||
return Collections.singleton(new HasRoleLevel(roleLevel));
|
||||
}
|
||||
|
||||
/**
|
||||
* Find all of the individuals that are associated with the current user,
|
||||
* and create either an IsBlacklisted or HasAssociatedIndividual for each
|
||||
* one.
|
||||
*/
|
||||
private Collection<? extends Identifier> createBlacklistOrAssociatedIndividualIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
Collection<Identifier> ids = new ArrayList<Identifier>();
|
||||
|
||||
for (Individual ind : getAssociatedIndividuals(req)) {
|
||||
// If they are blacklisted, this factory will return an identifier
|
||||
Identifier id = IsBlacklisted.getInstance(ind, context);
|
||||
if (id != null) {
|
||||
ids.add(id);
|
||||
} else {
|
||||
ids.add(new HasProfile(ind.getURI()));
|
||||
}
|
||||
}
|
||||
|
||||
return ids;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all Individuals associated with the current user as SELF.
|
||||
*/
|
||||
private Collection<Individual> getAssociatedIndividuals(
|
||||
HttpServletRequest req) {
|
||||
Collection<Individual> individuals = new ArrayList<Individual>();
|
||||
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if (user == null) {
|
||||
log.debug("No Associated Individuals: not logged in.");
|
||||
return individuals;
|
||||
}
|
||||
|
||||
WebappDaoFactory wdf = (WebappDaoFactory) context
|
||||
.getAttribute("webappDaoFactory");
|
||||
if (wdf == null) {
|
||||
log.error("Could not get a WebappDaoFactory from the ServletContext");
|
||||
return individuals;
|
||||
}
|
||||
|
||||
IndividualDao indDao = wdf.getIndividualDao();
|
||||
|
||||
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req);
|
||||
individuals.addAll(sec.getAssociatedIndividuals(indDao, user));
|
||||
|
||||
return individuals;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all Individuals associated with the current user by explicit proxy
|
||||
* relationship.
|
||||
*/
|
||||
private Collection<? extends Identifier> createExplicitProxyEditingIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
Collection<Identifier> ids = new ArrayList<Identifier>();
|
||||
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if (user != null) {
|
||||
for (String proxiedUri : user.getProxiedIndividualUris()) {
|
||||
ids.add(new HasProxyEditingRights(proxiedUri));
|
||||
}
|
||||
}
|
||||
|
||||
return ids;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create an identifier for each Permission that the User has.
|
||||
*/
|
||||
private Collection<? extends Identifier> createPermissionIdentifiers(
|
||||
HttpServletRequest req) {
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if (user == null) {
|
||||
return createPublicPermissions();
|
||||
} else {
|
||||
return createUserPermissions(user);
|
||||
}
|
||||
}
|
||||
|
||||
private Collection<? extends Identifier> createPublicPermissions() {
|
||||
Collection<Identifier> ids = new ArrayList<Identifier>();
|
||||
|
||||
WebappDaoFactory wdf = (WebappDaoFactory) context
|
||||
.getAttribute("webappDaoFactory");
|
||||
if (wdf == null) {
|
||||
log.error("Could not get a WebappDaoFactory from the ServletContext");
|
||||
return ids;
|
||||
}
|
||||
|
||||
UserAccountsDao uaDao = wdf.getUserAccountsDao();
|
||||
|
||||
Set<String> permissionUris = new HashSet<String>();
|
||||
for (PermissionSet ps : uaDao.getAllPermissionSets()) {
|
||||
if (ps.isForPublic()) {
|
||||
permissionUris.addAll(ps.getPermissionUris());
|
||||
}
|
||||
}
|
||||
|
||||
PermissionRegistry registry = PermissionRegistry.getRegistry(context);
|
||||
for (String permissionUri : permissionUris) {
|
||||
Permission permission = registry.getPermission(permissionUri);
|
||||
ids.add(new HasPermission(permission));
|
||||
}
|
||||
|
||||
return ids;
|
||||
}
|
||||
|
||||
private Collection<? extends Identifier> createUserPermissions(UserAccount user) {
|
||||
Collection<Identifier> ids = new ArrayList<Identifier>();
|
||||
|
||||
WebappDaoFactory wdf = (WebappDaoFactory) context
|
||||
.getAttribute("webappDaoFactory");
|
||||
if (wdf == null) {
|
||||
log.error("Could not get a WebappDaoFactory from the ServletContext");
|
||||
return ids;
|
||||
}
|
||||
|
||||
UserAccountsDao uaDao = wdf.getUserAccountsDao();
|
||||
|
||||
Set<String> permissionUris = new HashSet<String>();
|
||||
for (String psUri : user.getPermissionSetUris()) {
|
||||
PermissionSet ps = uaDao.getPermissionSetByUri(psUri);
|
||||
if (ps != null) {
|
||||
permissionUris.addAll(ps.getPermissionUris());
|
||||
}
|
||||
}
|
||||
|
||||
PermissionRegistry registry = PermissionRegistry.getRegistry(context);
|
||||
for (String permissionUri : permissionUris) {
|
||||
Permission permission = registry.getPermission(permissionUri);
|
||||
ids.add(new HasPermission(permission));
|
||||
}
|
||||
|
||||
return ids;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return this.getClass().getSimpleName() + " - " + hashCode();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,66 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
/**
|
||||
* Some fields and methods that are helpful to IdentifierBundleFactory classes.
|
||||
*/
|
||||
public abstract class BaseIdentifierBundleFactory implements
|
||||
IdentifierBundleFactory {
|
||||
protected final ServletContext ctx;
|
||||
protected final WebappDaoFactory wdf;
|
||||
protected final UserAccountsDao uaDao;
|
||||
protected final IndividualDao indDao;
|
||||
|
||||
public BaseIdentifierBundleFactory(ServletContext ctx) {
|
||||
if (ctx == null) {
|
||||
throw new NullPointerException("ctx may not be null.");
|
||||
}
|
||||
this.ctx = ctx;
|
||||
|
||||
Object wdfObject = ctx.getAttribute("webappDaoFactory");
|
||||
if (wdfObject instanceof WebappDaoFactory) {
|
||||
this.wdf = (WebappDaoFactory) wdfObject;
|
||||
} else {
|
||||
throw new IllegalStateException(
|
||||
"Didn't find a WebappDaoFactory in the context. Found '"
|
||||
+ wdfObject + "' instead.");
|
||||
}
|
||||
|
||||
this.uaDao = wdf.getUserAccountsDao();
|
||||
this.indDao = wdf.getIndividualDao();
|
||||
}
|
||||
|
||||
/**
|
||||
* This method should go away. Why are we passing anything other than the
|
||||
* request?
|
||||
*/
|
||||
@Override
|
||||
public final IdentifierBundle getIdentifierBundle(ServletRequest request,
|
||||
HttpSession session, ServletContext context) {
|
||||
return getIdentifierBundle((HttpServletRequest) request);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return this.getClass().getSimpleName() + " - " + hashCode();
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the IdentifierBundle from this factory. May return an empty
|
||||
* bundle, but never returns null.
|
||||
*/
|
||||
public abstract IdentifierBundle getIdentifierBundle(HttpServletRequest req);
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,93 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasPermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
||||
/**
|
||||
* Figure out what Permissions the user is entitled to have.
|
||||
*/
|
||||
public class HasPermissionFactory extends BaseIdentifierBundleFactory {
|
||||
private static final Log log = LogFactory
|
||||
.getLog(HasPermissionFactory.class);
|
||||
|
||||
public HasPermissionFactory(ServletContext ctx) {
|
||||
super(ctx);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if (user == null) {
|
||||
return createPublicPermissions();
|
||||
} else {
|
||||
return createUserPermissions(user);
|
||||
}
|
||||
}
|
||||
|
||||
private IdentifierBundle createPublicPermissions() {
|
||||
Set<String> permissionUris = new HashSet<String>();
|
||||
for (PermissionSet ps : uaDao.getAllPermissionSets()) {
|
||||
if (ps.isForPublic()) {
|
||||
permissionUris.addAll(ps.getPermissionUris());
|
||||
}
|
||||
}
|
||||
log.debug("Permission URIs: " + permissionUris);
|
||||
|
||||
return new ArrayIdentifierBundle(
|
||||
getIdentifiersFromPermissions(getPermissionsForUris(permissionUris)));
|
||||
}
|
||||
|
||||
private IdentifierBundle createUserPermissions(UserAccount user) {
|
||||
Set<String> permissionUris = new HashSet<String>();
|
||||
for (String psUri : user.getPermissionSetUris()) {
|
||||
PermissionSet ps = uaDao.getPermissionSetByUri(psUri);
|
||||
if (ps != null) {
|
||||
permissionUris.addAll(ps.getPermissionUris());
|
||||
}
|
||||
}
|
||||
log.debug("user permission sets: " + user.getPermissionSetUris());
|
||||
log.debug("Permission URIs: " + permissionUris);
|
||||
|
||||
return new ArrayIdentifierBundle(
|
||||
getIdentifiersFromPermissions(getPermissionsForUris(permissionUris)));
|
||||
}
|
||||
|
||||
private Collection<Permission> getPermissionsForUris(
|
||||
Collection<String> permissionUris) {
|
||||
List<Permission> permissions = new ArrayList<Permission>();
|
||||
PermissionRegistry registry = PermissionRegistry.getRegistry(ctx);
|
||||
for (String uri : permissionUris) {
|
||||
permissions.add(registry.getPermission(uri));
|
||||
}
|
||||
return permissions;
|
||||
}
|
||||
|
||||
private List<HasPermission> getIdentifiersFromPermissions(
|
||||
Collection<Permission> permissions) {
|
||||
List<HasPermission> ids = new ArrayList<HasPermission>();
|
||||
for (Permission permission : permissions) {
|
||||
ids.add(new HasPermission(permission));
|
||||
}
|
||||
return ids;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,72 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProfile;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsBlacklisted;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
||||
/**
|
||||
* Find all of the individuals that are associated with the current user, and
|
||||
* create either an IsBlacklisted or HasAssociatedIndividual for each one.
|
||||
*/
|
||||
public class HasProfileOrIsBlacklistedFactory extends
|
||||
BaseIdentifierBundleFactory {
|
||||
private static final Log log = LogFactory
|
||||
.getLog(HasProfileOrIsBlacklistedFactory.class);
|
||||
|
||||
public HasProfileOrIsBlacklistedFactory(ServletContext ctx) {
|
||||
super(ctx);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
|
||||
ArrayIdentifierBundle ids = new ArrayIdentifierBundle();
|
||||
|
||||
for (Individual ind : getAssociatedIndividuals(req)) {
|
||||
// If they are blacklisted, this factory will return an identifier
|
||||
Identifier id = IsBlacklisted.getInstance(ind, ctx);
|
||||
if (id != null) {
|
||||
ids.add(id);
|
||||
} else {
|
||||
ids.add(new HasProfile(ind.getURI()));
|
||||
}
|
||||
}
|
||||
|
||||
return ids;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get all Individuals associated with the current user as SELF.
|
||||
*/
|
||||
private Collection<Individual> getAssociatedIndividuals(
|
||||
HttpServletRequest req) {
|
||||
Collection<Individual> individuals = new ArrayList<Individual>();
|
||||
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if (user == null) {
|
||||
log.debug("No Associated Individuals: not logged in.");
|
||||
return individuals;
|
||||
}
|
||||
|
||||
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req);
|
||||
individuals.addAll(sec.getAssociatedIndividuals(indDao, user));
|
||||
|
||||
return individuals;
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,37 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasProxyEditingRights;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
||||
/**
|
||||
* Find out what Profiles the User can edit through proxy.
|
||||
*/
|
||||
public class HasProxyEditingRightsFactory extends BaseIdentifierBundleFactory {
|
||||
|
||||
public HasProxyEditingRightsFactory(ServletContext ctx) {
|
||||
super(ctx);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
|
||||
ArrayIdentifierBundle ids = new ArrayIdentifierBundle();
|
||||
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if (user != null) {
|
||||
for (String proxiedUri : user.getProxiedIndividualUris()) {
|
||||
ids.add(new HasProxyEditingRights(proxiedUri));
|
||||
}
|
||||
}
|
||||
|
||||
return ids;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasRoleLevel;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
||||
|
||||
/**
|
||||
* Create an identifier that shows the role level of the current user, or
|
||||
* PUBLIC if the user is not logged in.
|
||||
*/
|
||||
public class HasRoleLevelFactory extends BaseIdentifierBundleFactory {
|
||||
|
||||
public HasRoleLevelFactory(ServletContext ctx) {
|
||||
super(ctx);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
|
||||
RoleLevel roleLevel = RoleLevel.getRoleFromLoginStatus(req);
|
||||
return new ArrayIdentifierBundle(new HasRoleLevel(roleLevel));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,34 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
||||
/**
|
||||
* If the user is logged in as a Root User, create an identifier.
|
||||
*/
|
||||
public class IsRootUserFactory extends BaseIdentifierBundleFactory {
|
||||
|
||||
public IsRootUserFactory(ServletContext ctx) {
|
||||
super(ctx);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
|
||||
UserAccount user = LoginStatusBean.getCurrentUser(req);
|
||||
if ((user != null) && user.isRootUser()) {
|
||||
return new ArrayIdentifierBundle(IsRootUser.INSTANCE);
|
||||
} else {
|
||||
return new ArrayIdentifierBundle();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -0,0 +1,32 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser;
|
||||
|
||||
/**
|
||||
* If the user is logged in, create an Identifier.
|
||||
*/
|
||||
public class IsUserFactory extends BaseIdentifierBundleFactory {
|
||||
|
||||
public IsUserFactory(ServletContext ctx) {
|
||||
super(ctx);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IdentifierBundle getIdentifierBundle(HttpServletRequest req) {
|
||||
LoginStatusBean bean = LoginStatusBean.getBean(req);
|
||||
if (bean.isLoggedIn()) {
|
||||
return new ArrayIdentifierBundle(new IsUser(bean.getUserURI()));
|
||||
} else {
|
||||
return new ArrayIdentifierBundle();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -7,17 +7,24 @@ import javax.servlet.ServletContextEvent;
|
|||
import javax.servlet.ServletContextListener;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.CommonIdentifierBundleFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundleFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasPermissionFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProfileOrIsBlacklistedFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasProxyEditingRightsFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsRootUserFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.IsUserFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataByRoleLevelPolicy;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.DisplayRestrictedDataToSelfPolicy;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.EditRestrictedDataByRoleLevelPolicy;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.PermissionsPolicy;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.SelfEditingPolicy;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ServletPolicyList;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
||||
import edu.cornell.mannlib.vitro.webapp.startup.StartupStatus;
|
||||
|
||||
/**
|
||||
* Set up the common policy family, with Identifier factory.
|
||||
* Set up the common policy family, with Identifier factories.
|
||||
*/
|
||||
public class CommonPolicyFamilySetup implements ServletContextListener {
|
||||
|
||||
|
|
@ -27,27 +34,31 @@ public class CommonPolicyFamilySetup implements ServletContextListener {
|
|||
StartupStatus ss = StartupStatus.getBean(ctx);
|
||||
|
||||
try {
|
||||
ServletPolicyList.addPolicy(ctx, new PermissionsPolicy());
|
||||
policy(ctx, new PermissionsPolicy());
|
||||
policy(ctx, new DisplayRestrictedDataByRoleLevelPolicy(ctx));
|
||||
policy(ctx, new DisplayRestrictedDataToSelfPolicy(ctx));
|
||||
policy(ctx, new EditRestrictedDataByRoleLevelPolicy(ctx));
|
||||
policy(ctx, new SelfEditingPolicy(ctx));
|
||||
|
||||
ServletPolicyList.addPolicy(ctx,
|
||||
new DisplayRestrictedDataByRoleLevelPolicy(ctx));
|
||||
ServletPolicyList.addPolicy(ctx,
|
||||
new DisplayRestrictedDataToSelfPolicy(ctx));
|
||||
ServletPolicyList.addPolicy(ctx,
|
||||
new EditRestrictedDataByRoleLevelPolicy(ctx));
|
||||
|
||||
ServletPolicyList.addPolicy(ctx, new SelfEditingPolicy(ctx));
|
||||
|
||||
// This factory creates Identifiers for all of the above policies.
|
||||
CommonIdentifierBundleFactory factory = new CommonIdentifierBundleFactory(
|
||||
ctx);
|
||||
|
||||
ActiveIdentifierBundleFactories.addFactory(sce, factory);
|
||||
factory(ctx, new IsUserFactory(ctx));
|
||||
factory(ctx, new IsRootUserFactory(ctx));
|
||||
factory(ctx, new HasRoleLevelFactory(ctx));
|
||||
factory(ctx, new HasProfileOrIsBlacklistedFactory(ctx));
|
||||
factory(ctx, new HasPermissionFactory(ctx));
|
||||
factory(ctx, new HasProxyEditingRightsFactory(ctx));
|
||||
} catch (Exception e) {
|
||||
ss.fatal(this, "could not run CommonPolicyFamilySetup", e);
|
||||
}
|
||||
}
|
||||
|
||||
private void policy(ServletContext ctx, PolicyIface policy) {
|
||||
ServletPolicyList.addPolicy(ctx, policy);
|
||||
}
|
||||
|
||||
private void factory(ServletContext ctx, IdentifierBundleFactory factory) {
|
||||
ActiveIdentifierBundleFactories.addFactory(ctx, factory);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void contextDestroyed(ServletContextEvent sce) { /* nothing */
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,277 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDaoStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub;
|
||||
import stubs.javax.servlet.ServletContextStub;
|
||||
import stubs.javax.servlet.http.HttpServletRequestStub;
|
||||
import stubs.javax.servlet.http.HttpSessionStub;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.Identifier;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.HasPermission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.PermissionSet;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
||||
/**
|
||||
* Can we tell whether a user is logged in as root?
|
||||
*/
|
||||
public class HasPermissionFactoryTest extends AbstractTestClass {
|
||||
private static final String USER_URI = "http://userUri";
|
||||
private UserAccount user;
|
||||
|
||||
private LoginStatusBean lsb;
|
||||
|
||||
private PermissionSet emptyPublicPermissionSet;
|
||||
private PermissionSet publicPermissionSet1;
|
||||
private PermissionSet publicPermissionSet2;
|
||||
private PermissionSet emptyLoggedInPermissionSet;
|
||||
private PermissionSet loggedInPermissionSet1;
|
||||
private PermissionSet loggedInPermissionSet2;
|
||||
|
||||
private Permission permissionP1a;
|
||||
private Permission permissionP1b;
|
||||
private Permission permissionP2;
|
||||
private Permission permissionLI1;
|
||||
private Permission permissionLI2a;
|
||||
private Permission permissionLI2b;
|
||||
|
||||
private WebappDaoFactoryStub wdf;
|
||||
private UserAccountsDaoStub uaDao;
|
||||
|
||||
private ServletContextStub ctx;
|
||||
private HttpSessionStub session;
|
||||
private HttpServletRequestStub req;
|
||||
|
||||
private HasPermissionFactory factory;
|
||||
|
||||
private IdentifierBundle actualIds;
|
||||
private IdentifierBundle expectedIds;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
user = new UserAccount();
|
||||
user.setUri(USER_URI);
|
||||
|
||||
lsb = new LoginStatusBean(USER_URI, AuthenticationSource.INTERNAL);
|
||||
|
||||
uaDao = new UserAccountsDaoStub();
|
||||
uaDao.addUser(user);
|
||||
|
||||
wdf = new WebappDaoFactoryStub();
|
||||
wdf.setUserAccountsDao(uaDao);
|
||||
|
||||
ctx = new ServletContextStub();
|
||||
ctx.setAttribute("webappDaoFactory", wdf);
|
||||
|
||||
session = new HttpSessionStub();
|
||||
session.setServletContext(ctx);
|
||||
|
||||
req = new HttpServletRequestStub();
|
||||
req.setSession(session);
|
||||
|
||||
factory = new HasPermissionFactory(ctx);
|
||||
|
||||
preparePermissions();
|
||||
preparePermissionSets();
|
||||
}
|
||||
|
||||
private void preparePermissions() {
|
||||
permissionP1a = new MyPermission("permissionP1a");
|
||||
permissionP1b = new MyPermission("permissionP1b");
|
||||
permissionP2 = new MyPermission("permissionP2");
|
||||
permissionLI1 = new MyPermission("permissionLI1");
|
||||
permissionLI2a = new MyPermission("permissionLI2a");
|
||||
permissionLI2b = new MyPermission("permissionLI2b");
|
||||
PermissionRegistry.createRegistry(
|
||||
ctx,
|
||||
list(permissionP1a, permissionP1b, permissionP2, permissionLI1,
|
||||
permissionLI2a, permissionLI2b));
|
||||
}
|
||||
|
||||
private void preparePermissionSets() {
|
||||
emptyPublicPermissionSet = new PermissionSet();
|
||||
emptyPublicPermissionSet.setUri("java:emptyPS");
|
||||
emptyPublicPermissionSet.setLabel("emptyPublicPermissionSet");
|
||||
emptyPublicPermissionSet.setForPublic(true);
|
||||
|
||||
publicPermissionSet1 = new PermissionSet();
|
||||
publicPermissionSet1.setUri("java:publicPS1");
|
||||
publicPermissionSet1.setLabel("publicPermissionSet1");
|
||||
publicPermissionSet1.setForPublic(true);
|
||||
setPermissions(publicPermissionSet1, permissionP1a, permissionP1b);
|
||||
|
||||
publicPermissionSet2 = new PermissionSet();
|
||||
publicPermissionSet2.setUri("java:publicPS2");
|
||||
publicPermissionSet2.setLabel("publicPermissionSet2");
|
||||
publicPermissionSet2.setForPublic(true);
|
||||
setPermissions(publicPermissionSet2, permissionP2);
|
||||
|
||||
emptyLoggedInPermissionSet = new PermissionSet();
|
||||
emptyLoggedInPermissionSet.setUri("java:emptyPS");
|
||||
emptyLoggedInPermissionSet.setLabel("emptyLoggedInPermissionSet");
|
||||
|
||||
loggedInPermissionSet1 = new PermissionSet();
|
||||
loggedInPermissionSet1.setUri("java:loggedInPS1");
|
||||
loggedInPermissionSet1.setLabel("loggedInPermissionSet1");
|
||||
setPermissions(loggedInPermissionSet1, permissionLI1);
|
||||
|
||||
loggedInPermissionSet2 = new PermissionSet();
|
||||
loggedInPermissionSet2.setUri("java:loggedInPS2");
|
||||
loggedInPermissionSet2.setLabel("loggedInPermissionSet2");
|
||||
setPermissions(loggedInPermissionSet2, permissionLI2a, permissionLI2b);
|
||||
|
||||
uaDao.addPermissionSet(emptyLoggedInPermissionSet);
|
||||
uaDao.addPermissionSet(loggedInPermissionSet1);
|
||||
uaDao.addPermissionSet(loggedInPermissionSet2);
|
||||
// "public" permission sets are added for specific tests.
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// the tests
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Test
|
||||
public void notLoggedInNoPublicSets() {
|
||||
expectedIds = new ArrayIdentifierBundle();
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("no public sets", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void notLoggedInEmptyPublicSet() {
|
||||
uaDao.addPermissionSet(emptyPublicPermissionSet);
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle();
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("empty public set", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void notLoggedInOnePublicSet() {
|
||||
uaDao.addPermissionSet(publicPermissionSet1);
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle(id(permissionP1a),
|
||||
id(permissionP1b));
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEqualIds("one public set", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void notLoggedInTwoPublicSets() {
|
||||
uaDao.addPermissionSet(publicPermissionSet1);
|
||||
uaDao.addPermissionSet(publicPermissionSet2);
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle(id(permissionP1a),
|
||||
id(permissionP1b), id(permissionP2));
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEqualIds("two public sets", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loggedInNoSets() {
|
||||
LoginStatusBean.setBean(session, lsb);
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle();
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("no logged in sets", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loggedInEmptySet() {
|
||||
LoginStatusBean.setBean(session, lsb);
|
||||
user.setPermissionSetUris(list(emptyLoggedInPermissionSet.getUri()));
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle();
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("empty logged in set", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loggedInOneSet() {
|
||||
LoginStatusBean.setBean(session, lsb);
|
||||
user.setPermissionSetUris(list(loggedInPermissionSet1.getUri()));
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle(id(permissionLI1));
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEqualIds("one logged in set", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loggedInTwoSets() {
|
||||
LoginStatusBean.setBean(session, lsb);
|
||||
user.setPermissionSetUris(list(loggedInPermissionSet1.getUri(),
|
||||
loggedInPermissionSet2.getUri()));
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle(id(permissionLI1),
|
||||
id(permissionLI2a), id(permissionLI2b));
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEqualIds("two logged in sets", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// helper methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private void setPermissions(PermissionSet ps, Permission... permissions) {
|
||||
List<String> uris = new ArrayList<String>();
|
||||
for (Permission p : permissions) {
|
||||
uris.add(p.getUri());
|
||||
}
|
||||
ps.setPermissionUris(uris);
|
||||
}
|
||||
|
||||
private HasPermission id(Permission p) {
|
||||
return new HasPermission(p);
|
||||
}
|
||||
|
||||
private <T> List<T> list(T... elements) {
|
||||
List<T> l = new ArrayList<T>();
|
||||
for (T element : elements) {
|
||||
l.add(element);
|
||||
}
|
||||
return l;
|
||||
}
|
||||
|
||||
private void assertEqualIds(String message, IdentifierBundle expected,
|
||||
IdentifierBundle actual) {
|
||||
Set<HasPermission> expectedSet = new HashSet<HasPermission>();
|
||||
for (Identifier id : expected) {
|
||||
expectedSet.add((HasPermission) id);
|
||||
}
|
||||
Set<HasPermission> actualSet = new HashSet<HasPermission>();
|
||||
for (Identifier id : actual) {
|
||||
actualSet.add((HasPermission) id);
|
||||
}
|
||||
assertEqualSets(message, expectedSet, actualSet);
|
||||
}
|
||||
|
||||
private static class MyPermission extends Permission {
|
||||
public MyPermission(String uri) {
|
||||
super(uri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isAuthorized(RequestedAction whatToAuth) {
|
||||
return false;
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,99 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.UserAccountsDaoStub;
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub;
|
||||
import stubs.javax.servlet.ServletContextStub;
|
||||
import stubs.javax.servlet.http.HttpServletRequestStub;
|
||||
import stubs.javax.servlet.http.HttpSessionStub;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsRootUser;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
||||
/**
|
||||
* Can we tell whether a user is logged in as root?
|
||||
*/
|
||||
public class IsRootUserFactoryTest extends AbstractTestClass {
|
||||
private static final String PLAIN_USER_URI = "http://userUri";
|
||||
private static final String ROOT_USER_URI = "http://rootUri";
|
||||
|
||||
private WebappDaoFactoryStub wdf;
|
||||
private UserAccountsDaoStub uaDao;
|
||||
|
||||
private ServletContextStub ctx;
|
||||
private HttpSessionStub session;
|
||||
private HttpServletRequestStub req;
|
||||
|
||||
private IsRootUserFactory factory;
|
||||
|
||||
private IdentifierBundle actualIds;
|
||||
private IdentifierBundle expectedIds;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
UserAccount plainUser = new UserAccount();
|
||||
plainUser.setUri(PLAIN_USER_URI);
|
||||
|
||||
UserAccount rootUser = new UserAccount();
|
||||
rootUser.setUri(ROOT_USER_URI);
|
||||
rootUser.setRootUser(true);
|
||||
|
||||
uaDao = new UserAccountsDaoStub();
|
||||
uaDao.addUser(plainUser);
|
||||
uaDao.addUser(rootUser);
|
||||
|
||||
wdf = new WebappDaoFactoryStub();
|
||||
wdf.setUserAccountsDao(uaDao);
|
||||
|
||||
ctx = new ServletContextStub();
|
||||
ctx.setAttribute("webappDaoFactory", wdf);
|
||||
|
||||
session = new HttpSessionStub();
|
||||
session.setServletContext(ctx);
|
||||
|
||||
req = new HttpServletRequestStub();
|
||||
req.setSession(session);
|
||||
|
||||
factory = new IsRootUserFactory(ctx);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void notLoggedIn() {
|
||||
expectedIds = new ArrayIdentifierBundle();
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("empty bundle", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loggedInNotRoot() {
|
||||
LoginStatusBean lsb = new LoginStatusBean(PLAIN_USER_URI,
|
||||
AuthenticationSource.EXTERNAL);
|
||||
LoginStatusBean.setBean(session, lsb);
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle();
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("not root", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loggedInAsRoot() {
|
||||
LoginStatusBean lsb = new LoginStatusBean(ROOT_USER_URI,
|
||||
AuthenticationSource.EXTERNAL);
|
||||
LoginStatusBean.setBean(session, lsb);
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle(IsRootUser.INSTANCE);
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("root", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,72 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.auth.identifier.factory;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactoryStub;
|
||||
import stubs.javax.servlet.ServletContextStub;
|
||||
import stubs.javax.servlet.http.HttpServletRequestStub;
|
||||
import stubs.javax.servlet.http.HttpSessionStub;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.IsUser;
|
||||
|
||||
/**
|
||||
* The simplest of the IdentifierBundleFactory classes.
|
||||
*/
|
||||
public class IsUserFactoryTest extends AbstractTestClass {
|
||||
private static final String USER_URI = "http://userUri";
|
||||
|
||||
private WebappDaoFactoryStub wdf;
|
||||
|
||||
private ServletContextStub ctx;
|
||||
private HttpSessionStub session;
|
||||
private HttpServletRequestStub req;
|
||||
|
||||
private IsUserFactory factory;
|
||||
|
||||
private IdentifierBundle actualIds;
|
||||
private IdentifierBundle expectedIds;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
wdf = new WebappDaoFactoryStub();
|
||||
|
||||
ctx = new ServletContextStub();
|
||||
ctx.setAttribute("webappDaoFactory", wdf);
|
||||
|
||||
session = new HttpSessionStub();
|
||||
session.setServletContext(ctx);
|
||||
|
||||
req = new HttpServletRequestStub();
|
||||
req.setSession(session);
|
||||
|
||||
factory = new IsUserFactory(ctx);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void notLoggedIn() {
|
||||
expectedIds = new ArrayIdentifierBundle();
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("empty bundle", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loggedIn() {
|
||||
LoginStatusBean lsb = new LoginStatusBean(USER_URI,
|
||||
AuthenticationSource.EXTERNAL);
|
||||
LoginStatusBean.setBean(session, lsb);
|
||||
|
||||
expectedIds = new ArrayIdentifierBundle(new IsUser(USER_URI));
|
||||
actualIds = factory.getIdentifierBundle(req);
|
||||
assertEquals("user id", expectedIds, actualIds);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -36,7 +36,7 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
|||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ActiveIdentifierBundleFactories;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.common.CommonIdentifierBundleFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.factory.HasRoleLevelFactory;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.Permission;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.permissions.PermissionRegistry;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
|
|
@ -163,7 +163,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
new ConfigurationPropertiesStub().setBean(servletContext);
|
||||
|
||||
ActiveIdentifierBundleFactories.addFactory(servletContext,
|
||||
new CommonIdentifierBundleFactory(servletContext));
|
||||
new HasRoleLevelFactory(servletContext));
|
||||
}
|
||||
|
||||
private UserAccount createUserFromUserInfo(UserInfo userInfo) {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue