From 6702667ccf39fc987ea4f248b73a17b0863b3552 Mon Sep 17 00:00:00 2001 From: jeb228 Date: Thu, 2 Dec 2010 15:28:28 +0000 Subject: [PATCH] NIHVIVO-1232 refactor the SelfEditingPolicyTest --- .../auth/policy/SelfEditingPolicyTest.java | 450 +++++++----------- 1 file changed, 184 insertions(+), 266 deletions(-) diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java index b7e16f7dc..b36a9c827 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/SelfEditingPolicyTest.java @@ -2,6 +2,12 @@ package edu.cornell.mannlib.vitro.webapp.auth.policy; +import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization.AUTHORIZED; +import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization.INCONCLUSIVE; +import static junit.framework.Assert.assertEquals; +import static junit.framework.Assert.assertNotNull; +import static junit.framework.Assert.assertNull; + import java.util.HashSet; import java.util.Set; @@ -17,7 +23,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddDataPropStmt; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AddObjectPropStmt; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropDataPropStmt; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.DropObjectPropStmt; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.EditDataPropStmt; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.EditObjPropStmt; @@ -39,18 +44,19 @@ import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary; public class SelfEditingPolicyTest extends AbstractTestClass { - String SAFE_NS = "http://test.mannlib.cornell.edu/ns/01#"; - String UNSAFE_NS = VitroVocabulary.vitroURI; - - String SELFEDITOR_URI =SAFE_NS + "individual244"; - String SAFE_RESOURCE = SAFE_NS + "otherIndividual77777"; - String UNSAFE_RESOURCE = UNSAFE_NS + "otherIndividual99999"; - - String SAFE_PREDICATE= SAFE_NS + "hasHairStyle"; - String UNSAFE_PREDICATE = UNSAFE_NS + "hasSuperPowers"; - - SelfEditingPolicy policy ; - IdentifierBundle ids; + private static final String SAFE_NS = "http://test.mannlib.cornell.edu/ns/01#"; + private static final String UNSAFE_NS = VitroVocabulary.vitroURI; + + private static final String SELFEDITOR_URI = SAFE_NS + "individual244"; + private static final String SAFE_RESOURCE = SAFE_NS + "otherIndividual77777"; + private static final String UNSAFE_RESOURCE = UNSAFE_NS + "otherIndividual99999"; + + private static final String SAFE_PREDICATE = SAFE_NS + "hasHairStyle"; + private static final String UNSAFE_PREDICATE = UNSAFE_NS + "hasSuperPowers"; + + private SelfEditingPolicy policy; + private IdentifierBundle ids; + private RequestedAction whatToAuth; @Before public void setUp() throws Exception { @@ -84,130 +90,94 @@ public class SelfEditingPolicyTest extends AbstractTestClass { } - @Test - public void testProhibitedProperties(){ - Set badProps = new HashSet(); - badProps.add("http://mannlib.cornell.edu/bad#prp234"); - badProps.add("http://mannlib.cornell.edu/bad#prp999"); - badProps.add("http://mannlib.cornell.edu/bad#prp333"); - badProps.add("http://mannlib.cornell.edu/bad#prp777"); - badProps.add("http://mannlib.cornell.edu/bad#prp0020"); - SelfEditingPolicy badPropPolicy = new SelfEditingPolicy(badProps,null,null,null,null); - - RequestedAction whatToAuth = new AddObjectPropStmt( - SELFEDITOR_URI,"http://mannlib.cornell.edu/bad#prp234" ,SAFE_RESOURCE); - PolicyDecision dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); - - whatToAuth = new AddObjectPropStmt( - SAFE_RESOURCE ,"http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); - - whatToAuth = new AddObjectPropStmt( - SELFEDITOR_URI,"http://mannlib.cornell.edu/bad#prp999" ,SAFE_RESOURCE); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + @Test + public void testProhibitedProperties() { + Set badProps = new HashSet(); + badProps.add("http://mannlib.cornell.edu/bad#prp234"); + badProps.add("http://mannlib.cornell.edu/bad#prp999"); + badProps.add("http://mannlib.cornell.edu/bad#prp333"); + badProps.add("http://mannlib.cornell.edu/bad#prp777"); + badProps.add("http://mannlib.cornell.edu/bad#prp0020"); + SelfEditingPolicy badPropPolicy = new SelfEditingPolicy(badProps, null, null, null, null); + + whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, + "http://mannlib.cornell.edu/bad#prp234", SAFE_RESOURCE); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, + "http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, + "http://mannlib.cornell.edu/bad#prp999", SAFE_RESOURCE); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddObjectPropStmt( SAFE_RESOURCE ,"http://mannlib.cornell.edu/bad#prp999", SELFEDITOR_URI); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddObjectPropStmt( SAFE_RESOURCE ,SAFE_PREDICATE, SELFEDITOR_URI); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddObjectPropStmt( SELFEDITOR_URI,SAFE_PREDICATE,SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddObjectPropStmt( SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); //now with dataprop statements whatToAuth = new AddDataPropStmt( SELFEDITOR_URI,"http://mannlib.cornell.edu/bad#prp234" ,SAFE_RESOURCE, null, null); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddDataPropStmt( SAFE_RESOURCE ,"http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI, null, null); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); - whatToAuth = new AddDataPropStmt( + whatToAuth = new AddDataPropStmt( SELFEDITOR_URI,"http://mannlib.cornell.edu/bad#prp999" ,SAFE_RESOURCE, null, null); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddDataPropStmt( SAFE_RESOURCE ,"http://mannlib.cornell.edu/bad#prp999", SELFEDITOR_URI, null, null); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddDataPropStmt( SAFE_RESOURCE ,SAFE_PREDICATE, SELFEDITOR_URI, null, null); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddDataPropStmt( SELFEDITOR_URI,SAFE_PREDICATE,SAFE_RESOURCE, null, null); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddDataPropStmt( SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE, null, null); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } - @Test + @Test public void testForbiddenMoniker(){ Set badProps = new HashSet(); badProps.add(VitroVocabulary.MONIKER); SelfEditingPolicy badPropPolicy = new SelfEditingPolicy(badProps,null,null,null,null); - RequestedAction whatToAuth = null; - whatToAuth = new AddDataPropStmt( SELFEDITOR_URI, VitroVocabulary.MONIKER ,"someValue", null, null); - PolicyDecision dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddDataPropStmt( SAFE_RESOURCE ,VitroVocabulary.MONIKER , "somevalue", null, null); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); DataPropertyStatement dps = new DataPropertyStatementImpl(); dps.setIndividualURI(SELFEDITOR_URI); dps.setDatapropURI(VitroVocabulary.MONIKER); dps.setData("some moniker"); whatToAuth = new EditDataPropStmt(dps); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); //try where moniker is permitted @@ -216,60 +186,40 @@ public class SelfEditingPolicyTest extends AbstractTestClass { whatToAuth = new AddDataPropStmt( SELFEDITOR_URI, VitroVocabulary.MONIKER ,"somevalue", null, null); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); + assertDecision(AUTHORIZED, badPropPolicy.isAuthorized(ids, whatToAuth)); whatToAuth = new AddDataPropStmt( UNSAFE_RESOURCE ,VitroVocabulary.MONIKER , "somevalue", null, null); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); dps = new DataPropertyStatementImpl(); dps.setIndividualURI(SAFE_RESOURCE); dps.setDatapropURI(VitroVocabulary.MONIKER); dps.setData("some moniker"); whatToAuth = new EditDataPropStmt(dps); - dec = badPropPolicy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, badPropPolicy.isAuthorized(ids, whatToAuth)); } - @Test - public void testVisitIdentifierBundleAddObjectPropStmt() { - AddObjectPropStmt whatToAuth = new AddObjectPropStmt( - SELFEDITOR_URI,SAFE_PREDICATE,SAFE_RESOURCE); - PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); - - whatToAuth = new AddObjectPropStmt( - SAFE_RESOURCE ,SAFE_PREDICATE, SELFEDITOR_URI); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); - - //this is the case where the editor is not part of the stmt - whatToAuth = new AddObjectPropStmt( - SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); - - whatToAuth = new AddObjectPropStmt( - SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); - - whatToAuth = new AddObjectPropStmt( - SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); - } -// + @Test + public void testVisitIdentifierBundleAddObjectPropStmt() { + AddObjectPropStmt whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, SELFEDITOR_URI); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); + + // this is the case where the editor is not part of the stmt + whatToAuth = new AddObjectPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new AddObjectPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); + } + + // // @Test // public void testVisitIdentifierBundleDropResource() { // fail("Not yet implemented"); @@ -284,34 +234,24 @@ public class SelfEditingPolicyTest extends AbstractTestClass { public void testVisitIdentifierBundleDropObjectPropStmt() { DropObjectPropStmt whatToAuth = new DropObjectPropStmt( SELFEDITOR_URI,SAFE_PREDICATE,SAFE_RESOURCE); - PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); whatToAuth = new DropObjectPropStmt( SAFE_RESOURCE ,SAFE_PREDICATE, SELFEDITOR_URI); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); // this is the case where the editor is not part of the stmt whatToAuth = new DropObjectPropStmt( SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); whatToAuth = new DropObjectPropStmt( SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); whatToAuth = new DropObjectPropStmt( SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } // // @Test @@ -338,143 +278,121 @@ public class SelfEditingPolicyTest extends AbstractTestClass { dps.setDatapropURI(SAFE_PREDICATE); dps.setData("junk"); EditDataPropStmt whatToAuth = new EditDataPropStmt(dps); - PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); dps = new DataPropertyStatementImpl(); dps.setIndividualURI(SELFEDITOR_URI); dps.setDatapropURI(UNSAFE_PREDICATE); dps.setData("junk"); whatToAuth = new EditDataPropStmt(dps); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); dps = new DataPropertyStatementImpl(); dps.setIndividualURI(UNSAFE_RESOURCE); dps.setDatapropURI(SAFE_PREDICATE); whatToAuth = new EditDataPropStmt(dps); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); dps = new DataPropertyStatementImpl(); dps.setIndividualURI(SAFE_RESOURCE); dps.setDatapropURI(SAFE_PREDICATE); whatToAuth = new EditDataPropStmt(dps); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); } -// - @Test - public void testVisitIdentifierBundleEditObjPropStmt() { - EditObjPropStmt whatToAuth = new EditObjPropStmt( - SELFEDITOR_URI,SAFE_PREDICATE,SAFE_RESOURCE); - PolicyDecision dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); - - whatToAuth = new EditObjPropStmt( - SAFE_RESOURCE ,SAFE_PREDICATE, SELFEDITOR_URI); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.AUTHORIZED, dec.getAuthorized()); - - //this is the case where the editor is not part of the stmt - whatToAuth = new EditObjPropStmt( - SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); - - whatToAuth = new EditObjPropStmt( - SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); - - whatToAuth = new EditObjPropStmt( - SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); - dec = policy.isAuthorized(ids, whatToAuth); - Assert.assertNotNull(dec); - Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized()); -} - - - - @Test - public void testVisitIdentifierBundleServerStatus() { - PolicyDecision dec = policy.isAuthorized(ids, new ServerStatus() ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleCreateOwlClass() { - CreateOwlClass a = new CreateOwlClass(); - a.setSubjectUri("http://someClass/test"); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleRemoveOwlClass() { - RemoveOwlClass a = new RemoveOwlClass(); - a.setSubjectUri("http://someClass/test"); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleDefineDataProperty() { - DefineDataProperty a = new DefineDataProperty(); - a.setSubjectUri("http://someClass/test"); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleDefineObjectProperty() { - DefineObjectProperty a = new DefineObjectProperty(); - a.setSubjectUri("http://someClass/test"); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleAddNewUser() { - AddNewUser a = new AddNewUser(); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleRemoveUser() { - RemoveUser a = new RemoveUser(); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleLoadOntology() { - LoadOntology a = new LoadOntology(); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleRebuildTextIndex() { - RebuildTextIndex a = new RebuildTextIndex(); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - - @Test - public void testVisitIdentifierBundleUpdateTextIndex() { - UpdateTextIndex a = new UpdateTextIndex(); - PolicyDecision dec = policy.visit(ids, a ); - Assert.assertTrue(dec.getAuthorized() == Authorization.INCONCLUSIVE); - } - + + @Test + public void testVisitIdentifierBundleEditObjPropStmt() { + EditObjPropStmt whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new EditObjPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, SELFEDITOR_URI); + assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth)); + + // this is the case where the editor is not part of the stmt + whatToAuth = new EditObjPropStmt(SAFE_RESOURCE, SAFE_PREDICATE, SAFE_RESOURCE); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, UNSAFE_PREDICATE, SAFE_RESOURCE); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); + + whatToAuth = new EditObjPropStmt(SELFEDITOR_URI, SAFE_PREDICATE, UNSAFE_RESOURCE); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth)); + } + + // ---------------------------------------------------------------------- + // Ignore administrative requests. + // ---------------------------------------------------------------------- + + @Test + public void testServerStatus() { + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, new ServerStatus())); + } + + @Test + public void testCreateOwlClass() { + CreateOwlClass a = new CreateOwlClass(); + a.setSubjectUri("http://someClass/test"); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, a)); + } + + @Test + public void testRemoveOwlClass() { + RemoveOwlClass a = new RemoveOwlClass(); + a.setSubjectUri("http://someClass/test"); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, a)); + } + + @Test + public void testDefineDataProperty() { + DefineDataProperty a = new DefineDataProperty(); + a.setSubjectUri("http://someClass/test"); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, a)); + } + + @Test + public void testDefineObjectProperty() { + DefineObjectProperty a = new DefineObjectProperty(); + a.setSubjectUri("http://someClass/test"); + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, a)); + } + + @Test + public void testAddNewUser() { + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, new AddNewUser())); + } + + @Test + public void testRemoveUser() { + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, new RemoveUser())); + } + + @Test + public void testLoadOntology() { + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, new LoadOntology())); + } + + @Test + public void testRebuildTextIndex() { + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, new RebuildTextIndex())); + } + + @Test + public void testVisitIdentifierBundleUpdateTextIndex() { + assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, new UpdateTextIndex())); + } + + // ---------------------------------------------------------------------- + // Helper methods + // ---------------------------------------------------------------------- + + private void assertDecision(Authorization expectedAuth, + PolicyDecision decision) { + if (expectedAuth == null) { + assertNull("expecting null decision", decision); + } else { + assertNotNull("expecting a decision", decision); + assertEquals("wrong authorization", expectedAuth, + decision.getAuthorized()); + } + } }