NIHVIVO-1232 Create InformationResourceEditingPolicy, with tests.

2010-12-06 19:56:45 +00:00 · 2010-12-06 19:56:45 +00:00 · 6a79bca59f
commit 6a79bca59f
parent 373538c868
3 changed files with 817 additions and 0 deletions
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/InformationResourceEditingPolicyTest.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/InformationResourceEditingPolicyTest.java
@ -0,0 +1,377 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.auth.policy;
+
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization.AUTHORIZED;
+import static edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization.INCONCLUSIVE;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import com.hp.hpl.jena.ontology.OntModel;
+import com.hp.hpl.jena.ontology.OntModelSpec;
+import com.hp.hpl.jena.rdf.model.Model;
+import com.hp.hpl.jena.rdf.model.ModelFactory;
+import com.hp.hpl.jena.rdf.model.Statement;
+import com.hp.hpl.jena.rdf.model.StmtIterator;
+
+import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory;
+import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.SelfEditing;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
+import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.admin.ServerStatus;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddDataPropStmt;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropStmt;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.resource.AddResource;
+import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl;
+import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
+
+/**
+ * TODO
+ */
+public class InformationResourceEditingPolicyTest extends AbstractTestClass {
+	private static final Log log = LogFactory
+			.getLog(InformationResourceEditingPolicyTest.class);
+
+	/** Can edit properties or resources in this namespace. */
+	private static final String NS_PERMITTED = "http://vivo.mydomain.edu/individual/";
+
+	/** Can't edit properties or resources in this namespace. */
+	private static final String NS_RESTRICTED = VitroVocabulary.vitroURI;
+
+	/** The resource type is not checked by the admin restrictor. */
+	private static final String RESOURCE_TYPE = NS_RESTRICTED + "funkyType";
+
+	private static final String URI_PERMITTED_RESOURCE = NS_PERMITTED
+			+ "permittedResource";
+	private static final String URI_RESTRICTED_RESOURCE = NS_RESTRICTED
+			+ "restrictedResource";
+
+	private static final String URI_PERMITTED_PREDICATE = NS_PERMITTED
+			+ "permittedPredicate";
+	private static final String URI_RESTRICTED_PREDICATE = NS_RESTRICTED
+			+ "restrictedPredicate";
+
+	/**
+	 * Where the model statements are stored for this test.
+	 */
+	private static final String N3_DATA_FILENAME = "resources/InformationResourceEditingPolicyTest.n3";
+
+	/**
+	 * These URIs must match the data in the N3 file.
+	 */
+	private static final String URI_BOZO = NS_PERMITTED + "bozo";
+	private static final String URI_JOE = NS_PERMITTED + "joe";
+	private static final String URI_NOBODY_WROTE_IT = NS_PERMITTED
+			+ "nobodyWroteIt";
+	private static final String URI_BOZO_WROTE_IT = NS_PERMITTED
+			+ "bozoWroteIt";
+	private static final String URI_BOZO_EDITED_IT = NS_PERMITTED
+			+ "bozoEditedIt";
+	private static final String URI_JOE_WROTE_IT = NS_PERMITTED + "joeWroteIt";
+	private static final String URI_JOE_EDITED_IT = NS_PERMITTED
+			+ "joeEditedIt";
+
+	private static OntModel ontModel;
+
+	@BeforeClass
+	public static void setupModel() throws IOException {
+		InputStream stream = InformationResourceEditingPolicyTest.class
+				.getResourceAsStream(N3_DATA_FILENAME);
+		Model model = ModelFactory.createDefaultModel();
+		model.read(stream, null, "N3");
+		stream.close();
+
+		ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_DL_MEM,
+				model);
+		ontModel.prepare();
+		dumpModel();
+	}
+
+	private InformationResourceEditingPolicy policy;
+	private RequestedAction action;
+
+	@Before
+	public void setupPolicy() {
+		AdministrativeUriRestrictor restrictor = new AdministrativeUriRestrictor(
+				null, null, null, null);
+		policy = new InformationResourceEditingPolicy(ontModel, restrictor);
+	}
+
+	private IdentifierBundle idNobody;
+	private IdentifierBundle idBozo;
+	private IdentifierBundle idJoe;
+	private IdentifierBundle idBozoAndJoe;
+
+	@Before
+	public void setupIdBundles() {
+		idNobody = new ArrayIdentifierBundle();
+
+		idBozo = new ArrayIdentifierBundle();
+		idBozo.add(makeSelfEditingId(URI_BOZO));
+
+		idJoe = new ArrayIdentifierBundle();
+		idJoe.add(makeSelfEditingId(URI_JOE));
+
+		idBozoAndJoe = new ArrayIdentifierBundle();
+		idBozoAndJoe.add(makeSelfEditingId(URI_BOZO));
+		idBozoAndJoe.add(makeSelfEditingId(URI_JOE));
+	}
+
+	@Before
+	public void setLogging() {
+		// setLoggerLevel(this.getClass(), Level.DEBUG);
+		// setLoggerLevel(InformationResourceEditingPolicy.class, Level.DEBUG);
+	}
+
+	// ----------------------------------------------------------------------
+	// the tests
+	// ----------------------------------------------------------------------
+
+	@Test
+	public void whoIsNull() {
+		action = new AddResource(RESOURCE_TYPE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(null, action));
+	}
+
+	@Test
+	public void whatIsNull() {
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, null));
+	}
+
+	@Test
+	public void notSelfEditing() {
+		action = new AddResource(RESOURCE_TYPE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idNobody, action));
+	}
+
+	@Test
+	public void requestedActionOutOfScope() {
+		action = new ServerStatus();
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsRestricted() {
+		action = new AddDataPropStmt(URI_RESTRICTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void dataPropPredicateIsRestricted() {
+		action = new AddDataPropStmt(URI_JOE_EDITED_IT,
+				URI_RESTRICTED_PREDICATE, "junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsNotInfoResource() {
+		action = new AddDataPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsInfoResourceButNobodyIsSelfEditing() {
+		action = new AddDataPropStmt(URI_JOE_WROTE_IT, URI_PERMITTED_PREDICATE,
+				"junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idNobody, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsInfoResourceButNoAuthorsOrEditors() {
+		action = new AddDataPropStmt(URI_NOBODY_WROTE_IT,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsInfoResourceButWrongAuthor() {
+		action = new AddDataPropStmt(URI_BOZO_WROTE_IT,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsInfoResourceButWrongEditor() {
+		action = new AddDataPropStmt(URI_BOZO_EDITED_IT,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsInfoResourceWithSelfEditingAuthor() {
+		action = new AddDataPropStmt(URI_JOE_WROTE_IT, URI_PERMITTED_PREDICATE,
+				"junk", null, null);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void dataPropSubjectIsInfoResourceWithSelfEditingEditor() {
+		action = new AddDataPropStmt(URI_JOE_EDITED_IT,
+				URI_PERMITTED_PREDICATE, "junk", null, null);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void objectPropSubjectIsRestricted() {
+		action = new AddObjectPropStmt(URI_RESTRICTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_JOE_EDITED_IT);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropPredicateIsRestricted() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_RESTRICTED_PREDICATE, URI_JOE_EDITED_IT);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropObjectIsRestricted() {
+		action = new AddObjectPropStmt(URI_JOE_EDITED_IT,
+				URI_PERMITTED_PREDICATE, URI_RESTRICTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropNeitherSubjectOrObjectIsInfoResource() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropSubjectIsInfoResourceButNobodyIsSelfEditing() {
+		action = new AddObjectPropStmt(URI_JOE_EDITED_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idNobody, action));
+	}
+
+	@Test
+	public void objectPropSubjectIsInfoResourceButNoAuthorsOrEditors() {
+		action = new AddObjectPropStmt(URI_NOBODY_WROTE_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void objectPropSubjectIsInfoResourceButWrongAuthor() {
+		action = new AddObjectPropStmt(URI_BOZO_WROTE_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropSubjectIsInfoResourceButWrongEditor() {
+		action = new AddObjectPropStmt(URI_BOZO_EDITED_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropSubjectIsInfoResourceWithSelfEditingAuthor() {
+		action = new AddObjectPropStmt(URI_JOE_WROTE_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void objectPropSubjectIsInfoResourceWithSelfEditingEditor() {
+		action = new AddObjectPropStmt(URI_JOE_EDITED_IT,
+				URI_PERMITTED_PREDICATE, URI_PERMITTED_RESOURCE);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void objectPropObjectIsInfoResourcebutNobodyIsSelfEditing() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_JOE_EDITED_IT);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idNobody, action));
+	}
+
+	@Test
+	public void objectPropObjectIsInfoResourceButNoAuthorsOrEditors() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_NOBODY_WROTE_IT);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void objectPropObjectIsInfoResourceButWrongAuthor() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_BOZO_WROTE_IT);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropObjectIsInfoResourceButWrongEditor() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_BOZO_EDITED_IT);
+		assertDecision(INCONCLUSIVE, policy.isAuthorized(idJoe, action));
+	}
+
+	@Test
+	public void objectPropObjectIsInfoResourceWithSelfEditingAuthor() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_JOE_WROTE_IT);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	@Test
+	public void objectPropObjectIsInfoResourceWithSelfEditingEditor() {
+		action = new AddObjectPropStmt(URI_PERMITTED_RESOURCE,
+				URI_PERMITTED_PREDICATE, URI_JOE_EDITED_IT);
+		assertDecision(AUTHORIZED, policy.isAuthorized(idJoe, action));
+		assertDecision(AUTHORIZED, policy.isAuthorized(idBozoAndJoe, action));
+	}
+
+	// ----------------------------------------------------------------------
+	// helper methods
+	// ----------------------------------------------------------------------
+
+	private SelfEditing makeSelfEditingId(String uri) {
+		IndividualImpl ind = new IndividualImpl();
+		ind.setURI(uri);
+		SelfEditing selfEditing = new SelfEditing(ind,
+				SelfEditingIdentifierFactory.NOT_BLACKLISTED);
+		return selfEditing;
+	}
+
+	private void assertDecision(Authorization expected, PolicyDecision decision) {
+		log.debug("Decision is: " + decision);
+		assertNotNull("decision exists", decision);
+		assertEquals("authorization", expected, decision.getAuthorized());
+	}
+
+	private static void dumpModel() {
+		if (log.isDebugEnabled()) {
+			StmtIterator stmtIt = ontModel.listStatements();
+			while (stmtIt.hasNext()) {
+				Statement stmt = stmtIt.next();
+				log.debug("stmt: " + stmt);
+			}
+		}
+	}
+}
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/resources/InformationResourceEditingPolicyTest.n3
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/resources/InformationResourceEditingPolicyTest.n3
@ -0,0 +1,121 @@
+# $This file is distributed under the terms of the license in /doc/license.txt$ 
+
+@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
+@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
+@prefix owl: <http://www.w3.org/2002/07/owl#> .
+@prefix foaf: <http://xmlns.com/foaf/0.1/> .
+@prefix bib: <http://purl.org/ontology/bibo/> .
+@prefix core: <http://vivoweb.org/ontology/core#> .
+@prefix mydomain: <http://vivo.mydomain.edu/individual/> .
+
+### This file is for the test InformationResourceEditingPolicyTest.java.
+
+#
+# Bozo
+#
+mydomain:bozo
+	a foaf:Agent ;
+	a foaf:Person ;
+	a owl:Thing ;
+	a core:EmeritusProfessor ;
+	rdfs:label "Person, Bozo" ;
+	foaf:firstName "Bozo" ;
+	foaf:lastName "Person" ;
+	core:editorOf mydomain:bozoEditedIt ;
+	core:authorInAuthorship mydomain:authorshipBozo ;
+	.
+
+#
+# Joe
+#
+mydomain:joe
+	a foaf:Agent ;
+	a foaf:Person ;
+	a owl:Thing ;
+	a core:EmeritusProfessor ;
+	rdfs:label "Person, Joe" ;
+	foaf:firstName "Joe" ;
+	foaf:lastName "Person" ;
+	core:editorOf mydomain:joeEditedIt ;
+	core:authorInAuthorship mydomain:authorshipJoe ;
+	.
+
+#
+# info resource with no author or editor
+#
+mydomain:nobodyWroteIt
+	a core:BlogPosting ;
+	a core:InformationResource ;
+	a bib:Article ;
+	a bib:Document ;
+	a owl:Thing ;
+	rdfs:label "No author or editor" ;
+	.
+
+#
+# info resource with Bozo as author
+#
+mydomain:bozoWroteIt
+	a core:BlogPosting ;
+	a core:InformationResource ;
+	a bib:Article ;
+	a bib:Document ;
+	a owl:Thing ;
+	rdfs:label "Bozo is author" ;
+	core:informationResourceInAuthorship mydomain:authorshipBozo ;
+	.
+
+mydomain:authorshipBozo
+	a core:Authorship ;
+	a core:Relationship ;
+	a owl:Thing ;
+	core:linkedInformationResource mydomain:bozoWroteIt ;
+	core:linkedAuthor mydomain:bozo ;
+	.
+
+#
+# info resource with Bozo as editor 
+#
+mydomain:bozoEditedIt
+	a core:BlogPosting ;
+	a core:InformationResource ;
+	a bib:Article ;
+	a bib:Document ;
+	a owl:Thing ;
+	rdfs:label "Bozo is editor" ;
+	bib:editor mydomain:bozo ;
+	.
+
+#
+# info resource with Joe as author
+#
+mydomain:joeWroteIt
+	a core:BlogPosting ;
+	a core:InformationResource ;
+	a bib:Article ;
+	a bib:Document ;
+	a owl:Thing ;
+	rdfs:label "Joe is author" ;
+	core:informationResourceInAuthorship mydomain:authorshipJoe ;
+	.
+
+mydomain:authorshipJoe
+	a core:Authorship ;
+	a core:Relationship ;
+	a owl:Thing ;
+	core:linkedInformationResource mydomain:joeWroteIt ;
+	core:linkedAuthor mydomain:joe ;
+	.
+
+#
+# info resource with Joe as editor 
+#
+mydomain:joeEditedIt
+	a core:BlogPosting ;
+	a core:InformationResource ;
+	a bib:Article ;
+	a bib:Document ;
+	a owl:Thing ;
+	rdfs:label "Joe is editor" ;
+	bib:editor mydomain:joe ;
+	.