NIHVIVO-3404 Require that the statement-based RequestedActions include a reference to an OntModel. So the paradigm changes from "may I do this with this statement?" to "may I do this with this statement and this model?"
This commit is contained in:
j2blake
parent
ed2f3ddc12
commit
7aa3b4f469
21 changed files with 204 additions and 131 deletions
|
|
@ -12,6 +12,7 @@ import stubs.javax.servlet.ServletContextStub;
|
|||
import stubs.javax.servlet.http.HttpServletRequestStub;
|
||||
import stubs.javax.servlet.http.HttpSessionStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModelSpec;
|
||||
import com.hp.hpl.jena.rdf.model.Model;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
import com.hp.hpl.jena.rdf.model.Property;
|
||||
|
|
@ -26,6 +27,7 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractDataPropertyStatementAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AbstractObjectPropertyStatementAction;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
|
||||
/**
|
||||
* Test the function of PolicyHelper in authorizing statements and models.
|
||||
|
|
@ -38,7 +40,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
|
||||
private ServletContextStub ctx;
|
||||
private HttpSessionStub session;
|
||||
private HttpServletRequestStub req;
|
||||
private VitroRequest vreq;
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
|
|
@ -47,8 +49,10 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
session = new HttpSessionStub();
|
||||
session.setServletContext(ctx);
|
||||
|
||||
req = new HttpServletRequestStub();
|
||||
HttpServletRequestStub req = new HttpServletRequestStub();
|
||||
req.setSession(session);
|
||||
vreq = new VitroRequest(req);
|
||||
vreq.setJenaOntModel(ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM));
|
||||
|
||||
setLoggerLevel(ServletPolicyList.class, Level.WARN);
|
||||
ServletPolicyList.addPolicy(ctx, new MySimplePolicy());
|
||||
|
|
@ -61,7 +65,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void addNullStatement() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, (Statement) null));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, (Statement) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -77,7 +81,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
APPROVED_PREDICATE_URI);
|
||||
assertEquals("authorized", true,
|
||||
PolicyHelper.isAuthorizedToAdd(req, stmt));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, stmt));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -85,13 +89,13 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
UNAPPROVED_PREDICATE_URI);
|
||||
assertEquals("not authorized", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, stmt));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, stmt));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void dropNullStatement() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, (Statement) null));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, (Statement) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -107,7 +111,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
APPROVED_PREDICATE_URI);
|
||||
assertEquals("authorized", true,
|
||||
PolicyHelper.isAuthorizedToDrop(req, stmt));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, stmt));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -115,7 +119,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
Statement stmt = dataStatement(APPROVED_SUBJECT_URI,
|
||||
UNAPPROVED_PREDICATE_URI);
|
||||
assertEquals("not authorized", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, stmt));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, stmt));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
|
|
@ -125,7 +129,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void addNullModel() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, (Model) null));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, (Model) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -137,7 +141,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void addEmptyModel() {
|
||||
assertEquals("empty model", true,
|
||||
PolicyHelper.isAuthorizedToAdd(req, model()));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, model()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -147,7 +151,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("authorized model", true,
|
||||
PolicyHelper.isAuthorizedToAdd(req, model));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, model));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -157,13 +161,13 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, UNAPPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("unauthorized model", false,
|
||||
PolicyHelper.isAuthorizedToAdd(req, model));
|
||||
PolicyHelper.isAuthorizedToAdd(vreq, model));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void dropNullModel() {
|
||||
assertEquals("null statement", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, (Model) null));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, (Model) null));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -175,7 +179,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void dropEmptyModel() {
|
||||
assertEquals("empty model", true,
|
||||
PolicyHelper.isAuthorizedToDrop(req, model()));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, model()));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -185,7 +189,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("authorized model", true,
|
||||
PolicyHelper.isAuthorizedToDrop(req, model));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, model));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -195,7 +199,7 @@ public class PolicyHelper_StatementsTest extends AbstractTestClass {
|
|||
objectStatement(APPROVED_SUBJECT_URI, APPROVED_PREDICATE_URI,
|
||||
APPROVED_OBJECT_URI));
|
||||
assertEquals("unauthorized model", false,
|
||||
PolicyHelper.isAuthorizedToDrop(req, model));
|
||||
PolicyHelper.isAuthorizedToDrop(vreq, model));
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
|
|
|
|||
|
|
@ -13,6 +13,11 @@ import org.junit.Test;
|
|||
|
||||
import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelperStub;
|
||||
import stubs.javax.servlet.ServletContextStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
import com.hp.hpl.jena.ontology.OntModelSpec;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.ArrayIdentifierBundle;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
|
||||
|
|
@ -58,6 +63,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
private SelfEditingPolicy policy;
|
||||
private IdentifierBundle ids;
|
||||
private RequestedAction whatToAuth;
|
||||
private OntModel ontModel;
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
|
|
@ -73,6 +79,8 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
ind.setURI(SELFEDITOR_URI);
|
||||
|
||||
ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI));
|
||||
|
||||
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -86,72 +94,72 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
"http://mannlib.cornell.edu/bad#prp0020" });
|
||||
PropertyRestrictionPolicyHelper.setBean(ctx, prph);
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp234", SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
"http://mannlib.cornell.edu/bad#prp234", SELFEDITOR_URI);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp999", SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
"http://mannlib.cornell.edu/bad#prp999", SELFEDITOR_URI);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// now with dataprop statements
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp234");
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
"http://mannlib.cornell.edu/bad#prp999");
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddDataPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddDataPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisitIdentifierBundleAddObjectPropStmt() {
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// this is the case where the editor is not part of the stmt
|
||||
whatToAuth = new AddObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new AddObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new AddObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, UNSAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -169,24 +177,24 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
//
|
||||
@Test
|
||||
public void testVisitIdentifierBundleDropObjectPropStmt() {
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// this is the case where the editor is not part of the stmt
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, UNSAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -210,39 +218,39 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
//
|
||||
@Test
|
||||
public void testVisitIdentifierBundleEditDataPropStmt() {
|
||||
whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI,SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI,SAFE_PREDICATE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI, UNSAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, UNSAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(UNSAFE_RESOURCE, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, UNSAFE_RESOURCE, SAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testVisitIdentifierBundleEditObjPropStmt() {
|
||||
whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
// this is the case where the editor is not part of the stmt
|
||||
whatToAuth = new EditObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
UNSAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
|
||||
whatToAuth = new EditObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new EditObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, UNSAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -254,7 +262,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void twoSEIsFindObjectPropertySubject() {
|
||||
setUpTwoSEIs();
|
||||
whatToAuth = new DropObjectPropertyStatement(SELFEDITOR_URI,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SELFEDITOR_URI,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -262,7 +270,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void twoSEIsFindObjectPropertyObject() {
|
||||
setUpTwoSEIs();
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SELFEDITOR_URI);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -270,7 +278,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
@Test
|
||||
public void twoSEIsDontFindInObjectProperty() {
|
||||
setUpTwoSEIs();
|
||||
whatToAuth = new DropObjectPropertyStatement(SAFE_RESOURCE,
|
||||
whatToAuth = new DropObjectPropertyStatement(ontModel, SAFE_RESOURCE,
|
||||
SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
|
@ -279,7 +287,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
public void twoSEIsFindDataPropertySubject() {
|
||||
setUpTwoSEIs();
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SELFEDITOR_URI, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SELFEDITOR_URI, SAFE_PREDICATE);
|
||||
assertDecision(AUTHORIZED, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
|
|
@ -287,7 +295,7 @@ public class SelfEditingPolicyTest extends AbstractTestClass {
|
|||
public void twoSEIsDontFindInDataProperty() {
|
||||
setUpTwoSEIs();
|
||||
|
||||
whatToAuth = new EditDataPropertyStatement(SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
whatToAuth = new EditDataPropertyStatement(ontModel, SAFE_RESOURCE, SAFE_PREDICATE);
|
||||
assertDecision(INCONCLUSIVE, policy.isAuthorized(ids, whatToAuth));
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ import stubs.edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestricti
|
|||
import stubs.javax.servlet.ServletContextStub;
|
||||
|
||||
import com.hp.hpl.jena.ontology.OntModel;
|
||||
import com.hp.hpl.jena.ontology.OntModelSpec;
|
||||
import com.hp.hpl.jena.rdf.model.ModelFactory;
|
||||
import com.hp.hpl.jena.rdf.model.impl.RDFDefaultErrorHandler;
|
||||
|
||||
|
|
@ -29,8 +30,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.AddObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditDataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.propstmt.EditObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.DataPropertyStatementImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.IndividualImpl;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VitroVocabulary;
|
||||
|
|
@ -69,6 +68,14 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
/** A bundle that contains a SelfEditing individual. */
|
||||
IdentifierBundle ids;
|
||||
|
||||
/**
|
||||
* An empty model that acts as a placeholder in the requested actions. The
|
||||
* SelfEditingPolicy does not base its decisions on the contents of the
|
||||
* model.
|
||||
*/
|
||||
private OntModel ontModel;
|
||||
|
||||
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
InputStream is = getClass().getResourceAsStream(
|
||||
|
|
@ -78,6 +85,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
// suppress the warning messages from loading the model.
|
||||
setLoggerLevel(RDFDefaultErrorHandler.class, Level.OFF);
|
||||
|
||||
// TODO This doesn't appear to be used for anything. Can it go away, along with the data file?
|
||||
OntModel model = ModelFactory.createOntologyModel();
|
||||
model.read(is, "");
|
||||
Assert.assertNotNull(model);
|
||||
|
|
@ -96,6 +104,8 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
|
||||
ids = new ArrayIdentifierBundle(new HasProfile(SELFEDITOR_URI));
|
||||
|
||||
ontModel = ModelFactory.createOntologyModel(OntModelSpec.OWL_MEM);
|
||||
|
||||
// setLoggerLevel(SelfEditingPolicySetupTest.class, Level.DEBUG);
|
||||
}
|
||||
|
||||
|
|
@ -113,7 +123,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
@Test
|
||||
public void nullIdentifierBundle() {
|
||||
AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement(
|
||||
SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
ontModel, SELFEDITOR_URI, SAFE_PREDICATE, SAFE_RESOURCE);
|
||||
PolicyDecision dec = policy.isAuthorized(null, whatToAuth);
|
||||
Assert.assertNotNull(dec);
|
||||
Assert.assertEquals(Authorization.INCONCLUSIVE, dec.getAuthorized());
|
||||
|
|
@ -267,7 +277,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
private void assertAddObjectPropStmt(String uriOfSub, String uriOfPred,
|
||||
String uriOfObj, Authorization expectedAuthorization) {
|
||||
AddObjectPropertyStatement whatToAuth = new AddObjectPropertyStatement(
|
||||
uriOfSub, uriOfPred, uriOfObj);
|
||||
ontModel, uriOfSub, uriOfPred, uriOfObj);
|
||||
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
|
||||
log.debug(dec);
|
||||
Assert.assertNotNull(dec);
|
||||
|
|
@ -281,7 +291,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
private void assertEditObjPropStmt(String uriOfSub, String uriOfPred,
|
||||
String uriOfObj, Authorization expectedAuthorization) {
|
||||
EditObjectPropertyStatement whatToAuth = new EditObjectPropertyStatement(
|
||||
uriOfSub, uriOfPred, uriOfObj);
|
||||
ontModel, uriOfSub, uriOfPred, uriOfObj);
|
||||
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
|
||||
log.debug(dec);
|
||||
Assert.assertNotNull(dec);
|
||||
|
|
@ -295,7 +305,7 @@ public class SelfEditingPolicy_2_Test extends AbstractTestClass {
|
|||
private void assertEditDataPropStmt(String individualURI,
|
||||
String datapropURI, String data, Authorization expectedAuthorization) {
|
||||
EditDataPropertyStatement whatToAuth = new EditDataPropertyStatement(
|
||||
individualURI, datapropURI);
|
||||
ontModel, individualURI, datapropURI);
|
||||
PolicyDecision dec = policy.isAuthorized(ids, whatToAuth);
|
||||
log.debug(dec);
|
||||
Assert.assertNotNull(dec);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue