diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PublishByRolePermission.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PublishByRolePermission.java index c70be7735..e587742a7 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PublishByRolePermission.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PublishByRolePermission.java @@ -8,7 +8,7 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.publish.PublishDataProperty; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.publish.PublishDataPropertyStatement; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.publish.PublishObjectProperty; diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java index c31ab8039..14277612f 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java @@ -45,7 +45,7 @@ public class PolicyHelper { */ public static boolean isAuthorizedForActions(HttpServletRequest req, AuthorizationRequest... actions) { - return isAuthorizedForActions(req, AuthorizationRequest.and(actions)); + return isAuthorizedForActions(req, AuthorizationRequest.andAll(actions)); } /** @@ -54,14 +54,14 @@ public class PolicyHelper { */ public static boolean isAuthorizedForActions(HttpServletRequest req, Iterable actions) { - return isAuthorizedForActions(req, AuthorizationRequest.and(actions)); + return isAuthorizedForActions(req, AuthorizationRequest.andAll(actions)); } /** * Are these actions authorized for the current user by the current * policies? */ - public static boolean isAuthorizedForActions(HttpServletRequest req, + private static boolean isAuthorizedForActions(HttpServletRequest req, AuthorizationRequest ar) { PolicyIface policy = ServletPolicyList.getPolicies(req); IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(req); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyList.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyList.java index e949c5559..86693198c 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyList.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyList.java @@ -22,8 +22,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction; * and return the first AUTHORIZED or UNAUTHROIZED decision. INCONCLUSIVE * or null decisions will be ignored and the next policy on the list will * be queried. - * - * @author bdc34 */ public class PolicyList extends ArrayList implements PolicyIface{ private static final Log log = LogFactory.getLog(PolicyList.class.getName()); diff --git a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequest.java b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequest.java index e09ede050..9d690cd41 100644 --- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequest.java +++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequest.java @@ -36,11 +36,11 @@ public abstract class AuthorizationRequest { // Static convenience methods // ---------------------------------------------------------------------- - public static AuthorizationRequest and(AuthorizationRequest... ars) { - return and(Arrays.asList(ars)); + public static AuthorizationRequest andAll(AuthorizationRequest... ars) { + return andAll(Arrays.asList(ars)); } - public static AuthorizationRequest and( + public static AuthorizationRequest andAll( Iterable ars) { AuthorizationRequest result = AUTHORIZED; for (AuthorizationRequest ar : ars) { diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ActionsTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ActionsTest.java deleted file mode 100644 index 2f854a27c..000000000 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ActionsTest.java +++ /dev/null @@ -1,152 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.policy; - -import static org.junit.Assert.assertEquals; - -import java.util.Arrays; -import java.util.HashSet; -import java.util.Set; - -import org.apache.log4j.Level; -import org.junit.Before; -import org.junit.Ignore; -import org.junit.Test; - -import stubs.javax.servlet.ServletContextStub; -import stubs.javax.servlet.http.HttpServletRequestStub; -import stubs.javax.servlet.http.HttpSessionStub; -import edu.cornell.mannlib.vitro.testing.AbstractTestClass; -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction; - -/** - * Test the function of PolicyHelper in authorizing simple actions. - */ -public class PolicyHelper_ActionsTest extends AbstractTestClass { - private ServletContextStub ctx; - private HttpSessionStub session; - private HttpServletRequestStub req; - - @Before - public void setLogging() { - setLoggerLevel(ServletPolicyList.class, Level.WARN); - } - - @Before - public void setup() { - ctx = new ServletContextStub(); - - session = new HttpSessionStub(); - session.setServletContext(ctx); - - req = new HttpServletRequestStub(); - req.setSession(session); - } - - // ---------------------------------------------------------------------- - // Action-level tests - // ---------------------------------------------------------------------- - - @Ignore - @Test - public void authorizedForActionsNull() { -// createPolicy(); -// assertEquals("null actions", true, -// PolicyHelper.isAuthorizedForActions(req, (Actions) null)); - } - - @Ignore - @Test - public void authorizedForActionsEmpty() { -// createPolicy(); -// assertEquals("empty actions", true, -// PolicyHelper.isAuthorizedForActions(req, new Actions())); - } - - @Ignore - @Test - public void authorizedForActionsOneClausePass() { -// createPolicy(new Action1(), new Action2()); -// assertEquals("one clause pass", true, -// PolicyHelper.isAuthorizedForActions(req, new Actions( -// new Action1(), new Action2()))); - } - - @Ignore - @Test - public void authorizedForActionsOneClauseFail() { -// createPolicy(new Action2()); -// assertEquals("one clause fail", false, -// PolicyHelper.isAuthorizedForActions(req, new Actions( -// new Action1(), new Action2()))); - } - - @Ignore - @Test - public void authorizedForActionsMultipleClausesPass() { -// createPolicy(new Action3()); -// assertEquals("multiple clauses pass", true, -// PolicyHelper.isAuthorizedForActions(req, new Actions( -// new Action1(), new Action2()).or(new Action3()))); - } - - @Ignore - @Test - public void authorizedForActionsMultipleClausesFail() { -// createPolicy(new Action1()); -// assertEquals("multiple clauses fail", false, -// PolicyHelper.isAuthorizedForActions(req, new Actions( -// new Action1(), new Action2()).or(new Action3()))); - } - - // ---------------------------------------------------------------------- - // Helper methods - // ---------------------------------------------------------------------- - - private void createPolicy(RequestedAction... authorizedActions) { - ServletPolicyList.addPolicy(ctx, new MySimplePolicy(authorizedActions)); - } - - // ---------------------------------------------------------------------- - // Helper Classes - // ---------------------------------------------------------------------- - - public static class Action1 extends RequestedAction { - // actions must be public, with public constructor - } - - public static class Action2 extends RequestedAction { - // actions must be public, with public constructor - } - - public static class Action3 extends RequestedAction { - // actions must be public, with public constructor - } - - private static class MySimplePolicy implements PolicyIface { - private final Set authorizedActions; - - public MySimplePolicy(RequestedAction... authorizedActions) { - this.authorizedActions = new HashSet( - Arrays.asList(authorizedActions)); - } - - @Override - public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, - RequestedAction whatToAuth) { - for (RequestedAction authorized : authorizedActions) { - if (authorized.getClass().equals(whatToAuth.getClass())) { - return new BasicPolicyDecision(Authorization.AUTHORIZED, - "matched " + authorized.getClass().getSimpleName()); - } - - } - return new BasicPolicyDecision(Authorization.INCONCLUSIVE, "nope"); - } - - } -} diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_AuthorizationRequestTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_AuthorizationRequestTest.java index e3741d7e4..dfbba4fe6 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_AuthorizationRequestTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_AuthorizationRequestTest.java @@ -2,22 +2,144 @@ package edu.cornell.mannlib.vitro.webapp.auth.policy; +import static org.junit.Assert.*; + +import java.util.Arrays; +import java.util.HashSet; +import java.util.Set; + +import org.junit.Before; +import org.junit.Test; + +import stubs.javax.servlet.ServletContextStub; +import stubs.javax.servlet.http.HttpServletRequestStub; +import stubs.javax.servlet.http.HttpSessionStub; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest; +import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction; + /** - * Test the ability of the Policy Helper to authorize a variety of simple or complex AuthorizationRequests + * Test the ability of the Policy Helper to authorize a variety of simple or + * complex AuthorizationRequests */ public class PolicyHelper_AuthorizationRequestTest { + private ServletContextStub ctx; + private HttpServletRequestStub req; + private AuthorizationRequest nullAr = null; + + @Before + public void setup() { + ctx = new ServletContextStub(); + + HttpSessionStub session = new HttpSessionStub(); + session.setServletContext(ctx); + + req = new HttpServletRequestStub(); + req.setSession(session); + } + + // ---------------------------------------------------------------------- + // Helper methods + // ---------------------------------------------------------------------- + + private void createPolicy(RequestedAction... authorizedActions) { + ServletPolicyList.addPolicy(ctx, new MySimplePolicy(authorizedActions)); + } + + @Test + public void authorizedForActionsNull() { + createPolicy(); + assertTrue("null actions", + PolicyHelper.isAuthorizedForActions(req, nullAr)); + } + + @Test + public void authorizedForActionsEmpty() { + createPolicy(); + assertTrue("empty actions", PolicyHelper.isAuthorizedForActions(req)); + } + + @Test + public void authorizedForActionsAndPass() { + createPolicy(new Action1(), new Action2()); + assertTrue("and pass", PolicyHelper.isAuthorizedForActions(req, + new Action1(), new Action2())); + } + + @Test + public void authorizedForActionsAndFail() { + createPolicy(new Action2()); + assertFalse("and fail", PolicyHelper.isAuthorizedForActions(req, + new Action1(), new Action2())); + } + + @Test + public void authorizedForActionsAndOrPass() { + createPolicy(new Action3()); + assertTrue( + "and-or pass", + PolicyHelper.isAuthorizedForActions(req, + new Action1().and(new Action2()).or(new Action3()))); + } + + @Test + public void authorizedForActionsAndOrFail() { + createPolicy(new Action1()); + assertFalse( + "and-or fail", + PolicyHelper.isAuthorizedForActions(req, + new Action1().and(new Action2()).or(new Action3()))); + } + + @Test + public void authorizedByACombinationOfPolicies() { + ServletPolicyList.addPolicy(ctx, new MySimplePolicy(new Action1())); + ServletPolicyList.addPolicy(ctx, new MySimplePolicy(new Action2())); + assertTrue("combination of policies", + PolicyHelper.isAuthorizedForActions(req, new Action2(), + new Action1())); + } + + // ---------------------------------------------------------------------- + // Helper Classes + // ---------------------------------------------------------------------- + + public static class Action1 extends RequestedAction { + // actions must be public, with public constructor + } + + public static class Action2 extends RequestedAction { + // actions must be public, with public constructor + } + + public static class Action3 extends RequestedAction { + // actions must be public, with public constructor + } + + private static class MySimplePolicy implements PolicyIface { + private final Set authorizedActions; + + public MySimplePolicy(RequestedAction... authorizedActions) { + this.authorizedActions = new HashSet( + Arrays.asList(authorizedActions)); + } + + @Override + public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, + RequestedAction whatToAuth) { + for (RequestedAction authorized : authorizedActions) { + if (authorized.getClass().equals(whatToAuth.getClass())) { + return new BasicPolicyDecision(Authorization.AUTHORIZED, + "matched " + authorized.getClass().getSimpleName()); + } + + } + return new BasicPolicyDecision(Authorization.INCONCLUSIVE, "nope"); + } + + } -/**Test plan - * 
- * isAuthorizedForActions with array, including empty, null, contains one or more, or contains nulls.
- * isAuthorizedForActions with collection, including empty, null, contains one or more, or contains nulls.
- *   All of this is tested by AuthorizationRequestTest?
- *   
- * isAuthorizedForActions with simple and complete AuthorizationRequests
- *   Simple success or failure (perhaps by INCONCLUSIVE) against one or more policies.
- *   AND satisfied by one policy or by two policies
- *   OR satisfied by one UNAUTHORIZED and one AUTHORIZED
- *   Complex structure of AND and OR satisfied in different ways by different policies.
- *
- */ } diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyListTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyListTest.java deleted file mode 100644 index 25aa79323..000000000 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyListTest.java +++ /dev/null @@ -1,156 +0,0 @@ -/* $This file is distributed under the terms of the license in /doc/license.txt$ */ - -package edu.cornell.mannlib.vitro.webapp.auth.policy; - -import java.util.ArrayList; -import java.util.List; - -import junit.framework.Assert; - -import org.junit.Ignore; -import org.junit.Test; - -import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision; -import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; -import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction; - -public class PolicyListTest { - - @Ignore - @Test - public void basicPolicyListTest() { -// -// List polis = new ArrayList(); -// polis.add( new SimplePolicy() ); -// PolicyIface policy = new PolicyList( polis ); -// PolicyDecision decision = policy.isAuthorized(null, new UnauthorizedAction()); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// decision = policy.isAuthorized(null, new AuthorizedAction()); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); - } - - /** - * Tests the handling of the AnyRequestedAction by the PolicyList. - */ - @Ignore - @Test - public void anyActionTest(){ -// List polis = new ArrayList(); -// polis.add( new SimplePolicy() ); -// PolicyIface policy = new PolicyList( polis ); -// -// AnyRequestedAction act = new AnyRequestedAction( new UnauthorizedAction() ); -// PolicyDecision decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new UnauthorizedAction() , new UnauthorizedAction()); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new UnauthorizedAction(),new UnauthorizedAction(),new UnauthorizedAction()); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new AuthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new AuthorizedAction(),new UnauthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new UnauthorizedAction(),new AuthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new UnauthorizedAction(),new UnauthorizedAction(),new AuthorizedAction()); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new UnauthorizedAction(),new AuthorizedAction(),new AuthorizedAction()); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); -// -// act = new AnyRequestedAction( new AuthorizedAction(),new AuthorizedAction(),new AuthorizedAction()); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); - } - - /** - * Tests the handling of the AllRequestedAction by the PolicyList. - */ - @Ignore - @Test - public void andActionTest(){ -// List polis = new ArrayList(); -// polis.add( new SimplePolicy() ); -// PolicyIface policy = new PolicyList( polis ); -// -// AllRequestedAction act = new AllRequestedAction( new UnauthorizedAction(), new UnauthorizedAction(), new UnauthorizedAction()); -// PolicyDecision decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AllRequestedAction( new UnauthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AllRequestedAction( new UnauthorizedAction() , new AuthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AllRequestedAction( new AuthorizedAction() , new UnauthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AllRequestedAction( new AuthorizedAction() , new AuthorizedAction() ,new UnauthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() ); -// -// act = new AllRequestedAction( new AuthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); -// -// act = new AllRequestedAction( new AuthorizedAction() , new AuthorizedAction(), new AuthorizedAction() ); -// decision = policy.isAuthorized(null, act); -// Assert.assertNotNull( decision ); -// Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() ); - } - - - /** - * policy that only responds to Unauthorized and Authorized actions. - */ - public class SimplePolicy implements PolicyIface { - - @Override - public PolicyDecision isAuthorized(IdentifierBundle whoToAuth, - RequestedAction whatToAuth) { -// if( whatToAuth instanceof UnauthorizedAction ) -// return new BasicPolicyDecision( Authorization.UNAUTHORIZED, "SimplePolicy unauthorized"); -// if( whatToAuth instanceof AuthorizedAction ) -// return new BasicPolicyDecision( Authorization.AUTHORIZED, "SimplePolicy authorized"); -// else - return new BasicPolicyDecision(Authorization.INCONCLUSIVE, "SimplePolicy INCONCLUSIVE"); - } - - - } -} diff --git a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequestTest.java b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequestTest.java index 98864edec..23f8f3b5d 100644 --- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequestTest.java +++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequestTest.java @@ -2,19 +2,64 @@ package edu.cornell.mannlib.vitro.webapp.auth.requestedAction; +import static org.junit.Assert.assertEquals; + +import org.junit.Test; + import edu.cornell.mannlib.vitro.testing.AbstractTestClass; +import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle; +import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface; /** * Test the functions of the base class. */ public class AuthorizationRequestTest extends AbstractTestClass { - /** - * Test plan - * - * 
-	 * Static and methods work even if the list or array is empty or null, or contains a null.
-	 * 
-	 * Instance and and or work with nulls.
-	 *
- */ + private MyAuth one = new MyAuth("one"); + private MyAuth two = new MyAuth("two"); + + @Test + public void and() { + assertEquals("and", "(MyAuth[one] && MyAuth[two])", one.and(two) + .toString()); + } + + @Test + public void andNull() { + assertEquals("andNull", "MyAuth[one]", one.and(null).toString()); + } + + @Test + public void or() { + assertEquals("or", "(MyAuth[one] || MyAuth[two])", one.or(two) + .toString()); + } + + @Test + public void orNull() { + assertEquals("orNull", "MyAuth[one]", one.or(null).toString()); + } + + // ---------------------------------------------------------------------- + // Helper classes + // ---------------------------------------------------------------------- + + private static class MyAuth extends AuthorizationRequest { + private final String name; + + public MyAuth(String name) { + this.name = name; + } + + @Override + public boolean isAuthorized(IdentifierBundle ids, PolicyIface policy) { + throw new RuntimeException( + "AuthorizationRequest.isAuthorized() not implemented."); + } + + @Override + public String toString() { + return "MyAuth[" + name + "]"; + } + + } }