VIVO-761 Unit tests and clean-up

2014-04-28 11:59:05 -04:00 · 2014-04-28 11:59:05 -04:00 · 9a8c378732
commit 9a8c378732
parent 20ba75d1d2
8 changed files with 197 additions and 340 deletions
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PublishByRolePermission.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/permissions/PublishByRolePermission.java
@ -8,7 +8,7 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.bean.PropertyRestrictionPolicyHelper;
-import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.ifaces.RequestedAction;
+import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.publish.PublishDataProperty;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.publish.PublishDataPropertyStatement;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.publish.PublishObjectProperty;
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper.java
@ -45,7 +45,7 @@ public class PolicyHelper {
 	 */
 	public static boolean isAuthorizedForActions(HttpServletRequest req,
 			AuthorizationRequest... actions) {
-		return isAuthorizedForActions(req, AuthorizationRequest.and(actions));
+		return isAuthorizedForActions(req, AuthorizationRequest.andAll(actions));
 	}
 	/**
@ -54,14 +54,14 @@ public class PolicyHelper {
 	 */
 	public static boolean isAuthorizedForActions(HttpServletRequest req,
 			Iterable<? extends AuthorizationRequest> actions) {
-		return isAuthorizedForActions(req, AuthorizationRequest.and(actions));
+		return isAuthorizedForActions(req, AuthorizationRequest.andAll(actions));
 	}
 	/**
 	 * Are these actions authorized for the current user by the current
 	 * policies?
 	 */
-	public static boolean isAuthorizedForActions(HttpServletRequest req,
+	private static boolean isAuthorizedForActions(HttpServletRequest req,
 			AuthorizationRequest ar) {
 		PolicyIface policy = ServletPolicyList.getPolicies(req);
 		IdentifierBundle ids = RequestIdentifiers.getIdBundleForRequest(req);
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyList.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyList.java
@ -22,8 +22,6 @@ import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
 *  and return the first AUTHORIZED or UNAUTHROIZED decision.  INCONCLUSIVE
 *  or null decisions will be ignored and the next policy on the list will
 *  be queried. 
 *   
 * @author bdc34
 */
 public class PolicyList extends ArrayList<PolicyIface> implements PolicyIface{
    private static final Log log = LogFactory.getLog(PolicyList.class.getName());
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequest.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequest.java
@ -36,11 +36,11 @@ public abstract class AuthorizationRequest {
 	// Static convenience methods
 	// ----------------------------------------------------------------------
-	public static AuthorizationRequest and(AuthorizationRequest... ars) {
+	public static AuthorizationRequest andAll(AuthorizationRequest... ars) {
-		return and(Arrays.asList(ars));
+		return andAll(Arrays.asList(ars));
 	}
-	public static AuthorizationRequest and(
+	public static AuthorizationRequest andAll(
 			Iterable<? extends AuthorizationRequest> ars) {
 		AuthorizationRequest result = AUTHORIZED;
 		for (AuthorizationRequest ar : ars) {
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ActionsTest.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_ActionsTest.java
@ -1,152 +0,0 @@
 /* $This file is distributed under the terms of the license in /doc/license.txt$ */
 package edu.cornell.mannlib.vitro.webapp.auth.policy;
 import static org.junit.Assert.assertEquals;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;
 import org.apache.log4j.Level;
 import org.junit.Before;
 import org.junit.Ignore;
 import org.junit.Test;
 import stubs.javax.servlet.ServletContextStub;
 import stubs.javax.servlet.http.HttpServletRequestStub;
 import stubs.javax.servlet.http.HttpSessionStub;
 import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
 /**
 * Test the function of PolicyHelper in authorizing simple actions.
 */
 public class PolicyHelper_ActionsTest extends AbstractTestClass {
 	private ServletContextStub ctx;
 	private HttpSessionStub session;
 	private HttpServletRequestStub req;
 	@Before
 	public void setLogging() {
 		setLoggerLevel(ServletPolicyList.class, Level.WARN);
 	}
 	@Before
 	public void setup() {
 		ctx = new ServletContextStub();
 		session = new HttpSessionStub();
 		session.setServletContext(ctx);
 		req = new HttpServletRequestStub();
 		req.setSession(session);
 	}
 	// ----------------------------------------------------------------------
 	// Action-level tests
 	// ----------------------------------------------------------------------
 	@Ignore
 	@Test
 	public void authorizedForActionsNull() {
 //		createPolicy();
 //		assertEquals("null actions", true,
 //				PolicyHelper.isAuthorizedForActions(req, (Actions) null));
 	}
 	@Ignore
 	@Test
 	public void authorizedForActionsEmpty() {
 //		createPolicy();
 //		assertEquals("empty actions", true,
 //				PolicyHelper.isAuthorizedForActions(req, new Actions()));
 	}
 	@Ignore
 	@Test
 	public void authorizedForActionsOneClausePass() {
 //		createPolicy(new Action1(), new Action2());
 //		assertEquals("one clause pass", true,
 //				PolicyHelper.isAuthorizedForActions(req, new Actions(
 //						new Action1(), new Action2())));
 	}
 	@Ignore
 	@Test
 	public void authorizedForActionsOneClauseFail() {
 //		createPolicy(new Action2());
 //		assertEquals("one clause fail", false,
 //				PolicyHelper.isAuthorizedForActions(req, new Actions(
 //						new Action1(), new Action2())));
 	}
 	@Ignore
 	@Test
 	public void authorizedForActionsMultipleClausesPass() {
 //		createPolicy(new Action3());
 //		assertEquals("multiple clauses pass", true,
 //				PolicyHelper.isAuthorizedForActions(req, new Actions(
 //						new Action1(), new Action2()).or(new Action3())));
 	}
 	@Ignore
 	@Test
 	public void authorizedForActionsMultipleClausesFail() {
 //		createPolicy(new Action1());
 //		assertEquals("multiple clauses fail", false,
 //				PolicyHelper.isAuthorizedForActions(req, new Actions(
 //						new Action1(), new Action2()).or(new Action3())));
 	}
 	// ----------------------------------------------------------------------
 	// Helper methods
 	// ----------------------------------------------------------------------
 	private void createPolicy(RequestedAction... authorizedActions) {
 		ServletPolicyList.addPolicy(ctx, new MySimplePolicy(authorizedActions));
 	}
 	// ----------------------------------------------------------------------
 	// Helper Classes
 	// ----------------------------------------------------------------------
 	public static class Action1 extends RequestedAction {
 		// actions must be public, with public constructor
 	}
 	public static class Action2 extends RequestedAction {
 		// actions must be public, with public constructor
 	}
 	public static class Action3 extends RequestedAction {
 		// actions must be public, with public constructor
 	}
 	private static class MySimplePolicy implements PolicyIface {
 		private final Set<RequestedAction> authorizedActions;
 		public MySimplePolicy(RequestedAction... authorizedActions) {
 			this.authorizedActions = new HashSet<RequestedAction>(
 					Arrays.asList(authorizedActions));
 		}
 		@Override
 		public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
 				RequestedAction whatToAuth) {
 			for (RequestedAction authorized : authorizedActions) {
 				if (authorized.getClass().equals(whatToAuth.getClass())) {
 					return new BasicPolicyDecision(Authorization.AUTHORIZED,
 							"matched " + authorized.getClass().getSimpleName());
 				}
 			}
 			return new BasicPolicyDecision(Authorization.INCONCLUSIVE, "nope");
 		}
 	}
 }
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_AuthorizationRequestTest.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyHelper_AuthorizationRequestTest.java
@ -2,22 +2,144 @@
 package edu.cornell.mannlib.vitro.webapp.auth.policy;
 import static org.junit.Assert.*;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;
 import org.junit.Before;
 import org.junit.Test;
 import stubs.javax.servlet.ServletContextStub;
 import stubs.javax.servlet.http.HttpServletRequestStub;
 import stubs.javax.servlet.http.HttpSessionStub;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.AuthorizationRequest;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
 /**
- * Test the ability of the Policy Helper to authorize a variety of simple or complex AuthorizationRequests
+ * Test the ability of the Policy Helper to authorize a variety of simple or
 * complex AuthorizationRequests
 */
 public class PolicyHelper_AuthorizationRequestTest {
 	private ServletContextStub ctx;
 	private HttpServletRequestStub req;
 	private AuthorizationRequest nullAr = null;
 	@Before
 	public void setup() {
 		ctx = new ServletContextStub();
 		HttpSessionStub session = new HttpSessionStub();
 		session.setServletContext(ctx);
 		req = new HttpServletRequestStub();
 		req.setSession(session);
 	}
 	// ----------------------------------------------------------------------
 	// Helper methods
 	// ----------------------------------------------------------------------
 	private void createPolicy(RequestedAction... authorizedActions) {
 		ServletPolicyList.addPolicy(ctx, new MySimplePolicy(authorizedActions));
 	}
 	@Test
 	public void authorizedForActionsNull() {
 		createPolicy();
 		assertTrue("null actions",
 				PolicyHelper.isAuthorizedForActions(req, nullAr));
 	}
 	@Test
 	public void authorizedForActionsEmpty() {
 		createPolicy();
 		assertTrue("empty actions", PolicyHelper.isAuthorizedForActions(req));
 	}
 	@Test
 	public void authorizedForActionsAndPass() {
 		createPolicy(new Action1(), new Action2());
 		assertTrue("and pass", PolicyHelper.isAuthorizedForActions(req,
 				new Action1(), new Action2()));
 	}
 	@Test
 	public void authorizedForActionsAndFail() {
 		createPolicy(new Action2());
 		assertFalse("and fail", PolicyHelper.isAuthorizedForActions(req,
 				new Action1(), new Action2()));
 	}
 	@Test
 	public void authorizedForActionsAndOrPass() {
 		createPolicy(new Action3());
 		assertTrue(
 				"and-or pass",
 				PolicyHelper.isAuthorizedForActions(req,
 						new Action1().and(new Action2()).or(new Action3())));
 	}
 	@Test
 	public void authorizedForActionsAndOrFail() {
 		createPolicy(new Action1());
 		assertFalse(
 				"and-or fail",
 				PolicyHelper.isAuthorizedForActions(req,
 						new Action1().and(new Action2()).or(new Action3())));
 	}
 	@Test
 	public void authorizedByACombinationOfPolicies() {
 		ServletPolicyList.addPolicy(ctx, new MySimplePolicy(new Action1()));
 		ServletPolicyList.addPolicy(ctx, new MySimplePolicy(new Action2()));
 		assertTrue("combination of policies",
 				PolicyHelper.isAuthorizedForActions(req, new Action2(),
 						new Action1()));
 	}
 	// ----------------------------------------------------------------------
 	// Helper Classes
 	// ----------------------------------------------------------------------
 	public static class Action1 extends RequestedAction {
 		// actions must be public, with public constructor
 	}
 	public static class Action2 extends RequestedAction {
 		// actions must be public, with public constructor
 	}
 	public static class Action3 extends RequestedAction {
 		// actions must be public, with public constructor
 	}
 	private static class MySimplePolicy implements PolicyIface {
 		private final Set<RequestedAction> authorizedActions;
 		public MySimplePolicy(RequestedAction... authorizedActions) {
 			this.authorizedActions = new HashSet<RequestedAction>(
 					Arrays.asList(authorizedActions));
 		}
 		@Override
 		public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
 				RequestedAction whatToAuth) {
 			for (RequestedAction authorized : authorizedActions) {
 				if (authorized.getClass().equals(whatToAuth.getClass())) {
 					return new BasicPolicyDecision(Authorization.AUTHORIZED,
 							"matched " + authorized.getClass().getSimpleName());
 				}
 			}
 			return new BasicPolicyDecision(Authorization.INCONCLUSIVE, "nope");
 		}
 	}
 /**Test plan
 * <pre>
 * isAuthorizedForActions with array, including empty, null, contains one or more, or contains nulls.
 * isAuthorizedForActions with collection, including empty, null, contains one or more, or contains nulls.
 *   All of this is tested by AuthorizationRequestTest?
 *   
 * isAuthorizedForActions with simple and complete AuthorizationRequests
 *   Simple success or failure (perhaps by INCONCLUSIVE) against one or more policies.
 *   AND satisfied by one policy or by two policies
 *   OR satisfied by one UNAUTHORIZED and one AUTHORIZED
 *   Complex structure of AND and OR satisfied in different ways by different policies.
 * </pre>
 */
 }
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyListTest.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/policy/PolicyListTest.java
@ -1,156 +0,0 @@
 /* $This file is distributed under the terms of the license in /doc/license.txt$ */
 package edu.cornell.mannlib.vitro.webapp.auth.policy;
 import java.util.ArrayList;
 import java.util.List;
 import junit.framework.Assert;
 import org.junit.Ignore;
 import org.junit.Test;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.Authorization;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyDecision;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
 import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.RequestedAction;
 public class PolicyListTest {
 	@Ignore
    @Test
    public void basicPolicyListTest() {
 //
 //        List<PolicyIface> polis = new ArrayList<PolicyIface>();
 //        polis.add( new SimplePolicy() );
 //        PolicyIface policy = new PolicyList( polis );
 //        PolicyDecision decision = policy.isAuthorized(null, new UnauthorizedAction());
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        decision = policy.isAuthorized(null, new AuthorizedAction());
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
    }
    /**
     * Tests the handling of the AnyRequestedAction by the PolicyList.
     */
 	@Ignore
    @Test 
    public void anyActionTest(){        
 //        List<PolicyIface> polis = new ArrayList<PolicyIface>();
 //        polis.add( new SimplePolicy() );
 //        PolicyIface policy = new PolicyList( polis );
 //        
 //        AnyRequestedAction act = new AnyRequestedAction( new UnauthorizedAction() );
 //        PolicyDecision decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new UnauthorizedAction() , new UnauthorizedAction());
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new UnauthorizedAction(),new UnauthorizedAction(),new UnauthorizedAction());
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new AuthorizedAction() );
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new AuthorizedAction(),new UnauthorizedAction() );
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new UnauthorizedAction(),new AuthorizedAction() );
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new UnauthorizedAction(),new UnauthorizedAction(),new AuthorizedAction());
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new UnauthorizedAction(),new AuthorizedAction(),new AuthorizedAction());
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AnyRequestedAction( new AuthorizedAction(),new AuthorizedAction(),new AuthorizedAction());
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
    }
    /**
     * Tests the handling of the AllRequestedAction by the PolicyList.
     */
 	@Ignore
    @Test
    public void andActionTest(){
 //        List<PolicyIface> polis = new ArrayList<PolicyIface>();
 //        polis.add( new SimplePolicy() );
 //        PolicyIface policy = new PolicyList( polis );        
 //        
 //        AllRequestedAction act = new AllRequestedAction( new UnauthorizedAction(), new UnauthorizedAction(), new UnauthorizedAction());        
 //        PolicyDecision decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AllRequestedAction( new UnauthorizedAction() );        
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AllRequestedAction( new UnauthorizedAction() , new AuthorizedAction() );        
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AllRequestedAction( new AuthorizedAction() , new UnauthorizedAction() );        
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AllRequestedAction( new AuthorizedAction() , new AuthorizedAction() ,new UnauthorizedAction() );        
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.UNAUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AllRequestedAction( new AuthorizedAction()  );        
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
 //        
 //        act = new AllRequestedAction( new AuthorizedAction() , new AuthorizedAction(), new AuthorizedAction() );        
 //        decision = policy.isAuthorized(null, act);
 //        Assert.assertNotNull( decision );
 //        Assert.assertEquals(Authorization.AUTHORIZED, decision.getAuthorized() );
    }
    /**
     * policy that only responds to Unauthorized and Authorized actions.
     */
    public class SimplePolicy implements PolicyIface {
        @Override
        public PolicyDecision isAuthorized(IdentifierBundle whoToAuth,
                RequestedAction whatToAuth) {
 //            if( whatToAuth instanceof UnauthorizedAction )
 //                return new BasicPolicyDecision( Authorization.UNAUTHORIZED, "SimplePolicy unauthorized");
 //            if( whatToAuth instanceof AuthorizedAction )
 //                return new BasicPolicyDecision( Authorization.AUTHORIZED, "SimplePolicy authorized");
 //            else
                return new BasicPolicyDecision(Authorization.INCONCLUSIVE, "SimplePolicy INCONCLUSIVE");
        }
    }
 }
--- a/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequestTest.java
+++ b/webapp/test/edu/cornell/mannlib/vitro/webapp/auth/requestedAction/AuthorizationRequestTest.java
@ -2,19 +2,64 @@
 package edu.cornell.mannlib.vitro.webapp.auth.requestedAction;
 import static org.junit.Assert.assertEquals;
 import org.junit.Test;
 import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
 import edu.cornell.mannlib.vitro.webapp.auth.identifier.IdentifierBundle;
 import edu.cornell.mannlib.vitro.webapp.auth.policy.ifaces.PolicyIface;
 /**
 * Test the functions of the base class.
 */
 public class AuthorizationRequestTest extends AbstractTestClass {
-	/**
+	private MyAuth one = new MyAuth("one");
-	 * Test plan
+	private MyAuth two = new MyAuth("two");
-	 * 
+
-	 * <pre>
+	@Test
-	 * Static and methods work even if the list or array is empty or null, or contains a null.
+	public void and() {
-	 * 
+		assertEquals("and", "(MyAuth[one] && MyAuth[two])", one.and(two)
-	 * Instance and and or work with nulls.
+				.toString());
-	 * </pre>
+	}
-	 */
+
 	@Test
 	public void andNull() {
 		assertEquals("andNull", "MyAuth[one]", one.and(null).toString());
 	}
 	@Test
 	public void or() {
 		assertEquals("or", "(MyAuth[one] || MyAuth[two])", one.or(two)
 				.toString());
 	}
 	@Test
 	public void orNull() {
 		assertEquals("orNull", "MyAuth[one]", one.or(null).toString());
 	}
 	// ----------------------------------------------------------------------
 	// Helper classes
 	// ----------------------------------------------------------------------
 	private static class MyAuth extends AuthorizationRequest {
 		private final String name;
 		public MyAuth(String name) {
 			this.name = name;
 		}
 		@Override
 		public boolean isAuthorized(IdentifierBundle ids, PolicyIface policy) {
 			throw new RuntimeException(
 					"AuthorizationRequest.isAuthorized() not implemented.");
 		}
 		@Override
 		public String toString() {
 			return "MyAuth[" + name + "]";
 		}
 	}
 }