1   /* 
2    * Licensed to the Apache Software Foundation (ASF) under one or more
3    * contributor license agreements.  See the NOTICE file distributed with
4    * this work for additional information regarding copyright ownership.
5    * The ASF licenses this file to You under the Apache License, Version 2.0
6    * (the "License"); you may not use this file except in compliance with
7    * the License.  You may obtain a copy of the License at
8    *
9    *     http://www.apache.org/licenses/LICENSE-2.0
10   *
11   * Unless required by applicable law or agreed to in writing, software
12   * distributed under the License is distributed on an "AS IS" BASIS,
13   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14   * See the License for the specific language governing permissions and
15   * limitations under the License.
16   */
17  package org.apache.jetspeed.security;
18  
19  import java.security.Principal;
20  import java.util.Collection;
21  import java.util.Iterator;
22  import java.util.prefs.Preferences;
23  
24  import junit.framework.Test;
25  import junit.framework.TestSuite;
26  
27  import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
28  import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
29  
30  /***
31   * <p>
32   * Unit testing for {@link GroupManager}.
33   * </p>
34   * 
35   * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
36   * @version $Id: TestGroupManager.java 517719 2007-03-13 15:05:48Z ate $
37   */
38  public class TestGroupManager extends AbstractSecurityTestcase
39  {
40  
41      /***
42       * @see junit.framework.TestCase#setUp()
43       */
44      protected void setUp() throws Exception
45      {
46          super.setUp();
47      }
48  
49      /***
50       * @see junit.framework.TestCase#tearDown()
51       */
52      public void tearDown() throws Exception
53      {
54          destroyGroups();
55          super.tearDown();
56  
57      }
58  
59      public static Test suite()
60      {
61          // All methods starting with "test" will be executed in the test suite.
62          return new TestSuite(TestGroupManager.class);
63      }
64  
65      /***
66       * <p>
67       * Test add group.
68       * </p>
69       */
70      public void testAddGroup()
71      {
72          try
73          {
74              gms.addGroup("testgroup");
75          }
76          catch (SecurityException sex)
77          {
78              assertTrue("group should not already exists. exception caught: " + sex, false);
79          }
80          try
81          {
82              gms.addGroup("testgroup.newgroup0");
83          }
84          catch (SecurityException sex)
85          {
86              assertTrue("group should not already exists. exception caught: " + sex, false);
87          }
88          // Add existing group.
89          try
90          {
91              gms.addGroup("testgroup.newgroup0");
92              assertTrue("group should already exists. exception not thrown.", false);
93          }
94          catch (SecurityException sex)
95          {
96          }
97  
98          // Cleanup test.
99          try
100         {
101             gms.removeGroup("testgroup");
102         }
103         catch (SecurityException sex)
104         {
105             assertTrue("could not remove group. exception caught: " + sex, false);
106         }
107     }
108 
109     /***
110      * <p>
111      * Test add user to group.
112      * </p>
113      */
114     public void testAddUserToGroup()
115     {
116         // Init test.
117         try
118         {
119             ums.addUser("anonuser1", "password");
120             gms.addGroup("testusertogroup1");
121             gms.addGroup("testusertogroup1.group1");
122             gms.addGroup("testusertogroup1.group2");
123         }
124         catch (SecurityException sex)
125         {
126             assertTrue("failed to init testAddUserToGroup(), " + sex, false);
127         }
128         // Add group with no prior groups.
129         try
130         {
131             gms.addUserToGroup("anonuser1", "testusertogroup1.group1");
132             Collection principals = ums.getUser("anonuser1").getSubject().getPrincipals();
133             assertTrue("anonuser1 should contain testusertogroup1.group1", principals.contains(new GroupPrincipalImpl(
134                     "testusertogroup1.group1")));
135         }
136         catch (SecurityException sex)
137         {
138             assertTrue("should add user to group. exception caught: " + sex, false);
139         }
140         // Add group with existing groups.
141         try
142         {
143             gms.addUserToGroup("anonuser1", "testusertogroup1.group2");
144             Collection principals = ums.getUser("anonuser1").getSubject().getPrincipals();
145             assertTrue("anonuser1 should contain testusertogroup1.group2", principals.contains(new GroupPrincipalImpl(
146                     "testusertogroup1.group2")));
147         }
148         catch (SecurityException sex)
149         {
150             assertTrue("should add user to group. exception caught: " + sex, false);
151         }
152         // Add group when user does not exist.
153         try
154         {
155             gms.addUserToGroup("anonuser123", "testusertogroup1.group2");
156             assertTrue("should catch exception: user does not exist.", false);
157         }
158         catch (SecurityException sex)
159         {
160         }
161         // Add group when group does not exist.
162         try
163         {
164             gms.addUserToGroup("anonuser1", "testusertogroup1.group123");
165             assertTrue("should catch exception: group does not exist.", false);
166         }
167         catch (SecurityException sex)
168         {
169         }
170 
171         // Cleanup test.
172         try
173         {
174             ums.removeUser("anonuser1");
175             gms.removeGroup("testusertogroup1");
176         }
177         catch (SecurityException sex)
178         {
179             assertTrue("could not remove user and group. exception caught: " + sex, false);
180         }
181     }
182 
183     /***
184      * <p>
185      * Test remove group.
186      * </p>
187      */
188     public void testRemoveGroup()
189     {
190         // Init test.
191         try
192         {
193             ums.addUser("anonuser2", "password");
194             gms.addGroup("testgroup1");
195             gms.addGroup("testgroup1.group1");
196             gms.addGroup("testgroup1.group2");
197             gms.addGroup("testgroup2");
198             gms.addGroup("testgroup2.group1");
199             gms.addUserToGroup("anonuser2", "testgroup1.group1");
200             gms.addUserToGroup("anonuser2", "testgroup1.group2");
201             gms.addUserToGroup("anonuser2", "testgroup2.group1");
202         }
203         catch (SecurityException sex)
204         {
205             assertTrue("failed to init testRemoveGroup(), " + sex, false);
206         }
207 
208         try
209         {
210             gms.removeGroup("testgroup1.group1");
211             Collection principals = ums.getUser("anonuser2").getSubject().getPrincipals();
212             // because of hierarchical groups with generalization strategy as default. Was 5 groups + 1 user, should now be 5
213             // (4 groups + 1 user).
214             assertEquals(
215                 "principal size should be == 5 after removing testgroup1.group1, for principals: " + principals.toString(),
216                 5,
217                 principals.size());
218             assertFalse("anonuser2 should not contain testgroup1.group1", principals.contains(new GroupPrincipalImpl(
219                     "testgroup1.group1")));
220         }
221         catch (SecurityException sex)
222         {
223             assertTrue("should remove group. exception caught: " + sex, false);
224         }
225 
226         // Cleanup test.
227         try
228         {
229             ums.removeUser("anonuser2");
230             gms.removeGroup("testgroup1");
231             gms.removeGroup("testgroup2");
232         }
233         catch (SecurityException sex)
234         {
235             assertTrue("could not remove user and group. exception caught: " + sex, false);
236         }
237     }
238 
239     /***
240      * <p>
241      * Test get group.
242      * </p>
243      */
244     public void testGetGroup()
245     {
246         // Test when the group does not exist.
247         try
248         {
249             gms.getGroup("testgroupdoesnotexist");
250             assertTrue("group does not exist. should have thrown an exception.", false);
251         }
252         catch (SecurityException sex)
253         {
254         }
255         // Test when the group exists.
256         Group group = null;
257         try
258         {
259             gms.addGroup("testgetgroup");
260             group = gms.getGroup("testgetgroup");
261         }
262         catch (SecurityException sex)
263         {
264             assertTrue("group exists. should not have thrown an exception.", false);
265         }
266         assertNotNull("group is null", group);
267         // Test the Principal.
268         Principal groupPrincipal = group.getPrincipal();
269         assertNotNull("group principal is null", groupPrincipal);
270         assertEquals("expected group principal full path == testgetgroup", "testgetgroup", groupPrincipal.getName());
271 
272         // Test the Group Preferences.
273         Preferences preferences = group.getPreferences();
274         assertEquals("expected group node == /group/testgetgroup", SecurityHelper
275                 .getPreferencesFullPath(groupPrincipal), preferences.absolutePath());
276 
277         // Cleanup test.
278         try
279         {
280             gms.removeGroup("testgetgroup");
281         }
282         catch (SecurityException sex)
283         {
284             assertTrue("could not remove group. exception caught: " + sex, false);
285         }
286     }
287 
288     /***
289      * <p>
290      * Test get groups for user.
291      * </p>
292      */
293     public void testGetGroupsForUser()
294     {
295         // Init test.
296         try
297         {
298             ums.addUser("anonuser2", "password");
299             gms.addGroup("testgroup1");
300             gms.addGroup("testgroup1.group1");
301             gms.addGroup("testgroup1.group2");
302             gms.addGroup("testgroup2");
303             gms.addGroup("testgroup2.group1");
304             gms.addUserToGroup("anonuser2", "testgroup1.group1");
305             gms.addUserToGroup("anonuser2", "testgroup1.group2");
306             gms.addUserToGroup("anonuser2", "testgroup2.group1");
307         }
308         catch (SecurityException sex)
309         {
310             assertTrue("failed to init testGetGroupsForUser(), " + sex, false);
311         }
312 
313         try
314         {
315             Collection groups = gms.getGroupsForUser("anonuser2");
316             // Default hierarchy used in by generalization.
317             assertEquals("groups size should be == 5", 5, groups.size());
318         }
319         catch (SecurityException sex)
320         {
321             assertTrue("user exists. should not have thrown an exception: " + sex, false);
322         }
323 
324         // Cleanup test.
325         try
326         {
327             ums.removeUser("anonuser2");
328             gms.removeGroup("testgroup1");
329             gms.removeGroup("testgroup2");
330         }
331         catch (SecurityException sex)
332         {
333             assertTrue("could not remove user and group. exception caught: " + sex, false);
334         }
335     }
336 
337     /***
338      * <p>
339      * Test get groups in role.
340      * </p>
341      */
342     public void testGetGroupsInRole()
343     {
344         // Init test.
345         try
346         {
347             rms.addRole("testuserrolemapping");
348             gms.addGroup("testrolegroupmapping");
349             gms.addGroup("testrolegroupmapping.group1");
350             gms.addGroup("testrolegroupmapping.group2");
351             rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping");
352             rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping.group1");
353             rms.addRoleToGroup("testuserrolemapping", "testrolegroupmapping.group2");
354         }
355         catch (SecurityException sex)
356         {
357             assertTrue("failed to init testGetRolesForGroup(), " + sex, false);
358         }
359 
360         try
361         {
362             Collection groups = gms.getGroupsInRole("testuserrolemapping");
363             assertEquals("groups size should be == 3", 3, groups.size());
364         }
365         catch (SecurityException sex)
366         {
367             assertTrue("role exists. should not have thrown an exception: " + sex, false);
368         }
369 
370         // Cleanup test.
371         try
372         {
373             rms.removeRole("testuserrolemapping");
374             gms.removeGroup("testrolegroupmapping");
375         }
376         catch (SecurityException sex)
377         {
378             assertTrue("could not remove role and group. exception caught: " + sex, false);
379         }
380     }
381 
382     /***
383      * <p>
384      * Test remove user from group.
385      * </p>
386      */
387     public void testRemoveUserFromGroup()
388     {
389         // Init test.
390         try
391         {
392             ums.addUser("anonuser4", "password");
393             gms.addGroup("testgroup1");
394             gms.addGroup("testgroup1.group1");
395             gms.addUserToGroup("anonuser4", "testgroup1.group1");
396         }
397         catch (SecurityException sex)
398         {
399             assertTrue("failed to init testRemoveUserFromGroup(), " + sex, false);
400         }
401 
402         try
403         {
404             gms.removeUserFromGroup("anonuser4", "testgroup1.group1");
405             Collection groups = gms.getGroupsForUser("anonuser4");
406             assertEquals("groups size should be == 0", 0, groups.size());
407         }
408         catch (SecurityException sex)
409         {
410             assertTrue("user exists. should not have thrown an exception: " + sex, false);
411         }
412 
413         // Cleanup test.
414         try
415         {
416             ums.removeUser("anonuser4");
417             gms.removeGroup("testgroup1");
418         }
419         catch (SecurityException sex)
420         {
421             assertTrue("could not remove user and group. exception caught: " + sex, false);
422         }
423     }
424 
425     /***
426      * <p>
427      * Test is user in role.
428      * </p>
429      */
430     public void testIsUserInGroup()
431     {
432         // Init test.
433         try
434         {
435             ums.addUser("anonuser3", "password");
436             gms.addGroup("testgroup1");
437             gms.addGroup("testgroup1.group1");
438             gms.addUserToGroup("anonuser3", "testgroup1.group1");
439         }
440         catch (SecurityException sex)
441         {
442             assertTrue("failed to init testRemoveUserFromGroup(), " + sex, false);
443         }
444 
445         try
446         {
447             boolean isUserInGroup = gms.isUserInGroup("anonuser3", "testgroup1.group1");
448             assertTrue("anonuser3 should be in group testgroup1.group1", isUserInGroup);
449         }
450         catch (SecurityException sex)
451         {
452             assertTrue("user and group exist. should not have thrown an exception: " + sex, false);
453         }
454 
455         // Cleanup test.
456         try
457         {
458             ums.removeUser("anonuser4");
459             gms.removeGroup("testgroup1");
460         }
461         catch (SecurityException sex)
462         {
463             assertTrue("could not remove user and group. exception caught: " + sex, false);
464         }
465     }
466 
467     /***
468      * <p>
469      * Test get groups.
470      * </p>
471      * 
472      * @throws Exception Throws an exception.
473      */
474     public void testGetGroups() throws Exception
475     {
476     	int groupCount = 0;
477     	int groupAdded = 0;
478         Iterator it = gms.getGroups("");
479         while (it.hasNext())
480         {
481             Group group = (Group) it.next();
482             System.out.println("Group is " + group);
483             groupCount++;
484         }
485 
486     	ums.addUser("notme", "one-pw");
487         gms.addGroup("g1");
488         gms.addGroup("g2");
489         gms.addGroup("g3");
490         groupAdded = 3;
491         int count = 0;
492         it = gms.getGroups("");
493         while (it.hasNext())
494         {
495             Group group = (Group) it.next();
496             System.out.println("Group is " + group);
497             count++;
498         }
499         ums.removeUser("notme");
500         gms.removeGroup("g1");
501         gms.removeGroup("g2");
502         gms.removeGroup("g3");
503         assertTrue("group count should be " + (groupAdded + groupCount), count == (groupAdded + groupCount));
504                
505     }
506     
507     /***
508      * <p>
509      * Destroy group test objects.
510      * </p>
511      */
512     protected void destroyGroups() throws Exception
513     {
514         ums.removeUser("anonuser1");
515         ums.removeUser("anonuser2");
516         ums.removeUser("anonuser3");
517         ums.removeUser("anonuser4");
518         gms.removeGroup("testgroup1");
519         gms.removeGroup("testgroup2");
520         gms.removeGroup("testusertogroup1");
521         gms.removeGroup("testgetgroup");
522     }
523 
524 }