1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.security;
18
19 import java.security.AccessControlException;
20 import java.security.Permission;
21 import java.security.Permissions;
22 import java.security.Principal;
23 import java.util.ArrayList;
24 import java.util.Arrays;
25 import java.util.Collection;
26 import java.util.Collections;
27 import java.util.Comparator;
28 import java.util.Enumeration;
29 import java.util.HashSet;
30 import java.util.Set;
31 import java.util.Vector;
32
33 import javax.security.auth.Subject;
34
35 import junit.framework.Test;
36 import junit.framework.TestSuite;
37
38 import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
39 import org.apache.jetspeed.security.impl.PrincipalsSet;
40 import org.apache.jetspeed.security.impl.RolePrincipalImpl;
41 import org.apache.jetspeed.security.impl.UserPrincipalImpl;
42 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
43
44 /***
45 * <p>Unit testing for {@link PermissionManager}.</p>
46 *
47 * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
48 */
49 public class TestPermissionManager extends AbstractSecurityTestcase
50 {
51 private static final Comparator principalComparator = new Comparator()
52 {
53
54 public int compare(Object arg0, Object arg1)
55 {
56 return ((Principal)arg0).getName().compareTo(((Principal)arg1).getName());
57 }
58 };
59
60 /***
61 * @see junit.framework.TestCase#setUp()
62 */
63 protected void setUp() throws Exception
64 {
65 super.setUp();
66 }
67
68 /***
69 * @see junit.framework.TestCase#tearDown()
70 */
71 public void tearDown() throws Exception
72 {
73 destroyPermissions();
74 super.tearDown();
75 }
76
77 public static Test suite()
78 {
79
80 return new TestSuite(TestPermissionManager.class);
81 }
82
83 public void testWildcardPermissionCheck()
84 throws Exception
85 {
86
87
88
89 UserPrincipal adminUser = new UserPrincipalImpl("adminTEST");
90 UserPrincipal userUser = new UserPrincipalImpl("userTEST");
91 PortletPermission adminPerm = new PortletPermission("adminTEST::*", "view, edit");
92 PortletPermission userPerm = new PortletPermission("demoTEST::*", "view, edit");
93 RolePrincipal adminRole = new RolePrincipalImpl("adminTEST");
94 RolePrincipal userRole = new RolePrincipalImpl("userTEST");
95
96 try
97 {
98 ums.addUser(adminUser.getName(), "password");
99 ums.addUser(userUser.getName(), "password");
100 rms.addRole(adminRole.getName());
101 rms.addRole(userRole.getName());
102 rms.addRoleToUser(adminUser.getName(), adminRole.getName());
103 rms.addRoleToUser(userUser.getName(), userRole.getName());
104 rms.addRoleToUser(adminUser.getName(), userRole.getName());
105 pms.addPermission(adminPerm);
106 pms.addPermission(userPerm);
107 pms.grantPermission(adminRole, adminPerm);
108 pms.grantPermission(userRole, userPerm);
109 }
110 catch (SecurityException sex)
111 {
112 assertTrue("failed to init testRemovePrincipalPermissions(), " + sex, false);
113 }
114
115
116
117
118 Set adminPrincipals = new PrincipalsSet();
119 Set adminPublicCredentials = new HashSet();
120 Set adminPrivateCredentials = new HashSet();
121 Set userPrincipals = new PrincipalsSet();
122 Set userPublicCredentials = new HashSet();
123 Set userPrivateCredentials = new HashSet();
124
125 adminPrincipals.add(adminUser);
126 adminPrincipals.add(adminRole);
127 adminPrincipals.add(userRole);
128
129 userPrincipals.add(userUser);
130 userPrincipals.add(userRole);
131
132 try
133 {
134 Subject adminSubject = new Subject(true, adminPrincipals, adminPublicCredentials, adminPrivateCredentials);
135 Subject userSubject = new Subject(true, userPrincipals, userPublicCredentials, userPrivateCredentials);
136
137 boolean access = pms.checkPermission(adminSubject, adminPerm);
138 assertTrue("access to admin Perm should be granted to Admin ", access);
139
140 access = pms.checkPermission(adminSubject, userPerm);
141 assertTrue("access to user should NOT be granted to Admin ", access);
142
143 access = pms.checkPermission(userSubject, userPerm);
144 assertTrue("access to User Perm should be granted to User ", access);
145
146 access = pms.checkPermission(userSubject, adminPerm);
147 assertFalse("access to Admin Perm should NOT be granted to User ", access);
148
149 }
150 catch (AccessControlException e)
151 {
152 fail("failed permission check");
153 }
154 finally
155 {
156
157
158
159 try
160 {
161 ums.removeUser(adminUser.getName());
162 ums.removeUser(userUser.getName());
163 rms.removeRole(adminRole.getName());
164 rms.removeRole(userRole.getName());
165
166 pms.removePermission(adminPerm);
167 pms.removePermission(userPerm);
168 }
169 catch (SecurityException sex)
170 {
171 assertTrue("could not remove user and permission. exception caught: " + sex, false);
172 }
173 }
174
175
176 }
177
178 public void testPermissionCheck()
179 throws Exception
180 {
181
182
183
184 UserPrincipal user = new UserPrincipalImpl("test");
185 PortletPermission perm1 = new PortletPermission("PortletOne", "view, edit");
186 PortletPermission perm2 = new PortletPermission("PortletTwo", "view");
187 PortletPermission perm3 = new PortletPermission("PortletThree", "view");
188 PortletPermission perm3a = new PortletPermission("PortletThreeA", "view, edit");
189 RolePrincipal role1 = new RolePrincipalImpl("Role1");
190 RolePrincipal role2 = new RolePrincipalImpl("Role2");
191
192 try
193 {
194 ums.addUser(user.getName(), "password");
195 rms.addRole(role1.getName());
196 rms.addRole(role2.getName());
197 rms.addRoleToUser(user.getName(), role1.getName());
198 rms.addRoleToUser(user.getName(), role2.getName());
199 pms.addPermission(perm1);
200 pms.addPermission(perm2);
201 pms.addPermission(perm3);
202 pms.addPermission(perm3a);
203 pms.grantPermission(user, perm1);
204 pms.grantPermission(role1, perm2);
205 pms.grantPermission(role2, perm3);
206 }
207 catch (SecurityException sex)
208 {
209 assertTrue("failed to init testRemovePrincipalPermissions(), " + sex, false);
210 }
211
212
213
214
215 Set principals = new PrincipalsSet();
216 Set publicCredentials = new HashSet();
217 Set privateCredentials = new HashSet();
218 principals.add(user);
219 principals.add(role1);
220 principals.add(role2);
221
222 try
223 {
224 Subject subject = new Subject(true, principals, publicCredentials, privateCredentials);
225 boolean access = pms.checkPermission(subject, perm1);
226 assertTrue("access to perm1 should be granted ", access);
227 access = pms.checkPermission(subject, perm2);
228 assertTrue("access to perm2 should be granted ", access);
229 access = pms.checkPermission(subject, perm3);
230 assertTrue("access to perm3 should be granted ", access);
231 access = pms.checkPermission(subject, perm3a);
232 assertFalse("access to perm3a should be denied ", access);
233 }
234 catch (AccessControlException e)
235 {
236 fail("failed permission check");
237 }
238 finally
239 {
240
241
242
243 try
244 {
245 ums.removeUser(user.getName());
246 rms.removeRole(role1.getName());
247 rms.removeRole(role2.getName());
248 pms.removePermission(perm1);
249 pms.removePermission(perm2);
250 pms.removePermission(perm3);
251 pms.removePermission(perm3a);
252 }
253 catch (SecurityException sex)
254 {
255 assertTrue("could not remove user and permission. exception caught: " + sex, false);
256 }
257 }
258
259
260 }
261
262 /***
263 * <p>Test remove principal and associated permissions.</p>
264 */
265 public void testRemovePrincipalPermissions()
266 {
267
268 UserPrincipal user = new UserPrincipalImpl("test");
269 PortletPermission perm = new PortletPermission("anontestportlet", "view, edit");
270 try
271 {
272 ums.addUser(user.getName(), "password");
273 pms.addPermission(perm);
274 pms.grantPermission(user, perm);
275 }
276 catch (SecurityException sex)
277 {
278 assertTrue("failed to init testRemovePrincipalPermissions(), " + sex, false);
279 }
280 try
281 {
282 pms.removePermissions(user);
283 Permissions permissions = pms.getPermissions(user);
284 assertEquals(
285 "permissions should be empty for user " + user.getName(),
286 0,
287 (Collections.list(permissions.elements())).size());
288 }
289 catch (SecurityException sex)
290 {
291 assertTrue("could not remove permission. exception caught: " + sex, false);
292 }
293
294 try
295 {
296 ums.removeUser(user.getName());
297 pms.removePermission(perm);
298 }
299 catch (SecurityException sex)
300 {
301 assertTrue("could not remove user and permission. exception caught: " + sex, false);
302 }
303 }
304
305 /***
306 * <p>Test remove permission.</p>
307 */
308 public void testPermissionExists()
309 {
310 PortletPermission perm1 = new PortletPermission("removepermission1", "view, edit, secure, minimized, maximized");
311 PortletPermission perm2 = new PortletPermission("removepermission2", "view, edit, minimized, maximized");
312 try
313 {
314 pms.addPermission(perm1);
315 assertTrue(pms.permissionExists(perm1));
316 }
317 catch (SecurityException sex)
318 {
319 assertTrue("could not add permission, " + sex, false);
320 }
321 assertFalse(pms.permissionExists(perm2));
322
323
324 try
325 {
326 pms.removePermission(perm1);
327 }
328 catch (SecurityException sex)
329 {
330 assertTrue("could not remove permission. exception caught: " + sex, false);
331 }
332 }
333
334 /***
335 * <p>Test remove permission.</p>
336 */
337 public void testRemovePermission()
338 {
339
340 UserPrincipal user = new UserPrincipalImpl("removepermission");
341 RolePrincipal role = new RolePrincipalImpl("removepermissionrole");
342 PortletPermission perm1 = new PortletPermission("removepermission1", "view, edit, secure, minimized, maximized");
343 PortletPermission perm2 = new PortletPermission("removepermission2", "view, edit, minimized, maximized");
344 try
345 {
346 ums.addUser(user.getName(), "password");
347 rms.addRole(role.getName());
348 pms.addPermission(perm1);
349 pms.addPermission(perm2);
350 pms.grantPermission(user, perm1);
351 pms.grantPermission(user, perm2);
352 pms.grantPermission(role, perm1);
353 pms.grantPermission(role, perm2);
354 }
355 catch (SecurityException sex)
356 {
357 assertTrue("failed to init testRemovePermission(), " + sex, false);
358 }
359 try
360 {
361 pms.removePermission(perm1);
362 Permissions permCol1 = pms.getPermissions(new UserPrincipalImpl("removepermission"));
363 assertTrue(
364 "should only contain permission == {name = "
365 + perm2.getName()
366 + "}, {action = "
367 + perm2.getActions()
368 + "}, in collection of size == 1, actual size: "
369 + (Collections.list(permCol1.elements())).size(),
370 validatePermissions(permCol1, perm2, 1));
371 Permissions permCol2 = pms.getPermissions(new RolePrincipalImpl("removepermissionrole"));
372 assertTrue(
373 "should only contain permission == {name = "
374 + perm2.getName()
375 + "}, {action = "
376 + perm2.getActions()
377 + "}, in collection of size == 1, actual size: "
378 + (Collections.list(permCol2.elements())).size(),
379 validatePermissions(permCol2, perm2, 1));
380 }
381 catch (SecurityException sex)
382 {
383 assertTrue("could not remove permission. exception caught: " + sex, false);
384 }
385
386 try
387 {
388 ums.removeUser(user.getName());
389 pms.removePermission(perm1);
390 pms.removePermission(perm2);
391 }
392 catch (SecurityException sex)
393 {
394 assertTrue("could not remove user and permission. exception caught: " + sex, false);
395 }
396 }
397
398 /***
399 * <p>Test grant permission to principal.</p>
400 */
401 public void testGrantPermission()
402 {
403
404 UserPrincipal user1 = new UserPrincipalImpl("testgrantpermission1");
405 UserPrincipal user2 = new UserPrincipalImpl("testgrantpermission2");
406 PortletPermission perm1 = new PortletPermission("testportlet", "view, minimized, secure");
407 PortletPermission perm2 = new PortletPermission("testportlet", "view, minimized, maximized, secure");
408 try
409 {
410 ums.addUser(user2.getName(), "password");
411 pms.addPermission(perm1);
412 pms.addPermission(perm2);
413 }
414 catch (SecurityException sex)
415 {
416 assertTrue("failed to init testGrantPermission(), " + sex, false);
417 }
418
419
420 try
421 {
422 pms.grantPermission(user1, perm1);
423 assertTrue("principal does not exist. should have caught exception.", false);
424 }
425 catch (SecurityException sex)
426 {
427 }
428
429 try
430 {
431 pms.grantPermission(user2, perm2);
432 }
433 catch (SecurityException sex)
434 {
435 assertTrue("principal does not exist. caught exception, " + sex, false);
436 }
437 Permissions permCol1 = pms.getPermissions(user2);
438 assertTrue(
439 "should contain permission == {name = "
440 + perm2.getName()
441 + "}, {action = "
442 + perm2.getActions()
443 + "}, in collection of size == 1, actual size: "
444 + (Collections.list(permCol1.elements())).size(),
445 validatePermissions(permCol1, perm2, 1));
446
447 try
448 {
449 pms.grantPermission(user2, perm2);
450 }
451 catch (SecurityException sex)
452 {
453 assertTrue("principal does not exist. caught exception, " + sex, false);
454 }
455 Permissions permCol2 = pms.getPermissions(user2);
456 assertTrue(
457 "should contain permission == {name = "
458 + perm2.getName()
459 + "}, {action = "
460 + perm2.getActions()
461 + "}, in collection of size == 1, actual size: "
462 + (Collections.list(permCol2.elements())).size(),
463 validatePermissions(permCol2, perm2, 1));
464
465
466 try
467 {
468 ums.removeUser(user2.getName());
469 pms.removePermission(perm1);
470 pms.removePermission(perm2);
471 }
472 catch (SecurityException sex)
473 {
474 assertTrue("could not remove user and permission. exception caught: " + sex, false);
475 }
476 }
477
478 /***
479 * <p>Test get permissions from a principal.</p>
480 */
481 public void testGetPrincipalPermissions()
482 {
483
484 UserPrincipal user = new UserPrincipalImpl("anon");
485 PortletPermission perm1 = new PortletPermission("anontestportlet", "view");
486 PortletPermission perm2 = new PortletPermission("anontestportlet", "view, edit");
487 try
488 {
489 ums.addUser(user.getName(), "password");
490 pms.addPermission(perm1);
491 pms.addPermission(perm2);
492 pms.grantPermission(user, perm1);
493 pms.grantPermission(user, perm2);
494 }
495 catch (SecurityException sex)
496 {
497 assertTrue("failed to init testGetPrincipalPermissions(), " + sex, false);
498 }
499
500 Permissions permissions = pms.getPermissions(user);
501 assertTrue(
502 "should contain permission == {name = "
503 + perm1.getName()
504 + "}, {action = "
505 + perm1.getActions()
506 + "}, in collection of size == 2, actual size: "
507 + (Collections.list(permissions.elements())).size(),
508 validatePermissions(permissions, perm1, 2));
509 assertTrue(
510 "should contain permission == {name = "
511 + perm2.getName()
512 + "}, {action = "
513 + perm2.getActions()
514 + "}, in collection of size == 2, actual size: "
515 + (Collections.list(permissions.elements())).size(),
516 validatePermissions(permissions, perm2, 2));
517
518
519 try
520 {
521 ums.removeUser(user.getName());
522 pms.removePermission(perm1);
523 pms.removePermission(perm2);
524 }
525 catch (SecurityException sex)
526 {
527 assertTrue("could not remove user and permission. exception caught: " + sex, false);
528 }
529 }
530
531 /***
532 * <p>Test get permissions from a collection of principals.</p>
533 */
534 public void testGetPermissions()
535 {
536
537 UserPrincipal user = new UserPrincipalImpl("anon");
538 RolePrincipal role1 = new RolePrincipalImpl("anonrole1");
539 RolePrincipal role2 = new RolePrincipalImpl("anonrole2");
540 GroupPrincipal group1 = new GroupPrincipalImpl("anongroup1");
541 GroupPrincipal group2 = new GroupPrincipalImpl("anongroup2");
542 PortletPermission perm1 = new PortletPermission("anontestportlet", "view");
543 PortletPermission perm2 = new PortletPermission("anontestportlet", "view, edit");
544 PortletPermission perm3 = new PortletPermission("anontestportlet", "view, edit, secure");
545 PortletPermission perm4 = new PortletPermission("anontestportlet", "view, edit, secure, minimized");
546 try
547 {
548 ums.addUser(user.getName(), "password");
549 rms.addRole(role1.getName());
550 rms.addRole(role2.getName());
551 gms.addGroup(group1.getName());
552 gms.addGroup(group2.getName());
553 pms.addPermission(perm1);
554 pms.addPermission(perm2);
555 pms.addPermission(perm3);
556 pms.addPermission(perm4);
557 pms.grantPermission(role1, perm1);
558 pms.grantPermission(role2, perm1);
559 pms.grantPermission(role2, perm2);
560 pms.grantPermission(role2, perm3);
561 pms.grantPermission(role2, perm4);
562 pms.grantPermission(group1, perm1);
563 pms.grantPermission(group2, perm1);
564 pms.grantPermission(group2, perm2);
565 pms.grantPermission(group2, perm3);
566 pms.grantPermission(group2, perm4);
567 }
568 catch (SecurityException sex)
569 {
570 assertTrue("failed to init testGetPrincipalPermissions(), " + sex, false);
571 }
572
573 ArrayList principals = new ArrayList();
574 principals.add(user);
575 principals.add(role1);
576 principals.add(role2);
577 principals.add(group1);
578 principals.add(group2);
579 Permissions permissions = pms.getPermissions(principals);
580 assertTrue(
581 "should contain permission == {name = "
582 + perm1.getName()
583 + "}, {action = "
584 + perm1.getActions()
585 + "}, in collection of size == 4, actual size: "
586 + (Collections.list(permissions.elements())).size(),
587 validatePermissions(permissions, perm1, 4));
588 assertTrue(
589 "should contain permission == {name = "
590 + perm2.getName()
591 + "}, {action = "
592 + perm2.getActions()
593 + "}, in collection of size == 4, actual size: "
594 + (Collections.list(permissions.elements())).size(),
595 validatePermissions(permissions, perm2, 4));
596 assertTrue(
597 "should contain permission == {name = "
598 + perm3.getName()
599 + "}, {action = "
600 + perm3.getActions()
601 + "}, in collection of size == 4, actual size: "
602 + (Collections.list(permissions.elements())).size(),
603 validatePermissions(permissions, perm3, 4));
604 assertTrue(
605 "should contain permission == {name = "
606 + perm4.getName()
607 + "}, {action = "
608 + perm4.getActions()
609 + "}, in collection of size == 4, actual size: "
610 + (Collections.list(permissions.elements())).size(),
611 validatePermissions(permissions, perm4, 4));
612
613
614 try
615 {
616 ums.removeUser(user.getName());
617 pms.removePermission(perm1);
618 pms.removePermission(perm2);
619 pms.removePermission(perm3);
620 pms.removePermission(perm4);
621 }
622 catch (SecurityException sex)
623 {
624 assertTrue("could not remove user. exception caught: " + sex, false);
625 }
626 }
627
628 /***
629 * <p>Test revoke permission.</p>
630 */
631 public void testRevokePermission()
632 {
633
634 UserPrincipal user = new UserPrincipalImpl("revokepermission");
635 PortletPermission perm1 = new PortletPermission("revokepermission1", "view, edit, minimized, maximized");
636 PortletPermission perm2 = new PortletPermission("revokepermission2", "view, edit, minimized, maximized");
637 try
638 {
639 ums.addUser(user.getName(), "password");
640 pms.addPermission(perm1);
641 pms.addPermission(perm2);
642 pms.grantPermission(user, perm1);
643 pms.grantPermission(user, perm2);
644 }
645 catch (SecurityException sex)
646 {
647 assertTrue("failed to init testRevokePermission(), " + sex, false);
648 }
649 try
650 {
651 pms.revokePermission(user, perm2);
652 Permissions permCol = pms.getPermissions(user);
653 assertTrue(
654 "should only contain permission == {name = "
655 + perm1.getName()
656 + "}, {action = "
657 + perm1.getActions()
658 + "}, in collection of size == 1, actual size: "
659 + (Collections.list(permCol.elements())).size(),
660 validatePermissions(permCol, perm1, 1));
661 }
662 catch (SecurityException sex)
663 {
664 assertTrue("could not revoke permission. esception caught: " + sex, false);
665 }
666
667 try
668 {
669 ums.removeUser(user.getName());
670 pms.removePermission(perm1);
671 pms.removePermission(perm2);
672 }
673 catch (SecurityException sex)
674 {
675 assertTrue("could not remove user. exception caught: " + sex, false);
676 }
677 }
678
679 /***
680 * <p>Validate whether permission belongs to permissions and whether the permissions
681 * size equals the size provided.</p>
682 * @param permissions The permissions.
683 * @param permission The permission to validate.
684 * @param size The permissions expected size.
685 * @return
686 */
687 private boolean validatePermissions(Permissions permissions, Permission permission, int size)
688 {
689 Enumeration permissionEnums = permissions.elements();
690 boolean hasPermission = false;
691 int count = 0;
692 while (permissionEnums.hasMoreElements())
693 {
694 count++;
695 Permission enumPerm = (Permission) permissionEnums.nextElement();
696 if (enumPerm.equals(permission))
697 {
698 hasPermission = true;
699 }
700 }
701 boolean validated = ((hasPermission) && (count == size));
702 return validated;
703 }
704
705 /***
706 * <p>Destroy permission test objects.</p>
707 */
708 protected void destroyPermissions()
709 {
710 try
711 {
712
713 ums.removeUser("anon");
714 ums.removeUser("test");
715 ums.removeUser("removepermission");
716 ums.removeUser("revokepermission");
717 ums.removeUser("testgrantpermission2");
718
719 rms.removeRole("anonrole1");
720 rms.removeRole("anonrole2");
721 rms.removeRole("removepermissionrole");
722
723 gms.removeGroup("anongroup1");
724 gms.removeGroup("anongroup2");
725 }
726 catch (SecurityException sex)
727 {
728 assertTrue("could not remove user, role and group. exception caught: " + sex, false);
729 }
730
731 PortletPermission perm1 = new PortletPermission("anontestportlet", "view");
732 PortletPermission perm2 = new PortletPermission("anontestportlet", "view, edit");
733 PortletPermission perm3 = new PortletPermission("anontestportlet", "view, edit, secure");
734 PortletPermission perm4 = new PortletPermission("anontestportlet", "view, edit, secure, minimized");
735 PortletPermission perm5 = new PortletPermission("removepermission1", "view, edit, secure, minimized, maximized");
736 PortletPermission perm6 = new PortletPermission("removepermission2", "view, edit, minimized, maximized");
737 PortletPermission perm7 = new PortletPermission("revokepermission1", "view, edit, minimized, maximized");
738 PortletPermission perm8 = new PortletPermission("revokepermission2", "view, edit, minimized, maximized");
739 PortletPermission perm9 = new PortletPermission("testportlet", "view, minimized, secure");
740 try
741 {
742 pms.removePermission(perm1);
743 pms.removePermission(perm2);
744 pms.removePermission(perm3);
745 pms.removePermission(perm4);
746 pms.removePermission(perm5);
747 pms.removePermission(perm6);
748 pms.removePermission(perm7);
749 pms.removePermission(perm8);
750 pms.removePermission(perm9);
751 }
752 catch (SecurityException sex)
753 {
754 assertTrue("could not remove permissions. exception caught: " + sex, false);
755 }
756 }
757
758 public void testUpdatePermission()
759 {
760
761 RolePrincipal role1 = new RolePrincipalImpl("role1");
762 RolePrincipal role2 = new RolePrincipalImpl("role2");
763 RolePrincipal role3 = new RolePrincipalImpl("role3");
764 RolePrincipal role4 = new RolePrincipalImpl("role4");
765 PortletPermission perm1 = new PortletPermission("testportlet", "view");
766 try
767 {
768 rms.addRole(role1.getName());
769 rms.addRole(role2.getName());
770 rms.addRole(role3.getName());
771 rms.addRole(role4.getName());
772 pms.addPermission(perm1);
773 }
774 catch (SecurityException sex)
775 {
776 assertTrue("failed to init testUpdatePermission(), " + sex, false);
777 }
778
779
780 try
781 {
782 pms.grantPermission(role1, perm1);
783 pms.grantPermission(role2, perm1);
784 }
785 catch (SecurityException sex)
786 {
787 assertTrue("failed to grant on testUpdatePermission. caught exception, " + sex, false);
788 }
789
790 Collection principals = pms.getPrincipals(perm1);
791 assertTrue("principal count should be 2 ", principals.size() == 2);
792 Object [] array = (Object[])principals.toArray();
793 Arrays.sort(array, principalComparator);
794 assertTrue("element is Principal ", array[0] instanceof Principal);
795 assertTrue("first element not found ", ((Principal)array[0]).getName().equals("role1"));
796 assertTrue("second element not found ", ((Principal)array[1]).getName().equals("role2"));
797
798
799
800 try
801 {
802 Collection roles = new Vector();
803 roles.add(role1);
804 roles.add(role3);
805 roles.add(role4);
806 pms.updatePermission(perm1, roles);
807 }
808 catch (SecurityException sex)
809 {
810 assertTrue("principal does not exist. caught exception, " + sex, false);
811 }
812 principals = pms.getPrincipals(perm1);
813 assertTrue("principal count should be 3 ", principals.size() == 3);
814 array = (Object[])principals.toArray();
815 Arrays.sort(array, principalComparator);
816 assertTrue("first element should be [role1] but found ["+((Principal)array[0]).getName()+"]", ((Principal)array[0]).getName().equals("role1"));
817 assertTrue("second element not found ", ((Principal)array[1]).getName().equals("role3"));
818 assertTrue("third element not found ", ((Principal)array[2]).getName().equals("role4"));
819
820
821 try
822 {
823 rms.removeRole(role1.getName());
824 rms.removeRole(role2.getName());
825 rms.removeRole(role3.getName());
826 rms.removeRole(role4.getName());
827 pms.removePermission(perm1);
828 }
829 catch (SecurityException sex)
830 {
831 assertTrue("could not remove user and permission. exception caught: " + sex, false);
832 }
833 }
834
835 }