HttpMethodPermissionFilterTest xref


1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.shiro.web.filter.authz;
20  
21  import junit.framework.Assert;
22  import org.junit.Test;
23  
24  
25  public class HttpMethodPermissionFilterTest {
26  
27      @Test
28      public void testPermisisonMapping() {
29          // Testing the isAccessAllowed would be easier, but would need to mock out the servlet request
30  
31          HttpMethodPermissionFilter filter = new HttpMethodPermissionFilter();
32  
33          String[] permsBefore = {"foo", "bar"};
34  
35          String[] permsAfter = filter.buildPermissions(permsBefore, filter.getHttpMethodAction("get"));
36          Assert.assertEquals(2, permsAfter.length);
37          Assert.assertEquals("foo:read", permsAfter[0]);
38          Assert.assertEquals("bar:read", permsAfter[1]);
39  
40          Assert.assertEquals("foo:read", filter.buildPermissions(permsBefore, filter.getHttpMethodAction("head"))[0]);
41          Assert.assertEquals("foo:update", filter.buildPermissions(permsBefore, filter.getHttpMethodAction("put"))[0]);
42          Assert.assertEquals("foo:create", filter.buildPermissions(permsBefore, filter.getHttpMethodAction("post"))[0]);
43          Assert.assertEquals("foo:create", filter.buildPermissions(permsBefore, filter.getHttpMethodAction("mkcol"))[0]);
44          Assert.assertEquals("foo:delete", filter.buildPermissions(permsBefore, filter.getHttpMethodAction("delete"))[0]);
45          Assert.assertEquals("foo:read", filter.buildPermissions(permsBefore, filter.getHttpMethodAction("options"))[0]);
46          Assert.assertEquals("foo:read", filter.buildPermissions(permsBefore, filter.getHttpMethodAction("trace"))[0]);
47      }
48  }