View Javadoc
1   package org.apache.fulcrum.security.torque.turbine;
2   
3   /*
4    * Licensed to the Apache Software Foundation (ASF) under one
5    * or more contributor license agreements.  See the NOTICE file
6    * distributed with this work for additional information
7    * regarding copyright ownership.  The ASF licenses this file
8    * to you under the Apache License, Version 2.0 (the
9    * "License"); you may not use this file except in compliance
10   * with the License.  You may obtain a copy of the License at
11   *
12   *   http://www.apache.org/licenses/LICENSE-2.0
13   *
14   * Unless required by applicable law or agreed to in writing,
15   * software distributed under the License is distributed on an
16   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17   * KIND, either express or implied.  See the License for the
18   * specific language governing permissions and limitations
19   * under the License.
20   */
21  
22  import static org.junit.jupiter.api.Assertions.assertEquals;
23  import static org.junit.jupiter.api.Assertions.assertFalse;
24  import static org.junit.jupiter.api.Assertions.assertNotNull;
25  import static org.junit.jupiter.api.Assertions.assertNull;
26  import static org.junit.jupiter.api.Assertions.assertTrue;
27  import static org.junit.jupiter.api.Assertions.fail;
28  
29  import java.sql.Connection;
30  import java.sql.SQLException;
31  
32  import org.apache.fulcrum.security.SecurityService;
33  import org.apache.fulcrum.security.UserManager;
34  import org.apache.fulcrum.security.acl.AccessControlList;
35  import org.apache.fulcrum.security.entity.Group;
36  import org.apache.fulcrum.security.entity.Role;
37  import org.apache.fulcrum.security.entity.User;
38  import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
39  import org.apache.fulcrum.security.model.turbine.TurbineModelManager;
40  import org.apache.fulcrum.security.model.turbine.entity.TurbineUser;
41  import org.apache.fulcrum.security.model.turbine.entity.TurbineUserGroupRole;
42  import org.apache.fulcrum.security.torque.HsqlDB;
43  import org.apache.fulcrum.security.torque.om.TorqueTurbineGroupPeer;
44  import org.apache.fulcrum.security.torque.om.TorqueTurbinePermissionPeer;
45  import org.apache.fulcrum.security.torque.om.TorqueTurbineRolePeer;
46  import org.apache.fulcrum.security.torque.om.TorqueTurbineRolePermissionPeer;
47  import org.apache.fulcrum.security.torque.om.TorqueTurbineUserGroupRolePeer;
48  import org.apache.fulcrum.security.torque.om.TorqueTurbineUserPeer;
49  import org.apache.fulcrum.security.util.EntityExistsException;
50  import org.apache.fulcrum.security.util.PasswordMismatchException;
51  import org.apache.fulcrum.security.util.UnknownEntityException;
52  import org.apache.fulcrum.security.util.UserSet;
53  import org.apache.fulcrum.testcontainer.BaseUnit5Test;
54  import org.apache.logging.log4j.LogManager;
55  import org.apache.logging.log4j.Logger;
56  import org.apache.torque.TorqueException;
57  import org.apache.torque.criteria.Criteria;
58  import org.apache.torque.util.Transaction;
59  import org.junit.jupiter.api.AfterEach;
60  import org.junit.jupiter.api.BeforeEach;
61  import org.junit.jupiter.api.Test;
62  
63  /**
64   * Test user with attached object (user-role-goup relationship)
65   * 
66   * @author <a href="mailto:gk@apache.org">Georg Kallidis</a>
67   * @version $Id$
68   */
69  public class TurbineUserManagerTest
70      extends BaseUnit5Test
71     
72  {
73  	
74      private User user;
75  
76      private UserManager userManager;
77  
78      private SecurityService securityService;
79  
80      private static final String TEST_GROUP = "TEST_GROUP";
81  
82      private static final String TEST_ROLE = "TEST_Role";
83  
84      private Group group;
85  
86      private Role role;
87      
88      private Logger logger = LogManager.getLogger();
89  	
90  	private static HsqlDB hsqlDB = null;
91  
92      @BeforeEach
93      public void setUp()
94      {
95          try
96          {
97              hsqlDB = new HsqlDB( "src/test/fulcrum-turbine-schema.sql" );
98              hsqlDB.addSQL( "src/test/id-table-schema.sql" );
99              hsqlDB.addSQL( "src/test/fulcrum-turbine-schema-idtable-init.sql" );
100 
101             this.setRoleFileName( "src/test/TurbineTorqueRoleConfig.xml" );
102             // we have to use declared peers
103             this.setConfigurationFileName( "src/test/TurbineTorqueComponentConfig.xml" );
104             securityService = (SecurityService) lookup( SecurityService.ROLE );
105             userManager = securityService.getUserManager();
106 
107             group = securityService.getGroupManager().getGroupInstance();
108             group.setName( TEST_GROUP );
109             securityService.getGroupManager().addGroup( group );
110             role = securityService.getRoleManager().getRoleInstance();
111             role.setName( TEST_ROLE );
112             securityService.getRoleManager().addRole( role );
113 
114         }
115         catch ( Exception e )
116         {
117             fail( e.toString() );
118         }
119     }
120 
121 
122     @AfterEach
123     public void tearDown()
124     {
125 
126         // cleanup tables
127         Connection con = null;
128         try
129         {
130             con = Transaction.begin();// "default"
131 
132             Criteria criteria = new Criteria();
133             criteria.where( TorqueTurbineUserGroupRolePeer.USER_ID, -1, Criteria.GREATER_THAN );
134 
135             TorqueTurbineUserGroupRolePeer.doDelete( criteria, con );
136 
137             criteria = new Criteria();
138             criteria.where( TorqueTurbineRolePermissionPeer.ROLE_ID, 0, Criteria.GREATER_THAN );
139             TorqueTurbineRolePermissionPeer.doDelete( criteria, con );
140 
141             criteria = new Criteria();
142             criteria.where( TorqueTurbineUserPeer.USER_ID, 0, Criteria.GREATER_THAN );
143             TorqueTurbineUserPeer.doDelete( criteria, con );
144 
145             criteria = new Criteria();
146             criteria.where( TorqueTurbineGroupPeer.GROUP_ID, 0, Criteria.GREATER_THAN );
147             TorqueTurbineGroupPeer.doDelete( criteria, con );
148 
149             criteria = new Criteria();
150             criteria.where( TorqueTurbineRolePeer.ROLE_ID, 0, Criteria.GREATER_THAN );
151             TorqueTurbineRolePeer.doDelete( criteria, con );
152 
153             criteria = new Criteria();
154             criteria.where( TorqueTurbinePermissionPeer.PERMISSION_ID, 0, Criteria.GREATER_THAN );
155             TorqueTurbinePermissionPeer.doDelete( criteria, con );
156 
157             con.commit();
158             con = null;
159         }
160         catch ( TorqueException e )
161         {
162             fail( e.toString() );
163         }
164         catch ( SQLException e )
165         {
166             if ( con != null )
167             {
168                 Transaction.safeRollback( con );
169             }
170             fail( e.toString() );
171         }
172 
173         user = null;
174         userManager = null;
175         securityService = null;
176     }
177    
178 
179     // requires default user in setup
180     @Test
181     public void testCheckExists()
182         throws Exception
183     {
184         user = userManager.getUserInstance( "Philip" );
185         userManager.addUser( user, "bobo" );
186         addDefaultGrantUserGroupRole( user );
187 
188         assertTrue( userManager.checkExists( "philip" ) );
189         assertTrue( userManager.checkExists( user ) );
190         assertFalse( userManager.checkExists( "ImaginaryFriend" ) );
191         user = userManager.getUserInstance( "ImaginaryFriend" );
192         assertFalse( userManager.checkExists( user ) );
193     }
194 
195     @Test
196     public void testCheckExistsWithString()
197         throws Exception
198     {
199         user = userManager.getUserInstance( "Philip2" );
200         userManager.addUser( user, "bobo" );
201         addDefaultGrantUserGroupRole( user );
202 
203         assertTrue( userManager.checkExists( "philip2" ) );
204         assertTrue( userManager.checkExists( user.getName() ) );
205         assertFalse( userManager.checkExists( "ImaginaryFriend2" ) );
206         user = userManager.getUserInstance( "ImaginaryFriend2" );
207         assertFalse( userManager.checkExists( user.getName() ) );
208     }
209 
210     /*
211      * Class to test for User retrieve(String)
212      */
213     @Test
214     public void testGetUserString()
215         throws Exception
216     {
217         user = userManager.getUserInstance( "QuietMike" );
218         userManager.addUser( user, "bobo" );
219         addDefaultGrantUserGroupRole( user );
220 
221         user = userManager.getUser( "QuietMike" );
222         assertNotNull( user );
223     }
224 
225     @Test
226     public void testGetUserById()
227         throws Exception
228     {
229         user = userManager.getUserInstance( "QuietMike2" );
230         userManager.addUser( user, "bobo" );
231         User user2 = userManager.getUserById( user.getId() );
232         assertEquals( user.getName(), user2.getName() );
233         assertEquals( user.getId(), user2.getId() );
234     }
235 
236     /*
237      * Class to test for User retrieve(String, String)
238      */
239     @Test
240     public void testGetUserStringString()
241         throws Exception
242     {
243         user = userManager.getUserInstance( "Richard" );
244         userManager.addUser( user, "va" );
245 
246         addDefaultGrantUserGroupRole( user );
247 
248         user = userManager.getUser( "Richard", "va" );
249         assertNotNull( user );
250         user = userManager.getUser( "richard", "va" );
251         assertNotNull( user );
252         try
253         {
254             user = userManager.getUser( "richard", "VA" );
255             fail( "should have thrown PasswordMismatchException" );
256         }
257         catch ( PasswordMismatchException pme )
258         {
259             // good
260         }
261     }
262 
263     @Test
264     public void testGetAllUsers()
265         throws Exception
266     {
267         int size = userManager.getAllUsers().size();
268         user = userManager.getUserInstance( "Bob" );
269         userManager.addUser( user, "" );
270         addDefaultGrantUserGroupRole( user );
271 
272         UserSet<User> userSet = userManager.getAllUsers();
273         assertEquals( size + 1, userSet.size() );
274     }
275 
276     @Test
277     public void testAuthenticate()
278         throws Exception
279     {
280         user = userManager.getUserInstance( "Kay" );
281         userManager.addUser( user, "jc" );
282         addDefaultGrantUserGroupRole( user );
283         userManager.authenticate( user, "jc" );
284         try
285         {
286             userManager.authenticate( user, "JC" );
287             fail( "should have thrown PasswordMismatchException" );
288         }
289         catch ( PasswordMismatchException pme )
290         {
291             // good
292         }
293     }
294 
295     @Test
296     public void testChangePassword()
297         throws Exception
298     {
299         user = userManager.getUserInstance( "Jonathan" );
300         userManager.addUser( user, "jc" );
301         addDefaultGrantUserGroupRole( user );
302         try
303         {
304             userManager.changePassword( user, "WrongPWD", "JC" );
305             fail( "should have thrown PasswordMismatchException" );
306         }
307         catch ( PasswordMismatchException pme )
308         {
309             // good
310         }
311         userManager.changePassword( user, "jc", "JC" );
312         userManager.authenticate( user, "JC" );
313     }
314 
315     @Test
316     public void testForcePassword()
317         throws Exception
318     {
319         user = userManager.getUserInstance( "Connor" );
320         userManager.addUser( user, "jc_subset" );
321         addDefaultGrantUserGroupRole( user );
322 
323         userManager.forcePassword( user, "JC_SUBSET" );
324         userManager.authenticate( user, "JC_SUBSET" );
325     }
326 
327     /*
328      * Class to test for User getUserInstance()
329      */
330     @Test
331     public void testGetUserInstance()
332         throws Exception
333     {
334         user = userManager.getUserInstance();
335         assertNotNull( user );
336         assertTrue( user.getName() == null );
337     }
338 
339     /*
340      * Class to test for User getUserInstance(String)
341      */
342     @Test
343     public void testGetUserInstanceString()
344         throws Exception
345     {
346         user = userManager.getUserInstance( "Philip" );
347         assertEquals( "philip", user.getName() );
348     }
349 
350     /**
351      * Need to figure out if save is something we want.. right now it just bloes up if you actually change anything.
352      * 
353      * @todo figur out what to do here...
354      * @throws Exception
355      */
356     @Test
357     public void testSaveUser()
358         throws Exception
359     {
360         user = userManager.getUserInstance( "Kate" );
361         userManager.addUser( user, "katiedid" );
362 
363         addDefaultGrantUserGroupRole( user );
364 
365         user = userManager.getUser( user.getName() );
366         // user.setName("Katherine");
367         userManager.saveUser( user );
368         assertEquals( "kate", userManager.getUser( user.getName() ).getName() );
369     }
370 
371     @Test
372     public void testGetACL()
373         throws Exception
374     {
375         user = userManager.getUserInstance( "Tony" );
376         userManager.addUser( user, "california" );
377         addDefaultGrantUserGroupRole( user );
378 
379         AccessControlList acl = userManager.getACL( user );
380 
381         assertNotNull( acl );
382 
383         Role testRole = securityService.getRoleManager().getRoleByName( TEST_ROLE );
384         Group testGroup = securityService.getGroupManager().getGroupByName( TEST_GROUP );
385         assertTrue( ( (TurbineAccessControlList) acl ).hasRole( testRole, testGroup ) );
386 
387         Group globalGroup = securityService.<TurbineModelManager> getModelManager().getGlobalGroup();
388         securityService.<TurbineModelManager> getModelManager().grant( user, globalGroup, testRole );
389         // immutable
390         acl = userManager.getACL( user );
391 
392         assertTrue( ( (TurbineAccessControlList) acl ).hasRole( testRole ) );
393     }
394 
395     @Test
396     public void testRemoveUser()
397         throws Exception
398     {
399         user = userManager.getUserInstance( "Rick" );
400         userManager.addUser( user, "nb" );
401         addDefaultGrantUserGroupRole( user );
402         // required
403         revokeDefaultGrantUserGroupRole( user );
404         userManager.removeUser( user );
405         try
406         {
407             User user2 = userManager.getUser( user.getName() );
408             fail( "Should have thrown UEE" );
409         }
410         catch ( UnknownEntityException uee )
411         {
412             // good
413         }
414     }
415 
416     @Test
417     public void testAddUser()
418         throws Exception
419     {
420         user = userManager.getUserInstance( "Joe1" );
421         assertNull( user.getId() );
422         userManager.addUser( user, "mc" );
423         addDefaultGrantUserGroupRole( user );
424         user = userManager.getUserInstance( "Joe2" );
425         assertNull( user.getId() );
426         userManager.addUser( user, "mc" );
427         assertNotNull( user.getId() );
428         assertNotNull( userManager.getUser( user.getName() ) );
429     }
430 
431     /*
432      * Class to test for boolean checkExists(string)
433      */
434     public void testAddUserTwiceFails()
435         throws Exception
436     {
437         user = userManager.getUserInstance( "EATLUNCH" );
438         userManager.addUser( user, "bob" );
439         addDefaultGrantUserGroupRole( user );
440         assertTrue( userManager.checkExists( user.getName() ) );
441         User user2 = userManager.getUserInstance( "EATLUNCH" );
442         try
443         {
444             userManager.addUser( user2, "bob" );
445         }
446         catch ( EntityExistsException uee )
447         {
448             // good
449         }
450         try
451         {
452             userManager.addUser( user2, "differentpassword" );
453         }
454         catch ( EntityExistsException uee )
455         {
456             // good
457         }
458     }
459 
460     @Test
461     public void testCheckUserCaseSensitiveExists()
462         throws Exception
463     {
464         user = userManager.getUserInstance( "borrisJohnson" );
465         userManager.addUser( user, "bob" );
466 
467         assertTrue( userManager.checkExists( "borrisJohnson" ) );
468     }
469 
470     private void addDefaultGrantUserGroupRole( User user )
471         throws Exception
472     {
473         securityService.<TurbineModelManager> getModelManager().grant( user, group, role );
474         boolean ugrFound = false;
475         TurbineUserGroupRole ugrTest = null;
476         for ( TurbineUserGroupRole ugr : ( (TurbineUser) user ).getUserGroupRoleSet() )
477         {
478             if ( ugr.getUser().equals( user ) && ugr.getGroup().equals( group ) && ugr.getRole().equals( role ) )
479             {
480                 ugrFound = true;
481                 ugrTest = ugr;
482                 break;
483             }
484         }
485         assertTrue( ugrFound );
486         assertTrue( ugrTest.getGroup().equals( group ) );
487         assertTrue( ugrTest.getUser().equals( user ) );
488     }
489 
490     private void revokeDefaultGrantUserGroupRole( User user )
491         throws Exception
492     {
493         securityService.<TurbineModelManager> getModelManager().revoke( user, group, role );
494         boolean ugrFound = false;
495         for ( TurbineUserGroupRole ugr : ( (TurbineUser) user ).getUserGroupRoleSet() )
496         {
497             if ( ugr.getUser().equals( user ) && ugr.getGroup().equals( group ) && ugr.getRole().equals( role ) )
498             {
499                 ugrFound = true;
500                 break;
501             }
502         }
503         ;
504         assertFalse( ugrFound );
505     }
506 
507 }