1 package org.apache.fulcrum.security.torque.turbine;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import static org.junit.jupiter.api.Assertions.assertEquals;
23 import static org.junit.jupiter.api.Assertions.assertFalse;
24 import static org.junit.jupiter.api.Assertions.assertNotNull;
25 import static org.junit.jupiter.api.Assertions.assertNull;
26 import static org.junit.jupiter.api.Assertions.assertTrue;
27 import static org.junit.jupiter.api.Assertions.fail;
28
29 import java.sql.Connection;
30 import java.sql.SQLException;
31
32 import org.apache.fulcrum.security.SecurityService;
33 import org.apache.fulcrum.security.UserManager;
34 import org.apache.fulcrum.security.acl.AccessControlList;
35 import org.apache.fulcrum.security.entity.Group;
36 import org.apache.fulcrum.security.entity.Role;
37 import org.apache.fulcrum.security.entity.User;
38 import org.apache.fulcrum.security.model.test.AbstractUserManagerTest;
39 import org.apache.fulcrum.security.model.turbine.TurbineAccessControlList;
40 import org.apache.fulcrum.security.model.turbine.TurbineModelManager;
41 import org.apache.fulcrum.security.model.turbine.entity.TurbineUser;
42 import org.apache.fulcrum.security.model.turbine.entity.TurbineUserGroupRole;
43 import org.apache.fulcrum.security.torque.HsqlDB;
44 import org.apache.fulcrum.security.torque.om.TurbineGroupPeer;
45 import org.apache.fulcrum.security.torque.om.TurbinePermissionPeer;
46 import org.apache.fulcrum.security.torque.om.TurbineRolePeer;
47 import org.apache.fulcrum.security.torque.om.TurbineRolePermissionPeer;
48 import org.apache.fulcrum.security.torque.om.TurbineUserPeer;
49 import org.apache.fulcrum.security.util.DataBackendException;
50 import org.apache.fulcrum.security.util.EntityExistsException;
51 import org.apache.fulcrum.security.util.PasswordMismatchException;
52 import org.apache.fulcrum.security.util.UnknownEntityException;
53 import org.apache.fulcrum.security.util.UserSet;
54 import org.apache.fulcrum.testcontainer.BaseUnit5Test;
55 import org.apache.logging.log4j.LogManager;
56 import org.apache.logging.log4j.Logger;
57 import org.apache.torque.TorqueException;
58 import org.apache.torque.criteria.Criteria;
59 import org.apache.torque.util.Transaction;
60 import org.junit.jupiter.api.AfterEach;
61 import org.junit.jupiter.api.Assertions;
62 import org.junit.jupiter.api.BeforeEach;
63 import org.junit.jupiter.api.Test;
64
65
66
67
68
69
70 public class TurbineUserManagerWithDefaultPeerLazyTest
71 extends BaseUnit5Test
72 {
73 protected User user;
74
75 protected UserManager userManager;
76
77 protected SecurityService securityService;
78
79 protected static final String TEST_GROUP = "TEST_GROUP";
80
81 private static final String TEST_ROLE = "TEST_Role";
82
83 private Group group;
84
85 private Role role;
86
87 private Logger logger = LogManager.getLogger();
88
89 private static HsqlDB hsqlDB = null;
90
91 @BeforeEach
92 public void setUp()
93 {
94 try
95 {
96 hsqlDB = new HsqlDB( "src/test/fulcrum-turbine-default-schema.sql" );
97
98 this.setRoleFileName( "src/test/TurbineTorqueRoleConfig.xml" );
99
100 this.setConfigurationFileName( "src/test/TurbineDefaultLazyWithPeersComponentConfig.xml" );
101 securityService = (SecurityService) lookup( SecurityService.ROLE );
102 userManager = securityService.getUserManager();
103
104 group = securityService.getGroupManager().getGroupInstance();
105 group.setName( "TEST_GROUP" );
106 securityService.getGroupManager().addGroup( group );
107 role = securityService.getRoleManager().getRoleInstance();
108 role.setName( "TEST_Role" );
109 securityService.getRoleManager().addRole( role );
110
111 }
112 catch ( Exception e )
113 {
114 fail( e.toString() );
115 }
116 }
117
118 @Override
119 @AfterEach
120 public void tearDown()
121 {
122
123
124 Connection con = null;
125 try
126 {
127 con = Transaction.begin();
128
129 Criteria criteria = new Criteria();
130
131
132
133 if ( user != null )
134 {
135 try
136 {
137 securityService.<TurbineModelManager> getModelManager().revokeAll( user );
138 }
139 catch ( DataBackendException e )
140 {
141 e.printStackTrace();
142 fail();
143 }
144 catch ( UnknownEntityException e )
145 {
146
147 }
148 }
149
150 criteria = new Criteria();
151 criteria.where( TurbineRolePermissionPeer.ROLE_ID, 0, Criteria.GREATER_THAN );
152 TurbineRolePermissionPeer.doDelete( criteria, con );
153
154 criteria = new Criteria();
155 criteria.where( TurbineUserPeer.USER_ID, 0, Criteria.GREATER_THAN );
156 TurbineUserPeer.doDelete( criteria, con );
157
158 criteria = new Criteria();
159 criteria.where( TurbineGroupPeer.GROUP_ID, 0, Criteria.GREATER_THAN );
160 TurbineGroupPeer.doDelete( criteria, con );
161
162 criteria = new Criteria();
163 criteria.where( TurbineRolePeer.ROLE_ID, 0, Criteria.GREATER_THAN );
164 TurbineRolePeer.doDelete( criteria, con );
165
166 criteria = new Criteria();
167 criteria.where( TurbinePermissionPeer.PERMISSION_ID, 0, Criteria.GREATER_THAN );
168 TurbinePermissionPeer.doDelete( criteria, con );
169
170 con.commit();
171 con = null;
172 }
173 catch ( TorqueException e )
174 {
175 fail( e.toString() );
176 }
177 catch ( SQLException e )
178 {
179 if ( con != null )
180 {
181 Transaction.safeRollback( con );
182 }
183 fail( e.toString() );
184 }
185
186 user = null;
187 userManager = null;
188 securityService = null;
189 }
190
191
192
193
194 @Test
195 public void testCheckExists()
196 throws Exception
197 {
198 user = userManager.getUserInstance( "Philip" );
199 userManager.addUser( user, "bobo" );
200 addDefaultGrantUserGroupRole( user );
201
202 assertTrue( userManager.checkExists( "philip" ) );
203 assertTrue( userManager.checkExists( user ) );
204 assertFalse( userManager.checkExists( "ImaginaryFriend" ) );
205 user = userManager.getUserInstance( "ImaginaryFriend" );
206 assertFalse( userManager.checkExists( user ) );
207 }
208
209 @Test
210 public void testCheckExistsWithString()
211 throws Exception
212 {
213 user = userManager.getUserInstance( "Philip2" );
214 userManager.addUser( user, "bobo" );
215 addDefaultGrantUserGroupRole( user );
216
217 assertTrue( userManager.checkExists( "philip2" ) );
218 assertTrue( userManager.checkExists( user.getName() ) );
219 assertFalse( userManager.checkExists( "ImaginaryFriend2" ) );
220 user = userManager.getUserInstance( "ImaginaryFriend2" );
221 assertFalse( userManager.checkExists( user.getName() ) );
222 }
223
224
225
226
227 @Test
228 public void testGetUserString()
229 throws Exception
230 {
231 user = userManager.getUserInstance( "QuietMike" );
232 userManager.addUser( user, "bobo" );
233 addDefaultGrantUserGroupRole( user );
234
235 user = userManager.getUser( "QuietMike" );
236 Assertions.assertNotNull( user );
237 }
238
239 @Test
240 public void testGetUserById()
241 throws Exception
242 {
243 user = userManager.getUserInstance( "QuietMike2" );
244 userManager.addUser( user, "bobo" );
245 User user2 = userManager.getUserById( user.getId() );
246 assertEquals( user.getName(), user2.getName() );
247 assertEquals( user.getId(), user2.getId() );
248 }
249
250
251
252
253 @Test
254 public void testGetUserStringString()
255 throws Exception
256 {
257 user = userManager.getUserInstance( "Richard" );
258 userManager.addUser( user, "va" );
259
260 addDefaultGrantUserGroupRole( user );
261
262 user = userManager.getUser( "Richard", "va" );
263 Assertions.assertNotNull( user );
264 user = userManager.getUser( "richard", "va" );
265 assertNotNull( user );
266 try
267 {
268 user = userManager.getUser( "richard", "VA" );
269 fail( "should have thrown PasswordMismatchException" );
270 }
271 catch ( PasswordMismatchException pme )
272 {
273
274 }
275 }
276
277 @Test
278 public void testGetAllUsers()
279 throws Exception
280 {
281 int size = userManager.getAllUsers().size();
282 user = userManager.getUserInstance( "Bob" );
283 userManager.addUser( user, "" );
284 addDefaultGrantUserGroupRole( user );
285
286 UserSet<User> userSet = userManager.getAllUsers();
287 assertEquals( size + 1, userSet.size() );
288 }
289
290 @Test
291 public void testAuthenticate()
292 throws Exception
293 {
294 user = userManager.getUserInstance( "Kay" );
295 userManager.addUser( user, "jc" );
296 addDefaultGrantUserGroupRole( user );
297 userManager.authenticate( user, "jc" );
298 try
299 {
300 userManager.authenticate( user, "JC" );
301 fail( "should have thrown PasswordMismatchException" );
302 }
303 catch ( PasswordMismatchException pme )
304 {
305
306 }
307 }
308
309 @Test
310 public void testChangePassword()
311 throws Exception
312 {
313 user = userManager.getUserInstance( "Jonathan" );
314 userManager.addUser( user, "jc" );
315 addDefaultGrantUserGroupRole( user );
316 try
317 {
318 userManager.changePassword( user, "WrongPWD", "JC" );
319 fail( "should have thrown PasswordMismatchException" );
320 }
321 catch ( PasswordMismatchException pme )
322 {
323
324 }
325 userManager.changePassword( user, "jc", "JC" );
326 userManager.authenticate( user, "JC" );
327 }
328
329 @Test
330 public void testForcePassword()
331 throws Exception
332 {
333 user = userManager.getUserInstance( "Connor" );
334 userManager.addUser( user, "jc_subset" );
335 addDefaultGrantUserGroupRole( user );
336
337 userManager.forcePassword( user, "JC_SUBSET" );
338 userManager.authenticate( user, "JC_SUBSET" );
339 }
340
341
342
343
344 @Test
345 public void testGetUserInstance()
346 throws Exception
347 {
348 user = userManager.getUserInstance();
349 assertNotNull( user );
350 assertTrue( user.getName() == null );
351 }
352
353
354
355
356 @Test
357 public void testGetUserInstanceString()
358 throws Exception
359 {
360 user = userManager.getUserInstance( "Philip" );
361 assertEquals( "philip", user.getName() );
362 }
363
364
365
366
367
368
369
370 @Test
371 public void testSaveUser()
372 throws Exception
373 {
374 user = userManager.getUserInstance( "Kate" );
375 userManager.addUser( user, "katiedid" );
376
377 addDefaultGrantUserGroupRole( user );
378
379 user = userManager.getUser( user.getName() );
380
381 userManager.saveUser( user );
382 assertEquals( "kate", userManager.getUser( user.getName() ).getName() );
383 }
384
385 @Test
386 public void testGetACL()
387 throws Exception
388 {
389 user = userManager.getUserInstance( "Tony" );
390 userManager.addUser( user, "california" );
391 addDefaultGrantUserGroupRole( user );
392
393 AccessControlList acl = userManager.getACL( user );
394
395 assertNotNull( acl );
396
397 Role testRole = securityService.getRoleManager().getRoleByName( TEST_ROLE );
398 Group testGroup = securityService.getGroupManager().getGroupByName( TEST_GROUP );
399 assertTrue( ( (TurbineAccessControlList) acl ).hasRole( testRole, testGroup ) );
400
401 Group globalGroup = securityService.<TurbineModelManager> getModelManager().getGlobalGroup();
402 securityService.<TurbineModelManager> getModelManager().grant( user, globalGroup, testRole );
403
404 acl = userManager.getACL( user );
405
406 assertTrue( ( (TurbineAccessControlList) acl ).hasRole( testRole ) );
407 }
408
409 @Test
410 public void testRemoveUser()
411 throws Exception
412 {
413 user = userManager.getUserInstance( "Rick" );
414 userManager.addUser( user, "nb" );
415 addDefaultGrantUserGroupRole( user );
416
417 revokeDefaultGrantUserGroupRole( user );
418 userManager.removeUser( user );
419 try
420 {
421 User user2 = userManager.getUser( user.getName() );
422 fail( "Should have thrown UEE" );
423 }
424 catch ( UnknownEntityException uee )
425 {
426
427 }
428 }
429
430 @Test
431 public void testAddUser()
432 throws Exception
433 {
434 user = userManager.getUserInstance( "Joe1" );
435 assertNull( user.getId() );
436 userManager.addUser( user, "mc" );
437 addDefaultGrantUserGroupRole( user );
438 user = userManager.getUserInstance( "Joe2" );
439 assertNull( user.getId() );
440 userManager.addUser( user, "mc" );
441 assertNotNull( user.getId() );
442 assertNotNull( userManager.getUser( user.getName() ) );
443 }
444
445
446
447
448 public void testAddUserTwiceFails()
449 throws Exception
450 {
451 user = userManager.getUserInstance( "EATLUNCH" );
452 userManager.addUser( user, "bob" );
453 addDefaultGrantUserGroupRole( user );
454 assertTrue( userManager.checkExists( user.getName() ) );
455 User user2 = userManager.getUserInstance( "EATLUNCH" );
456 try
457 {
458 userManager.addUser( user2, "bob" );
459 }
460 catch ( EntityExistsException uee )
461 {
462
463 }
464 try
465 {
466 userManager.addUser( user2, "differentpassword" );
467 }
468 catch ( EntityExistsException uee )
469 {
470
471 }
472 }
473
474 @Test
475 public void testCheckUserCaseSensitiveExists()
476 throws Exception
477 {
478 user = userManager.getUserInstance( "borrisJohnson" );
479 userManager.addUser( user, "bob" );
480
481 assertTrue( userManager.checkExists( "borrisJohnson" ) );
482 }
483
484 private void addDefaultGrantUserGroupRole( User user )
485 throws Exception
486 {
487 securityService.<TurbineModelManager> getModelManager().grant( user, group, role );
488 boolean ugrFound = false;
489 TurbineUserGroupRole ugrTest = null;
490 for ( TurbineUserGroupRole ugr : ( (TurbineUser) user ).getUserGroupRoleSet() )
491 {
492 if ( ugr.getUser().equals( user ) && ugr.getGroup().equals( group ) && ugr.getRole().equals( role ) )
493 {
494 ugrFound = true;
495 ugrTest = ugr;
496 break;
497 }
498 }
499 assertTrue( ugrFound );
500 assertTrue( ugrTest.getGroup().equals( group ) );
501 assertTrue( ugrTest.getUser().equals( user ) );
502 }
503
504 private void revokeDefaultGrantUserGroupRole( User user )
505 throws Exception
506 {
507 securityService.<TurbineModelManager> getModelManager().revoke( user, group, role );
508 boolean ugrFound = false;
509 for ( TurbineUserGroupRole ugr : ( (TurbineUser) user ).getUserGroupRoleSet() )
510 {
511 if ( ugr.getUser().equals( user ) && ugr.getGroup().equals( group ) && ugr.getRole().equals( role ) )
512 {
513 ugrFound = true;
514 break;
515 }
516 }
517 ;
518 assertFalse( ugrFound );
519 }
520
521 }