1   /*
2    *   @(#) $Id: RelatedUserClassFilterTest.java 292666 2005-09-30 07:54:28Z trustin $
3    *
4    *   Copyright 2004 The Apache Software Foundation
5    *
6    *   Licensed under the Apache License, Version 2.0 (the "License");
7    *   you may not use this file except in compliance with the License.
8    *   You may obtain a copy of the License at
9    *
10   *       http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *   Unless required by applicable law or agreed to in writing, software
13   *   distributed under the License is distributed on an "AS IS" BASIS,
14   *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   *   See the License for the specific language governing permissions and
16   *   limitations under the License.
17   *
18   */
19  package org.apache.ldap.server.authz.support;
20  
21  import java.util.ArrayList;
22  import java.util.Collection;
23  import java.util.Collections;
24  import java.util.HashSet;
25  import java.util.Set;
26  
27  import javax.naming.Name;
28  import javax.naming.NamingException;
29  
30  import junit.framework.Assert;
31  import junit.framework.TestCase;
32  
33  import org.apache.ldap.common.aci.ACITuple;
34  import org.apache.ldap.common.aci.AuthenticationLevel;
35  import org.apache.ldap.common.aci.UserClass;
36  import org.apache.ldap.common.name.LdapName;
37  import org.apache.ldap.server.subtree.SubtreeEvaluator;
38  
39  /***
40   * Tests {@link RelatedUserClassFilter}.
41   *
42   * @author The Apache Directory Project
43   * @version $Rev: 292666 $, $Date: 2005-09-30 03:54:28 -0400 (Fri, 30 Sep 2005) $
44   */
45  public class RelatedUserClassFilterTest extends TestCase
46  {
47      private static final Collection EMPTY_COLLECTION =
48          Collections.unmodifiableCollection( new ArrayList() );
49      private static final Set EMPTY_SET =
50          Collections.unmodifiableSet( new HashSet() );
51      
52      private static final Name GROUP_NAME;
53      private static final Name USER_NAME;
54      private static final Set USER_NAMES = new HashSet();
55      private static final Set GROUP_NAMES = new HashSet();
56      
57      private static final SubtreeEvaluator SUBTREE_EVALUATOR = new SubtreeEvaluator( new DummyOidRegistry() );
58  
59      private static final RelatedUserClassFilter filter = new RelatedUserClassFilter( SUBTREE_EVALUATOR );
60      
61      static
62      {
63          try
64          {
65              GROUP_NAME = new LdapName( "ou=test,ou=groups,ou=system" );
66              USER_NAME = new LdapName( "ou=test, ou=users, ou=system" );
67          }
68          catch( NamingException e )
69          {
70              throw new Error();
71          }
72  
73          USER_NAMES.add( USER_NAME );
74          GROUP_NAMES.add( GROUP_NAME );
75      }
76      
77      public void testZeroTuple() throws Exception
78      {
79          Assert.assertEquals(
80                  0, filter.filter(
81                          EMPTY_COLLECTION, OperationScope.ATTRIBUTE_TYPE_AND_VALUE,
82                          null, null, null, null, null, null, null, null, null, null ).size() );
83      }
84      
85      public void testAllUsers() throws Exception
86      {
87          Collection tuples = getTuples( UserClass.ALL_USERS );
88          
89          Assert.assertEquals(
90                  1, filter.filter(
91                          tuples, OperationScope.ENTRY, null, null, null,
92                          null, AuthenticationLevel.NONE, null, null, null, null, null ).size() );
93      }
94      
95      public void testThisEntry() throws Exception
96      {
97          Collection tuples = getTuples( UserClass.THIS_ENTRY );
98          
99          Assert.assertEquals(
100                 1, filter.filter(
101                         tuples, OperationScope.ENTRY, null, null, USER_NAME,
102                         null, AuthenticationLevel.NONE, USER_NAME,
103                         null, null, null, null ).size() );  
104         Assert.assertEquals(
105                 0, filter.filter(
106                         tuples, OperationScope.ENTRY, null, null, USER_NAME,
107                         null, AuthenticationLevel.NONE, new LdapName( "ou=unrelated" ),
108                         null, null, null, null ).size() );  
109     }
110     
111     public void testName() throws Exception
112     {
113         Collection tuples = getTuples( new UserClass.Name( USER_NAMES ) );
114         Assert.assertEquals(
115                 1, filter.filter(
116                         tuples, OperationScope.ENTRY, null, null, USER_NAME,
117                         null, AuthenticationLevel.NONE, null,
118                         null, null, null, null ).size() );  
119         Assert.assertEquals(
120                 0, filter.filter(
121                         tuples, OperationScope.ENTRY, null, null, new LdapName( "ou=unrelateduser, ou=users" ),
122                         null, AuthenticationLevel.NONE, USER_NAME,
123                         null, null, null, null ).size() );  
124     }
125     
126     public void testUserGroup() throws Exception
127     {
128         Collection tuples = getTuples( new UserClass.UserGroup( GROUP_NAMES ) );
129         Assert.assertEquals(
130                 1, filter.filter(
131                         tuples, OperationScope.ENTRY, null, GROUP_NAMES, USER_NAME,
132                         null, AuthenticationLevel.NONE, null,
133                         null, null, null, null ).size() );  
134         
135         Set wrongGroupNames = new HashSet();
136         wrongGroupNames.add( new LdapName( "ou=unrelatedgroup" ) );
137         
138         Assert.assertEquals(
139                 0, filter.filter(
140                         tuples, OperationScope.ENTRY, null, wrongGroupNames, USER_NAME,
141                         null, AuthenticationLevel.NONE, USER_NAME,
142                         null, null, null, null ).size() );  
143     }
144     
145     public void testSubtree() throws Exception
146     {
147         // TODO Don't know how to test yet.
148     }
149     
150     public void testAuthenticationLevel() throws Exception
151     {
152         Collection tuples = getTuples( AuthenticationLevel.SIMPLE, true );
153         
154         Assert.assertEquals(
155                 1, filter.filter(
156                         tuples, OperationScope.ENTRY, null, null, null,
157                         null, AuthenticationLevel.STRONG, null, null, null, null, null ).size() );
158         Assert.assertEquals(
159                 1, filter.filter(
160                         tuples, OperationScope.ENTRY, null, null, null,
161                         null, AuthenticationLevel.SIMPLE, null, null, null, null, null ).size() );
162         Assert.assertEquals(
163                 0, filter.filter(
164                         tuples, OperationScope.ENTRY, null, null, null,
165                         null, AuthenticationLevel.NONE, null, null, null, null, null ).size() );
166         
167         tuples = getTuples( AuthenticationLevel.SIMPLE, false );
168         
169         Assert.assertEquals(
170                 1, filter.filter(
171                         tuples, OperationScope.ENTRY, null, null, null,
172                         null, AuthenticationLevel.NONE, null, null, null, null, null ).size() );
173 
174         Assert.assertEquals(
175                 0, filter.filter(
176                         tuples, OperationScope.ENTRY, null, null, null,
177                         null, AuthenticationLevel.STRONG, null, null, null, null, null ).size() );
178 
179         tuples = getTuples( AuthenticationLevel.SIMPLE, false );
180 
181         Assert.assertEquals(
182                 0, filter.filter(
183                         tuples, OperationScope.ENTRY, null, null, null,
184                         null, AuthenticationLevel.SIMPLE, null, null, null, null, null ).size() );
185     }
186 
187     private static Collection getTuples( UserClass userClass )
188     {
189         Collection classes = new ArrayList();
190         classes.add( userClass );
191         
192         Collection tuples = new ArrayList();
193         tuples.add( new ACITuple(
194                 classes, AuthenticationLevel.NONE, EMPTY_COLLECTION,
195                 EMPTY_SET, true, 0 ) );
196         
197         return tuples;
198     }
199     
200     private static Collection getTuples( AuthenticationLevel level, boolean grant )
201     {
202         Collection classes = new ArrayList();
203         if( grant )
204         {
205             classes.add( UserClass.ALL_USERS );
206         }
207         else
208         {
209             Set names = new HashSet();
210             try
211             {
212                 names.add( new LdapName( "dummy=dummy" ) );
213             }
214             catch( NamingException e )
215             {
216                 throw new Error();
217             }
218 
219             classes.add( new UserClass.Name( names ) );
220         }
221         
222         Collection tuples = new ArrayList();
223         tuples.add( new ACITuple(
224                 classes, level, EMPTY_COLLECTION,
225                 EMPTY_SET, grant, 0 ) );
226         
227         return tuples;
228     }
229 }