1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.audit;
18
19 import java.sql.Connection;
20 import java.sql.PreparedStatement;
21 import java.sql.ResultSet;
22 import java.sql.SQLException;
23
24 import junit.framework.Test;
25 import junit.framework.TestSuite;
26
27 import org.apache.jetspeed.audit.impl.ActivityBean;
28 import org.apache.jetspeed.components.util.DatasourceEnabledSpringTestCase;
29
30 /***
31 * Test Audit Activity
32 *
33 * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
34 * @version $Id: $
35 */
36 public class TestAuditActivity extends DatasourceEnabledSpringTestCase
37 {
38
39 private AuditActivity audit = null;
40
41
42
43
44
45
46 protected void tearDown() throws Exception
47 {
48 ctx.close();
49 super.tearDown();
50 }
51
52 /***
53 * Start the tests.
54 *
55 * @param args
56 * the arguments. Not used
57 */
58 public static void main(String args[])
59 {
60 junit.awtui.TestRunner.main(new String[]
61 { TestAuditActivity.class.getName()});
62
63 }
64
65 protected void setUp() throws Exception
66 {
67 super.setUp();
68
69 this.audit = (AuditActivity) ctx.getBean("org.apache.jetspeed.audit.AuditActivity");
70 assertNotNull("audit activity service not found ", this.audit);
71 }
72
73 public void clearDBs()
74 {
75 try
76 {
77 Connection con = audit.getDataSource().getConnection();
78
79 PreparedStatement psmt = con
80 .prepareStatement("DELETE FROM ADMIN_ACTIVITY");
81 psmt.execute();
82 psmt.close();
83 psmt = con.prepareStatement("DELETE FROM USER_ACTIVITY");
84 psmt.execute();
85 psmt.close();
86 if (con != null) con.close();
87 } catch (SQLException e)
88 {
89 fail("problem with database connection:" + e.toString());
90 }
91 }
92
93 public int count(String query)
94 {
95 int val = -1;
96 try
97 {
98 Connection con = audit.getDataSource().getConnection();
99
100 PreparedStatement psmt = con.prepareStatement(query);
101 ResultSet rs = psmt.executeQuery();
102
103 if (rs.next())
104 {
105 val = rs.getInt(1);
106 }
107 psmt.close();
108 if (con != null) con.close();
109 } catch (SQLException e)
110 {
111 fail("problem with database connection:" + e.toString());
112 }
113 return val;
114 }
115
116 public int countAdminActivity()
117 {
118 return count("SELECT count(*) from ADMIN_ACTIVITY");
119 }
120
121 public int countUserActivity()
122 {
123 return count("SELECT count(*) from USER_ACTIVITY");
124 }
125
126 public static Test suite()
127 {
128
129 return new TestSuite(TestAuditActivity.class);
130 }
131
132 public void testUserActivity() throws Exception
133 {
134 assertNotNull("Audit Activity service is null", audit);
135 clearDBs();
136
137 audit.setEnabled(true);
138 assertTrue(audit.getEnabled());
139
140
141 audit.logUserActivity(USER, IP1, AuditActivity.AUTHENTICATION_SUCCESS, MSG_AUTHENTICATION_SUCCESS);
142 audit.logUserActivity(USER, IP1, AuditActivity.AUTHENTICATION_FAILURE, MSG_AUTHENTICATION_FAILURE);
143
144 int userCount = this.countUserActivity();
145 assertEquals(userCount, 2);
146
147 ActivityBean userBean = lookupUserActivity(USER_QUERY, AuditActivity.AUTHENTICATION_SUCCESS);
148 assertEquals(userBean.getActivity(), AuditActivity.AUTHENTICATION_SUCCESS);
149 assertEquals(userBean.getCategory(), AuditActivity.CAT_USER_AUTHENTICATION);
150 assertEquals(userBean.getUserName(), USER);
151 assertNotNull(userBean.getTimestamp());
152 assertEquals(userBean.getIpAddress(), IP1);
153 assertEquals(userBean.getDescription(), MSG_AUTHENTICATION_SUCCESS);
154
155 userBean = lookupUserActivity(USER_QUERY, AuditActivity.AUTHENTICATION_FAILURE);
156 assertEquals(userBean.getActivity(), AuditActivity.AUTHENTICATION_FAILURE);
157 assertEquals(userBean.getCategory(), AuditActivity.CAT_USER_AUTHENTICATION);
158 assertEquals(userBean.getUserName(), USER);
159 assertNotNull(userBean.getTimestamp());
160 assertEquals(userBean.getIpAddress(), IP1);
161 assertEquals(userBean.getDescription(), MSG_AUTHENTICATION_FAILURE);
162
163
164 audit.logUserAttributeActivity(USER, IP1, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
165
166 userBean = lookupUserActivity(USER_QUERY, AuditActivity.USER_ADD_ATTRIBUTE);
167 assertEquals(userBean.getActivity(), AuditActivity.USER_ADD_ATTRIBUTE);
168 assertEquals(userBean.getCategory(), AuditActivity.CAT_USER_ATTRIBUTE);
169 assertEquals(userBean.getUserName(), USER);
170 assertNotNull(userBean.getTimestamp());
171 assertEquals(userBean.getIpAddress(), IP1);
172 assertEquals(userBean.getDescription(), MSG_ATTRIBUTE);
173 assertEquals(userBean.getBeforeValue(), ATTRIBUTE_VALUE_BEFORE_1);
174 assertEquals(userBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
175
176
177
178 audit.logAdminUserActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_CREATE, MSG_ADDING_USER);
179 audit.logAdminCredentialActivity(ADMIN_USER, IP1, USER, AuditActivity.PASSWORD_CHANGE_SUCCESS, MSG_CHANGING_PW);
180 audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
181
182 int adminCount = this.countAdminActivity();
183 assertEquals(adminCount, 3);
184
185 ActivityBean adminBean = lookupAdminActivity(ADMIN_QUERY, AuditActivity.USER_CREATE);
186 assertEquals(adminBean.getActivity(), AuditActivity.USER_CREATE);
187 assertEquals(adminBean.getCategory(), AuditActivity.CAT_ADMIN_USER_MAINTENANCE);
188 assertEquals(adminBean.getAdmin(), ADMIN_USER);
189 assertEquals(adminBean.getUserName(), USER);
190 assertNotNull(adminBean.getTimestamp());
191 assertEquals(adminBean.getIpAddress(), IP1);
192 assertEquals(adminBean.getDescription(), MSG_ADDING_USER);
193 assertTrue(adminBean.getName() == null || adminBean.getName().equals(""));
194 assertTrue(adminBean.getBeforeValue() == null || adminBean.getBeforeValue().equals(""));
195 assertTrue(adminBean.getAfterValue() == null || adminBean.getAfterValue().equals(""));
196
197 adminBean = lookupAdminActivity(ADMIN_QUERY, AuditActivity.PASSWORD_CHANGE_SUCCESS);
198 assertEquals(adminBean.getActivity(), AuditActivity.PASSWORD_CHANGE_SUCCESS);
199 assertEquals(adminBean.getCategory(), AuditActivity.CAT_ADMIN_CREDENTIAL_MAINTENANCE);
200 assertEquals(adminBean.getAdmin(), ADMIN_USER);
201 assertEquals(adminBean.getUserName(), USER);
202 assertNotNull(adminBean.getTimestamp());
203 assertEquals(adminBean.getIpAddress(), IP1);
204 assertEquals(adminBean.getDescription(), MSG_CHANGING_PW);
205 assertTrue(adminBean.getName() == null || adminBean.getName().equals(""));
206 assertTrue(adminBean.getBeforeValue() == null || adminBean.getBeforeValue().equals(""));
207 assertTrue(adminBean.getAfterValue() == null || adminBean.getAfterValue().equals(""));
208
209 adminBean = lookupAdminActivity(ADMIN_QUERY, AuditActivity.USER_ADD_ATTRIBUTE);
210 assertEquals(adminBean.getActivity(), AuditActivity.USER_ADD_ATTRIBUTE);
211 assertEquals(adminBean.getCategory(), AuditActivity.CAT_ADMIN_ATTRIBUTE_MAINTENANCE);
212 assertEquals(adminBean.getAdmin(), ADMIN_USER);
213 assertEquals(adminBean.getUserName(), USER);
214 assertNotNull(adminBean.getTimestamp());
215 assertEquals(adminBean.getIpAddress(), IP1);
216 assertEquals(adminBean.getDescription(), MSG_ATTRIBUTE);
217 assertEquals(adminBean.getName(), ATTRIBUTE_NAME_1);
218 assertEquals(adminBean.getBeforeValue(), ATTRIBUTE_VALUE_BEFORE_1);
219 assertEquals(adminBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
220
221 audit.setEnabled(false);
222 assertFalse(audit.getEnabled());
223 audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER, AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1, ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1, MSG_ATTRIBUTE);
224 adminCount = this.countAdminActivity();
225 assertEquals(adminCount, 3);
226 }
227
228 private static String USER_QUERY = "SELECT * FROM USER_ACTIVITY WHERE ACTIVITY = ?";
229 private static String ADMIN_QUERY = "SELECT * FROM ADMIN_ACTIVITY WHERE ACTIVITY = ?";
230
231 private static String MSG_AUTHENTICATION_SUCCESS = "logging on via Jetspeed Portal";
232 private static String MSG_AUTHENTICATION_FAILURE = "failure logging on via Jetspeed Portal";
233 private static String MSG_ADDING_USER = "adding new user";
234 private static String MSG_CHANGING_PW = "changing password";
235 private static String MSG_ATTRIBUTE = "Attribute added for user";
236
237 private static String ADMIN_USER = "admin";
238 private static String USER = "nelson";
239 private static String IP1 = "123.234.145.156";
240 private static String ATTRIBUTE_NAME_1 = "attribute1";
241 private static String ATTRIBUTE_VALUE_BEFORE_1 = "value1BEFORE";
242 private static String ATTRIBUTE_VALUE_AFTER_1 = "value1AFTER";
243
244
245 private ActivityBean lookupUserActivity(String query, String keyActivity) throws SQLException
246 {
247 Connection con = null;
248 PreparedStatement pstmt = null;
249 ResultSet rs = null;
250 try
251 {
252 con = audit.getDataSource().getConnection();
253 pstmt = con.prepareStatement(query);
254 pstmt.setString(1, keyActivity);
255 rs = pstmt.executeQuery();
256 rs.next();
257 ActivityBean bean = new ActivityBean();
258 bean.setActivity(rs.getString(1));
259 bean.setCategory(rs.getString(2));
260 bean.setUserName(rs.getString(3));
261 bean.setTimestamp(rs.getTimestamp(4));
262 bean.setIpAddress(rs.getString(5));
263 bean.setName(rs.getString(6));
264 bean.setBeforeValue(rs.getString(7));
265 bean.setAfterValue(rs.getString(8));
266 bean.setDescription(rs.getString(9));
267 return bean;
268 }
269 catch (SQLException e)
270 {
271 throw e;
272 }
273 finally
274 {
275 if (pstmt != null)
276 {
277 pstmt.close();
278 }
279 if (rs != null)
280 {
281 rs.close();
282 }
283 if (con != null)
284 {
285 try
286 {
287 con.close();
288 }
289 catch (SQLException ee)
290 {}
291 }
292 }
293 }
294
295 private ActivityBean lookupAdminActivity(String query, String keyActivity) throws SQLException
296 {
297 Connection con = null;
298 PreparedStatement pstmt = null;
299 ResultSet rs = null;
300 try
301 {
302 con = audit.getDataSource().getConnection();
303 pstmt = con.prepareStatement(query);
304 pstmt.setString(1, keyActivity);
305 rs = pstmt.executeQuery();
306 rs.next();
307 ActivityBean bean = new ActivityBean();
308 bean.setActivity(rs.getString(1));
309 bean.setCategory(rs.getString(2));
310 bean.setAdmin(rs.getString(3));
311 bean.setUserName(rs.getString(4));
312 bean.setTimestamp(rs.getTimestamp(5));
313 bean.setIpAddress(rs.getString(6));
314 bean.setName(rs.getString(7));
315 bean.setBeforeValue(rs.getString(8));
316 bean.setAfterValue(rs.getString(9));
317 bean.setDescription(rs.getString(10));
318 return bean;
319 }
320 catch (SQLException e)
321 {
322 throw e;
323 }
324 finally
325 {
326 if (pstmt != null)
327 {
328 pstmt.close();
329 }
330 if (rs != null)
331 {
332 rs.close();
333 }
334 if (con != null)
335 {
336 try
337 {
338 con.close();
339 }
340 catch (SQLException ee)
341 {}
342 }
343 }
344 }
345
346 protected String[] getConfigurations()
347 {
348 return new String[]
349 { "statistics.xml", "transaction.xml", "boot/datasource.xml"};
350 }
351
352 protected String[] getBootConfigurations()
353 {
354 return new String[]
355 { "boot/datasource.xml"};
356 }
357
358 }