From 80eeb7960a73e6c813f2dc3ba337b01b9a095139 Mon Sep 17 00:00:00 2001 From: jensp Date: Thu, 26 Nov 2015 14:42:43 +0000 Subject: [PATCH] CCM NG: Secured collections (not all tested yet) git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3751 8810af33-2d31-482b-a856-94f89814c4df --- .../libreccm/security/SecuredCollection.java | 45 +- .../org/libreccm/security/SecuredHelper.java | 97 ++++ .../libreccm/security/SecuredIterator.java | 37 +- .../org/libreccm/security/SecuredList.java | 107 ++++ .../security/SecuredListIterator.java | 84 +++ .../security/SecuredNavigableSet.java | 122 +++++ .../org/libreccm/security/SecuredSet.java | 39 ++ .../libreccm/security/SecuredSortedSet.java | 87 +++ .../security/SecuredCollectionTest.java | 504 ++++++++++++++++++ .../security/SecuredIteratorTest.java | 160 +++--- 10 files changed, 1141 insertions(+), 141 deletions(-) create mode 100644 ccm-core/src/main/java/org/libreccm/security/SecuredHelper.java create mode 100644 ccm-core/src/main/java/org/libreccm/security/SecuredList.java create mode 100644 ccm-core/src/main/java/org/libreccm/security/SecuredListIterator.java create mode 100644 ccm-core/src/main/java/org/libreccm/security/SecuredNavigableSet.java create mode 100644 ccm-core/src/main/java/org/libreccm/security/SecuredSet.java create mode 100644 ccm-core/src/main/java/org/libreccm/security/SecuredSortedSet.java create mode 100644 ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredCollection.java b/ccm-core/src/main/java/org/libreccm/security/SecuredCollection.java index 5a79a84b8..3e7ca6546 100644 --- a/ccm-core/src/main/java/org/libreccm/security/SecuredCollection.java +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredCollection.java @@ -44,14 +44,17 @@ public class SecuredCollection implements Collection { private final Class clazz; - private final String privilege; + private final String requiredPrivilege; + + private final SecuredHelper securedHelper; public SecuredCollection(final Collection collection, final Class clazz, - final String privilege) { + final String requiredPrivilege) { this.collection = collection; this.clazz = clazz; - this.privilege = privilege; + this.requiredPrivilege = requiredPrivilege; + this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege); } @Override @@ -71,7 +74,7 @@ public class SecuredCollection implements Collection { @Override public Iterator iterator() { - return new SecuredIterator<>(collection.iterator(), clazz, privilege); + return new SecuredIterator<>(collection.iterator(), clazz, requiredPrivilege); } @Override @@ -88,8 +91,8 @@ public class SecuredCollection implements Collection { final Object[] objects = collection.toArray(); for (int i = 0; i < objects.length; i++) { - if (!permissionChecker.isPermitted(privilege, (E) objects[i])) { - objects[i] = generateAccessDeniedObject(clazz); + if (!permissionChecker.isPermitted(requiredPrivilege, (E) objects[i])) { + objects[i] = securedHelper.generateAccessDeniedObject(); } } @@ -110,8 +113,8 @@ public class SecuredCollection implements Collection { final T[] objects = collection.toArray(array); for(int i = 0; i < objects.length; i++) { - if (!permissionChecker.isPermitted(privilege, (CcmObject) objects[i])) { - objects[i] = (T) generateAccessDeniedObject(clazz); + if (!permissionChecker.isPermitted(requiredPrivilege, (CcmObject) objects[i])) { + objects[i] = (T) securedHelper.generateAccessDeniedObject(); } } return objects; @@ -153,18 +156,18 @@ public class SecuredCollection implements Collection { collection.clear(); } - private E generateAccessDeniedObject(final Class clazz) { - final E placeholder; - try { - placeholder = clazz.newInstance(); - placeholder.setDisplayName("Access denied"); - - return placeholder; - } catch (InstantiationException | IllegalAccessException ex) { - LOGGER.error( - "Failed to create placeholder object. Returing null.", ex); - return null; - } - } +// private E generateAccessDeniedObject(final Class clazz) { +// final E placeholder; +// try { +// placeholder = clazz.newInstance(); +// placeholder.setDisplayName("Access denied"); +// +// return placeholder; +// } catch (InstantiationException | IllegalAccessException ex) { +// LOGGER.error( +// "Failed to create placeholder object. Returing null.", ex); +// return null; +// } +// } } diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredHelper.java b/ccm-core/src/main/java/org/libreccm/security/SecuredHelper.java new file mode 100644 index 000000000..310a7ab77 --- /dev/null +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredHelper.java @@ -0,0 +1,97 @@ +/* + * Copyright (C) 2015 LibreCCM Foundation. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ +package org.libreccm.security; + +import com.arsdigita.util.UncheckedWrapperException; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.libreccm.cdi.utils.CdiLookupException; +import org.libreccm.cdi.utils.CdiUtil; +import org.libreccm.core.CcmObject; + +/** + * A helper class used by the secured collections provided by this package. + * + * @author Jens Pelzetter + */ +class SecuredHelper { + + private final static Logger LOGGER = LogManager.getLogger( + SecuredHelper.class); + + private final Class clazz; + private final String requiredPrivilege; + + protected SecuredHelper(final Class clazz, + final String requiredPrivilege) { + this.clazz = clazz; + this.requiredPrivilege = requiredPrivilege; + } + + /** + * Check if the current subject has the permission to access to provided + * object with the provided privilege. + * + * @param object The object to check. + * @return The provided {@code object} if the current subject has the + * permission to access it with the provided {@code privilege}. Otherwise a + * placeholder object is returned whichs {@link CcmObject#displayName} + * property is set to {@code Access denied}. + */ + protected E canAccess(final E object) { + if (object == null) { + return null; + } + + final CdiUtil cdiUtil = new CdiUtil(); + final PermissionChecker permissionChecker; + try { + permissionChecker = cdiUtil.findBean( + PermissionChecker.class); + } catch (CdiLookupException ex) { + throw new UncheckedWrapperException(ex); + } + + if (permissionChecker.isPermitted(requiredPrivilege, object)) { + return object; + } else { + return generateAccessDeniedObject(); + } + } + + /** + * Helper method for creating an "Access denied" placeholder object. + * + * @return An object of the provided {@link #clazz} with it's + * {@link CcmObject#displayName} property set to {@code Access denied}. + */ + protected E generateAccessDeniedObject() { + try { + final E placeholder = clazz.newInstance(); + placeholder.setDisplayName("Access denied"); + + return placeholder; + } catch (InstantiationException | IllegalAccessException ex) { + LOGGER.error( + "Failed to create placeholder object. Returing null.", ex); + return null; + } + } + +} diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredIterator.java b/ccm-core/src/main/java/org/libreccm/security/SecuredIterator.java index 2c6a9e61c..168386b30 100644 --- a/ccm-core/src/main/java/org/libreccm/security/SecuredIterator.java +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredIterator.java @@ -37,14 +37,9 @@ import java.util.Iterator; */ public class SecuredIterator implements Iterator { - private static final Logger LOGGER = LogManager.getLogger( - SecuredIterator.class); - private final Iterator iterator; - - private final Class clazz; - - private final String requiredPrivilege; + + private final SecuredHelper securedHelper; /** * Create a new secured iterator which secures the provided iterator. @@ -58,8 +53,7 @@ public class SecuredIterator implements Iterator { final Class clazz, final String requiredPrivilege) { this.iterator = iterator; - this.clazz = clazz; - this.requiredPrivilege = requiredPrivilege; + this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege); } /** @@ -89,30 +83,7 @@ public class SecuredIterator implements Iterator { */ @Override public E next() { - final CdiUtil cdiUtil = new CdiUtil(); - final PermissionChecker permissionChecker; - try { - permissionChecker = cdiUtil.findBean( - PermissionChecker.class); - } catch (CdiLookupException ex) { - throw new UncheckedWrapperException(ex); - } - - final E object = iterator.next(); - if (permissionChecker.isPermitted(requiredPrivilege, object)) { - return object; - } else { - try { - final E placeholder = clazz.newInstance(); - placeholder.setDisplayName("Access denied"); - - return placeholder; - } catch (InstantiationException | IllegalAccessException ex) { - LOGGER.error( - "Failed to create placeholder object. Returing null.", ex); - return null; - } - } + return securedHelper.canAccess(iterator.next()); } } diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredList.java b/ccm-core/src/main/java/org/libreccm/security/SecuredList.java new file mode 100644 index 000000000..73daa9721 --- /dev/null +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredList.java @@ -0,0 +1,107 @@ +/* + * Copyright (C) 2015 LibreCCM Foundation. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ +package org.libreccm.security; + +import java.util.Collection; +import java.util.List; +import java.util.ListIterator; +import org.libreccm.core.CcmObject; + +/** + * + * @author Jens Pelzetter + * @param + */ +public class SecuredList + extends SecuredCollection + implements List { + + private final List list; + private final Class clazz; + private final String requiredPrivilege; + private final SecuredHelper securedHelper; + + public SecuredList(final List list, + final Class clazz, + final String requiredPrivilege) { + super(list, clazz, requiredPrivilege); + this.list = list; + this.clazz = clazz; + this.requiredPrivilege = requiredPrivilege; + this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege); + } + + @Override + public boolean addAll(final int index, + final Collection collection) { + return list.addAll(index, collection); + } + + @Override + public E get(final int index) { + return securedHelper.canAccess(list.get(index)); + } + + @Override + public E set(final int index, final E element) { + return list.set(index, element); + } + + @Override + public void add(final int index, final E element) { + list.add(index, element); + } + + @Override + public E remove(final int index) { + return list.remove(index); + } + + @Override + public int indexOf(final Object object) { + return list.indexOf(object); + } + + @Override + public int lastIndexOf(final Object object) { + return list.lastIndexOf(object); + } + + @Override + public ListIterator listIterator() { + return new SecuredListIterator<>(list.listIterator(), + clazz, + requiredPrivilege); + } + + @Override + public ListIterator listIterator(final int index) { + return new SecuredListIterator<>(list.listIterator(index), + clazz, + requiredPrivilege); + } + + @Override + public List subList(final int index1, final int index2) { + return new SecuredList<>(list.subList(index1, index2), + clazz, + requiredPrivilege); + } + +} diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredListIterator.java b/ccm-core/src/main/java/org/libreccm/security/SecuredListIterator.java new file mode 100644 index 000000000..67b9c91a2 --- /dev/null +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredListIterator.java @@ -0,0 +1,84 @@ +/* + * Copyright (C) 2015 LibreCCM Foundation. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ +package org.libreccm.security; + +import java.util.ListIterator; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; +import org.libreccm.core.CcmObject; + +/** + * + * @author Jens Pelzetter + * @param + */ +public class SecuredListIterator + extends SecuredIterator + implements ListIterator { + + private final static Logger LOGGER = LogManager.getLogger( + SecuredListIterator.class); + + private final ListIterator iterator; + private final SecuredHelper securedHelper; + + public SecuredListIterator(final ListIterator iterator, + final Class clazz, + final String requiredPrivilege) { + super(iterator, clazz, requiredPrivilege); + this.iterator = iterator; + this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege); + } + + @Override + public boolean hasPrevious() { + return iterator.hasPrevious(); + } + + @Override + public E previous() { + return securedHelper.canAccess(iterator.previous()); + } + + @Override + public int nextIndex() { + return iterator.nextIndex(); + } + + @Override + public int previousIndex() { + return iterator.previousIndex(); + } + + @Override + public void remove() { + iterator.remove(); + } + + @Override + public void set(final E element) { + iterator.set(element); + } + + @Override + public void add(final E element) { + iterator.add(element); + } + +} diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredNavigableSet.java b/ccm-core/src/main/java/org/libreccm/security/SecuredNavigableSet.java new file mode 100644 index 000000000..d9fd05a5d --- /dev/null +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredNavigableSet.java @@ -0,0 +1,122 @@ +/* + * Copyright (C) 2015 LibreCCM Foundation. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ +package org.libreccm.security; + +import java.util.Iterator; +import java.util.NavigableSet; +import org.libreccm.core.CcmObject; + +/** + * + * @author Jens Pelzetter + * @param + */ +public class SecuredNavigableSet + extends SecuredSortedSet + implements NavigableSet { + + private final NavigableSet set; + private final Class clazz; + private final String requiredPrivilege; + private final SecuredHelper securedHelper; + + public SecuredNavigableSet(final NavigableSet set, + final Class clazz, + final String requiredPrivilege) { + super(set, clazz, requiredPrivilege); + this.set = set; + this.clazz = clazz; + this.requiredPrivilege = requiredPrivilege; + this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege); + } + + @Override + public E lower(final E element) { + return securedHelper.canAccess(set.lower(element)); + } + + @Override + public E floor(final E element) { + return securedHelper.canAccess(set.floor(element)); + } + + @Override + public E ceiling(final E element) { + return securedHelper.canAccess(set.ceiling(element)); + } + + @Override + public E higher(final E element) { + return securedHelper.canAccess(set.higher(element)); + } + + @Override + public E pollFirst() { + return securedHelper.canAccess(set.pollFirst()); + } + + @Override + public E pollLast() { + return securedHelper.canAccess(set.pollLast()); + } + + @Override + public NavigableSet descendingSet() { + return new SecuredNavigableSet<>(set.descendingSet(), + clazz, + requiredPrivilege); + } + + @Override + public Iterator descendingIterator() { + return new SecuredIterator<>(set.descendingIterator(), + clazz, + requiredPrivilege); + } + + @Override + public NavigableSet subSet(final E fromElement, + final boolean fromInclusive, + final E toElement, + final boolean toInclusive) { + return new SecuredNavigableSet<>(set.subSet(toElement, + toInclusive, + toElement, + toInclusive), + clazz, + requiredPrivilege); + } + + @Override + public NavigableSet headSet(final E toElement, + final boolean inclusive) { + return new SecuredNavigableSet<>(set.headSet(toElement, inclusive), + clazz, + requiredPrivilege); + } + + @Override + public NavigableSet tailSet(final E fromElement, + final boolean inclusive) { + return new SecuredNavigableSet<>(set.tailSet(fromElement, inclusive), + clazz, + requiredPrivilege); + } + +} diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredSet.java b/ccm-core/src/main/java/org/libreccm/security/SecuredSet.java new file mode 100644 index 000000000..da50405db --- /dev/null +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredSet.java @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2015 LibreCCM Foundation. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ +package org.libreccm.security; + +import java.util.Set; +import org.libreccm.core.CcmObject; + +/** + * + * @author Jens Pelzetter + * @param + */ +public class SecuredSet + extends SecuredCollection + implements Set { + + public SecuredSet(final Set set, + final Class clazz, + final String requiredPrivilege) { + super(set, clazz, requiredPrivilege); + } + +} diff --git a/ccm-core/src/main/java/org/libreccm/security/SecuredSortedSet.java b/ccm-core/src/main/java/org/libreccm/security/SecuredSortedSet.java new file mode 100644 index 000000000..955b5972c --- /dev/null +++ b/ccm-core/src/main/java/org/libreccm/security/SecuredSortedSet.java @@ -0,0 +1,87 @@ +/* + * Copyright (C) 2015 LibreCCM Foundation. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ +package org.libreccm.security; + +import java.util.Comparator; +import java.util.Set; +import java.util.SortedSet; +import org.libreccm.core.CcmObject; + +/** + * + * @author Jens Pelzetter + * @param + */ +public class SecuredSortedSet + extends SecuredSet + implements SortedSet { + + private final SortedSet set; + private final Class clazz; + private final String requiredPrivilege; + private final SecuredHelper securedHelper; + + public SecuredSortedSet(final SortedSet set, + final Class clazz, + final String requiredPrivilege) { + super(set, clazz, requiredPrivilege); + this.set = set; + this.clazz = clazz; + this.requiredPrivilege = requiredPrivilege; + this.securedHelper = new SecuredHelper(clazz, requiredPrivilege); + } + + @Override + public Comparator comparator() { + return set.comparator(); + } + + @Override + public SortedSet subSet(final E element1, + final E element2) { + return new SecuredSortedSet<>(set.subSet(element1, element2), + clazz, + requiredPrivilege); + } + + @Override + public SortedSet headSet(final E element) { + return new SecuredSortedSet<>(set.headSet(element), + clazz, + requiredPrivilege); + } + + @Override + public SortedSet tailSet(final E element) { + return new SecuredSortedSet<>(set.tailSet(element), + clazz, + requiredPrivilege); + } + + @Override + public E first() { + return securedHelper.canAccess(set.first()); + } + + @Override + public E last() { + return securedHelper.canAccess(set.last()); + } + +} diff --git a/ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java b/ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java new file mode 100644 index 000000000..1817a7c01 --- /dev/null +++ b/ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java @@ -0,0 +1,504 @@ +/* + * Copyright (C) 2015 LibreCCM Foundation. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, + * MA 02110-1301 USA + */ +package org.libreccm.security; + +import com.arsdigita.kernel.KernelConfig; +import com.arsdigita.kernel.security.SecurityConfig; +import com.arsdigita.runtime.AbstractConfig; +import com.arsdigita.util.UncheckedWrapperException; +import com.arsdigita.util.parameter.AbstractParameterContext; +import com.arsdigita.web.CCMApplicationContextListener; +import com.arsdigita.xml.XML; +import com.arsdigita.xml.formatters.DateTimeFormatter; +import java.io.File; +import java.util.ArrayList; +import java.util.List; +import java.util.concurrent.Callable; +import javax.inject.Inject; +import org.apache.shiro.authc.UsernamePasswordToken; +import org.apache.shiro.subject.Subject; +import org.jboss.arquillian.container.test.api.Deployment; +import org.jboss.arquillian.junit.Arquillian; +import org.jboss.arquillian.junit.InSequence; +import org.jboss.arquillian.persistence.CreateSchema; +import org.jboss.arquillian.persistence.PersistenceTest; +import org.jboss.arquillian.persistence.UsingDataSet; +import org.jboss.arquillian.transaction.api.annotation.TransactionMode; +import org.jboss.arquillian.transaction.api.annotation.Transactional; +import org.jboss.shrinkwrap.api.ShrinkWrap; +import org.jboss.shrinkwrap.api.asset.EmptyAsset; +import org.jboss.shrinkwrap.api.spec.WebArchive; +import org.jboss.shrinkwrap.resolver.api.maven.Maven; +import org.jboss.shrinkwrap.resolver.api.maven.PomEquippedResolveStage; +import org.junit.After; +import org.junit.AfterClass; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.experimental.categories.Category; +import org.junit.runner.RunWith; +import org.libreccm.categorization.Categorization; +import org.libreccm.cdi.utils.CdiUtil; +import org.libreccm.core.CcmObject; +import org.libreccm.core.CcmObjectRepository; +import org.libreccm.jpa.EntityManagerProducer; +import org.libreccm.jpa.utils.MimeTypeConverter; +import org.libreccm.l10n.LocalizedString; +import org.libreccm.tests.categories.IntegrationTest; + +import org.libreccm.testutils.EqualsVerifier; +import org.libreccm.web.CcmApplication; + +import static org.hamcrest.Matchers.*; +import static org.junit.Assert.*; + +/** + * + * @author Jens Pelzetter + */ +@Category(IntegrationTest.class) +@RunWith(Arquillian.class) +@PersistenceTest +@Transactional(TransactionMode.COMMIT) +@CreateSchema({"create_ccm_core_schema.sql"}) +public class SecuredCollectionTest { + + private static final String ACCESS_DENIED = "Access denied"; + + @Inject + private Subject subject; + + @Inject + private Shiro shiro; + + @Inject + private CcmObjectRepository objectRepository; + + //private List list; + private SecuredCollection collection1; + private SecuredCollection collection2; + private SecuredCollection collection3; + + public SecuredCollectionTest() { + } + + @BeforeClass + public static void setUpClass() { + } + + @AfterClass + public static void tearDownClass() { + } + + @Before + public void setUp() { + final CcmObject object1 = objectRepository.findById(-20001L); + final CcmObject object2 = objectRepository.findById(-20002L); + final CcmObject object3 = objectRepository.findById(-20003L); + + final List list = new ArrayList<>(); + list.add(object1); + list.add(object2); + list.add(object3); + + collection1 = new SecuredCollection<>(list, + CcmObject.class, + "privilege1"); + collection2 = new SecuredCollection<>(list, + CcmObject.class, + "privilege2"); + collection3 = new SecuredCollection<>(list, + CcmObject.class, + "privilege3"); + } + + @After + public void tearDown() { + } + + @Deployment + public static WebArchive createDeployment() { + final PomEquippedResolveStage pom = Maven + .resolver() + .loadPomFromFile("pom.xml"); + final PomEquippedResolveStage dependencies = pom. + importCompileAndRuntimeDependencies(); + final File[] libs = dependencies.resolve().withTransitivity().asFile(); + + for (File lib : libs) { + System.err.printf("Adding file '%s' to test archive...%n", + lib.getName()); + } + + return ShrinkWrap + .create(WebArchive.class, + "LibreCCM-org.libreccm.security.SecuredCollectionTest.war"). + addPackage(User.class.getPackage()) + .addPackage(CcmObject.class.getPackage()) + .addPackage(Categorization.class.getPackage()) + .addPackage(LocalizedString.class.getPackage()) + .addPackage(CcmApplication.class.getPackage()) + .addPackage(EntityManagerProducer.class.getPackage()) + .addPackage(MimeTypeConverter.class.getPackage()) + .addPackage(EqualsVerifier.class.getPackage()) + .addPackage(IntegrationTest.class.getPackage()) + .addPackage(KernelConfig.class.getPackage()) + .addPackage(SecurityConfig.class.getPackage()) + .addPackage(AbstractConfig.class.getPackage()) + .addPackage(AbstractParameterContext.class.getPackage()) + .addPackage(UncheckedWrapperException.class.getPackage()) + .addPackage(CCMApplicationContextListener.class.getPackage()) + .addPackage(XML.class.getPackage()) + .addPackage(DateTimeFormatter.class.getPackage()) + .addPackage(CdiUtil.class.getPackage()) + .addAsLibraries(libs) + .addAsResource("test-persistence.xml", + "META-INF/persistence.xml") + .addAsResource("com/arsdigita/kernel/" + + "KernelConfig_parameter.properties", + "com/arsdigita/kernel/" + + "KernelConfig_parameter.properties") + .addAsResource("com/arsdigita/kernel/security/" + + "SecurityConfig_parameter.properties", + "com/arsdigita/kernel/security/" + + "SecurityConfig_parameter.properties") + .addAsWebInfResource( + "configs/org/libreccm/security/UserManagerTest/" + + "registry.properties", + "conf/registry/registry.properties") + .addAsResource( + "configs/org/libreccm/security/UserManagerTest/ccm-core.config", + "ccm-core.config") + .addAsResource( + "configs/org/libreccm/security/ShiroTest/shiro.ini", + "shiro.ini") + .addAsResource( + "configs/org/libreccm/security/ShiroTest/log4j2.xml", + "log4j2.xml") + .addAsWebInfResource( + "configs/org/libreccm/security/ShiroTest/" + + "kernel.properties", + "conf/registry/ccm-core/kernel.properties") + .addAsWebInfResource( + "configs/org/libreccm//security/ShiroTest/" + + "security.properties", + "conf/registry/ccm-core/security.properties") + .addAsWebInfResource("test-web.xml", "web.xml") + .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml"); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(100) + public void checkToArrayJdoe() { + final UsernamePasswordToken token = new UsernamePasswordToken("jdoe", + "foo123"); + token.setRememberMe(true); + subject.login(token); + + final Object[] array1 = collection1.toArray(); + assertThat(array1.length, is(3)); + assertThat(array1[0], is(instanceOf(CcmObject.class))); + assertThat(array1[1], is(instanceOf(CcmObject.class))); + assertThat(array1[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array1[0]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array1[1]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array1[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + + final Object[] array2 = collection2.toArray(); + assertThat(array2.length, is(3)); + assertThat(array2[0], is(instanceOf(CcmObject.class))); + assertThat(array2[1], is(instanceOf(CcmObject.class))); + assertThat(array2[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array2[0]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array2[1]).getDisplayName(), + is(equalTo("object2"))); + assertThat(((CcmObject) array2[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + + final Object[] array3 = collection3.toArray(); + assertThat(array3.length, is(3)); + assertThat(array3[0], is(instanceOf(CcmObject.class))); + assertThat(array3[1], is(instanceOf(CcmObject.class))); + assertThat(array3[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array3[0]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array3[1]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array3[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(200) + public void checkToArrayMmuster() { + final UsernamePasswordToken token = new UsernamePasswordToken("mmuster", + "foo123"); + token.setRememberMe(true); + subject.login(token); + + final Object[] array1 = collection1.toArray(); + assertThat(array1.length, is(3)); + assertThat(array1[0], is(instanceOf(CcmObject.class))); + assertThat(array1[1], is(instanceOf(CcmObject.class))); + assertThat(array1[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array1[0]).getDisplayName(), + is(equalTo("object1"))); + assertThat(((CcmObject) array1[1]).getDisplayName(), + is(equalTo("object2"))); + assertThat(((CcmObject) array1[2]).getDisplayName(), + is(equalTo("object3"))); + + final Object[] array2 = collection2.toArray(); + assertThat(array2.length, is(3)); + assertThat(array2[0], is(instanceOf(CcmObject.class))); + assertThat(array2[1], is(instanceOf(CcmObject.class))); + assertThat(array2[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array2[0]).getDisplayName(), + is(equalTo("object1"))); + assertThat(((CcmObject) array2[1]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array2[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + + final Object[] array3 = collection3.toArray(); + assertThat(array3.length, is(3)); + assertThat(array3[0], is(instanceOf(CcmObject.class))); + assertThat(array3[1], is(instanceOf(CcmObject.class))); + assertThat(array3[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array3[0]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array3[1]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array3[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(300) + public void checkToArrayPublicUser() { + final Object[] array1 = collection1.toArray(); + assertThat(array1.length, is(3)); + assertThat(array1[0], is(instanceOf(CcmObject.class))); + assertThat(array1[1], is(instanceOf(CcmObject.class))); + assertThat(array1[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array1[0]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array1[1]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array1[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + + final Object[] array2 = collection2.toArray(); + assertThat(array2.length, is(3)); + assertThat(array2[0], is(instanceOf(CcmObject.class))); + assertThat(array2[1], is(instanceOf(CcmObject.class))); + assertThat(array2[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array2[0]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array2[1]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array2[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + + final Object[] array3 = collection3.toArray(); + assertThat(array3.length, is(3)); + assertThat(array3[0], is(instanceOf(CcmObject.class))); + assertThat(array3[1], is(instanceOf(CcmObject.class))); + assertThat(array3[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array3[0]).getDisplayName(), + is(equalTo("object1"))); + assertThat(((CcmObject) array3[1]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + assertThat(((CcmObject) array3[2]).getDisplayName(), + is(equalTo(ACCESS_DENIED))); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(400) + public void checkToArraySystemUser() { + shiro.getSystemUser().execute(new Callable() { + @Override + public Boolean call() throws Exception { + final Object[] array1 = collection1.toArray(); + assertThat(array1.length, is(3)); + assertThat(array1[0], is(instanceOf(CcmObject.class))); + assertThat(array1[1], is(instanceOf(CcmObject.class))); + assertThat(array1[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array1[0]).getDisplayName(), + is(equalTo("object1"))); + assertThat(((CcmObject) array1[1]).getDisplayName(), + is(equalTo("object2"))); + assertThat(((CcmObject) array1[2]).getDisplayName(), + is(equalTo("object3"))); + + final Object[] array2 = collection2.toArray(); + assertThat(array2.length, is(3)); + assertThat(array2[0], is(instanceOf(CcmObject.class))); + assertThat(array2[1], is(instanceOf(CcmObject.class))); + assertThat(array2[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array2[0]).getDisplayName(), + is(equalTo("object1"))); + assertThat(((CcmObject) array2[1]).getDisplayName(), + is(equalTo("object2"))); + assertThat(((CcmObject) array2[2]).getDisplayName(), + is(equalTo("object3"))); + + final Object[] array3 = collection3.toArray(); + assertThat(array3.length, is(3)); + assertThat(array3[0], is(instanceOf(CcmObject.class))); + assertThat(array3[1], is(instanceOf(CcmObject.class))); + assertThat(array3[2], is(instanceOf(CcmObject.class))); + assertThat(((CcmObject) array3[0]).getDisplayName(), + is(equalTo("object1"))); + assertThat(((CcmObject) array3[1]).getDisplayName(), + is(equalTo("object2"))); + assertThat(((CcmObject) array3[2]).getDisplayName(), + is(equalTo("object3"))); + + return false; + } + }); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(500) + public void checkToArrayTypeSafeJdoe() { + final UsernamePasswordToken token = new UsernamePasswordToken("jdoe", + "foo123"); + token.setRememberMe(true); + subject.login(token); + + CcmObject[] array1 = new CcmObject[3]; + array1 = collection1.toArray(array1); + assertThat(array1[0].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array1[1].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array1[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + + CcmObject[] array2 = new CcmObject[3]; + array2 = collection2.toArray(array2); + assertThat(array2[0].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array2[1].getDisplayName(), (is(equalTo("object2")))); + assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + + CcmObject[] array3 = new CcmObject[3]; + array3 = collection3.toArray(array3); + assertThat(array3[0].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(600) + public void checkToArrayTypeSafeMmuster() { + final UsernamePasswordToken token = new UsernamePasswordToken("mmuster", + "foo123"); + token.setRememberMe(true); + subject.login(token); + + CcmObject[] array1 = new CcmObject[3]; + array1 = collection1.toArray(array1); + assertThat(array1[0].getDisplayName(), (is(equalTo("object1")))); + assertThat(array1[1].getDisplayName(), (is(equalTo("object2")))); + assertThat(array1[2].getDisplayName(), (is(equalTo("object3")))); + + CcmObject[] array2 = new CcmObject[3]; + array2 = collection2.toArray(array2); + assertThat(array2[0].getDisplayName(), (is(equalTo("object1")))); + assertThat(array2[1].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + + CcmObject[] array3 = new CcmObject[3]; + array3 = collection3.toArray(array3); + assertThat(array3[0].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(700) + public void checkToArrayTypeSafePublicUser() { + CcmObject[] array1 = new CcmObject[3]; + array1 = collection1.toArray(array1); + assertThat(array1[0].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array1[1].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array1[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + + CcmObject[] array2 = new CcmObject[3]; + array2 = collection2.toArray(array2); + assertThat(array2[0].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array2[1].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + + CcmObject[] array3 = new CcmObject[3]; + array3 = collection3.toArray(array3); + assertThat(array3[0].getDisplayName(), (is(equalTo("object1")))); + assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED)))); + } + + @Test + @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") + @InSequence(700) + public void checkToArrayTypeSystemUser() { + shiro.getSystemUser().execute(new Callable() { + @Override + public Boolean call() throws Exception { + CcmObject[] array1 = new CcmObject[3]; + array1 = collection1.toArray(array1); + assertThat(array1[0].getDisplayName(), + is(equalTo("object1"))); + assertThat(array1[1].getDisplayName(), + is(equalTo("object2"))); + assertThat(array1[2].getDisplayName(), + is(equalTo("object3"))); + + CcmObject[] array2 = new CcmObject[3]; + array2 = collection2.toArray(array2); + assertThat(array2[0].getDisplayName(), + is(equalTo("object1"))); + assertThat(array2[1].getDisplayName(), + is(equalTo("object2"))); + assertThat(array2[2].getDisplayName(), + is(equalTo("object3"))); + + CcmObject[] array3 = new CcmObject[3]; + array3 = collection3.toArray(array3); + assertThat(array3[0].getDisplayName(), + is(equalTo("object1"))); + assertThat(array3[1].getDisplayName(), + is(equalTo("object2"))); + assertThat(array3[2].getDisplayName(), + is(equalTo("object3"))); + + return false; + } + }); + } +} diff --git a/ccm-core/src/test/java/org/libreccm/security/SecuredIteratorTest.java b/ccm-core/src/test/java/org/libreccm/security/SecuredIteratorTest.java index c74325c40..62002d1b1 100644 --- a/ccm-core/src/test/java/org/libreccm/security/SecuredIteratorTest.java +++ b/ccm-core/src/test/java/org/libreccm/security/SecuredIteratorTest.java @@ -93,7 +93,11 @@ public class SecuredIteratorTest { @Inject private CcmObjectRepository objectRepository; - private List list; + //private List list; + + private Iterator iterator1; + private Iterator iterator2; + private Iterator iterator3; public SecuredIteratorTest() { } @@ -112,10 +116,20 @@ public class SecuredIteratorTest { final CcmObject object2 = objectRepository.findById(-20002L); final CcmObject object3 = objectRepository.findById(-20003L); - list = new ArrayList<>(); + final List list = new ArrayList<>(); list.add(object1); list.add(object2); list.add(object3); + + iterator1 = new SecuredIterator<>(list.iterator(), + CcmObject.class, + "privilege1"); + iterator2 = new SecuredIterator<>(list.iterator(), + CcmObject.class, + "privilege2"); + iterator3 = new SecuredIterator<>(list.iterator(), + CcmObject.class, + "privilege3"); } @After @@ -125,10 +139,10 @@ public class SecuredIteratorTest { @Deployment public static WebArchive createDeployment() { final PomEquippedResolveStage pom = Maven - .resolver() - .loadPomFromFile("pom.xml"); + .resolver() + .loadPomFromFile("pom.xml"); final PomEquippedResolveStage dependencies = pom. - importCompileAndRuntimeDependencies(); + importCompileAndRuntimeDependencies(); final File[] libs = dependencies.resolve().withTransitivity().asFile(); for (File lib : libs) { @@ -137,73 +151,66 @@ public class SecuredIteratorTest { } return ShrinkWrap - .create(WebArchive.class, - "LibreCCM-org.libreccm.security.SecuredIteratorTest.war") - .addPackage(User.class.getPackage()) - .addPackage(CcmObject.class.getPackage()) - .addPackage(Categorization.class.getPackage()) - .addPackage(LocalizedString.class.getPackage()) - .addPackage(CcmApplication.class.getPackage()) - .addPackage(EntityManagerProducer.class.getPackage()) - .addPackage(MimeTypeConverter.class.getPackage()) - .addPackage(EqualsVerifier.class.getPackage()) - .addPackage(IntegrationTest.class.getPackage()) - .addPackage(KernelConfig.class.getPackage()) - .addPackage(SecurityConfig.class.getPackage()) - .addPackage(AbstractConfig.class.getPackage()) - .addPackage(AbstractParameterContext.class.getPackage()) - .addPackage(UncheckedWrapperException.class.getPackage()) - .addPackage(CCMApplicationContextListener.class.getPackage()) - .addPackage(XML.class.getPackage()) - .addPackage(DateTimeFormatter.class.getPackage()) - .addPackage(CdiUtil.class.getPackage()) - .addAsLibraries(libs) - .addAsResource("test-persistence.xml", - "META-INF/persistence.xml") - .addAsResource("com/arsdigita/kernel/" - + "KernelConfig_parameter.properties", - "com/arsdigita/kernel/" - + "KernelConfig_parameter.properties") - .addAsResource("com/arsdigita/kernel/security/" - + "SecurityConfig_parameter.properties", - "com/arsdigita/kernel/security/" - + "SecurityConfig_parameter.properties") - .addAsWebInfResource( - "configs/org/libreccm/security/UserManagerTest/" - + "registry.properties", - "conf/registry/registry.properties") - .addAsResource( - "configs/org/libreccm/security/UserManagerTest/ccm-core.config", - "ccm-core.config") - .addAsResource( - "configs/org/libreccm/security/ShiroTest/shiro.ini", - "shiro.ini") - .addAsResource( - "configs/org/libreccm/security/ShiroTest/log4j2.xml", - "log4j2.xml") - .addAsWebInfResource( - "configs/org/libreccm/security/ShiroTest/" - + "kernel.properties", - "conf/registry/ccm-core/kernel.properties") - .addAsWebInfResource( - "configs/org/libreccm//security/ShiroTest/" - + "security.properties", - "conf/registry/ccm-core/security.properties") - .addAsWebInfResource("test-web.xml", "web.xml") - .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml"); + .create(WebArchive.class, + "LibreCCM-org.libreccm.security.SecuredIteratorTest.war"). + addPackage(User.class.getPackage()) + .addPackage(CcmObject.class.getPackage()) + .addPackage(Categorization.class.getPackage()) + .addPackage(LocalizedString.class.getPackage()) + .addPackage(CcmApplication.class.getPackage()) + .addPackage(EntityManagerProducer.class.getPackage()) + .addPackage(MimeTypeConverter.class.getPackage()) + .addPackage(EqualsVerifier.class.getPackage()) + .addPackage(IntegrationTest.class.getPackage()) + .addPackage(KernelConfig.class.getPackage()) + .addPackage(SecurityConfig.class.getPackage()) + .addPackage(AbstractConfig.class.getPackage()) + .addPackage(AbstractParameterContext.class.getPackage()) + .addPackage(UncheckedWrapperException.class.getPackage()) + .addPackage(CCMApplicationContextListener.class.getPackage()) + .addPackage(XML.class.getPackage()) + .addPackage(DateTimeFormatter.class.getPackage()) + .addPackage(CdiUtil.class.getPackage()) + .addAsLibraries(libs) + .addAsResource("test-persistence.xml", + "META-INF/persistence.xml") + .addAsResource("com/arsdigita/kernel/" + + "KernelConfig_parameter.properties", + "com/arsdigita/kernel/" + + "KernelConfig_parameter.properties") + .addAsResource("com/arsdigita/kernel/security/" + + "SecurityConfig_parameter.properties", + "com/arsdigita/kernel/security/" + + "SecurityConfig_parameter.properties") + .addAsWebInfResource( + "configs/org/libreccm/security/UserManagerTest/" + + "registry.properties", + "conf/registry/registry.properties") + .addAsResource( + "configs/org/libreccm/security/UserManagerTest/ccm-core.config", + "ccm-core.config") + .addAsResource( + "configs/org/libreccm/security/ShiroTest/shiro.ini", + "shiro.ini") + .addAsResource( + "configs/org/libreccm/security/ShiroTest/log4j2.xml", + "log4j2.xml") + .addAsWebInfResource( + "configs/org/libreccm/security/ShiroTest/" + + "kernel.properties", + "conf/registry/ccm-core/kernel.properties") + .addAsWebInfResource( + "configs/org/libreccm//security/ShiroTest/" + + "security.properties", + "conf/registry/ccm-core/security.properties") + .addAsWebInfResource("test-web.xml", "web.xml") + .addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml"); } @Test @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") @InSequence(100) public void checkSecuredIteratorJdoe() { - final SecuredIterator iterator1 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege1"); - final SecuredIterator iterator2 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege2"); - final SecuredIterator iterator3 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege3"); - final UsernamePasswordToken token = new UsernamePasswordToken("jdoe", "foo123"); token.setRememberMe(true); @@ -239,13 +246,6 @@ public class SecuredIteratorTest { @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") @InSequence(200) public void checkSecuredIteratorMmuster() { - final SecuredIterator iterator1 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege1"); - final SecuredIterator iterator2 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege2"); - final SecuredIterator iterator3 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege3"); - final UsernamePasswordToken token = new UsernamePasswordToken("mmuster", "foo123"); token.setRememberMe(true); @@ -280,13 +280,6 @@ public class SecuredIteratorTest { @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") @InSequence(300) public void checkSecuredIteratorPublicUser() { - final SecuredIterator iterator1 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege1"); - final SecuredIterator iterator2 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege2"); - final SecuredIterator iterator3 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege3"); - final List list1 = new ArrayList<>(); while (iterator1.hasNext()) { list1.add(iterator1.next()); @@ -316,13 +309,6 @@ public class SecuredIteratorTest { @UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml") @InSequence(400) public void checkSecuredIteratorSystemUser() { - final SecuredIterator iterator1 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege1"); - final SecuredIterator iterator2 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege2"); - final SecuredIterator iterator3 = new SecuredIterator<>( - list.iterator(), CcmObject.class, "privilege3"); - shiro.getSystemUser().execute(new Callable() { @Override