LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

CCM NG: Secured collections (not all tested yet) 

git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@3751 8810af33-2d31-482b-a856-94f89814c4df
pull/2/head
jensp 2015-11-26 14:42:43 +00:00
parent 8da5c31279
commit 80eeb7960a
10 changed files with 1141 additions and 141 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
ccm-core/src/main/java/org/libreccm/security/SecuredCollection.java
View File

@ -44,14 +44,17 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
private final Class<E> clazz;
private final String privilege;
private final String requiredPrivilege;
private final SecuredHelper<E> securedHelper;
public SecuredCollection(final Collection<E> collection,
final Class<E> clazz,
final String privilege) {
final String requiredPrivilege) {
this.collection = collection;
this.clazz = clazz;
this.privilege = privilege;
this.requiredPrivilege = requiredPrivilege;
this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
}
@Override
@ -71,7 +74,7 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
@Override
public Iterator<E> iterator() {
return new SecuredIterator<>(collection.iterator(), clazz, privilege);
return new SecuredIterator<>(collection.iterator(), clazz, requiredPrivilege);
}
@Override
@ -88,8 +91,8 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
final Object[] objects = collection.toArray();
for (int i = 0; i < objects.length; i++) {
if (!permissionChecker.isPermitted(privilege, (E) objects[i])) {
objects[i] = generateAccessDeniedObject(clazz);
if (!permissionChecker.isPermitted(requiredPrivilege, (E) objects[i])) {
objects[i] = securedHelper.generateAccessDeniedObject();
}
}
@ -110,8 +113,8 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
final T[] objects = collection.toArray(array);
for(int i = 0; i < objects.length; i++) {
if (!permissionChecker.isPermitted(privilege, (CcmObject) objects[i])) {
objects[i] = (T) generateAccessDeniedObject(clazz);
if (!permissionChecker.isPermitted(requiredPrivilege, (CcmObject) objects[i])) {
objects[i] = (T) securedHelper.generateAccessDeniedObject();
}
}
return objects;
@ -153,18 +156,18 @@ public class SecuredCollection<E extends CcmObject> implements Collection<E> {
collection.clear();
}
private E generateAccessDeniedObject(final Class<E> clazz) {
final E placeholder;
try {
placeholder = clazz.newInstance();
placeholder.setDisplayName("Access denied");
return placeholder;
} catch (InstantiationException | IllegalAccessException ex) {
LOGGER.error(
"Failed to create placeholder object. Returing null.", ex);
return null;
}
}
// private E generateAccessDeniedObject(final Class<E> clazz) {
// final E placeholder;
// try {
// placeholder = clazz.newInstance();
// placeholder.setDisplayName("Access denied");
//
// return placeholder;
// } catch (InstantiationException | IllegalAccessException ex) {
// LOGGER.error(
// "Failed to create placeholder object. Returing null.", ex);
// return null;
// }
// }
}

97
ccm-core/src/main/java/org/libreccm/security/SecuredHelper.java 100644
View File

@ -0,0 +1,97 @@
/*
* Copyright (C) 2015 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import com.arsdigita.util.UncheckedWrapperException;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.libreccm.cdi.utils.CdiLookupException;
import org.libreccm.cdi.utils.CdiUtil;
import org.libreccm.core.CcmObject;
/**
* A helper class used by the secured collections provided by this package.
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
class SecuredHelper<E extends CcmObject> {
private final static Logger LOGGER = LogManager.getLogger(
SecuredHelper.class);
private final Class<E> clazz;
private final String requiredPrivilege;
protected SecuredHelper(final Class<E> clazz,
final String requiredPrivilege) {
this.clazz = clazz;
this.requiredPrivilege = requiredPrivilege;
}
/**
* Check if the current subject has the permission to access to provided
* object with the provided privilege.
*
* @param object The object to check.
* @return The provided {@code object} if the current subject has the
* permission to access it with the provided {@code privilege}. Otherwise a
* placeholder object is returned whichs {@link CcmObject#displayName}
* property is set to {@code Access denied}.
*/
protected E canAccess(final E object) {
if (object == null) {
return null;
}
final CdiUtil cdiUtil = new CdiUtil();
final PermissionChecker permissionChecker;
try {
permissionChecker = cdiUtil.findBean(
PermissionChecker.class);
} catch (CdiLookupException ex) {
throw new UncheckedWrapperException(ex);
}
if (permissionChecker.isPermitted(requiredPrivilege, object)) {
return object;
} else {
return generateAccessDeniedObject();
}
}
/**
* Helper method for creating an "Access denied" placeholder object.
*
* @return An object of the provided {@link #clazz} with it's
* {@link CcmObject#displayName} property set to {@code Access denied}.
*/
protected E generateAccessDeniedObject() {
try {
final E placeholder = clazz.newInstance();
placeholder.setDisplayName("Access denied");
return placeholder;
} catch (InstantiationException | IllegalAccessException ex) {
LOGGER.error(
"Failed to create placeholder object. Returing null.", ex);
return null;
}
}
}

35
ccm-core/src/main/java/org/libreccm/security/SecuredIterator.java
View File

@ -37,14 +37,9 @@ import java.util.Iterator;
*/
public class SecuredIterator<E extends CcmObject> implements Iterator<E> {
private static final Logger LOGGER = LogManager.getLogger(
SecuredIterator.class);
private final Iterator<E> iterator;
private final Class<E> clazz;
private final String requiredPrivilege;
private final SecuredHelper<E> securedHelper;
/**
* Create a new secured iterator which secures the provided iterator.
@ -58,8 +53,7 @@ public class SecuredIterator<E extends CcmObject> implements Iterator<E> {
final Class<E> clazz,
final String requiredPrivilege) {
this.iterator = iterator;
this.clazz = clazz;
this.requiredPrivilege = requiredPrivilege;
this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
}
/**
@ -89,30 +83,7 @@ public class SecuredIterator<E extends CcmObject> implements Iterator<E> {
*/
@Override
public E next() {
final CdiUtil cdiUtil = new CdiUtil();
final PermissionChecker permissionChecker;
try {
permissionChecker = cdiUtil.findBean(
PermissionChecker.class);
} catch (CdiLookupException ex) {
throw new UncheckedWrapperException(ex);
}
final E object = iterator.next();
if (permissionChecker.isPermitted(requiredPrivilege, object)) {
return object;
} else {
try {
final E placeholder = clazz.newInstance();
placeholder.setDisplayName("Access denied");
return placeholder;
} catch (InstantiationException | IllegalAccessException ex) {
LOGGER.error(
"Failed to create placeholder object. Returing null.", ex);
return null;
}
}
return securedHelper.canAccess(iterator.next());
}
}

107
ccm-core/src/main/java/org/libreccm/security/SecuredList.java 100644
View File

@ -0,0 +1,107 @@
/*
* Copyright (C) 2015 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import java.util.Collection;
import java.util.List;
import java.util.ListIterator;
import org.libreccm.core.CcmObject;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
* @param <E>
*/
public class SecuredList<E extends CcmObject>
extends SecuredCollection<E>
implements List<E> {
private final List<E> list;
private final Class<E> clazz;
private final String requiredPrivilege;
private final SecuredHelper<E> securedHelper;
public SecuredList(final List<E> list,
final Class<E> clazz,
final String requiredPrivilege) {
super(list, clazz, requiredPrivilege);
this.list = list;
this.clazz = clazz;
this.requiredPrivilege = requiredPrivilege;
this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
}
@Override
public boolean addAll(final int index,
final Collection<? extends E> collection) {
return list.addAll(index, collection);
}
@Override
public E get(final int index) {
return securedHelper.canAccess(list.get(index));
}
@Override
public E set(final int index, final E element) {
return list.set(index, element);
}
@Override
public void add(final int index, final E element) {
list.add(index, element);
}
@Override
public E remove(final int index) {
return list.remove(index);
}
@Override
public int indexOf(final Object object) {
return list.indexOf(object);
}
@Override
public int lastIndexOf(final Object object) {
return list.lastIndexOf(object);
}
@Override
public ListIterator<E> listIterator() {
return new SecuredListIterator<>(list.listIterator(),
clazz,
requiredPrivilege);
}
@Override
public ListIterator<E> listIterator(final int index) {
return new SecuredListIterator<>(list.listIterator(index),
clazz,
requiredPrivilege);
}
@Override
public List<E> subList(final int index1, final int index2) {
return new SecuredList<>(list.subList(index1, index2),
clazz,
requiredPrivilege);
}
}

84
ccm-core/src/main/java/org/libreccm/security/SecuredListIterator.java 100644
View File

@ -0,0 +1,84 @@
/*
* Copyright (C) 2015 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import java.util.ListIterator;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.libreccm.core.CcmObject;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
* @param <E>
*/
public class SecuredListIterator<E extends CcmObject>
extends SecuredIterator<E>
implements ListIterator<E> {
private final static Logger LOGGER = LogManager.getLogger(
SecuredListIterator.class);
private final ListIterator<E> iterator;
private final SecuredHelper<E> securedHelper;
public SecuredListIterator(final ListIterator<E> iterator,
final Class<E> clazz,
final String requiredPrivilege) {
super(iterator, clazz, requiredPrivilege);
this.iterator = iterator;
this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
}
@Override
public boolean hasPrevious() {
return iterator.hasPrevious();
}
@Override
public E previous() {
return securedHelper.canAccess(iterator.previous());
}
@Override
public int nextIndex() {
return iterator.nextIndex();
}
@Override
public int previousIndex() {
return iterator.previousIndex();
}
@Override
public void remove() {
iterator.remove();
}
@Override
public void set(final E element) {
iterator.set(element);
}
@Override
public void add(final E element) {
iterator.add(element);
}
}

122
ccm-core/src/main/java/org/libreccm/security/SecuredNavigableSet.java 100644
View File

@ -0,0 +1,122 @@
/*
* Copyright (C) 2015 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import java.util.Iterator;
import java.util.NavigableSet;
import org.libreccm.core.CcmObject;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
* @param <E>
*/
public class SecuredNavigableSet<E extends CcmObject>
extends SecuredSortedSet<E>
implements NavigableSet<E> {
private final NavigableSet<E> set;
private final Class<E> clazz;
private final String requiredPrivilege;
private final SecuredHelper<E> securedHelper;
public SecuredNavigableSet(final NavigableSet<E> set,
final Class<E> clazz,
final String requiredPrivilege) {
super(set, clazz, requiredPrivilege);
this.set = set;
this.clazz = clazz;
this.requiredPrivilege = requiredPrivilege;
this.securedHelper = new SecuredHelper<>(clazz, requiredPrivilege);
}
@Override
public E lower(final E element) {
return securedHelper.canAccess(set.lower(element));
}
@Override
public E floor(final E element) {
return securedHelper.canAccess(set.floor(element));
}
@Override
public E ceiling(final E element) {
return securedHelper.canAccess(set.ceiling(element));
}
@Override
public E higher(final E element) {
return securedHelper.canAccess(set.higher(element));
}
@Override
public E pollFirst() {
return securedHelper.canAccess(set.pollFirst());
}
@Override
public E pollLast() {
return securedHelper.canAccess(set.pollLast());
}
@Override
public NavigableSet<E> descendingSet() {
return new SecuredNavigableSet<>(set.descendingSet(),
clazz,
requiredPrivilege);
}
@Override
public Iterator<E> descendingIterator() {
return new SecuredIterator<>(set.descendingIterator(),
clazz,
requiredPrivilege);
}
@Override
public NavigableSet<E> subSet(final E fromElement,
final boolean fromInclusive,
final E toElement,
final boolean toInclusive) {
return new SecuredNavigableSet<>(set.subSet(toElement,
toInclusive,
toElement,
toInclusive),
clazz,
requiredPrivilege);
}
@Override
public NavigableSet<E> headSet(final E toElement,
final boolean inclusive) {
return new SecuredNavigableSet<>(set.headSet(toElement, inclusive),
clazz,
requiredPrivilege);
}
@Override
public NavigableSet<E> tailSet(final E fromElement,
final boolean inclusive) {
return new SecuredNavigableSet<>(set.tailSet(fromElement, inclusive),
clazz,
requiredPrivilege);
}
}

39
ccm-core/src/main/java/org/libreccm/security/SecuredSet.java 100644
View File

@ -0,0 +1,39 @@
/*
* Copyright (C) 2015 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import java.util.Set;
import org.libreccm.core.CcmObject;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
* @param <E>
*/
public class SecuredSet<E extends CcmObject>
extends SecuredCollection<E>
implements Set<E> {
public SecuredSet(final Set<E> set,
final Class<E> clazz,
final String requiredPrivilege) {
super(set, clazz, requiredPrivilege);
}
}

87
ccm-core/src/main/java/org/libreccm/security/SecuredSortedSet.java 100644
View File

@ -0,0 +1,87 @@
/*
* Copyright (C) 2015 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import java.util.Comparator;
import java.util.Set;
import java.util.SortedSet;
import org.libreccm.core.CcmObject;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
* @param <E>
*/
public class SecuredSortedSet<E extends CcmObject>
extends SecuredSet<E>
implements SortedSet<E> {
private final SortedSet<E> set;
private final Class<E> clazz;
private final String requiredPrivilege;
private final SecuredHelper<E> securedHelper;
public SecuredSortedSet(final SortedSet<E> set,
final Class<E> clazz,
final String requiredPrivilege) {
super(set, clazz, requiredPrivilege);
this.set = set;
this.clazz = clazz;
this.requiredPrivilege = requiredPrivilege;
this.securedHelper = new SecuredHelper(clazz, requiredPrivilege);
}
@Override
public Comparator<? super E> comparator() {
return set.comparator();
}
@Override
public SortedSet<E> subSet(final E element1,
final E element2) {
return new SecuredSortedSet<>(set.subSet(element1, element2),
clazz,
requiredPrivilege);
}
@Override
public SortedSet<E> headSet(final E element) {
return new SecuredSortedSet<>(set.headSet(element),
clazz,
requiredPrivilege);
}
@Override
public SortedSet<E> tailSet(final E element) {
return new SecuredSortedSet<>(set.tailSet(element),
clazz,
requiredPrivilege);
}
@Override
public E first() {
return securedHelper.canAccess(set.first());
}
@Override
public E last() {
return securedHelper.canAccess(set.last());
}
}

504
ccm-core/src/test/java/org/libreccm/security/SecuredCollectionTest.java 100644
View File

@ -0,0 +1,504 @@
/*
* Copyright (C) 2015 LibreCCM Foundation.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
* MA 02110-1301 USA
*/
package org.libreccm.security;
import com.arsdigita.kernel.KernelConfig;
import com.arsdigita.kernel.security.SecurityConfig;
import com.arsdigita.runtime.AbstractConfig;
import com.arsdigita.util.UncheckedWrapperException;
import com.arsdigita.util.parameter.AbstractParameterContext;
import com.arsdigita.web.CCMApplicationContextListener;
import com.arsdigita.xml.XML;
import com.arsdigita.xml.formatters.DateTimeFormatter;
import java.io.File;
import java.util.ArrayList;
import java.util.List;
import java.util.concurrent.Callable;
import javax.inject.Inject;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.arquillian.junit.InSequence;
import org.jboss.arquillian.persistence.CreateSchema;
import org.jboss.arquillian.persistence.PersistenceTest;
import org.jboss.arquillian.persistence.UsingDataSet;
import org.jboss.arquillian.transaction.api.annotation.TransactionMode;
import org.jboss.arquillian.transaction.api.annotation.Transactional;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.EmptyAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.jboss.shrinkwrap.resolver.api.maven.Maven;
import org.jboss.shrinkwrap.resolver.api.maven.PomEquippedResolveStage;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith;
import org.libreccm.categorization.Categorization;
import org.libreccm.cdi.utils.CdiUtil;
import org.libreccm.core.CcmObject;
import org.libreccm.core.CcmObjectRepository;
import org.libreccm.jpa.EntityManagerProducer;
import org.libreccm.jpa.utils.MimeTypeConverter;
import org.libreccm.l10n.LocalizedString;
import org.libreccm.tests.categories.IntegrationTest;
import org.libreccm.testutils.EqualsVerifier;
import org.libreccm.web.CcmApplication;
import static org.hamcrest.Matchers.*;
import static org.junit.Assert.*;
/**
*
* @author <a href="mailto:jens.pelzetter@googlemail.com">Jens Pelzetter</a>
*/
@Category(IntegrationTest.class)
@RunWith(Arquillian.class)
@PersistenceTest
@Transactional(TransactionMode.COMMIT)
@CreateSchema({"create_ccm_core_schema.sql"})
public class SecuredCollectionTest {
private static final String ACCESS_DENIED = "Access denied";
@Inject
private Subject subject;
@Inject
private Shiro shiro;
@Inject
private CcmObjectRepository objectRepository;
//private List<CcmObject> list;
private SecuredCollection<CcmObject> collection1;
private SecuredCollection<CcmObject> collection2;
private SecuredCollection<CcmObject> collection3;
public SecuredCollectionTest() {
}
@BeforeClass
public static void setUpClass() {
}
@AfterClass
public static void tearDownClass() {
}
@Before
public void setUp() {
final CcmObject object1 = objectRepository.findById(-20001L);
final CcmObject object2 = objectRepository.findById(-20002L);
final CcmObject object3 = objectRepository.findById(-20003L);
final List<CcmObject> list = new ArrayList<>();
list.add(object1);
list.add(object2);
list.add(object3);
collection1 = new SecuredCollection<>(list,
CcmObject.class,
"privilege1");
collection2 = new SecuredCollection<>(list,
CcmObject.class,
"privilege2");
collection3 = new SecuredCollection<>(list,
CcmObject.class,
"privilege3");
}
@After
public void tearDown() {
}
@Deployment
public static WebArchive createDeployment() {
final PomEquippedResolveStage pom = Maven
.resolver()
.loadPomFromFile("pom.xml");
final PomEquippedResolveStage dependencies = pom.
importCompileAndRuntimeDependencies();
final File[] libs = dependencies.resolve().withTransitivity().asFile();
for (File lib : libs) {
System.err.printf("Adding file '%s' to test archive...%n",
lib.getName());
}
return ShrinkWrap
.create(WebArchive.class,
"LibreCCM-org.libreccm.security.SecuredCollectionTest.war").
addPackage(User.class.getPackage())
.addPackage(CcmObject.class.getPackage())
.addPackage(Categorization.class.getPackage())
.addPackage(LocalizedString.class.getPackage())
.addPackage(CcmApplication.class.getPackage())
.addPackage(EntityManagerProducer.class.getPackage())
.addPackage(MimeTypeConverter.class.getPackage())
.addPackage(EqualsVerifier.class.getPackage())
.addPackage(IntegrationTest.class.getPackage())
.addPackage(KernelConfig.class.getPackage())
.addPackage(SecurityConfig.class.getPackage())
.addPackage(AbstractConfig.class.getPackage())
.addPackage(AbstractParameterContext.class.getPackage())
.addPackage(UncheckedWrapperException.class.getPackage())
.addPackage(CCMApplicationContextListener.class.getPackage())
.addPackage(XML.class.getPackage())
.addPackage(DateTimeFormatter.class.getPackage())
.addPackage(CdiUtil.class.getPackage())
.addAsLibraries(libs)
.addAsResource("test-persistence.xml",
"META-INF/persistence.xml")
.addAsResource("com/arsdigita/kernel/"
+ "KernelConfig_parameter.properties",
"com/arsdigita/kernel/"
+ "KernelConfig_parameter.properties")
.addAsResource("com/arsdigita/kernel/security/"
+ "SecurityConfig_parameter.properties",
"com/arsdigita/kernel/security/"
+ "SecurityConfig_parameter.properties")
.addAsWebInfResource(
"configs/org/libreccm/security/UserManagerTest/"
+ "registry.properties",
"conf/registry/registry.properties")
.addAsResource(
"configs/org/libreccm/security/UserManagerTest/ccm-core.config",
"ccm-core.config")
.addAsResource(
"configs/org/libreccm/security/ShiroTest/shiro.ini",
"shiro.ini")
.addAsResource(
"configs/org/libreccm/security/ShiroTest/log4j2.xml",
"log4j2.xml")
.addAsWebInfResource(
"configs/org/libreccm/security/ShiroTest/"
+ "kernel.properties",
"conf/registry/ccm-core/kernel.properties")
.addAsWebInfResource(
"configs/org/libreccm//security/ShiroTest/"
+ "security.properties",
"conf/registry/ccm-core/security.properties")
.addAsWebInfResource("test-web.xml", "web.xml")
.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(100)
public void checkToArrayJdoe() {
final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
"foo123");
token.setRememberMe(true);
subject.login(token);
final Object[] array1 = collection1.toArray();
assertThat(array1.length, is(3));
assertThat(array1[0], is(instanceOf(CcmObject.class)));
assertThat(array1[1], is(instanceOf(CcmObject.class)));
assertThat(array1[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array1[0]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array1[1]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array1[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
final Object[] array2 = collection2.toArray();
assertThat(array2.length, is(3));
assertThat(array2[0], is(instanceOf(CcmObject.class)));
assertThat(array2[1], is(instanceOf(CcmObject.class)));
assertThat(array2[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array2[0]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array2[1]).getDisplayName(),
is(equalTo("object2")));
assertThat(((CcmObject) array2[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
final Object[] array3 = collection3.toArray();
assertThat(array3.length, is(3));
assertThat(array3[0], is(instanceOf(CcmObject.class)));
assertThat(array3[1], is(instanceOf(CcmObject.class)));
assertThat(array3[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array3[0]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array3[1]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array3[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(200)
public void checkToArrayMmuster() {
final UsernamePasswordToken token = new UsernamePasswordToken("mmuster",
"foo123");
token.setRememberMe(true);
subject.login(token);
final Object[] array1 = collection1.toArray();
assertThat(array1.length, is(3));
assertThat(array1[0], is(instanceOf(CcmObject.class)));
assertThat(array1[1], is(instanceOf(CcmObject.class)));
assertThat(array1[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array1[0]).getDisplayName(),
is(equalTo("object1")));
assertThat(((CcmObject) array1[1]).getDisplayName(),
is(equalTo("object2")));
assertThat(((CcmObject) array1[2]).getDisplayName(),
is(equalTo("object3")));
final Object[] array2 = collection2.toArray();
assertThat(array2.length, is(3));
assertThat(array2[0], is(instanceOf(CcmObject.class)));
assertThat(array2[1], is(instanceOf(CcmObject.class)));
assertThat(array2[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array2[0]).getDisplayName(),
is(equalTo("object1")));
assertThat(((CcmObject) array2[1]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array2[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
final Object[] array3 = collection3.toArray();
assertThat(array3.length, is(3));
assertThat(array3[0], is(instanceOf(CcmObject.class)));
assertThat(array3[1], is(instanceOf(CcmObject.class)));
assertThat(array3[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array3[0]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array3[1]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array3[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(300)
public void checkToArrayPublicUser() {
final Object[] array1 = collection1.toArray();
assertThat(array1.length, is(3));
assertThat(array1[0], is(instanceOf(CcmObject.class)));
assertThat(array1[1], is(instanceOf(CcmObject.class)));
assertThat(array1[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array1[0]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array1[1]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array1[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
final Object[] array2 = collection2.toArray();
assertThat(array2.length, is(3));
assertThat(array2[0], is(instanceOf(CcmObject.class)));
assertThat(array2[1], is(instanceOf(CcmObject.class)));
assertThat(array2[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array2[0]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array2[1]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array2[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
final Object[] array3 = collection3.toArray();
assertThat(array3.length, is(3));
assertThat(array3[0], is(instanceOf(CcmObject.class)));
assertThat(array3[1], is(instanceOf(CcmObject.class)));
assertThat(array3[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array3[0]).getDisplayName(),
is(equalTo("object1")));
assertThat(((CcmObject) array3[1]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
assertThat(((CcmObject) array3[2]).getDisplayName(),
is(equalTo(ACCESS_DENIED)));
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(400)
public void checkToArraySystemUser() {
shiro.getSystemUser().execute(new Callable<Boolean>() {
@Override
public Boolean call() throws Exception {
final Object[] array1 = collection1.toArray();
assertThat(array1.length, is(3));
assertThat(array1[0], is(instanceOf(CcmObject.class)));
assertThat(array1[1], is(instanceOf(CcmObject.class)));
assertThat(array1[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array1[0]).getDisplayName(),
is(equalTo("object1")));
assertThat(((CcmObject) array1[1]).getDisplayName(),
is(equalTo("object2")));
assertThat(((CcmObject) array1[2]).getDisplayName(),
is(equalTo("object3")));
final Object[] array2 = collection2.toArray();
assertThat(array2.length, is(3));
assertThat(array2[0], is(instanceOf(CcmObject.class)));
assertThat(array2[1], is(instanceOf(CcmObject.class)));
assertThat(array2[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array2[0]).getDisplayName(),
is(equalTo("object1")));
assertThat(((CcmObject) array2[1]).getDisplayName(),
is(equalTo("object2")));
assertThat(((CcmObject) array2[2]).getDisplayName(),
is(equalTo("object3")));
final Object[] array3 = collection3.toArray();
assertThat(array3.length, is(3));
assertThat(array3[0], is(instanceOf(CcmObject.class)));
assertThat(array3[1], is(instanceOf(CcmObject.class)));
assertThat(array3[2], is(instanceOf(CcmObject.class)));
assertThat(((CcmObject) array3[0]).getDisplayName(),
is(equalTo("object1")));
assertThat(((CcmObject) array3[1]).getDisplayName(),
is(equalTo("object2")));
assertThat(((CcmObject) array3[2]).getDisplayName(),
is(equalTo("object3")));
return false;
}
});
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(500)
public void checkToArrayTypeSafeJdoe() {
final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
"foo123");
token.setRememberMe(true);
subject.login(token);
CcmObject[] array1 = new CcmObject[3];
array1 = collection1.toArray(array1);
assertThat(array1[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array1[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array1[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
CcmObject[] array2 = new CcmObject[3];
array2 = collection2.toArray(array2);
assertThat(array2[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array2[1].getDisplayName(), (is(equalTo("object2"))));
assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
CcmObject[] array3 = new CcmObject[3];
array3 = collection3.toArray(array3);
assertThat(array3[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(600)
public void checkToArrayTypeSafeMmuster() {
final UsernamePasswordToken token = new UsernamePasswordToken("mmuster",
"foo123");
token.setRememberMe(true);
subject.login(token);
CcmObject[] array1 = new CcmObject[3];
array1 = collection1.toArray(array1);
assertThat(array1[0].getDisplayName(), (is(equalTo("object1"))));
assertThat(array1[1].getDisplayName(), (is(equalTo("object2"))));
assertThat(array1[2].getDisplayName(), (is(equalTo("object3"))));
CcmObject[] array2 = new CcmObject[3];
array2 = collection2.toArray(array2);
assertThat(array2[0].getDisplayName(), (is(equalTo("object1"))));
assertThat(array2[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
CcmObject[] array3 = new CcmObject[3];
array3 = collection3.toArray(array3);
assertThat(array3[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(700)
public void checkToArrayTypeSafePublicUser() {
CcmObject[] array1 = new CcmObject[3];
array1 = collection1.toArray(array1);
assertThat(array1[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array1[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array1[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
CcmObject[] array2 = new CcmObject[3];
array2 = collection2.toArray(array2);
assertThat(array2[0].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array2[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array2[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
CcmObject[] array3 = new CcmObject[3];
array3 = collection3.toArray(array3);
assertThat(array3[0].getDisplayName(), (is(equalTo("object1"))));
assertThat(array3[1].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
assertThat(array3[2].getDisplayName(), (is(equalTo(ACCESS_DENIED))));
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(700)
public void checkToArrayTypeSystemUser() {
shiro.getSystemUser().execute(new Callable<Boolean>() {
@Override
public Boolean call() throws Exception {
CcmObject[] array1 = new CcmObject[3];
array1 = collection1.toArray(array1);
assertThat(array1[0].getDisplayName(),
is(equalTo("object1")));
assertThat(array1[1].getDisplayName(),
is(equalTo("object2")));
assertThat(array1[2].getDisplayName(),
is(equalTo("object3")));
CcmObject[] array2 = new CcmObject[3];
array2 = collection2.toArray(array2);
assertThat(array2[0].getDisplayName(),
is(equalTo("object1")));
assertThat(array2[1].getDisplayName(),
is(equalTo("object2")));
assertThat(array2[2].getDisplayName(),
is(equalTo("object3")));
CcmObject[] array3 = new CcmObject[3];
array3 = collection3.toArray(array3);
assertThat(array3[0].getDisplayName(),
is(equalTo("object1")));
assertThat(array3[1].getDisplayName(),
is(equalTo("object2")));
assertThat(array3[2].getDisplayName(),
is(equalTo("object3")));
return false;
}
});
}
}

160
ccm-core/src/test/java/org/libreccm/security/SecuredIteratorTest.java
View File

@ -93,7 +93,11 @@ public class SecuredIteratorTest {
@Inject
private CcmObjectRepository objectRepository;
private List<CcmObject> list;
//private List<CcmObject> list;
private Iterator<CcmObject> iterator1;
private Iterator<CcmObject> iterator2;
private Iterator<CcmObject> iterator3;
public SecuredIteratorTest() {
}
@ -112,10 +116,20 @@ public class SecuredIteratorTest {
final CcmObject object2 = objectRepository.findById(-20002L);
final CcmObject object3 = objectRepository.findById(-20003L);
list = new ArrayList<>();
final List<CcmObject> list = new ArrayList<>();
list.add(object1);
list.add(object2);
list.add(object3);
iterator1 = new SecuredIterator<>(list.iterator(),
CcmObject.class,
"privilege1");
iterator2 = new SecuredIterator<>(list.iterator(),
CcmObject.class,
"privilege2");
iterator3 = new SecuredIterator<>(list.iterator(),
CcmObject.class,
"privilege3");
}
@After
@ -125,10 +139,10 @@ public class SecuredIteratorTest {
@Deployment
public static WebArchive createDeployment() {
final PomEquippedResolveStage pom = Maven
.resolver()
.loadPomFromFile("pom.xml");
.resolver()
.loadPomFromFile("pom.xml");
final PomEquippedResolveStage dependencies = pom.
importCompileAndRuntimeDependencies();
importCompileAndRuntimeDependencies();
final File[] libs = dependencies.resolve().withTransitivity().asFile();
for (File lib : libs) {
@ -137,73 +151,66 @@ public class SecuredIteratorTest {
}
return ShrinkWrap
.create(WebArchive.class,
"LibreCCM-org.libreccm.security.SecuredIteratorTest.war")
.addPackage(User.class.getPackage())
.addPackage(CcmObject.class.getPackage())
.addPackage(Categorization.class.getPackage())
.addPackage(LocalizedString.class.getPackage())
.addPackage(CcmApplication.class.getPackage())
.addPackage(EntityManagerProducer.class.getPackage())
.addPackage(MimeTypeConverter.class.getPackage())
.addPackage(EqualsVerifier.class.getPackage())
.addPackage(IntegrationTest.class.getPackage())
.addPackage(KernelConfig.class.getPackage())
.addPackage(SecurityConfig.class.getPackage())
.addPackage(AbstractConfig.class.getPackage())
.addPackage(AbstractParameterContext.class.getPackage())
.addPackage(UncheckedWrapperException.class.getPackage())
.addPackage(CCMApplicationContextListener.class.getPackage())
.addPackage(XML.class.getPackage())
.addPackage(DateTimeFormatter.class.getPackage())
.addPackage(CdiUtil.class.getPackage())
.addAsLibraries(libs)
.addAsResource("test-persistence.xml",
"META-INF/persistence.xml")
.addAsResource("com/arsdigita/kernel/"
+ "KernelConfig_parameter.properties",
"com/arsdigita/kernel/"
+ "KernelConfig_parameter.properties")
.addAsResource("com/arsdigita/kernel/security/"
+ "SecurityConfig_parameter.properties",
"com/arsdigita/kernel/security/"
+ "SecurityConfig_parameter.properties")
.addAsWebInfResource(
"configs/org/libreccm/security/UserManagerTest/"
+ "registry.properties",
"conf/registry/registry.properties")
.addAsResource(
"configs/org/libreccm/security/UserManagerTest/ccm-core.config",
"ccm-core.config")
.addAsResource(
"configs/org/libreccm/security/ShiroTest/shiro.ini",
"shiro.ini")
.addAsResource(
"configs/org/libreccm/security/ShiroTest/log4j2.xml",
"log4j2.xml")
.addAsWebInfResource(
"configs/org/libreccm/security/ShiroTest/"
+ "kernel.properties",
"conf/registry/ccm-core/kernel.properties")
.addAsWebInfResource(
"configs/org/libreccm//security/ShiroTest/"
+ "security.properties",
"conf/registry/ccm-core/security.properties")
.addAsWebInfResource("test-web.xml", "web.xml")
.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
.create(WebArchive.class,
"LibreCCM-org.libreccm.security.SecuredIteratorTest.war").
addPackage(User.class.getPackage())
.addPackage(CcmObject.class.getPackage())
.addPackage(Categorization.class.getPackage())
.addPackage(LocalizedString.class.getPackage())
.addPackage(CcmApplication.class.getPackage())
.addPackage(EntityManagerProducer.class.getPackage())
.addPackage(MimeTypeConverter.class.getPackage())
.addPackage(EqualsVerifier.class.getPackage())
.addPackage(IntegrationTest.class.getPackage())
.addPackage(KernelConfig.class.getPackage())
.addPackage(SecurityConfig.class.getPackage())
.addPackage(AbstractConfig.class.getPackage())
.addPackage(AbstractParameterContext.class.getPackage())
.addPackage(UncheckedWrapperException.class.getPackage())
.addPackage(CCMApplicationContextListener.class.getPackage())
.addPackage(XML.class.getPackage())
.addPackage(DateTimeFormatter.class.getPackage())
.addPackage(CdiUtil.class.getPackage())
.addAsLibraries(libs)
.addAsResource("test-persistence.xml",
"META-INF/persistence.xml")
.addAsResource("com/arsdigita/kernel/"
+ "KernelConfig_parameter.properties",
"com/arsdigita/kernel/"
+ "KernelConfig_parameter.properties")
.addAsResource("com/arsdigita/kernel/security/"
+ "SecurityConfig_parameter.properties",
"com/arsdigita/kernel/security/"
+ "SecurityConfig_parameter.properties")
.addAsWebInfResource(
"configs/org/libreccm/security/UserManagerTest/"
+ "registry.properties",
"conf/registry/registry.properties")
.addAsResource(
"configs/org/libreccm/security/UserManagerTest/ccm-core.config",
"ccm-core.config")
.addAsResource(
"configs/org/libreccm/security/ShiroTest/shiro.ini",
"shiro.ini")
.addAsResource(
"configs/org/libreccm/security/ShiroTest/log4j2.xml",
"log4j2.xml")
.addAsWebInfResource(
"configs/org/libreccm/security/ShiroTest/"
+ "kernel.properties",
"conf/registry/ccm-core/kernel.properties")
.addAsWebInfResource(
"configs/org/libreccm//security/ShiroTest/"
+ "security.properties",
"conf/registry/ccm-core/security.properties")
.addAsWebInfResource("test-web.xml", "web.xml")
.addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
}
@Test
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(100)
public void checkSecuredIteratorJdoe() {
final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege1");
final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege2");
final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege3");
final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
"foo123");
token.setRememberMe(true);
@ -239,13 +246,6 @@ public class SecuredIteratorTest {
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(200)
public void checkSecuredIteratorMmuster() {
final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege1");
final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege2");
final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege3");
final UsernamePasswordToken token = new UsernamePasswordToken("mmuster",
"foo123");
token.setRememberMe(true);
@ -280,13 +280,6 @@ public class SecuredIteratorTest {
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(300)
public void checkSecuredIteratorPublicUser() {
final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege1");
final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege2");
final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege3");
final List<CcmObject> list1 = new ArrayList<>();
while (iterator1.hasNext()) {
list1.add(iterator1.next());
@ -316,13 +309,6 @@ public class SecuredIteratorTest {
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
@InSequence(400)
public void checkSecuredIteratorSystemUser() {
final SecuredIterator<CcmObject> iterator1 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege1");
final SecuredIterator<CcmObject> iterator2 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege2");
final SecuredIterator<CcmObject> iterator3 = new SecuredIterator<>(
list.iterator(), CcmObject.class, "privilege3");
shiro.getSystemUser().execute(new Callable<Boolean>() {
@Override