This project has retired. For details please refer to its Attic page.
AbstractRbacManagerTestCase xref
View Javadoc

1   package org.apache.archiva.redback.tests;
2   
3   /*
4    * Copyright 2001-2006 The Apache Software Foundation.
5    *
6    * Licensed under the Apache License, Version 2.0 (the "License");
7    * you may not use this file except in compliance with the License.
8    * You may obtain a copy of the License at
9    *
10   *      http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing, software
13   * distributed under the License is distributed on an "AS IS" BASIS,
14   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15   * See the License for the specific language governing permissions and
16   * limitations under the License.
17   */
18  
19  import org.fest.assertions.Assertions;
20  import junit.framework.TestCase;
21  import org.apache.archiva.redback.rbac.Operation;
22  import org.apache.archiva.redback.rbac.RBACManager;
23  import org.apache.archiva.redback.rbac.RbacManagerException;
24  import org.apache.archiva.redback.rbac.Resource;
25  import org.apache.archiva.redback.rbac.Role;
26  import org.apache.archiva.redback.rbac.UserAssignment;
27  import org.apache.archiva.redback.rbac.Permission;
28  import org.apache.archiva.redback.rbac.RbacPermanentException;
29  import org.apache.archiva.redback.tests.utils.RBACDefaults;
30  import org.junit.Test;
31  import org.junit.runner.RunWith;
32  import org.slf4j.Logger;
33  import org.slf4j.LoggerFactory;
34  import org.springframework.test.context.ContextConfiguration;
35  import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
36  
37  import java.util.Collection;
38  import java.util.Collections;
39  import java.util.List;
40  import java.util.Set;
41  
42  import org.springframework.test.annotation.DirtiesContext;
43  
44  /**
45   * AbstractRbacManagerTestCase
46   *
47   * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
48   */
49  @RunWith( SpringJUnit4ClassRunner.class )
50  @ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
51  public abstract class AbstractRbacManagerTestCase
52      extends TestCase
53  {
54      private RBACManager rbacManager;
55  
56      protected RbacManagerEventTracker eventTracker;
57  
58      private RBACDefaults rbacDefaults;
59  
60      protected Logger log = LoggerFactory.getLogger( getClass() );
61  
62      public void setRbacManager( RBACManager store )
63      {
64          this.rbacManager = store;
65          if ( this.rbacManager != null )
66          {
67              this.eventTracker = new RbacManagerEventTracker();
68              this.rbacManager.addListener( eventTracker );
69          }
70          rbacDefaults = new RBACDefaults( rbacManager );
71      }
72  
73      public RBACManager getRbacManager()
74      {
75          return this.rbacManager;
76      }
77  
78      public void setUp()
79          throws Exception
80      {
81          super.setUp();
82      }
83  
84      public void tearDown()
85          throws Exception
86      {
87          super.tearDown();
88      }
89  
90      private Role getAdminRole()
91          throws RbacManagerException
92      {
93          Role role = rbacManager.createRole( "ADMIN" );
94          role.setAssignable( false );
95  
96          Permission perm = rbacManager.createPermission( "EDIT_ANY_USER", "EDIT", "User:*" );
97  
98          role.addPermission( perm );
99  
100         return role;
101     }
102 
103     private Role getDeveloperRole()
104         throws RbacManagerException
105     {
106         Role role = rbacManager.createRole( "DEVELOPER" );
107         role.setAssignable( true );
108 
109         Permission perm = rbacManager.createPermission( "EDIT_MY_USER", "EDIT", "User:Self" );
110 
111         role.addPermission( perm );
112 
113         return role;
114     }
115 
116     private Role getProjectAdminRole()
117         throws RbacManagerException
118     {
119         Role role = rbacManager.createRole( "PROJECT_ADMIN" );
120         role.setAssignable( true );
121 
122         Permission perm = rbacManager.createPermission( "EDIT_PROJECT", "EDIT", "Project:Foo" );
123 
124         role.addPermission( perm );
125 
126         return role;
127     }
128 
129     private Role getSuperDeveloperRole()
130     {
131         Role role = rbacManager.createRole( "SUPER_DEVELOPER" );
132         role.setAssignable( true );
133 
134         return role;
135     }
136 
137     public abstract void assertEventCount();
138 
139     private void assertEventTracker( int addedRoleNameCount, int removedRoleNameCount, int addedPermissionNames,
140                                      int removedPermissionNames, boolean freshness, boolean eventCount )
141     {
142         assertNotNull( eventTracker );
143         if ( eventCount )
144         {
145             assertEventCount();
146         }
147         assertEquals( addedRoleNameCount, eventTracker.addedRoleNames.size() );
148         assertEquals( removedRoleNameCount, eventTracker.removedRoleNames.size() );
149         assertEquals( addedPermissionNames, eventTracker.addedPermissionNames.size() );
150         assertEquals( removedPermissionNames, eventTracker.removedPermissionNames.size() );
151         if ( freshness )
152         {
153             assertTrue( eventTracker.lastDbFreshness.booleanValue() );
154         }
155     }
156 
157     @Test
158     public void testStoreInitialization()
159         throws Exception
160     {
161         assertNotNull( rbacManager );
162 
163         Role role = getAdminRole();
164 
165         assertNotNull( role );
166 
167         Role added = rbacManager.saveRole( role );
168 
169         assertEquals( 1, rbacManager.getAllRoles().size() );
170 
171         assertNotNull( added );
172 
173         rbacManager.removeRole( added );
174 
175         assertEquals( 0, rbacManager.getAllRoles().size() );
176 
177         /* Assert some event tracker stuff */
178         assertEventTracker( 1, 1, 1, 0, false, false );
179         //assertTrue( eventTracker.lastDbFreshness.booleanValue() );
180 
181     }
182 
183     @Test
184     public void testResources()
185         throws Exception
186     {
187         assertNotNull( rbacManager );
188 
189         rbacManager.eraseDatabase();
190         eventTracker.rbacInit( true );
191 
192         Resource resource = rbacManager.createResource( "foo" );
193         Resource resource2 = rbacManager.createResource( "bar" );
194 
195         assertNotNull( resource );
196 
197         Resource added = rbacManager.saveResource( resource );
198         assertNotNull( added );
199         Resource added2 = rbacManager.saveResource( resource2 );
200         assertNotNull( added2 );
201 
202         assertEquals( 2, rbacManager.getAllResources().size() );
203 
204         rbacManager.removeResource( added );
205 
206         assertEquals( 1, rbacManager.getAllResources().size() );
207 
208         /* Assert some event tracker stuff */
209         assertEventTracker( 0, 0, 0, 0, true, true );
210 
211     }
212 
213     @Test
214     public void testAddGetPermission()
215         throws RbacManagerException
216     {
217         assertNotNull( rbacManager );
218 
219         rbacManager.eraseDatabase();
220         eventTracker.rbacInit( true );
221 
222         Role adminRole = rbacManager.saveRole( getAdminRole() );
223         rbacManager.saveRole( getDeveloperRole() );
224 
225         assertEquals( 2, rbacManager.getAllRoles().size() );
226         assertEquals( 2, rbacManager.getAllPermissions().size() );
227 
228         Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
229 
230         // perm shouldn't exist in manager (yet)
231         assertEquals( 2, rbacManager.getAllPermissions().size() );
232 
233         adminRole.addPermission( createUserPerm );
234         rbacManager.saveRole( adminRole );
235 
236         // perm should exist in manager now.
237         assertEquals( 3, rbacManager.getAllPermissions().size() );
238         Permission fetched = rbacManager.getPermission( "CREATE_USER" );
239         assertNotNull( fetched );
240 
241         /* Assert some event tracker stuff */
242         assertEventTracker( 2, 0, 3, 0, true, true );
243 
244     }
245 
246     @Test
247     public void testAddGetRole()
248         throws RbacManagerException
249     {
250         assertNotNull( rbacManager );
251 
252         rbacManager.eraseDatabase();
253         eventTracker.rbacInit( true );
254 
255         Role adminRole = rbacManager.saveRole( getAdminRole() );
256         Role develRole = rbacManager.saveRole( getDeveloperRole() );
257 
258         assertEquals( 2, rbacManager.getAllRoles().size() );
259 
260         Role actualAdmin = rbacManager.getRole( adminRole.getName() );
261         Role actualDevel = rbacManager.getRole( develRole.getName() );
262 
263         assertEquals( adminRole.getName(), actualAdmin.getName() );
264         assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
265         assertEquals( develRole, actualDevel );
266 
267         /* Assert some event tracker stuff */
268         assertEventTracker( 2, 0, 2, 0, true, true );
269     }
270 
271     @Test
272     public void testAllowRoleWithoutPermissions()
273         throws RbacManagerException
274     {
275         assertNotNull( rbacManager );
276 
277         rbacManager.eraseDatabase();
278         eventTracker.rbacInit( true );
279 
280         String rolename = "Test Role";
281 
282         Role testRole = rbacManager.createRole( rolename );
283         testRole = rbacManager.saveRole( testRole );
284 
285         assertNotNull( testRole );
286         assertEquals( 1, rbacManager.getAllRoles().size() );
287         assertEquals( 0, rbacManager.getAllPermissions().size() );
288 
289         Role actualRole = rbacManager.getRole( rolename );
290 
291         assertEquals( testRole.getName(), actualRole.getName() );
292         assertEquals( testRole.getChildRoleNames(), actualRole.getChildRoleNames() );
293         assertEquals( 1, rbacManager.getAllRoles().size() );
294         assertEquals( 0, rbacManager.getAllPermissions().size() );
295 
296         /* Assert some event tracker stuff */
297         assertEventTracker( 1, 0, 0, 0, true, true );
298     }
299 
300     /**
301      * ldap doesn't support child roles
302      *
303      * @return
304      */
305     protected boolean supportChildRole()
306     {
307         return true;
308     }
309 
310     @Test
311     public void testAddGetChildRole()
312         throws RbacManagerException
313     {
314         if ( !supportChildRole() )
315         {
316             log.info( "child role feature not supported by the RBACManager impl: {}",
317                       rbacManager.getClass().getName() );
318             return;
319         }
320         RBACManager manager = rbacManager;
321         assertNotNull( manager );
322 
323         rbacManager.eraseDatabase();
324         eventTracker.rbacInit( true );
325 
326         Role adminRole = manager.saveRole( getAdminRole() );
327         Role develRole = manager.saveRole( getDeveloperRole() );
328 
329         assertEquals( 2, manager.getAllRoles().size() );
330 
331         Role actualAdmin = manager.getRole( adminRole.getName() );
332         Role actualDevel = manager.getRole( develRole.getName() );
333 
334         assertEquals( adminRole.getName(), actualAdmin.getName() );
335         assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
336         assertEquals( develRole, actualDevel );
337 
338         // Now add a child role.
339         manager.addChildRole( develRole, getProjectAdminRole() );
340 
341         manager.saveRole( develRole );
342 
343         assertEquals( 3, manager.getAllRoles().size() );
344 
345         /* Assert some event tracker stuff */
346         assertEventTracker( 3, 0, 3, 0, true, true );
347     }
348 
349     @Test
350     public void testAddGetChildRoleViaName()
351         throws RbacManagerException
352     {
353         RBACManager manager = rbacManager;
354         rbacManager.eraseDatabase();
355         eventTracker.rbacInit( true );
356         assertNotNull( manager );
357 
358         Role adminRole = manager.saveRole( getAdminRole() );
359         Role develRole = manager.saveRole( getDeveloperRole() );
360 
361         assertEquals( 2, manager.getAllRoles().size() );
362 
363         Role actualAdmin = manager.getRole( adminRole.getName() );
364         Role actualDevel = manager.getRole( develRole.getName() );
365 
366         assertEquals( adminRole.getName(), actualAdmin.getName() );
367         assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
368         assertEquals( develRole, actualDevel );
369 
370         // Now do a child role.
371         Role projectRole = getProjectAdminRole();
372         String projectRoleName = projectRole.getName();
373         manager.saveRole( projectRole );
374 
375         develRole.addChildRoleName( projectRoleName );
376 
377         manager.saveRole( develRole );
378 
379         assertEquals( 3, manager.getAllRoles().size() );
380 
381         /* Assert some event tracker stuff */
382         assertEventTracker( 3, 0, 3, 0, true, true );
383     }
384 
385     @Test
386     public void testUserAssignmentAddRole()
387         throws RbacManagerException
388     {
389         RBACManager manager = rbacManager;
390 
391         rbacManager.eraseDatabase();
392         eventTracker.rbacInit( true );
393 
394         Role adminRole = manager.saveRole( getAdminRole() );
395 
396         assertEquals( 1, manager.getAllRoles().size() );
397 
398         String adminPrincipal = "admin";
399 
400         UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
401 
402         assignment.addRoleName( adminRole );
403 
404         manager.saveUserAssignment( assignment );
405 
406         assertEquals( 1, manager.getAllUserAssignments().size() );
407         assertEquals( 1, manager.getAllRoles().size() );
408 
409         UserAssignment ua = manager.getUserAssignment( adminPrincipal );
410         assertNotNull( ua );
411 
412         Role fetched = manager.getRole( "ADMIN" );
413         assertNotNull( fetched );
414 
415         /* Assert some event tracker stuff */
416         assertEventTracker( 1, 0, 1, 0, true, true );
417     }
418 
419     @Test
420     public void testUserAssignmentWithChildRoles()
421         throws RbacManagerException
422     {
423         RBACManager manager = rbacManager;
424         rbacManager.eraseDatabase();
425         Role developerRole = manager.saveRole( getDeveloperRole() );
426 
427         Role adminRole = getAdminRole();
428 
429         adminRole.addChildRoleName( developerRole.getName() );
430 
431         adminRole = manager.saveRole( adminRole );
432 
433         // don't use admin as ldap group need at least one member
434         String adminPrincipal = "theadmin";
435         UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
436         assignment.addRoleName( adminRole );
437         assignment = manager.saveUserAssignment( assignment );
438 
439         assertEquals( 1, assignment.getRoleNames().size() );
440         assertEquals( 1, manager.getAssignedRoles( adminPrincipal ).size() );
441     }
442 
443     @Test
444     public void testGetAssignedPermissionsNoChildRoles()
445         throws RbacManagerException
446     {
447         RBACManager manager = rbacManager;
448 
449         rbacManager.eraseDatabase();
450         eventTracker.rbacInit( true );
451 
452         Role admin = getAdminRole();
453 
454         admin = manager.saveRole( admin );
455 
456         assertEquals( 1, manager.getAllRoles().size() );
457 
458         String adminPrincipal = "admin";
459 
460         UserAssignment ua = manager.createUserAssignment( adminPrincipal );
461 
462         ua.addRoleName( admin );
463 
464         manager.saveUserAssignment( ua );
465 
466         assertEquals( 1, manager.getAllUserAssignments().size() );
467 
468         Set<Permission> assignedPermissions = manager.getAssignedPermissions( adminPrincipal );
469 
470         Assertions.assertThat( assignedPermissions ).isNotNull().isNotEmpty().hasSize( 1 );
471 
472         /* Assert some event tracker stuff */
473         assertEventTracker( 1, 0, 1, 0, true, true );
474     }
475 
476     @Test
477     public void testGlobalResource()
478         throws RbacManagerException
479     {
480         RBACManager manager = rbacManager;
481         rbacManager.eraseDatabase();
482         eventTracker.rbacInit( true );
483         Permission editConfiguration = manager.createPermission( "Edit Configuration" );
484         editConfiguration.setOperation( manager.createOperation( "edit-configuration" ) );
485         editConfiguration.setResource( manager.getGlobalResource() );
486         manager.savePermission( editConfiguration );
487 
488         assertEquals( 1, manager.getAllPermissions().size() );
489         assertEquals( 1, manager.getAllOperations().size() );
490         assertEquals( 1, manager.getAllResources().size() );
491 
492         Permission deleteConfiguration = manager.createPermission( "Delete Configuration" );
493         deleteConfiguration.setOperation( manager.createOperation( "delete-configuration" ) );
494         deleteConfiguration.setResource( manager.getGlobalResource() );
495         manager.savePermission( deleteConfiguration );
496 
497         assertEquals( 2, manager.getAllPermissions().size() );
498         assertEquals( 2, manager.getAllOperations().size() );
499         assertEquals( 1, manager.getAllResources().size() );
500 
501         /* Assert some event tracker stuff */
502         assertEventTracker( 0, 0, 2, 0, true, true );
503     }
504 
505     @Test
506     public void testGlobalResourceOneLiner()
507         throws RbacManagerException
508     {
509         RBACManager manager = rbacManager;
510         rbacManager.eraseDatabase();
511         eventTracker.rbacInit( true );
512         manager.savePermission(
513             manager.createPermission( "Edit Configuration", "edit-configuration", Resource.GLOBAL ) );
514         manager.savePermission(
515             manager.createPermission( "Delete Configuration", "delete-configuration", Resource.GLOBAL ) );
516 
517         /* Assert some event tracker stuff */
518         assertEventTracker( 0, 0, 2, 0, true, true );
519     }
520 
521     @Test
522     public void testUserAssignmentAddRemoveSecondRole()
523         throws RbacManagerException
524     {
525         RBACManager manager = rbacManager;
526 
527         rbacManager.eraseDatabase();
528         eventTracker.rbacInit( true );
529 
530         Role developerRole = getDeveloperRole();
531         manager.saveRole( developerRole );
532 
533         // Setup User / Assignment with 1 role.
534         String username = "bob";
535         UserAssignment assignment = manager.createUserAssignment( username );
536         assignment.addRoleName( developerRole );
537         manager.saveUserAssignment( assignment );
538 
539         assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
540         assertEquals( 1, manager.getAllRoles().size() );
541 
542         // Create another role add it to manager.
543         Role projectAdmin = getProjectAdminRole();
544         String projectAdminRoleName = projectAdmin.getName();
545         manager.saveRole( projectAdmin );
546 
547         // Get User Assignment, add a second role
548         UserAssignment bob = manager.getUserAssignment( username );
549         bob.addRoleName( projectAdminRoleName );
550         bob = manager.saveUserAssignment( bob );
551 
552         assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
553         assertEquals( 2, manager.getAllRoles().size() );
554         assertEquals( 2, bob.getRoleNames().size() );
555         assertEquals( 0, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
556 
557         List<String> roles = bob.getRoleNames();
558         assertEquals( 2, roles.size() );
559 
560         // Remove 1 role from bob, end up with 1 role for bob.
561         roles.remove( projectAdminRoleName );
562         assertEquals( 1, roles.size() );
563         bob.setRoleNames( roles );
564         bob = manager.saveUserAssignment( bob );
565         assertEquals( "Should only have 1 role under bob now.", 1, bob.getRoleNames().size() );
566         assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
567         assertEquals( "Should have 1 assignable role", 1, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
568 
569         // Fetch bob again. see if role is missing.
570         UserAssignment cousin = manager.getUserAssignment( username );
571         assertEquals( 1, cousin.getRoleNames().size() );
572 
573         assertEquals( "Should only have 1 role under bob now.", 1, cousin.getRoleNames().size() );
574         assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
575 
576         // remove the last role
577         roles.remove( developerRole.getName() );
578         bob.setRoleNames( roles );
579         bob = manager.saveUserAssignment( bob );
580         assertEquals( "Should have 2 assignable roles.", 2, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
581 
582         /* Assert some event tracker stuff */
583         assertEventTracker( 2, 0, 2, 0, true, true );
584 
585     }
586 
587     @Test
588     public void testUserAssignmentMultipleRoles()
589         throws RbacManagerException
590     {
591         RBACManager manager = rbacManager;
592 
593         rbacManager.eraseDatabase();
594         eventTracker.rbacInit( true );
595 
596         Role devRole = getDeveloperRole();
597         manager.saveRole( devRole );
598 
599         // Setup User / Assignment with 1 role.
600         String username = "bob";
601         UserAssignment assignment = manager.createUserAssignment( username );
602         assignment.addRoleName( devRole );
603         assignment = manager.saveUserAssignment( assignment );
604 
605         assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
606         assertEquals( 1, manager.getAllRoles().size() );
607 
608         // assign the same role again to the same user
609         assignment.addRoleName( devRole.getName() );
610         manager.saveUserAssignment( assignment );
611 
612         // we certainly shouldn't have 2 roles here now
613         assertEquals( 1, assignment.getRoleNames().size() );
614 
615         /* Assert some event tracker stuff */
616         assertEventTracker( 1, 0, 1, 0, true, true );
617 
618     }
619 
620     @Test
621     public void testUserAssignmentMultipleRolesWithChildRoles()
622         throws RbacManagerException
623     {
624         RBACManager manager = rbacManager;
625 
626         rbacManager.eraseDatabase();
627         eventTracker.rbacInit( true );
628 
629         Role devRole = getDeveloperRole();
630         Role devPlusRole = getSuperDeveloperRole();
631         devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
632         manager.saveRole( devRole );
633         manager.saveRole( devPlusRole );
634 
635         // Setup User / Assignment with 1 role.
636         String username = "bob";
637         UserAssignment assignment = manager.createUserAssignment( username );
638         assignment.addRoleName( devRole );
639         assignment = manager.saveUserAssignment( assignment );
640 
641         assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
642         assertEquals( "should be only one role assigned", 1,
643                       manager.getAssignedRoles( assignment.getPrincipal() ).size() );
644         assertEquals( "should be one role left to assign", 1,
645                       manager.getUnassignedRoles( assignment.getPrincipal() ).size() );
646         assertEquals( 2, manager.getAllRoles().size() );
647 
648         // assign the same role again to the same user
649         assignment.addRoleName( devRole.getName() );
650         manager.saveUserAssignment( assignment );
651 
652         // we certainly shouldn't have 2 roles here now
653         assertEquals( 1, assignment.getRoleNames().size() );
654 
655         /* Assert some event tracker stuff */
656         assertEventTracker( 2, 0, 1, 0, true, true );
657     }
658 
659     @Test
660     public void testGetAssignedRoles()
661         throws RbacManagerException
662     {
663         RBACManager manager = rbacManager;
664         rbacManager.eraseDatabase();
665 
666         Role adminRole = manager.saveRole( getAdminRole() );
667         Role projectAdminRole = manager.saveRole( getProjectAdminRole() );
668         Role developerRole = manager.saveRole( getDeveloperRole() );
669 
670         // Setup 3 roles.
671         assertEquals( 3, manager.getAllRoles().size() );
672 
673         // Setup User / Assignment with 3 roles.
674         String username = "bob";
675 
676         UserAssignment assignment = manager.createUserAssignment( username );
677         assignment.addRoleName( developerRole.getName() );
678         assignment.addRoleName( projectAdminRole.getName() );
679         assignment.addRoleName( adminRole.getName() );
680         assignment = manager.saveUserAssignment( assignment );
681 
682         Assertions.assertThat( assignment.getRoleNames() ).isNotNull().isNotEmpty().hasSize( 3 );
683         Assertions.assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize(
684             incAssignements( 1 ) );
685 
686         Assertions.assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
687 
688         afterSetup();
689 
690         // Get the List of Assigned Roles for user bob.
691         Collection<Role> assignedRoles = manager.getAssignedRoles( username );
692 
693         Assertions.assertThat( assignedRoles ).isNotNull().isNotEmpty().hasSize( 3 );
694     }
695 
696     /**
697      * getAllUserAssignments() can return more for ldap as when creating a group
698      * it's mandatory to have at leat 1 user in the group
699      *
700      * @param size
701      * @return
702      */
703     protected int incAssignements( int size )
704     {
705         return size;
706     }
707 
708     @Test
709     public void testGetAssignedPermissions()
710         throws RbacManagerException
711     {
712         RBACManager manager = rbacManager;
713         rbacManager.eraseDatabase();
714         // Setup 3 roles.
715         manager.saveRole( getAdminRole() );
716         manager.saveRole( getProjectAdminRole() );
717         Role added = manager.saveRole( getDeveloperRole() );
718         String roleName = added.getName();
719 
720         Assertions.assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
721         Assertions.assertThat( manager.getAllPermissions() ).isNotNull().isNotEmpty().hasSize( 3 );
722 
723         // Setup User / Assignment with 1 role.
724         String username = "bob";
725 
726         UserAssignment assignment = manager.createUserAssignment( username );
727         assignment.addRoleName( roleName );
728         manager.saveUserAssignment( assignment );
729 
730         Assertions.assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize(
731             incAssignements( 1 ) );
732         Assertions.assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
733         Assertions.assertThat( manager.getAllPermissions() ).isNotNull().isNotEmpty().hasSize( 3 );
734 
735         // Get the List of Assigned Roles for user bob.
736         Collection<Permission> assignedPermissions = manager.getAssignedPermissions( username );
737 
738         Assertions.assertThat( assignedPermissions ).isNotNull().isNotEmpty().hasSize( 1 );
739     }
740 
741     public Role getChildRole( RBACManager manager, Role role, String expectedChildRoleName, int childRoleCount )
742         throws RbacManagerException
743     {
744         assertTrue( role.hasChildRoles() );
745         List<String> childNames = role.getChildRoleNames();
746         assertNotNull( childNames );
747         assertEquals( 1, childNames.size() );
748         String childName = (String) childNames.get( 0 );
749         assertNotNull( childName );
750         Role childRole = manager.getRole( childName );
751         assertNotNull( childRole );
752         assertEquals( expectedChildRoleName, childRole.getName() );
753 
754         return childRole;
755     }
756 
757     @Test
758     public void testAddRemovePermanentRole()
759         throws RbacManagerException
760     {
761         assertNotNull( rbacManager );
762         rbacManager.eraseDatabase();
763         eventTracker.rbacInit( true );
764 
765         Role adminRole = getAdminRole();
766         adminRole.setPermanent( true );
767 
768         adminRole = rbacManager.saveRole( adminRole );
769         Role develRole = rbacManager.saveRole( getDeveloperRole() );
770 
771         assertEquals( 2, rbacManager.getAllRoles().size() );
772 
773         Role actualAdmin = rbacManager.getRole( adminRole.getName() );
774         Role actualDevel = rbacManager.getRole( develRole.getName() );
775 
776         assertEquals( adminRole.getName(), actualAdmin.getName() );
777         assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
778         assertEquals( develRole, actualDevel );
779 
780         // Attempt to remove perm now.
781         try
782         {
783             // Use role name technique first.
784             rbacManager.removeRole( adminRole.getName() );
785         }
786         catch ( RbacPermanentException e )
787         {
788             // expected path.
789         }
790 
791         try
792         {
793             // Use role object technique next.
794             rbacManager.removeRole( adminRole );
795         }
796         catch ( RbacPermanentException e )
797         {
798             // expected path.
799         }
800 
801         /* Assert some event tracker stuff */
802         assertEventTracker( 2, 0, 2, 0, true, true );
803 
804     }
805 
806     @Test
807     public void testGetRolesDeep()
808         throws RbacManagerException
809     {
810         rbacManager.eraseDatabase();
811         rbacDefaults.createDefaults();
812 
813         // Setup User / Assignment with 1 role.
814         String username = "bob";
815 
816         UserAssignment assignment = rbacManager.createUserAssignment( username );
817         assignment.addRoleName( "Developer" );
818         rbacManager.saveUserAssignment( assignment );
819 
820         assertEquals( incAssignements( 1 ), rbacManager.getAllUserAssignments().size() );
821         assertEquals( 4, rbacManager.getAllRoles().size() );
822         assertEquals( 6, rbacManager.getAllPermissions().size() );
823 
824         // Get the List of Assigned Roles for user bob.
825         Role devel = rbacManager.getRole( "Developer" );
826         assertNotNull( devel );
827 
828         // First Depth.
829         Role trusted = getChildRole( rbacManager, devel, "Trusted Developer", 1 );
830 
831         // Second Depth.
832         Role sysAdmin = getChildRole( rbacManager, trusted, "System Administrator", 1 );
833 
834         // Third Depth.
835         getChildRole( rbacManager, sysAdmin, "User Administrator", 1 );
836     }
837 
838     @Test
839     public void testGetAssignedPermissionsDeep()
840         throws RbacManagerException
841     {
842         assertNotNull( rbacManager );
843         rbacDefaults.createDefaults();
844 
845         // Setup User / Assignment with 1 role.
846         String username = "bob";
847 
848         UserAssignment assignment = rbacManager.createUserAssignment( username );
849         assignment.addRoleName( "Developer" );
850         rbacManager.saveUserAssignment( assignment );
851 
852         assertEquals( incAssignements( 1 ), rbacManager.getAllUserAssignments().size() );
853         assertEquals( 6, rbacManager.getAllPermissions().size() );
854         assertEquals( 4, rbacManager.getAllRoles().size() );
855 
856         afterSetup();
857 
858         // Get the List of Assigned Roles for user bob.
859         Collection<Permission> assignedPermissions = rbacManager.getAssignedPermissions( username );
860 
861         assertNotNull( assignedPermissions );
862         assertEquals( 6, assignedPermissions.size() );
863     }
864 
865     @Test
866     public void testLargeApplicationInit()
867         throws RbacManagerException
868     {
869         assertNotNull( rbacManager );
870         rbacManager.eraseDatabase();
871         rbacDefaults.createDefaults();
872         assertEquals( 6, rbacManager.getAllPermissions().size() );
873         assertEquals( 11, rbacManager.getAllOperations().size() );
874         assertEquals( 4, rbacManager.getAllRoles().size() );
875     }
876 
877     @Test
878     public void testAddRemovePermanentPermission()
879         throws RbacManagerException
880     {
881         assertNotNull( rbacManager );
882 
883         rbacManager.eraseDatabase();
884         eventTracker.rbacInit( true );
885 
886         Role adminRole = rbacManager.saveRole( getAdminRole() );
887         rbacManager.saveRole( getDeveloperRole() );
888 
889         assertEquals( 2, rbacManager.getAllRoles().size() );
890         assertEquals( 2, rbacManager.getAllPermissions().size() );
891 
892         Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
893         createUserPerm.setPermanent( true );
894 
895         // perm shouldn't exist in manager (yet)
896         assertEquals( 2, rbacManager.getAllPermissions().size() );
897 
898         adminRole.addPermission( createUserPerm );
899         rbacManager.saveRole( adminRole );
900 
901         // perm should exist in manager now.
902         assertEquals( 3, rbacManager.getAllPermissions().size() );
903         Permission fetched = rbacManager.getPermission( "CREATE_USER" );
904         assertNotNull( fetched );
905 
906         // Attempt to remove perm now.
907         try
908         {
909             // Use permission name technique first.
910             rbacManager.removePermission( "CREATE_USER" );
911         }
912         catch ( RbacPermanentException e )
913         {
914             // expected path.
915         }
916 
917         try
918         {
919             // Use permission object technique next.
920             rbacManager.removePermission( fetched );
921         }
922         catch ( RbacPermanentException e )
923         {
924             // expected path.
925         }
926 
927         // Assert some event tracker stuff
928         assertEventTracker( 2, 0, 3, 0, true, true );
929 
930     }
931 
932     @Test
933     public void testAddRemovePermanentOperation()
934         throws RbacManagerException
935     {
936 
937         rbacManager.eraseDatabase();
938         eventTracker.rbacInit( true );
939         assertNotNull( rbacManager );
940 
941         Role adminRole = rbacManager.saveRole( getAdminRole() );
942         rbacManager.saveRole( getDeveloperRole() );
943 
944         assertEquals( 2, rbacManager.getAllRoles().size() );
945         assertEquals( 2, rbacManager.getAllPermissions().size() );
946 
947         Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
948         createUserPerm.getOperation().setPermanent( true );
949 
950         // perm shouldn't exist in manager (yet)
951         assertEquals( 2, rbacManager.getAllPermissions().size() );
952         assertEquals( 1, rbacManager.getAllOperations().size() );
953 
954         adminRole.addPermission( createUserPerm );
955         rbacManager.saveRole( adminRole );
956 
957         // perm should exist in manager now.
958         assertEquals( 2, rbacManager.getAllOperations().size() );
959         Operation fetched = rbacManager.getOperation( "CREATE" );
960         assertNotNull( fetched );
961 
962         // Attempt to remove operation now.
963         try
964         {
965             // Use operation name technique first.
966             rbacManager.removeOperation( "CREATE" );
967         }
968         catch ( RbacPermanentException e )
969         {
970             // expected path.
971         }
972 
973         try
974         {
975             // Use operation object technique next.
976             rbacManager.removeOperation( fetched );
977         }
978         catch ( RbacPermanentException e )
979         {
980             // expected path.
981         }
982 
983         // Assert some event tracker stuff
984         assertEventTracker( 2, 0, 3, 0, true, true );
985 
986     }
987 
988     @Test
989     public void testInitialize() throws Exception
990     {
991         rbacManager.initialize();
992     }
993 
994     /**
995      * Allows subclasses to hook code after a test case has finished it's setup
996      */
997     protected void afterSetup()
998     {
999         // do nothing
1000     }
1001 }