View Javadoc
1   /**
2    * Copyright 2014 Internet2
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  /*
17    Copyright (C) 2004-2007 University Corporation for Advanced Internet Development, Inc.
18    Copyright (C) 2004-2007 The University Of Chicago
19  
20    Licensed under the Apache License, Version 2.0 (the "License");
21    you may not use this file except in compliance with the License.
22    You may obtain a copy of the License at
23  
24      http://www.apache.org/licenses/LICENSE-2.0
25  
26    Unless required by applicable law or agreed to in writing, software
27    distributed under the License is distributed on an "AS IS" BASIS,
28    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29    See the License for the specific language governing permissions and
30    limitations under the License.
31  */
32  
33  package edu.internet2.middleware.grouper.membership;
34  import java.util.Date;
35  import java.util.Set;
36  
37  import junit.framework.Assert;
38  import junit.framework.TestCase;
39  
40  import org.apache.commons.logging.Log;
41  
42  import edu.internet2.middleware.grouper.Field;
43  import edu.internet2.middleware.grouper.FieldFinder;
44  import edu.internet2.middleware.grouper.Group;
45  import edu.internet2.middleware.grouper.Membership;
46  import edu.internet2.middleware.grouper.MembershipFinder;
47  import edu.internet2.middleware.grouper.Stem;
48  import edu.internet2.middleware.grouper.helper.DateHelper;
49  import edu.internet2.middleware.grouper.helper.GrouperTest;
50  import edu.internet2.middleware.grouper.helper.R;
51  import edu.internet2.middleware.grouper.helper.T;
52  import edu.internet2.middleware.grouper.misc.CompositeType;
53  import edu.internet2.middleware.grouper.privs.AccessPrivilege;
54  import edu.internet2.middleware.grouper.privs.NamingPrivilege;
55  import edu.internet2.middleware.grouper.registry.RegistryReset;
56  import edu.internet2.middleware.grouper.util.GrouperUtil;
57  import edu.internet2.middleware.subject.Subject;
58  
59  /**
60   * @author Shilen Patel.
61   */
62  public class TestMembership9 extends GrouperTest {
63  
64    private static final Log LOG = GrouperUtil.getLog(TestMembership9.class);
65  
66    Date before;
67    R       r;
68    Group   gA;
69    Group   gB;
70    Group   gC;
71    Group   gD;
72    Group   gE;
73    Group   gF;
74    Subject subjA;
75    Stem    nsA;
76  
77    Field fieldMembers;
78    Field fieldUpdaters;
79    Field fieldCreators;
80  
81    public TestMembership9(String name) {
82      super(name);
83    }
84  
85    public void testIntersectionComposite() {
86      LOG.info("testIntersectionComposite");
87      try {
88        GrouperUtil.sleep(100);
89        before  = new Date();
90        GrouperUtil.sleep(100);
91  
92        r     = R.populateRegistry(2, 6, 1);
93        gA    = r.getGroup("a", "a");
94        gB    = r.getGroup("a", "b");
95        gC    = r.getGroup("a", "c");
96        gD    = r.getGroup("a", "d");
97        gE    = r.getGroup("a", "e");
98        gF    = r.getGroup("a", "f");
99        subjA = r.getSubject("a");
100       nsA   = r.getStem("a");
101 
102       fieldMembers = Group.getDefaultList();
103       fieldUpdaters = FieldFinder.find(Field.FIELD_NAME_UPDATERS, true);
104       fieldCreators = FieldFinder.find(Field.FIELD_NAME_CREATORS, true);
105 
106       Set<Membership> listMemberships;
107       Set<Membership> updateMemberships;
108       Set<Membership> createMemberships;
109 
110       // Test 1
111       gB.addMember(gD.toSubject());
112       gD.addMember(subjA);
113       gC.addMember(subjA);
114       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
115       gE.addMember(gA.toSubject());
116       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
117       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
118 
119       verifyMemberships();
120 
121       // clear out memberships
122       gB.deleteMember(gD.toSubject());
123       gD.deleteMember(subjA);
124       gC.deleteMember(subjA);
125       gA.deleteCompositeMember();
126       gE.deleteMember(gA.toSubject());
127       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
128       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
129 
130       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
131       T.amount("Number of list memberships", 0, listMemberships.size());
132 
133       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
134       T.amount("Number of update privileges", 0, updateMemberships.size());
135 
136       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
137       T.amount("Number of create privileges", 0, createMemberships.size());
138 
139       // Test 2
140       gD.addMember(subjA);
141       gC.addMember(subjA);
142       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
143       gE.addMember(gA.toSubject());
144       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
145       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
146       gB.addMember(gD.toSubject());
147 
148       verifyMemberships();
149 
150       // clear out memberships
151       gB.deleteMember(gD.toSubject());
152       gD.deleteMember(subjA);
153       gC.deleteMember(subjA);
154       gA.deleteCompositeMember();
155       gE.deleteMember(gA.toSubject());
156       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
157       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
158 
159       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
160       T.amount("Number of list memberships", 0, listMemberships.size());
161 
162       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
163       T.amount("Number of update privileges", 0, updateMemberships.size());
164 
165       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
166       T.amount("Number of create privileges", 0, createMemberships.size());
167 
168       // Test 3
169       gC.addMember(subjA);
170       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
171       gE.addMember(gA.toSubject());
172       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
173       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
174       gB.addMember(gD.toSubject());
175       gD.addMember(subjA);
176 
177       verifyMemberships();
178 
179       // clear out memberships
180       gB.deleteMember(gD.toSubject());
181       gD.deleteMember(subjA);
182       gC.deleteMember(subjA);
183       gA.deleteCompositeMember();
184       gE.deleteMember(gA.toSubject());
185       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
186       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
187 
188       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
189       T.amount("Number of list memberships", 0, listMemberships.size());
190 
191       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
192       T.amount("Number of update privileges", 0, updateMemberships.size());
193 
194       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
195       T.amount("Number of create privileges", 0, createMemberships.size());
196 
197       // Test 4
198       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
199       gE.addMember(gA.toSubject());
200       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
201       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
202       gB.addMember(gD.toSubject());
203       gD.addMember(subjA);
204       gC.addMember(subjA);
205 
206       verifyMemberships();
207 
208       // clear out memberships
209       gB.deleteMember(gD.toSubject());
210       gD.deleteMember(subjA);
211       gC.deleteMember(subjA);
212       gA.deleteCompositeMember();
213       gE.deleteMember(gA.toSubject());
214       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
215       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
216 
217       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
218       T.amount("Number of list memberships", 0, listMemberships.size());
219 
220       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
221       T.amount("Number of update privileges", 0, updateMemberships.size());
222 
223       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
224       T.amount("Number of create privileges", 0, createMemberships.size());
225 
226       // Test 5
227       gE.addMember(gA.toSubject());
228       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
229       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
230       gB.addMember(gD.toSubject());
231       gD.addMember(subjA);
232       gC.addMember(subjA);
233       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
234 
235       verifyMemberships();
236 
237       // clear out memberships
238       gB.deleteMember(gD.toSubject());
239       gD.deleteMember(subjA);
240       gC.deleteMember(subjA);
241       gA.deleteCompositeMember();
242       gE.deleteMember(gA.toSubject());
243       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
244       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
245 
246       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
247       T.amount("Number of list memberships", 0, listMemberships.size());
248 
249       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
250       T.amount("Number of update privileges", 0, updateMemberships.size());
251 
252       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
253       T.amount("Number of create privileges", 0, createMemberships.size());
254 
255       // Test 6
256       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
257       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
258       gB.addMember(gD.toSubject());
259       gD.addMember(subjA);
260       gC.addMember(subjA);
261       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
262       gE.addMember(gA.toSubject());
263 
264       verifyMemberships();
265 
266       // clear out memberships
267       gB.deleteMember(gD.toSubject());
268       gD.deleteMember(subjA);
269       gC.deleteMember(subjA);
270       gA.deleteCompositeMember();
271       gE.deleteMember(gA.toSubject());
272       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
273       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
274 
275       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
276       T.amount("Number of list memberships", 0, listMemberships.size());
277 
278       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
279       T.amount("Number of update privileges", 0, updateMemberships.size());
280 
281       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
282       T.amount("Number of create privileges", 0, createMemberships.size());
283 
284       // Test 7
285       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
286       gB.addMember(gD.toSubject());
287       gD.addMember(subjA);
288       gC.addMember(subjA);
289       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
290       gE.addMember(gA.toSubject());
291       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
292 
293       verifyMemberships();
294 
295       // clear out memberships
296       gB.deleteMember(gD.toSubject());
297       gD.deleteMember(subjA);
298       gC.deleteMember(subjA);
299       gA.deleteCompositeMember();
300       gE.deleteMember(gA.toSubject());
301       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
302       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
303 
304       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
305       T.amount("Number of list memberships", 0, listMemberships.size());
306 
307       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
308       T.amount("Number of update privileges", 0, updateMemberships.size());
309 
310       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
311       T.amount("Number of create privileges", 0, createMemberships.size());
312 
313       r.rs.stop();
314     }
315     catch (Exception e) {
316       T.e(e);
317     }
318   }
319 
320 
321   public  void verifyMemberships() throws Exception {
322 
323     // gA should have one member only
324     T.amount("Verify number of memberships for gA", 1, gA.getCompositeMemberships().size());
325     Assert.assertTrue("Verify SA -> gA", gA.hasMember(subjA));
326 
327     // verify the total number of list memberships
328     Set<Membership> listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
329     T.amount("Number of list memberships", 7, listMemberships.size());
330 
331     // verify the total number of update privileges
332     Set<Membership> updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
333     T.amount("Number of update privileges", 2, updateMemberships.size());
334 
335     // verify the total number of create privileges
336     Set<Membership> createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
337     T.amount("Number of create privileges", 2, createMemberships.size());
338   }
339 
340 }
341