View Javadoc
1   /**
2    * Copyright 2014 Internet2
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  /*
17    Copyright (C) 2004-2007 University Corporation for Advanced Internet Development, Inc.
18    Copyright (C) 2004-2007 The University Of Chicago
19  
20    Licensed under the Apache License, Version 2.0 (the "License");
21    you may not use this file except in compliance with the License.
22    You may obtain a copy of the License at
23  
24      http://www.apache.org/licenses/LICENSE-2.0
25  
26    Unless required by applicable law or agreed to in writing, software
27    distributed under the License is distributed on an "AS IS" BASIS,
28    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29    See the License for the specific language governing permissions and
30    limitations under the License.
31  */
32  
33  package edu.internet2.middleware.grouper.membership;
34  import java.util.Date;
35  import java.util.Set;
36  
37  import junit.framework.Assert;
38  import junit.framework.TestCase;
39  
40  import org.apache.commons.logging.Log;
41  
42  import edu.internet2.middleware.grouper.Field;
43  import edu.internet2.middleware.grouper.FieldFinder;
44  import edu.internet2.middleware.grouper.Group;
45  import edu.internet2.middleware.grouper.Membership;
46  import edu.internet2.middleware.grouper.MembershipFinder;
47  import edu.internet2.middleware.grouper.Stem;
48  import edu.internet2.middleware.grouper.helper.DateHelper;
49  import edu.internet2.middleware.grouper.helper.GrouperTest;
50  import edu.internet2.middleware.grouper.helper.R;
51  import edu.internet2.middleware.grouper.helper.T;
52  import edu.internet2.middleware.grouper.misc.CompositeType;
53  import edu.internet2.middleware.grouper.privs.AccessPrivilege;
54  import edu.internet2.middleware.grouper.privs.NamingPrivilege;
55  import edu.internet2.middleware.grouper.registry.RegistryReset;
56  import edu.internet2.middleware.grouper.util.GrouperUtil;
57  import edu.internet2.middleware.subject.Subject;
58  
59  /**
60   * @author Shilen Patel.
61   */
62  public class TestMembership9 extends GrouperTest {
63  
64    private static final Log LOG = GrouperUtil.getLog(TestMembership9.class);
65  
66    Date before;
67    R       r;
68    Group   gA;
69    Group   gB;
70    Group   gC;
71    Group   gD;
72    Group   gE;
73    Group   gF;
74    Subject subjA;
75    Stem    nsA;
76  
77    Field fieldMembers;
78    Field fieldUpdaters;
79    Field fieldCreators;
80  
81    public TestMembership9(String name) {
82      super(name);
83    }
84  
85    public void testIntersectionComposite() {
86      LOG.info("testIntersectionComposite");
87      runCompositeMembershipChangeLogConsumer();
88  
89      try {
90        GrouperUtil.sleep(100);
91        before  = new Date();
92        GrouperUtil.sleep(100);
93  
94        r     = R.populateRegistry(2, 6, 1);
95        gA    = r.getGroup("a", "a");
96        gB    = r.getGroup("a", "b");
97        gC    = r.getGroup("a", "c");
98        gD    = r.getGroup("a", "d");
99        gE    = r.getGroup("a", "e");
100       gF    = r.getGroup("a", "f");
101       subjA = r.getSubject("a");
102       nsA   = r.getStem("a");
103 
104       fieldMembers = Group.getDefaultList();
105       fieldUpdaters = FieldFinder.find(Field.FIELD_NAME_UPDATERS, true);
106       fieldCreators = FieldFinder.find(Field.FIELD_NAME_CREATORS, true);
107 
108       Set<Membership> listMemberships;
109       Set<Membership> updateMemberships;
110       Set<Membership> createMemberships;
111 
112       // Test 1
113       gB.addMember(gD.toSubject());
114       gD.addMember(subjA);
115       gC.addMember(subjA);
116       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
117       gE.addMember(gA.toSubject());
118       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
119       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
120       runCompositeMembershipChangeLogConsumer();
121 
122       verifyMemberships();
123 
124       // clear out memberships
125       gB.deleteMember(gD.toSubject());
126       gD.deleteMember(subjA);
127       gC.deleteMember(subjA);
128       gA.deleteCompositeMember();
129       gE.deleteMember(gA.toSubject());
130       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
131       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
132       runCompositeMembershipChangeLogConsumer();
133 
134       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
135       T.amount("Number of list memberships", 0, listMemberships.size());
136 
137       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
138       T.amount("Number of update privileges", 0, updateMemberships.size());
139 
140       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
141       T.amount("Number of create privileges", 0, createMemberships.size());
142 
143       // Test 2
144       gD.addMember(subjA);
145       gC.addMember(subjA);
146       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
147       gE.addMember(gA.toSubject());
148       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
149       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
150       gB.addMember(gD.toSubject());
151       runCompositeMembershipChangeLogConsumer();
152 
153       verifyMemberships();
154 
155       // clear out memberships
156       gB.deleteMember(gD.toSubject());
157       gD.deleteMember(subjA);
158       gC.deleteMember(subjA);
159       gA.deleteCompositeMember();
160       gE.deleteMember(gA.toSubject());
161       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
162       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
163       runCompositeMembershipChangeLogConsumer();
164 
165       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
166       T.amount("Number of list memberships", 0, listMemberships.size());
167 
168       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
169       T.amount("Number of update privileges", 0, updateMemberships.size());
170 
171       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
172       T.amount("Number of create privileges", 0, createMemberships.size());
173 
174       // Test 3
175       gC.addMember(subjA);
176       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
177       gE.addMember(gA.toSubject());
178       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
179       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
180       gB.addMember(gD.toSubject());
181       gD.addMember(subjA);
182       runCompositeMembershipChangeLogConsumer();
183 
184       verifyMemberships();
185 
186       // clear out memberships
187       gB.deleteMember(gD.toSubject());
188       gD.deleteMember(subjA);
189       gC.deleteMember(subjA);
190       gA.deleteCompositeMember();
191       gE.deleteMember(gA.toSubject());
192       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
193       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
194       runCompositeMembershipChangeLogConsumer();
195 
196       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
197       T.amount("Number of list memberships", 0, listMemberships.size());
198 
199       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
200       T.amount("Number of update privileges", 0, updateMemberships.size());
201 
202       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
203       T.amount("Number of create privileges", 0, createMemberships.size());
204 
205       // Test 4
206       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
207       gE.addMember(gA.toSubject());
208       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
209       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
210       gB.addMember(gD.toSubject());
211       gD.addMember(subjA);
212       gC.addMember(subjA);
213       runCompositeMembershipChangeLogConsumer();
214 
215       verifyMemberships();
216 
217       // clear out memberships
218       gB.deleteMember(gD.toSubject());
219       gD.deleteMember(subjA);
220       gC.deleteMember(subjA);
221       gA.deleteCompositeMember();
222       gE.deleteMember(gA.toSubject());
223       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
224       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
225       runCompositeMembershipChangeLogConsumer();
226 
227       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
228       T.amount("Number of list memberships", 0, listMemberships.size());
229 
230       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
231       T.amount("Number of update privileges", 0, updateMemberships.size());
232 
233       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
234       T.amount("Number of create privileges", 0, createMemberships.size());
235 
236       // Test 5
237       gE.addMember(gA.toSubject());
238       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
239       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
240       gB.addMember(gD.toSubject());
241       gD.addMember(subjA);
242       gC.addMember(subjA);
243       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
244       runCompositeMembershipChangeLogConsumer();
245 
246       verifyMemberships();
247 
248       // clear out memberships
249       gB.deleteMember(gD.toSubject());
250       gD.deleteMember(subjA);
251       gC.deleteMember(subjA);
252       gA.deleteCompositeMember();
253       gE.deleteMember(gA.toSubject());
254       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
255       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
256       runCompositeMembershipChangeLogConsumer();
257 
258       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
259       T.amount("Number of list memberships", 0, listMemberships.size());
260 
261       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
262       T.amount("Number of update privileges", 0, updateMemberships.size());
263 
264       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
265       T.amount("Number of create privileges", 0, createMemberships.size());
266 
267       // Test 6
268       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
269       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
270       gB.addMember(gD.toSubject());
271       gD.addMember(subjA);
272       gC.addMember(subjA);
273       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
274       gE.addMember(gA.toSubject());
275       runCompositeMembershipChangeLogConsumer();
276 
277       verifyMemberships();
278 
279       // clear out memberships
280       gB.deleteMember(gD.toSubject());
281       gD.deleteMember(subjA);
282       gC.deleteMember(subjA);
283       gA.deleteCompositeMember();
284       gE.deleteMember(gA.toSubject());
285       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
286       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
287       runCompositeMembershipChangeLogConsumer();
288 
289       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
290       T.amount("Number of list memberships", 0, listMemberships.size());
291 
292       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
293       T.amount("Number of update privileges", 0, updateMemberships.size());
294 
295       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
296       T.amount("Number of create privileges", 0, createMemberships.size());
297 
298       // Test 7
299       nsA.grantPriv(gA.toSubject(), NamingPrivilege.CREATE);
300       gB.addMember(gD.toSubject());
301       gD.addMember(subjA);
302       gC.addMember(subjA);
303       gA.addCompositeMember(CompositeType.INTERSECTION, gB, gC);
304       gE.addMember(gA.toSubject());
305       gF.grantPriv(gA.toSubject(), AccessPrivilege.UPDATE);
306       runCompositeMembershipChangeLogConsumer();
307 
308       verifyMemberships();
309 
310       // clear out memberships
311       gB.deleteMember(gD.toSubject());
312       gD.deleteMember(subjA);
313       gC.deleteMember(subjA);
314       gA.deleteCompositeMember();
315       gE.deleteMember(gA.toSubject());
316       gF.revokePriv(gA.toSubject(), AccessPrivilege.UPDATE);
317       nsA.revokePriv(gA.toSubject(), NamingPrivilege.CREATE);
318       runCompositeMembershipChangeLogConsumer();
319 
320       listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
321       T.amount("Number of list memberships", 0, listMemberships.size());
322 
323       updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
324       T.amount("Number of update privileges", 0, updateMemberships.size());
325 
326       createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
327       T.amount("Number of create privileges", 0, createMemberships.size());
328 
329       r.rs.stop();
330     }
331     catch (Exception e) {
332       T.e(e);
333     }
334   }
335 
336 
337   public  void verifyMemberships() throws Exception {
338 
339     // gA should have one member only
340     T.amount("Verify number of memberships for gA", 1, gA.getCompositeMemberships().size());
341     Assert.assertTrue("Verify SA -> gA", gA.hasMember(subjA));
342 
343     // verify the total number of list memberships
344     Set<Membership> listMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldMembers);
345     T.amount("Number of list memberships", 7, listMemberships.size());
346 
347     // verify the total number of update privileges
348     Set<Membership> updateMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldUpdaters);
349     T.amount("Number of update privileges", 2, updateMemberships.size());
350 
351     // verify the total number of create privileges
352     Set<Membership> createMemberships = MembershipFinder.internal_findAllByCreatedAfter(r.rs, before, fieldCreators);
353     T.amount("Number of create privileges", 2, createMemberships.size());
354   }
355 
356 }
357