View Javadoc
1   /**
2    * Copyright 2014 Internet2
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *   http://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  /*
17    Copyright (C) 2004-2007 University Corporation for Advanced Internet Development, Inc.
18    Copyright (C) 2004-2007 The University Of Chicago
19  
20    Licensed under the Apache License, Version 2.0 (the "License");
21    you may not use this file except in compliance with the License.
22    You may obtain a copy of the License at
23  
24      http://www.apache.org/licenses/LICENSE-2.0
25  
26    Unless required by applicable law or agreed to in writing, software
27    distributed under the License is distributed on an "AS IS" BASIS,
28    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
29    See the License for the specific language governing permissions and
30    limitations under the License.
31  */
32  
33  package edu.internet2.middleware.grouper.privs;
34  import java.util.Iterator;
35  import java.util.Set;
36  
37  import junit.framework.Assert;
38  import junit.textui.TestRunner;
39  
40  import org.apache.commons.logging.Log;
41  
42  import edu.internet2.middleware.grouper.Group;
43  import edu.internet2.middleware.grouper.GrouperSession;
44  import edu.internet2.middleware.grouper.Member;
45  import edu.internet2.middleware.grouper.Stem;
46  import edu.internet2.middleware.grouper.SubjectFinder;
47  import edu.internet2.middleware.grouper.exception.GrouperSessionException;
48  import edu.internet2.middleware.grouper.helper.GroupHelper;
49  import edu.internet2.middleware.grouper.helper.GrouperTest;
50  import edu.internet2.middleware.grouper.helper.MemberHelper;
51  import edu.internet2.middleware.grouper.helper.MembershipTestHelper;
52  import edu.internet2.middleware.grouper.helper.PrivHelper;
53  import edu.internet2.middleware.grouper.helper.SessionHelper;
54  import edu.internet2.middleware.grouper.helper.StemHelper;
55  import edu.internet2.middleware.grouper.helper.SubjectTestHelper;
56  import edu.internet2.middleware.grouper.misc.GrouperSessionHandler;
57  import edu.internet2.middleware.grouper.registry.RegistryReset;
58  import edu.internet2.middleware.grouper.util.GrouperUtil;
59  import edu.internet2.middleware.subject.Subject;
60  
61  /**
62   * Test use of the VIEW {@link AccessPrivilege}.
63   * <p />
64   * @author  blair christensen.
65   * @version $Id: TestPrivVIEW.java,v 1.1 2009-03-20 19:56:41 mchyzer Exp $
66   */
67  public class TestPrivVIEW extends GrouperTest {
68  
69    // Private Class Constants
70    private static final Log LOG = GrouperUtil.getLog(TestPrivVIEW.class);
71  
72    // Private Class Variables
73    private static Stem           edu;
74    private static Group          i2;
75    private static Member         m;
76    private static GrouperSession nrs;
77    private static Stem           root;
78    private static GrouperSession s;
79    private static Subject        subj0;
80    private static Subject        subj1;
81    private static Group          uofc;
82  
83  
84    public TestPrivVIEW(String name) {
85      super(name);
86    }
87  
88    protected void setUp () {
89      LOG.debug("setUp");
90      super.setUp();
91      RegistryReset.internal_resetRegistryAndAddTestSubjects();
92      GrouperTest.initGroupsAndAttributes();
93  
94      nrs     = SessionHelper.getSession(SubjectTestHelper.SUBJ0_ID);
95      s       = SessionHelper.getRootSession();
96      root    = StemHelper.findRootStem(s);
97      edu     = StemHelper.addChildStem(root, "edu", "educational");
98      i2      = StemHelper.addChildGroup(edu, "i2", "internet2");
99      uofc    = StemHelper.addChildGroup(edu, "uofc", "uchicago");
100     subj0   = SubjectTestHelper.SUBJ0;
101     subj1   = SubjectTestHelper.SUBJ1;
102     m       = MemberHelper.getMemberBySubject(nrs, subj1);
103   }
104 
105   protected void tearDown () {
106     LOG.debug("tearDown");
107     super.tearDown();
108   }
109 
110   /**
111    * Method main.
112    * @param args String[]
113    * @throws Exception
114    */
115   public static void main(String[] args) throws Exception {
116     //TestRunner.run(new TestPrivVIEW("testGrantedToCreator"));
117     TestRunner.run(TestPrivVIEW.class);
118   }
119 
120   // Tests
121 
122   public void testFindGroupWithoutADMIN() { 
123     LOG.info("testFindGroupWithoutADMIN");
124     // ALL has VIEW 
125     GroupHelper.findByName(nrs, i2.getName());
126     GroupHelper.findByUuid(nrs, i2.getUuid());
127   } // public void testFindGroupWithoutADMIN()
128 
129   public void testFindGroupWithADMIN() {
130     LOG.info("testFindGroupWithADMIN");
131     PrivHelper.grantPriv(s, i2, nrs.getSubject(), AccessPrivilege.ADMIN);
132     GroupHelper.findByName(nrs, i2.getName());
133     GroupHelper.findByUuid(nrs, i2.getUuid());
134   } // public void testFindGroupWithADMIN()
135 
136   public void testFindGroupWithoutOPTIN() {
137     LOG.info("testFindGroupWithoutOPTIN");
138     // ALL has VIEW
139     GroupHelper.findByName(nrs, i2.getName());
140     GroupHelper.findByUuid(nrs, i2.getUuid());
141   } // public void testFindGroupWithoutOPTIN()
142 
143   public void testFindGroupWithOPTIN() {
144     LOG.info("testFindGroupWithOPTIN");
145     PrivHelper.grantPriv(s, i2, nrs.getSubject(), AccessPrivilege.OPTIN);
146     GroupHelper.findByName(nrs, i2.getName());
147     GroupHelper.findByUuid(nrs, i2.getUuid());
148   } // public void testFindGroupWithOPTIN()
149 
150   public void testFindGroupWithAllOPTIN() {
151     LOG.info("testFindGroupWithAllOPTIN");
152     PrivHelper.grantPriv(s, i2, SubjectFinder.findAllSubject(), AccessPrivilege.OPTIN);
153     GroupHelper.findByName(nrs, i2.getName());
154     GroupHelper.findByUuid(nrs, i2.getUuid());
155   } // public void testFindGroupWithAllOPTIN()
156 
157   public void testFindGroupWithoutREAD() {
158     LOG.info("testFindGroupWithoutREAD");
159     // ALL has VIEW
160     GroupHelper.findByName(nrs, i2.getName());
161     GroupHelper.findByUuid(nrs, i2.getUuid());
162   } // public void testFindGroupWithoutREAD()
163 
164   public void testFindGroupWithREAD() {
165     LOG.info("testFindGroupWithREAD");
166     PrivHelper.grantPriv(s, i2, nrs.getSubject(), AccessPrivilege.READ);
167     GroupHelper.findByName(nrs, i2.getName());
168     GroupHelper.findByUuid(nrs, i2.getUuid());
169   } // public void testFindGroupWithREAD()
170 
171   public void testFindGroupWithAllREAD() {
172     LOG.info("testFindGroupWithAllREAD");
173     // Already exists
174     // PrivHelper.grantPriv(s, i2, SubjectFinder.findAllSubject(), AccessPrivilege.READ);
175     GroupHelper.findByName(nrs, i2.getName());
176     GroupHelper.findByUuid(nrs, i2.getUuid());
177   } // public void testFindGroupWithAllREAD()
178 
179   public void testFindGroupWithoutUPDATE() {
180     LOG.info("testFindGroupWithoutUPDATE");
181     // ALL has VIEW
182     GroupHelper.findByName(nrs, i2.getName());
183     GroupHelper.findByUuid(nrs, i2.getUuid());
184   } // public void testFindGroupWithoutUPDATE()
185 
186   public void testFindGroupWithUPDATE() {
187     LOG.info("testFindGroupWithUPDATE");
188     PrivHelper.grantPriv(s, i2, nrs.getSubject(), AccessPrivilege.UPDATE);
189     GroupHelper.findByName(nrs, i2.getName());
190     GroupHelper.findByUuid(nrs, i2.getUuid());
191   } // public void testFindGroupWithUPDATE()
192 
193   public void testFindChildGroupWithoutVIEW() {
194     LOG.info("testFindChildGroupWithoutVIEW");
195     // Revoke ALL VIEW + READ
196     PrivHelper.revokePriv(s, i2,    SubjectFinder.findAllSubject(), AccessPrivilege.READ);
197     PrivHelper.revokePriv(s, i2,    SubjectFinder.findAllSubject(), AccessPrivilege.VIEW);
198     PrivHelper.revokePriv(s, uofc,  SubjectFinder.findAllSubject(), AccessPrivilege.READ);
199     PrivHelper.revokePriv(s, uofc,  SubjectFinder.findAllSubject(), AccessPrivilege.VIEW);
200     // Now get parent stem
201     final Stem  parent    = StemHelper.findByName(nrs, edu.getName());
202     GrouperSession.callbackGrouperSession(nrs, new GrouperSessionHandler() {
203 
204       public Object callback(GrouperSession grouperSession)
205           throws GrouperSessionException {
206         Set   children  = parent.getChildGroups();
207         Assert.assertTrue(
208           "children == " + children.size() + " (exp 0)",
209           children.size() == 0
210         );
211         return null;
212       }
213       
214     });
215   } // public void testFindGroupWithoutVIEW()
216 
217   public void testFindChildGroupWithVIEW() {
218     LOG.info("testFindChildGroupWithVIEW");
219     // Now get parent stem
220     Stem  parent    = StemHelper.findByName(nrs, edu.getName());
221     Set   children  = parent.getChildGroups();
222     Assert.assertTrue(
223       "children == " + children.size() + " (exp 2)",
224       children.size() == 2
225     );
226     Iterator iter = children.iterator();
227     while (iter.hasNext()) {
228       Group child = (Group) iter.next();
229       if      (child.getName().equals(i2.getName())) {
230         Assert.assertTrue("i2", true);
231       } 
232       else if (child.getName().equals(uofc.getName())) {
233         Assert.assertTrue("uofc", true);
234       }
235       else {
236         Assert.fail("unknown child: " + child.getName());
237       }
238     }
239   } // public void testFindGroupWithVIEW()
240 
241   public void testFindChildGroupWithAllVIEW() {
242     LOG.info("testFindChildGroupWithAllVIEW");
243     // Now get parent stem
244     Stem  parent    = StemHelper.findByName(nrs, edu.getName());
245     Set   children  = parent.getChildGroups();
246     Assert.assertTrue(
247       "children == " + children.size() + " (exp 2)",
248       children.size() == 2
249     );
250     Iterator iter = children.iterator();
251     while (iter.hasNext()) {
252       Group child = (Group) iter.next();
253       if      (child.getName().equals(i2.getName())) {
254         Assert.assertTrue("i2", true);
255         Assert.assertTrue("i2 parent", child.getParentStem().equals(parent));
256       } 
257       else if (child.getName().equals(uofc.getName())) {
258         Assert.assertTrue("uofc", true);
259         Assert.assertTrue("uofc parent", child.getParentStem().equals(parent));
260       }
261       else {
262         Assert.fail("unknown child: " + child.getName());
263       }
264     }
265   } // public void testFindGroupWithAllVIEW()
266 
267   public void testFindGroupWithoutVIEW() {
268     LOG.info("testFindGroupWithoutVIEW");
269     // ALL has VIEW
270     GroupHelper.findByName(nrs, i2.getName());
271     GroupHelper.findByUuid(nrs, i2.getUuid());
272   } // public void testFindGroupWithoutVIEW()
273 
274   public void testFindGroupWithVIEW() {
275     LOG.info("testFindGroupWithVIEW");
276     PrivHelper.grantPriv(s, i2, nrs.getSubject(), AccessPrivilege.VIEW);
277     GroupHelper.findByName(nrs, i2.getName());
278     GroupHelper.findByUuid(nrs, i2.getUuid());
279   } // public void testFindGroupWithVIEW()
280 
281   public void testFindGroupWithAllVIEW() {
282     LOG.info("testFindGroupWithAllVIEW");
283     // Already exists
284     // PrivHelper.grantPriv(s, i2, SubjectFinder.findAllSubject(), AccessPrivilege.VIEW);
285     GroupHelper.findByName(nrs, i2.getName());
286     GroupHelper.findByUuid(nrs, i2.getUuid());
287   } // public void testFindGroupWithAllVIEW()
288 
289   public void testAddGroupAsMemberWithADMIN() {
290     LOG.info("testAddGroupAsMemberWithADMIN");
291     PrivHelper.grantPriv(s, uofc, subj0, AccessPrivilege.ADMIN);
292     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
293     GroupHelper.addMember(uofc, subj1, m);
294     Group a = GroupHelper.findByName(nrs, uofc.getName());
295     Group b = GroupHelper.findByName(nrs, i2.getName());
296     // add uofc (a) to i2 (b)
297     GroupHelper.addMember(b, a);
298     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
299     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
300     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
301   } // public void testAddGroupAsMemberWithADMIN()
302 
303   public void testAddGroupAsMemberWithOPTIN() {
304     LOG.info("testAddGroupAsMemberWithOPTIN");
305     PrivHelper.grantPriv(s, uofc, subj0, AccessPrivilege.OPTIN);
306     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
307     GroupHelper.addMember(uofc, subj1, m);
308     Group a = GroupHelper.findByName(nrs, uofc.getName());
309     Group b = GroupHelper.findByName(nrs, i2.getName());
310     // add uofc (a) to i2 (b)
311     GroupHelper.addMember(b, a);
312     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
313     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
314     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
315   } // public void testAddGroupAsMemberWithOPTIN()
316 
317   public void testAddGroupAsMemberWithAllOPTIN() {
318     LOG.info("testAddGroupAsMemberWithAllOPTIN");
319     PrivHelper.grantPriv(s, uofc, SubjectFinder.findAllSubject(), AccessPrivilege.OPTIN);
320     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
321     GroupHelper.addMember(uofc, subj1, m);
322     Group a = GroupHelper.findByName(nrs, uofc.getName());
323     Group b = GroupHelper.findByName(nrs, i2.getName());
324     // add uofc (a) to i2 (b)
325     GroupHelper.addMember(b, a);
326     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
327     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
328     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
329   } // public void testAddGroupAsMemberWithAllOPTIN()
330 
331   public void testAddGroupAsMemberWithOPTOUT() {
332     LOG.info("testAddGroupAsMemberWithOPTOUT");
333     PrivHelper.grantPriv(s, uofc, subj0, AccessPrivilege.OPTOUT);
334     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
335     GroupHelper.addMember(uofc, subj1, m);
336     Group a = GroupHelper.findByName(nrs, uofc.getName());
337     Group b = GroupHelper.findByName(nrs, i2.getName());
338     // add uofc (a) to i2 (b)
339     GroupHelper.addMember(b, a);
340     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
341     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
342     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
343   } // public void testAddGroupAsMemberWithOPTOUT()
344 
345   public void testAddGroupAsMemberWithAllOPTOUT() {
346     LOG.info("testAddGroupAsMemberWithAllOPTOUT");
347     PrivHelper.grantPriv(s, uofc, SubjectFinder.findAllSubject(), AccessPrivilege.OPTOUT);
348     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
349     GroupHelper.addMember(uofc, subj1, m);
350     Group a = GroupHelper.findByName(nrs, uofc.getName());
351     Group b = GroupHelper.findByName(nrs, i2.getName());
352     // add uofc (a) to i2 (b)
353     GroupHelper.addMember(b, a);
354     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
355     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
356     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
357   } // public void testAddGroupAsMemberWithAllOPTOUT()
358 
359   public void testAddGroupAsMemberWithREAD() {
360     LOG.info("testAddGroupAsMemberWithREAD");
361     PrivHelper.grantPriv(s, uofc, subj0, AccessPrivilege.READ);
362     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
363     GroupHelper.addMember(uofc, subj1, m);
364     Group a = GroupHelper.findByName(nrs, uofc.getName());
365     Group b = GroupHelper.findByName(nrs, i2.getName());
366     // add uofc (a) to i2 (b)
367     GroupHelper.addMember(b, a);
368     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
369     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
370     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
371   } // public void testAddGroupAsMemberWithREAD()
372 
373   public void testAddGroupAsMemberWithAllREAD() {
374     LOG.info("testAddGroupAsMemberWithAllREAD");
375     // Already exists
376     // PrivHelper.grantPriv(s, uofc, SubjectFinder.findAllSubject(), AccessPrivilege.READ);
377     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
378     GroupHelper.addMember(uofc, subj1, m);
379     Group a = GroupHelper.findByName(nrs, uofc.getName());
380     Group b = GroupHelper.findByName(nrs, i2.getName());
381     // add uofc (a) to i2 (b)
382     GroupHelper.addMember(b, a);
383     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
384     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
385     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
386   } // public void testAddGroupAsMemberWithAllREAD()
387 
388   public void testAddGroupAsMemberWithUPDATE() {
389     LOG.info("testAddGroupAsMemberWithUPDATE");
390     PrivHelper.grantPriv(s, uofc, subj0, AccessPrivilege.UPDATE);
391     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
392     GroupHelper.addMember(uofc, subj1, m);
393     Group a = GroupHelper.findByName(nrs, uofc.getName());
394     Group b = GroupHelper.findByName(nrs, i2.getName());
395     // add uofc (a) to i2 (b)
396     GroupHelper.addMember(b, a);
397     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
398     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
399     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
400   } // public void testAddGroupAsMemberWithUPDATE()
401 
402   public void testAddGroupAsMemberWithVIEW() {
403     LOG.info("testAddGroupAsMemberWithVIEW");
404     PrivHelper.grantPriv(s, uofc, subj0, AccessPrivilege.VIEW);
405     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
406     GroupHelper.addMember(uofc, subj1, m);
407     Group a = GroupHelper.findByName(nrs, uofc.getName());
408     Group b = GroupHelper.findByName(nrs, i2.getName());
409     // add uofc (a) to i2 (b)
410     GroupHelper.addMember(b, a);
411     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
412     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
413     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
414   } // public void testAddGroupAsMemberWithVIEW()
415 
416   public void testAddGroupAsMemberWithAllVIEW() {
417     LOG.info("testAddGroupAsMemberWithAllVIEW");
418     // Already exists
419     // PrivHelper.grantPriv(s, uofc, SubjectFinder.findAllSubject(), AccessPrivilege.VIEW);
420     PrivHelper.grantPriv(s, i2,   subj0, AccessPrivilege.ADMIN);
421     // Already exists
422     GroupHelper.addMember(uofc, subj1, m);
423     Group a = GroupHelper.findByName(nrs, uofc.getName());
424     Group b = GroupHelper.findByName(nrs, i2.getName());
425     // add uofc (a) to i2 (b)
426     GroupHelper.addMember(b, a);
427     MembershipTestHelper.testNumMship(b, Group.getDefaultList(), 2, 1, 1);
428     MembershipTestHelper.testImmMship(nrs, b, a, Group.getDefaultList());
429     MembershipTestHelper.testEffMship(nrs, b, subj1, Group.getDefaultList(), a, 1);
430   } // public void testAddGroupAsMemberWithAllVIEW()
431 
432 }
433