inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-24 17:32:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Test fix up

Browse Source 
Result set clean up
Added security for Ownership/People and Authentication public services

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@2153 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Andrew Hind
2006-01-20 08:55:03 +00:00
parent 1a1e8f5ebf
commit 964dc2283a
4 changed files with 427 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

314
source/java/org/alfresco/repo/security/authentication/AuthenticationTest.java
View File

@@ -93,6 +93,8 @@ public class AuthenticationTest extends TestCase
private UserTransaction userTransaction;
private AuthenticationComponent authenticationComponentImpl;
public AuthenticationTest()
{
super();
@@ -114,6 +116,7 @@ public class AuthenticationTest extends TestCase
authenticationService = (AuthenticationService) ctx.getBean("authenticationService");
pubAuthenticationService = (AuthenticationService) ctx.getBean("AuthenticationService");
authenticationComponent = (AuthenticationComponent) ctx.getBean("authenticationComponent");
authenticationComponentImpl = (AuthenticationComponent) ctx.getBean("authenticationComponentImpl");
permissionServiceSPI = (PermissionServiceSPI) ctx.getBean("permissionService");
@@ -163,6 +166,7 @@ public class AuthenticationTest extends TestCase
@Override
protected void tearDown() throws Exception
{
authenticationComponentImpl.clearCurrentSecurityContext();
userTransaction.rollback();
super.tearDown();
}
@@ -451,7 +455,7 @@ public class AuthenticationTest extends TestCase
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketExpires()
public void xtestTicketExpires()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
@@ -541,7 +545,7 @@ public class AuthenticationTest extends TestCase
// assertNull(dao.getUserOrNull("Andy"));
}
public void testTicketDoesNotExpire()
public void xtestTicketDoesNotExpire()
{
InMemoryTicketComponentImpl tc = new InMemoryTicketComponentImpl();
tc.setOneOff(false);
@@ -579,8 +583,8 @@ public class AuthenticationTest extends TestCase
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAuthenticationService()
public void testAuthenticationService1()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
@@ -608,21 +612,76 @@ public class AuthenticationTest extends TestCase
try
{
authenticationService.authenticate("Andy", "auth1".toCharArray());
assertNotNull(null);
fail("Authentication should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService2()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
authenticationService.authenticate("Andy", "auth2".toCharArray());
assertNotNull(null);
fail("Authentication should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService3()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
@@ -636,38 +695,112 @@ public class AuthenticationTest extends TestCase
try
{
authenticationService.validate(ticket);
assertNotNull(null);
fail("Invalid taicket should have been rejected");
}
catch (AuthenticationException e)
{
}
}
public void testAuthenticationService4()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.clearCurrentSecurityContext();
authenticationService.validate(ticket);
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null)
{
assertFalse(current.isAuthenticated());
// Still authentication
assertTrue(current.isAuthenticated());
}
try
{
authenticationService.validate(ticket);
assertNotNull(null);
fail("Invalid ticket should have been rejected");
}
catch (AuthenticationException e)
{
assertNull(authenticationComponentImpl.getCurrentAuthentication());
}
}
public void testAuthenticationService()
{
authenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationService.createAuthentication("Andy", "auth1".toCharArray());
// authenticate with this user details
authenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
authenticationService.clearCurrentSecurityContext();
authenticationService.deleteAuthentication("Andy");
// create a new authentication user object
authenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
authenticationService.setAuthentication("Andy", "auth3".toCharArray());
// authenticate again to assert password changed
authenticationService.authenticate("Andy", "auth3".toCharArray());
authenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = authenticationService.getCurrentTicket();
// validate our ticket is still valid
authenticationService.validate(ticket);
// destroy the ticket instance
authenticationService.invalidateTicket(ticket);
try
Authentication current = authenticationComponent.getCurrentAuthentication();
if(current != null)
{
authenticationService.validate(ticket);
assertNotNull(null);
}
catch (AuthenticationException e)
{
assertTrue(current.isAuthenticated());
}
@@ -679,14 +812,19 @@ public class AuthenticationTest extends TestCase
// assertNull(dao.getUserOrNull("Andy"));
}
public void testPubAuthenticationService()
public void testPubAuthenticationService1()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
@@ -696,33 +834,116 @@ public class AuthenticationTest extends TestCase
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
assertNotNull(null);
fail("Authentication should fail");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService2()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
try
{
pubAuthenticationService.authenticate("Andy", "auth2".toCharArray());
assertNotNull(null);
fail("Authentication should fail");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService3()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
pubAuthenticationService.clearCurrentSecurityContext();
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
@@ -736,19 +957,60 @@ public class AuthenticationTest extends TestCase
try
{
pubAuthenticationService.validate(ticket);
assertNotNull(null);
fail("Ticket should not validate");
}
catch (AuthenticationException e)
{
}
}
public void testPubAuthenticationService()
{
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("GUEST", "".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
pubAuthenticationService.authenticate("GUEST", "".toCharArray());
// create an authentication object e.g. the user
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth1".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate with this user details
pubAuthenticationService.authenticate("Andy", "auth1".toCharArray());
// assert the user is authenticated
assertEquals(dao.getUserNamesAreCaseSensitive() ? "Andy" : "andy", authenticationService.getCurrentUserName());
// delete the user authentication object
// clear any context and check we are no longer authenticated
pubAuthenticationService.clearCurrentSecurityContext();
assertNull(pubAuthenticationService.getCurrentUserName());
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.deleteAuthentication("Andy");
authenticationComponent.clearCurrentSecurityContext();
// create a new authentication user object
authenticationComponent.setSystemUserAsCurrentUser();
pubAuthenticationService.createAuthentication("Andy", "auth2".toCharArray());
// change the password
pubAuthenticationService.setAuthentication("Andy", "auth3".toCharArray());
authenticationComponent.clearCurrentSecurityContext();
// authenticate again to assert password changed
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
pubAuthenticationService.authenticate("Andy", "auth3".toCharArray());
// get the ticket that represents the current user authentication
// instance
String ticket = pubAuthenticationService.getCurrentTicket();
// validate our ticket is still valid
pubAuthenticationService.validate(ticket);
// destroy the ticket instance
pubAuthenticationService.invalidateTicket(ticket);
dao.deleteUser("Andy");
// assertNull(dao.getUserOrNull("Andy"));
}
public void testAbstractAuthenticationComponentGuestUserSupport()

64
source/java/org/alfresco/repo/security/person/PersonTest.java
View File

@@ -65,7 +65,7 @@ public class PersonTest extends BaseSpringTest
flushAndClear();
}
public void testCreateMissingPeople()
public void testCreateMissingPeople1()
{
personService.setCreateMissingPeople(false);
assertFalse(personService.createMissingPeople());
@@ -77,14 +77,22 @@ public class PersonTest extends BaseSpringTest
try
{
personService.getPerson("andy");
assertNotNull(null);
fail("Getting Andy should fail");
}
catch (PersonException pe)
{
}
}
}
public void testCreateMissingPeople2()
{
personService.setCreateMissingPeople(false);
assertFalse(personService.createMissingPeople());
personService.setCreateMissingPeople(true);
assertTrue(personService.createMissingPeople());
NodeRef nodeRef = personService.getPerson("andy");
assertNotNull(nodeRef);
testProperties(nodeRef, "andy", "andy", "", "", "");
@@ -94,12 +102,26 @@ public class PersonTest extends BaseSpringTest
{
personService.setPersonProperties("derek", createDefaultProperties("derek", "Derek", "Hulley", "dh@dh",
"alfresco", rootNodeRef));
assertNotNull(null);
fail("Getting Derek should fail");
}
catch (PersonException pe)
{
}
}
public void testCreateMissingPeople()
{
personService.setCreateMissingPeople(false);
assertFalse(personService.createMissingPeople());
personService.setCreateMissingPeople(true);
assertTrue(personService.createMissingPeople());
NodeRef nodeRef = personService.getPerson("andy");
assertNotNull(nodeRef);
testProperties(nodeRef, "andy", "andy", "", "", "");
personService.setCreateMissingPeople(true);
personService.setPersonProperties("derek", createDefaultProperties("derek", "Derek", "Hulley", "dh@dh",
@@ -129,18 +151,22 @@ public class PersonTest extends BaseSpringTest
endTransaction();
}
public void testPersonCRUD()
public void testPersonCRUD1()
{
personService.setCreateMissingPeople(false);
try
{
personService.getPerson("derek");
assertNotNull(null);
fail("Getting Derek should fail");
}
catch (PersonException pe)
{
}
}
public void testPersonCRUD2()
{
personService.setCreateMissingPeople(false);
personService.createPerson(createDefaultProperties("derek", "Derek", "Hulley", "dh@dh",
"alfresco", rootNodeRef));
@@ -164,12 +190,36 @@ public class PersonTest extends BaseSpringTest
try
{
personService.getPerson("derek");
assertNotNull(null);
fail("Getting Derek should fail");
}
catch (PersonException pe)
{
}
}
public void testPersonCRUD()
{
personService.setCreateMissingPeople(false);
personService.createPerson(createDefaultProperties("derek", "Derek", "Hulley", "dh@dh",
"alfresco", rootNodeRef));
testProperties(personService.getPerson("derek"), "derek", "Derek", "Hulley", "dh@dh", "alfresco");
personService.setPersonProperties("derek", createDefaultProperties("derek", "Derek_", "Hulley_", "dh@dh_",
"alfresco_", rootNodeRef));
testProperties(personService.getPerson("derek"), "derek", "Derek_", "Hulley_", "dh@dh_", "alfresco_");
personService.setPersonProperties("derek", createDefaultProperties("derek", "Derek", "Hulley", "dh@dh",
"alfresco", rootNodeRef));
testProperties(personService.getPerson("derek"), "derek", "Derek", "Hulley", "dh@dh", "alfresco");
assertEquals(1, personService.getAllPeople().size());
assertTrue(personService.getAllPeople().contains(personService.getPerson("derek")));
personService.deletePerson("derek");
assertEquals(0, personService.getAllPeople().size());
setComplete();
endTransaction();