All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.opencms.file.TestChacc Maven / Gradle / Ivy

Go to download

OpenCms is an enterprise-ready, easy to use website content management system based on Java and XML technology. Offering a complete set of features, OpenCms helps content managers worldwide to create and maintain beautiful websites fast and efficiently.

There is a newer version: 18.0
Show newest version
/*
 * This library is part of OpenCms -
 * the Open Source Content Management System
 *
 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * For further information about Alkacon Software GmbH & Co. KG, please see the
 * company website: http://www.alkacon.com
 *
 * For further information about OpenCms, please see the
 * project website: http://www.opencms.org
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package org.opencms.file;

import org.opencms.main.OpenCms;
import org.opencms.security.CmsAccessControlEntry;
import org.opencms.security.CmsPermissionSet;
import org.opencms.security.CmsRole;
import org.opencms.security.I_CmsPrincipal;
import org.opencms.test.OpenCmsTestCase;
import org.opencms.test.OpenCmsTestProperties;
import org.opencms.test.OpenCmsTestResourceFilter;

import java.util.Iterator;
import java.util.List;

import junit.extensions.TestSetup;
import junit.framework.Test;
import junit.framework.TestSuite;

/**
 * Unit test for the "chacc" method of the CmsObject.

* */ public class TestChacc extends OpenCmsTestCase { /** * Default JUnit constructor.

* * @param arg0 JUnit parameters */ public TestChacc(String arg0) { super(arg0); } /** * Test the chacc method on a file and a group.

* * @param tc the OpenCmsTestCase * @param cms the CmsObject * @param resource1 the resource to change permissions * @param group the group to change the permissions from * @param permissions the new permission set for this group * @param flags the flags for modifying the permission set * @throws Throwable if something goes wrong */ public static void chaccFileGroup( OpenCmsTestCase tc, CmsObject cms, String resource1, CmsGroup group, CmsPermissionSet permissions, int flags) throws Throwable { tc.storeResources(cms, resource1); cms.lockResource(resource1); cms.chacc( resource1, I_CmsPrincipal.PRINCIPAL_GROUP, group.getName(), permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags); cms.unlockResource(resource1); // now evaluate the result tc.assertFilter(cms, resource1, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the group flag to the acl CmsResource res = cms.readResource(resource1, CmsResourceFilter.ALL); CmsAccessControlEntry ace = new CmsAccessControlEntry( res.getResourceId(), group.getId(), permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags + CmsAccessControlEntry.ACCESS_FLAGS_GROUP); tc.assertAce(cms, resource1, ace); // test the acl with the permission set int denied = permissions.getDeniedPermissions(); if (flags == CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) { denied = 0; } CmsPermissionSet permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); tc.assertAcl(cms, resource1, group.getId(), permission); } /** * Test the chacc method on a file and a user.

* * @param tc the OpenCmsTestCase * @param cms the CmsObject * @param resource1 the resource to change permissions * @param user the user to change the permissions from * @param permissions the new permission set for this group * @param flags the flags for modifying the permission set * @throws Throwable if something goes wrong */ public static void chaccFileUser( OpenCmsTestCase tc, CmsObject cms, String resource1, CmsUser user, CmsPermissionSet permissions, int flags) throws Throwable { tc.storeResources(cms, resource1); cms.lockResource(resource1); cms.chacc( resource1, I_CmsPrincipal.PRINCIPAL_USER, user.getName(), permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags); cms.unlockResource(resource1); // now evaluate the result tc.assertFilter(cms, resource1, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the user flag to the acl CmsResource res = cms.readResource(resource1, CmsResourceFilter.ALL); CmsAccessControlEntry ace = new CmsAccessControlEntry( res.getResourceId(), user.getId(), permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags + CmsAccessControlEntry.ACCESS_FLAGS_USER); tc.assertAce(cms, resource1, ace); // test the acl with the permission set int denied = permissions.getDeniedPermissions(); if (flags == CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) { denied = 0; } CmsPermissionSet permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); tc.assertAcl(cms, resource1, user.getId(), permission); } /** * Test the chacc method on a file and a group.

* * @param tc the OpenCmsTestCase * @param cms the CmsObject * @param resource1 the resource to change permissions * @param group the group to change the permissions from * @param permissions the new permission set for this group * @param flags the flags for modifying the permission set * @throws Throwable if something goes wrong */ public static void chaccFolderGroup( OpenCmsTestCase tc, CmsObject cms, String resource1, CmsGroup group, CmsPermissionSet permissions, int flags) throws Throwable { tc.storeResources(cms, resource1); cms.lockResource(resource1); cms.chacc( resource1, I_CmsPrincipal.PRINCIPAL_GROUP, group.getName(), permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags); cms.unlockResource(resource1); // now evaluate the result tc.assertFilter(cms, resource1, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the group flag to the acl CmsResource res = cms.readResource(resource1, CmsResourceFilter.ALL); CmsAccessControlEntry ace = new CmsAccessControlEntry( res.getResourceId(), group.getId(), permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags + CmsAccessControlEntry.ACCESS_FLAGS_GROUP); tc.assertAce(cms, resource1, ace); // test the acl with the permission set int denied = permissions.getDeniedPermissions(); if ((flags & CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) > 0) { denied = 0; } CmsPermissionSet permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); tc.assertAcl(cms, resource1, group.getId(), permission); // now check all the subresources in the folder, access must be modified as well List subresources = cms.readResources(resource1, CmsResourceFilter.ALL); Iterator j = subresources.iterator(); while (j.hasNext()) { CmsResource subRes = (CmsResource)j.next(); String subResName = cms.getSitePath(subRes); // now evaluate the result tc.assertFilter(cms, subResName, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the group and the inherited flag to the acl ace = new CmsAccessControlEntry( res.getResourceId(), group.getId(), permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags + CmsAccessControlEntry.ACCESS_FLAGS_GROUP + CmsAccessControlEntry.ACCESS_FLAGS_INHERITED); tc.assertAce(cms, subResName, ace); // test the acl with the permission set permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); tc.assertAcl(cms, resource1, subResName, group.getId(), permission); } } /** * Test suite for this test class.

* * @return the test suite */ public static Test suite() { OpenCmsTestProperties.initialize(org.opencms.test.AllTests.TEST_PROPERTIES_PATH); TestSuite suite = new TestSuite(); suite.setName(TestChacc.class.getName()); suite.addTest(new TestChacc("testChaccFileGroup")); suite.addTest(new TestChacc("testChaccFileUser")); suite.addTest(new TestChacc("testChaccFileAllOthers")); suite.addTest(new TestChacc("testChaccFileOverwriteAll")); suite.addTest(new TestChacc("testChaccAddRemove")); TestSetup wrapper = new TestSetup(suite) { @Override protected void setUp() { setupOpenCms("simpletest", "/"); } @Override protected void tearDown() { removeOpenCms(); } }; return wrapper; } /** * Test the creation and deletion of access control entries and checks permissions of a test user.

* * @throws Throwable if something goes wrong */ public void testChaccAddRemove() throws Throwable { echo("Testing adding and removing ACEs on files and folders"); CmsObject cms = getCmsObject(); cms.createGroup("Testgroup", "A test group", 0, null); CmsGroup testGroup = cms.readGroup("Testgroup"); cms.createUser("testuser", "test", "A test user", null); cms.addUserToGroup("testuser", "Testgroup"); OpenCms.getRoleManager().addUserToRole(cms, CmsRole.ELEMENT_AUTHOR, "testuser"); CmsUser testUser = cms.readUser("testuser"); CmsProject offline = cms.readProject("Offline"); String resName = "/folder2/"; cms.lockResource(resName); cms.chacc(resName, I_CmsPrincipal.PRINCIPAL_USER, testUser.getName(), "+r+w+v+i"); cms.chacc(resName, I_CmsPrincipal.PRINCIPAL_GROUP, testGroup.getName(), "+r+v+i"); cms.unlockResource(resName); OpenCms.getPublishManager().publishProject(cms); OpenCms.getPublishManager().waitWhileRunning(); CmsPermissionSet permissions = new CmsPermissionSet( CmsPermissionSet.PERMISSION_READ | CmsPermissionSet.PERMISSION_VIEW | CmsPermissionSet.PERMISSION_WRITE, 0); // check set permissions for the test user cms.loginUser("testuser", "test"); cms.getRequestContext().setCurrentProject(offline); cms.lockResource(resName); assertTrue(cms.hasPermissions(cms.readResource(resName), permissions)); assertTrue(cms.hasPermissions(cms.readResource("/folder2/index.html"), permissions)); assertFalse(cms.hasPermissions(cms.readResource("/folder1/"), permissions)); cms.unlockResource(resName); // switch back to Admin user and remove ACE cms.loginUser("Admin", "admin"); cms.getRequestContext().setCurrentProject(offline); cms.lockResource(resName); cms.rmacc(resName, I_CmsPrincipal.PRINCIPAL_USER, testUser.getName()); cms.unlockResource(resName); OpenCms.getPublishManager().publishProject(cms); OpenCms.getPublishManager().waitWhileRunning(); cms.loginUser("testuser", "test"); cms.getRequestContext().setCurrentProject(offline); assertFalse(cms.hasPermissions(cms.readResource(resName), CmsPermissionSet.ACCESS_WRITE)); cms.loginUser("Admin", "admin"); cms.getRequestContext().setCurrentProject(offline); cms.lockResource(resName); cms.rmacc(resName, I_CmsPrincipal.PRINCIPAL_GROUP, testGroup.getName()); cms.unlockResource(resName); OpenCms.getPublishManager().publishProject(cms); OpenCms.getPublishManager().waitWhileRunning(); // re-check permissions of test user after removing ACE cms.loginUser("testuser", "test"); assertFalse(cms.hasPermissions(cms.readResource(resName), permissions)); } /** * Test the chacc method for the special 'all others' principal.

* * @throws Throwable if something goes wrong */ public void testChaccFileAllOthers() throws Throwable { CmsObject cms = getCmsObject(); echo("Testing the chacc method for the special 'all others' principal"); CmsPermissionSet permissions = CmsPermissionSet.ACCESS_READ; String resource = "/folder1/subfolder11/"; int flags = CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_ALLOTHERS + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT; storeResources(cms, resource, true); cms.lockResource(resource); cms.chacc( resource, I_CmsPrincipal.PRINCIPAL_GROUP, CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_NAME, permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags); cms.unlockResource(resource); // now evaluate the result assertFilter(cms, resource, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the all others flag to the acl CmsResource res = cms.readResource(resource, CmsResourceFilter.ALL); CmsAccessControlEntry ace = new CmsAccessControlEntry( res.getResourceId(), CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID, permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags); assertAce(cms, resource, ace); // test the acl with the permission set int denied = permissions.getDeniedPermissions(); if ((flags & CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) > 0) { denied = 0; } CmsPermissionSet permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); assertAcl(cms, resource, CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID, permission); // now check all the subresources in the folder, access must be modified as well List subresources = cms.readResources(resource, CmsResourceFilter.ALL); Iterator j = subresources.iterator(); while (j.hasNext()) { CmsResource subRes = (CmsResource)j.next(); String subResName = cms.getSitePath(subRes); // now evaluate the result assertFilter(cms, subResName, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the group and the inherited flag to the acl ace = new CmsAccessControlEntry( res.getResourceId(), CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID, permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags + CmsAccessControlEntry.ACCESS_FLAGS_INHERITED); assertAce(cms, subResName, ace); // test the acl with the permission set permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); assertAcl(cms, resource, subResName, CmsAccessControlEntry.PRINCIPAL_ALL_OTHERS_ID, permission); } } /** * Test the chacc method on a file and a group.

* * @throws Throwable if something goes wrong */ public void testChaccFileGroup() throws Throwable { CmsObject cms = getCmsObject(); echo("Testing chacc on a file and a group"); chaccFileGroup( this, cms, "/index.html", cms.readGroup("Users"), CmsPermissionSet.ACCESS_READ, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE); } /** * Test the chacc method for the special 'overwrite all' principal.

* * @throws Throwable if something goes wrong */ public void testChaccFileOverwriteAll() throws Throwable { CmsObject cms = getCmsObject(); echo("Testing the chacc method for the special 'overwrite all' principal"); CmsPermissionSet permissions = CmsPermissionSet.ACCESS_READ; String resource = "/folder1/subfolder11/"; int flags = CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE_ALL + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT; storeResources(cms, resource, true); cms.lockResource(resource); cms.chacc( resource, I_CmsPrincipal.PRINCIPAL_GROUP, CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_NAME, permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags); cms.unlockResource(resource); // now evaluate the result assertFilter(cms, resource, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the all others flag to the acl CmsResource res = cms.readResource(resource, CmsResourceFilter.ALL); CmsAccessControlEntry ace = new CmsAccessControlEntry( res.getResourceId(), CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID, permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags); assertAce(cms, resource, ace); // test the acl with the permission set int denied = permissions.getDeniedPermissions(); if ((flags & CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE) > 0) { denied = 0; } CmsPermissionSet permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); assertAcl(cms, resource, CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID, permission); // now check all the subresources in the folder, access must be modified as well List subresources = cms.readResources(resource, CmsResourceFilter.ALL); Iterator j = subresources.iterator(); while (j.hasNext()) { CmsResource subRes = (CmsResource)j.next(); String subResName = cms.getSitePath(subRes); // now evaluate the result assertFilter(cms, subResName, OpenCmsTestResourceFilter.FILTER_CHACC); // test the ace of the new permission // add the group and the inherited flag to the acl ace = new CmsAccessControlEntry( res.getResourceId(), CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID, permissions.getAllowedPermissions(), permissions.getDeniedPermissions(), flags + CmsAccessControlEntry.ACCESS_FLAGS_INHERITED); assertAce(cms, subResName, ace); // test the acl with the permission set permission = new CmsPermissionSet(permissions.getAllowedPermissions(), denied); assertAcl(cms, resource, subResName, CmsAccessControlEntry.PRINCIPAL_OVERWRITE_ALL_ID, permission); } } /** * Test the chacc method on a file and a user.

* * @throws Throwable if something goes wrong */ public void testChaccFileUser() throws Throwable { CmsObject cms = getCmsObject(); echo("Testing chacc on a file and a user"); chaccFileUser(this, cms, "/folder1/index.html", cms.readUser("Guest"), CmsPermissionSet.ACCESS_WRITE, 0); } /** * Test the chacc method on a folder and a group.

* * @throws Throwable if something goes wrong */ public void testChaccFolderGroup() throws Throwable { //TODO: This test is not working correctly so far! CmsObject cms = getCmsObject(); echo("Testing chacc on a folder and a group"); chaccFolderGroup( this, cms, "/folder2/", cms.readGroup("Guests"), CmsPermissionSet.ACCESS_READ, CmsAccessControlEntry.ACCESS_FLAGS_OVERWRITE + CmsAccessControlEntry.ACCESS_FLAGS_INHERIT); } }





© 2015 - 2024 Weber Informatics LLC | Privacy Policy