Repository: jena Updated Branches: refs/heads/master cd62e6d29 -> 23d1bde29
http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/ModelBasedSecurityEvaluator.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/ModelBasedSecurityEvaluator.java b/jena-security/src/test/java/org/apache/jena/security/ModelBasedSecurityEvaluator.java index 7f17aa1..3ed71f1 100644 --- a/jena-security/src/test/java/org/apache/jena/security/ModelBasedSecurityEvaluator.java +++ b/jena-security/src/test/java/org/apache/jena/security/ModelBasedSecurityEvaluator.java @@ -1,3 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.apache.jena.security; import java.util.Set; @@ -6,48 +23,48 @@ import com.hp.hpl.jena.rdf.model.Model; public class ModelBasedSecurityEvaluator implements SecurityEvaluator { - private Model model; + //private Model model; public ModelBasedSecurityEvaluator( Model model) { - this.model = model; + //this.model = model; } @Override - public boolean evaluate(Action action, SecNode graphIRI) { + public boolean evaluate(final Object principal, Action action, SecNode graphIRI) { return true; } @Override - public boolean evaluate(Action action, SecNode graphIRI, SecTriple triple) { + public boolean evaluate(final Object principal, Action action, SecNode graphIRI, SecTriple triple) { return true; } @Override - public boolean evaluate(Set<Action> actions, SecNode graphIRI) { + public boolean evaluate(final Object principal, Set<Action> actions, SecNode graphIRI) { return true; } @Override - public boolean evaluate(Set<Action> actions, SecNode graphIRI, + public boolean evaluate(final Object principal, Set<Action> actions, SecNode graphIRI, SecTriple triple) { return true; } @Override - public boolean evaluateAny(Set<Action> actions, SecNode graphIRI) { + public boolean evaluateAny(final Object principal, Set<Action> actions, SecNode graphIRI) { return true; } @Override - public boolean evaluateAny(Set<Action> actions, SecNode graphIRI, + public boolean evaluateAny(final Object principal, Set<Action> actions, SecNode graphIRI, SecTriple triple) { return true; } @Override - public boolean evaluateUpdate(SecNode graphIRI, SecTriple from, SecTriple to) { + public boolean evaluateUpdate(final Object principal, SecNode graphIRI, SecTriple from, SecTriple to) { return true; } http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/StaticSecurityEvaluator.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/StaticSecurityEvaluator.java b/jena-security/src/test/java/org/apache/jena/security/StaticSecurityEvaluator.java index a8164d8..d59b89c 100644 --- a/jena-security/src/test/java/org/apache/jena/security/StaticSecurityEvaluator.java +++ b/jena-security/src/test/java/org/apache/jena/security/StaticSecurityEvaluator.java @@ -1,3 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.apache.jena.security; import java.util.Set; @@ -16,41 +33,41 @@ public class StaticSecurityEvaluator implements SecurityEvaluator { } @Override - public boolean evaluate(Action action, SecNode graphIRI) { + public boolean evaluate(final Object principal, Action action, SecNode graphIRI) { return true; } @Override - public boolean evaluate(Action action, SecNode graphIRI, SecTriple triple) { - return triple.getSubject().getValue().equals( "urn:"+getPrincipal() ); + public boolean evaluate(final Object principal, Action action, SecNode graphIRI, SecTriple triple) { + return triple.getSubject().getValue().equals( "urn:"+principal ); } @Override - public boolean evaluate(Set<Action> actions, SecNode graphIRI) { + public boolean evaluate(final Object principal, Set<Action> actions, SecNode graphIRI) { return true; } @Override - public boolean evaluate(Set<Action> actions, SecNode graphIRI, + public boolean evaluate(final Object principal, Set<Action> actions, SecNode graphIRI, SecTriple triple) { - return triple.getSubject().getValue().equals( "urn:"+getPrincipal() ); + return triple.getSubject().getValue().equals( "urn:"+principal ); } @Override - public boolean evaluateAny(Set<Action> actions, SecNode graphIRI) { + public boolean evaluateAny(final Object principal, Set<Action> actions, SecNode graphIRI) { return true; } @Override - public boolean evaluateAny(Set<Action> actions, SecNode graphIRI, + public boolean evaluateAny(final Object principal, Set<Action> actions, SecNode graphIRI, SecTriple triple) { - return triple.getSubject().getValue().equals( "urn:"+getPrincipal() ); + return triple.getSubject().getValue().equals( "urn:"+principal ); } @Override - public boolean evaluateUpdate(SecNode graphIRI, SecTriple from, SecTriple to) { - return from.getSubject().getValue().equals( "urn:"+getPrincipal() ) && - to.getSubject().getValue().equals( "urn:"+getPrincipal() ); + public boolean evaluateUpdate(final Object principal, SecNode graphIRI, SecTriple from, SecTriple to) { + return from.getSubject().getValue().equals( "urn:"+principal ) && + to.getSubject().getValue().equals( "urn:"+principal ); } @Override http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/contract/graph/CachedSecurityEvaluatorTest.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/contract/graph/CachedSecurityEvaluatorTest.java b/jena-security/src/test/java/org/apache/jena/security/contract/graph/CachedSecurityEvaluatorTest.java new file mode 100644 index 0000000..b145d89 --- /dev/null +++ b/jena-security/src/test/java/org/apache/jena/security/contract/graph/CachedSecurityEvaluatorTest.java @@ -0,0 +1,27 @@ +package org.apache.jena.security.contract.graph; + +import org.apache.jena.security.SecurityEvaluator; +import org.apache.jena.security.StaticSecurityEvaluator; +import org.apache.jena.security.impl.CachedSecurityEvaluator; +import org.junit.Test; +import static org.junit.Assert.*; + +public class CachedSecurityEvaluatorTest { + + private StaticSecurityEvaluator securityEvaluator; + private SecurityEvaluator cachedEvaluator; + + public CachedSecurityEvaluatorTest() { + securityEvaluator = new StaticSecurityEvaluator( "bob" ); + cachedEvaluator = new CachedSecurityEvaluator( securityEvaluator, "ted" ); + + } + + @Test + public void testGetPrincipal() + { + assertEquals( "bob", securityEvaluator.getPrincipal()); + assertEquals( "ted", cachedEvaluator.getPrincipal()); + } + +} http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/graph/BulkUpdateHandlerTest.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/graph/BulkUpdateHandlerTest.java b/jena-security/src/test/java/org/apache/jena/security/graph/BulkUpdateHandlerTest.java index eafb8e2..53a2b10 100644 --- a/jena-security/src/test/java/org/apache/jena/security/graph/BulkUpdateHandlerTest.java +++ b/jena-security/src/test/java/org/apache/jena/security/graph/BulkUpdateHandlerTest.java @@ -81,10 +81,11 @@ public class BulkUpdateHandlerTest @Test public void testAdd() { + Object principal = securityEvaluator.getPrincipal(); try { handler.add(tripleArray); - if (!securityEvaluator.evaluate(createAndUpdate, + if (!securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { @@ -93,7 +94,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(createAndUpdate, + if (securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -105,7 +106,7 @@ public class BulkUpdateHandlerTest try { handler.add(Arrays.asList(tripleArray)); - if (!securityEvaluator.evaluate(createAndUpdate, + if (!securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { @@ -114,7 +115,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(createAndUpdate, + if (securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -126,7 +127,7 @@ public class BulkUpdateHandlerTest try { handler.add(Arrays.asList(tripleArray).iterator()); - if (!securityEvaluator.evaluate(createAndUpdate, + if (!securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { @@ -135,7 +136,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(createAndUpdate, + if (securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -147,7 +148,7 @@ public class BulkUpdateHandlerTest try { handler.add(new CollectionGraph(Arrays.asList(tripleArray))); - if (!securityEvaluator.evaluate(createAndUpdate, + if (!securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { @@ -156,7 +157,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(createAndUpdate, + if (securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -168,7 +169,7 @@ public class BulkUpdateHandlerTest try { handler.add(new CollectionGraph(Arrays.asList(tripleArray))); - if (!securityEvaluator.evaluate(createAndUpdate, + if (!securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { @@ -177,7 +178,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(createAndUpdate, + if (securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -189,7 +190,7 @@ public class BulkUpdateHandlerTest try { handler.add(new CollectionGraph(Arrays.asList(tripleArray)), true); - if (!securityEvaluator.evaluate(createAndUpdate, + if (!securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { @@ -198,7 +199,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(createAndUpdate, + if (securityEvaluator.evaluate(principal, createAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -211,11 +212,11 @@ public class BulkUpdateHandlerTest @Test public void testDelete() { - + Object principal = securityEvaluator.getPrincipal(); try { handler.delete(tripleArray); - if (!securityEvaluator.evaluate(deleteAndUpdate, + if (!securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { @@ -224,7 +225,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(deleteAndUpdate, + if (securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -236,7 +237,7 @@ public class BulkUpdateHandlerTest try { handler.delete(Arrays.asList(tripleArray)); - if (!securityEvaluator.evaluate(deleteAndUpdate, + if (!securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { @@ -245,7 +246,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(deleteAndUpdate, + if (securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -257,7 +258,7 @@ public class BulkUpdateHandlerTest try { handler.delete(Arrays.asList(tripleArray).iterator()); - if (!securityEvaluator.evaluate(deleteAndUpdate, + if (!securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { @@ -266,7 +267,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(deleteAndUpdate, + if (securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -278,7 +279,7 @@ public class BulkUpdateHandlerTest try { handler.delete(new CollectionGraph(Arrays.asList(tripleArray))); - if (!securityEvaluator.evaluate(deleteAndUpdate, + if (!securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { @@ -287,7 +288,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(deleteAndUpdate, + if (securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -300,7 +301,7 @@ public class BulkUpdateHandlerTest { handler.delete(new CollectionGraph(Arrays.asList(tripleArray)), true); - if (!securityEvaluator.evaluate(deleteAndUpdate, + if (!securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -308,7 +309,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(deleteAndUpdate, + if (securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -321,11 +322,12 @@ public class BulkUpdateHandlerTest public void testRemove() { + Object principal = securityEvaluator.getPrincipal(); try { handler.remove(NodeFactory.createURI("http://example.com/1";), NodeFactory.createURI("http://example.com/v";), NodeFactory.createAnon()); - if (!securityEvaluator.evaluate(deleteAndUpdate, + if (!securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { @@ -334,7 +336,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(deleteAndUpdate, + if (securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail(String @@ -346,10 +348,11 @@ public class BulkUpdateHandlerTest public void testRemoveAll() { + Object principal = securityEvaluator.getPrincipal(); try { handler.removeAll(); - if (!securityEvaluator.evaluate(deleteAndUpdate, + if (!securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { @@ -358,7 +361,7 @@ public class BulkUpdateHandlerTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(deleteAndUpdate, + if (securityEvaluator.evaluate(principal, deleteAndUpdate, handler.getModelNode())) { Assert.fail(String http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/graph/CrossIDGraphEventManagerTest.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/graph/CrossIDGraphEventManagerTest.java b/jena-security/src/test/java/org/apache/jena/security/graph/CrossIDGraphEventManagerTest.java new file mode 100644 index 0000000..caea972 --- /dev/null +++ b/jena-security/src/test/java/org/apache/jena/security/graph/CrossIDGraphEventManagerTest.java @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.jena.security.graph; + +import org.apache.jena.security.Factory; +import org.apache.jena.security.StaticSecurityEvaluator; +import org.junit.Assert; +import org.junit.Test; + +import com.hp.hpl.jena.graph.Graph; +import com.hp.hpl.jena.graph.GraphEventManager; +import com.hp.hpl.jena.graph.NodeFactory; +import com.hp.hpl.jena.graph.Triple; +import com.hp.hpl.jena.sparql.graph.GraphFactory; + +public class CrossIDGraphEventManagerTest { + + private final GraphEventManager manager; + private final Graph g; + private final SecuredGraph sg; + private final StaticSecurityEvaluator securityEvaluator; + + private final RecordingGraphListener annListener; + private final RecordingGraphListener bobListener; + + public CrossIDGraphEventManagerTest() { + this.securityEvaluator = new StaticSecurityEvaluator("ann"); + + g = GraphFactory.createDefaultGraph(); + g.add(new Triple(NodeFactory.createURI("urn:ann"), NodeFactory + .createURI("http://example.com/v";), NodeFactory.createAnon())); + g.add(new Triple(NodeFactory.createURI("urn:bob"), NodeFactory + .createURI("http://example.com/v";), NodeFactory.createAnon())); + g.add(new Triple(NodeFactory.createURI("urn:ann"), NodeFactory + .createURI("http://example.com/v2";), NodeFactory.createAnon())); + + sg = Factory.getInstance(securityEvaluator, + "http://example.com/testGraph";, g); + manager = sg.getEventManager(); + annListener = new RecordingGraphListener(); + manager.register(annListener); + this.securityEvaluator.setUser("bob"); + bobListener = new RecordingGraphListener(); + manager.register(bobListener); + } + + @Test + public void notificationsTest() { + sg.add(new Triple(NodeFactory.createURI("urn:bob"), NodeFactory + .createURI("http://example.com/v2";), NodeFactory.createAnon())); + + Assert.assertTrue("Should recorded add", bobListener.isAdd()); + Assert.assertFalse("Should not have recorded add", annListener.isAdd()); + + sg.delete(new Triple(NodeFactory.createURI("urn:bob"), NodeFactory + .createURI("http://example.com/v2";), NodeFactory.createAnon())); + + Assert.assertTrue("Should recorded delete", bobListener.isDelete()); + Assert.assertFalse("Should not have recorded delete", + annListener.isDelete()); + } + +} http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/graph/GraphEventManagerTest.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/graph/GraphEventManagerTest.java b/jena-security/src/test/java/org/apache/jena/security/graph/GraphEventManagerTest.java index d45db9e..e7a8f34 100644 --- a/jena-security/src/test/java/org/apache/jena/security/graph/GraphEventManagerTest.java +++ b/jena-security/src/test/java/org/apache/jena/security/graph/GraphEventManagerTest.java @@ -19,15 +19,12 @@ package org.apache.jena.security.graph; import com.hp.hpl.jena.graph.Graph; import com.hp.hpl.jena.graph.GraphEventManager; -import com.hp.hpl.jena.graph.GraphListener; import com.hp.hpl.jena.graph.NodeFactory; import com.hp.hpl.jena.graph.Triple; import com.hp.hpl.jena.graph.impl.CollectionGraph; import com.hp.hpl.jena.sparql.graph.GraphFactory; import java.util.Arrays; -import java.util.Iterator; -import java.util.List; import java.util.Set; import org.apache.jena.security.Factory; @@ -41,107 +38,13 @@ import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; +/** + * Verifies that messages are properly filtered when sent to listeners. + * + */ @RunWith( value = SecurityEvaluatorParameters.class ) public class GraphEventManagerTest { - private class RecordingGraphListener implements GraphListener - { - - private boolean add; - private boolean delete; - private boolean event; - - public boolean isAdd() - { - return add; - } - - public boolean isDelete() - { - return delete; - } - - public boolean isEvent() - { - return event; - } - - @Override - public void notifyAddArray( final Graph g, final Triple[] triples ) - { - add = true; - } - - @Override - public void notifyAddGraph( final Graph g, final Graph added ) - { - add = true; - } - - @Override - public void notifyAddIterator( final Graph g, final Iterator<Triple> it ) - { - add = true; - } - - @Override - public void notifyAddList( final Graph g, final List<Triple> triples ) - { - add = true; - } - - @Override - public void notifyAddTriple( final Graph g, final Triple t ) - { - add = true; - } - - @Override - public void notifyDeleteArray( final Graph g, final Triple[] triples ) - { - delete = true; - } - - @Override - public void notifyDeleteGraph( final Graph g, final Graph removed ) - { - delete = true; - } - - @Override - public void notifyDeleteIterator( final Graph g, - final Iterator<Triple> it ) - { - delete = true; - } - - @Override - public void notifyDeleteList( final Graph g, final List<Triple> L ) - { - delete = true; - } - - @Override - public void notifyDeleteTriple( final Graph g, final Triple t ) - { - delete = true; - } - - @Override - public void notifyEvent( final Graph source, final Object value ) - { - event = true; - } - - public void reset() - { - add = false; - delete = false; - event = false; - } - - } - private final GraphEventManager manager; private final Graph g; private final SecuredGraph sg; @@ -167,10 +70,11 @@ public class GraphEventManagerTest @SuppressWarnings("deprecation") public void notifyAddTest() { + Object principal = securityEvaluator.getPrincipal(); final Set<Action> ADD = SecurityEvaluator.Util.asSet(new Action[] { Action.Create, Action.Read }); g.add(tripleArray[0]); - if (securityEvaluator.evaluateAny(ADD, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, ADD, sg.getModelNode())) { Assert.assertTrue("Should recorded add", listener.isAdd()); } @@ -182,7 +86,7 @@ public class GraphEventManagerTest listener.reset(); g.getBulkUpdateHandler().add(tripleArray); - if (securityEvaluator.evaluateAny(ADD, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, ADD, sg.getModelNode())) { Assert.assertTrue("Should recorded add", listener.isAdd()); } @@ -194,7 +98,7 @@ public class GraphEventManagerTest listener.reset(); g.getBulkUpdateHandler().add(Arrays.asList(tripleArray)); - if (securityEvaluator.evaluateAny(ADD, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, ADD, sg.getModelNode())) { Assert.assertTrue("Should recorded add", listener.isAdd()); } @@ -206,7 +110,7 @@ public class GraphEventManagerTest listener.reset(); g.getBulkUpdateHandler().add(Arrays.asList(tripleArray).iterator()); - if (securityEvaluator.evaluateAny(ADD, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, ADD, sg.getModelNode())) { Assert.assertTrue("Should recorded add", listener.isAdd()); } @@ -219,7 +123,7 @@ public class GraphEventManagerTest g.getBulkUpdateHandler().add( new CollectionGraph(Arrays.asList(tripleArray))); - if (securityEvaluator.evaluateAny(ADD, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, ADD, sg.getModelNode())) { Assert.assertTrue("Should recorded add", listener.isAdd()); } @@ -235,10 +139,11 @@ public class GraphEventManagerTest @Test public void notifyDeleteTest() { + Object principal = securityEvaluator.getPrincipal(); final Set<Action> DELETE = SecurityEvaluator.Util.asSet(new Action[] { Action.Delete, Action.Read }); g.delete(tripleArray[0]); - if (securityEvaluator.evaluateAny(DELETE, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, DELETE, sg.getModelNode())) { Assert.assertTrue("Should have recorded delete", listener.isDelete()); @@ -252,7 +157,7 @@ public class GraphEventManagerTest listener.reset(); g.getBulkUpdateHandler().delete(tripleArray); - if (securityEvaluator.evaluateAny(DELETE, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, DELETE, sg.getModelNode())) { Assert.assertTrue("Should recorded delete", listener.isDelete()); } @@ -264,7 +169,7 @@ public class GraphEventManagerTest listener.reset(); g.getBulkUpdateHandler().delete(Arrays.asList(tripleArray)); - if (securityEvaluator.evaluateAny(DELETE, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, DELETE, sg.getModelNode())) { Assert.assertTrue("Should recorded delete", listener.isDelete()); } @@ -276,7 +181,7 @@ public class GraphEventManagerTest listener.reset(); g.getBulkUpdateHandler().delete(Arrays.asList(tripleArray).iterator()); - if (securityEvaluator.evaluateAny(DELETE, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, DELETE, sg.getModelNode())) { Assert.assertTrue("Should recorded delete", listener.isDelete()); } @@ -289,7 +194,7 @@ public class GraphEventManagerTest g.getBulkUpdateHandler().delete( new CollectionGraph(Arrays.asList(tripleArray))); - if (securityEvaluator.evaluateAny(DELETE, sg.getModelNode())) + if (securityEvaluator.evaluateAny(principal, DELETE, sg.getModelNode())) { Assert.assertTrue("Should recorded delete", listener.isDelete()); } http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/graph/RecordingGraphListener.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/graph/RecordingGraphListener.java b/jena-security/src/test/java/org/apache/jena/security/graph/RecordingGraphListener.java new file mode 100644 index 0000000..1e06e01 --- /dev/null +++ b/jena-security/src/test/java/org/apache/jena/security/graph/RecordingGraphListener.java @@ -0,0 +1,106 @@ +package org.apache.jena.security.graph; + +import java.util.Iterator; +import java.util.List; + +import com.hp.hpl.jena.graph.Graph; +import com.hp.hpl.jena.graph.GraphListener; +import com.hp.hpl.jena.graph.Triple; + +public class RecordingGraphListener implements GraphListener +{ + + private boolean add; + private boolean delete; + private boolean event; + + public boolean isAdd() + { + return add; + } + + public boolean isDelete() + { + return delete; + } + + public boolean isEvent() + { + return event; + } + + @Override + public void notifyAddArray( final Graph g, final Triple[] triples ) + { + add = true; + } + + @Override + public void notifyAddGraph( final Graph g, final Graph added ) + { + add = true; + } + + @Override + public void notifyAddIterator( final Graph g, final Iterator<Triple> it ) + { + add = true; + } + + @Override + public void notifyAddList( final Graph g, final List<Triple> triples ) + { + add = true; + } + + @Override + public void notifyAddTriple( final Graph g, final Triple t ) + { + add = true; + } + + @Override + public void notifyDeleteArray( final Graph g, final Triple[] triples ) + { + delete = true; + } + + @Override + public void notifyDeleteGraph( final Graph g, final Graph removed ) + { + delete = true; + } + + @Override + public void notifyDeleteIterator( final Graph g, + final Iterator<Triple> it ) + { + delete = true; + } + + @Override + public void notifyDeleteList( final Graph g, final List<Triple> L ) + { + delete = true; + } + + @Override + public void notifyDeleteTriple( final Graph g, final Triple t ) + { + delete = true; + } + + @Override + public void notifyEvent( final Graph source, final Object value ) + { + event = true; + } + + public void reset() + { + add = false; + delete = false; + event = false; + } + +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/graph/SecuredPrefixMappingTest.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/graph/SecuredPrefixMappingTest.java b/jena-security/src/test/java/org/apache/jena/security/graph/SecuredPrefixMappingTest.java index 1bed4d7..c1d78a3 100644 --- a/jena-security/src/test/java/org/apache/jena/security/graph/SecuredPrefixMappingTest.java +++ b/jena-security/src/test/java/org/apache/jena/security/graph/SecuredPrefixMappingTest.java @@ -81,12 +81,14 @@ public class SecuredPrefixMappingTest } private final SecurityEvaluator securityEvaluator; + private final Object principal; protected SecuredPrefixMapping securedMapping; public SecuredPrefixMappingTest( final SecurityEvaluator securityEvaluator ) { this.securityEvaluator = securityEvaluator; + this.principal = securityEvaluator.getPrincipal(); } @Before @@ -102,10 +104,10 @@ public class SecuredPrefixMappingTest @Test public void testExpandPrefix() { - try + try { securedMapping.expandPrefix("foo"); - if (!securityEvaluator.evaluate(Action.Read, + if (!securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -113,7 +115,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Read, + if (securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail(String @@ -126,10 +128,10 @@ public class SecuredPrefixMappingTest @Test public void testGetNsPrefixMap() { - try + try { securedMapping.getNsPrefixMap(); - if (!securityEvaluator.evaluate(Action.Read, + if (!securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -137,7 +139,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Read, + if (securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail(String @@ -150,11 +152,10 @@ public class SecuredPrefixMappingTest @Test public void testGetNsPrefixURI() { - - try + try { securedMapping.getNsPrefixURI("foo"); - if (!securityEvaluator.evaluate(Action.Read, + if (!securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -162,7 +163,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Read, + if (securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail(String @@ -176,11 +177,10 @@ public class SecuredPrefixMappingTest @Test public void testGetNsURIPrefix() { - - try + try { securedMapping.getNsURIPrefix("http://example.com/foo";); - if (!securityEvaluator.evaluate(Action.Read, + if (!securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -188,7 +188,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Read, + if (securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail(String @@ -201,10 +201,10 @@ public class SecuredPrefixMappingTest @Test public void testLock() { - try + try { securedMapping.lock(); - if (!securityEvaluator.evaluate(Action.Update, + if (!securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -212,7 +212,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Update, + if (securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail(String @@ -229,7 +229,7 @@ public class SecuredPrefixMappingTest try { securedMapping.qnameFor("http://example.com/foo/bar";); - if (!securityEvaluator.evaluate(Action.Read, + if (!securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -237,7 +237,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Read, + if (securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail(String @@ -253,7 +253,7 @@ public class SecuredPrefixMappingTest try { securedMapping.removeNsPrefix("foo"); - if (!securityEvaluator.evaluate(Action.Update, + if (!securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -261,7 +261,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Update, + if (securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail(String @@ -279,7 +279,7 @@ public class SecuredPrefixMappingTest { securedMapping.samePrefixMappingAs(GraphFactory .createDefaultGraph().getPrefixMapping()); - if (!securityEvaluator.evaluate(Action.Read, + if (!securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -287,7 +287,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Read, + if (securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail(String @@ -303,7 +303,7 @@ public class SecuredPrefixMappingTest try { securedMapping.setNsPrefix("foo", "http://example.com/foo";); - if (!securityEvaluator.evaluate(Action.Update, + if (!securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { @@ -312,7 +312,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Update, + if (securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail(String @@ -325,7 +325,7 @@ public class SecuredPrefixMappingTest { securedMapping.setNsPrefixes(GraphFactory.createDefaultGraph() .getPrefixMapping()); - if (!securityEvaluator.evaluate(Action.Update, + if (!securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -333,7 +333,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Update, + if (securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail(String @@ -345,7 +345,7 @@ public class SecuredPrefixMappingTest try { securedMapping.setNsPrefixes(new HashMap<String, String>()); - if (!securityEvaluator.evaluate(Action.Update, + if (!securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -353,7 +353,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Update, + if (securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail(String @@ -369,7 +369,7 @@ public class SecuredPrefixMappingTest try { securedMapping.shortForm("http://example.com/foo/bar";); - if (!securityEvaluator.evaluate(Action.Read, + if (!securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -377,7 +377,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Read, + if (securityEvaluator.evaluate(principal, Action.Read, securedMapping.getModelNode())) { Assert.fail(String @@ -396,7 +396,7 @@ public class SecuredPrefixMappingTest { // make sure that it must update securedMapping.withDefaultMappings(pm); - if (!securityEvaluator.evaluate(Action.Update, + if (!securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail("Should have thrown AccessDenied Exception"); @@ -404,7 +404,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Update, + if (securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail(String @@ -430,7 +430,7 @@ public class SecuredPrefixMappingTest } catch (final AccessDeniedException e) { - if (securityEvaluator.evaluate(Action.Update, + if (securityEvaluator.evaluate(principal, Action.Update, securedMapping.getModelNode())) { Assert.fail(String http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/model/SecuredModelDetailTest.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/model/SecuredModelDetailTest.java b/jena-security/src/test/java/org/apache/jena/security/model/SecuredModelDetailTest.java index 5e051c2..6f7a4d8 100644 --- a/jena-security/src/test/java/org/apache/jena/security/model/SecuredModelDetailTest.java +++ b/jena-security/src/test/java/org/apache/jena/security/model/SecuredModelDetailTest.java @@ -53,8 +53,6 @@ public class SecuredModelDetailTest { private Property pTo = ResourceFactory.createProperty("http://example.com/to";); private Property pFrom = ResourceFactory .createProperty( "http://example.com/from";); - private Property pSubj = ResourceFactory - .createProperty("http://example.com/subj";); @Before public void setup() @@ -251,7 +249,7 @@ public class SecuredModelDetailTest { } @Override - public boolean evaluate(Action action, SecNode graphIRI) { + public boolean evaluate(Object principal, Action action, SecNode graphIRI) { // we allow any action on a graph. return true; } @@ -261,8 +259,8 @@ public class SecuredModelDetailTest { // a message is only available to sender or recipient if (r.hasProperty( RDF.type, msgType )) { - return r.hasProperty( pTo, principal.getName() ) || - r.hasProperty( pFrom, principal.getName()); + return r.hasProperty( pTo, ((Principal)principal).getName() ) || + r.hasProperty( pFrom, ((Principal)principal).getName()); } return true; } @@ -295,34 +293,34 @@ public class SecuredModelDetailTest { } @Override - public boolean evaluate(Action action, SecNode graphIRI, SecTriple triple) { + public boolean evaluate(Object principal, Action action, SecNode graphIRI, SecTriple triple) { return evaluate( triple ); } @Override - public boolean evaluate(Set<Action> actions, SecNode graphIRI) { + public boolean evaluate(Object principal, Set<Action> actions, SecNode graphIRI) { return true; } @Override - public boolean evaluate(Set<Action> actions, SecNode graphIRI, + public boolean evaluate(Object principal, Set<Action> actions, SecNode graphIRI, SecTriple triple) { return evaluate( triple ); } @Override - public boolean evaluateAny(Set<Action> actions, SecNode graphIRI) { + public boolean evaluateAny(Object principal, Set<Action> actions, SecNode graphIRI) { return true; } @Override - public boolean evaluateAny(Set<Action> actions, SecNode graphIRI, + public boolean evaluateAny(Object principal, Set<Action> actions, SecNode graphIRI, SecTriple triple) { return evaluate( triple ); } @Override - public boolean evaluateUpdate(SecNode graphIRI, SecTriple from, SecTriple to) { + public boolean evaluateUpdate(Object principal, SecNode graphIRI, SecTriple from, SecTriple to) { return evaluate( from ) && evaluate( to ); } http://git-wip-us.apache.org/repos/asf/jena/blob/23d1bde2/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java ---------------------------------------------------------------------- diff --git a/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java b/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java index 0b783c7..3b078ac 100644 --- a/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java +++ b/jena-security/src/test/java/org/apache/jena/security/query/QueryEngineTest.java @@ -6,9 +6,9 @@ * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -17,55 +17,48 @@ */ package org.apache.jena.security.query; -import com.hp.hpl.jena.query.QueryExecution; -import com.hp.hpl.jena.query.QueryExecutionFactory; -import com.hp.hpl.jena.query.QuerySolution; -import com.hp.hpl.jena.query.ResultSet; -import com.hp.hpl.jena.rdf.model.Model; -import com.hp.hpl.jena.rdf.model.ModelFactory; -import com.hp.hpl.jena.rdf.model.Resource; -import com.hp.hpl.jena.rdf.model.ResourceFactory; -import com.hp.hpl.jena.vocabulary.RDF; - -import org.junit.Assert; - import org.apache.jena.security.Factory; import org.apache.jena.security.MockSecurityEvaluator; import org.apache.jena.security.SecurityEvaluator; import org.apache.jena.security.SecurityEvaluator.SecNode.Type; import org.apache.jena.security.model.SecuredModel; -import org.apache.jena.security.query.SecuredQueryEngineFactory; import org.junit.After; import org.junit.AfterClass; +import org.junit.Assert; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Test; -public class QueryEngineTest -{ +import com.hp.hpl.jena.query.QueryExecution; +import com.hp.hpl.jena.query.QueryExecutionFactory; +import com.hp.hpl.jena.query.QuerySolution; +import com.hp.hpl.jena.query.ResultSet; +import com.hp.hpl.jena.rdf.model.Model; +import com.hp.hpl.jena.rdf.model.ModelFactory; +import com.hp.hpl.jena.rdf.model.Resource; +import com.hp.hpl.jena.rdf.model.ResourceFactory; +import com.hp.hpl.jena.vocabulary.RDF; + +public class QueryEngineTest { @BeforeClass - public static void setupFactory() - { + public static void setupFactory() { SecuredQueryEngineFactory.register(); } @AfterClass - public static void teardownFactory() - { + public static void teardownFactory() { SecuredQueryEngineFactory.unregister(); } Model baseModel; - public QueryEngineTest() - { + public QueryEngineTest() { } @Before - public void setUp() - { + public void setUp() { baseModel = ModelFactory.createDefaultModel(); Resource r = ResourceFactory .createResource("http://example.com/resource/1";); @@ -108,20 +101,17 @@ public class QueryEngineTest } @After - public void tearDown() - { + public void tearDown() { baseModel.close(); } @Test - public void testOpenQueryType() - { + public void testOpenQueryType() { final SecurityEvaluator eval = new MockSecurityEvaluator(true, true, true, true, true, true); final SecuredModel model = Factory.getInstance(eval, "http://example.com/securedModel";, baseModel); - try - { + try { final String query = "prefix fn: <http://www.w3.org/2005/xpath-functions#> " + " SELECT ?foo ?bar WHERE " + " { ?foo a <http://example.com/class> ; " @@ -129,50 +119,41 @@ public class QueryEngineTest + " } "; final QueryExecution qexec = QueryExecutionFactory.create(query, model); - try - { + try { final ResultSet results = qexec.execSelect(); int count = 0; - for (; results.hasNext();) - { + for (; results.hasNext();) { count++; final QuerySolution soln = results.nextSolution(); } Assert.assertEquals(8, count); - } - finally - { + } finally { qexec.close(); } - } - finally - { + } finally { model.close(); } } @Test - public void testRestrictedQueryType() - { + public void testRestrictedQueryType() { final SecurityEvaluator eval = new MockSecurityEvaluator(true, true, true, true, true, true) { @Override - public boolean evaluate( final Action action, - final SecNode graphIRI, final SecTriple triple ) - { + public boolean evaluate(final Object principal, + final Action action, final SecNode graphIRI, + final SecTriple triple) { if (triple.getSubject().equals( - new SecNode(Type.URI, "http://example.com/resource/1";))) - { + new SecNode(Type.URI, "http://example.com/resource/1";))) { return false; } - return super.evaluate(action, graphIRI, triple); + return super.evaluate(principal, action, graphIRI, triple); } }; final SecuredModel model = Factory.getInstance(eval, "http://example.com/securedModel";, baseModel); - try - { + try { final String query = "prefix fn: <http://www.w3.org/2005/xpath-functions#> " + " SELECT ?foo ?bar WHERE " + " { ?foo a <http://example.com/class> ; " @@ -180,24 +161,18 @@ public class QueryEngineTest + " } "; final QueryExecution qexec = QueryExecutionFactory.create(query, model); - try - { + try { final ResultSet results = qexec.execSelect(); int count = 0; - for (; results.hasNext();) - { + for (; results.hasNext();) { count++; results.nextSolution(); } Assert.assertEquals(4, count); - } - finally - { + } finally { qexec.close(); } - } - finally - { + } finally { model.close(); } }
