Author: ajaquith
Date: Mon Oct 13 21:34:54 2008
New Revision: 704309
URL: http://svn.apache.org/viewvc?rev=704309&view=rev
Log:
[JSPWIKI-345] Added unit tests for testing single user policies. Confirmed bug
and workaround but did not fix root cause (freshcookies-security bug).
Added:
incubator/jspwiki/trunk/tests/etc/jspwiki-testUserPolicy.policy (with
props)
Modified:
incubator/jspwiki/trunk/ChangeLog
incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/Release.java
incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/auth/AuthorizationManager.java
incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthorizationManagerTest.java
Modified: incubator/jspwiki/trunk/ChangeLog
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/ChangeLog?rev=704309&r1=704308&r2=704309&view=diff
==============================================================================
--- incubator/jspwiki/trunk/ChangeLog (original)
+++ incubator/jspwiki/trunk/ChangeLog Mon Oct 13 21:34:54 2008
@@ -1,3 +1,12 @@
+2008-10-01 Andrew Jaquith <ajaquith AT apache DOT org>
+
+ * 2.8.0-beta-18
+
+ * [JSPWiki-342] Resolved issue by removing outdated doc files.
+
+ * [JSPWIKI-345] Added unit tests for testing single user policies.
Confirmed bug
+ and workaround but did not fix root cause (freshcookies-security bug).
+
2008-10-06 Dirk Frederickx <[EMAIL PROTECTED]>
* 2.8.0-beta-18
Modified: incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/Release.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/Release.java?rev=704309&r1=704308&r2=704309&view=diff
==============================================================================
--- incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/Release.java (original)
+++ incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/Release.java Mon Oct 13
21:34:54 2008
@@ -77,7 +77,7 @@
* <p>
* If the build identifier is empty, it is not added.
*/
- public static final String BUILD = "18";
+ public static final String BUILD = "19";
/**
* This is the generic version string you should use
Modified:
incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/auth/AuthorizationManager.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/auth/AuthorizationManager.java?rev=704309&r1=704308&r2=704309&view=diff
==============================================================================
---
incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/auth/AuthorizationManager.java
(original)
+++
incubator/jspwiki/trunk/src/com/ecyrd/jspwiki/auth/AuthorizationManager.java
Mon Oct 13 21:34:54 2008
@@ -92,6 +92,9 @@
*/
public static final String DEFAULT_AUTHORIZER =
"com.ecyrd.jspwiki.auth.authorize.WebContainerAuthorizer";
+ /** Property that supplies the security policy file name, in WEB-INF. */
+ protected static final String POLICY =
"jspwiki.policy.file";
+
/** Name of the default security policy file, in WEB-INF. */
protected static final String DEFAULT_POLICY =
"jspwiki.policy";
@@ -403,7 +406,8 @@
// Initialize local security policy
try
{
- URL policyURL = AuthenticationManager.findConfigFile( engine,
DEFAULT_POLICY );
+ String policyFileName = properties.getProperty( POLICY,
DEFAULT_POLICY );
+ URL policyURL = AuthenticationManager.findConfigFile( engine,
policyFileName );
if (policyURL != null)
{
Modified:
incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthorizationManagerTest.java
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthorizationManagerTest.java?rev=704309&r1=704308&r2=704309&view=diff
==============================================================================
---
incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthorizationManagerTest.java
(original)
+++
incubator/jspwiki/trunk/tests/com/ecyrd/jspwiki/auth/AuthorizationManagerTest.java
Mon Oct 13 21:34:54 2008
@@ -69,6 +69,11 @@
{
Properties props = new Properties();
props.load( TestEngine.findTestProperties() );
+
+ // Make sure we are using the default security policy file
jspwiki.policy
+ props.put( AuthorizationManager.POLICY,
AuthorizationManager.DEFAULT_POLICY );
+
+ // Initialize the test engine
m_engine = new TestEngine( props );
m_auth = m_engine.getAuthorizationManager();
m_groupMgr = m_engine.getGroupManager();
@@ -659,5 +664,85 @@
assertTrue( "Alice cannot read", m_auth.checkPermission( session,
new
PagePermission("TestDefaultPage","view") ) );
}
+
+ public void testUserPolicy() throws Exception
+ {
+ Properties props = new Properties();
+ props.load( TestEngine.findTestProperties() );
+
+ // Make sure we are using the default security policy file
jspwiki.policy
+ props.put( AuthorizationManager.POLICY,
"jspwiki-testUserPolicy.policy" );
+
+ // Initialize the test engine
+ m_engine = new TestEngine( props );
+ m_auth = m_engine.getAuthorizationManager();
+ m_groupMgr = m_engine.getGroupManager();
+ m_session = WikiSessionTest.adminSession( m_engine );
+
+ WikiSession s = WikiSessionTest.anonymousSession( m_engine );
+ assertFalse( "Anonymous view", m_auth.checkStaticPermission( s,
PagePermission.VIEW ) );
+ assertFalse( "Anonymous edit", m_auth.checkStaticPermission( s,
PagePermission.EDIT ) );
+ assertFalse( "Anonymous comment", m_auth.checkStaticPermission( s,
PagePermission.COMMENT ) );
+ assertFalse( "Anonymous modify", m_auth.checkStaticPermission( s,
PagePermission.MODIFY ) );
+ assertFalse( "Anonymous upload", m_auth.checkStaticPermission( s,
PagePermission.UPLOAD ) );
+ assertFalse( "Anonymous rename", m_auth.checkStaticPermission( s,
PagePermission.RENAME ) );
+ assertFalse( "Anonymous delete", m_auth.checkStaticPermission( s,
PagePermission.DELETE ) );
+ assertFalse( "Anonymous prefs", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PREFERENCES ) );
+ assertFalse( "Anonymous profile", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PROFILE ) );
+ assertFalse( "Anonymous pages", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_PAGES ) );
+ assertFalse( "Anonymous groups", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_GROUPS ) );
+
+ s = WikiSessionTest.assertedSession( m_engine, "Jack Sparrow" );
+ assertFalse( "Asserted view", m_auth.checkStaticPermission( s,
PagePermission.VIEW ) );
+ assertFalse( "Asserted edit", m_auth.checkStaticPermission( s,
PagePermission.EDIT ) );
+ assertFalse( "Asserted comment", m_auth.checkStaticPermission( s,
PagePermission.COMMENT ) );
+ assertFalse( "Asserted modify", m_auth.checkStaticPermission( s,
PagePermission.MODIFY ) );
+ assertFalse( "Asserted upload", m_auth.checkStaticPermission( s,
PagePermission.UPLOAD ) );
+ assertFalse( "Asserted rename", m_auth.checkStaticPermission( s,
PagePermission.RENAME ) );
+ assertFalse( "Asserted delete", m_auth.checkStaticPermission( s,
PagePermission.DELETE ) );
+ assertFalse( "Asserted prefs", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PREFERENCES ) );
+ assertFalse( "Asserted profile", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PROFILE ) );
+ assertFalse( "Asserted pages", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_PAGES ) );
+ assertFalse( "Asserted groups", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_GROUPS ) );
+
+ s = WikiSessionTest.authenticatedSession( m_engine, Users.BOB,
Users.BOB_PASS );
+ assertTrue( "Bob view", m_auth.checkStaticPermission( s,
PagePermission.VIEW ) );
+ assertFalse( "Bob edit", m_auth.checkStaticPermission( s,
PagePermission.EDIT ) );
+ assertFalse( "Bob comment", m_auth.checkStaticPermission( s,
PagePermission.COMMENT ) );
+ assertFalse( "Bob modify", m_auth.checkStaticPermission( s,
PagePermission.MODIFY ) );
+ assertFalse( "Bob upload", m_auth.checkStaticPermission( s,
PagePermission.UPLOAD ) );
+ assertFalse( "Bob rename", m_auth.checkStaticPermission( s,
PagePermission.RENAME ) );
+ assertFalse( "Bob delete", m_auth.checkStaticPermission( s,
PagePermission.DELETE ) );
+ assertFalse( "Bob prefs", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PREFERENCES ) );
+ assertFalse( "Bob profile", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PROFILE ) );
+ assertFalse( "Bob pages", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_PAGES ) );
+ assertFalse( "Bob groups", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_GROUPS ) );
+
+ s = WikiSessionTest.authenticatedSession( m_engine, Users.JANNE,
Users.JANNE_PASS );
+ assertTrue( "Janne view", m_auth.checkStaticPermission( s,
PagePermission.VIEW ) );
+ assertTrue( "Janne edit", m_auth.checkStaticPermission( s,
PagePermission.EDIT ) );
+ assertTrue( "Janne comment", m_auth.checkStaticPermission( s,
PagePermission.COMMENT ) );
+ assertTrue( "Janne modify", m_auth.checkStaticPermission( s,
PagePermission.MODIFY ) );
+ assertTrue( "Janne upload", m_auth.checkStaticPermission( s,
PagePermission.UPLOAD ) );
+ assertFalse( "Janne rename", m_auth.checkStaticPermission( s,
PagePermission.RENAME ) );
+ assertTrue( "Janne delete", m_auth.checkStaticPermission( s,
PagePermission.DELETE ) );
+ assertFalse( "Janne prefs", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PREFERENCES ) );
+ assertFalse( "Janne profile", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PROFILE ) );
+ assertFalse( "Janne pages", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_PAGES ) );
+ assertFalse( "Janne groups", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_GROUPS ) );
+
+ s = WikiSessionTest.adminSession( m_engine );
+ assertTrue( "Admin view", m_auth.checkStaticPermission( s,
PagePermission.VIEW ) );
+ assertFalse( "Admin edit", m_auth.checkStaticPermission( s,
PagePermission.EDIT ) );
+ assertFalse( "Admin comment", m_auth.checkStaticPermission( s,
PagePermission.COMMENT ) );
+ assertFalse( "Admin modify", m_auth.checkStaticPermission( s,
PagePermission.MODIFY ) );
+ assertFalse( "Admin upload", m_auth.checkStaticPermission( s,
PagePermission.UPLOAD ) );
+ assertFalse( "Admin rename", m_auth.checkStaticPermission( s,
PagePermission.RENAME ) );
+ assertFalse( "Admin delete", m_auth.checkStaticPermission( s,
PagePermission.DELETE ) );
+ assertFalse( "Admin prefs", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PREFERENCES ) );
+ assertFalse( "Admin profile", m_auth.checkStaticPermission( s,
WikiPermission.EDIT_PROFILE ) );
+ assertFalse( "Admin pages", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_PAGES ) );
+ assertFalse( "Admin groups", m_auth.checkStaticPermission( s,
WikiPermission.CREATE_GROUPS ) );
+ }
}
Added: incubator/jspwiki/trunk/tests/etc/jspwiki-testUserPolicy.policy
URL:
http://svn.apache.org/viewvc/incubator/jspwiki/trunk/tests/etc/jspwiki-testUserPolicy.policy?rev=704309&view=auto
==============================================================================
--- incubator/jspwiki/trunk/tests/etc/jspwiki-testUserPolicy.policy (added)
+++ incubator/jspwiki/trunk/tests/etc/jspwiki-testUserPolicy.policy Mon Oct 13
21:34:54 2008
@@ -0,0 +1,11 @@
+grant principal com.ecyrd.jspwiki.auth.authorize.Role "All" {
+ permission com.ecyrd.jspwiki.auth.permissions.WikiPermission "*", "login";
+};
+
+grant principal com.ecyrd.jspwiki.auth.authorize.Role "Authenticated" {
+ permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*", "view";
+};
+
+grant principal com.ecyrd.jspwiki.auth.WikiPrincipal "Janne Jalkanen" {
+ permission com.ecyrd.jspwiki.auth.permissions.PagePermission "*:*",
"edit,delete";
+};
Propchange: incubator/jspwiki/trunk/tests/etc/jspwiki-testUserPolicy.policy
------------------------------------------------------------------------------
svn:executable = *
