I am updating the hive api to allow this sort of questions and in the
process am making most of the methods final.
This means the HiveExtensionTest won't compile anymore so i have
copied the relevant bits here and in the process rewritten the test so
that it should work on 1.3.0 as well
public void testAddPrincipal()
{
Principal principal = new ScanManPrincipal("test2");
ScanManSimpleCachingHive hive = new ScanManSimpleCachingHive();
List list = new ArrayList(2);
list.add(new TestPermission("p1", "access"));
list.add(new TestPermission("p2", "access, render"));
hive.addPrincipal(principal, list);
hive.lock();
Set set = hive.getPrincipals(new TestPermission("p1",
"access"));
assertTrue(set.contains(principal));
assertEquals(1, set.size());
}
public void testAddPermission()
{
Principal principal = new ScanManPrincipal("test1");
ScanManSimpleCachingHive hive = new ScanManSimpleCachingHive();
hive.addPermission(principal, new TestPermission("p1",
"access"));
hive.addPermission(principal, new TestPermission("p2", "access,
render"));
hive.lock();
Set set = hive.getPrincipals(new TestPermission("p1",
"access"));
assertTrue(set.contains(principal));
assertEquals(1, set.size());
}
public class TestPermission extends Permission
{
private static final long serialVersionUID = 1L;
private String actions = "";
/**
*
* Construct.
*
* @param name
*/
public TestPermission(String name)
{
super(name);
}
/**
*
* Constructor required by the [EMAIL PROTECTED] HiveFactory}.
*
* @param name
* @param actions
*/
public TestPermission(String name, String actions)
{
super(name);
this.actions = actions;
}
/**
*
* @see
org.apache.wicket.security.hive.authorization.Permission#equals(java.lang.Object)
*/
public boolean equals(Object obj)
{
if (obj == this)
return true;
if (obj == null)
return false;
if (obj.getClass().equals(this.getClass()))
{
TestPermission other = (TestPermission)obj;
return other.getName().equals(getName()) &&
other.getActions().equals(getActions());
}
return false;
}
/**
*
* @see
org.apache.wicket.security.hive.authorization.Permission#getActions()
*/
public String getActions()
{
return actions;
}
/**
*
* @see
org.apache.wicket.security.hive.authorization.Permission#hashCode()
*/
public int hashCode()
{
return getName().hashCode();
}
/**
*
* @see
org.apache.wicket.security.hive.authorization.Permission#implies(org.apache.wicket.security.hive.authorization.Permission)
*/
public boolean implies(Permission permission)
{
if (permission == this)
return true;
if (permission == null)
return false;
if (permission.getClass().equals(this.getClass()))
{
TestPermission other = (TestPermission)permission;
return other.getName().equals(getName())
&&
getActions().indexOf(other.getActions()) > -1;
}
return false;
}
}
Maurice
On Feb 18, 2008 9:03 AM, Maurice Marrink <[EMAIL PROTECTED]> wrote:
> The code is on wicketstuff svn
> https://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicket-security/swarm-parent/hive/src/test/java/org/apache/wicket/security/hive/HiveExtensionTest.java
>
> Perhaps if you can show me in a similar test setup how your code is
> failing we might figure out why.
>
> Note that above class is not standalone it requires some classes only
> found in svn trunk but it should give you a starting point.
> trunk is located at
> https://wicket-stuff.svn.sourceforge.net/svnroot/wicket-stuff/trunk/wicket-security/
> and contains a maven multiproject.
>
> Maurice
>
>
> On Feb 18, 2008 5:23 AM, Warren <[EMAIL PROTECTED]> wrote:
> > Maurice,
> >
> > Can you show me your code? I would rather do it your way than mine. My
> > policy file will be much more complicated than the one I am testing with.
> >
> > > -----Original Message-----
> > > From: Maurice Marrink [mailto:[EMAIL PROTECTED]
> > > Sent: Sunday, February 17, 2008 6:27 AM
> > > To: [email protected]
> > > Subject: Re: wicket-security Custom Access Denied Page
> > >
> > >
> >
> > > Just finished testing your classes using my 1.3.1 development code and
> > > both your way and my way work, as it should.
> > > I don't get why using the permission instead of the permission name
> > > does not work for you.
> > >
> > > I did however just think of 1 caveat in using the permission name
> > > instead of the permission.
> > > This might not be relevant for you (since you have a very small policy
> > > file), but if anybody else is following this thread it might be
> > > relevant to them.
> > > If your policy file contains a principal "foo" with action "render"
> > > for principal "p1" and a permission "foo" with action "enable" for
> > > principal "p2"
> > > your hive will return both principals p1 and p2 eventhough you did
> > > hive.getPrincipals(new ...Permission("foo","enable").
> > > In this scenario it should only return p2 and not p1.
> > >
> > > Maurice
> > >
> > > On Feb 16, 2008 1:53 PM, Maurice Marrink <[EMAIL PROTECTED]> wrote:
> > > > On Feb 15, 2008 6:38 PM, Warren <[EMAIL PROTECTED]> wrote:
> > > > > Maurice,
> > > > >
> > > > > Here is my SimpleCachingHive and my Principal. I did not
> > > extend Permissin, I
> > > > > didn't think I had to. I pretty much based my implementation
> > > on you tabs
> > > > > example minus the tabs. Should I extend Permission and
> > > override hashCode()
> > > > > and equals(Object obj). And if I do, how do I force my hive to use my
> > > > > extended Permission?
> > > >
> > > > No you don't have to extend permission, it is optional. You could for
> > > > example create a ResourcePermission to check for permissions on file
> > > > uploads or downloads. For example:
> > > > permission org.ResourcePermission "/*.*", "read, write"; //enables
> > > > write permission on the root and every subdir
> > > > Your hive would not have to have explicit knowledge of this new
> > > > permission, it is sufficient if you declare it in your policy file and
> > > > in an ISecurityCheck do something like SwarmStrategy.hasPermission(new
> > > > ResourcePermission("/somefile.file"));
> > > >
> > > > Anyway moving away from this theoretical exercise and to your problem.
> > > > Your principal looks fine, if i have some time I'll try and run
> > > it myself.
> > > > One small difference i noticed (which should have no impact at all) is
> > > > you also use the class to generate the hash and in my simpleprincipal
> > > > i don't. But like i said this should not matter at all.
> > > >
> > > > Maurice
> > > >
> > >
> >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
