assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.CREATE));
assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.UPDATE));
assertEquals(AuthorizationContext.DENY, jam.authorize(resource1, identity, BasicACLPermission.DELETE));
// check that Guest has READ and UPDATE permissions on resource2.
assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.READ));
assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, BasicACLPermission.UPDATE));
assertEquals(AuthorizationContext.PERMIT, jam.authorize(resource2, identity, new CompositeACLPermission(
BasicACLPermission.READ, BasicACLPermission.UPDATE)));
assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.CREATE));
assertEquals(AuthorizationContext.DENY, jam.authorize(resource2, identity, BasicACLPermission.DELETE));