Package org.geomajas.internal.service

Source Code of org.geomajas.internal.service.CommandDispatcherSecurityTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
/*
* This is part of Geomajas, a GIS framework, http://www.geomajas.org/.
*
* Copyright 2008-2011 Geosparc nv, http://www.geosparc.com/, Belgium.
*
* The program is available in open source according to the GNU Affero
* General Public License. All contributions in this program are covered
* by the Geomajas Contributors License Agreement. For full licensing
* details, see LICENSE.txt in the project root.
*/

package org.geomajas.internal.service;

import org.geomajas.command.CommandDispatcher;
import org.geomajas.command.CommandResponse;
import org.geomajas.global.ExceptionCode;
import org.geomajas.global.GeomajasException;
import org.geomajas.internal.security.AllowTestAuthorization;
import org.geomajas.internal.security.InMemorySecurityService;
import org.geomajas.internal.security.SecurityTestCommand;
import org.geomajas.security.Authentication;
import org.geomajas.security.BaseAuthorization;
import org.geomajas.security.GeomajasSecurityException;
import org.geomajas.security.SecurityContext;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

/**
* Test for security handling in {@link CommandDispatcher}.
*
* @author Jan De Moerloose
*/
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = { "/org/geomajas/spring/geomajasContext.xml",
    "/org/geomajas/internal/service/inMemorySecurityContext.xml" })
public class CommandDispatcherSecurityTest {

  @Autowired
  private CommandDispatcher commandDispatcher;

  @Autowired
  private InMemorySecurityService securityService;

  @Autowired
  private SecurityContext securityContext;

  @Autowired
  private SecurityTestCommand securityCommand;

  @Test
  public void testValidToken() {
    securityService.put("someToken", createTestAuthentication());
    CommandResponse response = commandDispatcher.execute("test.SecurityTestCommand", null, "someToken", null);
    Assert.assertEquals(0, response.getErrors().size());
  }
 
  @Test
  public void testBadCommand() {
    securityService.put("someToken", createTestAuthentication());
    CommandResponse response = commandDispatcher.execute("test.BadCommand", null, "someToken", null);
    Assert.assertEquals(1, response.getErrors().size());
    Throwable error = response.getErrors().get(0);
    Assert.assertTrue(error instanceof GeomajasException);
    Assert.assertEquals(ExceptionCode.COMMAND_ACCESS_DENIED, ((GeomajasException) error).getExceptionCode());
  }

  @Test
  public void testInValidToken() {
    securityService.put("someToken", createTestAuthentication());
    CommandResponse response = commandDispatcher.execute("test.SecurityTestCommand", null, "invalid", null);
    Assert.assertEquals(1, response.getErrors().size());
    Throwable error = response.getErrors().get(0);
    Assert.assertTrue(error instanceof GeomajasSecurityException);
    Assert.assertEquals(ExceptionCode.CREDENTIALS_MISSING_OR_INVALID,
        ((GeomajasSecurityException) error).getExceptionCode());
  }

  @Test
  public void testNullToken() {
    CommandResponse response = commandDispatcher.execute("test.SecurityTestCommand", null, null, null);
    Assert.assertEquals(1, response.getErrors().size());
    Throwable error = response.getErrors().get(0);
    Assert.assertTrue(error instanceof GeomajasSecurityException);
    Assert.assertEquals(ExceptionCode.CREDENTIALS_MISSING_OR_INVALID,
        ((GeomajasSecurityException) error).getExceptionCode());
  }
 
  @Test
  public void testSecurityContext() {
    securityService.put("someToken", createTestAuthentication());
    securityCommand.setTest(new Runnable() {

      public void run() {
        Assert.assertEquals("someToken", securityContext.getToken());
      }

    });
    CommandResponse response = commandDispatcher.execute("test.SecurityTestCommand", null, "someToken", null);
    Assert.assertEquals(0, response.getErrors().size());
  }

  @After
  public void after() {
    securityService.clear();
  }

  private Authentication createTestAuthentication() {
    Authentication authentication = new Authentication();
    authentication.setAuthorizations(new BaseAuthorization[]{new AllowTestAuthorization()});
    return authentication;
  }
}
TOP

Related Classes of org.geomajas.internal.service.CommandDispatcherSecurityTest

  • org.geomajas.command.CommandResponse
  • org.geomajas.internal.security.AllowTestAuthorization
  • org.geomajas.security.Authentication
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.