From 648ba1c43ac94f2fa88f85f120b02cfc8bde2a9a Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Thu, 13 Nov 2008 08:57:43 +0000 Subject: [PATCH] SEC-1034: Fix broken tests. --- .../WebInvocationPrivilegeEvaluatorTests.java | 100 +++++++++++------- .../security/util/FilterChainProxyTests.java | 14 +-- .../intercept/web/applicationContext.xml | 41 ------- .../security/util/filtertest-valid.xml | 26 ++--- 4 files changed, 72 insertions(+), 109 deletions(-) delete mode 100644 core/src/test/resources/org/springframework/security/intercept/web/applicationContext.xml diff --git a/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java b/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java index 0c0bbc2d5f..15b5195ce5 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/WebInvocationPrivilegeEvaluatorTests.java @@ -15,11 +15,31 @@ package org.springframework.security.intercept.web; +import static org.junit.Assert.*; +import static org.springframework.security.matcher.AuthenticationMatcher.anAuthenticationWithUsername; + +import java.util.List; + import junit.framework.TestCase; +import org.jmock.Expectations; +import org.jmock.Mockery; +import org.jmock.integration.junit4.JUnit4Mockery; +import org.junit.After; +import org.junit.Before; +import org.junit.Test; +import org.springframework.security.AccessDecisionManager; +import org.springframework.security.AccessDeniedException; +import org.springframework.security.Authentication; +import org.springframework.security.AuthenticationManager; import org.springframework.security.GrantedAuthority; import org.springframework.security.GrantedAuthorityImpl; +import org.springframework.security.MockApplicationEventPublisher; +import org.springframework.security.RunAsManager; +import org.springframework.security.ConfigAttribute; +import org.springframework.security.context.SecurityContextHolder; +import org.springframework.security.providers.TestingAuthenticationToken; import org.springframework.security.providers.UsernamePasswordAuthenticationToken; import org.springframework.security.util.FilterInvocationUtils; @@ -34,62 +54,70 @@ import org.springframework.context.support.ClassPathXmlApplicationContext; * @author Ben Alex * @version $Id$ */ -public class WebInvocationPrivilegeEvaluatorTests extends TestCase { - //~ Constructors =================================================================================================== - - public WebInvocationPrivilegeEvaluatorTests() { - super(); - } - - public WebInvocationPrivilegeEvaluatorTests(String arg0) { - super(arg0); - } +public class WebInvocationPrivilegeEvaluatorTests { + private Mockery jmock = new JUnit4Mockery(); + private AuthenticationManager am; + private AccessDecisionManager adm; + private FilterInvocationDefinitionSource ods; + private RunAsManager ram; + private FilterSecurityInterceptor interceptor; //~ Methods ======================================================================================================== - private FilterSecurityInterceptor makeFilterSecurityInterceptor() { - ApplicationContext context = new ClassPathXmlApplicationContext( - "org/springframework/security/intercept/web/applicationContext.xml"); - - return (FilterSecurityInterceptor) context.getBean("securityInterceptor"); + @Before + public final void setUp() throws Exception { + interceptor = new FilterSecurityInterceptor(); + am = jmock.mock(AuthenticationManager.class); + ods = jmock.mock(FilterInvocationDefinitionSource.class); + adm = jmock.mock(AccessDecisionManager.class); + ram = jmock.mock(RunAsManager.class); + interceptor.setAuthenticationManager(am); + interceptor.setObjectDefinitionSource(ods); + interceptor.setAccessDecisionManager(adm); + interceptor.setRunAsManager(ram); + interceptor.setApplicationEventPublisher(new MockApplicationEventPublisher(true)); + SecurityContextHolder.clearContext(); } - public void testAllowsAccess1() throws Exception { - UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_INDEX")}); + @After + public void tearDown() throws Exception { + SecurityContextHolder.clearContext(); + } + + @Test + public void allowsAccessIfAccessDecisionMangerDoes() throws Exception { + Authentication token = new TestingAuthenticationToken("test", "Password", "MOCK_INDEX"); FilterInvocation fi = FilterInvocationUtils.create("/foo/index.jsp"); - FilterSecurityInterceptor interceptor = makeFilterSecurityInterceptor(); WebInvocationPrivilegeEvaluator wipe = new WebInvocationPrivilegeEvaluator(); wipe.setSecurityInterceptor(interceptor); wipe.afterPropertiesSet(); + jmock.checking(new Expectations() {{ + ignoring(ram); ignoring(ods); + oneOf(adm).decide(with(anAuthenticationWithUsername("test")), with(anything()), with(aNonNull(List.class))); + }}); + assertTrue(wipe.isAllowed(fi, token)); + jmock.assertIsSatisfied(); } - public void testAllowsAccess2() throws Exception { - UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_USER")}); - FilterInvocation fi = FilterInvocationUtils.create("/anything.jsp"); - FilterSecurityInterceptor interceptor = makeFilterSecurityInterceptor(); + @Test + public void deniesAccessIfAccessDecisionMangerDoes() throws Exception { + Authentication token = new TestingAuthenticationToken("test", "Password", "MOCK_INDEX"); + FilterInvocation fi = FilterInvocationUtils.create("/foo/index.jsp"); WebInvocationPrivilegeEvaluator wipe = new WebInvocationPrivilegeEvaluator(); wipe.setSecurityInterceptor(interceptor); wipe.afterPropertiesSet(); - assertTrue(wipe.isAllowed(fi, token)); - } - - public void testDeniesAccess1() throws Exception { - UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_NOTHING_USEFUL")}); - FilterInvocation fi = FilterInvocationUtils.create("/anything.jsp"); - FilterSecurityInterceptor interceptor = makeFilterSecurityInterceptor(); - - WebInvocationPrivilegeEvaluator wipe = new WebInvocationPrivilegeEvaluator(); - wipe.setSecurityInterceptor(interceptor); - wipe.afterPropertiesSet(); + jmock.checking(new Expectations() {{ + ignoring(ram); ignoring(ods); + oneOf(adm).decide(with(anAuthenticationWithUsername("test")), with(anything()), with(aNonNull(List.class))); + will(throwException(new AccessDeniedException(""))); + }}); assertFalse(wipe.isAllowed(fi, token)); + jmock.assertIsSatisfied(); } } diff --git a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java index 1ef0407e75..0f762c796f 100644 --- a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java +++ b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java @@ -85,13 +85,9 @@ public class FilterChainProxyTests { assertFalse(filter.isWasDestroyed()); } - @Test + @Test(expected=BeanCreationException.class) public void misplacedUniversalPathShouldBeDetected() throws Exception { - try { - appCtx.getBean("newFilterChainProxyWrongPathOrder", FilterChainProxy.class); - fail("Expected BeanCreationException"); - } catch (BeanCreationException expected) { - } + appCtx.getBean("newFilterChainProxyWrongPathOrder", FilterChainProxy.class); } @Test @@ -100,12 +96,6 @@ public class FilterChainProxyTests { doNormalOperation(filterChainProxy); } - @Test - public void proxyPathWithoutLowerCaseConversionShouldntMatchDifferentCasePath() throws Exception { - FilterChainProxy filterChainProxy = (FilterChainProxy) appCtx.getBean("filterChainNonLowerCase", FilterChainProxy.class); - assertNull(filterChainProxy.getFilters("/some/other/path/blah")); - } - @Test public void normalOperationWithNewConfig() throws Exception { FilterChainProxy filterChainProxy = (FilterChainProxy) appCtx.getBean("newFilterChainProxy", FilterChainProxy.class); diff --git a/core/src/test/resources/org/springframework/security/intercept/web/applicationContext.xml b/core/src/test/resources/org/springframework/security/intercept/web/applicationContext.xml deleted file mode 100644 index 75a9fcb063..0000000000 --- a/core/src/test/resources/org/springframework/security/intercept/web/applicationContext.xml +++ /dev/null @@ -1,41 +0,0 @@ - - - - - - - - - - - - - - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /foo/index.jsp=MOCK_INDEX - /hello.htm=MOCK_HELLO - /**=MOCK_USER - - - - - diff --git a/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml b/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml index 35d12b18fb..3e74d90f27 100644 --- a/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml +++ b/core/src/test/resources/org/springframework/security/util/filtertest-valid.xml @@ -42,28 +42,14 @@ http://www.springframework.org/schema/security http://www.springframework.org/sc - - - CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON - PATTERN_TYPE_APACHE_ANT - /foo/**=mockFilter - /some/other/path/**=mockFilter - /do/not/filter=#NONE# - - - - - - - - PATTERN_TYPE_APACHE_ANT - /foo/**=mockFilter - /SOME/other/path/**=sif,mockFilter,mockFilter2 - /do/not/filter=#NONE# - - + + + + + +