From 6c29a6d17e87f31a3737c0374f2209b6d078b7e7 Mon Sep 17 00:00:00 2001 From: Luke Taylor Date: Mon, 13 Feb 2006 16:16:43 +0000 Subject: [PATCH] Added test for immutability of authorities array. Refactored standard authorities array into an instance field. --- .../AbstractAuthenticationTokenTests.java | 60 ++++++++++--------- 1 file changed, 33 insertions(+), 27 deletions(-) diff --git a/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java b/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java index 759f5df1bb..9cd3472c07 100644 --- a/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java +++ b/core/src/test/java/org/acegisecurity/providers/AbstractAuthenticationTokenTests.java @@ -28,6 +28,10 @@ import org.acegisecurity.GrantedAuthorityImpl; * @version $Id$ */ public class AbstractAuthenticationTokenTests extends TestCase { + //~ Instance fields ======================================================== + + private GrantedAuthority[] authorities = null; + //~ Constructors =========================================================== public AbstractAuthenticationTokenTests() { @@ -46,13 +50,14 @@ public class AbstractAuthenticationTokenTests extends TestCase { public final void setUp() throws Exception { super.setUp(); + + authorities = new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), + new GrantedAuthorityImpl("ROLE_TWO")}; } public void testGetters() throws Exception { MockAuthenticationImpl token = new MockAuthenticationImpl("Test", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); assertEquals("Test", token.getPrincipal()); assertEquals("Password", token.getCredentials()); assertEquals("Test", token.getName()); @@ -60,13 +65,9 @@ public class AbstractAuthenticationTokenTests extends TestCase { public void testHashCode() throws Exception { MockAuthenticationImpl token1 = new MockAuthenticationImpl("Test", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); MockAuthenticationImpl token2 = new MockAuthenticationImpl("Test", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); MockAuthenticationImpl token3 = new MockAuthenticationImpl(null, null, new GrantedAuthority[] {}); assertEquals(token1.hashCode(), token2.hashCode()); @@ -79,25 +80,17 @@ public class AbstractAuthenticationTokenTests extends TestCase { public void testObjectsEquals() throws Exception { MockAuthenticationImpl token1 = new MockAuthenticationImpl("Test", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); MockAuthenticationImpl token2 = new MockAuthenticationImpl("Test", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); assertEquals(token1, token2); MockAuthenticationImpl token3 = new MockAuthenticationImpl("Test", - "Password_Changed", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password_Changed", authorities); assertTrue(!token1.equals(token3)); MockAuthenticationImpl token4 = new MockAuthenticationImpl("Test_Changed", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); assertTrue(!token1.equals(token4)); MockAuthenticationImpl token5 = new MockAuthenticationImpl("Test", @@ -121,9 +114,7 @@ public class AbstractAuthenticationTokenTests extends TestCase { public void testSetAuthenticated() throws Exception { MockAuthenticationImpl token = new MockAuthenticationImpl("Test", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); assertTrue(!token.isAuthenticated()); token.setAuthenticated(true); assertTrue(token.isAuthenticated()); @@ -131,9 +122,7 @@ public class AbstractAuthenticationTokenTests extends TestCase { public void testToStringWithAuthorities() { MockAuthenticationImpl token = new MockAuthenticationImpl("Test", - "Password", - new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl( - "ROLE_TWO")}); + "Password", authorities); assertTrue(token.toString().lastIndexOf("ROLE_TWO") != -1); } @@ -143,6 +132,23 @@ public class AbstractAuthenticationTokenTests extends TestCase { assertTrue(token.toString().lastIndexOf("Not granted any authorities") != -1); } + public void testAuthoritiesAreImmutable() { + MockAuthenticationImpl token = new MockAuthenticationImpl("Test", + "Password", authorities); + GrantedAuthority[] gotAuthorities = token.getAuthorities(); + assertNotSame(authorities, gotAuthorities); + + gotAuthorities[0] = new GrantedAuthorityImpl("ROLE_SUPER_USER"); + + // reget them and check nothing has changed + gotAuthorities = token.getAuthorities(); + assertEquals(2, gotAuthorities.length); + assertEquals(gotAuthorities[0], authorities[0]); + assertEquals(gotAuthorities[1], authorities[1]); + assertFalse(gotAuthorities[0].equals("ROLE_SUPER_USER")); + assertFalse(gotAuthorities[1].equals("ROLE_SUPER_USER")); + } + //~ Inner Classes ========================================================== private class MockAuthenticationImpl extends AbstractAuthenticationToken {