Expanded unit test coverage.

2025-06-28 14:52:24 +00:00 · 2004-03-28 11:39:38 +00:00 · 2004-03-28 11:39:38 +00:00 · 8808f5e8dd
commit 8808f5e8dd
parent 6038d56ece
1 changed files with 53 additions and 134 deletions
--- a/core/src/test/java/org/acegisecurity/providers/dao/memory/InMemoryDaoTests.java
+++ b/core/src/test/java/org/acegisecurity/providers/dao/memory/InMemoryDaoTests.java
@ -17,31 +17,16 @@ package net.sf.acegisecurity.providers.dao.memory;
 import junit.framework.TestCase;
-import net.sf.acegisecurity.AccessDeniedException;
+import net.sf.acegisecurity.providers.dao.UsernameNotFoundException;
 import net.sf.acegisecurity.BadCredentialsException;
 import net.sf.acegisecurity.DisabledException;
 import net.sf.acegisecurity.context.Account;
 import net.sf.acegisecurity.context.BankManager;
 import net.sf.acegisecurity.context.Context;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.SecureContext;
 import net.sf.acegisecurity.context.SecureContextImpl;
 import net.sf.acegisecurity.providers.UsernamePasswordAuthenticationToken;
 import org.springframework.context.support.ClassPathXmlApplicationContext;
 /**
- * Tests {@link DaoAuthenticationProvider} with {@link InMemoryDaoImpl}.
+ * Tests {@link InMemoryDaoImpl}.
 *
 * @author Ben Alex
 * @version $Id$
 */
 public class InMemoryDaoTests extends TestCase {
    //~ Instance fields ========================================================
    private ClassPathXmlApplicationContext ctx;
    //~ Constructors ===========================================================
    public InMemoryDaoTests() {
@ -56,142 +41,76 @@ public class InMemoryDaoTests extends TestCase {
    public final void setUp() throws Exception {
        super.setUp();
        ctx = new ClassPathXmlApplicationContext(
                "/net/sf/acegisecurity/providers/dao/memory/applicationContext.xml");
    }
    public static void main(String[] args) {
        junit.textui.TestRunner.run(InMemoryDaoTests.class);
    }
-    public void testAuthentication() throws Exception {
+    public void testLookupFails() throws Exception {
-        Account account = new Account(1, "someone");
+        InMemoryDaoImpl dao = new InMemoryDaoImpl();
-        BankManager bank = (BankManager) ctx.getBean("bankManager");
+        dao.setUserMap(makeUserMap());
-
+        dao.afterPropertiesSet();
        // Try with an invalid username and password
        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("jennifer",
                "zebra");
        SecureContext secureContext = new SecureContextImpl();
        secureContext.setAuthentication(token);
        ContextHolder.setContext((Context) secureContext);
        try {
-            bank.saveAccount(account);
+            dao.loadUserByUsername("UNKNOWN_USER");
-            fail("Should have thrown a BadCredentialsException");
+            fail("Should have thrown UsernameNotFoundException");
-        } catch (BadCredentialsException expected) {
+        } catch (UsernameNotFoundException expected) {
            assertTrue(true);
        }
    }
-        // Check our token represents itself properly as a String
+    public void testLookupSuccess() throws Exception {
-        System.out.println(token.toString());
+        InMemoryDaoImpl dao = new InMemoryDaoImpl();
-        assertTrue(token.toString().length() > 10);
+        dao.setUserMap(makeUserMap());
        dao.afterPropertiesSet();
        assertEquals("koala", dao.loadUserByUsername("marissa").getPassword());
        assertEquals("wombat", dao.loadUserByUsername("scott").getPassword());
    }
-        // Now try with a valid username, but invalid password
+    public void testLookupSuccessWithMixedeCase() throws Exception {
-        token = new UsernamePasswordAuthenticationToken("marissa", "zebra");
+        InMemoryDaoImpl dao = new InMemoryDaoImpl();
-        secureContext.setAuthentication(token);
+        dao.setUserMap(makeUserMap());
-        ContextHolder.setContext((Context) secureContext);
+        dao.afterPropertiesSet();
        assertEquals("koala", dao.loadUserByUsername("MaRiSSA").getPassword());
        assertEquals("wombat", dao.loadUserByUsername("ScOTt").getPassword());
    }
    public void testStartupFailsIfUserMapNotSet() throws Exception {
        InMemoryDaoImpl dao = new InMemoryDaoImpl();
        try {
-            bank.saveAccount(account);
+            dao.afterPropertiesSet();
-            fail("Should have thrown a BadCredentialsException");
+            fail("Shoudl have thrown IllegalArgumentException");
-        } catch (BadCredentialsException expected) {
+        } catch (IllegalArgumentException expected) {
            assertTrue(true);
        }
    }
-        // Now try with a valid username and password, but disabled user
+    public void testStartupFailsIfUserMapSetToNull() throws Exception {
-        token = new UsernamePasswordAuthenticationToken("dianne", "emu");
+        InMemoryDaoImpl dao = new InMemoryDaoImpl();
-        secureContext.setAuthentication(token);
+        dao.setUserMap(null);
        ContextHolder.setContext((Context) secureContext);
        try {
-            bank.saveAccount(account);
+            dao.afterPropertiesSet();
-            fail("Should have thrown a DisabledException");
+            fail("Shoudl have thrown IllegalArgumentException");
-        } catch (DisabledException expected) {
+        } catch (IllegalArgumentException expected) {
            assertTrue(true);
        }
        // Now try as a user who didn't have a password defined, and thus
        // would have been considered invalid at time of creation
        token = new UsernamePasswordAuthenticationToken("someoneelse", "");
        secureContext.setAuthentication(token);
        ContextHolder.setContext((Context) secureContext);
        try {
            bank.saveAccount(account);
            fail("Should have thrown a BadCredentialsException");
        } catch (BadCredentialsException expected) {
            assertTrue(true);
    }
-        // Now try as a user who had a password, but no granted authorities,
+    public void testStartupSuccessIfUserMapSet() throws Exception {
-        // and thus would have been considered invalid at time of creation
+        InMemoryDaoImpl dao = new InMemoryDaoImpl();
-        token = new UsernamePasswordAuthenticationToken("someone", "password");
+        dao.setUserMap(makeUserMap());
-        secureContext.setAuthentication(token);
+        dao.afterPropertiesSet();
-        ContextHolder.setContext((Context) secureContext);
+        assertEquals(2, dao.getUserMap().getUserCount());
        try {
            bank.saveAccount(account);
            fail("Should have thrown a BadCredentialsException");
        } catch (BadCredentialsException expected) {
            assertTrue(true);
    }
-        // Now try with a valid mixed case username, valid mixed case password,
+    private UserMap makeUserMap() {
-        // (application context requires passwords to be case matched)
+        UserMapEditor editor = new UserMapEditor();
-        token = new UsernamePasswordAuthenticationToken("MaRiSsA", "kOaLa");
+        editor.setAsText(
-        secureContext.setAuthentication(token);
+            "marissa=koala,ROLE_ONE,ROLE_TWO,enabled\r\nscott=wombat,ROLE_ONE,ROLE_TWO,enabled");
        ContextHolder.setContext((Context) secureContext);
-        try {
+        return (UserMap) editor.getValue();
            bank.saveAccount(account);
            fail("Should have thrown a BadCredentialsException");
        } catch (BadCredentialsException expected) {
            assertTrue(true);
        }
        // Now try with a valid mixed case username, correct case password,
        // (application context does not require usernames to be case matched)
        token = new UsernamePasswordAuthenticationToken("MaRiSsA", "koala");
        secureContext.setAuthentication(token);
        ContextHolder.setContext((Context) secureContext);
        bank.saveAccount(account);
        ContextHolder.setContext(null);
    }
    public void testAuthorization() throws Exception {
        Account account = new Account(45, "someone");
        BankManager bank = (BankManager) ctx.getBean("bankManager");
        // Try as a user without access to the account
        UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("peter",
                "opal");
        SecureContext secureContext = new SecureContextImpl();
        secureContext.setAuthentication(token);
        ContextHolder.setContext((Context) secureContext);
        try {
            // NB: account number 45 != granted authority for account 77
            bank.loadAccount(account.getId());
            fail("Should have thrown an AccessDeniedException");
        } catch (AccessDeniedException expected) {
            assertTrue(true);
        }
        // Now try as user with access to account number 45
        token = new UsernamePasswordAuthenticationToken("scott", "wombat");
        secureContext.setAuthentication(token);
        ContextHolder.setContext((Context) secureContext);
        bank.loadAccount(account.getId());
        assertTrue(true);
        // Now try as user with ROLE_SUPERVISOR access to the account
        token = new UsernamePasswordAuthenticationToken("marissa", "koala");
        secureContext.setAuthentication(token);
        ContextHolder.setContext((Context) secureContext);
        bank.loadAccount(account.getId());
        assertTrue(true);
        ContextHolder.setContext(null);
    }
 }