Skip to content
Snippets Groups Projects
Commit 5f7a7eae authored by Jeff Burke's avatar Jeff Burke
Browse files

s1651: unit test for testing group ownership

parent a35a4041
Branches
Tags
No related merge requests found
Showing
with 210 additions and 112 deletions
...@@ -145,7 +145,7 @@ public abstract interface GroupPersistence<T extends Principal> ...@@ -145,7 +145,7 @@ public abstract interface GroupPersistence<T extends Principal>
/** /**
* Obtain a Collection of Groups that fit the given query. * Obtain a Collection of Groups that fit the given query.
* *
* @param user<T> ID of user * @param user user
* @param role Role of the user, either owner, member, or read/write. * @param role Role of the user, either owner, member, or read/write.
* *
* @return Collection of Groups matching the query, or empty Collection. * @return Collection of Groups matching the query, or empty Collection.
...@@ -162,7 +162,7 @@ public abstract interface GroupPersistence<T extends Principal> ...@@ -162,7 +162,7 @@ public abstract interface GroupPersistence<T extends Principal>
/** /**
* Check whether the user is a member of the group. * Check whether the user is a member of the group.
* *
* @param user<T> ID of user * @param user user
* @param groupID ID of group * @param groupID ID of group
* *
* @return true or false * @return true or false
...@@ -170,9 +170,10 @@ public abstract interface GroupPersistence<T extends Principal> ...@@ -170,9 +170,10 @@ public abstract interface GroupPersistence<T extends Principal>
* @throws GroupNotFoundException If the group was not found. * @throws GroupNotFoundException If the group was not found.
* @throws TransientException If an temporary, unexpected problem occurred. * @throws TransientException If an temporary, unexpected problem occurred.
* @throws AccessControlException If the operation is not permitted. * @throws AccessControlException If the operation is not permitted.
* @throws ca.nrc.cadc.ac.UserNotFoundException
*/ */
public abstract boolean isMember(User<T> user, String groupID) public abstract boolean isMember(User<T> user, String groupID)
throws GroupNotFoundException, TransientException, throws GroupNotFoundException, TransientException,
AccessControlException; AccessControlException, UserNotFoundException;
} }
...@@ -68,7 +68,6 @@ ...@@ -68,7 +68,6 @@
*/ */
package ca.nrc.cadc.ac.server.ldap; package ca.nrc.cadc.ac.server.ldap;
import ca.nrc.cadc.ac.AC;
import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.GroupAlreadyExistsException; import ca.nrc.cadc.ac.GroupAlreadyExistsException;
import ca.nrc.cadc.ac.GroupNotFoundException; import ca.nrc.cadc.ac.GroupNotFoundException;
...@@ -87,6 +86,7 @@ import com.unboundid.ldap.sdk.ModificationType; ...@@ -87,6 +86,7 @@ import com.unboundid.ldap.sdk.ModificationType;
import com.unboundid.ldap.sdk.ModifyDNRequest; import com.unboundid.ldap.sdk.ModifyDNRequest;
import com.unboundid.ldap.sdk.ModifyRequest; import com.unboundid.ldap.sdk.ModifyRequest;
import com.unboundid.ldap.sdk.SearchRequest; import com.unboundid.ldap.sdk.SearchRequest;
import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry; import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope; import com.unboundid.ldap.sdk.SearchScope;
import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl; import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl;
...@@ -232,7 +232,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -232,7 +232,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
List<String> members = new ArrayList<String>(); List<String> members = new ArrayList<String>();
for (User member : group.getUserMembers()) for (User<?> member : group.getUserMembers())
{ {
DN memberDN = this.userPersist.getUserDN(member); DN memberDN = this.userPersist.getUserDN(member);
members.add(memberDN.toNormalizedString()); members.add(memberDN.toNormalizedString());
...@@ -323,7 +323,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -323,7 +323,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* readGrDN.toNormalizedString()) the query, or empty * readGrDN.toNormalizedString()) the query, or empty
* Collection. Never null. * Collection. Never null.
* @throws TransientException If an temporary, unexpected problem occurred. * @throws TransientException If an temporary, unexpected problem occurred.
* @throws ca.nrc.cadc.ac.UserNotFoundException * @throws UserNotFoundException
*/ */
public Collection<Group> getGroups(User<T> user, Role role) public Collection<Group> getGroups(User<T> user, Role role)
throws TransientException, AccessControlException, throws TransientException, AccessControlException,
...@@ -331,31 +331,65 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -331,31 +331,65 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
{ {
try try
{ {
Filter filter; DN userDN = userPersist.getUserDN(user);
switch (role) Filter filter = null;
if (role == Role.OWNER)
{
filter = Filter.createEqualityFilter("owner", userDN.toString());
}
else if (role == Role.MEMBER)
{
throw new IllegalArgumentException("Member role not implemented");
}
else if (role == Role.RW)
{ {
case AC.ID_TYPE_X500: throw new IllegalArgumentException("RW role not implemented");
}
SearchRequest searchRequest = new SearchRequest(
config.getGroupsDN(), SearchScope.SUB, filter,
new String[] {"cn", "description",
"owner", "modifytimestamp"});
searchRequest.addControl(
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN().toNormalizedString()));
Collection<Group> groups = new ArrayList<Group>();
SearchResult results = getConnection().search(searchRequest);
for (SearchResultEntry result : results.getSearchEntries())
{
String groupName = result.getAttributeValue("cn");
DN groupOwner = result.getAttributeValueAsDN("owner");
User<X500Principal> owner;
try
{
owner = userPersist.getMember(groupOwner);
}
catch (UserNotFoundException e)
{
throw new RuntimeException("BUG: group owner not found");
} }
SearchRequest searchRequest = new SearchRequest( Group group = new Group(groupName, owner);
config.getGroupsDN(), SearchScope.SUB, group.description = result.getAttributeValue("description");
"(cn=" + groupID + ")", new String[] {"entrydn", "entryid", group.lastModified = result.getAttributeValueAsDate("modifytimestamp");
"cn", "description", "owner", "uniquemember", "aci", groups.add(group);
"modifytimestamp"}); }
return groups;
} }
catch (LDAPException e1) catch (LDAPException e1)
{ {
// TODO check which LDAP exceptions are transient and which // TODO check which LDAP exceptions are transient and which
// ones are // ones are
// access control // access control
throw new TransientException("Error getting the group", e1); throw new TransientException("Error getting groups", e1);
} }
} }
public boolean isMember(User<T> member, String groupID) public boolean isMember(User<T> user, String groupID)
throws UserNotFoundException, TransientException, throws UserNotFoundException, TransientException,
AccessControlException AccessControlException
{ {
...@@ -601,7 +635,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO ...@@ -601,7 +635,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
} }
List<String> delMembers = new ArrayList<String>(); List<String> delMembers = new ArrayList<String>();
for (User member : oldGroup.getUserMembers()) for (User<?> member : oldGroup.getUserMembers())
{ {
DN memberDN; DN memberDN;
try try
......
...@@ -97,10 +97,10 @@ public class LdapGroupPersistence<T extends Principal> ...@@ -97,10 +97,10 @@ public class LdapGroupPersistence<T extends Principal>
throws GroupNotFoundException, TransientException, throws GroupNotFoundException, TransientException,
AccessControlException AccessControlException
{ {
LdapGroupDAO groupDAO = null; LdapGroupDAO<T> groupDAO = null;
try try
{ {
groupDAO = new LdapGroupDAO(config, new LdapUserDAO(config)); groupDAO = new LdapGroupDAO<T>(config, new LdapUserDAO<T>(config));
Group ret = groupDAO.getGroup(groupName); Group ret = groupDAO.getGroup(groupName);
return ret; return ret;
} }
...@@ -117,10 +117,10 @@ public class LdapGroupPersistence<T extends Principal> ...@@ -117,10 +117,10 @@ public class LdapGroupPersistence<T extends Principal>
throws GroupAlreadyExistsException, TransientException, throws GroupAlreadyExistsException, TransientException,
AccessControlException, UserNotFoundException AccessControlException, UserNotFoundException
{ {
LdapGroupDAO groupDAO = null; LdapGroupDAO<T> groupDAO = null;
try try
{ {
groupDAO = new LdapGroupDAO(config, new LdapUserDAO(config)); groupDAO = new LdapGroupDAO<T>(config, new LdapUserDAO<T>(config));
Group ret = groupDAO.addGroup(group); Group ret = groupDAO.addGroup(group);
return ret; return ret;
} }
...@@ -137,10 +137,10 @@ public class LdapGroupPersistence<T extends Principal> ...@@ -137,10 +137,10 @@ public class LdapGroupPersistence<T extends Principal>
throws GroupNotFoundException, TransientException, throws GroupNotFoundException, TransientException,
AccessControlException AccessControlException
{ {
LdapGroupDAO groupDAO = null; LdapGroupDAO<T> groupDAO = null;
try try
{ {
groupDAO = new LdapGroupDAO(config, new LdapUserDAO(config)); groupDAO = new LdapGroupDAO<T>(config, new LdapUserDAO<T>(config));
groupDAO.deleteGroup(groupName); groupDAO.deleteGroup(groupName);
} }
finally finally
...@@ -156,10 +156,10 @@ public class LdapGroupPersistence<T extends Principal> ...@@ -156,10 +156,10 @@ public class LdapGroupPersistence<T extends Principal>
throws GroupNotFoundException, TransientException, throws GroupNotFoundException, TransientException,
AccessControlException, UserNotFoundException AccessControlException, UserNotFoundException
{ {
LdapGroupDAO groupDAO = null; LdapGroupDAO<T> groupDAO = null;
try try
{ {
groupDAO = new LdapGroupDAO(config, new LdapUserDAO(config)); groupDAO = new LdapGroupDAO<T>(config, new LdapUserDAO<T>(config));
Group ret = groupDAO.modifyGroup(group); Group ret = groupDAO.modifyGroup(group);
return ret; return ret;
} }
...@@ -175,10 +175,10 @@ public class LdapGroupPersistence<T extends Principal> ...@@ -175,10 +175,10 @@ public class LdapGroupPersistence<T extends Principal>
public Collection<Group> getGroups(User<T> user, Role role) public Collection<Group> getGroups(User<T> user, Role role)
throws UserNotFoundException, TransientException, AccessControlException throws UserNotFoundException, TransientException, AccessControlException
{ {
LdapGroupDAO groupDAO = null; LdapGroupDAO<T> groupDAO = null;
try try
{ {
groupDAO = new LdapGroupDAO(config, new LdapUserDAO(config)); groupDAO = new LdapGroupDAO<T>(config, new LdapUserDAO<T>(config));
Collection<Group> ret = groupDAO.getGroups(user, role); Collection<Group> ret = groupDAO.getGroups(user, role);
return ret; return ret;
} }
...@@ -191,15 +191,15 @@ public class LdapGroupPersistence<T extends Principal> ...@@ -191,15 +191,15 @@ public class LdapGroupPersistence<T extends Principal>
} }
} }
public boolean isMember(User<T> member, String groupID) public boolean isMember(User<T> user, String groupID)
throws GroupNotFoundException, TransientException, throws GroupNotFoundException, TransientException,
AccessControlException AccessControlException, UserNotFoundException
{ {
LdapGroupDAO groupDAO = null; LdapGroupDAO<T> groupDAO = null;
try try
{ {
groupDAO = new LdapGroupDAO(config, new LdapUserDAO(config)); groupDAO = new LdapGroupDAO<T>(config, new LdapUserDAO<T>(config));
boolean ret = groupDAO.isMember(member, groupID); boolean ret = groupDAO.isMember(user, groupID);
return ret; return ret;
} }
finally finally
......
...@@ -97,11 +97,11 @@ public class LdapUserPersistence<T extends Principal> ...@@ -97,11 +97,11 @@ public class LdapUserPersistence<T extends Principal>
public User<T> getUser(T userID) public User<T> getUser(T userID)
throws UserNotFoundException, TransientException, AccessControlException throws UserNotFoundException, TransientException, AccessControlException
{ {
LdapUserDAO userDAO = null; LdapUserDAO<T> userDAO = null;
try try
{ {
userDAO = new LdapUserDAO(this.config); userDAO = new LdapUserDAO<T>(this.config);
User ret = userDAO.getUser(userID); User<T> ret = userDAO.getUser(userID);
return ret; return ret;
} }
finally finally
......
...@@ -77,10 +77,11 @@ import java.util.Set; ...@@ -77,10 +77,11 @@ import java.util.Set;
public class AddGroupMemberAction extends GroupsAction public class AddGroupMemberAction extends GroupsAction
{ {
private String groupName; private final String groupName;
private String groupMemberName; private final String groupMemberName;
AddGroupMemberAction(GroupLogInfo logInfo, String groupName, String groupMemberName) AddGroupMemberAction(GroupLogInfo logInfo, String groupName,
String groupMemberName)
{ {
super(logInfo); super(logInfo);
this.groupName = groupName; this.groupName = groupName;
...@@ -99,7 +100,7 @@ public class AddGroupMemberAction extends GroupsAction ...@@ -99,7 +100,7 @@ public class AddGroupMemberAction extends GroupsAction
} }
groupPersistence.modifyGroup(group); groupPersistence.modifyGroup(group);
List addedMembers = new ArrayList(); List<String> addedMembers = new ArrayList<String>();
addedMembers.add(toAdd.getID()); addedMembers.add(toAdd.getID());
logGroupInfo(group.getID(), null, addedMembers); logGroupInfo(group.getID(), null, addedMembers);
return null; return null;
......
...@@ -81,11 +81,12 @@ import java.util.Set; ...@@ -81,11 +81,12 @@ import java.util.Set;
public class AddUserMemberAction extends GroupsAction public class AddUserMemberAction extends GroupsAction
{ {
private String groupName; private final String groupName;
private String userID; private final String userID;
private String userIDType; private final String userIDType;
AddUserMemberAction(GroupLogInfo logInfo, String groupName, String userID, String userIDType) AddUserMemberAction(GroupLogInfo logInfo, String groupName, String userID,
String userIDType)
{ {
super(logInfo); super(logInfo);
this.groupName = groupName; this.groupName = groupName;
...@@ -107,7 +108,7 @@ public class AddUserMemberAction extends GroupsAction ...@@ -107,7 +108,7 @@ public class AddUserMemberAction extends GroupsAction
} }
groupPersistence.modifyGroup(group); groupPersistence.modifyGroup(group);
List addedMembers = new ArrayList(); List<String> addedMembers = new ArrayList<String>();
addedMembers.add(toAdd.getUserID().getName()); addedMembers.add(toAdd.getUserID().getName());
logGroupInfo(group.getID(), null, addedMembers); logGroupInfo(group.getID(), null, addedMembers);
return null; return null;
......
...@@ -82,7 +82,7 @@ import javax.servlet.http.HttpServletResponse; ...@@ -82,7 +82,7 @@ import javax.servlet.http.HttpServletResponse;
public class CreateGroupAction extends GroupsAction public class CreateGroupAction extends GroupsAction
{ {
private InputStream inputStream; private final InputStream inputStream;
CreateGroupAction(GroupLogInfo logInfo, InputStream inputStream) CreateGroupAction(GroupLogInfo logInfo, InputStream inputStream)
{ {
...@@ -99,10 +99,10 @@ public class CreateGroupAction extends GroupsAction ...@@ -99,10 +99,10 @@ public class CreateGroupAction extends GroupsAction
this.response.setContentType("application/xml"); this.response.setContentType("application/xml");
GroupWriter.write(newGroup, this.response.getOutputStream()); GroupWriter.write(newGroup, this.response.getOutputStream());
List addedMembers = null; List<String> addedMembers = null;
if ((newGroup.getUserMembers().size() > 0) || (newGroup.getGroupMembers().size() > 0)) if ((newGroup.getUserMembers().size() > 0) || (newGroup.getGroupMembers().size() > 0))
{ {
addedMembers = new ArrayList(); addedMembers = new ArrayList<String>();
for (Group gr : newGroup.getGroupMembers()) for (Group gr : newGroup.getGroupMembers())
{ {
addedMembers.add(gr.getID()); addedMembers.add(gr.getID());
......
...@@ -78,7 +78,7 @@ import java.util.Set; ...@@ -78,7 +78,7 @@ import java.util.Set;
public class DeleteGroupAction extends GroupsAction public class DeleteGroupAction extends GroupsAction
{ {
private String groupName; private final String groupName;
DeleteGroupAction(GroupLogInfo logInfo, String groupName) DeleteGroupAction(GroupLogInfo logInfo, String groupName)
{ {
...@@ -94,7 +94,7 @@ public class DeleteGroupAction extends GroupsAction ...@@ -94,7 +94,7 @@ public class DeleteGroupAction extends GroupsAction
groupPersistence.deleteGroup(this.groupName); groupPersistence.deleteGroup(this.groupName);
if ((deletedGroup.getUserMembers().size() > 0) || (deletedGroup.getGroupMembers().size() > 0)) if ((deletedGroup.getUserMembers().size() > 0) || (deletedGroup.getGroupMembers().size() > 0))
{ {
this.logInfo.addedMembers = new ArrayList(); this.logInfo.addedMembers = new ArrayList<String>();
for (Group gr : deletedGroup.getGroupMembers()) for (Group gr : deletedGroup.getGroupMembers())
{ {
this.logInfo.deletedMembers.add(gr.getID()); this.logInfo.deletedMembers.add(gr.getID());
......
...@@ -74,7 +74,7 @@ import javax.servlet.http.HttpServletResponse; ...@@ -74,7 +74,7 @@ import javax.servlet.http.HttpServletResponse;
public class GetGroupAction extends GroupsAction public class GetGroupAction extends GroupsAction
{ {
private String groupName; private final String groupName;
GetGroupAction(GroupLogInfo logInfo, String groupName) GetGroupAction(GroupLogInfo logInfo, String groupName)
{ {
......
...@@ -81,8 +81,8 @@ import javax.servlet.http.HttpServletResponse; ...@@ -81,8 +81,8 @@ import javax.servlet.http.HttpServletResponse;
public class ModifyGroupAction extends GroupsAction public class ModifyGroupAction extends GroupsAction
{ {
private String groupName; private final String groupName;
private InputStream inputStream; private final InputStream inputStream;
ModifyGroupAction(GroupLogInfo logInfo, String groupName, InputStream inputStream) ModifyGroupAction(GroupLogInfo logInfo, String groupName, InputStream inputStream)
{ {
...@@ -100,7 +100,7 @@ public class ModifyGroupAction extends GroupsAction ...@@ -100,7 +100,7 @@ public class ModifyGroupAction extends GroupsAction
Group modifiedGroup = groupPersistence.modifyGroup(group); Group modifiedGroup = groupPersistence.modifyGroup(group);
this.response.sendRedirect(modifiedGroup.getID()); this.response.sendRedirect(modifiedGroup.getID());
List addedMembers = new ArrayList(); List<String> addedMembers = new ArrayList<String>();
for (User member : group.getUserMembers()) for (User member : group.getUserMembers())
{ {
if (!oldGroup.getUserMembers().remove(member)) if (!oldGroup.getUserMembers().remove(member))
...@@ -119,7 +119,7 @@ public class ModifyGroupAction extends GroupsAction ...@@ -119,7 +119,7 @@ public class ModifyGroupAction extends GroupsAction
{ {
addedMembers = null; addedMembers = null;
} }
List deletedMembers = new ArrayList(); List<String> deletedMembers = new ArrayList<String>();
for (User member : oldGroup.getUserMembers()) for (User member : oldGroup.getUserMembers())
{ {
deletedMembers.add(member.getUserID().getName()); deletedMembers.add(member.getUserID().getName());
......
...@@ -77,8 +77,8 @@ import java.util.Set; ...@@ -77,8 +77,8 @@ import java.util.Set;
public class RemoveGroupMemberAction extends GroupsAction public class RemoveGroupMemberAction extends GroupsAction
{ {
private String groupName; private final String groupName;
private String groupMemberName; private final String groupMemberName;
RemoveGroupMemberAction(GroupLogInfo logInfo, String groupName, String groupMemberName) RemoveGroupMemberAction(GroupLogInfo logInfo, String groupName, String groupMemberName)
{ {
...@@ -99,7 +99,7 @@ public class RemoveGroupMemberAction extends GroupsAction ...@@ -99,7 +99,7 @@ public class RemoveGroupMemberAction extends GroupsAction
} }
groupPersistence.modifyGroup(group); groupPersistence.modifyGroup(group);
List deletedMembers = new ArrayList(); List<String> deletedMembers = new ArrayList<String>();
deletedMembers.add(toRemove.getID()); deletedMembers.add(toRemove.getID());
logGroupInfo(group.getID(), deletedMembers, null); logGroupInfo(group.getID(), deletedMembers, null);
return null; return null;
......
...@@ -77,13 +77,12 @@ import ca.nrc.cadc.auth.AuthenticationUtil; ...@@ -77,13 +77,12 @@ import ca.nrc.cadc.auth.AuthenticationUtil;
import java.security.Principal; import java.security.Principal;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Set;
public class RemoveUserMemberAction extends GroupsAction public class RemoveUserMemberAction extends GroupsAction
{ {
private String groupName; private final String groupName;
private String userID; private final String userID;
private String userIDType; private final String userIDType;
RemoveUserMemberAction(GroupLogInfo logInfo, String groupName, String userID, String userIDType) RemoveUserMemberAction(GroupLogInfo logInfo, String groupName, String userID, String userIDType)
{ {
...@@ -107,7 +106,7 @@ public class RemoveUserMemberAction extends GroupsAction ...@@ -107,7 +106,7 @@ public class RemoveUserMemberAction extends GroupsAction
} }
groupPersistence.modifyGroup(group); groupPersistence.modifyGroup(group);
List deletedMembers = new ArrayList(); List<String> deletedMembers = new ArrayList<String>();
deletedMembers.add(toRemove.getUserID().getName()); deletedMembers.add(toRemove.getUserID().getName());
logGroupInfo(group.getID(), deletedMembers, null); logGroupInfo(group.getID(), deletedMembers, null);
return null; return null;
......
...@@ -46,21 +46,50 @@ import org.junit.Test; ...@@ -46,21 +46,50 @@ import org.junit.Test;
import ca.nrc.cadc.ac.Group; import ca.nrc.cadc.ac.Group;
import ca.nrc.cadc.ac.GroupProperty; import ca.nrc.cadc.ac.GroupProperty;
import ca.nrc.cadc.ac.Role;
import ca.nrc.cadc.ac.User; import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.util.Log4jInit;
import java.util.Collection;
import org.apache.log4j.Level;
import org.apache.log4j.Logger;
import static org.junit.Assert.fail;
import org.junit.BeforeClass;
public class LdapGroupDAOTest public class LdapGroupDAOTest
{ {
final String groupID1 = "acs-daotest-group1-" + System.currentTimeMillis(); private static final Logger log = Logger.getLogger(LdapGroupDAOTest.class);
final String groupID2 = "acs-daotest-group2-" + System.currentTimeMillis();
LdapConfig config = new LdapConfig( static User<X500Principal> authtest1;
"199.116.235.122", static User<X500Principal> authtest2;
// "mach275.cadc.dao.nrc.ca", static User<X500Principal> regtest1;
389,
static String groupID1;
static String groupID2;
static LdapConfig config;
@BeforeClass
public static void setUpBeforeClass()
throws Exception
{
Log4jInit.setLevel("ca.nrc.cadc.ac", Level.DEBUG);
groupID1 = "acs-daotest-group1-" + System.currentTimeMillis();
groupID2 = "acs-daotest-group2-" + System.currentTimeMillis();
authtest1 = new User<X500Principal>(
new X500Principal("cn=cadc authtest1 10627,ou=cadc,o=hia"));
authtest2 = new User<X500Principal>(
new X500Principal("cn=cadc authtest2 10635,ou=cadc,o=hia"));
regtest1 = new User<X500Principal>(
new X500Principal("CN=CADC Regtest1 10577,OU=CADC,O=HIA"));
config = new LdapConfig("mach275.cadc.dao.nrc.ca", 389,
"uid=webproxy,ou=administrators,ou=topologymanagement,o=netscaperoot", "uid=webproxy,ou=administrators,ou=topologymanagement,o=netscaperoot",
"go4it", "ou=Users,ou=ds,dc=canfar,dc=net", "go4it", "ou=Users,ou=ds,dc=canfar,dc=net",
"ou=TestGroups,ou=ds,dc=canfar,dc=net", "ou=TestGroups,ou=ds,dc=canfar,dc=net",
"ou=DeletedGroups,ou=ds,dc=canfar,dc=net"); "ou=DeletedGroups,ou=ds,dc=canfar,dc=net");
}
LdapGroupDAO<X500Principal> getGroupDAO() LdapGroupDAO<X500Principal> getGroupDAO()
{ {
...@@ -68,19 +97,11 @@ public class LdapGroupDAOTest ...@@ -68,19 +97,11 @@ public class LdapGroupDAOTest
new LdapUserDAO<X500Principal>(config)); new LdapUserDAO<X500Principal>(config));
} }
@Test // @Test
public void testOneGroup() throws Exception public void testOneGroup() throws Exception
{ {
final User<X500Principal> owner = new User<X500Principal>(
new X500Principal("cn=cadc authtest1 10627,ou=cadc,o=hia"));
final User<X500Principal> authtest2 = new User<X500Principal>(
new X500Principal("CN=cadc authtest2 10635,OU=cadc,O=hia"));
final User<X500Principal> regtest1 = new User<X500Principal>(
new X500Principal("CN=CADC Regtest1 10577,OU=CADC,O=HIA"));
Subject subject = new Subject(); Subject subject = new Subject();
subject.getPrincipals().add(owner.getUserID()); subject.getPrincipals().add(authtest1.getUserID());
// do everything as owner // do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
...@@ -89,12 +110,12 @@ public class LdapGroupDAOTest ...@@ -89,12 +110,12 @@ public class LdapGroupDAOTest
{ {
try try
{ {
Group expectGroup = new Group(groupID1, owner); Group expectGroup = new Group(groupID1, authtest1);
Group actualGroup = getGroupDAO().addGroup(expectGroup); Group actualGroup = getGroupDAO().addGroup(expectGroup);
assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
// Group otherGroup = new Group(groupID2, authtest2); Group otherGroup = new Group(groupID2, authtest1);
// otherGroup = getGroupDAO().addGroup(otherGroup); otherGroup = getGroupDAO().addGroup(otherGroup);
// modify group fields // modify group fields
// description // description
...@@ -102,30 +123,30 @@ public class LdapGroupDAOTest ...@@ -102,30 +123,30 @@ public class LdapGroupDAOTest
actualGroup = getGroupDAO().modifyGroup(expectGroup); actualGroup = getGroupDAO().modifyGroup(expectGroup);
assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
// // groupRead // groupRead
// expectGroup.groupRead = otherGroup; expectGroup.groupRead = otherGroup;
// actualGroup = getGroupDAO().modifyGroup(expectGroup); actualGroup = getGroupDAO().modifyGroup(expectGroup);
// assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
//
// // groupWrite // groupWrite
// expectGroup.groupWrite = otherGroup; expectGroup.groupWrite = otherGroup;
// actualGroup = getGroupDAO().modifyGroup(expectGroup); actualGroup = getGroupDAO().modifyGroup(expectGroup);
// assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
// publicRead // publicRead
expectGroup.publicRead = true; expectGroup.publicRead = true;
actualGroup = getGroupDAO().modifyGroup(expectGroup); actualGroup = getGroupDAO().modifyGroup(expectGroup);
assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
// // userMembers // userMembers
// expectGroup.getUserMembers().add(authtest2); expectGroup.getUserMembers().add(authtest2);
// actualGroup = getGroupDAO().modifyGroup(expectGroup); actualGroup = getGroupDAO().modifyGroup(expectGroup);
// assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
//
// // groupMembers // groupMembers
// expectGroup.getGroupMembers().add(otherGroup); expectGroup.getGroupMembers().add(otherGroup);
// actualGroup = getGroupDAO().modifyGroup(expectGroup); actualGroup = getGroupDAO().modifyGroup(expectGroup);
// assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
return null; return null;
} }
catch (Exception e) catch (Exception e)
...@@ -139,14 +160,8 @@ public class LdapGroupDAOTest ...@@ -139,14 +160,8 @@ public class LdapGroupDAOTest
// @Test // @Test
public void testMultipleGroups() throws Exception public void testMultipleGroups() throws Exception
{ {
final User<X500Principal> owner = new User<X500Principal>(
new X500Principal("cn=cadc authtest1 10627,ou=cadc,o=hia"));
final User<X500Principal> authtest2 = new User<X500Principal>(
new X500Principal("cn=cadc authtest2 10635,ou=cadc,o=hia"));
Subject subject = new Subject(); Subject subject = new Subject();
subject.getPrincipals().add(owner.getUserID()); subject.getPrincipals().add(authtest1.getUserID());
// do everything as owner // do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction<Object>() Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
...@@ -155,11 +170,11 @@ public class LdapGroupDAOTest ...@@ -155,11 +170,11 @@ public class LdapGroupDAOTest
{ {
try try
{ {
Group expectGroup = new Group(groupID1, owner); Group expectGroup = new Group(groupID1, authtest1);
Group actualGroup = getGroupDAO().addGroup(expectGroup); Group actualGroup = getGroupDAO().addGroup(expectGroup);
assertGroupsEqual(expectGroup, actualGroup); assertGroupsEqual(expectGroup, actualGroup);
Group otherGroup = new Group(groupID2, authtest2); Group otherGroup = new Group(groupID2, authtest1);
otherGroup = getGroupDAO().addGroup(otherGroup); otherGroup = getGroupDAO().addGroup(otherGroup);
// modify group fields // modify group fields
...@@ -202,6 +217,53 @@ public class LdapGroupDAOTest ...@@ -202,6 +217,53 @@ public class LdapGroupDAOTest
}); });
} }
@Test
public void testGetGroups() throws Exception
{
Subject subject = new Subject();
subject.getPrincipals().add(authtest1.getUserID());
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
try
{
Group expectGroup = new Group(groupID1, authtest1);
Group actualGroup = getGroupDAO().addGroup(expectGroup);
assertGroupsEqual(expectGroup, actualGroup);
System.out.println("new group: " + groupID1);
Collection<Group> groups = getGroupDAO().getGroups(authtest1, Role.OWNER);
System.out.println("# groups found: " + groups.size());
boolean found = false;
for (Group group : groups)
{
System.out.println("found group: " + group.getID());
if (!group.getOwner().equals(authtest1))
{
fail("returned group with wrong owner");
}
if (group.getID().equals(groupID1))
{
found = true;
}
}
if (!found)
{
fail("");
}
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
return null;
}
});
}
private void assertGroupsEqual(Group gr1, Group gr2) private void assertGroupsEqual(Group gr1, Group gr2)
{ {
if ((gr1 == null) && (gr2 == null)) if ((gr1 == null) && (gr2 == null))
......
...@@ -69,7 +69,7 @@ ...@@ -69,7 +69,7 @@
package ca.nrc.cadc.ac; package ca.nrc.cadc.ac;
/** /**
* Holder of commonly used consts in GMS * Holder of commonly used consts in cadcAccessControl
*/ */
public class AC public class AC
{ {
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment