Skip to content
Snippets Groups Projects
Commit b37254d0 authored by Jeff Burke's avatar Jeff Burke
Browse files

s1651: updated searches and unit tests in group dao

parent 3e8c65a1
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 195 additions and 245 deletions
projects/cadcAccessControl-Server/build.xml
+ 3
3
View file @ b37254d0
......@@ -141,10 +141,10 @@
<pathelement path="${build}/test/class"/>
<pathelement path="${testingJars}"/>
</classpath>
<test name="ca.nrc.cadc.ac.server.ldap.LdapDAOTest" />
<!--<test name="ca.nrc.cadc.ac.server.ldap.LdapDAOTest" />-->
<test name="ca.nrc.cadc.ac.server.ldap.LdapGroupDAOTest" />
<test name="ca.nrc.cadc.ac.server.web.GroupActionFactoryTest" />
<test name="ca.nrc.cadc.ac.server.ldap.LdapUserDAOTest" />
<!--<test name="ca.nrc.cadc.ac.server.web.GroupActionFactoryTest" />-->
<!--<test name="ca.nrc.cadc.ac.server.ldap.LdapUserDAOTest" />-->
<formatter type="plain" usefile="false" />
</junit>
</target>
......
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAO.java
+ 75
188
View file @ b37254d0
......@@ -102,12 +102,12 @@ import com.unboundid.ldap.sdk.SearchResult;
import com.unboundid.ldap.sdk.SearchResultEntry;
import com.unboundid.ldap.sdk.SearchScope;
import com.unboundid.ldap.sdk.controls.ProxiedAuthorizationV2RequestControl;
import java.util.HashSet;
public class LdapGroupDAO<T extends Principal> extends LdapDAO
{
private static final Logger logger = Logger.getLogger(LdapGroupDAO.class);
private LdapUserDAO<T> userPersist;
public LdapGroupDAO(LdapConfig config, LdapUserDAO<T> userPersist)
......@@ -133,7 +133,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* @throws TransientException If an temporary, unexpected problem occurred.
* @throws UserNotFoundException If owner or a member not valid user.
*/
public Group addGroup(Group group)
public Group addGroup(final Group group)
throws GroupAlreadyExistsException, TransientException,
UserNotFoundException, AccessControlException
{
......@@ -250,8 +250,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
throws AccessControlException, UserNotFoundException, LDAPException
{
Group inactiveGroup =
getInactiveGroup(getGroupDN(group.getID()).toNormalizedString(),
group.getID());
getInactiveGroup(getGroupDN(group.getID()), group.getID());
if (inactiveGroup == null)
{
......@@ -264,9 +263,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
"Inactive group not owned be requestor");
}
Group inactiveAdminGroup = getInactiveGroup(
getAdminGroupDN(group.getID()).toNormalizedString(),
group.getID());
Group inactiveAdminGroup =
getInactiveGroup(getAdminGroupDN(group.getID()), group.getID());
if (inactiveAdminGroup == null)
{
......@@ -284,7 +282,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
return inactiveGroup;
}
private Group getInactiveGroup(final String groupDN, final String groupID)
private Group getInactiveGroup(final DN groupDN, final String groupID)
throws UserNotFoundException, LDAPException
{
Filter filter = Filter.createANDFilter(
......@@ -292,8 +290,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
Filter.createEqualityFilter("nsaccountlock", "true"));
SearchRequest searchRequest =
new SearchRequest(groupDN, SearchScope.SUB, filter,
new String[] {"cn", "owner"});
new SearchRequest(groupDN.toNormalizedString(), SearchScope.SUB,
filter, new String[] {"cn", "owner"});
searchRequest.addControl(
new ProxiedAuthorizationV2RequestControl("dn:" +
......@@ -400,7 +398,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
}
private Group getGroup(final DN groupDN, final String groupID,
final boolean withMembers, String[] attributes)
final boolean withMembers, final String[] attributes)
throws GroupNotFoundException, TransientException,
AccessControlException
{
......@@ -479,7 +477,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
else if (memberDN.isDescendantOf(config.getGroupsDN(),
false))
{
ldapGroup.getGroupMembers().add(new Group(memberDN.getRDNString().replace("cn=", "")));
ldapGroup.getGroupMembers().add(new Group(
memberDN.getRDNString().replace("cn=", "")));
}
else
{
......@@ -513,7 +512,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* @throws AccessControlException If the operation is not permitted.
* @throws UserNotFoundException If owner or group members not valid users.
*/
public Group modifyGroup(Group group)
public Group modifyGroup(final Group group)
throws GroupNotFoundException, TransientException,
AccessControlException, UserNotFoundException
{
......@@ -712,7 +711,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* @throws GroupNotFoundException If the group was not found.
* @throws TransientException If an temporary, unexpected problem occurred.
*/
public void deleteGroup(String groupID)
public void deleteGroup(final String groupID)
throws GroupNotFoundException, TransientException,
AccessControlException
{
......@@ -783,7 +782,8 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* @throws UserNotFoundException
* @throws GroupNotFoundException
*/
public Collection<Group> getGroups(T userID, Role role, String groupID)
public Collection<Group> getGroups(final T userID, final Role role,
final String groupID)
throws TransientException, AccessControlException,
GroupNotFoundException, UserNotFoundException
{
......@@ -809,15 +809,16 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
{
return getMemberGroups(user, userDN, groupID);
}
else if (role == Role.RW)
else if (role == Role.ADMIN)
{
return getAdminGroups(user, userDN, groupID);
}
throw new IllegalArgumentException("Unknown role " + role);
}
protected Collection<Group> getOwnerGroups(User<T> user, DN userDN,
String groupID)
protected Collection<Group> getOwnerGroups(final User<T> user,
final DN userDN,
final String groupID)
throws TransientException, AccessControlException,
GroupNotFoundException, UserNotFoundException
{
......@@ -868,15 +869,17 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
}
}
protected Collection<Group> getMemberGroups(User<T> user, DN userDN,
String groupID)
protected Collection<Group> getMemberGroups(final User<T> user,
final DN userDN,
final String groupID)
throws TransientException, AccessControlException,
GroupNotFoundException, UserNotFoundException
{
if (groupID != null)
{
String groupDN = getGroupDN(groupID).toNormalizedString();
Collection<Group> groups = new ArrayList<Group>();
if (userPersist.isMember(user.getUserID(), groupID))
if (userPersist.isMember(user.getUserID(), groupDN))
{
groups.add(getGroup(groupID, false));
}
......@@ -886,28 +889,34 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
{
try
{
Collection<Group> groups =
Collection<Group> memberGroups =
userPersist.getUserGroups(user.getUserID());
List<Filter> filters = new ArrayList<Filter>();
for (Group group : groups)
for (Group group : memberGroups)
{
filters.add(Filter.createEqualityFilter("cn",
group.getID()));
}
Filter filter = Filter.createORFilter(filters);
SearchRequest searchRequest = new SearchRequest(
config.getAdminGroupsDN(), SearchScope.SUB, filter,
"cn");
SearchRequest searchRequest =
new SearchRequest(config.getAdminGroupsDN(),
SearchScope.SUB, filter, "cn");
SearchResult results = getConnection().search(searchRequest);
for (SearchResultEntry result : results.getSearchEntries())
{
String groupName = result.getAttributeValue("cn");
for (Group group : memberGroups)
{
if (group.getID().equals(groupName))
{
memberGroups.remove(group);
}
return groups;
}
}
return memberGroups;
}
catch (LDAPException e)
{
......@@ -916,178 +925,56 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
}
}
protected Collection<Group> getAdminGroups(User<T> user, DN userDN,
String groupID)
protected Collection<Group> getAdminGroups(final User<T> user,
final DN userDN,
final String groupID)
throws TransientException, AccessControlException,
GroupNotFoundException, UserNotFoundException
{
try
{
Collection<Group> queryGroups = new ArrayList<Group>();
if (groupID != null)
{
queryGroups.add(new Group(groupID, user));
String adminGroupDN = getAdminGroupDN(groupID).toNormalizedString();
Collection<Group> groups = new ArrayList<Group>();
if (userPersist.isMember(user.getUserID(), adminGroupDN))
{
groups.add(getGroup(groupID, false));
}
return groups;
}
else
{
// List of Groups the user belongs to.
queryGroups.addAll(getMemberGroups(user, userDN, groupID));
// List of Groups the user owns;
queryGroups.addAll(getOwnerGroups(user, userDN, groupID));
}
System.out.println("# groups: " + queryGroups.size());
List<Filter> filters = new ArrayList<Filter>();
for (Group member : queryGroups)
try
{
// // Require both groupRead and groupWrite
// if (member.groupRead != null && member.groupWrite != null)
// {
// DN groupRead = getGroupDN(member.groupRead.getID());
// String groupReadAci =
// GROUP_READ_ACI.replace(ACTUAL_GROUP_TOKEN,
// groupRead.toNormalizedString());
// DN groupWrite = getGroupDN(member.groupRead.getID());
// String groupWriteAci =
// GROUP_WRITE_ACI.replace(ACTUAL_GROUP_TOKEN,
// groupWrite.toNormalizedString());
// System.out.println(groupReadAci);
// System.out.println(groupWriteAci);
//
// Filter filter = Filter.createANDFilter(
// Filter.createEqualityFilter("aci", groupReadAci),
// Filter.createEqualityFilter("aci", groupWriteAci));
// filters.add(filter);
// }
}
Collection<Group> memberGroups =
userPersist.getUserGroups(user.getUserID());
Collection<Group> groups = new ArrayList<Group>();
if (filters.isEmpty())
List<Filter> filters = new ArrayList<Filter>();
for (Group group : memberGroups)
{
return groups;
filters.add(Filter.createEqualityFilter("cn",
group.getID()));
}
Filter filter = Filter.createORFilter(filters);
SearchRequest searchRequest = new SearchRequest(
config.getGroupsDN(), SearchScope.SUB, filter,
new String[] {"cn", "owner", "description",
"modifytimestamp"});
searchRequest.addControl(
new ProxiedAuthorizationV2RequestControl("dn:" +
getSubjectDN().toNormalizedString()));
SearchRequest searchRequest =
new SearchRequest(config.getAdminGroupsDN(),
SearchScope.SUB, filter, "cn");
SearchResult results = getConnection().search(searchRequest);
Collection<Group> adminGroups = new HashSet<Group>();
for (SearchResultEntry result : results.getSearchEntries())
{
String groupName = result.getAttributeValue("cn");
DN ownerDN = result.getAttributeValueAsDN("owner");
User<X500Principal> owner = userPersist.getMember(ownerDN);
// Ignore existing illegal group names.
try
{
Group group = new Group(groupName, owner);
group.description = result.getAttributeValue("description");
group.lastModified =
result.getAttributeValueAsDate("modifytimestamp");
groups.add(group);
adminGroups.add(getGroup(groupName, false));
}
catch (IllegalArgumentException ignore) { }
}
return groups;
return adminGroups;
}
catch (LDAPException e)
{
// TODO check which LDAP exceptions are transient and which
// ones are
// access control
throw new TransientException("Error getting groups", e);
throw new TransientException(e.getDiagnosticMessage());
}
}
}
// protected Collection<Group> getRWGroups2(User<T> user, DN userDN,
// String groupID)
// throws TransientException, AccessControlException,
// GroupNotFoundException, UserNotFoundException
// {
// try
// {
// Collection<Group> groups = new ArrayList<Group>();
//
// Collection<Group> queryGroups = new ArrayList<Group>();
// if (groupID != null)
// {
// queryGroups.add(new Group(groupID, user));
// }
// else
// {
// // List of Groups the user belongs to.
// queryGroups.addAll(getMemberGroups(user, userDN, groupID));
//
// // List of Groups the user owns;
// queryGroups.addAll(getOwnerGroups(user, userDN, groupID));
// }
//
// for (Group member : queryGroups)
// {
// // Require both groupRead and groupWrite
// if (member.groupRead != null && member.groupWrite != null)
// {
// DN groupRead = getGroupDN(member.groupRead.getID());
// String groupReadAci =
// GROUP_READ_ACI.replace(ACTUAL_GROUP_TOKEN,
// groupRead.toNormalizedString());
// DN groupWrite = getGroupDN(member.groupWrite.getID());
// String groupWriteAci =
// GROUP_WRITE_ACI.replace(ACTUAL_GROUP_TOKEN,
// groupWrite.toNormalizedString());
//
// Filter filter = Filter.createANDFilter(
// Filter.createEqualityFilter("aci", groupReadAci),
// Filter.createEqualityFilter("aci", groupWriteAci));
//
// SearchRequest searchRequest = new SearchRequest(
// config.getGroupsDN(), SearchScope.SUB, filter,
// new String[] {"cn", "owner", "description",
// "modifytimestamp"});
//
// searchRequest.addControl(
// new ProxiedAuthorizationV2RequestControl("dn:" +
// getSubjectDN().toNormalizedString()));
//
// SearchResult results = getConnection().search(searchRequest);
// for (SearchResultEntry result : results.getSearchEntries())
// {
// String groupName = result.getAttributeValue("cn");
// DN ownerDN = result.getAttributeValueAsDN("owner");
// User<X500Principal> owner = userPersist.getMember(ownerDN);
//
// // Ignore existing illegal group names.
// try
// {
// Group group = new Group(groupName, owner);
// group.description = result.getAttributeValue("description");
// group.lastModified =
// result.getAttributeValueAsDate("modifytimestamp");
// groups.add(group);
// }
// catch (IllegalArgumentException ignore) { }
// }
// }
// }
// return groups;
// }
// catch (LDAPException e)
// {
// // TODO check which LDAP exceptions are transient and which
// // ones are
// // access control
// throw new TransientException("Error getting groups", e);
// }
// }
/**
* Returns a group based on its LDAP DN. The returned group is bare
......@@ -1099,7 +986,7 @@ public class LdapGroupDAO<T extends Principal> extends LdapDAO
* @throws ca.nrc.cadc.ac.GroupNotFoundException
* @throws ca.nrc.cadc.ac.UserNotFoundException
*/
// protected Group getGroup(DN groupDN)
// protected Group getGroup(final DN groupDN)
// throws LDAPException, GroupNotFoundException, UserNotFoundException
// {
// SearchResultEntry searchResult =
......
projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/ldap/LdapUserDAO.java
+ 2
2
View file @ b37254d0
......@@ -317,7 +317,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
}
}
public boolean isMember(T userID, String groupID)
public boolean isMember(T userID, String groupDN)
throws UserNotFoundException, TransientException,
AccessControlException
{
......@@ -335,7 +335,7 @@ public class LdapUserDAO<T extends Principal> extends LdapDAO
CompareRequest compareRequest =
new CompareRequest(userDN.toNormalizedString(),
"memberOf", groupID);
"memberOf", groupDN);
compareRequest.addControl(
new ProxiedAuthorizationV2RequestControl("dn:" +
......
projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/ldap/LdapGroupDAOTest.java
+ 114
51
View file @ b37254d0
......@@ -60,6 +60,7 @@ import ca.nrc.cadc.ac.Role;
import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.ac.UserNotFoundException;
import ca.nrc.cadc.util.Log4jInit;
import static org.junit.Assert.assertNotNull;
public class LdapGroupDAOTest
{
......@@ -77,19 +78,23 @@ public class LdapGroupDAOTest
static String daoTestDN1 = "cn=cadcdaotest1,ou=cadc,o=hia,c=ca";
static String daoTestDN2 = "cn=cadcdaotest2,ou=cadc,o=hia,c=ca";
static String daoTestDN3 = "cn=cadcdaotest3,ou=cadc,o=hia,c=ca";
static String unknownDN = "cn=foo,ou=cadc,o=hia,c=ca";
static X500Principal daoTestPrincipal1;
static X500Principal daoTestPrincipal2;
static X500Principal daoTestPrincipal3;
static X500Principal unknownPrincipal;
static X500Principal adminPrincipal;
static User<X500Principal> daoTestUser1;
static User<X500Principal> daoTestUser2;
static User<X500Principal> daoTestUser3;
static User<X500Principal> unknownUser;
static User<X500Principal> adminUser;
static Subject authSubject;
static Subject daoTestUser1Subject;
static Subject daoTestUser2Subject;
static Subject anonSubject;
static LdapConfig config;
......@@ -102,16 +107,21 @@ public class LdapGroupDAOTest
daoTestPrincipal1 = new X500Principal(daoTestDN1);
daoTestPrincipal2 = new X500Principal(daoTestDN2);
daoTestPrincipal3 = new X500Principal(daoTestDN3);
unknownPrincipal = new X500Principal(unknownDN);
adminPrincipal = new X500Principal(adminDN);
daoTestUser1 = new User<X500Principal>(daoTestPrincipal1);
daoTestUser2 = new User<X500Principal>(daoTestPrincipal2);
daoTestUser3 = new User<X500Principal>(daoTestPrincipal3);
unknownUser = new User<X500Principal>(unknownPrincipal);
adminUser = new User<X500Principal>(adminPrincipal);
authSubject = new Subject();
authSubject.getPrincipals().add(daoTestUser1.getUserID());
daoTestUser1Subject = new Subject();
daoTestUser1Subject.getPrincipals().add(daoTestUser1.getUserID());
daoTestUser2Subject = new Subject();
daoTestUser2Subject.getPrincipals().add(daoTestUser2.getUserID());
anonSubject = new Subject();
anonSubject.getPrincipals().add(unknownUser.getUserID());
......@@ -130,11 +140,11 @@ public class LdapGroupDAOTest
return "CadcDaoTestGroup-" + System.currentTimeMillis();
}
@Test
// @Test
public void testOneGroup() throws Exception
{
// do everything as owner
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -213,23 +223,23 @@ public class LdapGroupDAOTest
});
}
// TODO: add test passing in groupID
@Test
// @Test
public void testSearchOwnerGroups() throws Exception
{
// do everything as owner
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
try
{
Group testGroup = new Group(getGroupID(), daoTestUser1);
String groupID = getGroupID();
Group testGroup = new Group(groupID, daoTestUser1);
testGroup = getGroupDAO().addGroup(testGroup);
Collection<Group> groups =
getGroupDAO().getGroups(daoTestUser1.getUserID(),
Role.OWNER, null);
assertNotNull(groups);
boolean found = false;
for (Group group : groups)
......@@ -247,7 +257,14 @@ public class LdapGroupDAOTest
{
fail("Group for owner not found");
}
getGroupDAO().deleteGroup(testGroup.getID());
groups = getGroupDAO().getGroups(daoTestUser1.getUserID(),
Role.OWNER, groupID);
assertNotNull(groups);
assertEquals(1, groups.size());
assertTrue(groups.iterator().next().equals(testGroup));
getGroupDAO().deleteGroup(groupID);
}
catch (Exception e)
{
......@@ -259,42 +276,89 @@ public class LdapGroupDAOTest
}
// TODO: add test passing in groupID
// @Test
@Test
public void testSearchMemberGroups() throws Exception
{
// do everything as owner
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
final String testGroup1ID = getGroupID();
final String testGroup2ID = getGroupID();
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
try
{
Group expectedGroup = new Group("CadcDaoTestGroup1");
Group testGroup1 = new Group(testGroup1ID, daoTestUser1);
testGroup1.getUserMembers().add(daoTestUser2);
testGroup1 = getGroupDAO().addGroup(testGroup1);
Group testGroup2 = new Group(testGroup2ID, daoTestUser1);
testGroup2.getUserMembers().add(daoTestUser2);
testGroup2 = getGroupDAO().addGroup(testGroup2);
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
return null;
}
});
Subject.doAs(daoTestUser2Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
try
{
Collection<Group> groups =
getGroupDAO().getGroups(daoTestUser2.getUserID(),
Role.MEMBER, null);
assertNotNull(groups);
assertTrue(groups.size() >= 2);
log.debug("# groups found: " + groups.size());
boolean found = false;
boolean found1 = false;
boolean found2 = false;
for (Group group : groups)
{
log.debug("found test group: " + group.getID());
Set<Group> members = group.getGroupMembers();
log.debug("#test group members: " + members.size());
for (Group member : members)
if (group.getID().equals(testGroup1ID))
{
if (member.equals(expectedGroup))
found1 = true;
}
if (group.getID().equals(testGroup2ID))
{
found = true;
found2 = true;
}
}
if (!found1)
{
fail("Test group 1 not found");
}
if (!found)
if (!found2)
{
fail("Test group 2 not found");
}
}
catch (Exception e)
{
fail("Group member not found");
throw new Exception("Problems", e);
}
return null;
}
});
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
try
{
getGroupDAO().deleteGroup(testGroup1ID);
getGroupDAO().deleteGroup(testGroup2ID);
}
catch (Exception e)
{
......@@ -307,10 +371,10 @@ public class LdapGroupDAOTest
// TODO: add test passing in groupID
// @Test
public void testSearchRWGroups() throws Exception
public void testSearchAdminGroups() throws Exception
{
// do everything as owner
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -320,7 +384,7 @@ public class LdapGroupDAOTest
Collection<Group> groups =
getGroupDAO().getGroups(daoTestUser2.getUserID(),
Role.RW, null);
Role.ADMIN, null);
System.out.println("# groups found: " + groups.size());
boolean found = false;
......@@ -353,7 +417,7 @@ public class LdapGroupDAOTest
});
}
@Test
// @Test
public void testAddGroupExceptions() throws Exception
{
Subject.doAs(anonSubject, new PrivilegedExceptionAction<Object>()
......@@ -371,7 +435,7 @@ public class LdapGroupDAOTest
}
});
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -400,12 +464,12 @@ public class LdapGroupDAOTest
});
}
@Test
// @Test
public void testGetGroupExceptions() throws Exception
{
final String groupID = getGroupID();
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -437,7 +501,7 @@ public class LdapGroupDAOTest
}
});
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -447,12 +511,12 @@ public class LdapGroupDAOTest
});
}
@Test
// @Test
public void testModifyGroupExceptions() throws Exception
{
final String groupID = getGroupID();
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -493,7 +557,7 @@ public class LdapGroupDAOTest
}
});
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -503,12 +567,12 @@ public class LdapGroupDAOTest
});
}
@Test
// @Test
public void testDeleteGroupExceptions() throws Exception
{
final String groupID = getGroupID();
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -540,7 +604,7 @@ public class LdapGroupDAOTest
}
});
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -550,12 +614,12 @@ public class LdapGroupDAOTest
});
}
@Test
// @Test
public void testSearchGroupsExceptions() throws Exception
{
final String groupID = getGroupID();
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -598,7 +662,7 @@ public class LdapGroupDAOTest
}
});
Subject.doAs(authSubject, new PrivilegedExceptionAction<Object>()
Subject.doAs(daoTestUser1Subject, new PrivilegedExceptionAction<Object>()
{
public Object run() throws Exception
{
......@@ -619,8 +683,7 @@ public class LdapGroupDAOTest
assertEquals(gr1.description, gr2.description);
assertEquals(gr1.getOwner(), gr2.getOwner());
assertEquals(gr1.getGroupMembers(), gr2.getGroupMembers());
assertEquals(gr1.getGroupMembers().size(), gr2.getGroupMembers()
.size());
assertEquals(gr1.getGroupMembers().size(), gr2.getGroupMembers().size());
for (Group gr : gr1.getGroupMembers())
{
assertTrue(gr2.getGroupMembers().contains(gr));
......
projects/cadcAccessControl/src/ca/nrc/cadc/ac/Role.java
+ 1
1
View file @ b37254d0
......@@ -76,7 +76,7 @@ public enum Role
{
OWNER("owner"),
MEMBER("member"),
RW("rw");
ADMIN("admin");
private final String value;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment