Add provider IT for fcrepo-auth-common

Resolves: https://www.pivotaltracker.com/story/show/82855102
fcrepo · Nov 18, 2014 · 8821c12 · 8821c12
1 parent c7f5851
commit 8821c12
Show file tree

Hide file tree

Showing 4 changed files with 257 additions and 0 deletions.
diff --git a/...h-common/src/test/java/org/fcrepo/auth/integration/ContainerRolesPrincipalProviderIT.java b/...h-common/src/test/java/org/fcrepo/auth/integration/ContainerRolesPrincipalProviderIT.java
@@ -0,0 +1,98 @@
+/**
+ * Copyright 2014 DuraSpace, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.fcrepo.auth.integration;
+
+import org.apache.http.auth.BasicUserPrincipal;
+import org.fcrepo.auth.common.FedoraAuthorizationDelegate;
+import org.fcrepo.auth.common.ServletContainerAuthenticationProvider;
+import org.fcrepo.kernel.impl.services.ContainerServiceImpl;
+import org.fcrepo.kernel.services.ContainerService;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mockito;
+import org.modeshape.jcr.api.ServletCredentials;
+import org.modeshape.jcr.value.Path;
+import org.slf4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import javax.jcr.Repository;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.security.Privilege;
+import javax.servlet.http.HttpServletRequest;
+
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.slf4j.LoggerFactory.getLogger;
+
+/**
+ * @author osmandin
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {"/spring-test/mocked-fad-repo-2.xml"})
+public class ContainerRolesPrincipalProviderIT {
+
+    private static Logger logger =
+            getLogger(ContainerRolesPrincipalProviderIT.class);
+
+    @Autowired
+    private Repository repo;
+
+    @Autowired
+    private FedoraAuthorizationDelegate fad;
+
+    private HttpServletRequest request = mock(HttpServletRequest.class);
+
+    @Test
+    public void testFactory() {
+        Assert.assertNotNull(
+                "AuthenticationProvider must return a AuthenticationProvider",
+                ServletContainerAuthenticationProvider.getInstance());
+    }
+
+    @Test
+    public void testEmptyPrincipalProvider() throws RepositoryException {
+        when(request.getRemoteUser()).thenReturn("fred");
+        when(request.getUserPrincipal()).thenReturn(
+                new BasicUserPrincipal("fred"));
+        when(
+                request.isUserInRole(Mockito
+                        .eq(ServletContainerAuthenticationProvider.FEDORA_USER_ROLE)))
+                .thenReturn(true);
+        Mockito.reset(fad);
+        when(fad.hasPermission(any(Session.class), any(Path.class), any(String[].class))).thenReturn(true);
+
+        final ServletCredentials credentials =
+                new ServletCredentials(request);
+        final Session session = repo.login(credentials);
+        final Privilege[] rootPrivs =
+                session.getAccessControlManager().getPrivileges("/");
+        for (final Privilege p : rootPrivs) {
+            logger.debug("got priv: " + p.getName());
+        }
+        final ContainerService os = new ContainerServiceImpl();
+        os.findOrCreate(session, "/myobject");
+        verify(fad, times(5)).hasPermission(any(Session.class), any(Path.class), any(String[].class));
+    }
+
+
+}
diff --git a/...-auth-common/src/test/java/org/fcrepo/auth/integration/HttpHeaderPrincipalProviderIT.java b/...-auth-common/src/test/java/org/fcrepo/auth/integration/HttpHeaderPrincipalProviderIT.java
@@ -0,0 +1,97 @@
+/**
+ * Copyright 2014 DuraSpace, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.fcrepo.auth.integration;
+
+import org.apache.http.auth.BasicUserPrincipal;
+import org.fcrepo.auth.common.FedoraAuthorizationDelegate;
+import org.fcrepo.auth.common.ServletContainerAuthenticationProvider;
+import org.fcrepo.kernel.impl.services.ContainerServiceImpl;
+import org.fcrepo.kernel.services.ContainerService;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mockito;
+import org.modeshape.jcr.api.ServletCredentials;
+import org.modeshape.jcr.value.Path;
+import org.slf4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import javax.jcr.Repository;
+import javax.jcr.RepositoryException;
+import javax.jcr.Session;
+import javax.jcr.security.Privilege;
+import javax.servlet.http.HttpServletRequest;
+
+import static org.mockito.Matchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.slf4j.LoggerFactory.getLogger;
+
+/**
+ * @author osmandin
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {"/spring-test/mocked-fad-repo-1.xml"})
+public class HttpHeaderPrincipalProviderIT {
+
+    private static Logger logger =
+            getLogger(HttpHeaderPrincipalProviderIT.class);
+
+    @Autowired
+    private Repository repo;
+
+    @Autowired
+    private FedoraAuthorizationDelegate fad;
+
+    private HttpServletRequest request = mock(HttpServletRequest.class);
+
+    @Test
+    public void testFactory() {
+        Assert.assertNotNull(
+                "AuthenticationProvider must return a AuthenticationProvider",
+                ServletContainerAuthenticationProvider.getInstance());
+    }
+
+    @Test
+    public void testEmptyPrincipalProvider() throws RepositoryException {
+        when(request.getRemoteUser()).thenReturn("fred");
+        when(request.getUserPrincipal()).thenReturn(
+                new BasicUserPrincipal("fred"));
+        when(
+                request.isUserInRole(Mockito
+                        .eq(ServletContainerAuthenticationProvider.FEDORA_USER_ROLE)))
+                .thenReturn(true);
+        Mockito.reset(fad);
+        when(fad.hasPermission(any(Session.class), any(Path.class), any(String[].class))).thenReturn(true);
+
+        final ServletCredentials credentials =
+                new ServletCredentials(request);
+        final Session session = repo.login(credentials);
+        final Privilege[] rootPrivs =
+                session.getAccessControlManager().getPrivileges("/");
+        for (final Privilege p : rootPrivs) {
+            logger.debug("got priv: " + p.getName());
+        }
+        final ContainerService os = new ContainerServiceImpl();
+        os.findOrCreate(session, "/myobject");
+        verify(fad, times(5)).hasPermission(any(Session.class), any(Path.class), any(String[].class));
+    }
+
+}
diff --git a/fcrepo-auth-common/src/test/resources/spring-test/mocked-fad-repo-1.xml b/fcrepo-auth-common/src/test/resources/spring-test/mocked-fad-repo-1.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xsi:schemaLocation="
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
+
+    <context:annotation-config/>
+
+    <context:component-scan base-package="org.fcrepo"/>
+
+    <bean name="modeshapeRepofactory" class="org.fcrepo.kernel.impl.spring.ModeShapeRepositoryFactoryBean"
+          depends-on="authenticationProvider"
+          p:repositoryConfiguration="${fcrepo.modeshape.configuration:repository.json}"/>
+
+    <bean name="fad" class="org.mockito.Mockito" factory-method="mock"
+          c:classToMock="org.fcrepo.auth.common.FedoraAuthorizationDelegate"/>
+
+    <bean name="httpPrincipalProvider" class="org.fcrepo.auth.common.HttpHeaderPrincipalProvider" p:headerName="test"
+          p:separator=":"/>
+
+    <bean name="authenticationProvider" class="org.fcrepo.auth.common.ServletContainerAuthenticationProvider"
+          p:fad-ref="fad" p:principalProviders-ref="httpPrincipalProvider"/>
+
+    <bean class="org.modeshape.jcr.ModeShapeEngine" init-method="start"/>
+
+    <bean id="connectionManager" class="org.apache.http.impl.conn.PoolingHttpClientConnectionManager"/>
+
+</beans>
diff --git a/fcrepo-auth-common/src/test/resources/spring-test/mocked-fad-repo-2.xml b/fcrepo-auth-common/src/test/resources/spring-test/mocked-fad-repo-2.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xmlns:p="http://www.springframework.org/schema/p"
+       xmlns:c="http://www.springframework.org/schema/c"
+       xsi:schemaLocation="
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd">
+
+    <context:annotation-config/>
+
+    <context:component-scan base-package="org.fcrepo"/>
+
+    <bean name="modeshapeRepofactory" class="org.fcrepo.kernel.impl.spring.ModeShapeRepositoryFactoryBean"
+          depends-on="authenticationProvider"
+          p:repositoryConfiguration="${fcrepo.modeshape.configuration:repository.json}"/>
+
+    <bean name="fad" class="org.mockito.Mockito" factory-method="mock"
+          c:classToMock="org.fcrepo.auth.common.FedoraAuthorizationDelegate"/>
+
+    <bean name="containerRolesPrincipalProvider" class="org.fcrepo.auth.common.ContainerRolesPrincipalProvider"
+          p:roleNames="test"/>
+
+    <bean name="authenticationProvider" class="org.fcrepo.auth.common.ServletContainerAuthenticationProvider"
+          p:fad-ref="fad" p:principalProviders-ref="containerRolesPrincipalProvider"/>
+
+    <bean class="org.modeshape.jcr.ModeShapeEngine" init-method="start"/>
+
+    <bean id="connectionManager" class="org.apache.http.impl.conn.PoolingHttpClientConnectionManager"/>
+
+</beans>