1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.test;
18
19
20 import java.io.File;
21
22
23 import junit.awtui.TestRunner;
24 import junit.framework.Test;
25 import junit.framework.TestSuite;
26
27
28 import org.apache.cactus.ServletTestCase;
29 import org.apache.cactus.WebRequest;
30 import org.apache.cactus.WebResponse;
31
32
33 import org.apache.jetspeed.om.profile.Profile;
34 import org.apache.jetspeed.om.profile.ProfileLocator;
35 import org.apache.jetspeed.om.profile.Portlets;
36 import org.apache.jetspeed.om.profile.PSMLDocument;
37 import org.apache.jetspeed.om.profile.psml.PsmlController;
38 import org.apache.jetspeed.om.profile.psml.PsmlEntry;
39 import org.apache.jetspeed.om.profile.psml.PsmlPortlets;
40 import org.apache.jetspeed.om.profile.psml.PsmlSkin;
41 import org.apache.jetspeed.services.Profiler;
42 import org.apache.jetspeed.test.TurbineTestUtilities;
43
44
45 import org.apache.turbine.util.RunData;
46 import org.apache.turbine.util.RunDataFactory;
47
48 /***
49 * TestBasicSecurity
50 *
51 * @author <a href="paulsp@apache.org">Paul Spencer</a>
52 * @version $Id: TestBasicSecurity.java,v 1.1 2004/04/07 22:02:41 jford Exp $
53 */
54
55 public class TestBasicSecurity extends ServletTestCase
56 {
57 private static String ADMIN_PORTLET = "GlobalAdminPortlet";
58 private static String ALL_PORTLET = "HelloVelocity";
59 private static String TEST_ADMIN_PASSWORD ="jetspeed";
60 private static String TEST_ADMIN_USER = "admin";
61 private static String TEST_CONTEXT = null;
62 private static String TEST_HOST = "localhost";
63 private static String TEST_SERVLET = "/portal";
64 private static String TEST_GROUP = "Jetspeed";
65 private static String TEST_SECURITY_PAGE = "SecurityTest";
66 private static String TEST_TURBINE_PASSWORD ="turbine";
67 private static String TEST_TURBINE_USER = "turbine";
68 private static String USER_PORTLET = "SkinBrowser";
69
70 private RunData rundata = null;
71
72 /***
73 * Defines the testcase name for JUnit.
74 *
75 * @param name the testcase's name.
76 */
77 public TestBasicSecurity(String name)
78 {
79 super( name );
80 }
81
82 /***
83 * Start the tests.
84 *
85 * @param args the arguments. Not used
86 */
87 public static void main(String args[])
88 {
89 TestRunner.main( new String[]
90 { TestBasicSecurity.class.getName() } );
91 }
92
93 /***
94 * Creates the test suite.
95 *
96 * @return a test suite (<code>TestSuite</code>) that includes all methods
97 * starting with "test"
98 */
99 public static Test suite()
100 {
101
102 return new TestSuite( TestBasicSecurity.class );
103 }
104
105 /***
106 * Sets up the test case.
107 *
108 */
109 protected void setUp() throws Exception
110 {
111 }
112
113 /***
114 * Test: PageURL
115 * With the page URL "/page/apache"
116 * 1) A page is generated
117 * 2) The user is anonymous
118 * 3) Group is set to "apache"
119 * 4) Role is not set
120 */
121 public void beginCreateTestPSML(WebRequest theRequest)
122 {
123 System.out.println("URL = " + theRequest.getURL());
124 theRequest.setURL(TEST_HOST, TEST_CONTEXT, TEST_SERVLET
125 , null ,"action=JLoginUser&username="+ TEST_ADMIN_USER + "&password=" + TEST_ADMIN_PASSWORD);
126 System.out.println("post set URL = " + theRequest.getURL());
127 }
128
129 /***
130 * Create a PSML in the TEST_GROUP with 3 entries.
131 * 1) ST_01.all no role
132 * 2) ST_01.user Role = user
133 * 3) ST_01.admin Role = admin
134 *
135 * @throws Exception
136 */
137 public void testCreateTestPSML() throws Exception
138 {
139 Portlets rootPortletSet = null;
140 ProfileLocator currentLocator = null;
141 ProfileLocator newLocator = null;
142 PsmlController controller = null;
143 PsmlPortlets portlets = null;
144 PsmlSkin skin = null;
145
146
147 rundata = RunDataFactory.getRunData( request, response, config );
148 assertNotNull( "Got rundata", rundata);
149
150 TurbineTestUtilities.setupRunData(rundata);
151
152 Profile profile = Profiler.getProfile(rundata);
153 assertNotNull( "Got profile from Profiler", profile);
154
155
156 if (profile instanceof ProfileLocator)
157 {
158 currentLocator = (ProfileLocator) profile;
159 }
160
161 newLocator = Profiler.createLocator();
162 newLocator.setGroupByName(TEST_GROUP);
163 newLocator.setMediaType(currentLocator.getMediaType());
164 newLocator.setName(TEST_SECURITY_PAGE);
165
166
167 portlets = new PsmlPortlets();
168 controller = new PsmlController();
169 controller.setName("RowController");
170 portlets.setController(controller);
171 skin = new PsmlSkin();
172 skin.setName("orange-red");
173 portlets.setSkin(skin);
174 rootPortletSet = portlets;
175
176 portlets = new PsmlPortlets();
177
178 portlets.addEntry( createEntry(ALL_PORTLET, "ST_01.all"));
179 portlets.addEntry( createEntry(USER_PORTLET, "ST_01.user"));
180 portlets.addEntry( createEntry(ADMIN_PORTLET, "ST_01.admin"));
181 rootPortletSet.addPortlets(portlets);
182
183 Profile newProfile = Profiler.createProfile(newLocator, rootPortletSet);
184 PSMLDocument doc = newProfile.getDocument();
185 System.out.println("doc = " + doc.getName());
186
187
188 File file = new File(doc.getName());
189 assertTrue(file.exists());
190
191
192 TurbineTestUtilities.generatePage(rundata);
193 TurbineTestUtilities.outputPage(rundata);
194
195
196 RunDataFactory.putRunData(rundata);
197 }
198
199 public void endCreateTestPSML(WebResponse theResponse)
200 {
201 System.out.println("text length = " + theResponse.getText().length());
202
203 }
204
205 /***
206 * This test verifies that no "Actions" like minimize are displayed for
207 * the anonymous user. The ID is used to determine if an action is on
208 * the page for an entry.
209 */
210 public void beginAnonymousUser(WebRequest theRequest)
211 {
212 System.out.println("URL = " + theRequest.getURL());
213 theRequest.setURL(TEST_HOST, TEST_CONTEXT, TEST_SERVLET
214 , "/group/" + TEST_GROUP + "/page/" + TEST_SECURITY_PAGE , null );
215 System.out.println("post set URL = " + theRequest.getURL());
216 }
217
218 public void testAnonymousUser() throws Exception
219 {
220
221 rundata = RunDataFactory.getRunData( request, response, config );
222 assertNotNull( "Got rundata", rundata);
223
224 TurbineTestUtilities.setupRunData(rundata);
225
226
227 Profile profile = Profiler.getProfile(rundata);
228 assertNotNull( "Got profile from Profiler", profile);
229
230
231 if (profile instanceof ProfileLocator)
232 {
233 ProfileLocator profileLocator = (ProfileLocator) profile;
234 assertTrue("Verify the 'anonymous' is not set", !profileLocator.getAnonymous());
235 assertNull("Verify the user is null", profileLocator.getUser());
236 assertNull("Verify the role is null", profileLocator.getRole());
237 assertEquals("Verify the page name", profileLocator.getName(), TEST_SECURITY_PAGE + ".psml");
238 } else
239 {
240 assertTrue( "profile does not implement ProfileLocator", false);
241 }
242 TurbineTestUtilities.generatePage(rundata);
243 TurbineTestUtilities.outputPage(rundata);
244
245
246 RunDataFactory.putRunData(rundata);
247 }
248
249 public void endAnonymousUser(WebResponse theResponse)
250 {
251 assertEquals("Verify resulting page does not contain 'ST_01.all'", theResponse.getText().indexOf("ST_01.all"),-1);
252 assertEquals("Verify resulting page does not contain 'ST_01.user'", theResponse.getText().indexOf("ST_01.user"),-1);
253 assertEquals("Verify resulting page does not contain 'ST_01.admin'", theResponse.getText().indexOf("ST_01.admin"), -1);
254 System.out.println("text length = " + theResponse.getText().length());
255
256 }
257
258 /***
259 * This test verifies that only protlets with a role of User has "Actions"
260 * like minimize are displayed a logged in user with a role = user. The
261 * ID is used to determine if an action is on the page for an entry.
262 */
263 public void beginTurbineUser(WebRequest theRequest)
264 {
265 System.out.println("URL = " + theRequest.getURL());
266 theRequest.setURL(TEST_HOST, TEST_CONTEXT, TEST_SERVLET
267 , "/group/" + TEST_GROUP + "/page/" + TEST_SECURITY_PAGE , "action=JLoginUser&username="+ TEST_TURBINE_USER + "&password=" + TEST_TURBINE_PASSWORD);
268 System.out.println("post set URL = " + theRequest.getURL());
269 }
270
271 public void testTurbineUser() throws Exception
272 {
273
274 rundata = RunDataFactory.getRunData( request, response, config );
275 assertNotNull( "Got rundata", rundata);
276
277 TurbineTestUtilities.setupRunData(rundata);
278
279
280 Profile profile = Profiler.getProfile(rundata);
281 assertNotNull( "Got profile from Profiler", profile);
282
283
284 if (profile instanceof ProfileLocator)
285 {
286 ProfileLocator profileLocator = (ProfileLocator) profile;
287 assertTrue("Verify the 'anonymous' is not set", !profileLocator.getAnonymous());
288 assertNull("Verify the user is null", profileLocator.getUser());
289 assertNull("Verify the role is null", profileLocator.getRole());
290 assertEquals("Verify the page name", profileLocator.getName(), TEST_SECURITY_PAGE + ".psml");
291 } else
292 {
293 assertTrue( "profile does not implement ProfileLocator", false);
294 }
295 TurbineTestUtilities.generatePage(rundata);
296 TurbineTestUtilities.outputPage(rundata);
297
298
299 RunDataFactory.putRunData(rundata);
300 }
301
302 public void endTurbineUser(WebResponse theResponse)
303 {
304 assertTrue("Verify resulting page contains 'ST_01.all'", theResponse.getText().indexOf("ST_01.all") > -1);
305 assertTrue("Verify resulting page contains 'ST_01.user'", theResponse.getText().indexOf("ST_01.user") > -1);
306 assertEquals("Verify resulting page does not contain 'ST_01.admin'", theResponse.getText().indexOf("ST_01.admin"), -1);
307 System.out.println("text length = " + theResponse.getText().length());
308
309 }
310
311 /***
312 * This test verifies that only protlets with a role of User or admin have
313 * "Actions" like minimize are displayed a logged in user with a
314 * role = user and admin. The ID is used to determine if an action is on
315 * the page for an entry.
316 */
317 public void beginAdminUser(WebRequest theRequest)
318 {
319 System.out.println("URL = " + theRequest.getURL());
320 theRequest.setURL(TEST_HOST, TEST_CONTEXT, TEST_SERVLET
321 , "/group/" + TEST_GROUP + "/page/" + TEST_SECURITY_PAGE , "action=JLoginUser&username="+ TEST_ADMIN_USER + "&password=" + TEST_ADMIN_PASSWORD);
322 System.out.println("post set URL = " + theRequest.getURL());
323 }
324
325 public void testAdminUser() throws Exception
326 {
327
328 rundata = RunDataFactory.getRunData( request, response, config );
329 assertNotNull( "Got rundata", rundata);
330
331 TurbineTestUtilities.setupRunData(rundata);
332
333
334 Profile profile = Profiler.getProfile(rundata);
335 assertNotNull( "Got profile from Profiler", profile);
336
337
338 if (profile instanceof ProfileLocator)
339 {
340 ProfileLocator profileLocator = (ProfileLocator) profile;
341 assertTrue("Verify the 'anonymous' is not set", !profileLocator.getAnonymous());
342 assertNull("Verify the user is null", profileLocator.getUser());
343 assertNull("Verify the role is null", profileLocator.getRole());
344 assertEquals("Verify the page name", profileLocator.getName(), TEST_SECURITY_PAGE + ".psml");
345 } else
346 {
347 assertTrue( "profile does not implement ProfileLocator", false);
348 }
349 TurbineTestUtilities.generatePage(rundata);
350 TurbineTestUtilities.outputPage(rundata);
351
352
353 RunDataFactory.putRunData(rundata);
354 }
355
356 public void endAdminUser(WebResponse theResponse)
357 {
358 assertTrue("Verify resulting page contains 'ST_01.all'", theResponse.getText().indexOf("ST_01.all") > -1);
359 assertTrue("Verify resulting page contains 'ST_01.user'", theResponse.getText().indexOf("ST_01.user") > -1);
360 assertTrue("Verify resulting page contains 'ST_01.admin'", theResponse.getText().indexOf("ST_01.admin")> -1);
361 System.out.println("text length = " + theResponse.getText().length());
362
363 }
364
365 private PsmlEntry createEntry(java.lang.String parent, java.lang.String id)
366 {
367 PsmlEntry entry = new PsmlEntry();
368 entry.setParent( parent);
369 if (id != null)
370 entry.setId( id);
371 return entry;
372 }
373
374 }