Home -> Security -> CAS -> HEAD -> Clover -> Org -> Globus -> Cas -> Impl -> DatabaseAccess

Clover coverage report - CAS Unit Tests Coverage timestamp: Mon Jul 4 2005 18:13:17 CDT Overview   Package   File     FRAMES   NO FRAMES   file stats: LOC: 1,351   Methods: 10 NCLOC: 1,043   Classes: 1
Source file	Conditionals	Statements	Methods	TOTAL
TestPolicyData.java	0%	0%	0%	0%

1		/*
2		* Portions of this file Copyright 1999-2005 University of Chicago
3		* Portions of this file Copyright 1999-2005 The University of Southern California.
4		*
5		* This file or a portion of this file is licensed under the
6		* terms of the Globus Toolkit Public License, found at
7		* http://www.globus.org/toolkit/download/license.html.
8		* If you redistribute this file, with or without
9		* modifications, you must include this notice in the file.
10		*/
11		package org.globus.cas.impl.databaseAccess;
12
13		import junit.framework.Test;
14		import junit.framework.TestCase;
15		import junit.framework.TestSuite;
16
17		import org.globus.cas.impl.CasConstants;
18
19		import org.globus.cas.types.UserData;
20		import org.globus.cas.types.ObjectData;
21		import org.globus.cas.types.PolicyData;
22		import org.globus.cas.types.NamespaceData;
23		import org.globus.cas.types.UserGroupData;
24		import org.globus.cas.types.ObjectGroupData;
25		import org.globus.cas.types.ServiceTypeData;
26		import org.globus.cas.types.TrustAnchorData;
27
28		import org.globus.cas.utils.CasStringUtils;
29
30		import java.util.Vector;
31
32		import org.apache.commons.logging.Log;
33		import org.apache.commons.logging.LogFactory;
34
35		public class TestPolicyData extends TestCase {
36
37		static Log logger =
38		LogFactory.getLog(TestPolicyData.class.getName());
39
40		String externalObjId = null;
41		String externalObjName = null;
42		String externalObjNS = null;
43		String externalServiceType = null;
44		String addActionId = null;
45		String createActionId = null;
46		String externalPolicy = null;
47		String compAlg = "ExactComparison";
48		String trustNick = "nickname";
49		String userNick ="userNick";
50		String rootGroup = "root";
51		String groupName1 = "userGroup1";
52
53	0	public TestPolicyData(String name){
54	0	super(name);
55		}
56
57	0	public static Test suite() {
58	0	return new TestSuite(TestPolicyData.class);
59		}
60
61	0	public void testPermissions() throws Exception {
62	0	initializeUserData();
63	0	policyDataTest();
64	0	objectPermissionsTest();
65	0	try {
66	0	UserGroupDataHandler.removeGroupMember(rootGroup, userNick);
67		} catch (CasDBException ex) {
68	0	if (ex.getMessage().indexOf("may not exist") == -1) {
69	0	throw ex;
70		}
71		}
72	0	UserDataHandler.deleteObject(userNick);
73	0	UserGroupDataHandler.deleteObject(rootGroup);
74	0	UserGroupDataHandler.deleteObject(groupName1);
75	0	TrustAnchorDataHandler.deleteObject(trustNick);
76		}
77
78	0	public void initializeUserData() throws Exception {
79
80	0	String authMethod = "authMethod";
81	0	String authData ="authData";
82
83		// Store trust anchor data
84	0	TrustAnchorData trustAnchor = new TrustAnchorData();
85	0	trustAnchor.setNickname(trustNick);
86	0	trustAnchor.setAuthMethod(authMethod);
87	0	trustAnchor.setAuthData(authData);
88	0	TrustAnchorDataHandler.storeObject(trustAnchor);
89	0	logger.debug("Store object went through " + trustAnchor.toString());
90
91		// Store user data
92	0	String subjectName = "userSubjectName";
93	0	UserData userData = new UserData();
94	0	userData.setNickname(userNick);
95	0	userData.setSubjectName(subjectName);
96	0	userData.setTrustAnchorName(trustNick);
97	0	UserDataHandler.storeObject(userData);
98	0	logger.debug("Store user data went through " + userData.toString());
99		}
100
101	0	public void policyDataTest() throws Exception {
102
103	0	PolicyData policyData = new PolicyData();
104	0	policyData.setUserGroupName(groupName1);
105	0	policyData.setActionSpec("-1");
106	0	policyData.setActionSpecDesc("serviceAction");
107	0	policyData.setObjectSpec("-1");
108	0	policyData.setObjectSpecDesc("object");
109
110		// test without usergroup
111	0	boolean expBool = false;
112	0	try {
113	0	PolicyDataHandler.storeObject(policyData);
114		}
115		catch (CasDBException e) {
116	0	if ((e.getMessage()).indexOf(groupName1
117		+ "\" does not exist") != -1)
118	0	expBool = true;
119		else
120	0	logger.error(e);
121		}
122	0	assertTrue(expBool);
123
124		// adding user group
125	0	UserGroupData userGpData1 = new UserGroupData();
126	0	userGpData1.setGroupName(groupName1);
127	0	UserGroupDataHandler.storeObject(userGpData1);
128	0	logger.debug("Store user group data went through "
129		+ userGpData1.toString());
130
131
132
133		// adding user group
134	0	String groupName = "userGroup";
135	0	UserGroupData userGpData = new UserGroupData();
136	0	userGpData.setGroupName(groupName);
137	0	UserGroupDataHandler.storeObject(userGpData);
138	0	logger.debug("Store user group data went through "
139		+ userGpData.toString());
140
141	0	String nsNickname = "nickname";
142	0	String basename = "basename1";
143
144		// Store name space data
145	0	NamespaceData nsData = new NamespaceData();
146	0	nsData.setNickname(nsNickname);
147	0	nsData.setBasename(basename);
148	0	nsData.setComparisonAlg(compAlg);
149	0	NamespaceDataHandler.storeObject(nsData);
150	0	logger.debug("Store object went through " + nsData.toString());
151
152		// adding an object without group
153	0	String objectName = "objectName";
154	0	String objectNamespace = nsNickname;
155	0	ObjectData objectData = new ObjectData();
156	0	objectData.setObjectName(objectName);
157	0	objectData.setObjectNamespace(objectNamespace);
158	0	String objectId = ObjectDataHandler.storeObject(objectData);
159	0	assertTrue(objectId!=null);
160	0	logger.debug("Store object data went through id " + objectId + " "
161		+ objectData.toString());
162
163		// Adding object group data
164	0	String objectGroupName = "objectGroupName";
165	0	ObjectGroupData objGroup = new ObjectGroupData();
166	0	objGroup.setGroupName(objectGroupName);
167	0	String objGroupId = ObjectGroupDataHandler.storeObject(objGroup);
168	0	assertTrue(objGroupId != null);
169
170		// serviceType name
171	0	String serviceTypeName = "serviceTypeName";
172	0	ServiceTypeData serviceTypeData = new ServiceTypeData();
173	0	serviceTypeData.setName(serviceTypeName);
174	0	String serviceId = ServiceTypeDataHandler.storeObject(serviceTypeData);
175	0	assertTrue(serviceId!=null);
176	0	logger.debug("Store service type data went through");
177
178	0	String actionId = "-1";
179	0	policyData.setActionSpec(actionId);
180	0	policyData.setActionSpecDesc("serviceAction");
181	0	policyData.setObjectSpec(objectId);
182	0	policyData.setObjectSpecDesc("object");
183		// Test without service/action
184	0	expBool = false;
185	0	try {
186	0	PolicyDataHandler.storeObject(policyData);
187		}
188		catch (CasDBException e) {
189	0	if ((e.getMessage())
190		.indexOf("does not exist in \"service action\" table") != -1)
191	0	expBool = true;
192		else
193	0	logger.error(e);
194		}
195	0	assertTrue(expBool);
196
197	0	String actionName1 = "actionName1";
198		// add action mappings
199	0	actionId = ServiceTypeActionHandler.addServiceActionMapping(
200		serviceTypeName, actionName1);
201	0	assertTrue(actionId!=null);
202	0	logger.debug("serviceType/actionName added");
203
204		// create service_action group
205	0	String serviceGpName = "serviceGroupName";
206	0	ServiceTypeActionHandler.createServiceActionGroup(serviceGpName);
207	0	logger.debug("created action group");
208
209	0	policyData.setActionSpec(actionId);
210	0	String policyId = PolicyDataHandler.storeObject(policyData);
211	0	policyData.setPolicyId(policyId);
212	0	PolicyData retrievedData = (PolicyData)PolicyDataHandler.retrieveObject(
213		policyId);
214	0	assertTrue(retrievedData!=null);
215	0	logger.debug("store and retrieve went through");
216	0	assertTrue(retrievedData.equals(policyData));
217
218		// storing with s/a gp and obj gp
219	0	retrievedData = null;
220	0	policyData = new PolicyData();
221	0	policyData.setUserGroupName(groupName1);
222	0	policyData.setActionSpec(serviceGpName);
223	0	policyData.setActionSpecDesc("serviceActionGroup");
224	0	policyData.setObjectSpec(objectGroupName);
225	0	policyData.setObjectSpecDesc("objectGroup");
226	0	String policyId1 = PolicyDataHandler.storeObject(policyData);
227	0	assertTrue(policyId1!=null);
228	0	policyData.setPolicyId(policyId1);
229	0	retrievedData = (PolicyData)PolicyDataHandler.retrieveObject(policyId1);
230	0	assertTrue(retrievedData!=null);
231	0	logger.debug("store and retrieve went through");
232	0	assertTrue(retrievedData.equals(policyData));
233
234		// storing with user as objectspec
235	0	policyData.setObjectSpec(userNick);
236	0	policyData.setObjectSpecDesc("user");
237	0	String policyIdUser = PolicyDataHandler.storeObject(policyData);
238	0	assertTrue(policyIdUser!=null);
239	0	policyData.setPolicyId(policyIdUser);
240	0	retrievedData = (PolicyData)PolicyDataHandler.retrieveObject(
241		policyIdUser);
242	0	assertTrue(retrievedData.equals(policyData));
243
244		// storing with userGp as objectspec
245	0	policyData.setObjectSpec(groupName1);
246	0	policyData.setObjectSpecDesc("userGroup");
247	0	String policyIdUserGp = PolicyDataHandler.storeObject(policyData);
248	0	policyData.setPolicyId(policyIdUserGp);
249	0	assertTrue(policyIdUserGp!=null);
250	0	retrievedData =
251		(PolicyData)PolicyDataHandler.retrieveObject(policyIdUserGp);
252	0	assertTrue(retrievedData.equals(policyData));
253
254		// storing with serviceType as objectspec
255	0	policyData.setObjectSpec(serviceTypeName);
256	0	policyData.setObjectSpecDesc("serviceType");
257	0	String policyIdService = PolicyDataHandler.storeObject(policyData);
258	0	assertTrue(policyIdService!=null);
259	0	policyData.setPolicyId(policyIdService);
260	0	retrievedData = (PolicyData)PolicyDataHandler.retrieveObject(
261		policyIdService);
262	0	assertTrue(retrievedData.equals(policyData));
263
264		// storing with namespace as objectspec
265	0	policyData.setObjectSpec(nsNickname);
266	0	policyData.setObjectSpecDesc("namespace");
267	0	String policyIdNs = PolicyDataHandler.storeObject(policyData);
268	0	assertTrue(policyIdNs!=null);
269	0	policyData.setPolicyId(policyIdNs);
270	0	retrievedData =
271		(PolicyData)PolicyDataHandler.retrieveObject(policyIdNs);
272	0	assertTrue(retrievedData.equals(policyData));
273
274		// storing with trustAnchor as objectspec
275	0	policyData.setObjectSpec(trustNick);
276	0	policyData.setObjectSpecDesc("trustAnchor");
277	0	String policyIdAnchor = PolicyDataHandler.storeObject(policyData);
278	0	assertTrue(policyIdAnchor!=null);
279	0	policyData.setPolicyId(policyIdAnchor);
280	0	retrievedData =
281		(PolicyData)PolicyDataHandler.retrieveObject(policyIdAnchor);
282	0	assertTrue(retrievedData.equals(policyData));
283
284		// Set cas/superuser on casServer
285	0	ServiceTypeData serTypeData = new ServiceTypeData();
286	0	serTypeData.setName("cas");
287	0	ServiceTypeDataHandler.storeObject(serTypeData);
288
289		// Add mapping
290	0	String serviceActionId =
291		ServiceTypeActionHandler.addServiceActionMapping("cas","superuser");
292
293		// Add mapping
294	0	String grantAllId =
295		ServiceTypeActionHandler.addServiceActionMapping("cas","grantAll");
296
297		// storing with serviceActionGp as objectspec
298	0	policyData.setActionSpec(grantAllId);
299	0	policyData.setActionSpecDesc("serviceAction");
300	0	policyData.setObjectSpec(serviceGpName);
301	0	policyData.setObjectSpecDesc("serviceActionGroup");
302	0	String policyIdServiceGp = PolicyDataHandler.storeObject(policyData);
303	0	assertTrue(policyIdServiceGp!=null);
304	0	policyData.setPolicyId(policyIdServiceGp);
305	0	retrievedData =
306		(PolicyData)PolicyDataHandler.retrieveObject(policyIdServiceGp);
307	0	assertTrue(retrievedData.equals(policyData));
308
309		// verify list method
310	0	String listPolicy[] = PolicyDataHandler.list();
311	0	assertTrue(CasStringUtils.stringInArray(listPolicy, policyIdServiceGp));
312
313		// verify get policy id method
314	0	String returnedPolicyId = PolicyDataHandler.getPolicyId(policyData);
315	0	assertTrue(policyIdServiceGp != returnedPolicyId);
316
317		// exception with wrong objectSpec type
318	0	policyData.setObjectSpec(serviceGpName);
319	0	policyData.setObjectSpecDesc("type");
320	0	expBool = false;
321	0	try {
322	0	PolicyDataHandler.storeObject(policyData);
323		}
324		catch (CasDBException e) {
325	0	if ((e.getMessage()).indexOf("Object spec is not set correctly")
326		!= -1)
327	0	expBool = true;
328		}
329	0	assertTrue(expBool);
330
331		// exception with wrong actionSpec type
332	0	policyData.setActionSpec("-1");
333	0	policyData.setActionSpecDesc("user");
334	0	expBool = false;
335	0	try {
336	0	PolicyDataHandler.storeObject(policyData);
337		}
338		catch (CasDBException e) {
339	0	if ((e.getMessage()).indexOf("Action spec is not set correctly") !=
340		-1)
341	0	expBool = true;
342		}
343	0	assertTrue(expBool);
344
345		// Permission tests
346	0	PolicyData p1 = new PolicyData();
347	0	p1.setUserGroupName(groupName1);
348	0	p1.setActionSpec(actionId);
349	0	p1.setActionSpecDesc("serviceAction");
350	0	p1.setObjectSpec(objectId);
351	0	p1.setObjectSpecDesc("object");
352	0	assertTrue(PermissionsEvaluator.hasPermissions(p1, false));
353	0	logger.debug("P1 through!");
354
355	0	PolicyData p2 = new PolicyData();
356	0	p2.setUserGroupName(groupName1);
357	0	p2.setObjectSpec("objectGroupName");
358	0	p2.setObjectSpecDesc("objectGroup");
359	0	p2.setActionSpec("1");
360	0	p2.setActionSpecDesc("serviceAction");
361	0	assertTrue(!PermissionsEvaluator.hasPermissions(p2, false));
362	0	logger.debug("P2 through!");
363
364		// Add userNick to group
365	0	UserGroupDataHandler.addGroupMember(groupName, "userNick");
366	0	PolicyData p3 = new PolicyData();
367	0	p3.setUserGroupName(groupName1);
368	0	p3.setObjectSpec("objectGroupName");
369	0	p3.setObjectSpecDesc("objectGroup");
370	0	p3.setActionSpec("serviceGroupName");
371	0	p3.setActionSpecDesc("serviceActionGroup");
372	0	assertTrue(PermissionsEvaluator.hasPermissions(p3, false));
373	0	assertTrue(!PermissionsEvaluator.userHasPermissions(userNick,p3));
374	0	UserGroupDataHandler.addGroupMember(groupName1, userNick);
375	0	assertTrue(PermissionsEvaluator.userHasPermissions(userNick, p3));
376	0	logger.debug("P3 through!");
377
378		// add an external object and gives add permission to usergroup1
379	0	setupExternalObjects(groupName1);
380
381		// Store namespace
382	0	nsData = new NamespaceData();
383	0	nsData.setNickname("casNamespace");
384	0	nsData.setBasename("basename2");
385	0	nsData.setComparisonAlg(compAlg);
386	0	NamespaceDataHandler.storeObject(nsData);
387
388		// store casServer as object
389	0	objectData = new ObjectData();
390	0	objectData.setObjectName("casServer");
391	0	objectData.setObjectNamespace("casNamespace");
392	0	String casServerId = ObjectDataHandler.storeObject(objectData);
393
394	0	String objGpGrantAll = "objectGroupGrantAll";
395	0	ObjectGroupData objGroup1 = new ObjectGroupData();
396	0	objGroup1.setGroupName(objGpGrantAll);
397	0	objGpGrantAll = ObjectGroupDataHandler.storeObject(objGroup1);
398	0	assertTrue(objGpGrantAll != null);
399
400	0	ObjectGroupDataHandler.addGroupMember(objGpGrantAll, casServerId,
401		"object");
402	0	ObjectGroupDataHandler.addGroupMember(objGpGrantAll, externalObjId,
403		"object");
404
405		// A new usergroup for superuser
406
407	0	UserGroupData rootGp = new UserGroupData();
408	0	rootGp.setGroupName(rootGroup);
409	0	UserGroupDataHandler.storeObject(rootGp);
410
411		// Set grantAll
412	0	logger.debug("grant all perm");
413	0	policyData = new PolicyData();
414	0	policyData.setUserGroupName(rootGroup);
415	0	policyData.setObjectSpec(objGpGrantAll);
416	0	policyData.setObjectSpecDesc("objectGroup");
417	0	policyData.setActionSpec(grantAllId);
418	0	policyData.setActionSpecDesc("serviceAction");
419	0	String grantAllPolicy = PolicyDataHandler.storeObject(policyData);
420
421
422		// Add mapping
423	0	String addEntryId =
424		ServiceTypeActionHandler.addServiceActionMapping(
425		"cas","add_group_entry");
426
427		// now permission to add to this group must fail for
428		// userNick since grantAll on rootGp
429	0	PolicyData grantTestPolicy = new PolicyData();
430	0	grantTestPolicy.setObjectSpec(objGpGrantAll);
431	0	grantTestPolicy.setObjectSpecDesc("objectGroup");
432	0	grantTestPolicy.setActionSpec(addEntryId);
433	0	grantTestPolicy.setActionSpecDesc("serviceAction");
434	0	assertTrue(!PermissionsEvaluator.userHasPermissions(
435		userNick,grantTestPolicy));
436
437		// add userNick to root Gp to test if grantAll worked.
438	0	UserGroupDataHandler.addGroupMember(rootGroup, userNick);
439	0	assertTrue(PermissionsEvaluator.userHasPermissions(
440		userNick,grantTestPolicy));
441
442
443		// remove user from gp
444	0	UserGroupDataHandler.removeGroupMember(rootGroup, userNick);
445
446		// Set super user permissions
447	0	policyData = new PolicyData();
448	0	policyData.setUserGroupName(groupName1);
449	0	policyData.setObjectSpec(casServerId);
450	0	policyData.setObjectSpecDesc("object");
451	0	policyData.setActionSpec(serviceActionId);
452	0	policyData.setActionSpecDesc("serviceAction");
453	0	String superUserPolicy = PolicyDataHandler.storeObject(policyData);
454
455		// test external policy list
456	0	Vector applicablePolicy =
457		ExternalPolicyEvaluator.getPolicies(userNick);
458	0	assertTrue(applicablePolicy != null);
459	0	int policyNum = 0;
460	0	for (int i=0; i<applicablePolicy.size(); i++) {
461	0	Vector objPolicy = (Vector)applicablePolicy.get(i);
462	0	displayPolicyVector(objPolicy);
463	0	assertTrue(ensureOnlyExternalPolicy(objPolicy));
464	0	policyNum = policyNum + objPolicy.size();
465		}
466	0	assertTrue(policyNum == 2);
467
468	0	UserGroupDataHandler.addGroupMember(rootGroup, userNick);
469	0	applicablePolicy =
470		ExternalPolicyEvaluator.getPolicies(userNick);
471	0	assertTrue(applicablePolicy != null);
472	0	policyNum = 0;
473	0	for (int i=0; i<applicablePolicy.size(); i++) {
474	0	Vector objPolicy = (Vector)applicablePolicy.get(i);
475	0	displayPolicyVector(objPolicy);
476	0	assertTrue(ensureOnlyExternalPolicy(objPolicy));
477	0	policyNum = policyNum + objPolicy.size();
478		}
479	0	assertTrue(policyNum == 3);
480	0	UserGroupDataHandler.removeGroupMember(rootGroup, userNick);
481
482		// add grantAll for trustAnchor and Namespace
483	0	policyData.setUserGroupName(groupName1);
484	0	policyData.setObjectSpec(trustNick);
485	0	policyData.setObjectSpecDesc("trustAnchor");
486	0	policyData.setActionSpec(grantAllId);
487	0	policyData.setActionSpecDesc("serviceAction");
488	0	String trustAnchorPolicy = PolicyDataHandler.storeObject(policyData);
489
490	0	ObjectGroupDataHandler.addGroupMember(objectGroupName, trustNick,
491		"trustAnchor");
492
493		// test all policy for trustAnchor
494	0	PolicyData[] allApplicablePolicy =
495		PolicyQueryHandler.getAllApplicablePolicy(
496		CasConstants.TRUSTANCHOR_SPEC,
497		trustNick);
498	0	assertTrue(allApplicablePolicy != null);
499	0	logger.debug("all policies " + allApplicablePolicy.length);
500	0	displayPolicyArray(allApplicablePolicy);
501	0	assertTrue(allApplicablePolicy.length == 3);
502
503		// Remove group member
504	0	ObjectGroupDataHandler.removeGroupMember(objectGroupName, trustNick,
505		"trustAnchor");
506		// delete grantAll policy for trust anchor
507	0	PolicyDataHandler.deleteObject(trustAnchorPolicy);
508
509		// test all policy for namespace
510	0	policyData.setObjectSpec(nsNickname);
511	0	policyData.setObjectSpecDesc("namespace");
512	0	String nsPolicy = PolicyDataHandler.storeObject(policyData);
513
514	0	ObjectGroupDataHandler.addGroupMember(objectGroupName, nsNickname,
515		"namespace");
516
517		// test all policy for namespace
518	0	allApplicablePolicy =
519		PolicyQueryHandler.getAllApplicablePolicy(
520		CasConstants.NAMESPACE_SPEC,
521		nsNickname);
522	0	assertTrue(allApplicablePolicy != null);
523	0	logger.debug("all policies " + allApplicablePolicy.length);
524	0	displayPolicyArray(allApplicablePolicy);
525	0	assertTrue(allApplicablePolicy.length == 3);
526		// Remove group member
527	0	ObjectGroupDataHandler.removeGroupMember(objectGroupName, nsNickname,
528		"namespace");
529		// delete grantAll policy for trust anchor
530	0	PolicyDataHandler.deleteObject(nsPolicy);
531
532		// test all policy for user
533	0	allApplicablePolicy =
534		PolicyQueryHandler.getAllApplicablePolicy(
535		CasConstants.USER_SPEC,
536		userNick);
537	0	logger.debug("all policies " + allApplicablePolicy.length);
538	0	displayPolicyArray(allApplicablePolicy);
539	0	assertTrue(allApplicablePolicy.length == 11);
540
541	0	try {
542	0	allApplicablePolicy =
543		PolicyQueryHandler.getAllApplicablePolicy(
544		CasConstants.USER_SPEC,
545		"DummyUser");
546		}
547		catch (CasDBException exp) {
548	0	expBool = true;
549		}
550	0	assertTrue(expBool);
551
552		// test all policy for user group
553	0	allApplicablePolicy =
554		PolicyQueryHandler.getAllApplicablePolicy(
555		CasConstants.USERGP_SPEC,
556		groupName1);
557	0	assertTrue(allApplicablePolicy != null);
558	0	assertTrue(allApplicablePolicy.length == 10);
559
560	0	expBool = false;
561	0	try {
562	0	allApplicablePolicy =
563		PolicyQueryHandler.getAllApplicablePolicy(
564		CasConstants.USERGP_SPEC,
565		"DummyUserGp");
566		}
567		catch (CasDBException dbExp) {
568	0	expBool = true;
569		}
570	0	assertTrue(expBool);
571
572		// Add casServerId to objectGroup also
573	0	ObjectGroupDataHandler.addGroupMember(objectGroupName, casServerId,
574		"object");
575
576		// test all policy for object
577	0	allApplicablePolicy =
578		PolicyQueryHandler.getAllApplicablePolicy(
579		CasConstants.OBJECT_SPEC,
580		casServerId);
581	0	assertTrue(allApplicablePolicy != null);
582	0	assertTrue(allApplicablePolicy.length == 3);
583
584	0	expBool = false;
585	0	try {
586	0	allApplicablePolicy =
587		PolicyQueryHandler.getAllApplicablePolicy(
588		CasConstants.OBJECT_SPEC,
589		"DummyObjectId");
590		}
591		catch (CasDBException dbExp) {
592	0	expBool = true;
593		}
594	0	assertTrue(expBool);
595
596
597		// Remove casServerId
598	0	ObjectGroupDataHandler.removeGroupMember(objectGroupName, casServerId,
599		"object");
600
601		// test all policy for object group
602	0	allApplicablePolicy =
603		PolicyQueryHandler.getAllApplicablePolicy(
604		CasConstants.OBJECTGP_SPEC,
605		objectGroupName);
606	0	assertTrue(allApplicablePolicy != null);
607	0	System.out.println("applicable Policy " + allApplicablePolicy.length);
608	0	assertTrue(allApplicablePolicy.length == 1);
609
610	0	expBool = false;
611	0	try {
612	0	allApplicablePolicy =
613		PolicyQueryHandler.getAllApplicablePolicy(
614		CasConstants.OBJECT_SPEC,
615		"DummyObjectId");
616		}
617		catch (CasDBException dbExp) {
618	0	expBool = true;
619		}
620	0	assertTrue(expBool);
621
622		// test all policy for service type
623	0	allApplicablePolicy =
624		PolicyQueryHandler.getAllApplicablePolicy(
625		CasConstants.SERVICETYPE_SPEC,
626		serviceTypeName);
627	0	assertTrue(allApplicablePolicy != null);
628	0	assertTrue(allApplicablePolicy.length == 1);
629
630	0	expBool = false;
631	0	try {
632	0	allApplicablePolicy =
633		PolicyQueryHandler.getAllApplicablePolicy(
634		CasConstants.SERVICETYPE_SPEC,
635		"DummyServiceType");
636		}
637		catch (CasDBException dbExp) {
638	0	expBool = true;
639		}
640	0	assertTrue(expBool);
641
642		// Add SampleCounter service as part of serviceGroupName
643	0	ServiceTypeActionHandler.addServiceActionGpEntry(serviceGpName,
644		externalServiceType,
645		"add");
646	0	allApplicablePolicy =
647		PolicyQueryHandler.getAllApplicablePolicy(
648		CasConstants.SERVICETYPE_SPEC,
649		externalServiceType);
650	0	assertTrue(allApplicablePolicy == null);
651
652		// Remove group member
653	0	ServiceTypeActionHandler.removeServiceActionGpEntry(serviceGpName,
654		externalServiceType, "add");
655
656		// add cas/grantAll to the serviceAction gp
657	0	ServiceTypeActionHandler.addServiceActionGpEntry(serviceGpName,
658		"cas",
659		"grantAll");
660		// test all policy for service/action
661	0	allApplicablePolicy =
662		PolicyQueryHandler.getAllApplicablePolicy(
663		CasConstants.SERVICEACTION_SPEC,
664		grantAllId);
665	0	assertTrue(allApplicablePolicy != null);
666	0	logger.debug("applicable policy length " + allApplicablePolicy.length);
667	0	assertTrue(allApplicablePolicy.length == 9 );
668
669	0	ServiceTypeActionHandler.removeServiceActionGpEntry(serviceGpName,
670		"cas",
671		"grantAll");
672
673		// test all policy for serviceActionGp
674	0	allApplicablePolicy =
675		PolicyQueryHandler.getAllApplicablePolicy(
676		CasConstants.SERVICEACTIONGP_SPEC,
677		serviceGpName);
678	0	assertTrue(allApplicablePolicy != null);
679	0	assertTrue(allApplicablePolicy.length == 7);
680
681	0	expBool = false;
682	0	try {
683	0	allApplicablePolicy =
684		PolicyQueryHandler.getAllApplicablePolicy(
685		CasConstants.SERVICEACTIONGP_SPEC,
686		"DummyServiceGp");
687		}
688		catch (CasDBException dbExp) {
689	0	expBool = true;
690		}
691	0	assertTrue(expBool);
692
693
694		// test allpolicy for user group
695	0	UserGroupDataHandler.addGroupMember(rootGroup, userNick);
696	0	allApplicablePolicy =
697		PolicyQueryHandler.getAllApplicablePolicy(
698		CasConstants.USER_SPEC,
699		userNick);
700	0	assertTrue(allApplicablePolicy.length == 12);
701	0	UserGroupDataHandler.removeGroupMember(rootGroup, userNick);
702
703		// Test if request for some other permission goes thro'
704	0	PolicyData p4 = new PolicyData();
705	0	p4.setUserGroupName("randomUser");
706	0	p4.setObjectSpec("userB");
707	0	p4.setObjectSpecDesc("user");
708	0	p4.setActionSpec("1");
709	0	p4.setActionSpecDesc("serviceAction");
710	0	assertTrue(PermissionsEvaluator.userHasPermissions(userNick,p4));
711	0	logger.debug("P4 through - superuser case");
712	0	logger.debug("testing userHasPermissions ignoring superser");
713	0	assertTrue(!PermissionsEvaluator.userHasPermissions(userNick,p4, true));
714
715		// userNick is super user, but still external create operation check
716		// should fail
717	0	PolicyData extPerm = new PolicyData();
718	0	extPerm.setUserGroupName("randomUser");
719	0	extPerm.setObjectSpec(externalObjId);
720	0	extPerm.setObjectSpecDesc("object");
721	0	extPerm.setActionSpec(createActionId);
722	0	extPerm.setActionSpecDesc("serviceAction");
723	0	assertTrue(!PermissionsEvaluator.userHasPermissions(userNick,extPerm,
724		true));
725
726		// some permission to group userNick is not a member of
727	0	policyData.setUserGroupName(rootGroup);
728	0	policyData.setObjectSpec(externalObjId);
729	0	policyData.setObjectSpecDesc("object");
730	0	policyData.setActionSpec(createActionId);
731	0	policyData.setActionSpecDesc("serviceAction");
732	0	String rootPolicy = PolicyDataHandler.storeObject(policyData);
733
734	0	String[] currentPolicyList = PolicyDataHandler.list();
735	0	logger.debug("Current " + currentPolicyList.length);
736	0	assertTrue(currentPolicyList.length > 0);
737		// all policies, not super user
738	0	applicablePolicy =
739		ExternalPolicyEvaluator.getPolicies(userNick);
740	0	assertTrue(applicablePolicy != null);
741	0	policyNum = 0;
742	0	for (int i=0; i<applicablePolicy.size(); i++) {
743	0	Vector objPolicy = (Vector)applicablePolicy.get(i);
744	0	displayPolicyVector(objPolicy);
745	0	assertTrue(ensureOnlyExternalPolicy(objPolicy));
746	0	policyNum = policyNum + objPolicy.size();
747		}
748	0	logger.debug("external only " + policyNum);
749	0	assertTrue(policyNum > 0);
750	0	assertTrue(policyNum < currentPolicyList.length);
751
752	0	allApplicablePolicy =
753		PolicyQueryHandler.getAllApplicablePolicy(
754		CasConstants.USER_SPEC,
755		userNick);
756	0	logger.debug("all policies " + allApplicablePolicy.length);
757	0	displayPolicyArray(allApplicablePolicy);
758	0	assertTrue(allApplicablePolicy.length > 0);
759
760		// checks for given action id and user, all policies.
761		// add another external service
762	0	String externalServiceType2 = "SampleCounter2";
763	0	ServiceTypeData serviceTypeData1 = new ServiceTypeData();
764	0	serviceTypeData1.setName(externalServiceType2);
765	0	ServiceTypeDataHandler.storeObject(serviceTypeData1);
766
767		// add mapping
768	0	ServiceTypeActionHandler.addServiceActionMapping(
769		externalServiceType2, "add");
770
771		// add service action group members.
772	0	ServiceTypeActionHandler.addServiceActionGpEntry(serviceGpName,
773		externalServiceType2,
774		"add");
775
776	0	ServiceTypeActionHandler.addServiceActionGpEntry(serviceGpName,
777		externalServiceType,
778		"create");
779
780		// Policy using service group on external object
781	0	policyData.setUserGroupName(groupName1);
782	0	policyData.setObjectSpec(objectId);
783	0	policyData.setObjectSpecDesc("object");
784	0	policyData.setActionSpec(serviceGpName);
785	0	policyData.setActionSpecDesc("serviceActionGroup");
786	0	String serviceGpPolicy = PolicyDataHandler.storeObject(policyData);
787
788		// Policy on external object
789	0	policyData.setObjectSpec(externalObjId);
790	0	policyData.setObjectSpecDesc("object");
791	0	policyData.setActionSpec(createActionId);
792	0	policyData.setActionSpecDesc("serviceAction");
793	0	String externalActionId = PolicyDataHandler.storeObject(policyData);
794
795	0	Vector actionIds = new Vector();
796	0	actionIds.add(createActionId);
797	0	applicablePolicy =
798		ExternalPolicyEvaluator.getPoliciesForActions(userNick, actionIds);
799
800	0	assertTrue(applicablePolicy != null);
801	0	assertTrue(applicablePolicy.size() == 2);
802	0	for (int i=0; i<applicablePolicy.size(); i++) {
803	0	Vector temp = (Vector)applicablePolicy.get(i);
804	0	assertTrue(ensureOnlyExternalPolicy(temp));
805		}
806
807		// call for getPoliciesForResource
808	0	String testResource = "nickname|objectName";
809	0	applicablePolicy =
810		ExternalPolicyEvaluator.getPoliciesForResource(userNick,
811		testResource);
812	0	assertTrue(applicablePolicy != null);
813	0	assertTrue(applicablePolicy.size() == 1);
814	0	Vector temp = (Vector)applicablePolicy.get(0);
815	0	assertTrue(temp.size() == 3);
816	0	assertTrue(ensureOnlyExternalPolicy(temp));
817
818		// policy for objectGroupGrantAll
819	0	policyData.setObjectSpec(objGpGrantAll);
820	0	policyData.setObjectSpecDesc("objectGroup");
821	0	policyData.setActionSpec(createActionId);
822	0	policyData.setActionSpecDesc("serviceAction");
823	0	String gpGrantAllId = PolicyDataHandler.storeObject(policyData);
824
825		// call for getPoliciesForResource
826	0	testResource = "SampleServiceNS|CounterService/sample1";
827	0	applicablePolicy =
828		ExternalPolicyEvaluator.getPoliciesForResource(userNick,
829		testResource);
830	0	assertTrue(applicablePolicy != null);
831	0	assertTrue(applicablePolicy.size() == 1);
832	0	temp = (Vector)applicablePolicy.get(0);
833	0	assertTrue(ensureOnlyExternalPolicy(temp));
834	0	assertTrue(temp.size() == 2);
835
836		// call to getPolicy with user. resource and action specified.
837	0	applicablePolicy =
838		ExternalPolicyEvaluator.getPolicies(userNick, testResource,
839		actionIds);
840	0	assertTrue(applicablePolicy != null);
841	0	assertTrue(applicablePolicy.size() == 1);
842	0	temp = (Vector)applicablePolicy.get(0);
843	0	assertTrue(ensureOnlyExternalPolicy(temp));
844	0	assertTrue(temp.size() == 1);
845
846		// Remove policy added for getPolicyFor* method
847	0	PolicyDataHandler.deleteObject(gpGrantAllId);
848	0	PolicyDataHandler.deleteObject(externalActionId);
849	0	PolicyDataHandler.deleteObject(serviceGpPolicy);
850	0	ServiceTypeActionHandler.removeServiceActionGpEntry(serviceGpName,
851		externalServiceType,
852		"create");
853	0	ServiceTypeActionHandler.removeServiceActionGpEntry(serviceGpName,
854		externalServiceType2,
855		"add");
856	0	ServiceTypeActionHandler.removeServiceActionMapping(
857		externalServiceType2,
858		"add");
859
860	0	ServiceTypeDataHandler.deleteObject(externalServiceType2);
861
862		// Remove grantAll
863	0	PolicyDataHandler.deleteObject(grantAllPolicy);
864	0	ServiceTypeActionHandler.removeServiceActionMapping(grantAllId);
865	0	ServiceTypeActionHandler.removeServiceActionMapping(addEntryId);
866	0	ObjectGroupDataHandler.removeGroupMember(objGpGrantAll, casServerId,
867		"object");
868	0	ObjectGroupDataHandler.removeGroupMember(objGpGrantAll, externalObjId,
869		"object");
870	0	ObjectGroupDataHandler.deleteObject(objGpGrantAll);
871
872		// Remove superuser permissions
873	0	PolicyDataHandler.deleteObject(superUserPolicy);
874
875		// Store community as a user group
876	0	UserGroupData uGpData = new UserGroupData();
877	0	uGpData.setGroupName("community");
878	0	UserGroupDataHandler.storeObject(uGpData);
879
880		// store commObject as object
881	0	ObjectData objData = new ObjectData();
882	0	objData.setObjectName("commObject");
883	0	objData.setObjectNamespace("nickname");
884	0	objectId = ObjectDataHandler.storeObject(objData);
885
886		// store commService/commAction
887	0	serTypeData = new ServiceTypeData();
888	0	serTypeData.setName("commService");
889
890	0	ServiceTypeDataHandler.storeObject(serTypeData);
891
892	0	String commActionId = ServiceTypeActionHandler.addServiceActionMapping(
893		"commService",
894		"commAction");
895
896		// Set community permissions
897	0	policyData = new PolicyData();
898	0	policyData.setUserGroupName("community");
899	0	policyData.setObjectSpec(objectId);
900	0	policyData.setObjectSpecDesc("object");
901	0	policyData.setActionSpec(commActionId);
902	0	policyData.setActionSpecDesc("serviceAction");
903	0	String commPolicy = PolicyDataHandler.storeObject(policyData);
904
905	0	PolicyData p5 = new PolicyData();
906	0	p5.setObjectSpec(objectId);
907	0	p5.setObjectSpecDesc("object");
908	0	p5.setActionSpec(commActionId);
909	0	p5.setActionSpecDesc("serviceAction");
910	0	assertTrue(PermissionsEvaluator.userHasPermissions(userNick,p5));
911	0	logger.debug("P5 through - community positve case");
912		// Remove community permissions
913	0	PolicyDataHandler.deleteObject(commPolicy);
914
915		// Test same permission again
916	0	assertTrue(!PermissionsEvaluator.hasPermissions(p5, false));
917
918		// Test remove all policy data for a given object
919	0	policyData.setObjectSpec(casServerId);
920	0	policyData.setObjectSpecDesc("object");
921	0	commPolicy = PolicyDataHandler.storeObject(policyData);
922
923	0	policyData = new PolicyData();
924	0	policyData.setUserGroupName(groupName1);
925	0	policyData.setObjectSpec(casServerId);
926	0	policyData.setObjectSpecDesc("object");
927	0	policyData.setActionSpec(serviceActionId);
928	0	policyData.setActionSpecDesc("serviceAction");
929	0	superUserPolicy = PolicyDataHandler.storeObject(policyData);
930
931	0	PolicyDataHandler.deletePolicyForObject(casServerId,"object");
932	0	assertTrue(PolicyDataHandler.retrieveObject(superUserPolicy) == null);
933	0	assertTrue(PolicyDataHandler.retrieveObject(commPolicy) == null);
934
935		// clean up policy
936	0	PolicyDataHandler.deleteObject(policyId1);
937		// check for objectGroupName policies being null
938	0	allApplicablePolicy =
939		PolicyQueryHandler.getAllApplicablePolicy(
940		CasConstants.OBJECTGP_SPEC,
941		objectGroupName);
942	0	assertTrue(allApplicablePolicy == null);
943
944	0	PolicyDataHandler.deleteObject(policyIdAnchor);
945	0	PolicyDataHandler.deleteObject(policyIdUser);
946	0	PolicyDataHandler.deleteObject(policyIdUserGp);
947	0	PolicyDataHandler.deleteObject(policyIdService);
948	0	PolicyDataHandler.deleteObject(policyIdNs);
949	0	PolicyDataHandler.deleteObject(policyIdServiceGp);
950	0	PolicyDataHandler.deleteObject(policyId);
951		// serviceTypeName shld not have policies
952	0	allApplicablePolicy =
953		PolicyQueryHandler.getAllApplicablePolicy(
954		CasConstants.SERVICETYPE_SPEC,
955		serviceTypeName);
956	0	assertTrue(allApplicablePolicy == null);
957
958	0	PolicyDataHandler.deleteObject(externalPolicy);
959
960		// At this point no applicable policy for user
961	0	allApplicablePolicy =
962		PolicyQueryHandler.getAllApplicablePolicy(
963		CasConstants.USER_SPEC,
964		userNick);
965	0	assertTrue(allApplicablePolicy == null);
966	0	PolicyDataHandler.deleteObject(rootPolicy);
967		// At this point no applicable policy for userGroup
968	0	allApplicablePolicy =
969		PolicyQueryHandler.getAllApplicablePolicy(
970		CasConstants.USERGP_SPEC,
971		rootGroup);
972	0	assertTrue(allApplicablePolicy == null);
973
974		// clean up
975	0	ServiceTypeActionHandler.removeServiceActionMapping(
976		"commService", "commAction");
977	0	ServiceTypeDataHandler.deleteObject("commService");
978	0	ObjectDataHandler.deleteObject("commObject", "nickname");
979	0	UserGroupDataHandler.deleteObject("community");
980	0	ObjectDataHandler.deleteObject("casServer", "casNamespace");
981	0	NamespaceDataHandler.deleteObject("casNamespace");
982	0	ServiceTypeActionHandler.removeServiceActionMapping("cas", "superuser");
983	0	ServiceTypeActionHandler.removeServiceActionMapping(externalServiceType,
984		"add");
985	0	ServiceTypeActionHandler.removeServiceActionMapping(externalServiceType,
986		"create");
987	0	ServiceTypeDataHandler.deleteObject(externalServiceType);
988	0	ServiceTypeDataHandler.deleteObject("cas");
989	0	ServiceTypeActionHandler.deleteServiceActionGroup(serviceGpName);
990	0	ServiceTypeActionHandler.removeServiceActionMapping(
991		serviceTypeName, actionName1);
992	0	ServiceTypeDataHandler.deleteObject(serviceTypeName);
993	0	ObjectGroupDataHandler.deleteObject(objectGroupName);
994	0	ObjectDataHandler.deleteObject(objectName, objectNamespace);
995	0	ObjectDataHandler.deleteObject(externalObjName, externalObjNS);
996	0	NamespaceDataHandler.deleteObject(externalObjNS);
997	0	NamespaceDataHandler.deleteObject(nsNickname);
998	0	UserGroupDataHandler.removeGroupMember(groupName1, "userNick");
999	0	UserGroupDataHandler.removeGroupMember(groupName, "userNick");
1000	0	UserGroupDataHandler.deleteObject(groupName);
1001
1002	0	String emptyPolicy[] = PolicyDataHandler.list();
1003	0	assertTrue(emptyPolicy == null);
1004		}
1005
1006	0	public void objectPermissionsTest() throws Exception {
1007
1008	0	String namespace2 = "wildCard";
1009		// Store name space data
1010	0	NamespaceData nsData = new NamespaceData();
1011	0	nsData.setNickname(namespace2);
1012	0	nsData.setBasename("basename");
1013	0	nsData.setComparisonAlg("WildCardComparison");
1014	0	NamespaceDataHandler.storeObject(nsData);
1015
1016	0	ObjectData wildCardPolicy1 = new ObjectData();
1017	0	wildCardPolicy1.setObjectName("foo/bar");
1018	0	wildCardPolicy1.setObjectNamespace(namespace2);
1019	0	String w1 = ObjectDataHandler.storeObject(wildCardPolicy1);
1020
1021	0	ObjectData wildCardPolicy2 = new ObjectData();
1022	0	wildCardPolicy2.setObjectName("foo/bar/d1");
1023	0	wildCardPolicy2.setObjectNamespace(namespace2);
1024	0	String w2 = ObjectDataHandler.storeObject(wildCardPolicy2);
1025
1026	0	ObjectData wildCardPolicy3 = new ObjectData();
1027	0	wildCardPolicy3.setObjectName("foo/bar/d2");
1028	0	wildCardPolicy3.setObjectNamespace(namespace2);
1029	0	String w3 = ObjectDataHandler.storeObject(wildCardPolicy3);
1030
1031	0	ObjectData wildCardPolicy5 = new ObjectData();
1032	0	wildCardPolicy5.setObjectNamespace(namespace2);
1033	0	wildCardPolicy5.setObjectName("foo/bar/d2/*");
1034	0	String w4 = ObjectDataHandler.storeObject(wildCardPolicy5);
1035
1036	0	ObjectData wildCardPolicy4 = new ObjectData();
1037	0	wildCardPolicy4.setObjectNamespace(namespace2);
1038	0	wildCardPolicy4.setObjectName("bar");
1039	0	String bar = ObjectDataHandler.storeObject(wildCardPolicy4);
1040
1041		// CAS Namespace
1042	0	NamespaceData nsData1 = new NamespaceData();
1043	0	nsData1.setNickname(CasConstants.NAMESPACE_SELF);
1044	0	nsData1.setBasename("baseName");
1045	0	nsData1.setComparisonAlg(CasConstants.EXACT_ALG_CLASSNAME);
1046	0	NamespaceDataHandler.storeObject(nsData1);
1047
1048		// casServer as object
1049	0	ObjectData objData = new ObjectData();
1050	0	objData.setObjectName(CasConstants.OBJECT_SELF);
1051	0	objData.setObjectNamespace(CasConstants.NAMESPACE_SELF);
1052	0	String casServerId = ObjectDataHandler.storeObject(objData);
1053
1054		// cas as service type
1055	0	ServiceTypeData serviceType = new ServiceTypeData();
1056	0	serviceType.setName(CasConstants.SERVICETYPE_CAS);
1057	0	ServiceTypeDataHandler.storeObject(serviceType);
1058
1059		//cas/enroll_object
1060	0	String enrollId = ServiceTypeActionHandler.addServiceActionMapping(
1061		CasConstants.SERVICETYPE_CAS,
1062		CasConstants.ACTION_ENROLL_OBJECT);
1063
1064	0	String grantAll = ServiceTypeActionHandler.addServiceActionMapping(
1065		CasConstants.SERVICETYPE_CAS,
1066		CasConstants.ACTION_GRANTALL);
1067
1068		// Interested only in enroll object iniitializaton
1069	0	CasConstants.initializePolicies();
1070
1071		// add user to user group
1072		// Add userNick to group
1073	0	UserGroupDataHandler.addGroupMember(rootGroup, userNick);
1074		// shld not have permissions sicne cas/enrollObject is not there
1075	0	assertFalse(PermissionsHandler.canCreateObject(userNick, namespace2,
1076		"fooabc"));
1077	0	PolicyData policyData = new PolicyData();
1078	0	policyData.setUserGroupName(rootGroup);
1079	0	policyData.setActionSpec(enrollId);
1080	0	policyData.setActionSpecDesc("serviceAction");
1081	0	policyData.setObjectSpec(casServerId);
1082	0	policyData.setObjectSpecDesc("object");
1083	0	PolicyDataHandler.storeObject(policyData);
1084
1085		// Disjoint
1086	0	assertTrue(PermissionsHandler.canCreateObject(userNick, namespace2,
1087		"fooabc"));
1088
1089		// Exact match
1090	0	boolean expBool = false;
1091	0	try {
1092	0	PermissionsHandler.canCreateObject(userNick, namespace2,
1093		"foo/bar");
1094		} catch (CasDBException exp) {
1095	0	if ((exp.getMessage().indexOf("Object already exists") == -1))
1096	0	fail("Object existance not detected");
1097	0	expBool = true;
1098		}
1099	0	assertTrue(expBool);
1100
1101		// Subset exist, super set doesnot - but permissiosn shld fail
1102	0	expBool = false;
1103	0	try {
1104	0	PermissionsHandler.canCreateObject(userNick, namespace2,
1105		"foo/bar/*");
1106		} catch (CasDBException exp) {
1107	0	logger.error(exp.getMessage());
1108	0	if ((exp.getMessage().indexOf("Object already exists as subset "
1109		+ "and relevant permissions don't"
1110		+ " exist") == -1))
1111	0	fail("Object existance not detected");
1112	0	expBool = true;
1113		}
1114	0	assertTrue(expBool);
1115
1116		// gve permissions on one of the subset - shld fail.
1117		// set on foo/bar/d1
1118	0	policyData.setActionSpec(grantAll);
1119	0	policyData.setObjectSpec(w2);
1120	0	PolicyDataHandler.storeObject(policyData);
1121
1122	0	expBool = false;
1123	0	try {
1124	0	PermissionsHandler.canCreateObject(userNick, namespace2,
1125		"foo/bar/*");
1126		} catch (CasDBException exp) {
1127	0	logger.debug(exp.getMessage());
1128	0	if ((exp.getMessage().indexOf("Object already exists as subset "
1129		+ "and relevant permissions don't"
1130		+ " exist") == -1))
1131	0	fail("Object existance not detected");
1132	0	expBool = true;
1133		}
1134	0	assertTrue(expBool);
1135
1136		// set on foo/bar/d2
1137	0	policyData.setObjectSpec(w3);
1138	0	PolicyDataHandler.storeObject(policyData);
1139
1140		// set on foo/bar/d2/*
1141	0	policyData.setObjectSpec(w4);
1142	0	PolicyDataHandler.storeObject(policyData);
1143
1144	0	assertTrue(PermissionsHandler.canCreateObject(userNick, namespace2,
1145		"foo/bar/*"));
1146	0	ObjectData toStore = new ObjectData();
1147	0	toStore.setObjectName("foo/bar/*");
1148	0	toStore.setObjectNamespace(namespace2);
1149	0	String w5 = ObjectDataHandler.storeObject(toStore);
1150
1151	0	expBool = false;
1152	0	try {
1153	0	PermissionsHandler.canCreateObject(userNick, namespace2,
1154		"foo/bar/d3");
1155		} catch (CasDBException exp) {
1156	0	logger.error(exp.getMessage());
1157	0	if ((exp.getMessage().indexOf("Object already exists as super set"
1158		+ " and relevant permissions don't"
1159		+ " exist") == -1))
1160	0	fail("Object existance not detected");
1161	0	expBool = true;
1162		}
1163	0	assertTrue(expBool);
1164
1165		// Enroll object on super set
1166	0	policyData.setActionSpec(enrollId);
1167	0	policyData.setObjectSpec(w5);
1168	0	PolicyDataHandler.storeObject(policyData);
1169	0	assertTrue(PermissionsHandler.canCreateObject(userNick, namespace2,
1170		"foo/bar/d3"));
1171
1172	0	PolicyDataHandler.deletePolicyForObject(w5, namespace2);
1173
1174		// Attempt adding foo/bar/d1/* - has no super and sub set
1175	0	assertTrue(PermissionsHandler.canCreateObject(userNick, namespace2,
1176		"foo/bar/d1/*"));
1177
1178		// add foo/* as super set
1179	0	ObjectData wildCardPolicy6 = new ObjectData();
1180	0	wildCardPolicy6.setObjectNamespace(namespace2);
1181	0	wildCardPolicy6.setObjectName("foo/*");
1182	0	String fooStar = ObjectDataHandler.storeObject(wildCardPolicy6);
1183
1184		// add foo/bar/d1/a1 and foo/bar/d1/a2 as subset
1185	0	ObjectData wildCardPolicy7 = new ObjectData();
1186	0	wildCardPolicy7.setObjectNamespace(namespace2);
1187	0	wildCardPolicy7.setObjectName("foo/bar/d1/a1");
1188	0	String temp1 = ObjectDataHandler.storeObject(wildCardPolicy7);
1189
1190	0	ObjectData wildCardPolicy8 = new ObjectData();
1191	0	wildCardPolicy8.setObjectNamespace(namespace2);
1192	0	wildCardPolicy8.setObjectName("foo/bar/d1/a2");
1193	0	String temp2 = ObjectDataHandler.storeObject(wildCardPolicy8);
1194
1195		// Has super set and subset with no permissions - shld fail
1196	0	expBool = false;
1197	0	try {
1198	0	assertTrue(PermissionsHandler.canCreateObject(userNick, namespace2,
1199		"foo/bar/d1/*"));
1200		} catch (CasDBException exp) {
1201	0	if ((exp.getMessage().indexOf("Object already exists as subset and "
1202		+ "relevant permissions don't"
1203		+ " exist") == -1))
1204	0	fail("Object existance not detected");
1205	0	expBool = true;
1206		}
1207	0	assertTrue(expBool);
1208
1209		// cas/grantAll on subset
1210	0	policyData.setActionSpec(grantAll);
1211	0	policyData.setObjectSpec(temp1);
1212	0	PolicyDataHandler.storeObject(policyData);
1213
1214	0	expBool = false;
1215	0	try {
1216	0	assertTrue(PermissionsHandler.canCreateObject(userNick, namespace2,
1217		"foo/bar/d1/*"));
1218		} catch (CasDBException exp) {
1219	0	if ((exp.getMessage().indexOf("Object already exists as subset and "
1220		+ "relevant permissions don't"
1221		+ " exist") == -1))
1222	0	fail("Object existance not detected");
1223	0	expBool = true;
1224		}
1225	0	assertTrue(expBool);
1226
1227		// Add object
1228	0	objData.setObjectName("obj1");
1229	0	objData.setObjectNamespace(CasConstants.NAMESPACE_SELF);
1230	0	String exactId = ObjectDataHandler.storeObject(objData);
1231
1232	0	expBool = false;
1233	0	try {
1234	0	PermissionsHandler.canCreateObject(userNick,
1235		CasConstants.NAMESPACE_SELF, "obj1");
1236		} catch (CasDBException exp) {
1237	0	if ((exp.getMessage().indexOf("Object already exists") == -1))
1238	0	fail("Object existance not detected");
1239	0	expBool = true;
1240		}
1241	0	assertTrue(expBool);
1242
1243	0	PolicyDataHandler.deletePolicyForObject(exactId, "object");
1244	0	PolicyDataHandler.deletePolicyForObject(temp1, "object");
1245	0	PolicyDataHandler.deletePolicyForObject(temp2, "object");
1246	0	PolicyDataHandler.deletePolicyForObject(fooStar, "object");
1247	0	PolicyDataHandler.deletePolicyForObject(w5, "object");
1248	0	PolicyDataHandler.deletePolicyForObject(w4, "object");
1249	0	PolicyDataHandler.deletePolicyForObject(w3, "object");
1250	0	PolicyDataHandler.deletePolicyForObject(w2, "object");
1251	0	PolicyDataHandler.deletePolicyForObject(w1, "object");
1252	0	PolicyDataHandler.deletePolicyForObject(casServerId, "object");
1253	0	ObjectDataHandler.deleteObjectForId(exactId);
1254	0	ObjectDataHandler.deleteObjectForId(temp1);
1255	0	ObjectDataHandler.deleteObjectForId(temp2);
1256	0	ObjectDataHandler.deleteObjectForId(fooStar);
1257	0	ObjectDataHandler.deleteObjectForId(w5);
1258	0	ObjectDataHandler.deleteObjectForId(w4);
1259	0	ObjectDataHandler.deleteObjectForId(w3);
1260	0	ObjectDataHandler.deleteObjectForId(w2);
1261	0	ObjectDataHandler.deleteObjectForId(w1);
1262	0	ObjectDataHandler.deleteObjectForId(bar);
1263	0	ObjectDataHandler.deleteObjectForId(casServerId);
1264	0	UserGroupDataHandler.removeGroupMember(rootGroup, userNick);
1265	0	ServiceTypeActionHandler.removeServiceActionMapping(
1266		CasConstants.SERVICETYPE_CAS,
1267		CasConstants.ACTION_ENROLL_OBJECT);
1268
1269	0	ServiceTypeActionHandler.removeServiceActionMapping(
1270		CasConstants.SERVICETYPE_CAS,
1271		CasConstants.ACTION_GRANTALL);
1272	0	NamespaceDataHandler.deleteObject(CasConstants.NAMESPACE_SELF);
1273	0	NamespaceDataHandler.deleteObject(namespace2);
1274
1275		}
1276
1277	0	private void setupExternalObjects(String groupName1) throws Exception {
1278
1279	0	externalObjNS = "SampleServiceNS";
1280	0	NamespaceData nsData = new NamespaceData();
1281	0	nsData.setNickname(externalObjNS);
1282	0	nsData.setBasename("ogsa/services/samples");
1283	0	nsData.setComparisonAlg(CasConstants.WILD_ALG_CLASSNAME);
1284	0	NamespaceDataHandler.storeObject(nsData);
1285
1286	0	ObjectData objectData = new ObjectData();
1287	0	externalObjName = "CounterService/*";
1288	0	objectData.setObjectName(externalObjName);
1289	0	objectData.setObjectNamespace(externalObjNS);
1290	0	externalObjId = ObjectDataHandler.storeObject(objectData);
1291
1292	0	externalServiceType = "SampleCounter";
1293	0	ServiceTypeData serviceTypeData = new ServiceTypeData();
1294	0	serviceTypeData.setName(externalServiceType);
1295	0	ServiceTypeDataHandler.storeObject(serviceTypeData);
1296
1297	0	String addAction = "add";
1298	0	String createAction = "create";
1299	0	addActionId = ServiceTypeActionHandler.addServiceActionMapping(
1300		externalServiceType, addAction);
1301	0	createActionId = ServiceTypeActionHandler.addServiceActionMapping(
1302		externalServiceType, createAction);
1303
1304		// Set createAction on serviceType for userNick
1305	0	PolicyData policyData = new PolicyData();
1306	0	policyData.setUserGroupName(groupName1);
1307	0	policyData.setActionSpec(addActionId);
1308	0	policyData.setActionSpecDesc("serviceAction");
1309	0	policyData.setObjectSpec(externalObjId);
1310	0	policyData.setObjectSpecDesc("object");
1311	0	externalPolicy = PolicyDataHandler.storeObject(policyData);
1312		}
1313
1314	0	private void displayPolicyArray(PolicyData[] policies) {
1315	0	logger.debug("displaying policy");
1316	0	for (int i=0; i<policies.length; i++) {
1317	0	logger.debug(CasStringUtils.policyToString(policies[i]));
1318		}
1319		}
1320
1321	0	private void displayPolicyVector(Vector policies) {
1322	0	logger.debug("displaying policy");
1323	0	for (int i=0; i<policies.size(); i++) {
1324	0	logger.debug("Policy is " + CasStringUtils.policyToString(
1325		(PolicyData)policies.get(i)));
1326		}
1327		}
1328
1329	0	private boolean ensureOnlyExternalPolicy(Vector policies)
1330		throws Exception {
1331	0	int selfObjId =
1332		ObjectDataHandler.getObjectId(
1333		CasConstants.OBJECT_SELF,
1334		CasConstants.NAMESPACE_SELF);
1335	0	String objName = null;
1336	0	for (int i=0; i<policies.size(); i++) {
1337	0	PolicyData policyData = (PolicyData)policies.get(i);
1338	0	if (objName == null)
1339	0	objName = policyData.getObjectSpec();
1340	0	if (policyData.getObjectSpec().equals(Integer.toString(selfObjId)))
1341	0	return false;
1342		// Ensure an array has the same object name, since this method
1343		// is called by methods that receove a Vector of Vector, with
1344		// each inherant vector representing policies per resource.
1345	0	if (!policyData.getObjectSpec().equals(objName))
1346	0	return false;
1347		}
1348	0	return true;
1349		}
1350
1351		}

Report generated by Clover v1.3.1_01 Mon Jul 4 2005 18:16:31 CDT.     Open Source License registered to the Globus Toolkit Project. This license of Clover is provided to support the development of Globus Toolkit only.