diff options
| author | wbauer <wbauer@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2008-09-03 15:19:48 +0000 |
|---|---|---|
| committer | wbauer <wbauer@8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4> | 2008-09-03 15:19:48 +0000 |
| commit | 2f029b9cb3ebc11abe28e0b2801bacc40cb584b1 (patch) | |
| tree | 94021ae5c11291e8ae4ba902bea898960e30d4e2 /bkucommon/src/test | |
| parent | 3099f0f157d6a1f6c9df2183833b3279b44211f0 (diff) | |
| download | mocca-2f029b9cb3ebc11abe28e0b2801bacc40cb584b1.tar.gz mocca-2f029b9cb3ebc11abe28e0b2801bacc40cb584b1.tar.bz2 mocca-2f029b9cb3ebc11abe28e0b2801bacc40cb584b1.zip | |
Just a backup of updated accesscontroller files
git-svn-id: https://joinup.ec.europa.eu/svn/mocca/trunk@12 8a26b1a7-26f0-462f-b9ef-d0e30c41f5a4
Diffstat (limited to 'bkucommon/src/test')
3 files changed, 182 insertions, 0 deletions
diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/ConfigTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/ConfigTest.java new file mode 100644 index 00000000..b53db264 --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/ConfigTest.java @@ -0,0 +1,17 @@ +package at.gv.egiz.bku.accesscontroller;
+
+import javax.xml.bind.JAXBException;
+
+import org.junit.Test;
+
+public class ConfigTest {
+
+ public final static String RESOURCE = "at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml";
+
+ @Test
+ public void testUnmarshall() throws JAXBException {
+ AccessControllerFactory.getInstance().init(
+ getClass().getClassLoader().getResourceAsStream(RESOURCE));
+ }
+
+}
diff --git a/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/RuleCheckerTest.java b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/RuleCheckerTest.java new file mode 100644 index 00000000..88f1490c --- /dev/null +++ b/bkucommon/src/test/java/at/gv/egiz/bku/accesscontroller/RuleCheckerTest.java @@ -0,0 +1,87 @@ +package at.gv.egiz.bku.accesscontroller;
+
+import org.junit.Before;
+import org.junit.Test;
+
+import at.gv.egiz.bku.accesscontroller.RuleChecker.PEER_TYPE;
+import at.gv.egiz.bku.slcommands.impl.InfoboxReadCommandImpl;
+import at.gv.egiz.bku.slcommands.impl.NullOperationCommandImpl;
+import static org.junit.Assert.*;
+
+public class RuleCheckerTest {
+
+ protected RuleChecker onlyAuthChecker;
+ protected RuleChecker onlyCmdChecker;
+ protected RuleChecker onlyPeerChecker;
+
+ @Before
+ public void setUp() {
+ onlyAuthChecker = new RuleChecker("OnlyAuthChecker");
+ onlyAuthChecker.setAction("allow");
+ onlyAuthChecker.setUserAction("none");
+ onlyAuthChecker.setAuthenticationClass("pseudoanonymous");
+ onlyCmdChecker = new RuleChecker("OnlyCmdChecker");
+ onlyCmdChecker.setAction("allow");
+ onlyCmdChecker.setCommandName("InfoboxReadRequest");
+ onlyPeerChecker = new RuleChecker("OnlyPeerChecker");
+ onlyPeerChecker.setAction("allow");
+ onlyPeerChecker.setPeerId("https://129.27.142..*", PEER_TYPE.URL);
+ }
+
+ @Test
+ public void testAuthClass() {
+ AccessCheckerContext ctx = new AccessCheckerContext(null,
+ AuthenticationClass.ANONYMOUS, null);
+ RuleResult rr = onlyAuthChecker.check(ctx);
+ assertFalse(rr.matchFound());
+ ctx = new AccessCheckerContext(null, AuthenticationClass.PSEUDO_ANONYMOUS,
+ null);
+ rr = onlyAuthChecker.check(ctx);
+ assertTrue(rr.matchFound());
+ ctx = new AccessCheckerContext(null, AuthenticationClass.CERTIFIED, null);
+ rr = onlyAuthChecker.check(ctx);
+ assertTrue(rr.matchFound());
+ }
+
+ @Test
+ public void testCmd() {
+ AccessCheckerContext ctx = new AccessCheckerContext(
+ new InfoboxReadCommandImpl(), null, null);
+ RuleResult rr = onlyCmdChecker.check(ctx);
+ assertTrue(rr.matchFound());
+ onlyCmdChecker.setCommandName("Info.*");
+ rr = onlyCmdChecker.check(ctx);
+ assertTrue(rr.matchFound());
+ ctx = new AccessCheckerContext(new NullOperationCommandImpl(), null, null);
+ rr = onlyCmdChecker.check(ctx);
+ assertFalse(rr.matchFound());
+ onlyCmdChecker.setCommandName(".*");
+ rr = onlyCmdChecker.check(ctx);
+ assertTrue(rr.matchFound());
+ }
+
+ @Test
+ public void testPeerId() {
+ AccessCheckerContext ctx = new AccessCheckerContext(null, null,
+ "https://129.27.142.20:80/index.html");
+ RuleResult rr = onlyPeerChecker.check(ctx);
+ assertTrue(rr.matchFound());
+
+ ctx = new AccessCheckerContext(null, null,
+ "https://129.27.14.20:80/index.html");
+ rr = onlyPeerChecker.check(ctx);
+ assertFalse(rr.matchFound());
+
+ onlyPeerChecker.setPeerId(".*.iaik..*", PEER_TYPE.HOST);
+ ctx = new AccessCheckerContext(null, null,
+ "https://129.27.142.20:80/index.html");
+ rr = onlyPeerChecker.check(ctx);
+ assertTrue(rr.matchFound());
+
+ onlyPeerChecker.setPeerId("129.27.142..*", PEER_TYPE.IP);
+ ctx = new AccessCheckerContext(null, null, "https://www.iaik.tugraz.at:80/");
+ rr = onlyPeerChecker.check(ctx);
+ assertTrue(rr.matchFound());
+ }
+
+}
diff --git a/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml new file mode 100644 index 00000000..2455d68d --- /dev/null +++ b/bkucommon/src/test/resources/at/gv/egiz/bku/accesscontroller/AccessControlConfig.xml @@ -0,0 +1,78 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<AccessControl>
+ <Chains>
+ <Chain Id="Identification">
+ <Rules>
+ <Rule Id="rule-1">
+ <AuthClass>certifiedGovAgency</AuthClass>
+ <AnyPeer />
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>confirm</UserInteraction>
+ </Rule>
+ <Rule Id="rule-2">
+ <AuthClass>pseudoanonymous</AuthClass>
+ <AnyPeer />
+ <Action>
+ <ChainRef>Command</ChainRef>
+ </Action>
+ <UserInteraction>none</UserInteraction>
+ </Rule>
+ <Rule Id="rule-3">
+ <AuthClass>anonymous</AuthClass>
+ <IPv4Address>127.0.0.1</IPv4Address>
+ <Action>
+ <ChainRef>Command</ChainRef>
+ </Action>
+ <UserInteraction>none</UserInteraction>
+ </Rule>
+ <Rule Id="rule-4">
+ <AuthClass>anonymous</AuthClass>
+ <DomainName>*.gv.at</DomainName>
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>confirm</UserInteraction>
+ </Rule>
+ </Rules>
+ </Chain>
+ <Chain Id="Command">
+ <Rules>
+ <Rule Id="cmd-rule-1">
+ <AuthClass>certified</AuthClass>
+ <AnyPeer />
+ <Command Name="Infobox*">
+ <Param Name="InfoboxIdentifier">IdentityLink</Param>
+ <Param Name="PersonIdentifier">*</Param>
+ </Command>
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>confirm</UserInteraction>
+ </Rule>
+ <Rule Id="cmd-rule-2">
+ <AuthClass>certified</AuthClass>
+ <URL>https://finanzonline.bmf.gv.at/*</URL>
+ <Command Name="InfoboxReadRequest">
+ <Param Name="InfoboxIdentifier">Mandates</Param>
+ <Param Name="PersonIdentifier">*</Param>
+ </Command>
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>info</UserInteraction>
+ </Rule>
+ <Rule Id="cmd-rule-3">
+ <AuthClass>certified</AuthClass>
+ <AnyPeer />
+ <Command Name="InfoboxReadRequest" />
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>none</UserInteraction>
+ </Rule>
+ </Rules>
+ </Chain>
+ </Chains>
+</AccessControl>
|