001/* 002 * Licensed to DuraSpace under one or more contributor license agreements. 003 * See the NOTICE file distributed with this work for additional information 004 * regarding copyright ownership. 005 * 006 * DuraSpace licenses this file to you under the Apache License, 007 * Version 2.0 (the "License"); you may not use this file except in 008 * compliance with the License. You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 */ 018package org.fcrepo.auth.integration; 019 020import org.apache.http.auth.BasicUserPrincipal; 021 022import org.fcrepo.auth.common.FedoraAuthorizationDelegate; 023import org.fcrepo.auth.common.ServletContainerAuthenticationProvider; 024import org.fcrepo.kernel.api.FedoraRepository; 025import org.fcrepo.kernel.api.FedoraSession; 026import org.fcrepo.kernel.api.services.ContainerService; 027import org.fcrepo.kernel.modeshape.services.ContainerServiceImpl; 028 029import org.junit.Assert; 030import org.junit.Test; 031import org.junit.runner.RunWith; 032import org.mockito.Mockito; 033import org.modeshape.jcr.api.ServletCredentials; 034import org.modeshape.jcr.value.Path; 035import org.slf4j.Logger; 036import org.springframework.test.context.ContextConfiguration; 037import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; 038 039import javax.inject.Inject; 040import javax.jcr.RepositoryException; 041import javax.jcr.Session; 042import javax.jcr.security.Privilege; 043import javax.servlet.http.HttpServletRequest; 044 045import static org.fcrepo.kernel.modeshape.FedoraSessionImpl.getJcrSession; 046import static org.mockito.Matchers.any; 047import static org.mockito.Mockito.atLeastOnce; 048import static org.mockito.Mockito.mock; 049import static org.mockito.Mockito.verify; 050import static org.mockito.Mockito.when; 051import static org.slf4j.LoggerFactory.getLogger; 052 053/** 054 * @author osmandin 055 */ 056@RunWith(SpringJUnit4ClassRunner.class) 057@ContextConfiguration(locations = {"/spring-test/mocked-fad-repo-2.xml"}) 058public class ContainerRolesPrincipalProviderIT { 059 060 private static Logger logger = 061 getLogger(ContainerRolesPrincipalProviderIT.class); 062 063 @Inject 064 private FedoraRepository repo; 065 066 @Inject 067 private FedoraAuthorizationDelegate fad; 068 069 private final HttpServletRequest request = mock(HttpServletRequest.class); 070 071 @Test 072 public void testFactory() { 073 Assert.assertNotNull( 074 "AuthenticationProvider must return a AuthenticationProvider", 075 ServletContainerAuthenticationProvider.getInstance()); 076 } 077 078 @Test 079 public void testEmptyPrincipalProvider() throws RepositoryException { 080 when(request.getRemoteUser()).thenReturn("fred"); 081 when(request.getUserPrincipal()).thenReturn( 082 new BasicUserPrincipal("fred")); 083 when( 084 request.isUserInRole(Mockito 085 .eq(ServletContainerAuthenticationProvider.FEDORA_USER_ROLE))) 086 .thenReturn(true); 087 Mockito.reset(fad); 088 when(fad.hasPermission(any(Session.class), any(Path.class), any(String[].class))).thenReturn(true); 089 090 final ServletCredentials credentials = 091 new ServletCredentials(request); 092 final FedoraSession session = repo.login(credentials); 093 final Session jcrSession = getJcrSession(session); 094 final Privilege[] rootPrivs = 095 jcrSession.getAccessControlManager().getPrivileges("/"); 096 for (final Privilege p : rootPrivs) { 097 logger.debug("got priv: " + p.getName()); 098 } 099 final ContainerService os = new ContainerServiceImpl(); 100 os.findOrCreate(session, "/myobject"); 101 verify(fad, atLeastOnce()).hasPermission(any(Session.class), any(Path.class), any(String[].class)); 102 } 103 104 105}