portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r702100 [1/2] - in /portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security: ./ src/main/java/org/apache/jetspeed/security/util/test/ src/test/java/org/apache/jetspeed/security/ src/test/java/org/apache/jetspeed...
Date Mon, 06 Oct 2008 11:16:07 GMT
Author: ate
Date: Mon Oct  6 04:16:06 2008
New Revision: 702100

URL: http://svn.apache.org/viewvc?rev=702100&view=rev
Log:
Fix most / important Security testcases for the new Security api and model.
Delete testcases which are no long representative
Disable a few less important testcases for now (to be renabled/fixed later)

Added:
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestSubjectHelper.java   (contents, props changed)
      - copied, changed from r701391, portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestSecurityHelper.java
Removed:
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestAggregationHierarchy.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestAuthenticationProviderProxy.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestGeneralizationHierarchy.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestSecurityHelper.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestCredentialHandler.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestGroupSecurityHandler.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestPasswordCredentialProvider.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestRoleSecurityHandler.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestSecurityMappingHandler.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestUserSecurityHandler.java
Modified:
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/pom.xml
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/util/test/AbstractSecurityTestcase.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestGroupManager.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestLoginModule.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestPermissionManager.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicy.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicyFolder.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRoleManager.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestUserManager.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestCredentialPasswordEncoder.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.java
    portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/spi/TestPasswordHistoryInterceptor.java

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/pom.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/pom.xml?rev=702100&r1=702099&r2=702100&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/pom.xml (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/pom.xml Mon Oct  6 04:16:06 2008
@@ -132,9 +132,9 @@
                 <configuration>
                     <excludes>
                         <exclude>**/spi/ldap/**.java</exclude>
-                        <exclude>**/TestSecurityMappingHandler.java</exclude>
-                        <exclude>**/TestGeneralizationHierarchy.java</exclude>
-                        <exclude>**/TestAggregationHierarchy.java</exclude>
+                        <exclude>**/spi/TestDefaultJetspeedSynchronizer.java</exclude>
+                        <exclude>**/spi/TestPasswordHistoryInterceptor.java</exclude>
+                        <exclude>**/spi/TestPasswordExpirationAndMaxAuthenticationFailuresInterceptor.java</exclude>
                     </excludes>
                 </configuration>
             </plugin>
@@ -156,7 +156,7 @@
                                 <resources>
                                     <resource>
                                         <path>assembly</path>
-                                        <include>transaction.xml,cache.xml,security-*.xml,boot/datasource.xml</include>
+                                        <include>transaction.xml,cache.xml,security-*.xml,static-bean-references.xml,boot/datasource.xml</include>
                                     </resource>
                                     <resource>
                                         <path>db-ojb</path>

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/util/test/AbstractSecurityTestcase.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/util/test/AbstractSecurityTestcase.java?rev=702100&r1=702099&r2=702100&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/util/test/AbstractSecurityTestcase.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/util/test/AbstractSecurityTestcase.java Mon Oct  6 04:16:06 2008
@@ -16,6 +16,7 @@
  */
 package org.apache.jetspeed.security.util.test;
 
+import java.security.Principal;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Iterator;
@@ -25,14 +26,14 @@
 
 import org.apache.jetspeed.JetspeedActions;
 import org.apache.jetspeed.components.util.DatasourceEnabledSpringTestCase;
-import org.apache.jetspeed.security.AuthenticationProvider;
-import org.apache.jetspeed.security.Group;
 import org.apache.jetspeed.security.GroupManager;
+import org.apache.jetspeed.security.JetspeedPermission;
+import org.apache.jetspeed.security.PasswordCredential;
 import org.apache.jetspeed.security.PermissionManager;
-import org.apache.jetspeed.security.Role;
 import org.apache.jetspeed.security.RoleManager;
 import org.apache.jetspeed.security.User;
 import org.apache.jetspeed.security.UserManager;
+import org.apache.jetspeed.security.SecurityException;
 
 /**
  * @author <a href="mailto:sweaver@einnovation.com">Scott T. Weaver </a>
@@ -62,10 +63,6 @@
 
         super.setUp();
 
-        
-        // Security Providers.        
-        AuthenticationProvider atnProvider = (AuthenticationProvider) scm.getComponent("org.apache.jetspeed.security.AuthenticationProvider");
-       
         ums = (UserManager) scm.getComponent("org.apache.jetspeed.security.UserManager");
         gms = (GroupManager) scm.getComponent("org.apache.jetspeed.security.GroupManager");
         rms = (RoleManager) scm.getComponent("org.apache.jetspeed.security.RoleManager");
@@ -74,8 +71,18 @@
         pms = (PermissionManager) scm.getComponent("org.apache.jetspeed.security.PermissionManager");
         
         new JetspeedActions(new String[] {"secure"}, new String[] {});
+        
+        destroyPrincipals();
+        destroyPermissions();
     }
 
+    protected void tearDown() throws Exception
+    {
+        destroyPrincipals();
+        destroyPermissions();
+        super.tearDown();
+    }
+    
     /**
      * Returns subject's principals of type claz
      * 
@@ -83,33 +90,46 @@
      * @param claz
      * @return Returns subject's principals of type claz
      */
-    protected Collection getPrincipals(Subject subject, Class claz)
+    protected Collection<Principal> getPrincipals(Subject subject, Class<? extends Principal> claz)
     {
-        List principals = new ArrayList();
-        for (Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();)
+        List<Principal> principals = new ArrayList<Principal>();
+        for (Iterator<Principal> iter = subject.getPrincipals().iterator(); iter.hasNext();)
         {
-            Object element = iter.next();
+            Principal element = iter.next();
             if (claz.isInstance(element))
                 principals.add(element);
 
         }
         return principals;
     }
+    
+    protected User addUser(String name, String password) throws SecurityException
+    {
+        User user = ums.addUser(name);            
+        PasswordCredential credential = ums.getPasswordCredential(user);
+        credential.setPassword(password, false);
+        ums.storePasswordCredential(credential);
+        return user;
+    }
+    
+    protected String getBeanDefinitionFilterCategories()
+    {
+        return "security,transaction,cache,jdbcDS";
+    }
 
     protected String[] getConfigurations()
     {
         //String[] confs = super.getConfigurations();
-        List confList = new ArrayList(); //Arrays.asList(confs));
+        List<String> confList = new ArrayList<String>(); //Arrays.asList(confs));
         confList.add("security-atn.xml");
         confList.add("security-atz.xml");
         confList.add("security-managers.xml");
         confList.add("security-providers.xml");
         confList.add("security-spi.xml");
         confList.add("security-spi-atn.xml");
-        confList.add("security-spi-atz.xml");
-        confList.add("security-attributes.xml");
         confList.add("transaction.xml");
         confList.add("cache.xml");
+        confList.add("static-bean-references.xml");
         return (String[]) confList.toArray(new String[1]);
     }
 
@@ -120,21 +140,35 @@
      */
     protected void destroyPrincipals() throws Exception
     {
-        Collection<User> users = this.ums.getUsers("");
-        for (User user : users)
+        for (String name : ums.getUserNames(null))
+        {
+            ums.removeUser(name);
+        }
+        for (String name : rms.getRoleNames(null))
         {
-            ums.removeUser(user.getName());
+            // because of possible dependent roles already been deleted through a parent deletion,
+            // first check if it still exists
+            if (rms.roleExists(name))
+            {
+                rms.removeRole(name);
+            }
         }
-        Collection<Role> roles = this.rms.getRoles("");
-        for (Role role : roles)
+        for (String name : gms.getGroupNames(null))
         {
-            rms.removeRole(role.getName());
+            // because of possible dependent groups already been deleted through a parent deletion,
+            // first check if it still exists
+            if (gms.groupExists(name))
+            {
+                gms.removeGroup(name);
+            }
         }
-        Collection<Group> groups = this.gms.getGroups("");
-        for (Group group : groups)
+    }
+    
+    protected void destroyPermissions() throws Exception
+    {
+        for (JetspeedPermission p : pms.getPermissions())
         {
-            gms.removeGroup(group.getName());
+            pms.removePermission(p);
         }
     }
-     
 }
\ No newline at end of file

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestGroupManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestGroupManager.java?rev=702100&r1=702099&r2=702100&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestGroupManager.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestGroupManager.java Mon Oct  6 04:16:06 2008
@@ -16,13 +16,13 @@
  */
 package org.apache.jetspeed.security;
 
-import java.security.Principal;
-import java.util.Collection;
+import java.util.List;
+
+import javax.security.auth.Subject;
 
 import junit.framework.Test;
 import junit.framework.TestSuite;
 
-import org.apache.jetspeed.security.impl.GroupImpl;
 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
 
 /**
@@ -35,25 +35,6 @@
  */
 public class TestGroupManager extends AbstractSecurityTestcase
 {
-
-    /**
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception
-    {
-        super.setUp();
-    }
-
-    /**
-     * @see junit.framework.TestCase#tearDown()
-     */
-    public void tearDown() throws Exception
-    {
-        destroyPrincipals();
-        super.tearDown();
-
-    }
-
     public static Test suite()
     {
         // All methods starting with "test" will be executed in the test suite.
@@ -92,16 +73,6 @@
         catch (SecurityException sex)
         {
         }
-
-        // Cleanup test.
-        try
-        {
-            gms.removeGroup("testgroup");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -127,8 +98,8 @@
         try
         {
             gms.addUserToGroup("anonuser1", "testusertogroup1.group1");
-            Collection principals = ums.getSubject(ums.getUser("anonuser1")).getPrincipals();
-            assertTrue("anonuser1 should contain testusertogroup1.group1", principals.contains(new GroupImpl("testusertogroup1.group1")));
+            Subject subject = ums.getSubject(ums.getUser("anonuser1"));
+            assertTrue("anonuser1 should contain testusertogroup1.group1", SubjectHelper.getPrincipal(subject, Group.class, "testusertogroup1.group1") != null);
         }
         catch (SecurityException sex)
         {
@@ -138,8 +109,8 @@
         try
         {
             gms.addUserToGroup("anonuser1", "testusertogroup1.group2");
-            Collection principals = ums.getSubject(ums.getUser("anonuser1")).getPrincipals();
-            assertTrue("anonuser1 should contain testusertogroup1.group2", principals.contains(new GroupImpl("testusertogroup1.group2")));
+            Subject subject = ums.getSubject(ums.getUser("anonuser1"));
+            assertTrue("anonuser1 should contain testusertogroup1.group2", SubjectHelper.getPrincipal(subject, Group.class, "testusertogroup1.group2") != null);
         }
         catch (SecurityException sex)
         {
@@ -163,17 +134,6 @@
         catch (SecurityException sex)
         {
         }
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser("anonuser1");
-            gms.removeGroup("testusertogroup1");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -181,54 +141,38 @@
      * Test remove group.
      * </p>
      */
-    public void testRemoveGroup()
+    public void testRemoveGroup() throws Exception
     {
         // Init test.
-        try
-        {
-            ums.addUser("anonuser2");
-            gms.addGroup("testgroup1");
-            gms.addGroup("testgroup1.group1");
-            gms.addGroup("testgroup1.group2");
-            gms.addGroup("testgroup2");
-            gms.addGroup("testgroup2.group1");
-            gms.addUserToGroup("anonuser2", "testgroup1.group1");
-            gms.addUserToGroup("anonuser2", "testgroup1.group2");
-            gms.addUserToGroup("anonuser2", "testgroup2.group1");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testRemoveGroup(), " + sex, false);
-        }
+        User user = ums.addUser("anonuser2");
+        Group group1 = gms.addGroup("testgroup1");
+        Group group11 = gms.addGroup("testgroup1.group1");
+        Group group12 = gms.addGroup("testgroup1.group2");
+        Group group2 = gms.addGroup("testgroup2");
+        Group group21 = gms.addGroup("testgroup2.group1");
+        gms.addGroupToGroup(group11, group1, JetspeedPrincipalAssociationType.IS_A);
+        gms.addGroupToGroup(group12, group1, JetspeedPrincipalAssociationType.IS_A);
+        gms.addGroupToGroup(group21, group2, JetspeedPrincipalAssociationType.IS_A);
+        gms.addUserToGroup("anonuser2", "testgroup1.group1");
+        gms.addUserToGroup("anonuser2", "testgroup1.group2");
+        gms.addUserToGroup("anonuser2", "testgroup2.group1");            
 
         try
         {
-            gms.removeGroup("testgroup1.group1");
-            Collection principals = ums.getSubject(ums.getUser("anonuser2")).getPrincipals();
-            // because of hierarchical groups with generalization strategy as default. Was 5 groups + 1 user, should now be 5
-            // (4 groups + 1 user).
+            gms.removeGroup("testgroup1.group1");            
+            Subject subject = ums.getSubject(user);
+            // because of hierarchical groups with generalization strategy as default. Was 5 groups + 2 users (including UserSubjectPrincipal), should now be 6
+            // (4 groups + 2 users).
             assertEquals(
-                "principal size should be == 3 after removing testgroup1.group1, for principals: " + principals.toString(),
-                3,
-                principals.size());
-            assertFalse("anonuser2 should not contain testgroup1.group1", principals.contains(new GroupImpl("testgroup1.group1")));
+                "principal size should be == 6 after removing testgroup1.group1, for principals: " + subject.getPrincipals(),
+                6,
+                subject.getPrincipals().size());
+            assertTrue("anonuser2 should not contain testgroup1.group1", SubjectHelper.getPrincipal(subject, Group.class, "testgroup1.group1") == null);
         }
         catch (SecurityException sex)
         {
             assertTrue("should remove group. exception caught: " + sex, false);
         }
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser("anonuser2");
-            gms.removeGroup("testgroup1");
-            gms.removeGroup("testgroup2");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -260,16 +204,6 @@
         }
         assertNotNull("group is null", group);
         assertEquals("expected group principal full path == testgetgroup", "testgetgroup", group.getName());
-
-        // Cleanup test.
-        try
-        {
-            gms.removeGroup("testgetgroup");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -299,7 +233,7 @@
 
         try
         {
-            Collection groups = gms.getGroupsForUser("anonuser2");
+            List<Group> groups = gms.getGroupsForUser("anonuser2");
             // Default hierarchy used in by generalization.
             assertEquals("groups size should be == 3", 3, groups.size());
         }
@@ -307,18 +241,6 @@
         {
             assertTrue("user exists. should not have thrown an exception: " + sex, false);
         }
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser("anonuser2");
-            gms.removeGroup("testgroup1");
-            gms.removeGroup("testgroup2");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -346,24 +268,13 @@
 
         try
         {
-            Collection groups = gms.getGroupsInRole("testuserrolemapping");
+            List<Group> groups = gms.getGroupsInRole("testuserrolemapping");
             assertEquals("groups size should be == 3", 3, groups.size());
         }
         catch (SecurityException sex)
         {
             assertTrue("role exists. should not have thrown an exception: " + sex, false);
         }
-
-        // Cleanup test.
-        try
-        {
-            rms.removeRole("testuserrolemapping");
-            gms.removeGroup("testrolegroupmapping");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove role and group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -389,24 +300,13 @@
         try
         {
             gms.removeUserFromGroup("anonuser4", "testgroup1.group1");
-            Collection groups = gms.getGroupsForUser("anonuser4");
+            List<Group> groups = gms.getGroupsForUser("anonuser4");
             assertEquals("groups size should be == 0", 0, groups.size());
         }
         catch (SecurityException sex)
         {
             assertTrue("user exists. should not have thrown an exception: " + sex, false);
         }
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser("anonuser4");
-            gms.removeGroup("testgroup1");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -438,17 +338,6 @@
         {
             assertTrue("user and group exist. should not have thrown an exception: " + sex, false);
         }
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser("anonuser4");
-            gms.removeGroup("testgroup1");
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and group. exception caught: " + sex, false);
-        }
     }
 
     /**
@@ -460,34 +349,9 @@
      */
     public void testGetGroups() throws Exception
     {
-    	int groupCount = 0;
-    	int groupAdded = 0;
-        Collection<Group> groups = gms.getGroups("");
-        for (Group group : groups)
-        {
-            System.out.println("Group is " + group);
-            groupCount++;
-        }
-
-    	ums.addUser("notme");
         gms.addGroup("g1");
         gms.addGroup("g2");
         gms.addGroup("g3");
-        groupAdded = 3;
-        int count = 0;
-        groups = gms.getGroups("");
-        for (Group group : groups)
-        {
-            System.out.println("Group is " + group);
-            count++;
-        }
-        ums.removeUser("notme");
-        gms.removeGroup("g1");
-        gms.removeGroup("g2");
-        gms.removeGroup("g3");
-        assertTrue("group count should be " + (groupAdded + groupCount), count == (groupAdded + groupCount));
-               
+        assertTrue("group count should be 3", 3 == gms.getGroups(null).size());
     }
-    
-   
 }
\ No newline at end of file

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestLoginModule.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestLoginModule.java?rev=702100&r1=702099&r2=702100&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestLoginModule.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestLoginModule.java Mon Oct  6 04:16:06 2008
@@ -18,6 +18,7 @@
 
 import java.security.Principal;
 
+import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
 
@@ -25,7 +26,6 @@
 import junit.framework.TestSuite;
 
 import org.apache.jetspeed.security.impl.PassiveCallbackHandler;
-import org.apache.jetspeed.security.impl.UserPrincipalImpl;
 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
 
 /**
@@ -56,58 +56,34 @@
         }
     }
 
-    /**
-     * @see junit.framework.TestCase#tearDown()
-     */
-    public void tearDown() throws Exception
-    {
-        destroyUserObject();
-        super.tearDown();
-        
-    }
-
     public static Test suite()
     {
         // All methods starting with "test" will be executed in the test suite.
         return new TestSuite(TestLoginModule.class);
     }
 
-    public void testLogin() throws LoginException
+    public void testLogin() throws Exception
     {
-        loginContext.login();
-        Principal found = SecurityHelper.getPrincipal(loginContext.getSubject(), UserPrincipal.class);
-        assertNotNull("found principal is null", found);
-        assertTrue("found principal should be anonlogin, " + found.getName(), found.getName().equals((new UserPrincipalImpl("anonlogin")).getName()));      
+        loginContext.login();        
+        Subject subject = loginContext.getSubject();
+        Principal found = SubjectHelper.getPrincipal(loginContext.getSubject(), User.class);
+        assertNotNull("found principal is null, subject: "+subject, found);
+        assertTrue("found principal should be anonlogin, " + found.getName(), found.getName().equals("anonlogin"));      
     }
     
     public void testLogout() throws LoginException
     {
         loginContext.login();
         loginContext.logout();
-        Principal found = SecurityHelper.getBestPrincipal(loginContext.getSubject(), UserPrincipal.class);
+        Principal found = SubjectHelper.getBestPrincipal(loginContext.getSubject(), User.class);
         assertNull("found principal is not null", found);
     }
 
     /**
      * <p>Initialize user test object.</p>
      */
-    protected void initUserObject()
-    {
-        try
-        {
-            ums.addUser("anonlogin", "password");
-        }
-        catch (SecurityException sex)
-        {
-        }
-    }
-
-    /**
-     * <p>Destroy user test object.</p>
-     */
-    protected void destroyUserObject() throws Exception
+    protected void initUserObject() throws SecurityException
     {
-        ums.removeUser("anonlogin");
+        addUser("anonlogin", "password");
     }
-
 }

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestPermissionManager.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestPermissionManager.java?rev=702100&r1=702099&r2=702100&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestPermissionManager.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestPermissionManager.java Mon Oct  6 04:16:06 2008
@@ -16,31 +16,24 @@
  */
 package org.apache.jetspeed.security;
 
-import java.lang.reflect.Constructor;
 import java.security.AccessControlException;
+import java.security.AccessController;
 import java.security.Permission;
 import java.security.Permissions;
 import java.security.Principal;
+import java.security.PrivilegedAction;
 import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
 import java.util.Collections;
-import java.util.Comparator;
 import java.util.Enumeration;
 import java.util.HashSet;
+import java.util.List;
 import java.util.Set;
-import java.util.Vector;
 
 import javax.security.auth.Subject;
 
 import junit.framework.Test;
 import junit.framework.TestSuite;
 
-import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
-import org.apache.jetspeed.security.impl.RolePrincipalImpl;
-import org.apache.jetspeed.security.impl.UserPrincipalImpl;
-import org.apache.jetspeed.security.om.InternalPermission;
-import org.apache.jetspeed.security.spi.impl.PortletPermission;
 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
 
 /**
@@ -50,32 +43,6 @@
  */
 public class TestPermissionManager extends AbstractSecurityTestcase
 {
-    private static final Comparator principalComparator = new Comparator()
-    {
-        public int compare(Object arg0, Object arg1)
-        {
-            return (((Principal)arg0).getName().compareTo(((Principal)arg1).getName()));
-        }
-    };
-
-    /**
-     * @see junit.framework.TestCase#setUp()
-     */
-    protected void setUp() throws Exception
-    {
-        super.setUp();
-        destroyPermissions();
-    }
-    
-    /**
-     * @see junit.framework.TestCase#tearDown()
-     */
-    public void tearDown() throws Exception
-    {
-        destroyPermissions();
-        super.tearDown();        
-    }
-
     public static Test suite()
     {
         // All methods starting with "test" will be executed in the test suite.
@@ -88,31 +55,19 @@
         //////////////////////////////////////////////////////////////////////////
         // setup
         ////////////
-        UserPrincipal adminUser = new UserPrincipalImpl("adminTEST");
-        UserPrincipal userUser = new UserPrincipalImpl("userTEST");
-        PortletPermission adminPerm = new PortletPermission("adminTEST::*", "view, edit");
-        PortletPermission userPerm = new PortletPermission("demoTEST::*", "view, edit");
-        RolePrincipal adminRole = new RolePrincipalImpl("adminTEST");
-        RolePrincipal userRole = new RolePrincipalImpl("userTEST");
-        
-        try
-        {
-            ums.addUser(adminUser.getName(), "password");
-            ums.addUser(userUser.getName(), "password");            
-            rms.addRole(adminRole.getName());
-            rms.addRole(userRole.getName());            
-            rms.addRoleToUser(adminUser.getName(), adminRole.getName());
-            rms.addRoleToUser(userUser.getName(), userRole.getName());
-            rms.addRoleToUser(adminUser.getName(), userRole.getName());            
-            pms.addPermission(adminPerm);
-            pms.addPermission(userPerm);
-            pms.grantPermission(adminRole, adminPerm);
-            pms.grantPermission(userRole, userPerm);                        
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testRemovePrincipalPermissions(), " + sex, false);
-        }
+        User adminUser = ums.addUser("adminTEST");
+        User userUser = ums.addUser("userTEST");
+        Role adminRole = rms.addRole("adminTEST");
+        Role userRole = rms.addRole("userTEST");
+        JetspeedPermission adminPerm = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "adminTEST::*", "view, edit");
+        JetspeedPermission userPerm = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "demoTEST::*", "view, edit");
+        rms.addRoleToUser(adminUser.getName(), adminRole.getName());
+        rms.addRoleToUser(userUser.getName(), userRole.getName());
+        rms.addRoleToUser(adminUser.getName(), userRole.getName());            
+        pms.addPermission(adminPerm);
+        pms.addPermission(userPerm);
+        pms.grantPermission(adminPerm, adminRole);
+        pms.grantPermission(userPerm, userRole);                        
         
         //////////////////////////////////////////////////////////////////////////
         // Run Test
@@ -135,46 +90,16 @@
         {
             Subject adminSubject = new Subject(true, adminPrincipals, adminPublicCredentials, adminPrivateCredentials);
             Subject userSubject = new Subject(true, userPrincipals, userPublicCredentials, userPrivateCredentials);                    
-            
-            boolean access = pms.checkPermission(adminSubject, adminPerm);
-            assertTrue("access to admin Perm should be granted to Admin ", access);
-            
-            access = pms.checkPermission(adminSubject, userPerm);
-            assertTrue("access to user should NOT be granted to Admin ", access);
-
-            access = pms.checkPermission(userSubject, userPerm);
-            assertTrue("access to User Perm should be granted to User ", access);
-            
-            access = pms.checkPermission(userSubject, adminPerm);
-            assertFalse("access to Admin Perm should NOT be granted to User ", access);
+            assertTrue("access to admin Perm should be granted to Admin ", checkPermission(adminSubject, adminPerm));
+            assertTrue("access to user should NOT be granted to Admin ", checkPermission(adminSubject, userPerm));
+            assertTrue("access to User Perm should be granted to User ", checkPermission(userSubject, userPerm));
+            assertFalse("access to Admin Perm should NOT be granted to User ", checkPermission(userSubject, adminPerm));
             
         }
         catch (AccessControlException e)
         {
             fail("failed permission check");
         }
-        finally
-        {
-            //////////////////////////////////////////////////////////////////////////
-            // cleanup
-            ////////////
-            try
-            {
-                ums.removeUser(adminUser.getName());
-                ums.removeUser(userUser.getName());
-                rms.removeRole(adminRole.getName());
-                rms.removeRole(userRole.getName());
-                
-                pms.removePermission(adminPerm);
-                pms.removePermission(userPerm);
-            }
-            catch (SecurityException sex)
-            {
-                assertTrue("could not remove user and permission. exception caught: " + sex, false);
-            }            
-        }
-        
-        
     }
     
     public void testPermissionCheck()
@@ -183,33 +108,22 @@
         //////////////////////////////////////////////////////////////////////////
         // setup
         ////////////
-        UserPrincipal user = new UserPrincipalImpl("test");
-        PortletPermission perm1 = new PortletPermission("PortletOne", "view, edit");
-        PortletPermission perm2 = new PortletPermission("PortletTwo", "view");
-        PortletPermission perm3 = new PortletPermission("PortletThree", "view");
-        PortletPermission perm3a = new PortletPermission("PortletThreeA", "view, edit");
-        RolePrincipal role1 = new RolePrincipalImpl("Role1");
-        RolePrincipal role2 = new RolePrincipalImpl("Role2");
-        
-        try
-        {
-            ums.addUser(user.getName(), "password");
-            rms.addRole(role1.getName());
-            rms.addRole(role2.getName());            
-            rms.addRoleToUser(user.getName(), role1.getName());
-            rms.addRoleToUser(user.getName(), role2.getName());
-            pms.addPermission(perm1);
-            pms.addPermission(perm2);
-            pms.addPermission(perm3);
-            pms.addPermission(perm3a);
-            pms.grantPermission(user, perm1);
-            pms.grantPermission(role1, perm2);                        
-            pms.grantPermission(role2, perm3);            
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testRemovePrincipalPermissions(), " + sex, false);
-        }
+        User user = ums.addUser("test");
+        Role role1 = rms.addRole("Role1");
+        Role role2 = rms.addRole("Role2");            
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "PortletOne", "view, edit");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "PortletTwo", "view");
+        JetspeedPermission perm3 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "PortletThree", "view");
+        JetspeedPermission perm3a = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "PortletThreeA", "view, edit");
+        rms.addRoleToUser(user.getName(), role1.getName());
+        rms.addRoleToUser(user.getName(), role2.getName());
+        pms.addPermission(perm1);
+        pms.addPermission(perm2);
+        pms.addPermission(perm3);
+        pms.addPermission(perm3a);
+        pms.grantPermission(perm1, user);
+        pms.grantPermission(perm2, role1);                        
+        pms.grantPermission(perm3, role2);            
         
         //////////////////////////////////////////////////////////////////////////
         // Run Test
@@ -224,64 +138,31 @@
         try
         {
             Subject subject = new Subject(true, principals, publicCredentials, privateCredentials);        
-            boolean access = pms.checkPermission(subject, perm1);
-            assertTrue("access to perm1 should be granted ", access);
-            access = pms.checkPermission(subject, perm2);
-            assertTrue("access to perm2 should be granted ", access);
-            access = pms.checkPermission(subject, perm3);
-            assertTrue("access to perm3 should be granted ", access);
-            access = pms.checkPermission(subject, perm3a);
-            assertFalse("access to perm3a should be denied ", access);
+            assertTrue("access to perm1 should be granted ", checkPermission(subject, perm1));
+            assertTrue("access to perm2 should be granted ", checkPermission(subject, perm2));
+            assertTrue("access to perm3 should be granted ", checkPermission(subject, perm3));
+            assertFalse("access to perm3a should be denied ", checkPermission(subject, perm3a));
         }
         catch (AccessControlException e)
         {
             fail("failed permission check");
         }
-        finally
-        {
-            //////////////////////////////////////////////////////////////////////////
-            // cleanup
-            ////////////
-            try
-            {
-                ums.removeUser(user.getName());
-                rms.removeRole(role1.getName());
-                rms.removeRole(role2.getName());            
-                pms.removePermission(perm1);
-                pms.removePermission(perm2);
-                pms.removePermission(perm3);
-                pms.removePermission(perm3a);                
-            }
-            catch (SecurityException sex)
-            {
-                assertTrue("could not remove user and permission. exception caught: " + sex, false);
-            }            
-        }
-        
-        
     }
     
     /**
      * <p>Test remove principal and associated permissions.</p>
      */
-    public void testRemovePrincipalPermissions()
+    public void testRemovePrincipalPermissions() throws Exception
     {
         // Init test.
-        UserPrincipal user = new UserPrincipalImpl("test");
-        PortletPermission perm = new PortletPermission("anontestportlet", "view, edit");
-        try
-        {
-            ums.addUser(user.getName(), "password");
-            pms.addPermission(perm);
-            pms.grantPermission(user, perm);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testRemovePrincipalPermissions(), " + sex, false);
-        }
+        User user = ums.addUser("test");
+        JetspeedPermission perm = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "anontestportlet", "view, edit");
+        pms.addPermission(perm);
+        pms.grantPermission(perm, user);
+        
         try
         {
-            pms.removePermissions(user);
+            pms.revokeAllPermissions(user);
             Permissions permissions = pms.getPermissions(user);
             assertEquals(
                 "permissions should be empty for user " + user.getName(),
@@ -292,45 +173,18 @@
         {
             assertTrue("could not remove permission. exception caught: " + sex, false);
         }
-        // Cleanup test.
-        try
-        {
-            ums.removeUser(user.getName());
-            pms.removePermission(perm);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and permission. exception caught: " + sex, false);
-        }
     }
 
     /**
      * <p>Test remove permission.</p>
      */
-    public void testPermissionExists()
+    public void testPermissionExists() throws Exception
     {
-        PortletPermission perm1 = new PortletPermission("removepermission1", "view, edit, secure, minimized, maximized");
-        PortletPermission perm2 = new PortletPermission("removepermission2", "view, edit, minimized, maximized");
-        try
-        {
-            pms.addPermission(perm1);
-            assertTrue(pms.permissionExists(perm1));
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not add permission, " + sex, false);
-        }
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "removepermission1", "view, edit, secure, minimized, maximized");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "removepermission2", "view, edit, minimized, maximized");
+        pms.addPermission(perm1);
+        assertTrue(pms.permissionExists(perm1));
         assertFalse(pms.permissionExists(perm2));
-        
-        //  Cleanup test.
-        try
-        {
-            pms.removePermission(perm1);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove permission. exception caught: " + sex, false);
-        }
     }
     
     /**
@@ -339,20 +193,20 @@
     public void testRemovePermission()
     {
         // Init test.
-        UserPrincipal user = new UserPrincipalImpl("removepermission");
-        RolePrincipal role = new RolePrincipalImpl("removepermissionrole");
-        PortletPermission perm1 = new PortletPermission("removepermission1", "view, edit, secure, minimized, maximized");
-        PortletPermission perm2 = new PortletPermission("removepermission2", "view, edit, minimized, maximized");
+        User user = null;
+        Role role = null;
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "removepermission1", "view, edit, secure, minimized, maximized");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "removepermission2", "view, edit, minimized, maximized");
         try
         {
-            ums.addUser(user.getName(), "password");
-            rms.addRole(role.getName());
+            user = ums.addUser("removepermission");
+            role = rms.addRole("removepermissionrole");
             pms.addPermission(perm1);
             pms.addPermission(perm2);
-            pms.grantPermission(user, perm1);
-            pms.grantPermission(user, perm2);
-            pms.grantPermission(role, perm1);
-            pms.grantPermission(role, perm2);
+            pms.grantPermission(perm1, user);
+            pms.grantPermission(perm2, user);
+            pms.grantPermission(perm1, role);
+            pms.grantPermission(perm2, role);
         }
         catch (SecurityException sex)
         {
@@ -361,7 +215,7 @@
         try
         {
             pms.removePermission(perm1);
-            Permissions permCol1 = pms.getPermissions(new UserPrincipalImpl("removepermission"));
+            Permissions permCol1 = pms.getPermissions(user);
             assertTrue(
                 "should only contain permission == {name = "
                     + perm2.getName()
@@ -370,7 +224,7 @@
                     + "}, in collection of size == 1, actual size: "
                     + (Collections.list(permCol1.elements())).size(),
                 validatePermissions(permCol1, perm2, 1));
-            Permissions permCol2 = pms.getPermissions(new RolePrincipalImpl("removepermissionrole"));
+            Permissions permCol2 = pms.getPermissions(role);
             assertTrue(
                 "should only contain permission == {name = "
                     + perm2.getName()
@@ -384,58 +238,33 @@
         {
             assertTrue("could not remove permission. exception caught: " + sex, false);
         }
-        // Cleanup test.
-        try
-        {
-            ums.removeUser(user.getName());
-            pms.removePermission(perm1);
-            pms.removePermission(perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and permission. exception caught: " + sex, false);
-        }
     }
 
     /**
      * <p>Test grant permission to principal.</p>
      */
-    public void testGrantPermission()
+    public void testGrantPermission() throws Exception
     {
         // Init test.
-        UserPrincipal user1 = new UserPrincipalImpl("testgrantpermission1");
-        UserPrincipal user2 = new UserPrincipalImpl("testgrantpermission2");
-        PortletPermission perm1 = new PortletPermission("testportlet", "view, minimized, secure");
-        PortletPermission perm2 = new PortletPermission("testportlet", "view, minimized, maximized, secure");
-        try
-        {
-            ums.addUser(user2.getName(), "password");
-            pms.addPermission(perm1);
-            pms.addPermission(perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testGrantPermission(), " + sex, false);
-        }
+        User user1 = ums.newTransientUser("testgrantpermission1");
+        User user2 = ums.addUser ("testgrantpermission2");
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "testportlet", "view, minimized, secure");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "testportlet2", "view, minimized, maximized, secure");
+        pms.addPermission(perm1);
+        pms.addPermission(perm2);
 
         // Test permission for new permission and new principal (does not exist).      
         try
         {
-            pms.grantPermission(user1, perm1);
+            pms.grantPermission(perm1, user1);
             assertTrue("principal does not exist. should have caught exception.", false);
         }
         catch (SecurityException sex)
         {
         }
-        // Test insert new permission and existing principal.
-        try
-        {
-            pms.grantPermission(user2, perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("principal does not exist. caught exception, " + sex, false);
-        }
+        // Grant  permission to existing principal.
+        pms.grantPermission(perm2, user2);
+        
         Permissions permCol1 = pms.getPermissions(user2);
         assertTrue(
             "should contain permission == {name = "
@@ -445,15 +274,9 @@
                 + "}, in collection of size == 1, actual size: "
                 + (Collections.list(permCol1.elements())).size(),
             validatePermissions(permCol1, perm2, 1));
-        // Test insert duplicate permission for same principal
-        try
-        {
-            pms.grantPermission(user2, perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("principal does not exist. caught exception, " + sex, false);
-        }
+        
+        // Test grant duplicate permission for same principal
+        pms.grantPermission(perm2, user2);
         Permissions permCol2 = pms.getPermissions(user2);
         assertTrue(
             "should contain permission == {name = "
@@ -463,41 +286,21 @@
                 + "}, in collection of size == 1, actual size: "
                 + (Collections.list(permCol2.elements())).size(),
             validatePermissions(permCol2, perm2, 1));
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser(user2.getName());
-            pms.removePermission(perm1);
-            pms.removePermission(perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and permission. exception caught: " + sex, false);
-        }
     }
 
     /**
      * <p>Test get permissions from a principal.</p>
      */
-    public void testGetPrincipalPermissions()
+    public void testGetPrincipalPermissions() throws Exception
     {
         // Init test.
-        UserPrincipal user = new UserPrincipalImpl("anon");
-        PortletPermission perm1 = new PortletPermission("anontestportlet", "view");
-        PortletPermission perm2 = new PortletPermission("anontestportlet", "view, edit");
-        try
-        {
-            ums.addUser(user.getName(), "password");
-            pms.addPermission(perm1);
-            pms.addPermission(perm2);
-            pms.grantPermission(user, perm1);
-            pms.grantPermission(user, perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testGetPrincipalPermissions(), " + sex, false);
-        }
+        User user = ums.addUser("anon");
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "anontestportlet", "view");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "anontestportlet2", "view, edit");
+        pms.addPermission(perm1);
+        pms.addPermission(perm2);
+        pms.grantPermission(perm1, user);
+        pms.grantPermission(perm2, user);
 
         Permissions permissions = pms.getPermissions(user);
         assertTrue(
@@ -516,68 +319,39 @@
                 + "}, in collection of size == 2, actual size: "
                 + (Collections.list(permissions.elements())).size(),
             validatePermissions(permissions, perm2, 2));
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser(user.getName());
-            pms.removePermission(perm1);
-            pms.removePermission(perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and permission. exception caught: " + sex, false);
-        }
     }
 
     /**
      * <p>Test get permissions from a collection of principals.</p>
      */
-    public void testGetPermissions()
+    public void testGetPermissions() throws Exception
     {
         // Init test.
-        UserPrincipal user = new UserPrincipalImpl("anon");
-        RolePrincipal role1 = new RolePrincipalImpl("anonrole1");
-        RolePrincipal role2 = new RolePrincipalImpl("anonrole2");
-        GroupPrincipal group1 = new GroupPrincipalImpl("anongroup1");
-        GroupPrincipal group2 = new GroupPrincipalImpl("anongroup2");
-        PortletPermission perm1 = new PortletPermission("anontestportlet", "view");
-        PortletPermission perm2 = new PortletPermission("anontestportlet", "view, edit");
-        PortletPermission perm3 = new PortletPermission("anontestportlet", "view, edit, secure");
-        PortletPermission perm4 = new PortletPermission("anontestportlet", "view, edit, secure, minimized");
-        try
-        {
-            ums.addUser(user.getName(), "password");
-            rms.addRole(role1.getName());
-            rms.addRole(role2.getName());
-            gms.addGroup(group1.getName());
-            gms.addGroup(group2.getName());
-            pms.addPermission(perm1);
-            pms.addPermission(perm2);
-            pms.addPermission(perm3);
-            pms.addPermission(perm4);
-            pms.grantPermission(role1, perm1);
-            pms.grantPermission(role2, perm1);
-            pms.grantPermission(role2, perm2);
-            pms.grantPermission(role2, perm3);
-            pms.grantPermission(role2, perm4);
-            pms.grantPermission(group1, perm1);
-            pms.grantPermission(group2, perm1);
-            pms.grantPermission(group2, perm2);
-            pms.grantPermission(group2, perm3);
-            pms.grantPermission(group2, perm4);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testGetPrincipalPermissions(), " + sex, false);
-        }
+        User user = ums.addUser("anon");
+        Role role1 = rms.addRole("anonrole1");
+        Role role2 = rms.addRole("anonrole2");
+        Group group1 = gms.addGroup("anongroup1");
+        Group group2 = gms.addGroup("anongroup2");
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "anontestportlet", "view");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "anontestportlet2", "view, edit");
+        JetspeedPermission perm3 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "anontestportlet3", "view, edit, secure");
+        JetspeedPermission perm4 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "anontestportlet4", "view, edit, secure, minimized");
+        pms.addPermission(perm1);
+        pms.addPermission(perm2);
+        pms.addPermission(perm3);
+        pms.addPermission(perm4);
+        pms.grantPermission(perm1, role1);
+        pms.grantPermission(perm1, role2);
+        pms.grantPermission(perm2, role2);
+        pms.grantPermission(perm3, role2);
+        pms.grantPermission(perm4, role2);
+        pms.grantPermission(perm1, group1);
+        pms.grantPermission(perm1, group2);
+        pms.grantPermission(perm2, group2);
+        pms.grantPermission(perm3, group2);
+        pms.grantPermission(perm4, group2);
 
-        ArrayList<Principal> principals = new ArrayList<Principal>();
-        principals.add(user);
-        principals.add(role1);
-        principals.add(role2);
-        principals.add(group1);
-        principals.add(group2);
+        Principal[] principals = new Principal[]{user,role1,role2,group1,group2};
         Permissions permissions = pms.getPermissions(principals);
         assertTrue(
             "should contain permission == {name = "
@@ -611,46 +385,24 @@
                 + "}, in collection of size == 4, actual size: "
                 + (Collections.list(permissions.elements())).size(),
             validatePermissions(permissions, perm4, 4));
-
-        // Cleanup test.
-        try
-        {
-            ums.removeUser(user.getName());
-            pms.removePermission(perm1);
-            pms.removePermission(perm2);
-            pms.removePermission(perm3);
-            pms.removePermission(perm4);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user. exception caught: " + sex, false);
-        }
     }
 
     /**
      * <p>Test revoke permission.</p>
      */
-    public void testRevokePermission()
+    public void testRevokePermission() throws Exception
     {
         // Init test.
-        UserPrincipal user = new UserPrincipalImpl("revokepermission");
-        PortletPermission perm1 = new PortletPermission("revokepermission1", "view, edit, minimized, maximized");
-        PortletPermission perm2 = new PortletPermission("revokepermission2", "view, edit, minimized, maximized");
-        try
-        {
-            ums.addUser(user.getName(), "password");
-            pms.addPermission(perm1);
-            pms.addPermission(perm2);
-            pms.grantPermission(user, perm1);
-            pms.grantPermission(user, perm2);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testRevokePermission(), " + sex, false);
-        }
+        User user = ums.addUser("revokepermission");
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "revokepermission1", "view, edit, minimized, maximized");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "revokepermission2", "view, edit, minimized, maximized");
+        pms.addPermission(perm1);
+        pms.addPermission(perm2);
+        pms.grantPermission(perm1, user);
+        pms.grantPermission(perm2, user);
         try
         {
-            pms.revokePermission(user, perm2);
+            pms.revokePermission(perm2, user);
             Permissions permCol = pms.getPermissions(user);
             assertTrue(
                 "should only contain permission == {name = "
@@ -665,18 +417,29 @@
         {
             assertTrue("could not revoke permission. esception caught: " + sex, false);
         }
-        // Cleanup test.
+    }
+    
+    private boolean checkPermission(Subject subject, final JetspeedPermission permission) 
+    {
         try
         {
-            ums.removeUser(user.getName());
-            pms.removePermission(perm1);
-            pms.removePermission(perm2);
+            JSSubject.doAsPrivileged(subject, new PrivilegedAction<Object>()                
+            {
+                public Object run()
+                {
+                    AccessController.checkPermission((Permission)permission);
+                    return null;
+                }
+            }, null);
         }
-        catch (SecurityException sex)
+        catch (Exception e)
         {
-            assertTrue("could not remove user. exception caught: " + sex, false);
+            return false;
         }
+        return true;         
     }
+    
+    
 
     /**
      * <p>Validate whether permission belongs to permissions and whether the permissions
@@ -686,7 +449,7 @@
      * @param size The permissions expected size.
      * @return
      */
-    private boolean validatePermissions(Permissions permissions, Permission permission, int size)
+    private boolean validatePermissions(Permissions permissions, JetspeedPermission permission, int size)
     {
         Enumeration<Permission> permissionEnums = permissions.elements();
         boolean hasPermission = false;
@@ -704,72 +467,34 @@
         return validated;
     }
 
-    /**
-     * <p>Destroy permission test objects.</p>
-     */
-    protected void destroyPermissions() throws Exception
-    {
-        this.destroyPrincipals();
-        for (InternalPermission ip : pms.getInternalPermissions())
-        {
-            Class permissionClass = Class.forName(ip.getClassname());
-            Class[] parameterTypes = { String.class, String.class };
-            Constructor permissionConstructor = permissionClass.getConstructor(parameterTypes);
-            Object[] initArgs = { ip.getName(), ip.getActions() };
-            Permission permission = (Permission) permissionConstructor.newInstance(initArgs);            
-            pms.removePermission(permission);
-        }                
-    }
-    
-    public void testUpdatePermission()
+    public void testUpdatePermission() throws Exception
     {
         // Init test.
-        RolePrincipal role1 = new RolePrincipalImpl("role1");
-        RolePrincipal role2 = new RolePrincipalImpl("role2");
-        RolePrincipal role3 = new RolePrincipalImpl("role3");
-        RolePrincipal role4 = new RolePrincipalImpl("role4");
-        PortletPermission perm1 = new PortletPermission("testportlet", "view");
-        try
-        {
-            rms.addRole(role1.getName());
-            rms.addRole(role2.getName());
-            rms.addRole(role3.getName());
-            rms.addRole(role4.getName());            
-            pms.addPermission(perm1);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to init testUpdatePermission(), " + sex, false);
-        }
+        Role role1 = rms.addRole("role1");
+        Role role2 = rms.addRole("role2");
+        Role role3 = rms.addRole("role3");
+        Role role4 = rms.addRole("role4");
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "testportlet", "view");
+        pms.addPermission(perm1);
 
         // Grant 1 and 2      
-        try
-        {
-            pms.grantPermission(role1, perm1);
-            pms.grantPermission(role2, perm1);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("failed to grant on testUpdatePermission. caught exception, " + sex, false);
-        }
+        pms.grantPermission(perm1, role1);
+        pms.grantPermission(perm1, role2);
 
-        Collection<Principal> principals = pms.getPrincipals(perm1);        
+        List<JetspeedPrincipal> principals = pms.getPrincipals(perm1);        
         assertTrue("principal count should be 2 ", principals.size() == 2);        
-        Object [] array = principals.toArray();
-        Arrays.sort(array, principalComparator);
-        assertTrue("element is Principal ", array[0] instanceof Principal);
-        assertTrue("first element not found ", ((Principal)array[0]).getName().equals("role1"));
-        assertTrue("second element not found ", ((Principal)array[1]).getName().equals("role2"));
-        
+        // PermissionManager returns a list sorted by [type,name]
+        assertTrue("first element should be [role1] but found ["+principals.get(0).getName()+"]", principals.get(0).getName().equals("role1"));
+        assertTrue("second element should be [role2] but found ["+principals.get(1).getName()+"]", principals.get(1).getName().equals("role2"));
         
         // Try to update collection
         try
         {
-            Collection<Principal> roles = new Vector<Principal>();
+            List<JetspeedPrincipal> roles = new ArrayList<JetspeedPrincipal>();
             roles.add(role1);
             roles.add(role3);
             roles.add(role4);
-            pms.updatePermission(perm1, roles);
+            pms.grantPermissionOnlyTo(perm1, roles);
         }
         catch (SecurityException sex)
         {
@@ -777,25 +502,10 @@
         }
         principals = pms.getPrincipals(perm1);
         assertTrue("principal count should be 3 ", principals.size() == 3);
-        array = principals.toArray();
-        Arrays.sort(array, principalComparator);
-        assertTrue("first element should be [role1] but found ["+((Principal)array[0]).getName()+"]", ((Principal)array[0]).getName().equals("role1"));
-        assertTrue("second element not found ", ((Principal)array[1]).getName().equals("role3"));
-        assertTrue("third element not found ", ((Principal)array[2]).getName().equals("role4"));
-        
-        // Cleanup test.
-        try
-        {
-            rms.removeRole(role1.getName());
-            rms.removeRole(role2.getName());
-            rms.removeRole(role3.getName());
-            rms.removeRole(role4.getName());
-            pms.removePermission(perm1);
-        }
-        catch (SecurityException sex)
-        {
-            assertTrue("could not remove user and permission. exception caught: " + sex, false);
-        }
+        // PermissionManager returns a list sorted by [type,name]
+        assertTrue("first element should be [role1] but found ["+principals.get(0).getName()+"]", principals.get(0).getName().equals("role1"));
+        assertTrue("second element should be [role3] but found ["+principals.get(1).getName()+"]", principals.get(1).getName().equals("role3"));
+        assertTrue("third element should be [role4] but found ["+principals.get(2).getName()+"]", principals.get(2).getName().equals("role4"));
     }
     
 }

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicy.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicy.java?rev=702100&r1=702099&r2=702100&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicy.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicy.java Mon Oct  6 04:16:06 2008
@@ -18,6 +18,7 @@
 
 import java.security.AccessControlException;
 import java.security.AccessController;
+import java.security.Permission;
 import java.security.Policy;
 import java.security.PrivilegedAction;
 
@@ -28,8 +29,6 @@
 import junit.framework.TestSuite;
 
 import org.apache.jetspeed.security.impl.PassiveCallbackHandler;
-import org.apache.jetspeed.security.impl.UserPrincipalImpl;
-import org.apache.jetspeed.security.spi.impl.PortletPermission;
 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
 
 /**
@@ -84,7 +83,6 @@
             le.printStackTrace();
             assertTrue("\t\t[TestRdbmsPolicy] Failed to tear down test.", false);
         }
-        destroyUser();
         super.tearDown();
     }
 
@@ -162,11 +160,11 @@
         // InternalPermission should be granted.
         try
         {
-            JSSubject.doAsPrivileged(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAsPrivileged(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    PortletPermission perm1 = new PortletPermission("myportlet", "view");
+                    Permission perm1 = (Permission)pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "myportlet", "view");
                     System.out.println("\t\t[TestRdbmsPolicy] Check access control for permission: [myportlet, view]");
                     System.out.println("\t\t                  with policy: " + Policy.getPolicy().getClass().getName());
                     AccessController.checkPermission(perm1);
@@ -182,11 +180,11 @@
         // Should be denied.
         try
         {
-            JSSubject.doAsPrivileged(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAsPrivileged(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    PortletPermission perm2 = new PortletPermission("myportlet", "secure");
+                    Permission perm2 = (Permission)pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "myportlet", "secure");
                     System.out.println("\t\t[TestRdbmsPolicy] Check access control for permission: [myportlet, secure]");
                     System.out.println("\t\t                  with policy: " + Policy.getPolicy().getClass().getName());
                     AccessController.checkPermission(perm2);
@@ -218,45 +216,16 @@
      * Initialize user test object.
      * </p>
      */
-    protected void initUser()
+    protected void initUser() throws SecurityException
     {
-        try
-        {
-            ums.addUser("anon", "password");
-        }
-        catch (SecurityException sex)
-        {
-        }
-        UserPrincipal user = new UserPrincipalImpl("anon");
-        PortletPermission perm1 = new PortletPermission("myportlet", "view");
-        PortletPermission perm2 = new PortletPermission("myportlet", "view, edit");
-        try
-        {
-            pms.addPermission(perm1);
-            pms.addPermission(perm2);
-
-            pms.grantPermission(user, perm1);
-            pms.grantPermission(user, perm2);
-        }
-        catch (SecurityException sex)
-        {
-            sex.printStackTrace();
-        }
-    }
+        
+        User user = addUser("anon", "password");
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "myportlet", "view");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.PORTLET_PERMISSION, "myportlet2", "view, edit");
+        pms.addPermission(perm1);
+        pms.addPermission(perm2);
 
-    /**
-     * <p>
-     * Destroy user test object.
-     * </p>
-     */
-    protected void destroyUser() throws Exception
-    {
-        ums.removeUser("anon");
-        // Remove permissions.
-        PortletPermission perm1 = new PortletPermission("myportlet", "view");
-        PortletPermission perm2 = new PortletPermission("myportlet", "view, edit");
-        pms.removePermission(perm1);
-        pms.removePermission(perm2);
+        pms.grantPermission(perm1, user);
+        pms.grantPermission(perm2, user);
     }
-
 }

Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicyFolder.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicyFolder.java?rev=702100&r1=702099&r2=702100&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicyFolder.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/TestRdbmsPolicyFolder.java Mon Oct  6 04:16:06 2008
@@ -18,6 +18,7 @@
 
 import java.security.AccessControlException;
 import java.security.AccessController;
+import java.security.Permission;
 import java.security.PrivilegedAction;
 
 import javax.security.auth.login.LoginContext;
@@ -28,8 +29,6 @@
 
 import org.apache.jetspeed.security.SecurityException;
 import org.apache.jetspeed.security.impl.PassiveCallbackHandler;
-import org.apache.jetspeed.security.spi.impl.BaseJetspeedPermission;
-import org.apache.jetspeed.security.spi.impl.FolderPermission;
 import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
 
 /**
@@ -82,7 +81,6 @@
             le.printStackTrace();
             assertTrue("\t\t[TestRdbmsPolicy - Folder] Failed to tear down test.", false);
         }
-        destroyUser();
         super.tearDown();
     }
 
@@ -101,12 +99,12 @@
 
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/test.xml", "edit");                    
-                    AccessController.checkPermission(perm1);
+                    JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/test.xml", "edit");                    
+                    AccessController.checkPermission((Permission)perm1);
                     return null;
                 }
             });
@@ -119,12 +117,12 @@
         // Should be denied.
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm2 = new FolderPermission.Factory().newPermission("/files/test.xml", "secure");
-                    AccessController.checkPermission(perm2);
+                    JetspeedPermission perm2 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/test.xml", "secure");
+                    AccessController.checkPermission((Permission)perm2);
                     return null;
                 }
             });
@@ -144,12 +142,12 @@
 
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/subfolder1/test.xml", "view");
-                    AccessController.checkPermission(perm1);
+                    JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder1/test.xml", "view");
+                    AccessController.checkPermission((Permission)perm1);
                     return null;
                 }
             });
@@ -162,12 +160,12 @@
         
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/subfolder1/foo", "view");
-                    AccessController.checkPermission(perm1);
+                    JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder1/foo", "view");
+                    AccessController.checkPermission((Permission)perm1);
                     return null;
                 }
             });
@@ -179,12 +177,12 @@
         
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/subfolder1/foo/anotherdoc.xml", "view");
-                    AccessController.checkPermission(perm1);
+                    JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder1/foo/anotherdoc.xml", "view");
+                    AccessController.checkPermission((Permission)perm1);
                     return null;
                 }
             });
@@ -197,12 +195,12 @@
         
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/subfolder2/test.xml", "view");
-                    AccessController.checkPermission(perm1);
+                    JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder2/test.xml", "view");
+                    AccessController.checkPermission((Permission)perm1);
                     return null;
                 }
             });
@@ -215,12 +213,12 @@
         
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/subfolder2/foo", "view");
-                    AccessController.checkPermission(perm1);
+                    JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder2/foo", "view");
+                    AccessController.checkPermission((Permission)perm1);
                     return null;
                 }
             });
@@ -232,12 +230,12 @@
         
         try
         {
-            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction()
+            JSSubject.doAs(loginContext.getSubject(), new PrivilegedAction<Object>()
             {
                 public Object run()
                 {
-                    BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/subfolder2/foo/anotherdoc.xml", "view");
-                    AccessController.checkPermission(perm1);
+                    JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder2/foo/anotherdoc.xml", "view");
+                    AccessController.checkPermission((Permission)perm1);
                     return null;
                 }
             });
@@ -252,53 +250,19 @@
     /**
      * <p>Initialize user test object.</p>
      */
-    protected void initUser()
+    protected void initUser() throws SecurityException
     {
-        User user = null;
-        try
-        {
-            user = ums.addUser("anon", false);
-            PasswordCredential pwc = ums.getPasswordCredential(user);
-            pwc.setPassword(null, "password");
-            ums.storePasswordCredential(pwc);
-        }
-        catch (SecurityException sex)
-        {
-            sex.printStackTrace();
-        }
+        User user = addUser("anon","password");
         
-        BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/test.xml", "edit");
-        BaseJetspeedPermission perm2 = new FolderPermission.Factory().newPermission("/files/subfolder1/*", "view");
-        BaseJetspeedPermission perm3 = new FolderPermission.Factory().newPermission("/files/subfolder2/-", "view");
-        try
-        {
-            pms.addPermission(perm1);
-            pms.addPermission(perm2);
-            pms.addPermission(perm3);
-            
-            pms.grantPermission(user, perm1);
-            pms.grantPermission(user, perm2);
-            pms.grantPermission(user, perm3);
-        }
-        catch (SecurityException sex)
-        {
-            sex.printStackTrace();
-        }
-    }
-
-    /**
-     * <p>Destroy user test object.</p>
-     */
-    protected void destroyUser() throws Exception
-    {
-        ums.removeUser("anon");
-
-        BaseJetspeedPermission perm1 = new FolderPermission.Factory().newPermission("/files/test.xml", "edit");
-        BaseJetspeedPermission perm2 = new FolderPermission.Factory().newPermission("/files/subfolder1/*", "view");
-        BaseJetspeedPermission perm3 = new FolderPermission.Factory().newPermission("/files/subfolder2/-", "view");
-        pms.removePermission(perm1);
-        pms.removePermission(perm2);
-        pms.removePermission(perm3);
+        JetspeedPermission perm1 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/test.xml", "edit");
+        JetspeedPermission perm2 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder1/*", "view");
+        JetspeedPermission perm3 = pms.newPermission(PermissionFactory.FOLDER_PERMISSION, "/files/subfolder2/-", "view");
+        pms.addPermission(perm1);
+        pms.addPermission(perm2);
+        pms.addPermission(perm3);
+        
+        pms.grantPermission(perm1, user);
+        pms.grantPermission(perm2, user);
+        pms.grantPermission(perm3, user);
     }
-
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message