Java tutorial
/** * personium.io * Copyright 2014 FUJITSU LIMITED * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.fujitsu.dc.test.jersey.box.acl; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import org.apache.http.HttpStatus; import org.json.simple.JSONObject; import org.junit.Test; import org.junit.experimental.categories.Category; import org.junit.runner.RunWith; import org.w3c.dom.Element; import org.w3c.dom.NodeList; import com.fujitsu.dc.core.DcCoreException; import com.fujitsu.dc.core.auth.OAuth2Helper; import com.fujitsu.dc.test.categories.Integration; import com.fujitsu.dc.test.categories.Regression; import com.fujitsu.dc.test.categories.Unit; import com.fujitsu.dc.test.jersey.AbstractCase; import com.fujitsu.dc.test.jersey.DcRunner; import com.fujitsu.dc.test.jersey.ODataCommon; import com.fujitsu.dc.test.setup.Setup; import com.fujitsu.dc.test.unit.core.UrlUtils; import com.fujitsu.dc.test.utils.AccountUtils; import com.fujitsu.dc.test.utils.BoxUtils; import com.fujitsu.dc.test.utils.CellUtils; import com.fujitsu.dc.test.utils.DavResourceUtils; import com.fujitsu.dc.test.utils.EntityTypeUtils; import com.fujitsu.dc.test.utils.Http; import com.fujitsu.dc.test.utils.ResourceUtils; import com.fujitsu.dc.test.utils.RoleUtils; import com.fujitsu.dc.test.utils.TResponse; import com.fujitsu.dc.test.utils.TestMethodUtils; import com.sun.jersey.test.framework.JerseyTest; import com.sun.jersey.test.framework.WebAppDescriptor; /** * BOXACL?. */ @RunWith(DcRunner.class) @Category({ Unit.class, Integration.class, Regression.class }) public class AclTest extends JerseyTest { private static final Map<String, String> INIT_PARAMS = new HashMap<String, String>(); static { INIT_PARAMS.put("com.sun.jersey.config.property.packages", "com.fujitsu.dc.core.rs"); INIT_PARAMS.put("com.sun.jersey.spi.container.ContainerRequestFilters", "com.fujitsu.dc.core.jersey.filter.DcCoreContainerFilter"); INIT_PARAMS.put("com.sun.jersey.spi.container.ContainerResponseFilters", "com.fujitsu.dc.core.jersey.filter.DcCoreContainerFilter"); } static final String TEST_CELL1 = "testcell1"; static final String TEST_ROLE1 = "role4"; static final String TEST_ROLE2 = "role5"; static final String TOKEN = AbstractCase.MASTER_TOKEN_NAME; static final String BOX_NAME = "box1"; static final String DEPTH = "0"; static final String ACL_ALL_TEST = "box/acl-setting-all.txt"; static final String ACL_SETTING_TEST = "box/acl-setting.txt"; static final String ACL_NULL_TEST = "box/acl-null.txt"; /** * . */ public AclTest() { super(new WebAppDescriptor.Builder(INIT_PARAMS).build()); } /** * BoxACLPrincipal?all??. */ @Test public final void ACL Principal?all??() { try { // Principal:all // Privilege:read?ACLbox1? DavResourceUtils.setACL(null, TOKEN, HttpStatus.SC_OK, TEST_CELL1 + "/" + BOX_NAME, ACL_ALL_TEST, null, "<D:read/>", ""); // PROPFIND?ACL?? TResponse tresponse = CellUtils.propfind(TEST_CELL1 + "/" + BOX_NAME, TOKEN, DEPTH, HttpStatus.SC_MULTI_STATUS); List<Map<String, List<String>>> list = new ArrayList<Map<String, List<String>>>(); Map<String, List<String>> map = new HashMap<String, List<String>>(); List<String> rolList = new ArrayList<String>(); rolList.add("all"); rolList.add("read"); list.add(map); Element root = tresponse.bodyAsXml().getDocumentElement(); String resorce = UrlUtils.box(TEST_CELL1, BOX_NAME); // UrlUtil???URL????? StringBuffer sb = new StringBuffer(resorce); sb.deleteCharAt(resorce.length() - 1); TestMethodUtils.aclResponseTest(root, sb.toString(), list, 1, UrlUtils.roleResource(TEST_CELL1, BOX_NAME, ""), null); // account1?box1? // ? JSONObject json = ResourceUtils.getLocalTokenByPassAuth(TEST_CELL1, "account1", "password1", -1); // ? String tokenStr = (String) json.get(OAuth2Helper.Key.ACCESS_TOKEN); // Box1???GET? ResourceUtils.accessResource("", tokenStr, HttpStatus.SC_OK, Setup.TEST_BOX1, TEST_CELL1); // ?box1???GET? ResourceUtils.accessResource("", "", HttpStatus.SC_OK, Setup.TEST_BOX1, TEST_CELL1); // AuthorizationHedder???box1???GET? ResourceUtils.accessResourceNoAuth("", HttpStatus.SC_OK, TEST_CELL1); // Box1???PUT??? DavResourceUtils.createWebDavFile(Setup.TEST_CELL1, tokenStr, "box/dav-put.txt", "hoge", Setup.TEST_BOX1, "text.txt", HttpStatus.SC_FORBIDDEN); // ?box1???PUT??? DavResourceUtils.createWebDavFile(Setup.TEST_CELL1, "", "box/dav-put.txt", "hoge", Setup.TEST_BOX1, "text.txt", HttpStatus.SC_UNAUTHORIZED); // AuthorizationHedder???box1???PUT??? DavResourceUtils.createWebDavFileNoAuthHeader(Setup.TEST_CELL1, "box/dav-put.txt", "hoge", Setup.TEST_BOX1, "text.txt", HttpStatus.SC_UNAUTHORIZED); } finally { // ? DavResourceUtils.deleteWebDavFile("box/dav-delete.txt", Setup.TEST_CELL1, TOKEN, "text.txt", -1, Setup.TEST_BOX1); // ACL??? Http.request("box/acl-authtest.txt") .with("cellPath", TEST_CELL1) .with("colname", "") .with("roleBaseUrl", UrlUtils.roleResource(TEST_CELL1, null, "")) .with("token", AbstractCase.MASTER_TOKEN_NAME) .with("level", "") .returns() .statusCode(HttpStatus.SC_OK); } } /** * BoxACLPrincipal?all?role???. */ @Test public final void BoxACL Principal?all?role?? ?() { try { // Principal:all Privilege:read // Principal:role1 Privilege:write // ?ACLbox1? setAclAllandRole(TEST_CELL1, TOKEN, HttpStatus.SC_OK, TEST_CELL1 + "/" + BOX_NAME, "box/acl-setting-all-role.txt", "role1", "<D:read/>", "<D:write/>", ""); // PROPFIND?ACL?? CellUtils.propfind(TEST_CELL1 + "/" + BOX_NAME, TOKEN, DEPTH, HttpStatus.SC_MULTI_STATUS); // account1?box1? // ? JSONObject json = ResourceUtils.getLocalTokenByPassAuth(TEST_CELL1, "account1", "password1", -1); // ? String tokenStr = (String) json.get(OAuth2Helper.Key.ACCESS_TOKEN); // Box1???GET? ResourceUtils.accessResource("", tokenStr, HttpStatus.SC_OK, Setup.TEST_BOX1, TEST_CELL1); // ?box1???GET? ResourceUtils.accessResource("", "", HttpStatus.SC_OK, Setup.TEST_BOX1, TEST_CELL1); // AuthorizationHedder???box1???GET? ResourceUtils.accessResourceNoAuth("", HttpStatus.SC_OK, TEST_CELL1); // Box1???PUT? DavResourceUtils.createWebDavFile(Setup.TEST_CELL1, tokenStr, "box/dav-put.txt", "hoge", Setup.TEST_BOX1, "text.txt", HttpStatus.SC_CREATED); // ?box1???PUT??? DavResourceUtils.createWebDavFile(Setup.TEST_CELL1, "", "box/dav-put.txt", "hoge", Setup.TEST_BOX1, "text.txt", HttpStatus.SC_UNAUTHORIZED); // AuthorizationHedder???box1???PUT??? DavResourceUtils.createWebDavFileNoAuthHeader(Setup.TEST_CELL1, "box/dav-put.txt", "hoge", Setup.TEST_BOX1, "text.txt", HttpStatus.SC_UNAUTHORIZED); } finally { // ? DavResourceUtils.deleteWebDavFile("box/dav-delete.txt", Setup.TEST_CELL1, TOKEN, "text.txt", -1, Setup.TEST_BOX1); // ACL??? Http.request("box/acl-authtest.txt") .with("cellPath", TEST_CELL1) .with("colname", "") .with("roleBaseUrl", UrlUtils.roleResource(TEST_CELL1, null, "")) .with("token", AbstractCase.MASTER_TOKEN_NAME) .with("level", "") .returns() .statusCode(HttpStatus.SC_OK); } } /** * BoxACL_?ACL??ACL?????????. */ @Test public final void BoxACL _?ACL??ACL? ????????() { try { // ?????????? // Principal:all // Privilege:read?ACLbox1? DavResourceUtils.setACL(null, TOKEN, HttpStatus.SC_OK, TEST_CELL1 + "/" + BOX_NAME, ACL_ALL_TEST, null, "<D:read/>", ""); // PROPFIND?ACL?? TResponse tresponse = CellUtils.propfind(TEST_CELL1 + "/" + BOX_NAME, TOKEN, DEPTH, HttpStatus.SC_MULTI_STATUS); // ACE?????????? NodeList list = tresponse.bodyAsXml().getElementsByTagNameNS("DAV:", "ace"); assertTrue(tresponse.getBody(), list.getLength() > 0); // ?ACL??ACL????? DavResourceUtils.setACL(TEST_CELL1, TOKEN, HttpStatus.SC_OK, "", ACL_NULL_TEST, null, null, ""); // PROPFIND?ACL?? TResponse tresponse2 = CellUtils.propfind(TEST_CELL1 + "/" + BOX_NAME, TOKEN, DEPTH, HttpStatus.SC_MULTI_STATUS); // ACE?????? NodeList list2 = tresponse2.bodyAsXml().getElementsByTagNameNS("DAV:", "ace"); assertTrue(tresponse2.getBody(), list2.getLength() == 0); } finally { // ACL??? Http.request("box/acl-authtest.txt").with("cellPath", TEST_CELL1).with("colname", "") .with("roleBaseUrl", UrlUtils.roleResource(TEST_CELL1, null, "")) .with("token", AbstractCase.MASTER_TOKEN_NAME).with("level", "").returns() .statusCode(HttpStatus.SC_OK); } } /** * Box????Role??ACL. */ @Test public final void Box????Role??ACL () { String testBox = "testBox01"; String testRole = "testRole01"; try { // Box?? BoxUtils.create(TEST_CELL1, testBox, TOKEN); // Box????Role?? RoleUtils.create(TEST_CELL1, TOKEN, testBox, testRole, HttpStatus.SC_CREATED); // Box?Role?ACL DavResourceUtils.setACLwithBox(TEST_CELL1, TOKEN, HttpStatus.SC_OK, testBox, "", ACL_SETTING_TEST, testRole, testBox, "<D:read/>", ""); // PROPFIND TResponse res = DavResourceUtils.propfind("box/propfind-box-allprop.txt", TOKEN, HttpStatus.SC_MULTI_STATUS, testBox); // PROPFIND?? List<Map<String, List<String>>> list = new ArrayList<Map<String, List<String>>>(); Map<String, List<String>> map = new HashMap<String, List<String>>(); List<String> rolList = new ArrayList<String>(); rolList.add("read"); list.add(map); map.put(testRole, rolList); Element root = res.bodyAsXml().getDocumentElement(); String resorce = UrlUtils.box(TEST_CELL1, testBox); // UrlUtil???URL????? StringBuffer sb = new StringBuffer(resorce); sb.deleteCharAt(resorce.length() - 1); TestMethodUtils.aclResponseTest(root, sb.toString(), list, 1, UrlUtils.roleResource(TEST_CELL1, testBox, ""), null); } finally { // Role? RoleUtils.delete(TEST_CELL1, TOKEN, testBox, testRole); // Box1? BoxUtils.delete(TEST_CELL1, TOKEN, testBox); } } /** * ?Box??????????Role???Box??????Role??ACL. */ @Test public final void ?Box??????????Role???Box??????Role??ACL () { String testBox = "testBox_27481"; String testRole = "testRole_27481"; try { // Box?? BoxUtils.create(TEST_CELL1, testBox, TOKEN); // Box????Role?? RoleUtils.create(TEST_CELL1, TOKEN, testBox, testRole, HttpStatus.SC_CREATED); // Box??????Role?? RoleUtils.create(TEST_CELL1, TOKEN, null, testRole, HttpStatus.SC_CREATED); // Box?Box?????Role?ACL DavResourceUtils.setACLwithBox(TEST_CELL1, TOKEN, HttpStatus.SC_OK, testBox, "", ACL_SETTING_TEST, testRole, null, "<D:read/>", ""); // PROPFIND TResponse res = DavResourceUtils.propfind("box/propfind-box-allprop.txt", TOKEN, HttpStatus.SC_MULTI_STATUS, testBox); // PROPFIND?? List<Map<String, List<String>>> list = new ArrayList<Map<String, List<String>>>(); Map<String, List<String>> map = new HashMap<String, List<String>>(); List<String> rolList = new ArrayList<String>(); rolList.add("read"); list.add(map); map.put("../__/" + testRole, rolList); Element root = res.bodyAsXml().getDocumentElement(); String resorce = UrlUtils.box(TEST_CELL1, testBox); // UrlUtil???URL????? StringBuffer sb = new StringBuffer(resorce); sb.deleteCharAt(resorce.length() - 1); TestMethodUtils.aclResponseTest(root, sb.toString(), list, 1, UrlUtils.roleResource(TEST_CELL1, testBox, ""), null); } finally { // Role?(Box?????) RoleUtils.delete(TEST_CELL1, TOKEN, testBox, testRole); // Role?(Box??????) RoleUtils.delete(TEST_CELL1, TOKEN, null, testRole); // Box? BoxUtils.delete(TEST_CELL1, TOKEN, testBox); } } /** * ACL?URL????. */ @Test public final void ACL ?URL????() { String testBox = "box1"; String testRole = UrlUtils.roleResource("hogeCell", testBox, "role1"); // Box1?Role?ACL DavResourceUtils.setACLwithRoleBaseUrl(TEST_CELL1, TOKEN, HttpStatus.SC_BAD_REQUEST, testBox, "", "box/acl-setting-baseurl.txt", testRole, "<D:read/>", ""); } /** * baseUrl??. */ @Test public final void baseUrl??() { String testBox1 = "testBox01"; String testBox2 = "testBox02"; String testRole02 = "testRole02"; String testRole = "../testBox02/testRole02"; try { // Box?? BoxUtils.create(TEST_CELL1, testBox1, TOKEN); BoxUtils.create(TEST_CELL1, testBox2, TOKEN); // Role?? RoleUtils.create(TEST_CELL1, TOKEN, testBox2, testRole02, HttpStatus.SC_CREATED); // Box?Role?ACL DavResourceUtils.setACLwithBox(TEST_CELL1, TOKEN, HttpStatus.SC_OK, testBox1, "", ACL_SETTING_TEST, testRole, testBox1, "<D:read/>", ""); // PROPFIND TResponse res = DavResourceUtils.propfind("box/propfind-box-allprop.txt", TOKEN, HttpStatus.SC_MULTI_STATUS, testBox1); // PROPFIND?? List<Map<String, List<String>>> list = new ArrayList<Map<String, List<String>>>(); Map<String, List<String>> map = new HashMap<String, List<String>>(); List<String> rolList = new ArrayList<String>(); rolList.add("read"); list.add(map); map.put(UrlUtils.aclRelativePath("testBox02", testRole02), rolList); Element root = res.bodyAsXml().getDocumentElement(); String resorce = UrlUtils.box(TEST_CELL1, testBox1); // UrlUtil???URL????? StringBuffer sb = new StringBuffer(resorce); sb.deleteCharAt(resorce.length() - 1); TestMethodUtils.aclResponseTest(root, sb.toString(), list, 1, UrlUtils.roleResource(TEST_CELL1, testBox1, ""), null); } finally { // Role? RoleUtils.delete(TEST_CELL1, TOKEN, testBox2, testRole02); // Box1? BoxUtils.delete(TEST_CELL1, TOKEN, testBox1); BoxUtils.delete(TEST_CELL1, TOKEN, testBox2); } } /** * BOXACL?href?URL????. */ @Test public final void BOXACL?href?URL? ???() { String testBox1 = "testBox01"; String testRole = "testRole02"; try { // Box?? BoxUtils.create(TEST_CELL1, testBox1, TOKEN); // Role?? RoleUtils.create(TEST_CELL1, TOKEN, testBox1, testRole, HttpStatus.SC_CREATED); // Box?Role?ACL DavResourceUtils.setACLwithRoleBaseUrl(TEST_CELL1, TOKEN, HttpStatus.SC_OK, testBox1, "", "box/acl-setting-baseurl.txt", UrlUtils.roleResource(TEST_CELL1, testBox1, testRole), "<D:read/>", ""); // PROPFIND TResponse res = DavResourceUtils.propfind("box/propfind-box-allprop.txt", TOKEN, HttpStatus.SC_MULTI_STATUS, testBox1); // PROPFIND?? List<Map<String, List<String>>> list = new ArrayList<Map<String, List<String>>>(); Map<String, List<String>> map = new HashMap<String, List<String>>(); List<String> rolList = new ArrayList<String>(); rolList.add("read"); list.add(map); map.put(testRole, rolList); Element root = res.bodyAsXml().getDocumentElement(); String resorce = UrlUtils.box(TEST_CELL1, testBox1); // UrlUtil???URL????? StringBuffer sb = new StringBuffer(resorce); sb.deleteCharAt(resorce.length() - 1); TestMethodUtils.aclResponseTest(root, sb.toString(), list, 1, UrlUtils.roleResource(TEST_CELL1, testBox1, ""), null); } finally { // Role? RoleUtils.delete(TEST_CELL1, TOKEN, testBox1, testRole); // Box1? BoxUtils.delete(TEST_CELL1, TOKEN, testBox1); } } /** * BOXACL?requireSchemaAuth????????. */ @Test public final void BOXACL?requireSchemaAuth ????????() { try { String requireSchamaAuthz = "public"; // Principal:all // Privilege:read?ACLbox1? DavResourceUtils.setACL(null, TOKEN, HttpStatus.SC_OK, TEST_CELL1 + "/" + BOX_NAME, ACL_ALL_TEST, null, "<D:read/>", requireSchamaAuthz); // PROPFIND?ACL?? TResponse tresponse = CellUtils.propfind(TEST_CELL1 + "/" + BOX_NAME, TOKEN, DEPTH, HttpStatus.SC_MULTI_STATUS); List<Map<String, List<String>>> list = new ArrayList<Map<String, List<String>>>(); Map<String, List<String>> map = new HashMap<String, List<String>>(); List<String> rolList = new ArrayList<String>(); rolList.add("all"); rolList.add("read"); list.add(map); Element root = tresponse.bodyAsXml().getDocumentElement(); String resorce = UrlUtils.box(TEST_CELL1, BOX_NAME); // UrlUtil???URL????? StringBuffer sb = new StringBuffer(resorce); sb.deleteCharAt(resorce.length() - 1); TestMethodUtils.aclResponseTest(root, sb.toString(), list, 1, UrlUtils.roleResource(TEST_CELL1, BOX_NAME, ""), requireSchamaAuthz); } finally { // ACL??? Http.request("box/acl-authtest.txt").with("cellPath", TEST_CELL1).with("colname", "") .with("roleBaseUrl", UrlUtils.roleResource(TEST_CELL1, null, "")) .with("token", AbstractCase.MASTER_TOKEN_NAME).with("level", "").returns() .statusCode(HttpStatus.SC_OK); } } /** * BoxACL????. */ @Test public final void BoxACL ????() { String box2 = "box2"; String roleNotDelete = "role001"; String roleDelete = "role002"; try { // box2????? RoleUtils.create(TEST_CELL1, TOKEN, box2, roleNotDelete, HttpStatus.SC_CREATED); RoleUtils.create(TEST_CELL1, TOKEN, box2, roleDelete, HttpStatus.SC_CREATED); // ACLtestcell1/box2? DavResourceUtils.setACLwithBox(TEST_CELL1, AbstractCase.BEARER_MASTER_TOKEN, HttpStatus.SC_OK, box2, "", "box/acl-2role-setting.txt", roleNotDelete, roleDelete, box2, "<D:read/>", "<D:write/>", ""); // role RoleUtils.delete(TEST_CELL1, TOKEN, box2, roleDelete, HttpStatus.SC_NO_CONTENT); // PROPFIND?testcell1/box2?ACL? TResponse tresponse = DavResourceUtils.propfind("box/propfind-box-allprop.txt", TOKEN, HttpStatus.SC_MULTI_STATUS, box2); // role002??????=ace???? NodeList list = tresponse.bodyAsXml().getElementsByTagNameNS("DAV:", "ace"); assertTrue(tresponse.getBody(), list.getLength() == 1); // role001???? assertTrue(tresponse.getBody(), list.item(0).getTextContent().indexOf(roleNotDelete) > -1); } finally { // ? RoleUtils.delete(TEST_CELL1, TOKEN, box2, roleNotDelete, -1); RoleUtils.delete(TEST_CELL1, TOKEN, box2, roleDelete, -1); // ACL??? Http.request("box/acl-authtest.txt").with("cellPath", TEST_CELL1).with("colname", "") .with("roleBaseUrl", UrlUtils.roleResource(TEST_CELL1, null, "")) .with("token", AbstractCase.MASTER_TOKEN_NAME).with("level", "").returns() .statusCode(HttpStatus.SC_OK); } } /** * BoxACL????. */ @Test public final void BoxACL ????() { String box2 = "box2"; String roleDelete = "role002"; try { // box2????? RoleUtils.create(TEST_CELL1, TOKEN, null, roleDelete, HttpStatus.SC_CREATED); // ACLtestcell1/box2? DavResourceUtils.setACLwithBox(TEST_CELL1, TOKEN, HttpStatus.SC_OK, box2, "", ACL_SETTING_TEST, roleDelete, null, "<D:read/>", ""); // role RoleUtils.delete(TEST_CELL1, TOKEN, null, roleDelete, HttpStatus.SC_NO_CONTENT); // PROPFIND?testcell1/box2?ACL? TResponse tresponse = DavResourceUtils.propfind("box/propfind-box-allprop.txt", TOKEN, HttpStatus.SC_MULTI_STATUS, box2); // role002??????=principal??? NodeList list = tresponse.bodyAsXml().getElementsByTagNameNS("DAV:", "principal"); assertTrue(tresponse.getBody(), list.getLength() == 0); } finally { // ? RoleUtils.delete(TEST_CELL1, TOKEN, null, roleDelete, -1); // ACL??? Http.request("box/acl-authtest.txt").with("cellPath", TEST_CELL1).with("colname", "") .with("roleBaseUrl", UrlUtils.roleResource(TEST_CELL1, null, "")) .with("token", AbstractCase.MASTER_TOKEN_NAME).with("level", "").returns() .statusCode(HttpStatus.SC_OK); } } /** * ???Box???404?????. */ @Test public final void ???Box???404?????() { // ???Box?ACL TResponse res = DavResourceUtils.setACLwithBox(TEST_CELL1, TOKEN, HttpStatus.SC_NOT_FOUND, "noneExistBox", "", ACL_SETTING_TEST, "role", "noneExistBox", "<D:read/>", ""); String boxUrl = UrlUtils.boxRoot(TEST_CELL1, "noneExistBox"); DcCoreException expectedException = DcCoreException.Dav.BOX_NOT_FOUND.params(boxUrl); ODataCommon.checkErrorResponseBody(res, expectedException.getCode(), expectedException.getMessage()); } /** * roleBaseUrl????Box???400?????. */ @Test public final void roleBaseUrl????Box???400?????() { String testBox = "testBox01"; String testRole = "testRole01"; try { // Box?? BoxUtils.create(TEST_CELL1, testBox, TOKEN); // Box????Role?? RoleUtils.create(TEST_CELL1, TOKEN, testBox, testRole, HttpStatus.SC_CREATED); // ???Box?ACL DavResourceUtils.setACLwithBox(TEST_CELL1, TOKEN, HttpStatus.SC_BAD_REQUEST, testBox, "", ACL_SETTING_TEST, testRole, "noneExistBox", "<D:read/>", ""); } finally { // Role? RoleUtils.delete(TEST_CELL1, TOKEN, testBox, testRole); // Box1? BoxUtils.delete(TEST_CELL1, TOKEN, testBox); } } /** * ???Cellxml:base???BoxACL???400?????. */ @Test public final void ???Cellxml_base???BoxACL ???400?????() { String testBox = "testBox01"; String testRole = "testRole01"; try { // Box?? BoxUtils.create(TEST_CELL1, testBox, TOKEN); // Box????Role?? RoleUtils.create(TEST_CELL1, TOKEN, testBox, testRole, HttpStatus.SC_CREATED); // ???Cellxml:base???ACL DavResourceUtils.setACLwithRoleBaseUrl(TEST_CELL1, TOKEN, HttpStatus.SC_BAD_REQUEST, testBox, "", testRole, ACL_SETTING_TEST, UrlUtils.roleResource("notExistsCell", "__", testRole), "<D:read/>", ""); } finally { // Role? RoleUtils.delete(TEST_CELL1, TOKEN, testBox, testRole); // Box1? BoxUtils.delete(TEST_CELL1, TOKEN, testBox); } } /** * Role???????Box?????400?????. */ @Test public final void Role???????Box?????400?????() { String testBox = "testBox01"; String testRole = "testRole01"; try { // Box?? BoxUtils.create(TEST_CELL1, testBox, TOKEN); // Box?????Role?? createRole(TEST_CELL1, TOKEN, testRole, HttpStatus.SC_CREATED); // Box?Role?ACL DavResourceUtils.setACLwithBox(TEST_CELL1, TOKEN, HttpStatus.SC_BAD_REQUEST, testBox, "", ACL_SETTING_TEST, testRole, testBox, "<D:read/>", ""); } finally { // Role? RoleUtils.delete(TEST_CELL1, TOKEN, null, testRole); // Box1? BoxUtils.delete(TEST_CELL1, TOKEN, testBox); } } /** * principal??????400?????. */ @Test public final void principal??? ???400?????() { String body = "<D:acl xmlns:D='DAV:' xml:base='" + UrlUtils.roleResource(TEST_CELL1, null, Setup.TEST_BOX1) + "'>" + "<D:ace>" + "<D:principal>" + "<D:test/>" + "</D:principal>" + "<D:grant>" + "<D:privilege>" + "<D:all/>" + "</D:privilege>" + "</D:grant>" + "</D:ace>" + "</D:acl>"; TResponse res = Http.request("box/acl-setting-none-body.txt").with("cell", TEST_CELL1) .with("box", Setup.TEST_BOX1).with("colname", Setup.TEST_ODATA) .with("token", AbstractCase.MASTER_TOKEN_NAME).with("body", body).returns() .statusCode(HttpStatus.SC_BAD_REQUEST); res.checkErrorResponse(DcCoreException.Dav.XML_VALIDATE_ERROR.getCode(), DcCoreException.Dav.XML_VALIDATE_ERROR.getMessage()); } /** * ????Account??Role?????????????Role???????????_403?????. * ??#34823???????Role?????500??? */ @Test public final void ????Account??Role???????? ?????Role???????????_403?????() { String cellName = "cellAclTest"; String boxName = "boxAclTest"; String colName = "colAclTest"; String account = "accountAclTest"; String role1 = "roleAclTest1"; String role2 = "roleAclTest2"; try { // ?????Box?Collection?ACL???Role?????ACL??<acl><ace/></acl>????ace??? CellUtils.create(cellName, AbstractCase.MASTER_TOKEN_NAME, -1); BoxUtils.create(cellName, boxName, AbstractCase.MASTER_TOKEN_NAME, -1); DavResourceUtils.createODataCollection(AbstractCase.MASTER_TOKEN_NAME, -1, cellName, boxName, colName); AccountUtils.create(AbstractCase.MASTER_TOKEN_NAME, cellName, account, "password", -1); RoleUtils.create(cellName, AbstractCase.MASTER_TOKEN_NAME, boxName, role1, -1); AccountUtils.createLinkWithRole(AbstractCase.MASTER_TOKEN_NAME, cellName, boxName, account, role1, -1); // Box?ACL Http.request("box/acl-setting-single.txt").with("cell", cellName).with("box", boxName) .with("token", AbstractCase.MASTER_TOKEN_NAME).with("role1", role1) .with("roleBaseUrl", UrlUtils.roleResource(cellName, boxName, role1)).returns().statusCode(-1); // Collection?ACL Http.request("box/acl-setting-single.txt").with("cell", cellName).with("box", boxName + "/" + colName) .with("token", AbstractCase.MASTER_TOKEN_NAME).with("role1", role1) .with("roleBaseUrl", UrlUtils.roleResource(cellName, boxName, role1)).returns().statusCode(-1); // ?Role???????? JSONObject json = ResourceUtils.getLocalTokenByPassAuth(cellName, account, "password", -1); String accessToken = json.get("access_token").toString(); // ACL???Role? AccountUtils.deleteLinksWithRole(cellName, boxName, AbstractCase.MASTER_TOKEN_NAME, account, role1, -1); RoleUtils.delete(cellName, AbstractCase.MASTER_TOKEN_NAME, boxName, role1); // ??Role??????????ace??????????ACL??????Role?? RoleUtils.create(cellName, AbstractCase.MASTER_TOKEN_NAME, boxName, role2, -1); AccountUtils.createLinkWithRole(AbstractCase.MASTER_TOKEN_NAME, cellName, boxName, account, role2, -1); // ???? // Box????(403?????) DavResourceUtils.createODataCollection(accessToken, HttpStatus.SC_FORBIDDEN, cellName, boxName, "dummycol"); // Collection????(403?????) EntityTypeUtils.create(cellName, accessToken, boxName, colName, "dummyEntityType", HttpStatus.SC_FORBIDDEN); } finally { CellUtils.bulkDeletion(AbstractCase.BEARER_MASTER_TOKEN, cellName); } } /** * ACL. * @param cell ?? * @param token * @param code ?? * @param path ?? * @param settingFile ACL * @param role ACL??PrincipalRole * @param privilege1 ACL???1 * @param privilege2 ACL???2 * @param level ?level * @return ? */ private static TResponse setAclAllandRole(String cell, String token, int code, String path, String settingFile, String role, String privilege1, String privilege2, String level) { TResponse tresponseWebDav = null; // ACL? tresponseWebDav = Http.request(settingFile) .with("cellPath", cell) .with("colname", path) .with("token", token) .with("role", role) .with("privilege1", privilege1) .with("privilege2", privilege2) .with("roleBaseUrl", UrlUtils.roleResource(cell, null, "")) .with("level", level) .returns() .statusCode(code); return tresponseWebDav; } /** * Role??. * @param cellName ?? * @param token * @param roleName ?? * @param code ? */ @SuppressWarnings("unchecked") public static void createRole(final String cellName, final String token, final String roleName, final int code) { JSONObject body = new JSONObject(); body.put("Name", roleName); TResponse res = Http.request("role-create.txt").with("token", token).with("cellPath", cellName) .with("body", body.toString()).returns(); assertEquals(code, res.getStatusCode()); } }