1
2
3
4
5 package org.kuali.student.kim.permission.mock;
6
7 import java.util.LinkedHashMap;
8 import java.util.List;
9 import java.util.Map;
10 import org.junit.*;
11 import static org.junit.Assert.*;
12 import org.kuali.rice.kim.api.KimConstants;
13 import org.kuali.rice.kim.api.common.template.Template;
14 import org.kuali.rice.kim.api.permission.Permission;
15 import org.kuali.rice.kim.api.permission.PermissionService;
16 import org.kuali.rice.kim.api.role.*;
17
18
19
20
21
22 public class TestRoleAndPermissionServiceMockImpl {
23
24 public TestRoleAndPermissionServiceMockImpl() {
25 }
26 private RoleService roleService;
27 private PermissionService permissionService;
28 private static final String CENTRAL_ADMIN1 = "CENTRAL_ADMIN1";
29 private static final String DEPT_ADMIN1 = "DEPT_ADMIN1";
30 private static final String DEPT_ADMIN2 = "DEPT_ADMIN2";
31 private static final String DEPT_ADMIN3 = "DEPT_ADMIN3";
32 private static final String CO_CREATE_MAINTENANCE_VIEW = "KS-CourseOffering-Create-MaintenanceView";
33 private static final String ROLLOVER_MANAGEMENT_VIEW = "KS-CourseOfferingRolloverManagement-View";
34
35 @BeforeClass
36 public static void setUpClass() throws Exception {
37 }
38
39 @AfterClass
40 public static void tearDownClass() throws Exception {
41 }
42
43 @Before
44 public void setUp() {
45 RoleAndPermissionServiceMockImpl impl = new RoleAndPermissionServiceMockImpl();
46 impl.setGroupService(new GroupServiceMockImpl());
47 this.roleService = impl;
48 this.permissionService = impl;
49 this.loadNeededTemplates();
50 }
51
52 protected void loadNeededTemplates() {
53 this.createTemplate(KimPermissionConstants.KS_ENRL_NAMESPACE, KimPermissionConstants.CAN_INVOKE_SERVICE_METHOD_TEMPLATE_NAME, KimPermissionConstants.DEFAULT_KIM_TYPE_ID);
54 this.createTemplate(KimPermissionConstants.KR_KRAD_NAMESPACE, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, KimPermissionConstants.KRAD_VIEW_KIM_TYPE_ID);
55 this.createTemplate(KimPermissionConstants.KR_KRAD_NAMESPACE, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, KimPermissionConstants.KRAD_VIEW_KIM_TYPE_ID);
56 }
57
58 protected Template createTemplate(String namespaceCode, String name, String kimTypeId) {
59 return this.createTemplate(namespaceCode, name, name, kimTypeId);
60 }
61
62 protected Template createTemplate(String namespaceCode, String name, String description, String kimTypeId) {
63
64 RoleAndPermissionServiceMockImpl impl = (RoleAndPermissionServiceMockImpl) this.roleService;
65 Template.Builder bldr = Template.Builder.create(namespaceCode, name, kimTypeId);
66 bldr.setDescription(description);
67 bldr.setActive(true);
68 Template template = impl.createTemplate(bldr.build());
69 return template;
70 }
71
72 @After
73 public void tearDown() {
74 }
75
76
77
78
79 @Test
80 public void testBasicOperations() {
81 System.out.println("test basic operations");
82
83 Template CAN_INVOKE_SERVICE_METHOD_TEMPLATE =
84 this.permissionService.findPermTemplateByNamespaceCodeAndName(KimPermissionConstants.KS_ENRL_NAMESPACE,
85 KimPermissionConstants.CAN_INVOKE_SERVICE_METHOD_TEMPLATE_NAME);
86 assertNotNull(CAN_INVOKE_SERVICE_METHOD_TEMPLATE);
87
88 Template OPEN_VIEW_TEMPLATE =
89 this.permissionService.findPermTemplateByNamespaceCodeAndName(KimPermissionConstants.KR_KRAD_NAMESPACE,
90 KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME);
91 assertNotNull(OPEN_VIEW_TEMPLATE);
92
93 Template EDIT_VIEW_TEMPLATE =
94 this.permissionService.findPermTemplateByNamespaceCodeAndName(KimPermissionConstants.KR_KRAD_NAMESPACE,
95 KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME);
96 assertNotNull(EDIT_VIEW_TEMPLATE);
97
98
99 Permission CREATE_ACTIVITY_OFFERING_PERMISSION =
100 this.createPermission(KimPermissionConstants.CREATE_ACTIVITYOFFERING_PERMISSION,
101 CAN_INVOKE_SERVICE_METHOD_TEMPLATE,
102 null);
103
104 Permission CREATE_SOC_PERMISSION =
105 this.createPermission(KimPermissionConstants.CREATE_SOC_PERMISSION,
106 CAN_INVOKE_SERVICE_METHOD_TEMPLATE,
107 null);
108
109 Permission OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION =
110 this.createPermission(KimPermissionConstants.OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION,
111 OPEN_VIEW_TEMPLATE,
112 CO_CREATE_MAINTENANCE_VIEW);
113
114 Permission EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION =
115 this.createPermission(KimPermissionConstants.EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION,
116 EDIT_VIEW_TEMPLATE,
117 CO_CREATE_MAINTENANCE_VIEW);
118
119 Permission OPEN_VIEWS_FOR_SOC_PERMISSION =
120 this.createPermission(KimPermissionConstants.OPEN_VIEWS_FOR_SOC_PERMISSION,
121 OPEN_VIEW_TEMPLATE,
122 ROLLOVER_MANAGEMENT_VIEW);
123
124 Permission EDIT_VIEWS_FOR_SOC_PERMISSION =
125 this.createPermission(KimPermissionConstants.EDIT_VIEWS_FOR_SOC_PERMISSION,
126 EDIT_VIEW_TEMPLATE,
127 ROLLOVER_MANAGEMENT_VIEW);
128
129
130 Role CENTRAL_ADMIN_ROLE = createRole(KimPermissionConstants.KS_ENRL_NAMESPACE,
131 KimPermissionConstants.KUALI_STUDENT_COURSE_OFFERING_CENTRAL_ADMIN_ROLE_NAME,
132 KimPermissionConstants.DEFAULT_KIM_TYPE_ID);
133 Role DEPT_ADMIN_ROLE = createRole(KimPermissionConstants.KS_ENRL_NAMESPACE,
134 KimPermissionConstants.KUALI_STUDENT_COURSE_OFFERING_DEPARTMENTAL_ADMIN_ROLE_NAME,
135 KimPermissionConstants.DEFAULT_KIM_TYPE_ID);
136
137
138 this.roleService.assignPermissionToRole(CREATE_ACTIVITY_OFFERING_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId());
139 this.roleService.assignPermissionToRole(CREATE_SOC_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId());
140 this.roleService.assignPermissionToRole(CREATE_ACTIVITY_OFFERING_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId());
141
142 this.roleService.assignPermissionToRole(OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId());
143 this.roleService.assignPermissionToRole(EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId());
144 this.roleService.assignPermissionToRole(OPEN_VIEWS_FOR_SOC_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId());
145 this.roleService.assignPermissionToRole(EDIT_VIEWS_FOR_SOC_PERMISSION.getId(), CENTRAL_ADMIN_ROLE.getId());
146
147 this.roleService.assignPermissionToRole(OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId());
148 this.roleService.assignPermissionToRole(EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId());
149 this.roleService.assignPermissionToRole(OPEN_VIEWS_FOR_SOC_PERMISSION.getId(), DEPT_ADMIN_ROLE.getId());
150
151 List<String> roleIds = this.permissionService.getRoleIdsForPermission(CREATE_ACTIVITY_OFFERING_PERMISSION.getNamespaceCode(),
152 CREATE_ACTIVITY_OFFERING_PERMISSION.getName());
153 assertEquals(2, roleIds.size());
154 assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId()));
155 assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId()));
156
157 roleIds = this.permissionService.getRoleIdsForPermission(CREATE_SOC_PERMISSION.getNamespaceCode(),
158 CREATE_SOC_PERMISSION.getName());
159 assertEquals(1, roleIds.size());
160 assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId()));
161
162 roleIds = this.permissionService.getRoleIdsForPermission(OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getNamespaceCode(),
163 OPEN_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getName());
164 assertEquals(2, roleIds.size());
165 assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId()));
166 assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId()));
167
168 roleIds = this.permissionService.getRoleIdsForPermission(EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getNamespaceCode(),
169 EDIT_VIEWS_FOR_COURSE_OFFERING_PERMISSION.getName());
170 assertEquals(2, roleIds.size());
171 assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId()));
172 assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId()));
173
174
175 roleIds = this.permissionService.getRoleIdsForPermission(OPEN_VIEWS_FOR_SOC_PERMISSION.getNamespaceCode(),
176 OPEN_VIEWS_FOR_SOC_PERMISSION.getName());
177 assertEquals(2, roleIds.size());
178 assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId()));
179 assertTrue(roleIds.contains(DEPT_ADMIN_ROLE.getId()));
180
181 roleIds = this.permissionService.getRoleIdsForPermission(EDIT_VIEWS_FOR_SOC_PERMISSION.getNamespaceCode(),
182 EDIT_VIEWS_FOR_SOC_PERMISSION.getName());
183 assertEquals(1, roleIds.size());
184 assertTrue(roleIds.contains(CENTRAL_ADMIN_ROLE.getId()));
185
186
187 this.assignPrincipal2Role(CENTRAL_ADMIN1, CENTRAL_ADMIN_ROLE, null);
188 this.assignPrincipal2Role(DEPT_ADMIN1, DEPT_ADMIN_ROLE, "ENGL");
189 this.assignPrincipal2Role(DEPT_ADMIN2, DEPT_ADMIN_ROLE, "PHYS");
190 this.assignPrincipal2Role(DEPT_ADMIN3, DEPT_ADMIN_ROLE, "ENGL");
191 this.assignPrincipal2Role(DEPT_ADMIN3, DEPT_ADMIN_ROLE, "PHYS");
192
193
194 assertTrue(isAuthorizedByTemplate(CENTRAL_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW));
195 assertTrue(isAuthorizedByTemplate(CENTRAL_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW));
196 assertTrue(isAuthorizedByTemplate(CENTRAL_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW));
197 assertTrue(isAuthorizedByTemplate(CENTRAL_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW));
198
199 assertTrue(isAuthorizedByTemplate(DEPT_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW));
200 assertTrue(isAuthorizedByTemplate(DEPT_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, CO_CREATE_MAINTENANCE_VIEW));
201 assertTrue(isAuthorizedByTemplate(DEPT_ADMIN1, KimPermissionConstants.OPEN_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW));
202 assertFalse(isAuthorizedByTemplate(DEPT_ADMIN1, KimPermissionConstants.EDIT_VIEW_TEMPLATE_NAME, ROLLOVER_MANAGEMENT_VIEW));
203
204 assertTrue (isAuthorized(CENTRAL_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL"));
205 assertTrue (isAuthorized(CENTRAL_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS"));
206 assertTrue (isAuthorized(CENTRAL_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH"));
207
208 assertTrue (isAuthorized(DEPT_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL"));
209 assertFalse(isAuthorized(DEPT_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS"));
210 assertFalse(isAuthorized(DEPT_ADMIN1, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH"));
211
212 assertFalse (isAuthorized(DEPT_ADMIN2, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL"));
213 assertTrue (isAuthorized(DEPT_ADMIN2, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS"));
214 assertFalse (isAuthorized(DEPT_ADMIN2, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH"));
215
216 assertTrue (isAuthorized(DEPT_ADMIN3, CREATE_ACTIVITY_OFFERING_PERMISSION, "ENGL"));
217 assertTrue (isAuthorized(DEPT_ADMIN3, CREATE_ACTIVITY_OFFERING_PERMISSION, "PHYS"));
218 assertFalse (isAuthorized(DEPT_ADMIN3, CREATE_ACTIVITY_OFFERING_PERMISSION, "MATH"));
219
220 }
221
222 private boolean isAuthorized (String principalId, Permission permission, String subjArea) {
223 Map<String, String> details = new LinkedHashMap<String, String>();
224 if (subjArea != null) {
225 details.put(KimPermissionConstants.SUBJECT_AREA_ATTR_DEFINITION, subjArea);
226 }
227 return this.permissionService.isAuthorized(principalId, permission.getNamespaceCode(), permission.getName(), details);
228 }
229 private Permission createPermission(String permName, Template template, String viewId) {
230 Map<String, String> details = new LinkedHashMap<String, String>();
231 if (viewId != null) {
232 details.put(KimPermissionConstants.VIEW_ID_ATTR_DEFINITION, viewId);
233 }
234 Permission permission = createPermission(template,
235 KimPermissionConstants.KS_ENRL_NAMESPACE,
236 permName, details);
237 return permission;
238 }
239
240 private RoleMember assignPrincipal2Role(String principalId, Role role, String subjArea) {
241 Map<String, String> qualifiers = new LinkedHashMap<String, String>();
242 if (subjArea != null) {
243 qualifiers.put(KimPermissionConstants.SUBJECT_AREA_ATTR_DEFINITION, subjArea);
244 }
245 RoleMember roleMember = this.roleService.assignPrincipalToRole(principalId, role.getNamespaceCode(), role.getName(), qualifiers);
246 assertEquals(principalId, roleMember.getMemberId());
247 assertEquals(role.getId(), roleMember.getRoleId());
248 assertEquals(KimConstants.KimGroupMemberTypes.PRINCIPAL_MEMBER_TYPE, roleMember.getType());
249 assertEquals(qualifiers, roleMember.getAttributes());
250 List<String> roleIds = this.roleService.getMemberParentRoleIds(KimConstants.KimGroupMemberTypes.PRINCIPAL_MEMBER_TYPE.getCode(), principalId);
251
252 assertTrue(roleIds.contains(role.getId()));
253 return roleMember;
254
255 }
256
257 private boolean isAuthorizedByTemplate(String principalId, String templateName, String viewId) {
258 Map<String, String> details = new LinkedHashMap<String, String>();
259 details.put(KimPermissionConstants.VIEW_ID_ATTR_DEFINITION, viewId);
260 Map<String, String> qualifiers = new LinkedHashMap<String, String>();
261 return this.permissionService.isAuthorizedByTemplate(principalId, KimPermissionConstants.KR_KRAD_NAMESPACE, templateName, details, qualifiers);
262 }
263
264 private Permission createPermission(Template template, String namespaceCode, String name, Map<String, String> details) {
265 Permission.Builder bldr = Permission.Builder.create(namespaceCode, name);
266 bldr.setTemplate(Template.Builder.create(template));
267 bldr.setActive(true);
268 bldr.setAttributes(details);
269
270 Permission fromCreate = this.permissionService.createPermission(bldr.build());
271 assertEquals(namespaceCode, fromCreate.getNamespaceCode());
272 assertEquals(name, fromCreate.getName());
273 assertNotNull(fromCreate.getId());
274 assertNotNull(fromCreate.getVersionNumber());
275 assertTrue(fromCreate.isActive());
276 assertEquals(details, fromCreate.getAttributes());
277 assertNull(fromCreate.getDescription());
278
279 bldr = Permission.Builder.create(fromCreate);
280 bldr.setDescription(namespaceCode + " " + name);
281 Permission fromUpdate = this.permissionService.updatePermission(bldr.build());
282 assertEquals(fromCreate.getNamespaceCode(), fromUpdate.getNamespaceCode());
283 assertEquals(fromCreate.getName(), fromUpdate.getName());
284 assertEquals(fromCreate.getId(), fromUpdate.getId());
285 assertNotSame(fromCreate.getVersionNumber(), fromUpdate.getVersionNumber());
286 assertEquals(fromCreate.isActive(), fromUpdate.isActive());
287 assertEquals(fromCreate.getAttributes(), fromUpdate.getAttributes());
288 assertEquals(bldr.getDescription(), fromUpdate.getDescription());
289
290 Permission fromGet = this.permissionService.getPermission(fromUpdate.getId());
291 assertEquals(fromUpdate.getNamespaceCode(), fromGet.getNamespaceCode());
292 assertEquals(fromUpdate.getName(), fromGet.getName());
293 assertEquals(fromUpdate.getId(), fromGet.getId());
294 assertEquals(fromUpdate.getVersionNumber(), fromGet.getVersionNumber());
295 assertEquals(fromUpdate.isActive(), fromGet.isActive());
296 assertEquals(fromUpdate.getAttributes(), fromGet.getAttributes());
297 assertEquals(fromUpdate.getDescription(), fromGet.getDescription());
298
299 Permission fromFind = this.permissionService.findPermByNamespaceCodeAndName(namespaceCode, name);
300 assertEquals(fromUpdate.getNamespaceCode(), fromFind.getNamespaceCode());
301 assertEquals(fromUpdate.getName(), fromFind.getName());
302 assertEquals(fromUpdate.getId(), fromFind.getId());
303 assertEquals(fromUpdate.getVersionNumber(), fromFind.getVersionNumber());
304 assertEquals(fromUpdate.isActive(), fromFind.isActive());
305 assertEquals(fromUpdate.getAttributes(), fromFind.getAttributes());
306 assertEquals(fromUpdate.getDescription(), fromFind.getDescription());
307
308 return fromFind;
309 }
310
311 private Role createRole(String namespaceCode, String name, String kimTypeId) {
312 Role.Builder bldr = Role.Builder.create();
313 bldr.setNamespaceCode(namespaceCode);
314 bldr.setName(name);
315 bldr.setKimTypeId(kimTypeId);
316 bldr.setActive(true);
317
318 Role fromCreate = this.roleService.createRole(bldr.build());
319 assertEquals(namespaceCode, fromCreate.getNamespaceCode());
320 assertEquals(name, fromCreate.getName());
321 assertEquals(kimTypeId, fromCreate.getKimTypeId());
322 assertNotNull(fromCreate.getId());
323 assertNotNull(fromCreate.getVersionNumber());
324 assertTrue(fromCreate.isActive());
325 assertNull(fromCreate.getDescription());
326
327
328 bldr = Role.Builder.create(fromCreate);
329 bldr.setDescription(namespaceCode + " " + name);
330 Role fromUpdate = this.roleService.updateRole(bldr.build());
331 assertEquals(fromCreate.getNamespaceCode(), fromUpdate.getNamespaceCode());
332 assertEquals(fromCreate.getName(), fromUpdate.getName());
333 assertEquals(fromCreate.getId(), fromUpdate.getId());
334 assertNotSame(fromCreate.getVersionNumber(), fromUpdate.getVersionNumber());
335 assertEquals(fromCreate.isActive(), fromUpdate.isActive());
336 assertEquals(bldr.getDescription(), fromUpdate.getDescription());
337
338 Role fromGet = this.roleService.getRole(fromUpdate.getId());
339 assertEquals(fromUpdate.getNamespaceCode(), fromGet.getNamespaceCode());
340 assertEquals(fromUpdate.getName(), fromGet.getName());
341 assertEquals(fromUpdate.getKimTypeId(), fromGet.getKimTypeId());
342 assertEquals(fromUpdate.getId(), fromGet.getId());
343 assertEquals(fromUpdate.getVersionNumber(), fromGet.getVersionNumber());
344 assertEquals(fromUpdate.isActive(), fromGet.isActive());
345 assertEquals(fromUpdate.getDescription(), fromGet.getDescription());
346
347 Role fromFind = this.roleService.getRoleByNamespaceCodeAndName(namespaceCode, name);
348 assertEquals(fromUpdate.getNamespaceCode(), fromFind.getNamespaceCode());
349 assertEquals(fromUpdate.getName(), fromFind.getName());
350 assertEquals(fromUpdate.getKimTypeId(), fromFind.getKimTypeId());
351 assertEquals(fromUpdate.getId(), fromFind.getId());
352 assertEquals(fromUpdate.getVersionNumber(), fromFind.getVersionNumber());
353 assertEquals(fromUpdate.isActive(), fromFind.isActive());
354 assertEquals(fromUpdate.getDescription(), fromFind.getDescription());
355
356
357
358 return fromFind;
359 }
360 }