]> git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.security.core/ext/test/org/argeo/osgi/useradmin/LdifUserAdminTest.java
projects / lgpl / argeo-commons.git / blob


e76769d71078150dc61ec24798729a9de15a8780
[lgpl/argeo-commons.git] / org.argeo.security.core / ext / test / org / argeo / osgi / useradmin / LdifUserAdminTest.java
1 package org.argeo.osgi.useradmin;
2
3 import java.io.ByteArrayInputStream;
4 import java.io.ByteArrayOutputStream;
5 import java.io.File;
6 import java.io.InputStream;
7 import java.net.URI;
8 import java.nio.file.Files;
9 import java.nio.file.Path;
10 import java.util.Arrays;
11 import java.util.Dictionary;
12 import java.util.Hashtable;
13 import java.util.List;
14 import java.util.UUID;
15
16 import javax.transaction.TransactionManager;
17
18 import org.apache.commons.codec.binary.Base64;
19 import org.apache.commons.codec.digest.DigestUtils;
20 import org.apache.commons.io.IOUtils;
21 import org.osgi.service.useradmin.Authorization;
22 import org.osgi.service.useradmin.Group;
23 import org.osgi.service.useradmin.Role;
24 import org.osgi.service.useradmin.User;
25
26 import bitronix.tm.BitronixTransactionManager;
27 import bitronix.tm.TransactionManagerServices;
28 import bitronix.tm.resource.ehcache.EhCacheXAResourceProducer;
29 import junit.framework.TestCase;
30
31 public class LdifUserAdminTest extends TestCase implements BasicTestConstants {
32 private BitronixTransactionManager tm;
33 private URI uri;
34 private AbstractUserDirectory userAdmin;
35
36 public void testConcurrent() throws Exception {
37 }
38
39 @SuppressWarnings("unchecked")
40 public void testEdition() throws Exception {
41 User demoUser = (User) userAdmin.getRole(DEMO_USER_DN);
42 assertNotNull(demoUser);
43
44 tm.begin();
45 String newName = "demo";
46 demoUser.getProperties().put("cn", newName);
47 assertEquals(newName, demoUser.getProperties().get("cn"));
48 tm.commit();
49 persistAndRestart();
50 assertEquals(newName, demoUser.getProperties().get("cn"));
51
52 tm.begin();
53 userAdmin.removeRole(DEMO_USER_DN);
54 tm.commit();
55 persistAndRestart();
56
57 // check data
58 Role[] search = userAdmin.getRoles("(objectclass=inetOrgPerson)");
59 assertEquals(1, search.length);
60 Group editorGroup = (Group) userAdmin.getRole(EDITORS_GROUP_DN);
61 assertNotNull(editorGroup);
62 Role[] members = editorGroup.getMembers();
63 assertEquals(1, members.length);
64 }
65
66 public void testRetrieve() throws Exception {
67 // users
68 User rootUser = (User) userAdmin.getRole(ROOT_USER_DN);
69 assertNotNull(rootUser);
70 User demoUser = (User) userAdmin.getRole(DEMO_USER_DN);
71 assertNotNull(demoUser);
72
73 // groups
74 Group adminGroup = (Group) userAdmin.getRole(ADMIN_GROUP_DN);
75 assertNotNull(adminGroup);
76 Role[] members = adminGroup.getMembers();
77 assertEquals(1, members.length);
78 assertEquals(rootUser, members[0]);
79
80 Group editorGroup = (Group) userAdmin.getRole(EDITORS_GROUP_DN);
81 assertNotNull(editorGroup);
82 members = editorGroup.getMembers();
83 assertEquals(2, members.length);
84 assertEquals(adminGroup, members[0]);
85 assertEquals(demoUser, members[1]);
86
87 Authorization rootAuth = userAdmin.getAuthorization(rootUser);
88 List<String> rootRoles = Arrays.asList(rootAuth.getRoles());
89 assertEquals(3, rootRoles.size());
90 assertTrue(rootRoles.contains(ROOT_USER_DN));
91 assertTrue(rootRoles.contains(ADMIN_GROUP_DN));
92 assertTrue(rootRoles.contains(EDITORS_GROUP_DN));
93
94 // properties
95 assertEquals("root@localhost", rootUser.getProperties().get("mail"));
96
97 // credentials
98 byte[] hashedPassword = ("{SHA}" + Base64.encodeBase64String(DigestUtils.sha1("demo".getBytes()))).getBytes();
99 assertTrue(rootUser.hasCredential(LdifName.userPassword.name(), hashedPassword));
100 assertTrue(demoUser.hasCredential(LdifName.userPassword.name(), hashedPassword));
101
102 // search
103 Role[] search = userAdmin.getRoles(null);
104 assertEquals(4, search.length);
105 search = userAdmin.getRoles("(objectClass=groupOfNames)");
106 assertEquals(2, search.length);
107 search = userAdmin.getRoles("(objectclass=inetOrgPerson)");
108 assertEquals(2, search.length);
109 search = userAdmin.getRoles("(&(objectclass=inetOrgPerson)(uid=demo))");
110 assertEquals(1, search.length);
111 }
112
113 public void testReadWriteRead() throws Exception {
114 if (userAdmin instanceof LdifUserAdmin) {
115 Dictionary<String, Object> props = userAdmin.getProperties();
116 ByteArrayOutputStream out = new ByteArrayOutputStream();
117 ((LdifUserAdmin) userAdmin).save(out);
118 byte[] arr = out.toByteArray();
119 IOUtils.closeQuietly(out);
120 userAdmin.destroy();
121 // String written = new String(arr);
122 // System.out.print(written);
123 try (ByteArrayInputStream in = new ByteArrayInputStream(arr)) {
124 userAdmin = new LdifUserAdmin(props);
125 ((LdifUserAdmin) userAdmin).load(in);
126 }
127 Role[] search = userAdmin.getRoles(null);
128 assertEquals(4, search.length);
129 } else {
130 // test not relevant for LDAP
131 }
132 }
133
134 @Override
135 protected void setUp() throws Exception {
136 Path tempDir = Files.createTempDirectory(getClass().getName());
137 String uriProp = System.getProperty("argeo.userdirectory.uri");
138 if (uriProp != null)
139 uri = new URI(uriProp);
140 else {
141 tempDir.toFile().deleteOnExit();
142 Path ldifPath = tempDir.resolve(BASE_DN + ".ldif");
143 try (InputStream in = getClass().getResource("basic.ldif").openStream()) {
144 Files.copy(in, ldifPath);
145 }
146 uri = ldifPath.toUri();
147 }
148
149 bitronix.tm.Configuration tmConf = TransactionManagerServices.getConfiguration();
150 tmConf.setServerId(UUID.randomUUID().toString());
151 tmConf.setLogPart1Filename(new File(tempDir.toFile(), "btm1.tlog").getAbsolutePath());
152 tmConf.setLogPart2Filename(new File(tempDir.toFile(), "btm2.tlog").getAbsolutePath());
153 tm = TransactionManagerServices.getTransactionManager();
154
155 userAdmin = initUserAdmin(uri, tm);
156 }
157
158 private AbstractUserDirectory initUserAdmin(URI uri, TransactionManager tm) {
159 Dictionary<String, Object> props = new Hashtable<>();
160 props.put(UserAdminConf.uri.name(), uri.toString());
161 props.put(UserAdminConf.baseDn.name(), BASE_DN);
162 props.put(UserAdminConf.userBase.name(), "ou=users");
163 props.put(UserAdminConf.groupBase.name(), "ou=groups");
164 AbstractUserDirectory userAdmin;
165 if (uri.getScheme().startsWith("ldap"))
166 userAdmin = new LdapUserAdmin(props);
167 else
168 userAdmin = new LdifUserAdmin(props);
169 userAdmin.init();
170 // JTA
171 EhCacheXAResourceProducer.registerXAResource(UserDirectory.class.getName(), userAdmin.getXaResource());
172 userAdmin.setTransactionManager(tm);
173 return userAdmin;
174 }
175
176 private void persistAndRestart() {
177 EhCacheXAResourceProducer.unregisterXAResource(UserDirectory.class.getName(), userAdmin.getXaResource());
178 if (userAdmin instanceof LdifUserAdmin)
179 ((LdifUserAdmin) userAdmin).save();
180 userAdmin.destroy();
181 userAdmin = initUserAdmin(uri, tm);
182 }
183
184 @Override
185 protected void tearDown() throws Exception {
186 EhCacheXAResourceProducer.unregisterXAResource(UserDirectory.class.getName(), userAdmin.getXaResource());
187 tm.shutdown();
188 if (userAdmin != null)
189 userAdmin.destroy();
190 }
191
192 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi