View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *     http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.shiro.authz.aop;
20  
21  import org.apache.shiro.authz.UnauthenticatedException;
22  import org.apache.shiro.authz.annotation.Logical;
23  import org.apache.shiro.authz.annotation.RequiresRoles;
24  import org.apache.shiro.subject.Subject;
25  import org.apache.shiro.test.SecurityManagerTestSupport;
26  import org.junit.Test;
27  
28  import java.lang.annotation.Annotation;
29  
30  import static org.easymock.EasyMock.*;
31  
32  /**
33   * Test cases for the {@link RoleAnnotationHandler} class.
34   */
35  public class RoleAnnotationHandlerTest extends SecurityManagerTestSupport {
36      private Subject subject;
37  
38      //Added to satisfy SHIRO-146
39  
40      @Test(expected = UnauthenticatedException.class)
41      public void testGuestSingleRoleAssertion() throws Throwable {
42          RoleAnnotationHandler handler = new RoleAnnotationHandler();
43  
44          Annotation requiresRolesAnnotation = new RequiresRoles() {
45              public String[] value() {
46                  return new String[]{"blah"};
47              }
48  
49              public Class<? extends Annotation> annotationType() {
50                  return RequiresRoles.class;
51              }
52  	    public Logical logical() {
53  		return Logical.AND;
54  	    }
55          };
56  
57          handler.assertAuthorized(requiresRolesAnnotation);
58      }
59  
60      //Added to satisfy SHIRO-146
61  
62      @Test(expected = UnauthenticatedException.class)
63      public void testGuestMultipleRolesAssertion() throws Throwable {
64          RoleAnnotationHandler handler = new RoleAnnotationHandler();
65  
66          Annotation requiresRolesAnnotation = new RequiresRoles() {
67              public String[] value() {
68                  return new String[]{"blah", "blah2"};
69              }
70  
71              public Class<? extends Annotation> annotationType() {
72                  return RequiresRoles.class;
73              }
74  	    public Logical logical() {
75  		return Logical.AND;
76  	    }
77          };
78  
79          handler.assertAuthorized(requiresRolesAnnotation);
80      }
81      
82      @Test
83      public void testOneOfTheRolesRequired() throws Throwable {
84  	subject = createMock(Subject.class);
85  	expect(subject.hasRole("blah")).andReturn(true);
86  	expect(subject.hasRole("blah2")).andReturn(false);
87          replay(subject);
88  	RoleAnnotationHandler handler = new RoleAnnotationHandler() {
89              @Override
90  	    protected Subject getSubject() {
91          	return subject;
92              }
93          };
94  
95          Annotation requiresRolesAnnotation = new RequiresRoles() {
96              public String[] value() {
97                  return new String[]{"blah", "blah2"};
98              }
99  
100             public Class<? extends Annotation> annotationType() {
101                 return RequiresRoles.class;
102             }
103 	    public Logical logical() {
104 		return Logical.OR;
105 	    }
106         };
107         handler.assertAuthorized(requiresRolesAnnotation);
108     }
109 }