001package org.apache.turbine.pipeline;
002
003
004/*
005 * Licensed to the Apache Software Foundation (ASF) under one
006 * or more contributor license agreements.  See the NOTICE file
007 * distributed with this work for additional information
008 * regarding copyright ownership.  The ASF licenses this file
009 * to you under the Apache License, Version 2.0 (the
010 * "License"); you may not use this file except in compliance
011 * with the License.  You may obtain a copy of the License at
012 *
013 *   http://www.apache.org/licenses/LICENSE-2.0
014 *
015 * Unless required by applicable law or agreed to in writing,
016 * software distributed under the License is distributed on an
017 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
018 * KIND, either express or implied.  See the License for the
019 * specific language governing permissions and limitations
020 * under the License.
021 */
022
023
024import static org.junit.Assert.assertEquals;
025import static org.junit.Assert.assertNotNull;
026import static org.junit.Assert.assertTrue;
027import static org.mockito.Mockito.mock;
028import static org.mockito.Mockito.when;
029
030import java.util.Vector;
031
032import javax.servlet.ServletConfig;
033import javax.servlet.ServletOutputStream;
034import javax.servlet.http.HttpServletRequest;
035import javax.servlet.http.HttpServletResponse;
036
037import org.apache.fulcrum.security.model.turbine.entity.impl.TurbineUserImpl;
038import org.apache.turbine.modules.actions.VelocityActionDoesNothing;
039import org.apache.turbine.modules.actions.VelocitySecureActionDoesNothing;
040import org.apache.turbine.om.security.DefaultUserImpl;
041import org.apache.turbine.om.security.User;
042import org.apache.turbine.test.BaseTestCase;
043import org.apache.turbine.util.RunData;
044import org.apache.turbine.util.TurbineConfig;
045import org.apache.turbine.util.uri.URIConstants;
046import org.junit.AfterClass;
047import org.junit.Before;
048import org.junit.BeforeClass;
049import org.junit.Test;
050
051/**
052 * Tests ExecutePageValve.
053 *
054 * @author <a href="mailto:epugh@opensourceConnections.com">Eric Pugh</a>
055 * @author <a href="mailto:peter@courcoux.biz">Peter Courcoux</a>
056 * @version $Id: ExecutePageValveTest.java 1754909 2016-08-02 12:55:35Z tv $
057 */
058public class ExecutePageValveTest extends BaseTestCase
059{
060    private static TurbineConfig tc = null;
061    private ServletConfig config = null;
062    private HttpServletRequest request = null;
063    private HttpServletResponse response = null;
064
065    @BeforeClass
066    public static void init()
067    {
068        tc = new TurbineConfig(
069                            ".",
070                            "/conf/test/CompleteTurbineResources.properties");
071        tc.initialize();
072    }
073
074    @Before
075    public void setUpBefore() throws Exception
076    {
077        config = mock(ServletConfig.class);
078        request = getMockRequest();
079        response = mock(HttpServletResponse.class);
080        ServletOutputStream sos = mock(ServletOutputStream.class);
081
082        when(response.getOutputStream()).thenReturn(sos);
083    }
084
085    @Test public void testValve() throws Exception
086    {
087        Vector<String> v = new Vector<String>();
088        v.add(URIConstants.CGI_TEMPLATE_PARAM);
089        when(request.getParameterNames()).thenReturn(v.elements());
090
091        when(request.getParameterValues(URIConstants.CGI_TEMPLATE_PARAM)).thenReturn(new String[] { "Index.vm" });
092
093        RunData runData = getRunData(request, response, config);
094        runData.setScreenTemplate("ExistPageWithLayout.vm");
095        User tu = new DefaultUserImpl(new TurbineUserImpl());
096        tu.setName("username");
097        tu.setHasLoggedIn(Boolean.TRUE);
098        String actionName = VelocityActionDoesNothing.class.getName();
099        actionName = actionName.substring(actionName.lastIndexOf(".")+1);
100        runData.setAction(actionName);
101        runData.setUser(tu);
102
103        Pipeline pipeline = new TurbinePipeline();
104
105        PipelineData pipelineData = runData;
106        ExecutePageValve valve = new ExecutePageValve();
107        pipeline.addValve(valve);
108        pipeline.initialize();
109
110        int numberOfCalls = VelocityActionDoesNothing.numberOfCalls;
111        pipeline.invoke(pipelineData);
112        assertEquals("Assert action was called",numberOfCalls +1,VelocityActionDoesNothing.numberOfCalls);
113        User user = runData.getUser();
114        assertNotNull(user);
115        assertEquals("username", user.getName());
116        assertTrue(user.hasLoggedIn());
117    }
118
119    @Test public void testValveWithSecureAction() throws Exception
120    {
121        Vector<String> v = new Vector<String>();
122        v.add(URIConstants.CGI_TEMPLATE_PARAM);
123        when(request.getParameterNames()).thenReturn(v.elements());
124
125        when(request.getParameterValues(URIConstants.CGI_TEMPLATE_PARAM)).thenReturn(new String[] { "Index.vm" });
126
127        RunData runData = getRunData(request, response, config);
128        runData.setScreenTemplate("ExistPageWithLayout.vm");
129        User tu = new DefaultUserImpl(new TurbineUserImpl());
130        tu.setName("username");
131        tu.setHasLoggedIn(Boolean.TRUE);
132        String actionName = VelocitySecureActionDoesNothing.class.getName();
133        actionName = actionName.substring(actionName.lastIndexOf(".")+1);
134        runData.setAction(actionName);
135        runData.setUser(tu);
136
137        Pipeline pipeline = new TurbinePipeline();
138
139        PipelineData pipelineData = runData;
140        ExecutePageValve valve = new ExecutePageValve();
141        pipeline.addValve(valve);
142        pipeline.initialize();
143
144        int numberOfCalls = VelocitySecureActionDoesNothing.numberOfCalls;
145        int isAuthorizedCalls = VelocitySecureActionDoesNothing.isAuthorizedCalls;
146        pipeline.invoke(pipelineData);
147        assertEquals("Assert action was called",numberOfCalls +1,VelocitySecureActionDoesNothing.numberOfCalls);
148        assertEquals("Assert authorization was called",isAuthorizedCalls +1,VelocitySecureActionDoesNothing.isAuthorizedCalls);
149        User user = runData.getUser();
150        assertNotNull(user);
151        assertEquals("username", user.getName());
152        assertTrue(user.hasLoggedIn());
153    }
154
155    @AfterClass
156    public static void destroy()
157    {
158        tc.dispose();
159    }
160}