Permalink
Browse files

Merge pull request #186 from VWoeltjen/mct123

[Ownership] Prevent changing owner of bootstrap components, such as My Sandbox
  • Loading branch information...
2 parents fbd8134 + ae67ca2 commit e9d24e022c514c8af14a3711975750a196568ba3 @harleigh harleigh committed Sep 17, 2013
@@ -67,10 +67,18 @@ public static boolean hasRole(User user, String role) {
* @param runtimeUser the user
* @return true if this components owner can be changed.
*/
- public static boolean canChangeOwner(AbstractComponent component, User runtimeUser) {
-
+ public static boolean canChangeOwner(AbstractComponent component, User runtimeUser) {
+ // TODO: Consider moving this to Policy?
+ // First, rule out bootstrap components - changing ownership of these could result in major loss of functionality
+ for (AbstractComponent bootstrap : PlatformAccess.getPlatform().getBootstrapComponents()) {
+ if (bootstrap.getComponentId().equals(component.getComponentId())) {
+ return false;
+ }
+ }
+
+ // Otherwise, consider ownership and role rules
String componentOwner = component.getOriginalOwner() == null ? component.getOwner() : component.getOriginalOwner();
- if (componentOwner.equals(runtimeUser.getUserId()) || "admin".equals(runtimeUser.getUserId())) {
+ if (componentOwner.equals(runtimeUser.getUserId()) || "admin".equals(runtimeUser.getUserId())) {
return true;
} else {
return RoleAccess.hasRole(runtimeUser, componentOwner);
@@ -25,44 +25,66 @@
import gov.nasa.arc.mct.services.internal.component.ComponentInitializer;
import gov.nasa.arc.mct.services.internal.component.User;
+import java.util.Arrays;
+
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
import org.testng.Assert;
-import org.testng.annotations.BeforeTest;
+import org.testng.annotations.AfterMethod;
+import org.testng.annotations.BeforeMethod;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
public class RoleAccessTest {
@Mock private User testUser;
+ @Mock private Platform mockPlatform;
+ @Mock private AbstractComponent mockBootstrap;
private AbstractComponent component;
- @BeforeTest
+ private Platform oldPlatform;
+
+ @BeforeMethod
void setup() {
MockitoAnnotations.initMocks(this);
component = new AbstractComponent() {
};
+ oldPlatform = PlatformAccess.getPlatform();
+ new PlatformAccess().setPlatform(mockPlatform);
+ Mockito.when(mockBootstrap.getComponentId()).thenReturn("boot");
+ Mockito.when(mockPlatform.getBootstrapComponents()).thenReturn(Arrays.asList(mockBootstrap));
+ }
+
+ @AfterMethod
+ void teardown() {
+ new PlatformAccess().setPlatform(oldPlatform);
}
@DataProvider(name="userAndComponentSetup")
Object[][] userTests() {
return new Object[][] {
- new Object[] {"admin", "xyz", true},
- new Object[] {"xyz", "xyz", true},
- new Object[] {"qqq", "xyz", false}
+ new Object[] {"admin", "xyz", "...", true},
+ new Object[] {"xyz", "xyz", "...", true},
+ new Object[] {"qqq", "xyz", "...", false},
+ // The following should be identified as bootstrap components,
+ // and ownership changed should be disallowed.
+ new Object[] {"admin", "xyz", "boot", false},
+ new Object[] {"xyz", "xyz", "boot", false},
+ new Object[] {"qqq", "xyz", "boot", false}
};
}
- void setupUserAndComponent(String user, String originalOwner) {
+ void setupUserAndComponent(String user, String originalOwner, String id) {
Mockito.when(testUser.getUserId()).thenReturn(user);
ComponentInitializer ci = component.getCapability(ComponentInitializer.class);
ci.setOwner(originalOwner);
+ ci.setId(id);
}
@Test(dataProvider="userAndComponentSetup")
- public void testCanChangeOwner(String userName, String originalOwner, boolean expectedValue) {
- setupUserAndComponent(userName, originalOwner);
+ public void testCanChangeOwner(String userName, String originalOwner, String id, boolean expectedValue) {
+ setupUserAndComponent(userName, originalOwner, id);
component.setOwner(userName);
Assert.assertEquals(RoleAccess.canChangeOwner(component, testUser), expectedValue);
}
@@ -5,6 +5,8 @@
import gov.nasa.arc.mct.components.PropertyDescriptor.VisualControlDescriptor;
import gov.nasa.arc.mct.components.PropertyEditor;
import gov.nasa.arc.mct.context.GlobalContext;
+import gov.nasa.arc.mct.platform.spi.Platform;
+import gov.nasa.arc.mct.platform.spi.PlatformAccess;
import gov.nasa.arc.mct.platform.spi.RoleAccess;
import gov.nasa.arc.mct.platform.spi.RoleService;
import gov.nasa.arc.mct.services.component.ViewInfo;
@@ -29,6 +31,7 @@
import org.mockito.Mockito;
import org.testng.Assert;
+import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;
@@ -38,19 +41,29 @@
User mockUser = Mockito.mock(User.class);
RoleService mockRoleService = Mockito.mock(RoleService.class);
AbstractComponent comp = Mockito.mock(AbstractComponent.class);
- ViewInfo info = new ViewInfo(InfoView.class, "Info", ViewType.CENTER);
-
+ Platform mockPlatform = Mockito.mock(Platform.class);
+ Platform oldPlatform;
+ ViewInfo info = new ViewInfo(InfoView.class, "Info", ViewType.CENTER);
+
@BeforeMethod
- public void setup() {
+ public void setup() {
// Setup minimum expected environment for info view
+ oldPlatform = PlatformAccess.getPlatform();
+ new PlatformAccess().setPlatform(mockPlatform);
Mockito.when(comp.getOwner()).thenReturn("*");
Mockito.when(comp.getComponentTypeID()).thenReturn("");
Mockito.when(mockUser.getUserId()).thenReturn("");
Mockito.when(mockRoleService.getAllUsers()).thenReturn(Collections.singleton(""));
+ Mockito.when(mockPlatform.getBootstrapComponents()).thenReturn(Collections.<AbstractComponent>emptyList());
GlobalContext.getGlobalContext().switchUser(mockUser, Mockito.mock(Runnable.class));
new RoleAccess().addRoleService(mockRoleService);
}
+ @AfterMethod
+ public void teardown() {
+ new PlatformAccess().setPlatform(oldPlatform);
+ }
+
@Test
public void testUpdateMonitoredGUI() {
/* This test ensures that updateMonitoredGUI triggers revalidate/repaint */

0 comments on commit e9d24e0

Please sign in to comment.