Clover Coverage Report
Coverage timestamp: Sun Mar 23 2008 08:24:39 GMT
92   427   18   9.2
18   162   0.29   10
10     2.7  
1    
 
 
  SimpleTesting       Line # 101 92 18 86.7% 0.8666667
 
No Tests
 
1    /*
2    * SimpleTesting.java
3    *
4    * Created on 29 August 2006, 14:49
5    *
6    * Copyright (c) 2006, University of Kent
7    * All rights reserved.
8    *
9    * Redistribution and use in source and binary forms, with or without
10    * modification, are permitted provided that the following conditions are met:
11    *
12    * Redistributions of source code must retain the above copyright notice, this
13    * list of conditions and the following disclaimer.
14    *
15    * Redistributions in binary form must reproduce the above copyright notice,
16    * this list of conditions and the following disclaimer in the documentation
17    * and/or other materials provided with the distribution.
18    *
19    * 1. Neither the name of the University of Kent nor the names of its
20    * contributors may be used to endorse or promote products derived from this
21    * software without specific prior written permission.
22    *
23    * 2. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
24    * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
25    * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
26    * PURPOSE ARE DISCLAIMED.
27    *
28    * 3. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
29    * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30    * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31    * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
32    * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
33    * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
34    * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
35    * POSSIBILITY OF SUCH DAMAGE.
36    *
37    * 4. YOU AGREE THAT THE EXCLUSIONS IN PARAGRAPHS 2 AND 3 ABOVE ARE REASONABLE
38    * IN THE CIRCUMSTANCES. IN PARTICULAR, YOU ACKNOWLEDGE (1) THAT THIS
39    * SOFTWARE HAS BEEN MADE AVAILABLE TO YOU FREE OF CHARGE, (2) THAT THIS
40    * SOFTWARE IS NOT "PRODUCT" QUALITY, BUT HAS BEEN PRODUCED BY A RESEARCH
41    * GROUP WHO DESIRE TO MAKE THIS SOFTWARE FREELY AVAILABLE TO PEOPLE WHO WISH
42    * TO USE IT, AND (3) THAT BECAUSE THIS SOFTWARE IS NOT OF "PRODUCT" QUALITY
43    * IT IS INEVITABLE THAT THERE WILL BE BUGS AND ERRORS, AND POSSIBLY MORE
44    * SERIOUS FAULTS, IN THIS SOFTWARE.
45    *
46    * 5. This license is governed, except to the extent that local laws
47    * necessarily apply, by the laws of England and Wales.
48    *
49    * Author : Gansen Zhao
50    * Email: gz7@kent.ac.uk
51    *
52    */
53   
54   
55    package issrg.test;
56   
57   
58    import issrg.pba.PbaException;
59    import issrg.pba.Response;
60    import issrg.pba.rbac.PermisAction;
61    import issrg.pba.rbac.PermisRBAC;
62    import issrg.pba.rbac.PermisTarget;
63    import issrg.simplePERMIS.SimplePERMISPolicyFinder;
64    import issrg.simplePERMIS.SimplePERMISToken;
65    import issrg.simplePERMIS.SimplePERMISTokenParser;
66    import issrg.utils.repository.Entry;
67    import java.util.Vector;
68    import issrg.pba.Subject;
69    import java.io.FileNotFoundException;
70    import java.io.FileOutputStream;
71    import java.io.PrintStream;
72   
73    /**
74    * This test suite is designed to test if the Universal SOA works properly or not.
75    * The Universal SOA is the SOA with an empty string ("") as the name of the SOA. The Universal SOA
76    * is used to refer to any SOAs in the system.
77    *
78    *
79    * @author gansen
80    */
81   
82   
83    /**
84    * This class is designed as the ancester class for universal soa testing and oblgiation testing based on
85    * plain text policies and credentials.
86    *
87    * <p>Subclass might reimplemented constructSubject and prepareTestCases functions to suite the testing requirement.
88    *
89    * <p>constructSubject is where we construct a permis subject based on the credentials held by the requesters.
90    * The default one use plain text to specify the credentials.
91    *
92    * <p>The prepareTestCases is the function where test cases are specified. Test cases care stored in 5 arrays, which are
93    * m_users, m_roles,m_issuers, m_actions, m_targets.
94    *
95    * <p> test funciton is actually the function that is responsible for implementing the test control flow, where
96    * it control the system to read from the input, write results into the output, and control every individual
97    * testing case.
98    *
99    *
100    */
 
101    public class SimpleTesting {
102   
103    /**
104    * Creates a new instance of SimpleTesting
105    */
 
106  2 toggle public SimpleTesting() {
107  2 System.setProperty("line.separator", "\r\n");
108    }
109   
110   
111    // public void main(String [] args){
112    //
113    // FileOutputStream testOut;
114    //
115    // String outputFileName=args[0];
116    // String inputFileName=args[1];
117    //
118    // this.prepareTestCases();
119    // this.test(inputFileName,outputFileName);
120    //
121    // return;
122    //
123    // }
124   
125   
126   
127    //private final static java.io.BufferedReader in = new java.io.BufferedReader(new java.io.InputStreamReader(System.in));
128    private SimplePERMISTokenParser testParserTok = null;
129   
130    private PermisRBAC adf = null;
131    private SimplePERMISPolicyFinder ssampf=null;
132   
133   
134    private Subject subject=null;
135    private PermisAction action=null;
136    private PermisTarget target=null;
137   
138   
139    /**
140    * array to hold the user ldap dn names
141    */
142    protected String[] m_users;
143   
144    /**
145    * array to hold roles
146    */
147    protected String[] m_roles;
148   
149    /**
150    * array to hold the issuer ldap dn names of attributes
151    */
152    protected String[] m_issuers;
153   
154    /**
155    * array to hold action names
156    */
157    protected String[] m_actions;
158   
159    /**
160    * array to hold target ldap dn names
161    */
162    protected String[] m_targets;
163   
164   
165    /**
166    * This function loads the specified policy from an plain xml file.
167    *
168    * @param pathNameofPolicy - The Full file name of the policy file. The file name shall include
169    * the path to allow java vm to locate the file.
170    */
 
171  2 toggle public boolean loadPolicy(String pathNameofPolicy){
172  2 try{
173    //System.out.println("path name of the policy : " + pathNameofPolicy);
174  2 ssampf = new SimplePERMISPolicyFinder(pathNameofPolicy);
175    //ssampf = new SimplePERMISPolicyFinder("TEST1.xml");
176    }catch (Exception e){
177  0 System.out.println("Exception was thrown in loading policy!");
178  0 System.out.println(e.getMessage());
179  0 ssampf=null;
180    }catch(Throwable th){
181  0 System.out.println("Throwable was thrown in loading policy!");
182  0 System.out.println(th.getMessage());
183  0 ssampf=null;
184    }
185   
186  2 if (ssampf == null){
187  0 System.out.println("Null PolicyFinder was returned!");
188  0 return false;
189    }
190  2 return true;
191   
192   
193    }
194   
195    /**
196    * Contruct the Authorization Decision Function object. This shall be after the policy is loaded.
197    * @return True -- when sucessfully construct the ADF. Otherwise false.
198    */
 
199  2 toggle public boolean constructADF(){
200    //public static boolean constructADF() throws PbaException {
201  2 try{
202  2 adf = new PermisRBAC(ssampf);
203    } catch(PbaException pe){
204  0 System.out.println(pe.getMessage());
205  0 return false;
206    }
207   
208  2 return true;
209    }
210   
211   
212    /**
213    * Construct a permis subject object that represents the subject who is going to perform the action
214    * @param userDN user's DN
215    * @param roleValue the value of user's permisRole attribute
216    * @param issuerLDAPDN the DN of the issuer of the role
217    */
 
218  594 toggle public boolean constructSubject(String userDN,String roleValue, String issuerLDAPDN){
219   
220    //create subject
221    //SimplePERMISToken p = null;
222  594 this.subject=null;
223   
224  594 SimplePERMISToken subjectToken=null;
225   
226  594 Entry issuer = null;
227   
228  594 String roleType = "";
229   
230  594 roleType = "permisRole";
231   
232  594 subjectToken = new SimplePERMISToken(userDN, issuerLDAPDN, roleType, roleValue);
233   
234  594 Vector newCreds = new Vector();
235   
236    // create the credentials of principal, i.e., (user <-> roles) issued by issuer
237    // In this case the credentials will be decoded when when getCreds method is launched
238    // Credentials can also be decoded here doing newCreds.add(testParserTok.decode(principal));
239   
240  594 newCreds.add(subjectToken);
241  594 try{
242    // create the subject, i.e. the entity (the roles) recognized by permis to take the decisions.
243  594 subject = adf.getCreds(subjectToken.getHolderEntry().getEntryName(), newCreds.toArray());
244    }catch(PbaException pbaE){
245  198 subject=null;
246  198 return false;
247    }
248   
249  396 return true;
250    }
251   
 
252  594 toggle public boolean constructAction(String actionName){
253   
254    //create action
255  594 action=null;
256    //String strAction = "";
257    //actionName = "Action0";
258    //System.out.println("action : " +strAction);
259  594 action = new PermisAction(actionName);
260   
261  594 return true;
262    }
263   
 
264  594 toggle public boolean constructTarget(String targetDN){
265    //create target
266  594 target = null;
267    //String targetDN = "";
268    //targetDN = "cn=object0, o=permis, c=gb";
269    //System.out.println("targetDN : " +targetDN);
270  594 try{
271  594 target = new PermisTarget(targetDN, null);
272    }catch(issrg.utils.RFC2253ParsingException rfcExc){
273  0 return false;
274    }
275   
276  594 return true;
277    //return false;
278    }
279   
280   
 
281  594 toggle public Response consult() throws PbaException{
282   
283  594 return adf.authzDecision(this.subject,this.action,this.target,null);
284   
285    }
286   
287   
288   
 
289  2 toggle public void prepareTestCases(String[] users,String[] roles, String[] issuers, String[] actions, String[] targets){
290   
291    // String[] users={"CN=User0,O=PERMIS,C=GB","CN=User1,O=PERMIS,C=GB"};
292    // String[] roles={"Role0","Role1", "Role2"};
293    // String[] issuers={"",null,"CN=ANY,O=ANY,C=ANY"};
294    // String[] actions={"Action0","Action1","Action2",};
295    // String[] targets={"CN=Target0,O=PERMIS,C=GB","CN=Target1,O=PERMIS,C=GB"};
296   
297  2 m_users=users;
298  2 m_roles=roles;
299  2 m_issuers=issuers;
300  2 m_actions=actions;
301  2 m_targets=targets;
302   
303    }
304   
305   
306    /**
307    * @param policyfileName the file name of the policy file. It must be suffice for the system to locate the file on the file system, either in relative path format or in full path format.
308    * @param outputResult the finle name of the output file. It must be suffice for the system to locate the file on the file system, either in relative path format or in full path format. All testing outputs are writting to this file. If the file exists before this testing, the content of the file will be wipped off.
309    */
 
310  2 toggle public void test(String policyfileName,String outputResult) {
311   
312  2 String input=null;
313   
314   
315  2 String userDN;
316  2 String roleValue;
317  2 String actionName;
318  2 String targetDN;
319   
320  2 Response rsp;
321   
322    // //String policyFileName="obligationtest.xml"; //policy with obligation
323    // String policyFileName="obligationtest.xml"; //policy without obligation
324   
325   
326    // System.out.println("This is an example of showing how to use ModularPERMIS with Obligation.");
327    //
328    // System.out.println("Begin to load the policy : " + policyFileName);
329   
330  2 if(this.loadPolicy(policyfileName)==false){
331  0 System.out.println("Failed to load policy!");
332    }//else{
333    // System.out.println("Load Policy Sucessfully!");
334    //}
335   
336    // System.out.println("Begin to construct the ADF using the loaded policy");
337   
338  2 this.constructADF();
339  2 int iCaseID=0;
340  2 try{
341  2 System.setOut(new PrintStream(new FileOutputStream(outputResult)));
342    }catch(FileNotFoundException fnf){
343  0 System.out.println(" File Not found : " + fnf.getMessage());
344    }
345   
346  2 try{
347   
348  2 String log;
349   
350  8 for(int i=0;i < m_users.length;i++)
351  27 for(int j=0; j<m_roles.length;j++)
352   
353  84 for(int l=0;l<m_actions.length;l++)
354  225 for(int m=0;m<m_targets.length;m++)
355  756 for(int k=0;k<m_issuers.length;k++)
356    {
357  594 iCaseID++;
358  594 System.out.println();
359  594 System.out.println("CaseID: " + iCaseID );
360  594 System.out.println("User\t: " + m_users[i]);
361  594 System.out.println("Role\t: " + m_roles[j]);
362  594 System.out.println("Issuer\t: "+ m_issuers[k]);
363  594 System.out.println("Action\t: "+ m_actions[l]);
364  594 System.out.println( "Target\t: " + m_targets[m]);
365  594 rsp=simulate(m_users[i],m_roles[j],m_issuers[k],m_actions[l],m_targets[m]);
366  594 if(rsp!=null){
367  228 log="Result\t: ";
368  228 if(rsp.isAuthorised()==true)
369  7 log+="True";
370    else
371  221 log+="false";
372   
373    // log+="\t Obligations : ";
374    //
375    // if(rsp.getObligations()==null)
376    // log+="null";
377    // else
378    // log+=rsp.getObligations().toString();
379   
380  228 System.out.println(log);
381   
382    }else{
383  366 System.out.println("Null Response");
384    }
385    }
386   
387    }catch(Exception e){
388  0 e=null;
389    }
390   
391  2 System.out.close();
392    }
393   
394    /**
395    * This function runs a single test case based on the input, and returns an authorisation response.
396    *
397    * @param userDN - The LDAPDN name for the user
398    * @param roleValue - The role value of the users. The role type is fixed to permisRole.
399    * @param issuer - The issuer of the role to the user as identitifed by userDN
400    * @param actionName - The action to be performed
401    * @param targetDN - The LDAPDN name that is used to identify the target.
402    * @param return - The authorisation response from the pdp. When exception occurs, a null response is returned,
403    * and the error message is output to the standard output of the system (System.out).
404    */
 
405  594 toggle private Response simulate(final String userDN, final String roleValue, final String issuer, final String actionName, final String targetDN ) {
406   
407   
408  594 this.constructSubject(userDN,roleValue, issuer);
409  594 constructAction(actionName);
410  594 constructTarget(targetDN);
411   
412  594 Response pdpResponse=null;
413   
414  594 try{
415   
416  594 pdpResponse=consult();
417   
418  228 return pdpResponse;
419   
420    }catch(PbaException e){
421  366 System.out.println("** Exception :"+ e.getMessage());
422  366 return pdpResponse;
423   
424    }
425    }
426   
427    }