Package org.azd.legacy

Class SecurityApiTest

java.lang.Object

org.azd.legacy.SecurityApiTest

public class SecurityApiTest
extends Object

Constructor Summary

Constructors

Constructor	Description
SecurityApiTest()

Method Summary

Modifier and Type	Method	Description
void	init()
void	shouldAddAndRemoveACL()
void	shouldDumpAllNamespaceActions()	not really a test.
void	shouldGenerateTokenString()
void	shouldGetANamespace()
void	shouldListACLForDescriptor()
void	shouldListACLs()
void	shouldListACLsWithExtendedInfo()
void	shouldListRequiredTokenProperties()
void	shouldListSecurityNamespaces()
void	shouldResolveSubjectIdentities()
void	shouldUpdateAccessControlEntry()	- lookup a user and a repository - get current ACL - update ACE with merge flag set - re-fetch ACL and compare: - deny value should be our mask OR'd with original values , allow value should be our mask OR'd with original values + with deny bits unset - reset ACL
void	shouldUpdateAccessControlList()	- lookup a user and a repository - get current ACL - update ACL - re-fetch ACL and compare, assert allow / deny value changed - reset ACL

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

SecurityApiTest

public SecurityApiTest()

Method Details

init

public void init()
          throws AzDException

Throws:

AzDException

shouldListSecurityNamespaces

public void shouldListSecurityNamespaces()
                                  throws AzDException

Throws:

AzDException

shouldGetANamespace

public void shouldGetANamespace()
                         throws AzDException

Throws:

AzDException

shouldListACLs

public void shouldListACLs()
                    throws AzDException

Throws:

AzDException

shouldListACLsWithExtendedInfo

public void shouldListACLsWithExtendedInfo()
                                    throws AzDException

Throws:

AzDException

shouldResolveSubjectIdentities

public void shouldResolveSubjectIdentities()
                                    throws AzDException

Throws:

AzDException

shouldListACLForDescriptor

public void shouldListACLForDescriptor()
                                throws AzDException

Throws:

AzDException

shouldDumpAllNamespaceActions

public void shouldDumpAllNamespaceActions()
                                   throws AzDException

not really a test. Dump all actions to see bitmasks

Throws:

AzDException

shouldGenerateTokenString

public void shouldGenerateTokenString()
                               throws AzDException

Throws:

AzDException

shouldListRequiredTokenProperties

public void shouldListRequiredTokenProperties()
                                       throws AzDException

Throws:

AzDException

shouldAddAndRemoveACL

public void shouldAddAndRemoveACL()
                           throws AzDException

Throws:

AzDException

shouldUpdateAccessControlList

public void shouldUpdateAccessControlList()
                                   throws AzDException

- lookup a user and a repository - get current ACL - update ACL - re-fetch ACL and compare, assert allow / deny value changed - reset ACL

Throws:

AzDException

shouldUpdateAccessControlEntry

public void shouldUpdateAccessControlEntry()
                                    throws AzDException

- lookup a user and a repository - get current ACL - update ACE with merge flag set - re-fetch ACL and compare: - deny value should be our mask OR'd with original values , allow value should be our mask OR'd with original values + with deny bits unset - reset ACL

Not necessarily universal. Depending on the internal permission logic, denying access to one action may implicitly deny other actions. i.e. in git permissions, bit 1 (admin) appears to be flipped depending on other allow/deny values

Throws:

AzDException