2 package eu
.etaxonomy
.cdm
.api
.service
;
4 import static org
.junit
.Assert
.assertEquals
;
5 import static org
.junit
.Assert
.assertFalse
;
6 import static org
.junit
.Assert
.assertTrue
;
8 import java
.io
.FileNotFoundException
;
9 import java
.util
.Iterator
;
11 import java
.util
.UUID
;
13 import javax
.sql
.DataSource
;
15 import org
.apache
.log4j
.Logger
;
16 import org
.junit
.Assert
;
17 import org
.junit
.Before
;
18 import org
.junit
.Ignore
;
19 import org
.junit
.Test
;
20 import org
.springframework
.security
.authentication
.AuthenticationManager
;
21 import org
.springframework
.security
.authentication
.UsernamePasswordAuthenticationToken
;
22 import org
.springframework
.security
.core
.Authentication
;
23 import org
.springframework
.security
.core
.context
.SecurityContext
;
24 import org
.springframework
.security
.core
.context
.SecurityContextHolder
;
25 import org
.unitils
.database
.annotations
.TestDataSource
;
26 import org
.unitils
.dbunit
.annotation
.DataSet
;
27 import org
.unitils
.spring
.annotation
.SpringBeanByName
;
29 import eu
.etaxonomy
.cdm
.model
.description
.Feature
;
30 import eu
.etaxonomy
.cdm
.model
.description
.TaxonDescription
;
31 import eu
.etaxonomy
.cdm
.model
.description
.TextData
;
32 import eu
.etaxonomy
.cdm
.model
.media
.Media
;
33 import eu
.etaxonomy
.cdm
.model
.taxon
.Taxon
;
34 import eu
.etaxonomy
.cdm
.model
.taxon
.TaxonNode
;
35 import eu
.etaxonomy
.cdm
.persistence
.hibernate
.permission
.ICdmPermissionEvaluator
;
36 import eu
.etaxonomy
.cdm
.test
.integration
.CdmTransactionalIntegrationTestWithSecurity
;
41 * Test class only for development purposes, must be run in suite.
44 //@RunWith(UnitilsJUnit4TestClassRunner.class)
45 //@SpringApplicationContext({"/eu/etaxonomy/cdm/applicationContextSecurity.xml"})
47 @Ignore // should be ignored
48 @DataSet("SecurityTest.xml")
49 public class SecurityWithTransaction
extends CdmTransactionalIntegrationTestWithSecurity
{
51 @SuppressWarnings("unused")
52 private static final Logger logger
= Logger
.getLogger(SecurityWithTransaction
.class);
55 private ITaxonService taxonService
;
58 private IDescriptionService descriptionService
;
61 private ITaxonNodeService taxonNodeService
;
64 private IUserService userService
;
68 protected DataSource dataSource
;
70 private Authentication authentication
;
73 private AuthenticationManager authenticationManager
;
76 private ICdmPermissionEvaluator permissionEvaluator
;
78 private UsernamePasswordAuthenticationToken token
;
83 token
= new UsernamePasswordAuthenticationToken("admin", "sPePhAz6");
87 public void testDeleteTaxon(){
88 token
= new UsernamePasswordAuthenticationToken("taxonomist", "test4");
89 authentication
= authenticationManager
.authenticate(token
);
90 SecurityContext context
= SecurityContextHolder
.getContext();
91 context
.setAuthentication(authentication
);
92 Taxon actualTaxon
= (Taxon
)taxonService
.find(UUID
.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
95 DeleteResult result
= taxonService
.deleteTaxon(actualTaxon
.getUuid(), null, null);
96 /*} catch (DataChangeNoRollbackException e) {
106 public void testSaveOrUpdateDescription(){
108 authentication
= authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("descriptionEditor", "test"));
109 SecurityContext context
= SecurityContextHolder
.getContext();
110 context
.setAuthentication(authentication
);
111 /*Taxon taxon = (Taxon) taxonService.load(UUID.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
113 Set<TaxonDescription> descriptions = taxon.getDescriptions();
115 Iterator<TaxonDescription> iterator = descriptions.iterator();
117 TaxonDescription description = iterator.next();*/
118 TaxonDescription description
= (TaxonDescription
) descriptionService
.find(UUID
.fromString("eb17b80a-9be6-4642-a6a8-b19a318925e6"));
120 TextData textData
= new TextData();
121 textData
.setFeature(Feature
.ECOLOGY());
122 Media media
= Media
.NewInstance();
123 textData
.addMedia(media
);
127 //descriptionService.saveDescriptionElement(textData);
128 description
.addElement(textData
);
130 descriptionService
.saveOrUpdate(description
);
132 Taxon taxon
= (Taxon
) taxonService
.find(UUID
.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
133 Set
<TaxonDescription
> descriptions
= taxon
.getDescriptions();
135 Iterator
<TaxonDescription
> iterator
= descriptions
.iterator();
137 description
= iterator
.next();
138 assertEquals(1, descriptions
.size());
139 assertEquals(2,description
.getElements().size());
146 public void testAllowOnlyAccessToPartOfTree(){
147 authentication
= authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("partEditor", "test4"));
148 SecurityContext context
= SecurityContextHolder
.getContext();
149 context
.setAuthentication(authentication
);
151 Taxon tribe
= (Taxon
)taxonService
.find(UUID
.fromString("928a0167-98cd-4555-bf72-52116d067625"));
152 Taxon taxon
= (Taxon
)taxonService
.find(UUID
.fromString("bc09aca6-06fd-4905-b1e7-cbf7cc65d783"));
153 Iterator
<TaxonNode
> it
= tribe
.getTaxonNodes().iterator();
154 TaxonNode node
= it
.next();
156 assertFalse(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
157 node
= node
.getChildNodes().iterator().next();
159 System
.err
.println(node
.getUuid());
161 assertTrue(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
162 node
= node
.getChildNodes().iterator().next();
163 assertTrue(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
164 TaxonDescription description
= TaxonDescription
.NewInstance(taxon
);
166 taxonNodeService
.saveOrUpdate(node
);
167 assertFalse(permissionEvaluator
.hasPermission(authentication
, description
, "UPDATE"));
173 * @see eu.etaxonomy.cdm.test.integration.CdmIntegrationTest#createTestData()
176 public void createTestDataSet() throws FileNotFoundException
{
177 // TODO Auto-generated method stub