cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityWithTransaction.java

   1
   2 package eu.etaxonomy.cdm.api.service;
   3
   4 import static org.junit.Assert.assertEquals;
   5 import static org.junit.Assert.assertFalse;
   6 import static org.junit.Assert.assertTrue;
   7
   8 import java.io.FileNotFoundException;
   9 import java.util.Iterator;
  10 import java.util.Set;
  11 import java.util.UUID;
  12
  13 import javax.sql.DataSource;
  14
  15 import org.apache.log4j.Logger;
  16 import org.junit.Assert;
  17 import org.junit.Before;
  18 import org.junit.Ignore;
  19 import org.junit.Test;
  20 import org.springframework.security.authentication.AuthenticationManager;
  21 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
  22 import org.springframework.security.core.Authentication;
  23 import org.springframework.security.core.context.SecurityContext;
  24 import org.springframework.security.core.context.SecurityContextHolder;
  25 import org.unitils.database.annotations.TestDataSource;
  26 import org.unitils.dbunit.annotation.DataSet;
  27 import org.unitils.spring.annotation.SpringBeanByName;
  28
  29 import eu.etaxonomy.cdm.model.description.Feature;
  30 import eu.etaxonomy.cdm.model.description.TaxonDescription;
  31 import eu.etaxonomy.cdm.model.description.TextData;
  32 import eu.etaxonomy.cdm.model.media.Media;
  33 import eu.etaxonomy.cdm.model.taxon.Taxon;
  34 import eu.etaxonomy.cdm.model.taxon.TaxonNode;
  35 import eu.etaxonomy.cdm.persistence.hibernate.permission.ICdmPermissionEvaluator;
  36 import eu.etaxonomy.cdm.test.integration.CdmTransactionalIntegrationTestWithSecurity;
  37
  38
  39
  40 /**
  41  * Test class only for development purposes, must be run in suite.
  42  *
  43  */
  44 //@RunWith(UnitilsJUnit4TestClassRunner.class)
  45 //@SpringApplicationContext({"/eu/etaxonomy/cdm/applicationContextSecurity.xml"})
  46 //@Transactional
  47 @Ignore // should be ignored
  48 @DataSet("SecurityTest.xml")
  49 public class SecurityWithTransaction extends CdmTransactionalIntegrationTestWithSecurity {
  50
  51     @SuppressWarnings("unused")
  52     private static final Logger logger = Logger.getLogger(SecurityWithTransaction.class);
  53
  54     @SpringBeanByName
  55     private ITaxonService taxonService;
  56
  57     @SpringBeanByName
  58     private IDescriptionService descriptionService;
  59
  60     @SpringBeanByName
  61     private ITaxonNodeService taxonNodeService;
  62
  63     @SpringBeanByName
  64     private IUserService userService;
  65
  66
  67     @TestDataSource
  68     protected DataSource dataSource;
  69
  70     private Authentication authentication;
  71
  72     @SpringBeanByName
  73     private AuthenticationManager authenticationManager;
  74
  75     @SpringBeanByName
  76     private ICdmPermissionEvaluator permissionEvaluator;
  77
  78     private UsernamePasswordAuthenticationToken token;
  79
  80
  81     @Before
  82     public void setUp(){
  83         token = new UsernamePasswordAuthenticationToken("admin", "sPePhAz6");
  84     }
  85
  86     @Test
  87     public void testDeleteTaxon(){
  88         token = new UsernamePasswordAuthenticationToken("taxonomist", "test4");
  89         authentication = authenticationManager.authenticate(token);
  90         SecurityContext context = SecurityContextHolder.getContext();
  91         context.setAuthentication(authentication);
  92         Taxon actualTaxon = (Taxon)taxonService.find(UUID.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
  93
  94         //try {
  95                 DeleteResult result = taxonService.deleteTaxon(actualTaxon.getUuid(), null, null);
  96                 /*} catch (DataChangeNoRollbackException e) {
  97                         Assert.fail();
  98                 }*/
  99                 if (!result.isOk()){
 100                         Assert.fail();
 101                 }
 102     }
 103
 104
 105     @Test
 106     public void testSaveOrUpdateDescription(){
 107
 108         authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("descriptionEditor", "test"));
 109         SecurityContext context = SecurityContextHolder.getContext();
 110         context.setAuthentication(authentication);
 111         /*Taxon taxon = (Taxon) taxonService.load(UUID.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
 112
 113         Set<TaxonDescription> descriptions = taxon.getDescriptions();
 114
 115         Iterator<TaxonDescription> iterator = descriptions.iterator();
 116
 117         TaxonDescription description = iterator.next();*/
 118         TaxonDescription description = (TaxonDescription) descriptionService.find(UUID.fromString("eb17b80a-9be6-4642-a6a8-b19a318925e6"));
 119
 120         TextData textData = new TextData();
 121         textData.setFeature(Feature.ECOLOGY());
 122         Media media = Media.NewInstance();
 123         textData.addMedia(media);
 124
 125
 126
 127         //descriptionService.saveDescriptionElement(textData);
 128         description.addElement(textData);
 129
 130         descriptionService.saveOrUpdate(description);
 131
 132         Taxon taxon = (Taxon) taxonService.find(UUID.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
 133         Set<TaxonDescription> descriptions = taxon.getDescriptions();
 134
 135         Iterator<TaxonDescription> iterator = descriptions.iterator();
 136
 137         description = iterator.next();
 138         assertEquals(1, descriptions.size());
 139         assertEquals(2,description.getElements().size());
 140
 141
 142
 143     }
 144
 145     @Test
 146     public void testAllowOnlyAccessToPartOfTree(){
 147         authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("partEditor", "test4"));
 148         SecurityContext context = SecurityContextHolder.getContext();
 149         context.setAuthentication(authentication);
 150
 151         Taxon tribe = (Taxon)taxonService.find(UUID.fromString("928a0167-98cd-4555-bf72-52116d067625"));
 152         Taxon taxon = (Taxon)taxonService.find(UUID.fromString("bc09aca6-06fd-4905-b1e7-cbf7cc65d783"));
 153         Iterator<TaxonNode> it = tribe.getTaxonNodes().iterator();
 154         TaxonNode node = it.next();
 155
 156         assertFalse(permissionEvaluator.hasPermission(authentication, node, "UPDATE"));
 157         node = node.getChildNodes().iterator().next();
 158
 159         System.err.println(node.getUuid());
 160
 161         assertTrue(permissionEvaluator.hasPermission(authentication, node, "UPDATE"));
 162         node = node.getChildNodes().iterator().next();
 163         assertTrue(permissionEvaluator.hasPermission(authentication, node, "UPDATE"));
 164         TaxonDescription description = TaxonDescription.NewInstance(taxon);
 165
 166         taxonNodeService.saveOrUpdate(node);
 167         assertFalse(permissionEvaluator.hasPermission(authentication, description, "UPDATE"));
 168
 169
 170     }
 171
 172     /* (non-Javadoc)
 173      * @see eu.etaxonomy.cdm.test.integration.CdmIntegrationTest#createTestData()
 174      */
 175     @Override
 176     public void createTestDataSet() throws FileNotFoundException {
 177         // TODO Auto-generated method stub
 178
 179     }
 180
 181
 182 }