2 package eu
.etaxonomy
.cdm
.api
.service
;
4 import static org
.junit
.Assert
.assertEquals
;
5 import static org
.junit
.Assert
.assertFalse
;
6 import static org
.junit
.Assert
.assertTrue
;
8 import java
.io
.FileNotFoundException
;
9 import java
.util
.Iterator
;
11 import java
.util
.UUID
;
13 import javax
.sql
.DataSource
;
15 import org
.apache
.logging
.log4j
.LogManager
;
16 import org
.apache
.logging
.log4j
.Logger
;
17 import org
.junit
.Assert
;
18 import org
.junit
.Before
;
19 import org
.junit
.Ignore
;
20 import org
.junit
.Test
;
21 import org
.springframework
.security
.authentication
.AuthenticationManager
;
22 import org
.springframework
.security
.authentication
.UsernamePasswordAuthenticationToken
;
23 import org
.springframework
.security
.core
.Authentication
;
24 import org
.springframework
.security
.core
.context
.SecurityContext
;
25 import org
.springframework
.security
.core
.context
.SecurityContextHolder
;
26 import org
.unitils
.database
.annotations
.TestDataSource
;
27 import org
.unitils
.dbunit
.annotation
.DataSet
;
28 import org
.unitils
.spring
.annotation
.SpringBeanByName
;
30 import eu
.etaxonomy
.cdm
.model
.description
.Feature
;
31 import eu
.etaxonomy
.cdm
.model
.description
.TaxonDescription
;
32 import eu
.etaxonomy
.cdm
.model
.description
.TextData
;
33 import eu
.etaxonomy
.cdm
.model
.media
.Media
;
34 import eu
.etaxonomy
.cdm
.model
.taxon
.Taxon
;
35 import eu
.etaxonomy
.cdm
.model
.taxon
.TaxonNode
;
36 import eu
.etaxonomy
.cdm
.persistence
.permission
.ICdmPermissionEvaluator
;
37 import eu
.etaxonomy
.cdm
.test
.integration
.CdmTransactionalIntegrationTestWithSecurity
;
42 * Test class only for development purposes, must be run in suite.
44 //@RunWith(UnitilsJUnit4TestClassRunner.class)
45 //@SpringApplicationContext({"/eu/etaxonomy/cdm/applicationContextSecurity.xml"})
47 @Ignore // should be ignored
48 @DataSet("SecurityTest.xml")
49 public class SecurityWithTransaction
extends CdmTransactionalIntegrationTestWithSecurity
{
51 @SuppressWarnings("unused")
52 private static final Logger logger
= LogManager
.getLogger();
55 private ITaxonService taxonService
;
58 private IDescriptionService descriptionService
;
61 private ITaxonNodeService taxonNodeService
;
64 private IUserService userService
;
67 protected DataSource dataSource
;
69 private Authentication authentication
;
72 private AuthenticationManager authenticationManager
;
75 private ICdmPermissionEvaluator permissionEvaluator
;
77 private UsernamePasswordAuthenticationToken token
;
81 token
= new UsernamePasswordAuthenticationToken("admin", "sPePhAz6");
85 public void testDeleteTaxon(){
86 token
= new UsernamePasswordAuthenticationToken("taxonomist", "test4");
87 authentication
= authenticationManager
.authenticate(token
);
88 SecurityContext context
= SecurityContextHolder
.getContext();
89 context
.setAuthentication(authentication
);
90 Taxon actualTaxon
= (Taxon
)taxonService
.find(UUID
.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
93 DeleteResult result
= taxonService
.deleteTaxon(actualTaxon
.getUuid(), null, null);
94 /*} catch (DataChangeNoRollbackException e) {
103 public void testSaveOrUpdateDescription(){
105 authentication
= authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("descriptionEditor", "test"));
106 SecurityContext context
= SecurityContextHolder
.getContext();
107 context
.setAuthentication(authentication
);
108 /*Taxon taxon = (Taxon) taxonService.load(UUID.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
110 Set<TaxonDescription> descriptions = taxon.getDescriptions();
112 Iterator<TaxonDescription> iterator = descriptions.iterator();
114 TaxonDescription description = iterator.next();*/
115 TaxonDescription description
= (TaxonDescription
) descriptionService
.find(UUID
.fromString("eb17b80a-9be6-4642-a6a8-b19a318925e6"));
117 TextData textData
= new TextData();
118 textData
.setFeature(Feature
.ECOLOGY());
119 Media media
= Media
.NewInstance();
120 textData
.addMedia(media
);
122 //descriptionService.saveDescriptionElement(textData);
123 description
.addElement(textData
);
125 descriptionService
.saveOrUpdate(description
);
127 Taxon taxon
= (Taxon
) taxonService
.find(UUID
.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
128 Set
<TaxonDescription
> descriptions
= taxon
.getDescriptions();
130 Iterator
<TaxonDescription
> iterator
= descriptions
.iterator();
132 description
= iterator
.next();
133 assertEquals(1, descriptions
.size());
134 assertEquals(2,description
.getElements().size());
138 public void testAllowOnlyAccessToPartOfTree(){
139 authentication
= authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("partEditor", "test4"));
140 SecurityContext context
= SecurityContextHolder
.getContext();
141 context
.setAuthentication(authentication
);
143 Taxon tribe
= (Taxon
)taxonService
.find(UUID
.fromString("928a0167-98cd-4555-bf72-52116d067625"));
144 Taxon taxon
= (Taxon
)taxonService
.find(UUID
.fromString("bc09aca6-06fd-4905-b1e7-cbf7cc65d783"));
145 Iterator
<TaxonNode
> it
= tribe
.getTaxonNodes().iterator();
146 TaxonNode node
= it
.next();
148 assertFalse(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
149 node
= node
.getChildNodes().iterator().next();
151 System
.err
.println(node
.getUuid());
153 assertTrue(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
154 node
= node
.getChildNodes().iterator().next();
155 assertTrue(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
156 TaxonDescription description
= TaxonDescription
.NewInstance(taxon
);
158 taxonNodeService
.saveOrUpdate(node
);
159 assertFalse(permissionEvaluator
.hasPermission(authentication
, description
, "UPDATE"));
163 public void createTestDataSet() throws FileNotFoundException
{}