2 package eu
.etaxonomy
.cdm
.api
.service
;
4 import static org
.junit
.Assert
.assertEquals
;
5 import static org
.junit
.Assert
.assertFalse
;
6 import static org
.junit
.Assert
.assertTrue
;
8 import java
.io
.FileNotFoundException
;
9 import java
.util
.Iterator
;
11 import java
.util
.UUID
;
13 import javax
.sql
.DataSource
;
15 import org
.junit
.Assert
;
16 import org
.apache
.log4j
.Logger
;
17 import org
.junit
.Before
;
18 import org
.junit
.Ignore
;
19 import org
.junit
.Test
;
20 import org
.junit
.runner
.RunWith
;
21 import org
.springframework
.security
.authentication
.AuthenticationManager
;
22 import org
.springframework
.security
.authentication
.UsernamePasswordAuthenticationToken
;
23 import org
.springframework
.security
.core
.Authentication
;
24 import org
.springframework
.security
.core
.context
.SecurityContext
;
25 import org
.springframework
.security
.core
.context
.SecurityContextHolder
;
26 import org
.unitils
.UnitilsJUnit4TestClassRunner
;
27 import org
.unitils
.database
.annotations
.TestDataSource
;
28 import org
.unitils
.database
.annotations
.Transactional
;
29 import org
.unitils
.database
.util
.TransactionMode
;
30 import org
.unitils
.dbunit
.annotation
.DataSet
;
31 import org
.unitils
.spring
.annotation
.SpringApplicationContext
;
32 import org
.unitils
.spring
.annotation
.SpringBeanByName
;
34 import eu
.etaxonomy
.cdm
.api
.service
.DeleteResult
.DeleteStatus
;
35 import eu
.etaxonomy
.cdm
.api
.service
.exception
.DataChangeNoRollbackException
;
36 import eu
.etaxonomy
.cdm
.model
.description
.Feature
;
37 import eu
.etaxonomy
.cdm
.model
.description
.TaxonDescription
;
38 import eu
.etaxonomy
.cdm
.model
.description
.TextData
;
39 import eu
.etaxonomy
.cdm
.model
.media
.Media
;
40 import eu
.etaxonomy
.cdm
.model
.taxon
.Taxon
;
41 import eu
.etaxonomy
.cdm
.model
.taxon
.TaxonNode
;
42 import eu
.etaxonomy
.cdm
.persistence
.hibernate
.permission
.CdmPermissionEvaluator
;
43 import eu
.etaxonomy
.cdm
.test
.integration
.CdmTransactionalIntegrationTestWithSecurity
;
48 * Test class only for development purposes, must be run in suite.
51 //@RunWith(UnitilsJUnit4TestClassRunner.class)
52 //@SpringApplicationContext({"/eu/etaxonomy/cdm/applicationContextSecurity.xml"})
54 @Ignore // should be ignored
55 @DataSet("SecurityTest.xml")
56 public class SecurityWithTransaction
extends CdmTransactionalIntegrationTestWithSecurity
{
58 private static final Logger logger
= Logger
.getLogger(SecurityWithTransaction
.class);
61 private ITaxonService taxonService
;
64 private IDescriptionService descriptionService
;
67 private ITaxonNodeService taxonNodeService
;
70 private IUserService userService
;
74 protected DataSource dataSource
;
76 private Authentication authentication
;
79 private AuthenticationManager authenticationManager
;
82 private CdmPermissionEvaluator permissionEvaluator
;
84 private UsernamePasswordAuthenticationToken token
;
89 token
= new UsernamePasswordAuthenticationToken("admin", "sPePhAz6");
93 public void testDeleteTaxon(){
94 token
= new UsernamePasswordAuthenticationToken("taxonomist", "test4");
95 authentication
= authenticationManager
.authenticate(token
);
96 SecurityContext context
= SecurityContextHolder
.getContext();
97 context
.setAuthentication(authentication
);
98 Taxon actualTaxon
= (Taxon
)taxonService
.find(UUID
.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
101 DeleteResult result
= taxonService
.deleteTaxon(actualTaxon
, null, null);
102 /*} catch (DataChangeNoRollbackException e) {
112 public void testSaveOrUpdateDescription(){
114 authentication
= authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("descriptionEditor", "test"));
115 SecurityContext context
= SecurityContextHolder
.getContext();
116 context
.setAuthentication(authentication
);
117 /*Taxon taxon = (Taxon) taxonService.load(UUID.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
119 Set<TaxonDescription> descriptions = taxon.getDescriptions();
121 Iterator<TaxonDescription> iterator = descriptions.iterator();
123 TaxonDescription description = iterator.next();*/
124 TaxonDescription description
= (TaxonDescription
) descriptionService
.find(UUID
.fromString("eb17b80a-9be6-4642-a6a8-b19a318925e6"));
126 TextData textData
= new TextData();
127 textData
.setFeature(Feature
.ECOLOGY());
128 Media media
= Media
.NewInstance();
129 textData
.addMedia(media
);
133 //descriptionService.saveDescriptionElement(textData);
134 description
.addElement(textData
);
136 descriptionService
.saveOrUpdate(description
);
138 Taxon taxon
= (Taxon
) taxonService
.find(UUID
.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"));
139 Set
<TaxonDescription
> descriptions
= taxon
.getDescriptions();
141 Iterator
<TaxonDescription
> iterator
= descriptions
.iterator();
143 description
= iterator
.next();
144 assertEquals(1, descriptions
.size());
145 assertEquals(2,description
.getElements().size());
152 public void testAllowOnlyAccessToPartOfTree(){
153 authentication
= authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("partEditor", "test4"));
154 SecurityContext context
= SecurityContextHolder
.getContext();
155 context
.setAuthentication(authentication
);
157 Taxon tribe
= (Taxon
)taxonService
.find(UUID
.fromString("928a0167-98cd-4555-bf72-52116d067625"));
158 Taxon taxon
= (Taxon
)taxonService
.find(UUID
.fromString("bc09aca6-06fd-4905-b1e7-cbf7cc65d783"));
159 Iterator
<TaxonNode
> it
= tribe
.getTaxonNodes().iterator();
160 TaxonNode node
= it
.next();
162 assertFalse(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
163 node
= node
.getChildNodes().iterator().next();
165 System
.err
.println(node
.getUuid());
167 assertTrue(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
168 node
= node
.getChildNodes().iterator().next();
169 assertTrue(permissionEvaluator
.hasPermission(authentication
, node
, "UPDATE"));
170 TaxonDescription description
= TaxonDescription
.NewInstance(taxon
);
172 taxonNodeService
.saveOrUpdate(node
);
173 assertFalse(permissionEvaluator
.hasPermission(authentication
, description
, "UPDATE"));
179 * @see eu.etaxonomy.cdm.test.integration.CdmIntegrationTest#createTestData()
182 protected void createTestDataSet() throws FileNotFoundException
{
183 // TODO Auto-generated method stub