X-Git-Url: https://dev.e-taxonomy.eu/gitweb/cdmlib.git/blobdiff_plain/cb03e48fd19ee88751322f0798798c65a80dc20b..84ab49d70a39676f233056ef68502dff371b370d:/cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityTest.java diff --git a/cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityTest.java b/cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityTest.java index ac8b4152ec..1c56ab3bbd 100644 --- a/cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityTest.java +++ b/cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityTest.java @@ -12,7 +12,10 @@ import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; +import java.io.FileNotFoundException; import java.util.Collection; +import java.util.EnumSet; +import java.util.HashSet; import java.util.List; import java.util.Set; import java.util.UUID; @@ -21,7 +24,6 @@ import javax.sql.DataSource; import org.apache.log4j.Logger; import org.junit.Assert; -import org.junit.Before; import org.junit.Ignore; import org.junit.Test; import org.springframework.security.access.AccessDeniedException; @@ -33,16 +35,16 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.context.SecurityContext; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.transaction.PlatformTransactionManager; import org.unitils.database.annotations.TestDataSource; import org.unitils.dbunit.annotation.DataSet; import org.unitils.spring.annotation.SpringBean; import org.unitils.spring.annotation.SpringBeanByType; -import eu.etaxonomy.cdm.api.service.exception.DataChangeNoRollbackException; -import eu.etaxonomy.cdm.api.service.exception.ReferencedObjectUndeletableException; -import eu.etaxonomy.cdm.config.Configuration; -import eu.etaxonomy.cdm.database.EvaluationFailedException; +import com.mchange.util.AssertException; + +import sun.security.provider.PolicyParser.ParsingException; +import eu.etaxonomy.cdm.database.PermissionDeniedException; +import eu.etaxonomy.cdm.model.common.GrantedAuthorityImpl; import eu.etaxonomy.cdm.model.common.User; import eu.etaxonomy.cdm.model.description.DescriptionElementBase; import eu.etaxonomy.cdm.model.description.Feature; @@ -50,49 +52,38 @@ import eu.etaxonomy.cdm.model.description.TaxonDescription; import eu.etaxonomy.cdm.model.description.TextData; import eu.etaxonomy.cdm.model.name.BotanicalName; import eu.etaxonomy.cdm.model.name.Rank; +import eu.etaxonomy.cdm.model.name.TaxonNameBase; +import eu.etaxonomy.cdm.model.name.ZoologicalName; +import eu.etaxonomy.cdm.model.reference.Reference; +import eu.etaxonomy.cdm.model.reference.ReferenceFactory; import eu.etaxonomy.cdm.model.taxon.Classification; import eu.etaxonomy.cdm.model.taxon.Synonym; import eu.etaxonomy.cdm.model.taxon.SynonymRelationshipType; import eu.etaxonomy.cdm.model.taxon.Taxon; import eu.etaxonomy.cdm.model.taxon.TaxonBase; import eu.etaxonomy.cdm.model.taxon.TaxonNode; +import eu.etaxonomy.cdm.persistence.hibernate.permission.CRUD; +import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmAuthority; +import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmPermissionClass; import eu.etaxonomy.cdm.persistence.hibernate.permission.CdmPermissionEvaluator; import eu.etaxonomy.cdm.persistence.hibernate.permission.Operation; import eu.etaxonomy.cdm.persistence.query.MatchMode; -import eu.etaxonomy.cdm.test.integration.CdmTransactionalIntegrationTestWithSecurity; @DataSet -public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ - - private static final UUID UUID_ACHERONTINII = UUID.fromString("928a0167-98cd-4555-bf72-52116d067625"); - - private static final UUID UUID_ACHERONTIA_STYX = UUID.fromString("7b8b5cb3-37ba-4dba-91ac-4c6ffd6ac331"); - - private static final UUID UUID_LACTUCA = UUID.fromString("b2b007a4-9c8c-43a1-8da4-20ed85464cf2"); - - private static final UUID PART_EDITOR_UUID = UUID.fromString("38a251bd-0ba4-426f-8fcb-5c09560749a7"); - - private static final String PASSWORD_TAXON_EDITOR = "test2"; - - private static final String PASSWORD_ADMIN = "sPePhAz6"; - - private static final UUID ACHERONTIA_NODE_UUID = UUID.fromString("20c8f083-5870-4cbd-bf56-c5b2b98ab6a7"); - - private static final UUID ACHERONTIINI_NODE_UUID = UUID.fromString("cecfa77f-f26a-4476-9d87-a8d993cb55d9"); +public class SecurityTest extends AbstractSecurityTestBase{ - private static final UUID ACHERONTIA_LACHESIS_UUID = UUID.fromString("bc09aca6-06fd-4905-b1e7-cbf7cc65d783"); private static final Logger logger = Logger.getLogger(SecurityTest.class); - /** - * The transaction manager to use - */ @SpringBeanByType - PlatformTransactionManager transactionManager; + private ITaxonService taxonService; @SpringBeanByType - private ITaxonService taxonService; + private INameService nameService; + + @SpringBeanByType + private IReferenceService referenceService; @SpringBeanByType private ITaxonNodeService taxonNodeService; @@ -106,11 +97,6 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ @SpringBeanByType private IClassificationService classificationService; - @TestDataSource - protected DataSource dataSource; - - private Authentication authentication; - @SpringBeanByType private AuthenticationManager authenticationManager; @@ -123,72 +109,10 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ @SpringBean("cdmPermissionEvaluator") private CdmPermissionEvaluator permissionEvaluator; - private UsernamePasswordAuthenticationToken tokenForAdmin; - - private UsernamePasswordAuthenticationToken tokenForTaxonEditor; - - private UsernamePasswordAuthenticationToken tokenForDescriptionEditor; - - private UsernamePasswordAuthenticationToken tokenForPartEditor; - - private UsernamePasswordAuthenticationToken tokenForTaxonomist; - - private UsernamePasswordAuthenticationToken tokenForUserManager; - - - - @Before - public void setUp(){ - /* User 'admin': - - ROLE_ADMIN - - TAXONBASE.[READ] - - TAXONBASE.[CREATE] - - TAXONBASE.[DELETE] - - TAXONBASE.[UPDATE] - */ - tokenForAdmin = new UsernamePasswordAuthenticationToken(Configuration.adminLogin, PASSWORD_ADMIN); - - /* User 'userManager': - - ROLE_ADMIN - - TAXONBASE.[READ] - - TAXONBASE.[CREATE] - - TAXONBASE.[DELETE] - - TAXONBASE.[UPDATE] - */ - tokenForUserManager = new UsernamePasswordAuthenticationToken("userManager", PASSWORD_ADMIN); - - /* User 'taxonEditor': - - TAXONBASE.[CREATE] - - TAXONBASE.[UPDATE] - */ - tokenForTaxonEditor = new UsernamePasswordAuthenticationToken("taxonEditor", PASSWORD_TAXON_EDITOR); - - /* User 'descriptionEditor': - - DESCRIPTIONBASE.[CREATE] - - DESCRIPTIONBASE.[UPDATE] - - DESCRIPTIONELEMENT(Ecology).[CREATE] - - DESCRIPTIONELEMENT(Ecology).[UPDATE] - */ - tokenForDescriptionEditor = new UsernamePasswordAuthenticationToken("descriptionEditor", "test"); + @TestDataSource + protected DataSource dataSource; - /* User 'partEditor': - - TAXONBASE.[ADMIN] - - TAXONNODE.[UPDATE,CREATE,DELETE,READ,UPDATE]{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7} - - DESCRIPTIONELEMENTBASE.[CREATE,DELETE,READ,UPDATE] - - DESCRIPTIONBASE.[CREATE,DELETE,READ,UPDATE] - */ - tokenForPartEditor = new UsernamePasswordAuthenticationToken("partEditor", "test4"); - - /* User 'taxonomist': - - TAXONBASE.[READ] - - TAXONBASE.[CREATE] - - TAXONBASE.[DELETE] - - TAXONBASE.[UPDATE] - - DESCRIPTIONELEMENTBASE.[CREATE,DELETE,READ,UPDATE] - - DESCRIPTIONBASE.[CREATE,DELETE,READ,UPDATE] - */ - tokenForTaxonomist = new UsernamePasswordAuthenticationToken("taxonomist", "test4"); - } + private Authentication authentication; /** @@ -248,8 +172,8 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ logger.debug("Expected failure of evaluation.", e); exception = e; } catch (RuntimeException e){ - exception = findThrowableOfTypeIn(EvaluationFailedException.class, e); - logger.debug("Expected failure of evaluation.", exception); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); + logger.debug("Expected failure of evaluation.", e); } finally { // needed in case saveOrUpdate was interrupted by the RuntimeException // commitAndStartNewTransaction() would raise an UnexpectedRollbackException @@ -276,7 +200,7 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ logger.error("Unexpected failure of evaluation.", e); exception = e; } catch (RuntimeException e){ - exception = findThrowableOfTypeIn(EvaluationFailedException.class, e); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); logger.error("unexpected failure of evaluation.", exception); } finally { // needed in case saveOrUpdate was interrupted by the RuntimeException @@ -313,9 +237,9 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ context.setAuthentication(authentication); Taxon expectedTaxon = Taxon.NewInstance(BotanicalName.NewInstance(Rank.SPECIES()), null); + expectedTaxon.getName().setTitleCache("Newby admin", true); UUID uuid = taxonService.save(expectedTaxon); commitAndStartNewTransaction(null); - //taxonService.getSession().flush(); TaxonBase actualTaxon = taxonService.load(uuid); assertEquals(expectedTaxon, actualTaxon); @@ -323,11 +247,195 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ context = SecurityContextHolder.getContext(); context.setAuthentication(authentication); expectedTaxon = Taxon.NewInstance(BotanicalName.NewInstance(Rank.GENUS()), null); - taxonService.saveOrUpdate(actualTaxon); + expectedTaxon.getName().setTitleCache("Newby taxonEditor", true); + uuid = taxonService.saveOrUpdate(expectedTaxon); commitAndStartNewTransaction(null); + actualTaxon = taxonService.load(uuid); + assertEquals(expectedTaxon, actualTaxon); } + @Test + public final void testSaveNameAllow() { + + authentication = authenticationManager.authenticate(tokenForTaxonEditor); + SecurityContext context = SecurityContextHolder.getContext(); + context.setAuthentication(authentication); + + ZoologicalName newName = ZoologicalName.NewInstance(Rank.SPECIES()); + newName.setTitleCache("Newby taxonEditor", true); + UUID uuid = nameService.saveOrUpdate(newName); + commitAndStartNewTransaction(null); + TaxonNameBase savedName = nameService.load(uuid); + assertEquals(newName, savedName); + } + + + @Test + public final void testReuseNameAllow() { + + authentication = authenticationManager.authenticate(tokenForTaxonEditor); + SecurityContext context = SecurityContextHolder.getContext(); + context.setAuthentication(authentication); + + TaxonBase taxon = taxonService.find(UUID_ACHERONTIA_STYX); + TaxonNameBase n_acherontia_thetis = taxon.getName(); + + Taxon newTaxon = Taxon.NewInstance(n_acherontia_thetis, ReferenceFactory.newGeneric()); + Exception exception = null; + try { + UUID uuid = taxonService.save(newTaxon); + commitAndStartNewTransaction(null); + } catch (AccessDeniedException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = e; + } catch (RuntimeException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); + } finally { + // needed in case saveOrUpdate was interrupted by the RuntimeException + // commitAndStartNewTransaction() would raise an UnexpectedRollbackException + endTransaction(); + startNewTransaction(); + } + Assert.assertNull("must not fail here!", exception); + } + + @Test + public final void testMakeTaxonNodeASynonymOfAnotherTaxonNodeAllow_1() { + + authentication = authenticationManager.authenticate(tokenForTaxonEditor); + SecurityContext context = SecurityContextHolder.getContext(); + context.setAuthentication(authentication); + + Reference book = referenceService.load(BOOK1_UUID); + + TaxonNode n_acherontia_styx = taxonNodeService.find(ACHERONTIA_STYX_NODE_UUID); + TaxonNode n_acherontia_lachersis = taxonNodeService.find(ACHERONTIA_LACHESIS_NODE_UUID); + + Exception exception = null; + try { + taxonNodeService.makeTaxonNodeASynonymOfAnotherTaxonNode(n_acherontia_styx, n_acherontia_lachersis, SynonymRelationshipType.HETEROTYPIC_SYNONYM_OF(), book , "33"); + commitAndStartNewTransaction(null); + } catch (AccessDeniedException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = e; + } catch (RuntimeException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); + }finally { + // needed in case saveOrUpdate was interrupted by the RuntimeException + // commitAndStartNewTransaction() would raise an UnexpectedRollbackException + endTransaction(); + startNewTransaction(); + } + Assert.assertNull("must not fail here!", exception); + } + + @Test + public final void testMakeTaxonNodeASynonymOfAnotherTaxonNodeAllow_2() { + + authentication = authenticationManager.authenticate(tokenForTaxonEditor); + SecurityContext context = SecurityContextHolder.getContext(); + context.setAuthentication(authentication); + + Reference book = referenceService.load(BOOK1_UUID); + + TaxonNode n_acherontia_styx = taxonNodeService.find(ACHERONTIA_STYX_NODE_UUID); + TaxonNode n_acherontia_lachersis = taxonNodeService.find(ACHERONTIA_LACHESIS_NODE_UUID); + + Exception exception = null; + try { + taxonNodeService.makeTaxonNodeASynonymOfAnotherTaxonNode(n_acherontia_lachersis, n_acherontia_styx, SynonymRelationshipType.HOMOTYPIC_SYNONYM_OF(), book , "33"); + commitAndStartNewTransaction(null); + } catch (AccessDeniedException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = e; + } catch (RuntimeException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); + } finally { + // needed in case saveOrUpdate was interrupted by the RuntimeException + // commitAndStartNewTransaction() would raise an UnexpectedRollbackException + endTransaction(); + startNewTransaction(); + } + Assert.assertNull("must not fail here!", exception); + } + + @Test + public final void testUpdateReferenceAllow() throws ParsingException { + + + authentication = authenticationManager.authenticate(tokenForUserManager); + SecurityContext context = SecurityContextHolder.getContext(); + context.setAuthentication(authentication); + + // add REFERENCE[UPDATE] to taxonEditor + User taxonEditor = userService.load(TAXON_EDITOR_UUID); + Set grantedAuthorities = new HashSet(); + grantedAuthorities.addAll(taxonEditor.getGrantedAuthorities()); + GrantedAuthorityImpl referenceUpdate_ga = new CdmAuthority(CdmPermissionClass.REFERENCE, null, EnumSet.of(CRUD.UPDATE), null).asNewGrantedAuthority(); + grantedAuthorities.add(referenceUpdate_ga); + taxonEditor.setGrantedAuthorities(grantedAuthorities); + userService.saveOrUpdate(taxonEditor); + commitAndStartNewTransaction(null); + + authentication = authenticationManager.authenticate(tokenForTaxonEditor); + context = SecurityContextHolder.getContext(); + context.setAuthentication(authentication); + + Reference book = referenceService.load(BOOK1_UUID); + book.setTitleCache("Mobydick", true); + Exception exception = null; + try { + referenceService.saveOrUpdate(book); + commitAndStartNewTransaction(null); + } catch (AccessDeniedException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = e; + } catch (RuntimeException e){ + logger.error("Unexpected failure of evaluation.", e); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); + } finally { + // needed in case saveOrUpdate was interrupted by the RuntimeException + // commitAndStartNewTransaction() would raise an UnexpectedRollbackException + endTransaction(); + startNewTransaction(); + } + Assert.assertNull("must not fail here!", exception); + book = referenceService.load(BOOK1_UUID); + Assert.assertEquals("Mobydick", book.getTitleCache()); + } + + @Test + public final void testUpateReferenceDeny() { + + authentication = authenticationManager.authenticate(tokenForTaxonEditor); + SecurityContext context = SecurityContextHolder.getContext(); + context.setAuthentication(authentication); + + TaxonBase taxon = taxonService.find(UUID_ACHERONTIA_STYX); + taxon.getName().getNomenclaturalReference().setTitleCache("Mobydick", true); + Exception exception = null; + try { + UUID uuid = taxonService.saveOrUpdate(taxon); + commitAndStartNewTransaction(null); + } catch (AccessDeniedException e){ + logger.debug("Expected failure of evaluation.", e); + exception = e; + } catch (RuntimeException e){ + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); + logger.debug("Expected failure of evaluation.", e); + } finally { + // needed in case saveOrUpdate was interrupted by the RuntimeException + // commitAndStartNewTransaction() would raise an UnexpectedRollbackException + endTransaction(); + startNewTransaction(); + } + Assert.assertNotNull("must fail here!", exception); + } + @Test public void testChangeOwnPassword(){ @@ -365,7 +473,7 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ logger.error("Unexpected failure of evaluation.", e); exception = e; } catch (RuntimeException e){ - exception = findThrowableOfTypeIn(EvaluationFailedException.class, e); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); logger.error("Unexpected failure of evaluation.", exception); } finally { // needed in case saveOrUpdate was interrupted by the RuntimeException @@ -405,8 +513,8 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ logger.debug("Expected failure of evaluation.", e); exception = e; } catch (RuntimeException e){ - exception = findThrowableOfTypeIn(EvaluationFailedException.class, e); - logger.debug("Expected failure of evaluation.", exception); + exception = findThrowableOfTypeIn(PermissionDeniedException.class, e); + logger.debug("Expected failure of evaluation.", e); } finally { // needed in case saveOrUpdate was interrupted by the RuntimeException // commitAndStartNewTransaction() would raise an UnexpectedRollbackException @@ -466,7 +574,7 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ Assert.assertNull("evaluation must not fail since the user is permitted, CAUSE :" + (securityException != null ? securityException.getMessage() : ""), securityException); // reload taxon taxon = taxonService.find(UUID_ACHERONTIA_STYX); - Assert.assertTrue("The change must be persited", taxon.isDoubtful()); + Assert.assertTrue("The change must be persisted", taxon.isDoubtful()); } /** @@ -540,33 +648,126 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ Assert.assertFalse("The change must not be persited", taxon.isDoubtful()); } + @Test + public final void testTaxonPublishAllow_ROLE_ADMIN() { + + SecurityContext context = SecurityContextHolder.getContext(); + + authentication = authenticationManager.authenticate(tokenForAdmin); + context.setAuthentication(authentication); + RuntimeException securityException= null; + + Taxon taxon = (Taxon) taxonService.find(UUID_ACHERONTIA_STYX); + + boolean lastIsPublish = taxon.isPublish(); + taxon.setPublish(!lastIsPublish); + try{ + taxonService.saveOrUpdate(taxon); + commitAndStartNewTransaction(null); + } catch (RuntimeException e){ + securityException = findSecurityRuntimeException(e); + logger.error("Unexpected failure of evaluation.", e); + } finally { + // needed in case saveOrUpdate was interrupted by the RuntimeException + // commitAndStartNewTransaction() would raise an UnexpectedRollbackException + endTransaction(); + startNewTransaction(); + } + Assert.assertNull("evaluation must not fail since the user has ROLE_ADMIN, CAUSE :" + (securityException != null ? securityException.getMessage() : ""), securityException); + // reload taxon + taxon = (Taxon) taxonService.find(UUID_ACHERONTIA_STYX); + Assert.assertTrue("The change must be persisted", taxon.isPublish() != lastIsPublish); + } + + /** - * test with admin account - should succeed + * test with Taxonomist account which has the ROLE_PUBLISH */ @Test - public final void testTaxonDeleteAllow_1() { + public final void testTaxonPublishAllow_ROLE_PUBLISH() { SecurityContext context = SecurityContextHolder.getContext(); - authentication = authenticationManager.authenticate(tokenForAdmin); + authentication = authenticationManager.authenticate(tokenForTaxonomist); context.setAuthentication(authentication); RuntimeException securityException= null; - TaxonBase taxon = taxonService.load(UUID_LACTUCA); + Taxon taxon = (Taxon) taxonService.find(UUID_ACHERONTIA_STYX); + + boolean lastIsPublish = taxon.isPublish(); + taxon.setPublish(!lastIsPublish); try{ - taxonService.delete(taxon); + taxonService.saveOrUpdate(taxon); commitAndStartNewTransaction(null); } catch (RuntimeException e){ securityException = findSecurityRuntimeException(e); logger.error("Unexpected failure of evaluation.", e); - }catch(ReferencedObjectUndeletableException e){ - Assert.fail(); - }finally { + } finally { + // needed in case saveOrUpdate was interrupted by the RuntimeException + // commitAndStartNewTransaction() would raise an UnexpectedRollbackException + endTransaction(); + startNewTransaction(); + } + Assert.assertNull("evaluation must not fail since the user has ROLE_ADMIN, CAUSE :" + (securityException != null ? securityException.getMessage() : ""), securityException); + // reload taxon + taxon = (Taxon) taxonService.find(UUID_ACHERONTIA_STYX); + Assert.assertTrue("The change must be persisted", taxon.isPublish() != lastIsPublish); + } + + /** + * test with TaxonEditor account which has not the ROLE_PUBLISH + */ + @Test + public final void testTaxonPublishDeny() { + + SecurityContext context = SecurityContextHolder.getContext(); + + authentication = authenticationManager.authenticate(tokenForTaxonEditor); + context.setAuthentication(authentication); + RuntimeException securityException= null; + + Taxon taxon = (Taxon) taxonService.find(UUID_ACHERONTIA_STYX); + + boolean lastIsPublish = taxon.isPublish(); + taxon.setPublish(!lastIsPublish); + try { + taxonService.saveOrUpdate(taxon); + commitAndStartNewTransaction(null); + } catch (RuntimeException e){ + securityException = findSecurityRuntimeException(e); + logger.debug("Expected failure of evaluation.", securityException); + } finally { // needed in case saveOrUpdate was interrupted by the RuntimeException // commitAndStartNewTransaction() would raise an UnexpectedRollbackException endTransaction(); startNewTransaction(); } + + Assert.assertNotNull("evaluation must fail since the user is not permitted", securityException); + // reload taxon + taxon = (Taxon) taxonService.find(UUID_ACHERONTIA_STYX); + Assert.assertTrue("The taxon must be unchanged", taxon.isPublish() == lastIsPublish); + } + + /** + * test with admin account - should succeed + */ + @Test + public final void testTaxonDeleteAllow_1() { + + SecurityContext context = SecurityContextHolder.getContext(); + + authentication = authenticationManager.authenticate(tokenForAdmin); + context.setAuthentication(authentication); + RuntimeException securityException= null; + + TaxonBase taxon = taxonService.load(UUID_LACTUCA); + taxonService.delete(taxon); + commitAndStartNewTransaction(null); + + + + Assert.assertNull("evaluation must not fail since the user is permitted, CAUSE :" + (securityException != null ? securityException.getMessage() : ""), securityException); // reload taxon taxon = taxonService.load(UUID_LACTUCA); @@ -587,10 +788,13 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ Taxon taxon = (Taxon)taxonService.load(UUID_ACHERONTINII); try{ - try { - taxonService.deleteTaxon(taxon, null, null); - } catch (DataChangeNoRollbackException e) { + // try { + DeleteResult result = taxonService.deleteTaxon(taxon.getUuid(), null, null); + /*} catch (DataChangeNoRollbackException e) { Assert.fail(); + }*/ + if (!result.isOk()){ + Assert.fail(); } commitAndStartNewTransaction(null); } catch (RuntimeException e){ @@ -622,27 +826,23 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ authentication = authenticationManager.authenticate(tokenForDescriptionEditor); context.setAuthentication(authentication); - TaxonBase taxon = taxonService.load(UUID_LACTUCA); - - try { - taxonService.delete(taxon); - commitAndStartNewTransaction(null); - } catch (RuntimeException e){ - securityException = findSecurityRuntimeException(e); - logger.debug("Expected failure of evaluation.", securityException); - }catch(ReferencedObjectUndeletableException e){ - Assert.fail(); - } finally { - // needed in case saveOrUpdate was interrupted by the RuntimeException - // commitAndStartNewTransaction() would raise an UnexpectedRollbackException - endTransaction(); - startNewTransaction(); + Taxon taxon = (Taxon)taxonService.load(UUID_LACTUCA); + try{ + DeleteResult result = taxonService.deleteTaxon(taxon.getUuid(), null, null); + Assert.fail(); + }catch(PermissionDeniedException e){ + } + endTransaction(); + startNewTransaction(); + - Assert.assertNotNull("evaluation must fail since the user is not permitted", securityException); + //Assert.assertNotNull("evaluation must fail since the user is not permitted", securityException); // reload taxon - taxon = taxonService.load(UUID_LACTUCA); + taxon = (Taxon)taxonService.load(UUID_LACTUCA); + Assert.assertNotNull("The change must still exist", taxon); + Assert.assertNotNull("The name must still exist",taxon.getName()); } @@ -716,6 +916,7 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ } +// @Ignore // FIXME http://dev.e-taxonomy.eu/trac/ticket/4081 : #4081 (TaxonNodeServiceImpl.makeTaxonNodeASynonymOfAnotherTaxonNode() requires TAXONNAMEBASE.[UPDATE]) @Test public void testAcceptedTaxonToSynomym(){ @@ -726,8 +927,9 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ RuntimeException securityException = null; Taxon t_acherontia_lachesis = (Taxon)taxonService.load(ACHERONTIA_LACHESIS_UUID); + UUID name_acherontia_lachesis_uuid = t_acherontia_lachesis.getName().getUuid(); Taxon t_acherontia_styx = (Taxon)taxonService.load(UUID_ACHERONTIA_STYX); - + int countSynsBefore = t_acherontia_styx.getSynonyms().size(); TaxonNode n_acherontia_lachesis = t_acherontia_lachesis.getTaxonNodes().iterator().next(); TaxonNode n_acherontia_styx = t_acherontia_styx.getTaxonNodes().iterator().next(); @@ -735,19 +937,16 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ int numOfSynonymsBefore_styx = t_acherontia_styx.getSynonyms().size(); int numOfSynonymsBefore_lachesis = t_acherontia_lachesis.getSynonyms().size(); - UUID synonymUuid = null; // UUID.randomUUID(); - + try { - Synonym synonym = taxonNodeService.makeTaxonNodeASynonymOfAnotherTaxonNode(n_acherontia_lachesis, n_acherontia_styx, SynonymRelationshipType.SYNONYM_OF(), null, null); - synonymUuid = synonym.getUuid(); - taxonService.saveOrUpdate(synonym); + DeleteResult result = taxonNodeService.makeTaxonNodeASynonymOfAnotherTaxonNode(n_acherontia_lachesis, n_acherontia_styx, SynonymRelationshipType.SYNONYM_OF(), null, null); +// synonymUuid = synonym.getUuid(); +// taxonService.saveOrUpdate(synonym); commitAndStartNewTransaction(null); } catch (RuntimeException e){ securityException = findSecurityRuntimeException(e); logger.error("Unexpected Exception ", e); Assert.fail("Unexpected Exception: " + e.getMessage()); - } catch (DataChangeNoRollbackException e) { - Assert.fail("Unexpected Exception: " + e.getMessage()); } finally { // needed in case saveOrUpdate was interrupted by the RuntimeException // commitAndStartNewTransaction() would raise an UnexpectedRollbackException @@ -761,8 +960,9 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ // reload from db and check assertions t_acherontia_styx = (Taxon)taxonService.load(UUID_ACHERONTIA_STYX); - Assert.assertEquals("Acherontia styx now must have a synonym", numOfSynonymsBefore_styx + numOfSynonymsBefore_lachesis + 1, t_acherontia_styx.getSynonyms().size()); - Assert.assertTrue("Acherontia lachesis now must be a synonym", taxonService.load(synonymUuid) instanceof Synonym); + Assert.assertEquals(numOfSynonymsBefore_styx +1 + numOfSynonymsBefore_lachesis, t_acherontia_styx.getSynonyms().size()); + + Assert.assertNotNull(nameService.load(name_acherontia_lachesis_uuid) ); Assert.assertNull("The old TaxonNode should no longer exist", taxonNodeService.find(n_acherontia_lachesis.getUuid())); } @@ -1008,4 +1208,13 @@ public class SecurityTest extends CdmTransactionalIntegrationTestWithSecurity{ } + /* (non-Javadoc) + * @see eu.etaxonomy.cdm.test.integration.CdmIntegrationTest#createTestData() + */ + @Override + public void createTestDataSet() throws FileNotFoundException { + // TODO Auto-generated method stub + + } + }