Revision 2f9c6d26
Added by Andreas Müller over 8 years ago
| cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityTest.java | ||
|---|---|---|
| 54 | 54 |
import eu.etaxonomy.cdm.model.name.ZoologicalName; |
| 55 | 55 |
import eu.etaxonomy.cdm.model.reference.Reference; |
| 56 | 56 |
import eu.etaxonomy.cdm.model.reference.ReferenceFactory; |
| 57 |
import eu.etaxonomy.cdm.model.taxon.Classification; |
|
| 58 | 57 |
import eu.etaxonomy.cdm.model.taxon.Synonym; |
| 59 | 58 |
import eu.etaxonomy.cdm.model.taxon.SynonymRelationshipType; |
| 60 | 59 |
import eu.etaxonomy.cdm.model.taxon.Taxon; |
| ... | ... | |
| 264 | 263 |
newName.setTitleCache("Newby taxonEditor", true);
|
| 265 | 264 |
UUID uuid = nameService.saveOrUpdate(newName); |
| 266 | 265 |
commitAndStartNewTransaction(null); |
| 267 |
TaxonNameBase savedName = nameService.load(uuid); |
|
| 266 |
TaxonNameBase<?,?> savedName = nameService.load(uuid);
|
|
| 268 | 267 |
assertEquals(newName, savedName); |
| 269 | 268 |
} |
| 270 | 269 |
|
| ... | ... | |
| 308 | 307 |
SecurityContext context = SecurityContextHolder.getContext(); |
| 309 | 308 |
context.setAuthentication(authentication); |
| 310 | 309 |
|
| 311 |
Reference book = referenceService.load(BOOK1_UUID); |
|
| 310 |
Reference<?> book = referenceService.load(BOOK1_UUID);
|
|
| 312 | 311 |
|
| 313 | 312 |
TaxonNode n_acherontia_styx = taxonNodeService.find(ACHERONTIA_STYX_NODE_UUID); |
| 314 | 313 |
TaxonNode n_acherontia_lachersis = taxonNodeService.find(ACHERONTIA_LACHESIS_NODE_UUID); |
| ... | ... | |
| 339 | 338 |
SecurityContext context = SecurityContextHolder.getContext(); |
| 340 | 339 |
context.setAuthentication(authentication); |
| 341 | 340 |
|
| 342 |
Reference book = referenceService.load(BOOK1_UUID); |
|
| 341 |
Reference<?> book = referenceService.load(BOOK1_UUID);
|
|
| 343 | 342 |
|
| 344 | 343 |
TaxonNode n_acherontia_styx = taxonNodeService.find(ACHERONTIA_STYX_NODE_UUID); |
| 345 | 344 |
TaxonNode n_acherontia_lachersis = taxonNodeService.find(ACHERONTIA_LACHESIS_NODE_UUID); |
| ... | ... | |
| 385 | 384 |
context = SecurityContextHolder.getContext(); |
| 386 | 385 |
context.setAuthentication(authentication); |
| 387 | 386 |
|
| 388 |
Reference book = referenceService.load(BOOK1_UUID); |
|
| 387 |
Reference<?> book = referenceService.load(BOOK1_UUID);
|
|
| 389 | 388 |
book.setTitleCache("Mobydick", true);
|
| 390 | 389 |
Exception exception = null; |
| 391 | 390 |
try {
|
| ... | ... | |
| 415 | 414 |
SecurityContext context = SecurityContextHolder.getContext(); |
| 416 | 415 |
context.setAuthentication(authentication); |
| 417 | 416 |
|
| 418 |
TaxonBase taxon = taxonService.find(UUID_ACHERONTIA_STYX); |
|
| 417 |
TaxonBase<?> taxon = taxonService.find(UUID_ACHERONTIA_STYX);
|
|
| 419 | 418 |
taxon.getName().getNomenclaturalReference().setTitleCache("Mobydick", true);
|
| 420 | 419 |
Exception exception = null; |
| 421 | 420 |
try {
|
| 422 |
UUID uuid = taxonService.saveOrUpdate(taxon);
|
|
| 421 |
taxonService.saveOrUpdate(taxon); |
|
| 423 | 422 |
commitAndStartNewTransaction(null); |
| 424 | 423 |
} catch (AccessDeniedException e){
|
| 425 | 424 |
logger.debug("Expected failure of evaluation.", e);
|
| ... | ... | |
| 765 | 764 |
taxonService.delete(taxon); |
| 766 | 765 |
commitAndStartNewTransaction(null); |
| 767 | 766 |
|
| 768 |
|
|
| 769 |
|
|
| 770 |
|
|
| 771 | 767 |
Assert.assertNull("evaluation must not fail since the user is permitted, CAUSE :" + (securityException != null ? securityException.getMessage() : ""), securityException);
|
| 772 | 768 |
// reload taxon |
| 773 | 769 |
taxon = taxonService.load(UUID_LACTUCA); |
| ... | ... | |
| 821 | 817 |
public final void testTaxonDeleteDeny() {
|
| 822 | 818 |
|
| 823 | 819 |
SecurityContext context = SecurityContextHolder.getContext(); |
| 824 |
RuntimeException securityException = null; |
|
| 820 |
// RuntimeException securityException = null;
|
|
| 825 | 821 |
|
| 826 | 822 |
authentication = authenticationManager.authenticate(tokenForDescriptionEditor); |
| 827 | 823 |
context.setAuthentication(authentication); |
| 828 | 824 |
|
| 829 | 825 |
Taxon taxon = (Taxon)taxonService.load(UUID_LACTUCA); |
| 830 | 826 |
try{
|
| 831 |
DeleteResult result = taxonService.deleteTaxon(taxon.getUuid(), null, null);
|
|
| 827 |
taxonService.deleteTaxon(taxon.getUuid(), null, null); |
|
| 832 | 828 |
Assert.fail(); |
| 833 | 829 |
}catch(PermissionDeniedException e){
|
| 834 | 830 |
|
| ... | ... | |
| 860 | 856 |
Taxon taxon = (Taxon)taxonService.load(ACHERONTIA_LACHESIS_UUID); |
| 861 | 857 |
|
| 862 | 858 |
TaxonDescription description = TaxonDescription.NewInstance(taxon); |
| 863 |
description.setTitleCache("test");
|
|
| 859 |
description.setTitleCache("test", true);
|
|
| 864 | 860 |
try {
|
| 865 | 861 |
descriptionService.saveOrUpdate(description); |
| 866 | 862 |
commitAndStartNewTransaction(null); |
| ... | ... | |
| 939 | 935 |
|
| 940 | 936 |
|
| 941 | 937 |
try {
|
| 942 |
DeleteResult result = taxonNodeService.makeTaxonNodeASynonymOfAnotherTaxonNode(n_acherontia_lachesis, n_acherontia_styx, SynonymRelationshipType.SYNONYM_OF(), null, null);
|
|
| 938 |
taxonNodeService.makeTaxonNodeASynonymOfAnotherTaxonNode(n_acherontia_lachesis, n_acherontia_styx, SynonymRelationshipType.SYNONYM_OF(), null, null); |
|
| 943 | 939 |
// synonymUuid = synonym.getUuid(); |
| 944 | 940 |
// taxonService.saveOrUpdate(synonym); |
| 945 | 941 |
commitAndStartNewTransaction(null); |
| ... | ... | |
| 1023 | 1019 |
DescriptionElementBase descriptionText = TextData.NewInstance(Feature.DESCRIPTION()); |
| 1024 | 1020 |
description.addElement(descriptionText); |
| 1025 | 1021 |
|
| 1026 |
securityException = null; |
|
| 1027 | 1022 |
assertTrue(permissionEvaluator.hasPermission(authentication, description, "UPDATE")); |
| 1028 | 1023 |
try{
|
| 1029 | 1024 |
descriptionService.saveOrUpdate(description); |
| ... | ... | |
| 1062 | 1057 |
DescriptionElementBase ecologyText = TextData.NewInstance(Feature.ECOLOGY()); |
| 1063 | 1058 |
description.addElement(ecologyText); |
| 1064 | 1059 |
|
| 1065 |
securityException = null; |
|
| 1066 | 1060 |
assertTrue(permissionEvaluator.hasPermission(authentication, description, "UPDATE")); |
| 1067 | 1061 |
try{
|
| 1068 | 1062 |
descriptionService.saveOrUpdate(description); |
| ... | ... | |
| 1122 | 1116 |
// 2) test for denial |
| 1123 | 1117 |
authentication = authenticationManager.authenticate(tokenForDescriptionEditor); |
| 1124 | 1118 |
context.setAuthentication(authentication); |
| 1125 |
securityException = null; |
|
| 1126 | 1119 |
Synonym syn = Synonym.NewInstance(BotanicalName.NewInstance(Rank.SPECIES()), null); |
| 1127 | 1120 |
UUID synUuid = syn.getUuid(); |
| 1128 | 1121 |
try{
|
| ... | ... | |
| 1150 | 1143 |
SecurityContext context = SecurityContextHolder.getContext(); |
| 1151 | 1144 |
context.setAuthentication(authentication); |
| 1152 | 1145 |
RuntimeException securityException = null; |
| 1153 |
Classification classification = classificationService.load(UUID.fromString("aeee7448-5298-4991-b724-8d5b75a0a7a9"));
|
|
| 1146 |
classificationService.load(UUID.fromString("aeee7448-5298-4991-b724-8d5b75a0a7a9"));
|
|
| 1154 | 1147 |
// test for success |
| 1155 | 1148 |
TaxonNode acherontia_node = taxonNodeService.load(ACHERONTIA_NODE_UUID); |
| 1156 | 1149 |
long numOfChildNodes = acherontia_node.getChildNodes().size(); |
| 1157 |
TaxonNode childNode = acherontia_node.addChildTaxon(Taxon.NewInstance(BotanicalName.NewInstance(Rank.SPECIES()), null), null, null);
|
|
| 1150 |
acherontia_node.addChildTaxon(Taxon.NewInstance(BotanicalName.NewInstance(Rank.SPECIES()), null), null, null); |
|
| 1158 | 1151 |
|
| 1159 | 1152 |
try{
|
| 1160 | 1153 |
taxonNodeService.saveOrUpdate(acherontia_node); |
| ... | ... | |
| 1183 | 1176 |
RuntimeException securityException = null; |
| 1184 | 1177 |
|
| 1185 | 1178 |
// test for denial |
| 1186 |
securityException = null; |
|
| 1187 | 1179 |
TaxonNode acherontiini_node = taxonNodeService.load(ACHERONTIINI_NODE_UUID); |
| 1188 | 1180 |
int numOfChildNodes = acherontiini_node.getCountChildren(); |
| 1189 | 1181 |
acherontiini_node.addChildTaxon(Taxon.NewInstance(BotanicalName.NewInstance(Rank.GENUS()), null), null, null); |
Also available in: Unified diff
Cleanup SecurityTest