Revision 526f697c
Added by Katja Luther over 12 years ago
cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/SecurityTest.java | ||
---|---|---|
5 | 5 |
import static org.junit.Assert.assertTrue; |
6 | 6 |
|
7 | 7 |
|
8 |
import java.util.ArrayList; |
|
8 | 9 |
import java.util.Iterator; |
10 |
import java.util.List; |
|
9 | 11 |
import java.util.Set; |
10 | 12 |
import java.util.UUID; |
11 | 13 |
|
... | ... | |
15 | 17 |
|
16 | 18 |
import org.junit.Assert; |
17 | 19 |
import org.junit.Before; |
20 |
import org.junit.Ignore; |
|
18 | 21 |
import org.junit.Test; |
19 | 22 |
import org.junit.runner.RunWith; |
20 | 23 |
|
21 |
import org.springframework.orm.hibernate3.HibernateTemplate;
|
|
24 |
import org.springframework.beans.factory.annotation.Autowired;
|
|
22 | 25 |
import org.springframework.security.authentication.AuthenticationManager; |
23 | 26 |
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
24 | 27 |
import org.springframework.security.authentication.dao.ReflectionSaltSource; |
... | ... | |
27 | 30 |
import org.springframework.security.core.context.SecurityContext; |
28 | 31 |
import org.springframework.security.core.context.SecurityContextHolder; |
29 | 32 |
|
30 |
import org.springframework.test.annotation.Rollback; |
|
31 |
import org.springframework.transaction.UnexpectedRollbackException; |
|
32 |
import org.springframework.transaction.annotation.Transactional; |
|
33 |
import org.unitils.database.util.TransactionMode; |
|
33 |
|
|
34 |
import org.unitils.database.annotations.Transactional; |
|
34 | 35 |
import org.unitils.UnitilsJUnit4TestClassRunner; |
35 | 36 |
import org.unitils.database.annotations.TestDataSource; |
36 | 37 |
import org.unitils.database.util.TransactionMode; |
37 | 38 |
import org.unitils.dbunit.annotation.DataSet; |
38 | 39 |
import org.unitils.spring.annotation.SpringApplicationContext; |
39 | 40 |
import org.unitils.spring.annotation.SpringBeanByName; |
40 |
import org.unitils.spring.annotation.SpringBeanByType; |
|
41 | 41 |
|
42 |
|
|
43 |
import eu.etaxonomy.cdm.api.service.config.ITaxonServiceConfigurator; |
|
44 |
import eu.etaxonomy.cdm.api.service.config.TaxonServiceConfiguratorImpl; |
|
45 |
import eu.etaxonomy.cdm.api.service.pager.Pager; |
|
46 |
import eu.etaxonomy.cdm.database.EvaluationFailedException; |
|
42 | 47 |
import eu.etaxonomy.cdm.model.common.User; |
43 |
import eu.etaxonomy.cdm.model.description.DescriptionElementBase; |
|
48 |
|
|
44 | 49 |
|
45 | 50 |
import eu.etaxonomy.cdm.model.description.Feature; |
46 | 51 |
import eu.etaxonomy.cdm.model.description.TaxonDescription; |
... | ... | |
50 | 55 |
import eu.etaxonomy.cdm.model.name.BotanicalName; |
51 | 56 |
import eu.etaxonomy.cdm.model.name.Rank; |
52 | 57 |
import eu.etaxonomy.cdm.model.taxon.Synonym; |
53 |
import eu.etaxonomy.cdm.model.taxon.SynonymRelationshipType; |
|
58 |
|
|
54 | 59 |
import eu.etaxonomy.cdm.model.taxon.Taxon; |
55 | 60 |
import eu.etaxonomy.cdm.model.taxon.TaxonBase; |
56 | 61 |
import eu.etaxonomy.cdm.model.taxon.TaxonNode; |
57 | 62 |
import eu.etaxonomy.cdm.permission.CdmPermissionEvaluator; |
58 | 63 |
import eu.etaxonomy.cdm.persistence.dao.BeanInitializer; |
59 | 64 |
|
60 |
import org.springframework.security.access.AccessDeniedException; |
|
65 |
|
|
66 |
|
|
61 | 67 |
|
62 | 68 |
@RunWith(UnitilsJUnit4TestClassRunner.class) |
63 | 69 |
@SpringApplicationContext({"/eu/etaxonomy/cdm/applicationContextSecurity.xml"}) |
64 |
@Transactional |
|
70 |
@Transactional(TransactionMode.DISABLED)
|
|
65 | 71 |
@DataSet |
66 | 72 |
public class SecurityTest { |
67 | 73 |
private static final Logger logger = Logger.getLogger(TaxonServiceImplTest.class); |
... | ... | |
89 | 95 |
|
90 | 96 |
private UsernamePasswordAuthenticationToken token; |
91 | 97 |
|
98 |
@Autowired |
|
99 |
protected BeanInitializer defaultBeanInitializer; |
|
100 |
|
|
92 | 101 |
@Before |
93 | 102 |
public void setUp(){ |
94 | 103 |
token = new UsernamePasswordAuthenticationToken("ben", "sPePhAz6"); |
... | ... | |
245 | 254 |
|
246 | 255 |
} |
247 | 256 |
|
248 |
@Test |
|
249 |
public void testCascadingInSpringSecurity(){ |
|
257 |
@Test(expected=EvaluationFailedException.class)
|
|
258 |
public void testCascadingInSpringSecurityAccesDenied(){
|
|
250 | 259 |
authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("partEditor", "test4")); |
251 | 260 |
SecurityContext context = SecurityContextHolder.getContext(); |
252 | 261 |
context.setAuthentication(authentication); |
253 | 262 |
CdmPermissionEvaluator permissionEvaluator = new CdmPermissionEvaluator(); |
254 |
Taxon taxon = (Taxon)taxonService.find(UUID.fromString("bc09aca6-06fd-4905-b1e7-cbf7cc65d783")); |
|
263 |
|
|
264 |
Taxon taxon =(Taxon) taxonService.load(UUID.fromString("bc09aca6-06fd-4905-b1e7-cbf7cc65d783")); |
|
255 | 265 |
TaxonDescription description = TaxonDescription.NewInstance(taxon); |
256 | 266 |
assertFalse(permissionEvaluator.hasPermission(authentication, description, "UPDATE")); |
257 | 267 |
//during cascading the permissions are not evaluated |
268 |
|
|
258 | 269 |
taxonService.saveOrUpdate(taxon); |
259 | 270 |
|
271 |
|
|
272 |
|
|
273 |
} |
|
274 |
|
|
275 |
@Test |
|
276 |
public void testCascadingInSpring(){ |
|
260 | 277 |
authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("descriptionEditor", "test")); |
261 |
context = SecurityContextHolder.getContext(); |
|
278 |
SecurityContext context = SecurityContextHolder.getContext();
|
|
262 | 279 |
context.setAuthentication(authentication); |
263 |
taxon = (Taxon)taxonService.find(UUID.fromString("928a0167-98cd-4555-bf72-52116d067625")); |
|
264 |
description = TaxonDescription.NewInstance(taxon); |
|
280 |
Taxon taxon = (Taxon)taxonService.load(UUID.fromString("928a0167-98cd-4555-bf72-52116d067625")); |
|
281 |
TaxonDescription description = TaxonDescription.NewInstance(taxon); |
|
282 |
CdmPermissionEvaluator permissionEvaluator = new CdmPermissionEvaluator(); |
|
265 | 283 |
assertTrue(permissionEvaluator.hasPermission(authentication, description, "UPDATE")); |
266 |
|
|
284 |
//fails because of cascading...(with saveOrUpdateListener!) |
|
285 |
descriptionService.saveOrUpdate(description); |
|
286 |
//taxonService.getSession().flush(); |
|
287 |
taxon = (Taxon)taxonService.load(UUID.fromString("928a0167-98cd-4555-bf72-52116d067625")); |
|
288 |
Set<TaxonDescription> descriptions = taxon.getDescriptions(); |
|
289 |
assertTrue(descriptions.contains(description)); |
|
267 | 290 |
} |
268 | 291 |
|
269 | 292 |
@Test |
293 |
|
|
270 | 294 |
public void testSaveSynonym(){ |
271 | 295 |
authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("partEditor", "test4")); |
272 | 296 |
SecurityContext context = SecurityContextHolder.getContext(); |
... | ... | |
275 | 299 |
taxonService.saveOrUpdate(syn); |
276 | 300 |
|
277 | 301 |
} |
302 |
public static void main(String[] args){ |
|
303 |
Md5PasswordEncoder encoder =new Md5PasswordEncoder(); |
|
304 |
|
|
305 |
ReflectionSaltSource saltSource = new ReflectionSaltSource(); |
|
306 |
saltSource.setUserPropertyToUse("getUsername"); |
|
307 |
User user = User.NewInstance("admin", "xyz"); |
|
308 |
System.err.println(encoder.encodePassword("test4", saltSource.getSalt(user))); |
|
309 |
} |
|
278 | 310 |
} |
Also available in: Unified diff