Revision 928b6514
Added by Andreas Kohlbecker about 13 years ago
cdmlib-services/src/test/java/eu/etaxonomy/cdm/api/service/UserServiceImplTest.java | ||
---|---|---|
5 | 5 |
* |
6 | 6 |
* The contents of this file are subject to the Mozilla Public License Version 1.1 |
7 | 7 |
* See LICENSE.TXT at the top of this package for the full license terms. |
8 |
*/
|
|
8 |
*/ |
|
9 | 9 |
|
10 | 10 |
package eu.etaxonomy.cdm.api.service; |
11 | 11 |
|
... | ... | |
41 | 41 |
|
42 | 42 |
import eu.etaxonomy.cdm.model.common.GrantedAuthorityImpl; |
43 | 43 |
import eu.etaxonomy.cdm.model.common.User; |
44 |
import eu.etaxonomy.cdm.permission.CdmPermission; |
|
44 | 45 |
import eu.etaxonomy.cdm.permission.CdmPermissionEvaluator; |
45 | 46 |
import eu.etaxonomy.cdm.persistence.query.MatchMode; |
46 | 47 |
|
... | ... | |
49 | 50 |
@ContextConfiguration({"/eu/etaxonomy/cdm/applicationContextSecurity.xml"}) |
50 | 51 |
@Transactional |
51 | 52 |
public class UserServiceImplTest { |
52 |
protected static final Logger logger = Logger.getLogger(UserServiceImplTest.class);
|
|
53 |
@Autowired
|
|
54 |
private AuthenticationManager authenticationManager;
|
|
55 |
|
|
56 |
@Autowired
|
|
57 |
private IUserService userService;
|
|
58 |
|
|
59 |
@Autowired
|
|
60 |
private IGroupService groupService;
|
|
61 |
|
|
62 |
@Autowired
|
|
53 |
protected static final Logger logger = Logger.getLogger(UserServiceImplTest.class);
|
|
54 |
@Autowired
|
|
55 |
private AuthenticationManager authenticationManager;
|
|
56 |
|
|
57 |
@Autowired
|
|
58 |
private IUserService userService;
|
|
59 |
|
|
60 |
@Autowired
|
|
61 |
private IGroupService groupService;
|
|
62 |
|
|
63 |
@Autowired
|
|
63 | 64 |
public void setDataSource(@Qualifier("dataSource") DataSource dataSource) { |
64 | 65 |
this.dataSource=dataSource; |
65 | 66 |
} |
66 | 67 |
|
67 | 68 |
|
68 |
|
|
69 |
@TestDataSource
|
|
70 |
protected DataSource dataSource;
|
|
71 |
|
|
72 |
private Set<GrantedAuthority> expectedRoles;
|
|
73 |
private UsernamePasswordAuthenticationToken token;
|
|
74 |
|
|
75 |
private Authentication authentication;
|
|
76 |
|
|
77 |
private PermissionEvaluator permissionEvaluator;
|
|
78 |
|
|
79 |
@Before
|
|
80 |
public void setUp() {
|
|
81 |
|
|
82 |
|
|
83 |
expectedRoles = new HashSet<GrantedAuthority>();
|
|
84 |
|
|
85 |
GrantedAuthorityImpl update = GrantedAuthorityImpl.NewInstance();
|
|
86 |
update.setAuthority("USER.Update");
|
|
87 |
update.setUuid(UUID.fromString("14788361-1a7e-4eed-b22f-fd90a0b424ac"));
|
|
88 |
update.setCreated(new DateTime(2009,2,3,17,52,26,0));
|
|
89 |
GrantedAuthorityImpl annotate = GrantedAuthorityImpl.NewInstance();
|
|
90 |
annotate.setAuthority("USER.Create");
|
|
91 |
annotate.setUuid(UUID.fromString("fa56073c-0ffd-4384-b459-b2f07e35b689"));
|
|
92 |
annotate.setCreated(new DateTime(2009,2,3,17,52,26,0));
|
|
93 |
GrantedAuthorityImpl checkAnnotation = GrantedAuthorityImpl.NewInstance();
|
|
94 |
checkAnnotation.setAuthority("USER.Delete");
|
|
95 |
checkAnnotation.setUuid(UUID.fromString("e5354c0e-657b-4b4d-bb2f-791612199711"));
|
|
96 |
checkAnnotation.setCreated(new DateTime(2009,2,3,17,52,26,0));
|
|
97 |
|
|
98 |
expectedRoles.add(update);
|
|
99 |
expectedRoles.add(annotate);
|
|
100 |
expectedRoles.add(checkAnnotation);
|
|
101 |
String username = "useradmin";
|
|
102 |
String password = "password";
|
|
103 |
User user = User.NewInstance(username, password);
|
|
104 |
user.setAccountNonExpired(true);
|
|
105 |
user.setGrantedAuthorities(expectedRoles);
|
|
106 |
userService.save(user);
|
|
107 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
|
|
108 |
authentication = authenticationManager.authenticate(token);
|
|
109 |
SecurityContext context = SecurityContextHolder.getContext();
|
|
110 |
context.setAuthentication(authentication);
|
|
111 |
permissionEvaluator = new CdmPermissionEvaluator();
|
|
112 |
|
|
113 |
}
|
|
114 |
|
|
115 |
|
|
116 |
@Test
|
|
117 |
@DataSet
|
|
118 |
public void testCreateUser() {
|
|
119 |
|
|
120 |
|
|
121 |
|
|
122 |
String username = "user2";
|
|
123 |
String password = "password";
|
|
124 |
User user = User.NewInstance(username, password);
|
|
125 |
|
|
126 |
userService.createUser(user);
|
|
127 |
|
|
128 |
List<User> userList = userService.listByUsername("user2", MatchMode.EXACT, null, null, null, null, null);
|
|
129 |
Assert.assertNotNull(userList);
|
|
130 |
|
|
131 |
|
|
132 |
|
|
133 |
|
|
134 |
|
|
135 |
}
|
|
136 |
|
|
137 |
@Test
|
|
138 |
@DataSet
|
|
139 |
public void testIfAnyGranted() {
|
|
140 |
|
|
141 |
|
|
69 |
|
|
70 |
@TestDataSource
|
|
71 |
protected DataSource dataSource;
|
|
72 |
|
|
73 |
private Set<GrantedAuthority> expectedRoles;
|
|
74 |
private UsernamePasswordAuthenticationToken token;
|
|
75 |
|
|
76 |
private Authentication authentication;
|
|
77 |
|
|
78 |
private PermissionEvaluator permissionEvaluator;
|
|
79 |
|
|
80 |
@Before
|
|
81 |
public void setUp() {
|
|
82 |
|
|
83 |
|
|
84 |
expectedRoles = new HashSet<GrantedAuthority>();
|
|
85 |
|
|
86 |
GrantedAuthorityImpl update = GrantedAuthorityImpl.NewInstance();
|
|
87 |
update.setAuthority("USER.Update");
|
|
88 |
update.setUuid(UUID.fromString("14788361-1a7e-4eed-b22f-fd90a0b424ac"));
|
|
89 |
update.setCreated(new DateTime(2009,2,3,17,52,26,0));
|
|
90 |
GrantedAuthorityImpl annotate = GrantedAuthorityImpl.NewInstance();
|
|
91 |
annotate.setAuthority("USER.Create");
|
|
92 |
annotate.setUuid(UUID.fromString("fa56073c-0ffd-4384-b459-b2f07e35b689"));
|
|
93 |
annotate.setCreated(new DateTime(2009,2,3,17,52,26,0));
|
|
94 |
GrantedAuthorityImpl checkAnnotation = GrantedAuthorityImpl.NewInstance();
|
|
95 |
checkAnnotation.setAuthority("USER.Delete");
|
|
96 |
checkAnnotation.setUuid(UUID.fromString("e5354c0e-657b-4b4d-bb2f-791612199711"));
|
|
97 |
checkAnnotation.setCreated(new DateTime(2009,2,3,17,52,26,0));
|
|
98 |
|
|
99 |
expectedRoles.add(update);
|
|
100 |
expectedRoles.add(annotate);
|
|
101 |
expectedRoles.add(checkAnnotation);
|
|
102 |
String username = "useradmin";
|
|
103 |
String password = "password";
|
|
104 |
User user = User.NewInstance(username, password);
|
|
105 |
user.setAccountNonExpired(true);
|
|
106 |
user.setGrantedAuthorities(expectedRoles);
|
|
107 |
userService.save(user);
|
|
108 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
|
|
109 |
authentication = authenticationManager.authenticate(token);
|
|
110 |
SecurityContext context = SecurityContextHolder.getContext();
|
|
111 |
context.setAuthentication(authentication);
|
|
112 |
permissionEvaluator = new CdmPermissionEvaluator();
|
|
113 |
|
|
114 |
}
|
|
115 |
|
|
116 |
|
|
117 |
@Test
|
|
118 |
@DataSet
|
|
119 |
public void testCreateUser() {
|
|
120 |
|
|
121 |
|
|
122 |
|
|
123 |
String username = "user2";
|
|
124 |
String password = "password";
|
|
125 |
User user = User.NewInstance(username, password);
|
|
126 |
|
|
127 |
userService.createUser(user);
|
|
128 |
|
|
129 |
List<User> userList = userService.listByUsername("user2", MatchMode.EXACT, null, null, null, null, null);
|
|
130 |
Assert.assertNotNull(userList);
|
|
131 |
|
|
132 |
|
|
133 |
|
|
134 |
|
|
135 |
|
|
136 |
}
|
|
137 |
|
|
138 |
@Test
|
|
139 |
@DataSet
|
|
140 |
public void testIfAnyGranted() {
|
|
141 |
|
|
142 |
|
|
142 | 143 |
Object p = authentication.getPrincipal(); |
143 |
Assert.assertTrue(p instanceof User);
|
|
144 |
User principal = (User)p;
|
|
145 |
|
|
146 |
Assert.assertEquals(principal.getUsername(),"useradmin");
|
|
147 |
|
|
148 |
Assert.assertNotNull(expectedRoles);
|
|
149 |
Assert.assertEquals(expectedRoles.size(), authentication.getAuthorities().size());
|
|
150 |
}
|
|
151 |
|
|
152 |
|
|
153 |
@Test
|
|
154 |
@DataSet
|
|
155 |
public void testCreateGroup(){
|
|
156 |
|
|
157 |
|
|
158 |
|
|
159 |
GrantedAuthorityImpl userAdminEdit = GrantedAuthorityImpl.NewInstance();
|
|
160 |
userAdminEdit.setAuthority("USER.edit");
|
|
161 |
GrantedAuthorityImpl userAdminCreate = GrantedAuthorityImpl.NewInstance();
|
|
162 |
userAdminCreate.setAuthority("USER.create");
|
|
163 |
GrantedAuthorityImpl userAdminDelete = GrantedAuthorityImpl.NewInstance();
|
|
164 |
userAdminDelete.setAuthority("USER.delete");
|
|
165 |
List<GrantedAuthority> list = new ArrayList<GrantedAuthority>();
|
|
166 |
list.add(userAdminEdit);
|
|
167 |
list.add(userAdminDelete);
|
|
168 |
list.add(userAdminCreate);
|
|
169 |
|
|
170 |
|
|
171 |
userService.createGroup("UserAdmins", list);
|
|
172 |
String username = "user3";
|
|
173 |
String password = "password";
|
|
174 |
User user = User.NewInstance(username, password);
|
|
175 |
userService.createUser(user);
|
|
176 |
List<String> groups = userService.findAllGroups();
|
|
177 |
Assert.assertEquals("UserAdmins", groups.get(0));
|
|
178 |
|
|
179 |
|
|
180 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
|
|
181 |
authentication = authenticationManager.authenticate(token);
|
|
182 |
SecurityContext context = SecurityContextHolder.getContext();
|
|
183 |
context.setAuthentication(authentication);
|
|
184 |
|
|
185 |
username = "user4";
|
|
186 |
password = "password";
|
|
187 |
user = User.NewInstance(username, password);
|
|
188 |
try{
|
|
189 |
userService.createUser(user);
|
|
190 |
}catch(Exception e){
|
|
191 |
Assert.assertEquals("Access is denied", e.getMessage());
|
|
192 |
}
|
|
193 |
groupService.addUserToGroup("user3", "UserAdmins");
|
|
194 |
|
|
195 |
System.err.println(context.getAuthentication().getName());
|
|
196 |
try{
|
|
197 |
userService.createUser(user);
|
|
198 |
}catch(Exception e){
|
|
199 |
System.err.println(e.getMessage());
|
|
200 |
Assert.fail();
|
|
201 |
}
|
|
202 |
|
|
203 |
}
|
|
204 |
|
|
205 |
|
|
206 |
|
|
207 |
|
|
208 |
|
|
209 |
|
|
210 |
|
|
211 |
|
|
144 |
Assert.assertTrue(p instanceof User);
|
|
145 |
User principal = (User)p;
|
|
146 |
|
|
147 |
Assert.assertEquals(principal.getUsername(),"useradmin");
|
|
148 |
|
|
149 |
Assert.assertNotNull(expectedRoles);
|
|
150 |
Assert.assertEquals(expectedRoles.size(), authentication.getAuthorities().size());
|
|
151 |
}
|
|
152 |
|
|
153 |
|
|
154 |
@Test
|
|
155 |
@DataSet
|
|
156 |
public void testCreateGroup(){
|
|
157 |
|
|
158 |
|
|
159 |
|
|
160 |
GrantedAuthorityImpl userAdminEdit = GrantedAuthorityImpl.NewInstance();
|
|
161 |
userAdminEdit.setAuthority("USER."+CdmPermission.UPDATE);
|
|
162 |
GrantedAuthorityImpl userAdminCreate = GrantedAuthorityImpl.NewInstance();
|
|
163 |
userAdminCreate.setAuthority("USER."+CdmPermission.CREATE);
|
|
164 |
GrantedAuthorityImpl userAdminDelete = GrantedAuthorityImpl.NewInstance();
|
|
165 |
userAdminDelete.setAuthority("USER."+CdmPermission.DELETE);
|
|
166 |
List<GrantedAuthority> list = new ArrayList<GrantedAuthority>();
|
|
167 |
list.add(userAdminEdit);
|
|
168 |
list.add(userAdminDelete);
|
|
169 |
list.add(userAdminCreate);
|
|
170 |
|
|
171 |
|
|
172 |
userService.createGroup("UserAdmins", list);
|
|
173 |
String username = "user3";
|
|
174 |
String password = "password";
|
|
175 |
User user = User.NewInstance(username, password);
|
|
176 |
userService.createUser(user);
|
|
177 |
List<String> groups = userService.findAllGroups();
|
|
178 |
Assert.assertEquals("UserAdmins", groups.get(0));
|
|
179 |
|
|
180 |
|
|
181 |
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
|
|
182 |
authentication = authenticationManager.authenticate(token);
|
|
183 |
SecurityContext context = SecurityContextHolder.getContext();
|
|
184 |
context.setAuthentication(authentication);
|
|
185 |
|
|
186 |
username = "user4";
|
|
187 |
password = "password";
|
|
188 |
user = User.NewInstance(username, password);
|
|
189 |
try{
|
|
190 |
userService.createUser(user);
|
|
191 |
}catch(Exception e){
|
|
192 |
Assert.assertEquals("Access is denied", e.getMessage());
|
|
193 |
}
|
|
194 |
groupService.addUserToGroup("user3", "UserAdmins");
|
|
195 |
|
|
196 |
logger.debug(context.getAuthentication().getName());
|
|
197 |
try{
|
|
198 |
userService.createUser(user);
|
|
199 |
}catch(Exception e){
|
|
200 |
e.printStackTrace();
|
|
201 |
Assert.fail(e.getMessage() + " User is member of 'UserAdmins' and thus should be granted creating users");
|
|
202 |
}
|
|
203 |
|
|
204 |
}
|
|
205 |
|
|
206 |
|
|
207 |
|
|
208 |
|
|
209 |
|
|
210 |
|
|
211 |
|
|
212 |
|
|
212 | 213 |
} |
Also available in: Unified diff
fixing bug due to last commit (Changed CdmPermission to use "update" instead of "edit")