// Test fix to http://issues.appfuse.org/browse/APF-96
  @Test
  public void testAddUserRoleWhenHasAdminRole() throws Exception {
    SecurityContext securityContext = new SecurityContextImpl();
    User user1 = new User("user");
    user1.setId(1L);
    user1.setPassword("password");
    user1.addRole(new Role(Constants.ADMIN_ROLE));
    UsernamePasswordAuthenticationToken token =
        new UsernamePasswordAuthenticationToken(
            user1.getUsername(), user1.getPassword(), user1.getAuthorities());
    token.setDetails(user1);
    securityContext.setAuthentication(token);
    SecurityContextHolder.setContext(securityContext);

    UserManager userManager = makeInterceptedTarget();
    final User user = new User("user");
    user.setId(1L);
    user.getRoles().add(new Role(Constants.ADMIN_ROLE));
    user.getRoles().add(new Role(Constants.USER_ROLE));

    context.checking(
        new Expectations() {
          {
            one(userDao).saveUser(with(same(user)));
          }
        });

    userManager.saveUser(user);
  }
  // Test fix to http://issues.appfuse.org/browse/APF-96
  @Test
  public void testChangeToAdminRoleFromUserRole() throws Exception {
    UserManager userManager = makeInterceptedTarget();
    User user = new User("user");
    user.setId(1L);
    user.getRoles().add(new Role(Constants.ADMIN_ROLE));

    try {
      userManager.saveUser(user);
      fail("AccessDeniedException not thrown");
    } catch (AccessDeniedException expected) {
      assertNotNull(expected);
      assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED);
    }
  }
  @Test
  public void testAddUserWithoutAdminRole() throws Exception {
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    assertTrue(auth.isAuthenticated());
    UserManager userManager = makeInterceptedTarget();
    User user = new User("admin");
    user.setId(2L);

    try {
      userManager.saveUser(user);
      fail("AccessDeniedException not thrown");
    } catch (AccessDeniedException expected) {
      assertNotNull(expected);
      Assert.assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED);
    }
  }
  // Test fix to http://issues.appfuse.org/browse/APF-96
  @Test
  public void testUpdateUserWithUserRole() throws Exception {
    UserManager userManager = makeInterceptedTarget();
    final User user = new User("user");
    user.setId(1L);
    user.getRoles().add(new Role(Constants.USER_ROLE));

    context.checking(
        new Expectations() {
          {
            one(userDao).saveUser(with(same(user)));
          }
        });

    userManager.saveUser(user);
  }
  @Test
  public void testSignupUser() throws Exception {
    MockHttpServletRequest request = newPost("/signup.html");

    Address address = new Address();
    address.setCity("Denver");
    address.setProvince("Colorado");
    address.setCountry("USA");
    address.setPostalCode("80210");

    User user = new User();
    user.setAddress(address);

    user.setUsername("self-registered");
    user.setPassword("Password1");
    user.setConfirmPassword("Password1");
    user.setFirstName("First");
    user.setLastName("Last");
    user.setEmail("*****@*****.**");
    user.setWebsite("http://raibledesigns.com");
    user.setPasswordHint("Password is one with you.");

    HttpServletResponse response = new MockHttpServletResponse();

    // start SMTP Server
    Wiser wiser = new Wiser();
    wiser.setPort(getSmtpPort());
    wiser.start();

    BindingResult errors = new DataBinder(user).getBindingResult();
    c.onSubmit(user, errors, request, response);
    assertFalse("errors returned in model", errors.hasErrors());

    // verify an account information e-mail was sent
    wiser.stop();
    assertTrue(wiser.getMessages().size() == 1);

    // verify that success messages are in the request
    assertNotNull(request.getSession().getAttribute("successMessages"));
    assertNotNull(request.getSession().getAttribute(Constants.REGISTERED));

    SecurityContextHolder.getContext().setAuthentication(null);
  }
  @Before
  public void setUp() throws Exception {
    // store initial security context for later restoration
    initialSecurityContext = SecurityContextHolder.getContext();

    SecurityContext context = new SecurityContextImpl();
    User user = new User("user");
    user.setId(1L);
    user.setPassword("password");
    user.addRole(new Role(Constants.USER_ROLE));

    UsernamePasswordAuthenticationToken token =
        new UsernamePasswordAuthenticationToken(
            user.getUsername(), user.getPassword(), user.getAuthorities());
    token.setDetails(user);
    context.setAuthentication(token);
    SecurityContextHolder.setContext(context);
  }