Example #1
0
  /** Tests to make sure a normal user must be activated by the admin after confirmation. */
  @Test
  public void testAppUserConfirmationMail() throws Exception {
    final String orgName = uniqueOrg();
    final String appName = uniqueApp();
    final String userName = uniqueUsername();
    final String email = uniqueEmail();
    final String passwd = "testpassword";

    OrganizationOwnerInfo orgOwner;

    orgOwner = createOwnerAndOrganization(orgName, appName, userName, email, passwd, false, false);
    assertNotNull(orgOwner);

    setup.getEntityIndex().refresh(app.getId());

    ApplicationInfo app =
        setup.getMgmtSvc().createApplication(orgOwner.getOrganization().getUuid(), appName);
    setup.refreshIndex(app.getId());
    assertNotNull(app);
    enableEmailConfirmation(app.getId());
    enableAdminApproval(app.getId());

    setup.getEntityIndex().refresh(app.getId());

    final String appUserEmail = uniqueEmail();
    final String appUserUsername = uniqueUsername();

    User user = setupAppUser(app.getId(), appUserUsername, appUserEmail, true);

    OrganizationConfig orgConfig =
        setup.getMgmtSvc().getOrganizationConfigByUuid(orgOwner.getOrganization().getUuid());

    String subject = "User Account Confirmation: " + appUserEmail;
    String confirmation_url =
        orgConfig.getFullUrl(
            WorkflowUrl.USER_CONFIRMATION_URL, orgName, appName, user.getUuid().toString());

    // request confirmation
    setup.getMgmtSvc().startAppUserActivationFlow(app.getId(), user);

    List<Message> inbox = Mailbox.get(appUserEmail);
    assertFalse(inbox.isEmpty());
    MockImapClient client = new MockImapClient("test.com", appUserUsername, "somepassword");
    client.processMail();

    // subject ok
    Message confirmation = inbox.get(0);
    assertEquals(subject, confirmation.getSubject());

    // confirmation url ok
    String mailContent =
        (String) ((MimeMultipart) confirmation.getContent()).getBodyPart(1).getContent();
    logger.info(mailContent);
    assertTrue(StringUtils.contains(mailContent.toLowerCase(), confirmation_url.toLowerCase()));

    // token ok
    String token = getTokenFromMessage(confirmation);
    logger.info(token);
    ActivationState activeState =
        setup.getMgmtSvc().handleConfirmationTokenForAppUser(app.getId(), user.getUuid(), token);
    assertEquals(ActivationState.CONFIRMED_AWAITING_ACTIVATION, activeState);
  }
Example #2
0
  /**
   * Tests that when a user is added to an app and activation on that app is required, the org admin
   * is emailed
   *
   * @throws Exception
   *     <p>TODO, I'm not convinced this worked correctly. IT can't find users collection in the
   *     orgs. Therefore, I think this is a legitimate bug that was just found from fixing the tests
   *     to be unique admins orgs and emails
   */
  @Test
  public void testAppUserActivationResetpwdMail() throws Exception {

    final String orgName = uniqueOrg();
    final String appName = uniqueApp();
    final String adminUserName = uniqueUsername();
    final String adminEmail = uniqueEmail();
    final String adminPasswd = "testpassword";

    OrganizationOwnerInfo orgOwner =
        createOwnerAndOrganization(
            orgName, appName, adminUserName, adminEmail, adminPasswd, false, false);
    assertNotNull(orgOwner);

    ApplicationInfo app =
        setup.getMgmtSvc().createApplication(orgOwner.getOrganization().getUuid(), appName);
    this.app.refreshIndex();

    // turn on app admin approval for app users
    enableAdminApproval(app.getId());

    final String appUserUsername = uniqueUsername();
    final String appUserEmail = uniqueEmail();

    OrganizationConfig orgConfig =
        setup.getMgmtSvc().getOrganizationConfigByUuid(orgOwner.getOrganization().getUuid());

    User appUser = setupAppUser(app.getId(), appUserUsername, appUserEmail, false);

    String subject = "Request For User Account Activation " + appUserEmail;
    String activation_url =
        orgConfig.getFullUrl(
            WorkflowUrl.USER_ACTIVATION_URL, orgName, appName, appUser.getUuid().toString());

    setup.refreshIndex(app.getId());

    // Activation
    setup.getMgmtSvc().startAppUserActivationFlow(app.getId(), appUser);

    List<Message> inbox = Mailbox.get(adminEmail);
    assertFalse(inbox.isEmpty());
    MockImapClient client = new MockImapClient("usergrid.com", adminUserName, "somepassword");
    client.processMail();

    // subject ok
    Message activation = inbox.get(0);
    assertEquals(subject, activation.getSubject());

    // activation url ok
    String mailContent =
        (String) ((MimeMultipart) activation.getContent()).getBodyPart(1).getContent();
    logger.info(mailContent);
    assertTrue(StringUtils.contains(mailContent.toLowerCase(), activation_url.toLowerCase()));

    // token ok
    String token = getTokenFromMessage(activation);
    logger.info(token);
    ActivationState activeState =
        setup.getMgmtSvc().handleActivationTokenForAppUser(app.getId(), appUser.getUuid(), token);
    assertEquals(ActivationState.ACTIVATED, activeState);

    subject = "Password Reset";
    String reset_url =
        orgConfig.getFullUrl(
            WorkflowUrl.USER_RESETPW_URL, orgName, appName, appUser.getUuid().toString());

    // reset_pwd
    setup.getMgmtSvc().startAppUserPasswordResetFlow(app.getId(), appUser);

    inbox = Mailbox.get(appUserEmail);
    assertFalse(inbox.isEmpty());
    client = new MockImapClient("test.com", appUserUsername, "somepassword");
    client.processMail();

    // subject ok
    Message reset = inbox.get(1);
    assertEquals(subject, reset.getSubject());

    // resetpwd url ok
    mailContent = (String) ((MimeMultipart) reset.getContent()).getBodyPart(1).getContent();
    logger.info(mailContent);
    assertTrue(StringUtils.contains(mailContent.toLowerCase(), reset_url.toLowerCase()));

    // token ok
    token = getTokenFromMessage(reset);
    logger.info(token);
    assertTrue(
        setup
            .getMgmtSvc()
            .checkPasswordResetTokenForAppUser(app.getId(), appUser.getUuid(), token));

    // ensure revoke works
    setup.getMgmtSvc().revokeAccessTokenForAppUser(token);
    assertFalse(
        setup
            .getMgmtSvc()
            .checkPasswordResetTokenForAppUser(app.getId(), appUser.getUuid(), token));
  }