@Test
  public void testCreateOrganizationAndAdminWithConfirmationAndActivation() throws Exception {
    setup.set(PROPERTIES_SYSADMIN_APPROVES_ADMIN_USERS, "true");
    setup.set(PROPERTIES_NOTIFY_ADMIN_OF_ACTIVATION, "true");
    setup.set(PROPERTIES_SYSADMIN_APPROVES_ORGANIZATIONS, "false");
    setup.set(PROPERTIES_ADMIN_USERS_REQUIRE_CONFIRMATION, "true");

    final String orgName = uniqueOrg();
    final String userName = uniqueUsername();
    final String email = uniqueEmail();

    OrganizationOwnerInfo org_owner =
        createOwnerAndOrganization(
            orgName, userName, "Test User", email, "testpassword", false, false);

    assertNotNull(org_owner);

    List<Message> user_inbox = Mailbox.get(email);

    assertFalse(user_inbox.isEmpty());

    Message confirmation = user_inbox.get(0);
    assertEquals("User Account Confirmation: " + email, confirmation.getSubject());

    String token = getTokenFromMessage(confirmation);
    logger.info(token);

    ActivationState state =
        setup.getMgmtSvc().handleConfirmationTokenForAdminUser(org_owner.owner.getUuid(), token);
    assertEquals(ActivationState.CONFIRMED_AWAITING_ACTIVATION, state);

    confirmation = user_inbox.get(1);
    String body =
        ((MimeMultipart) confirmation.getContent()).getBodyPart(0).getContent().toString();
    Boolean subbedEmailed = StringUtils.contains(body, "$");

    assertFalse(subbedEmailed);

    assertEquals("User Account Confirmed", confirmation.getSubject());

    List<Message> sysadmin_inbox = Mailbox.get("*****@*****.**");
    assertFalse(sysadmin_inbox.isEmpty());

    Message activation = sysadmin_inbox.get(0);
    assertEquals("Request For Admin User Account Activation " + email, activation.getSubject());

    token = getTokenFromMessage(activation);
    logger.info(token);

    state = setup.getMgmtSvc().handleActivationTokenForAdminUser(org_owner.owner.getUuid(), token);
    assertEquals(ActivationState.ACTIVATED, state);

    Message activated = user_inbox.get(2);
    assertEquals("User Account Activated", activated.getSubject());

    MockImapClient client = new MockImapClient("mockserver.com", "test-user-2", "somepassword");
    client.processMail();
  }
  private User setupAppUser(UUID appId, String username, String email, boolean activated)
      throws Exception {
    Mailbox.clearAll();

    EntityManager em = setup.getEmf().getEntityManager(appId);

    Map<String, Object> userProps = new LinkedHashMap<String, Object>();
    userProps.put("username", username);
    userProps.put("email", email);
    userProps.put("activated", activated);

    User user = em.create(User.ENTITY_TYPE, User.class, userProps);
    setup.getEntityIndex().refresh(app.getId());

    return user;
  }
  @Test
  public void testCreateOrganizationAndAdminWithConfirmationOnly() throws Exception {
    setup.set(PROPERTIES_SYSADMIN_APPROVES_ADMIN_USERS, "false");
    setup.set(PROPERTIES_SYSADMIN_APPROVES_ORGANIZATIONS, "false");
    setup.set(PROPERTIES_ADMIN_USERS_REQUIRE_CONFIRMATION, "true");
    setup.set(PROPERTIES_NOTIFY_ADMIN_OF_ACTIVATION, "true");

    final String orgName = uniqueOrg();
    final String userName = uniqueUsername();
    final String email = uniqueEmail();

    OrganizationOwnerInfo org_owner =
        createOwnerAndOrganization(
            orgName, userName, "Test User", email, "testpassword", false, false);

    assertNotNull(org_owner);

    List<Message> inbox = Mailbox.get(email);

    assertFalse(inbox.isEmpty());

    MockImapClient client = new MockImapClient("mockserver.com", "test-user-1", "somepassword");
    client.processMail();

    Message confirmation = inbox.get(0);
    assertEquals("User Account Confirmation: " + email, confirmation.getSubject());

    String token = getTokenFromMessage(confirmation);
    logger.info(token);

    assertEquals(
        ActivationState.ACTIVATED,
        setup.getMgmtSvc().handleConfirmationTokenForAdminUser(org_owner.owner.getUuid(), token));

    Message activation = inbox.get(1);
    assertEquals("User Account Activated", activation.getSubject());

    client = new MockImapClient("mockserver.com", "test-user-1", "somepassword");
    client.processMail();
  }
 private OrganizationOwnerInfo createOwnerAndOrganization(
     String orgName,
     String userName,
     String display,
     String email,
     String password,
     boolean disabled,
     boolean active)
     throws Exception {
   return setup
       .getMgmtSvc()
       .createOwnerAndOrganization(orgName, userName, display, email, password, disabled, active);
 }
  private void testProperty(String propertyName, boolean containsSubstitution) {
    String propertyValue = setup.get(propertyName);
    assertTrue(propertyName + " was not found", isNotBlank(propertyValue));
    logger.info(propertyName + "=" + propertyValue);

    if (containsSubstitution) {
      Map<String, String> valuesMap = new HashMap<String, String>();
      valuesMap.put("reset_url", "test-url");
      valuesMap.put("organization_name", "test-org");
      valuesMap.put("activation_url", "test-url");
      valuesMap.put("confirmation_url", "test-url");
      valuesMap.put("user_email", "test-email");
      valuesMap.put("pin", "test-pin");
      StrSubstitutor sub = new StrSubstitutor(valuesMap);
      String resolvedString = sub.replace(propertyValue);
      assertNotSame(propertyValue, resolvedString);
    }
  }
  @Test
  public void skipAllEmailConfiguration() throws Exception {
    setup.set(PROPERTIES_SYSADMIN_APPROVES_ORGANIZATIONS, "false");
    setup.set(PROPERTIES_ORGANIZATIONS_REQUIRE_CONFIRMATION, "false");
    setup.set(PROPERTIES_SYSADMIN_APPROVES_ADMIN_USERS, "false");
    setup.set(PROPERTIES_ADMIN_USERS_REQUIRE_CONFIRMATION, "false");

    final String orgName = uniqueOrg();
    final String userName = uniqueUsername();
    final String email = uniqueEmail();

    OrganizationOwnerInfo ooi =
        setup
            .getMgmtSvc()
            .createOwnerAndOrganization(orgName, userName, "Test User", email, "testpassword");

    EntityManager em = setup.getEmf().getEntityManager(setup.getEmf().getManagementAppId());
    User user = em.get(ooi.getOwner().getUuid(), User.class);
    assertTrue(user.activated());
    assertFalse(user.disabled());
    assertTrue(user.confirmed());
  }
 private void enableAdminApproval(UUID appId) throws Exception {
   EntityManager em = setup.getEmf().getEntityManager(appId);
   SimpleEntityRef ref = new SimpleEntityRef(Application.ENTITY_TYPE, appId);
   em.setProperty(ref, ManagementServiceImpl.REGISTRATION_REQUIRES_ADMIN_APPROVAL, true);
 }
 private void enableEmailConfirmation(UUID appId) throws Exception {
   EntityManager em = setup.getEmf().getEntityManager(appId);
   SimpleEntityRef ref = new SimpleEntityRef(Application.ENTITY_TYPE, appId);
   em.setProperty(ref, ManagementServiceImpl.REGISTRATION_REQUIRES_EMAIL_CONFIRMATION, true);
 }
  /** Tests to make sure a normal user must be activated by the admin after confirmation. */
  @Test
  public void testAppUserConfirmationMail() throws Exception {
    final String orgName = uniqueOrg();
    final String appName = uniqueApp();
    final String userName = uniqueUsername();
    final String email = uniqueEmail();
    final String passwd = "testpassword";

    OrganizationOwnerInfo orgOwner;

    orgOwner = createOwnerAndOrganization(orgName, appName, userName, email, passwd, false, false);
    assertNotNull(orgOwner);

    setup.getEntityIndex().refresh(app.getId());

    ApplicationInfo app =
        setup.getMgmtSvc().createApplication(orgOwner.getOrganization().getUuid(), appName);
    setup.refreshIndex(app.getId());
    assertNotNull(app);
    enableEmailConfirmation(app.getId());
    enableAdminApproval(app.getId());

    setup.getEntityIndex().refresh(app.getId());

    final String appUserEmail = uniqueEmail();
    final String appUserUsername = uniqueUsername();

    User user = setupAppUser(app.getId(), appUserUsername, appUserEmail, true);

    OrganizationConfig orgConfig =
        setup.getMgmtSvc().getOrganizationConfigByUuid(orgOwner.getOrganization().getUuid());

    String subject = "User Account Confirmation: " + appUserEmail;
    String confirmation_url =
        orgConfig.getFullUrl(
            WorkflowUrl.USER_CONFIRMATION_URL, orgName, appName, user.getUuid().toString());

    // request confirmation
    setup.getMgmtSvc().startAppUserActivationFlow(app.getId(), user);

    List<Message> inbox = Mailbox.get(appUserEmail);
    assertFalse(inbox.isEmpty());
    MockImapClient client = new MockImapClient("test.com", appUserUsername, "somepassword");
    client.processMail();

    // subject ok
    Message confirmation = inbox.get(0);
    assertEquals(subject, confirmation.getSubject());

    // confirmation url ok
    String mailContent =
        (String) ((MimeMultipart) confirmation.getContent()).getBodyPart(1).getContent();
    logger.info(mailContent);
    assertTrue(StringUtils.contains(mailContent.toLowerCase(), confirmation_url.toLowerCase()));

    // token ok
    String token = getTokenFromMessage(confirmation);
    logger.info(token);
    ActivationState activeState =
        setup.getMgmtSvc().handleConfirmationTokenForAppUser(app.getId(), user.getUuid(), token);
    assertEquals(ActivationState.CONFIRMED_AWAITING_ACTIVATION, activeState);
  }
  /**
   * Tests that when a user is added to an app and activation on that app is required, the org admin
   * is emailed
   *
   * @throws Exception
   *     <p>TODO, I'm not convinced this worked correctly. IT can't find users collection in the
   *     orgs. Therefore, I think this is a legitimate bug that was just found from fixing the tests
   *     to be unique admins orgs and emails
   */
  @Test
  public void testAppUserActivationResetpwdMail() throws Exception {

    final String orgName = uniqueOrg();
    final String appName = uniqueApp();
    final String adminUserName = uniqueUsername();
    final String adminEmail = uniqueEmail();
    final String adminPasswd = "testpassword";

    OrganizationOwnerInfo orgOwner =
        createOwnerAndOrganization(
            orgName, appName, adminUserName, adminEmail, adminPasswd, false, false);
    assertNotNull(orgOwner);

    ApplicationInfo app =
        setup.getMgmtSvc().createApplication(orgOwner.getOrganization().getUuid(), appName);
    this.app.refreshIndex();

    // turn on app admin approval for app users
    enableAdminApproval(app.getId());

    final String appUserUsername = uniqueUsername();
    final String appUserEmail = uniqueEmail();

    OrganizationConfig orgConfig =
        setup.getMgmtSvc().getOrganizationConfigByUuid(orgOwner.getOrganization().getUuid());

    User appUser = setupAppUser(app.getId(), appUserUsername, appUserEmail, false);

    String subject = "Request For User Account Activation " + appUserEmail;
    String activation_url =
        orgConfig.getFullUrl(
            WorkflowUrl.USER_ACTIVATION_URL, orgName, appName, appUser.getUuid().toString());

    setup.refreshIndex(app.getId());

    // Activation
    setup.getMgmtSvc().startAppUserActivationFlow(app.getId(), appUser);

    List<Message> inbox = Mailbox.get(adminEmail);
    assertFalse(inbox.isEmpty());
    MockImapClient client = new MockImapClient("usergrid.com", adminUserName, "somepassword");
    client.processMail();

    // subject ok
    Message activation = inbox.get(0);
    assertEquals(subject, activation.getSubject());

    // activation url ok
    String mailContent =
        (String) ((MimeMultipart) activation.getContent()).getBodyPart(1).getContent();
    logger.info(mailContent);
    assertTrue(StringUtils.contains(mailContent.toLowerCase(), activation_url.toLowerCase()));

    // token ok
    String token = getTokenFromMessage(activation);
    logger.info(token);
    ActivationState activeState =
        setup.getMgmtSvc().handleActivationTokenForAppUser(app.getId(), appUser.getUuid(), token);
    assertEquals(ActivationState.ACTIVATED, activeState);

    subject = "Password Reset";
    String reset_url =
        orgConfig.getFullUrl(
            WorkflowUrl.USER_RESETPW_URL, orgName, appName, appUser.getUuid().toString());

    // reset_pwd
    setup.getMgmtSvc().startAppUserPasswordResetFlow(app.getId(), appUser);

    inbox = Mailbox.get(appUserEmail);
    assertFalse(inbox.isEmpty());
    client = new MockImapClient("test.com", appUserUsername, "somepassword");
    client.processMail();

    // subject ok
    Message reset = inbox.get(1);
    assertEquals(subject, reset.getSubject());

    // resetpwd url ok
    mailContent = (String) ((MimeMultipart) reset.getContent()).getBodyPart(1).getContent();
    logger.info(mailContent);
    assertTrue(StringUtils.contains(mailContent.toLowerCase(), reset_url.toLowerCase()));

    // token ok
    token = getTokenFromMessage(reset);
    logger.info(token);
    assertTrue(
        setup
            .getMgmtSvc()
            .checkPasswordResetTokenForAppUser(app.getId(), appUser.getUuid(), token));

    // ensure revoke works
    setup.getMgmtSvc().revokeAccessTokenForAppUser(token);
    assertFalse(
        setup
            .getMgmtSvc()
            .checkPasswordResetTokenForAppUser(app.getId(), appUser.getUuid(), token));
  }