Esempio n. 1
0
  public void test_MNT11595() throws Exception {
    final String user = "******";

    try {
      // admin authentication
      this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());

      MutableAuthenticationService mas =
          (MutableAuthenticationService)
              getServer().getApplicationContext().getBean("authenticationService");

      // create user
      createUser(user, SiteModel.SITE_MANAGER);

      assertTrue(personService.personExists(user));

      // invite user to a site with 'Manager' role
      siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteManager.toString());

      // user authentication
      this.authenticationComponent.setCurrentUser(user);

      // create wiki page by user ('Manager' role)
      WikiPageInfo wikiPage =
          this.wikiService.createWikiPage(
              SITE_SHORT_NAME_WIKI,
              "test wiki page",
              "I like pigs. Dogs look up to us. Cats look down on us. Pigs treat us as equals. Sir Winston Churchill");

      String uri =
          "/slingshot/wiki/page/"
              + SITE_SHORT_NAME_WIKI
              + "/Main_Page?alf_ticket="
              + mas.getCurrentTicket()
              + "application/json";

      Response responseManagerRole = sendRequest(new GetRequest(uri), 404);
      JSONObject resultManagerRole = new JSONObject(responseManagerRole.getContentAsString());
      JSONObject permissionsManagerRole = resultManagerRole.getJSONObject("permissions");
      assertTrue(permissionsManagerRole.getBoolean("create"));
      assertTrue(permissionsManagerRole.getBoolean("edit"));

      // admin authentication
      this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());

      // change user role - 'Consumer' role
      siteService.setMembership(SITE_SHORT_NAME_WIKI, user, SiteRole.SiteConsumer.toString());

      // user authentication
      this.authenticationComponent.setCurrentUser(user);

      Response responseConsumerRole = sendRequest(new GetRequest(uri), 404);
      JSONObject resultConsumerRole = new JSONObject(responseConsumerRole.getContentAsString());
      JSONObject permissionsConsumerRole = resultConsumerRole.getJSONObject("permissions");
      assertFalse(permissionsConsumerRole.getBoolean("create"));
      assertFalse(permissionsConsumerRole.getBoolean("edit"));
    } finally {
      this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());

      if (personService.personExists(user)) {
        personService.deletePerson(user);
      }

      if (this.authenticationService.authenticationExists(user)) {
        this.authenticationService.deleteAuthentication(user);
      }
    }
  }