@Test public void test() throws Exception { // use admin TestContext testContext = TestContainer.getInstance().getTestContext(); // user is created at security.xml testContext.setUsername(NEXUS504_USER); testContext.setPassword(TEST_USER_PASSWORD); assertThat(UserCreationUtil.login(), hasStatusCode(403)); // add login privilege to role testContext.useAdminForRequests(); RoleResource role = roleUtil.getRole(NEXUS504_ROLE); role.addPrivilege("2" /* login */); assertThat( "Unable to add login privilege to role " + NEXUS504_ROLE + "\n" + RoleMessageUtil.update(role).getDescription(), RoleMessageUtil.update(role), isSuccess()); // try to login again testContext.setUsername(NEXUS504_USER); testContext.setPassword(TEST_USER_PASSWORD); Status status2 = UserCreationUtil.login(); assertThat(status2, hasStatusCode(200)); }
@Test public void createRoleTest() throws IOException { RoleResource resource = new RoleResource(); resource.setDescription("Create Test Role"); resource.setName("CreateRole"); resource.setSessionTimeout(30); resource.addPrivilege("1"); resource.addPrivilege("2"); this.messageUtil.createRole(resource); }
@Test public void listTest() throws IOException { RoleResource resource = new RoleResource(); resource.setDescription("Create Test Role"); resource.setName("ListTestRole"); resource.setSessionTimeout(30); resource.addPrivilege("1"); // create a role this.messageUtil.createRole(resource); // now that we have at least one element stored (more from other tests, most likely) // NEED to work around a GET problem with the REST client List<RoleResource> roles = this.messageUtil.getList(); getSecurityConfigUtil().verifyRolesComplete(roles); }
@Test @Category(SECURITY.class) public void deletePriv() throws Exception { RoleResource role = roleUtil.getRole(ROLE_ID); Assert.assertNotNull(role); MatcherAssert.assertThat(role.getPrivileges(), hasItems(PRIVS)); privUtil.assertExists(PRIVS); // remove read Assert.assertTrue(privUtil.delete(READ_PRIV_ID).getStatus().isSuccess()); role = roleUtil.getRole(ROLE_ID); MatcherAssert.assertThat(role.getPrivileges(), not(hasItems(READ_PRIV_ID))); MatcherAssert.assertThat( role.getPrivileges(), hasItems(CREATE_PRIV_ID, UPDATE_PRIV_ID, DELETE_PRIV_ID)); // remove create Assert.assertTrue(privUtil.delete(CREATE_PRIV_ID).getStatus().isSuccess()); role = roleUtil.getRole(ROLE_ID); MatcherAssert.assertThat(role.getPrivileges(), not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID))); MatcherAssert.assertThat(role.getPrivileges(), hasItems(UPDATE_PRIV_ID, DELETE_PRIV_ID)); // remove update Assert.assertTrue(privUtil.delete(UPDATE_PRIV_ID).getStatus().isSuccess()); role = roleUtil.getRole(ROLE_ID); MatcherAssert.assertThat( role.getPrivileges(), not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID, UPDATE_PRIV_ID))); MatcherAssert.assertThat(role.getPrivileges(), hasItems(DELETE_PRIV_ID)); // remove delete Assert.assertTrue(privUtil.delete(DELETE_PRIV_ID).getStatus().isSuccess()); role = roleUtil.getRole(ROLE_ID); MatcherAssert.assertThat( role.getPrivileges(), not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID, UPDATE_PRIV_ID, DELETE_PRIV_ID))); Assert.assertTrue(role.getPrivileges().isEmpty()); privUtil.assertNotExists(PRIVS); }
@Test public void deleteTest() throws IOException { RoleResource resource = new RoleResource(); resource.setDescription("Delete Test Role"); resource.setName("deleteRole"); resource.setSessionTimeout(1); resource.addPrivilege("7"); resource.addPrivilege("8"); RoleResource responseResource = this.messageUtil.createRole(resource); // use the new ID Response response = this.messageUtil.sendMessage(Method.DELETE, responseResource); if (!response.getStatus().isSuccess()) { Assert.fail("Could not delete Role: " + response.getStatus()); } // TODO: check if deleted Assert.assertNull(getSecurityConfigUtil().getCRole(responseResource.getId())); }
public void readTest() throws IOException { RoleResource resource = new RoleResource(); resource.setDescription("Read Test Role"); resource.setName("ReadRole"); resource.setSessionTimeout(31); resource.addPrivilege("3"); resource.addPrivilege("4"); resource = this.messageUtil.createRole(resource); // get the Resource object RoleResource responseResource = this.messageUtil.getRole(resource.getId()); Assert.assertEquals(resource.getId(), responseResource.getId()); Assert.assertEquals(resource.getDescription(), responseResource.getDescription()); Assert.assertEquals(resource.getName(), responseResource.getName()); Assert.assertEquals(resource.getPrivileges(), responseResource.getPrivileges()); Assert.assertEquals(resource.getRoles(), responseResource.getRoles()); }
@Test public void updateTest() throws IOException { RoleResource resource = new RoleResource(); resource.setDescription("Update Test Role"); resource.setName("UpdateRole"); resource.setSessionTimeout(99999); resource.addPrivilege("5"); resource.addPrivilege("4"); RoleResource responseResource = this.messageUtil.createRole(resource); // update the Role // TODO: add tests that changes the Id resource.setId(responseResource.getId()); resource.setName("UpdateRole Again"); resource.setDescription("Update Test Role Again"); resource.getPrivileges().clear(); // clear the privs resource.addPrivilege("6"); resource.setSessionTimeout(10); Response response = this.messageUtil.sendMessage(Method.PUT, resource); if (!response.getStatus().isSuccess()) { Assert.fail("Could not update Role: " + response.getStatus()); } // get the Resource object responseResource = this.messageUtil.getResourceFromResponse(response); Assert.assertEquals(resource.getId(), responseResource.getId()); Assert.assertEquals(resource.getDescription(), responseResource.getDescription()); Assert.assertEquals(resource.getName(), responseResource.getName()); Assert.assertEquals(resource.getSessionTimeout(), responseResource.getSessionTimeout()); Assert.assertEquals(resource.getPrivileges(), responseResource.getPrivileges()); Assert.assertEquals(resource.getRoles(), responseResource.getRoles()); getSecurityConfigUtil().verifyRole(resource); }