@Test
public void testModifyPassword() throws Exception {
String name = "createUser" + r.nextInt();
String password = "******";
UserWrapper user = UserHelper.addUser(name, password, true);
// check user can connect
BiobankApplicationService newUserAppService = AllTestsSuite.connect(name, password);
String newPwd = "new123";
// search the user again otherwise the appService will still try with
// testuser
user = UserWrapper.getUser(newUserAppService, name);
user.modifyPassword(password, newPwd, null);
// check user can't connect with old password
try {
AllTestsSuite.connect(name, password);
Assert.fail("Should not be able to connect with the old password anymore");
} catch (ApplicationException ae) {
Assert.assertTrue(
"Should failed because of authentication",
ae.getMessage().contains("Error authenticating user"));
}
// check user can't connect with new password
AllTestsSuite.connect(name, newPwd);
}
@Test
public void testCreateUser() throws BiobankCheckException, Exception {
String name = "createUser" + r.nextInt();
String password = "******";
UserWrapper user = UserHelper.addUser(name, password, true);
// check biobank user
User dbUser = ModelUtils.getObjectWithId(appService, User.class, user.getId());
Assert.assertNotNull(dbUser);
Assert.assertEquals(name, dbUser.getLogin());
Assert.assertNotNull(dbUser.getCsmUserId());
// check csm user
UserProvisioningManager upm =
SecurityServiceProvider.getUserProvisioningManager(
BiobankCSMSecurityUtil.APPLICATION_CONTEXT_NAME);
gov.nih.nci.security.authorization.domainobjects.User csmUser = upm.getUser(name);
Assert.assertNotNull(csmUser);
Assert.assertNotNull(csmUser.getPassword());
Assert.assertFalse(csmUser.getPassword().isEmpty());
// check user can connect
BiobankApplicationService newUserAppService = AllTestsSuite.connect(name, password);
// check user can access a biobank object using the new appService
try {
newUserAppService.search(Site.class, new Site());
} catch (AccessDeniedException ade) {
Assert.fail("User should be able to access any object");
}
}