public void testUpdatePersistentAuthorization() { TestResource resource1 = new TestResource("resource1", 100); TestResource resource2 = new TestResource("resource1", 101); Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); authorization.setUserId("aUserId"); authorization.setResource(resource1); authorization.setResourceId("aResourceId"); authorization.addPermission(ACCESS); // save the authorization authorizationService.saveAuthorization(authorization); // validate authorization Authorization savedAuthorization = authorizationService.createAuthorizationQuery().singleResult(); assertEquals("aUserId", savedAuthorization.getUserId()); assertEquals(resource1.resourceType(), savedAuthorization.getResourceType()); assertEquals("aResourceId", savedAuthorization.getResourceId()); assertTrue(savedAuthorization.hasPermission(ACCESS)); // update authorization savedAuthorization.setUserId("anotherUserId"); savedAuthorization.setResource(resource2); savedAuthorization.setResourceId("anotherResourceId"); savedAuthorization.addPermission(DELETE); authorizationService.saveAuthorization(savedAuthorization); // validate authorization updated savedAuthorization = authorizationService.createAuthorizationQuery().singleResult(); assertEquals("anotherUserId", savedAuthorization.getUserId()); assertEquals(resource2.resourceType(), savedAuthorization.getResourceType()); assertEquals("anotherResourceId", savedAuthorization.getResourceId()); assertTrue(savedAuthorization.hasPermission(ACCESS)); assertTrue(savedAuthorization.hasPermission(DELETE)); }
public void testCreateGroup() { // initially there are no authorizations for group "sales": assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); // create new group identityService.saveGroup(identityService.newGroup("sales")); // now there is an authorization for sales which grants all members READ permissions Authorization authorization = authorizationService.createAuthorizationQuery().groupIdIn("sales").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(GROUP.resourceType(), authorization.getResourceType()); assertEquals("sales", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(READ)); // delete the group identityService.deleteGroup("sales"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("sales").count()); }
public void testCreateUser() { // initially there are no authorizations for jonny2: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); // create new user identityService.saveUser(identityService.newUser("jonny2")); // now there is an authorization for jonny2 which grants him ALL permissions on himself Authorization authorization = authorizationService.createAuthorizationQuery().userIdIn("jonny2").singleResult(); assertNotNull(authorization); assertEquals(AUTH_TYPE_GRANT, authorization.getAuthorizationType()); assertEquals(USER.resourceType(), authorization.getResourceType()); assertEquals("jonny2", authorization.getResourceId()); assertTrue(authorization.isPermissionGranted(ALL)); // delete the user identityService.deleteUser("jonny2"); // the authorization is deleted as well: assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("jonny2").count()); }