// Test fix to http://issues.appfuse.org/browse/APF-96
public void testUpdateUserWithUserRole() throws Exception {
UserManager userManager = makeInterceptedTarget();
User user = new User("user");
user.setId(1L);
user.getRoles().add(new Role(Constants.USER_ROLE));
userDao.expects(once()).method("saveUser");
userManager.saveUser(user);
}
// Test fix to http://issues.appfuse.org/browse/APF-96
public void testChangeToAdminRoleFromUserRole() throws Exception {
UserManager userManager = makeInterceptedTarget();
User user = new User("user");
user.setId(1L);
user.getRoles().add(new Role(Constants.ADMIN_ROLE));
try {
userManager.saveUser(user);
fail("AccessDeniedException not thrown");
} catch (AccessDeniedException expected) {
assertNotNull(expected);
assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED);
}
}
// Test fix to http://issues.appfuse.org/browse/APF-96
public void testAddUserRoleWhenHasAdminRole() throws Exception {
SecurityContext context = new SecurityContextImpl();
User user1 = new User("user");
user1.setId(1L);
user1.setPassword("password");
user1.addRole(new Role(Constants.ADMIN_ROLE));
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(
user1.getUsername(), user1.getPassword(), user1.getAuthorities());
token.setDetails(user1);
context.setAuthentication(token);
SecurityContextHolder.setContext(context);
UserManager userManager = makeInterceptedTarget();
User user = new User("user");
user.setId(1L);
user.getRoles().add(new Role(Constants.ADMIN_ROLE));
user.getRoles().add(new Role(Constants.USER_ROLE));
userDao.expects(once()).method("saveUser");
userManager.saveUser(user);
}