@Test public void testUpdateUserProfile() throws Exception { UserManager userManager = makeInterceptedTarget(); final User user = new User("user"); user.setId(1L); user.getRoles().add(new Role(Constants.USER_ROLE)); given(userDao.saveUser(user)).willReturn(user); userManager.saveUser(user); }
// Test fix to http://issues.appfuse.org/browse/APF-96 @Test public void testChangeToAdminRoleFromUserRole() throws Exception { UserManager userManager = makeInterceptedTarget(); User user = new User("user"); user.setId(1L); user.getRoles().add(new Role(Constants.ADMIN_ROLE)); try { userManager.saveUser(user); fail("AccessDeniedException not thrown"); } catch (AccessDeniedException expected) { assertNotNull(expected); assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED); } }
@Test public void testAddUserWithoutAdminRole() throws Exception { Authentication auth = SecurityContextHolder.getContext().getAuthentication(); assertTrue(auth.isAuthenticated()); UserManager userManager = makeInterceptedTarget(); User user = new User("admin"); user.setId(2L); try { userManager.saveUser(user); fail("AccessDeniedException not thrown"); } catch (AccessDeniedException expected) { assertNotNull(expected); Assert.assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED); } }
// Test fix to http://issues.appfuse.org/browse/APF-96 @Test public void testAddUserRoleWhenHasAdminRole() throws Exception { SecurityContext securityContext = new SecurityContextImpl(); User user1 = new User("user"); user1.setId(1L); user1.setPassword("password"); user1.addRole(new Role(Constants.ADMIN_ROLE)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( user1.getUsername(), user1.getPassword(), user1.getAuthorities()); token.setDetails(user1); securityContext.setAuthentication(token); SecurityContextHolder.setContext(securityContext); UserManager userManager = makeInterceptedTarget(); final User user = new User("user"); user.setId(1L); user.getRoles().add(new Role(Constants.ADMIN_ROLE)); user.getRoles().add(new Role(Constants.USER_ROLE)); given(userDao.saveUser(user)).willReturn(user); userManager.saveUser(user); }
@Before public void setUp() throws Exception { // store initial security context for later restoration initialSecurityContext = SecurityContextHolder.getContext(); SecurityContext context = new SecurityContextImpl(); User user = new User("user"); user.setId(1L); user.setPassword("password"); user.addRole(new Role(Constants.USER_ROLE)); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( user.getUsername(), user.getPassword(), user.getAuthorities()); token.setDetails(user); context.setAuthentication(token); SecurityContextHolder.setContext(context); }