@Test
public void anonymous_should_be_authorized() {
setupData("anonymous_should_be_authorized");
AuthorizationDao authorization = new AuthorizationDao(getMyBatis());
Set<String> componentIds =
authorization.keepAuthorizedComponentKeys(
Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT, EMPTY_PROJECT),
null,
"user");
assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE, EMPTY_PROJECT);
// group does not have the role "admin"
componentIds =
authorization.keepAuthorizedComponentKeys(
Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), null, "admin");
assertThat(componentIds).isEmpty();
}
@Test
public void group_should_have_global_authorization() {
// user is in a group that has authorized access to all projects
setupData("group_should_have_global_authorization");
AuthorizationDao authorization = new AuthorizationDao(getMyBatis());
Set<String> componentIds =
authorization.keepAuthorizedComponentKeys(
Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT, EMPTY_PROJECT),
USER,
"user");
assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE, EMPTY_PROJECT);
// group does not have the role "admin"
componentIds =
authorization.keepAuthorizedComponentKeys(
Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT, EMPTY_PROJECT),
USER,
"admin");
assertThat(componentIds).isEmpty();
}
