public void testAddAndRemoveUser() throws Exception {
user = new User();
// call populate method in super class to populate test data
// from a properties file matching this class name
user = (User) populate(user);
user.addRole(roleManager.getRole(Constants.USER_ROLE));
user = mgr.saveUser(user);
assertEquals("john", user.getUsername());
assertEquals(1, user.getRoles().size());
log.debug("removing user...");
mgr.removeUser(user.getId().toString());
try {
user = mgr.getUserByUsername("john");
fail("Expected 'Exception' not thrown");
} catch (Exception e) {
log.debug(e);
assertNotNull(e);
}
}
// Test fix to http://issues.appfuse.org/browse/APF-96
public void testUpdateUserWithUserRole() throws Exception {
UserManager userManager = makeInterceptedTarget();
User user = new User("user");
user.setId(1L);
user.getRoles().add(new Role(Constants.USER_ROLE));
userDao.expects(once()).method("saveUser");
userManager.saveUser(user);
}
public void testSaveUser() throws Exception {
user = mgr.getUserByUsername("user");
user.setPhoneNumber("303-555-1212");
log.debug("saving user with updated phone number: " + user);
user = mgr.saveUser(user);
assertEquals("303-555-1212", user.getPhoneNumber());
assertEquals(1, user.getRoles().size());
}
@Test
public void testSaveUser() throws Exception {
User user = new User("u1");
userManager.saveUser(user);
// Verify if saveUser was invoked on userService with given 'user' object.
Mockito.verify(userService).saveUser(user);
// Verify with Argument Matcher
Mockito.verify(userService).saveUser(Mockito.<User>any());
}
// Test fix to http://issues.appfuse.org/browse/APF-96
public void testChangeToAdminRoleFromUserRole() throws Exception {
UserManager userManager = makeInterceptedTarget();
User user = new User("user");
user.setId(1L);
user.getRoles().add(new Role(Constants.ADMIN_ROLE));
try {
userManager.saveUser(user);
fail("AccessDeniedException not thrown");
} catch (AccessDeniedException expected) {
assertNotNull(expected);
assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED);
}
}
public void testAddUserWithoutAdminRole() throws Exception {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
assertTrue(auth.isAuthenticated());
UserManager userManager = makeInterceptedTarget();
User user = new User("admin");
user.setId(2L);
try {
userManager.saveUser(user);
fail("AccessDeniedException not thrown");
} catch (AccessDeniedException expected) {
assertNotNull(expected);
assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED);
}
}
public void testAddUserAsAdmin() throws Exception {
SecurityContext context = new SecurityContextImpl();
User user = new User("admin");
user.setId(2L);
user.setPassword("password");
user.addRole(new Role(Constants.ADMIN_ROLE));
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(
user.getUsername(), user.getPassword(), user.getAuthorities());
token.setDetails(user);
context.setAuthentication(token);
SecurityContextHolder.setContext(context);
UserManager userManager = makeInterceptedTarget();
User adminUser = new User("admin");
adminUser.setId(2L);
userDao.expects(once()).method("saveUser");
userManager.saveUser(adminUser);
}
