@Test
public void shouldLoginAsAdmin() {
final RestTestUser admin = AuthEndPointsHandler.loginAsAdmin();
boolean userIsAdmin = UserEndPointsHandler.isUserAdmin(admin.getUserId());
assertThat(userIsAdmin, is(Boolean.TRUE));
AdminCategoryEndPointsHandler.getItems();
}
@Test
public void shouldLogin() {
UserRegData anotherUserData = RandomUtils.randomUser();
UserDTO anotherUser = AuthEndPointsHandler.registerNewUser(anotherUserData);
AuthResponse authResponse =
AuthEndPointsHandler.login(anotherUserData.getLogin(), anotherUserData.getPassword());
boolean userIsAdmin =
UserEndPointsHandler.isUserAdmin(AuthEndPointsHandler.readUserId(authResponse));
assertThat(userIsAdmin, is(Boolean.FALSE));
}
@Test
public void shouldFailNonPublicResourcesGettingIfUnauthorized() {
Response response =
RequestHelper.doGet(
UserRoutes.USER_GET, UserEndPointsHandler.getParams(123), HttpStatus.SC_UNAUTHORIZED);
AuthResponse authResponse = response.as(AuthResponse.class);
assertThat(authResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED));
assertThat(
authResponse.getDetails().get(AuthResponse.ERROR),
is(FULL_AUTHENTICATION_IS_REQUIRED_TO_ACCESS_THIS_RESOURCE));
}
@Test
public void shouldGoThrough() {
UserRegData anotherUserData = RandomUtils.randomUser();
UserDTO anotherUser = AuthEndPointsHandler.registerNewUser(anotherUserData);
UserRegData userData = RandomUtils.randomUser();
// register new user
UserDTO registeredUser = AuthEndPointsHandler.registerNewUser(userData);
// registration of new user is not a authentication - non public resources are not available
Response userDataResponse2 =
RequestHelper.doGet(
UserRoutes.USER_GET,
Collections.singletonMap(RestTestConstants.USER_ID, registeredUser.getUserId()),
HttpStatus.SC_UNAUTHORIZED);
AuthResponse userDataResponse2AuthResponse = userDataResponse2.as(AuthResponse.class);
assertThat(
userDataResponse2AuthResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED));
// login as earlie registered user
AuthResponse authResponse2 =
AuthEndPointsHandler.login(userData.getLogin(), userData.getPassword());
// non public resources should be available now
UserEditDTO ownData = UserEndPointsHandler.getUserEditData(registeredUser.getUserId());
Response anotherUserDataResponse =
RequestHelper.doGet(
UserRoutes.USER_GET,
Collections.singletonMap(RestTestConstants.USER_ID, anotherUser.getUserId()),
HttpStatus.SC_UNPROCESSABLE_ENTITY);
Response nonExistingUserDataResponse =
RequestHelper.doGet(
UserRoutes.USER_GET,
Collections.singletonMap(RestTestConstants.USER_ID, 1024),
HttpStatus.SC_UNPROCESSABLE_ENTITY);
// log out
AuthResponse logoutAuthResponse = AuthEndPointsHandler.logout();
assertThat(logoutAuthResponse.getResponseCode(), is(HttpStatus.SC_OK));
// non public resources are not available again
Response userDataResponse4 =
RequestHelper.doGet(
UserRoutes.USER_GET,
Collections.singletonMap(RestTestConstants.USER_ID, registeredUser.getUserId()),
HttpStatus.SC_UNAUTHORIZED);
AuthResponse taskList4AuthResponse = userDataResponse4.as(AuthResponse.class);
assertThat(taskList4AuthResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED));
}
