@Test(groups = "slow")
public void testPermissions() throws Exception {
logout();
try {
killBillClient.getPermissions();
Assert.fail();
} catch (final KillBillClientException e) {
Assert.assertEquals(e.getResponse().getStatusCode(), Status.UNAUTHORIZED.getStatusCode());
}
// See src/test/resources/shiro.ini
final List<String> pierresPermissions = getPermissions("pierre", "password");
Assert.assertEquals(pierresPermissions.size(), 2);
Assert.assertEquals(
new HashSet<String>(pierresPermissions),
ImmutableSet.<String>of(
Permission.INVOICE_CAN_CREDIT.toString(),
Permission.INVOICE_CAN_ITEM_ADJUST.toString()));
final List<String> stephanesPermissions = getPermissions("stephane", "password");
Assert.assertEquals(stephanesPermissions.size(), 1);
Assert.assertEquals(
new HashSet<String>(stephanesPermissions),
ImmutableSet.<String>of(Permission.PAYMENT_CAN_REFUND.toString()));
}
@Test(groups = "slow", description = "refresh payment methods")
public void testRefreshPaymentMethods() throws Exception {
Account account = createAccountWithDefaultPaymentMethod("someExternalKey");
final PaymentMethods paymentMethodsBeforeRefreshing =
killBillClient.getPaymentMethodsForAccount(account.getAccountId());
assertEquals(paymentMethodsBeforeRefreshing.size(), 1);
assertEquals(paymentMethodsBeforeRefreshing.get(0).getExternalKey(), "someExternalKey");
// WITH NAME OF AN EXISTING PLUGIN
killBillClient.refreshPaymentMethods(
account.getAccountId(),
PLUGIN_NAME,
ImmutableMap.<String, String>of(),
createdBy,
reason,
comment);
final PaymentMethods paymentMethodsAfterExistingPluginCall =
killBillClient.getPaymentMethodsForAccount(account.getAccountId());
assertEquals(paymentMethodsAfterExistingPluginCall.size(), 1);
assertEquals(paymentMethodsAfterExistingPluginCall.get(0).getExternalKey(), "someExternalKey");
// WITHOUT PLUGIN NAME
killBillClient.refreshPaymentMethods(
account.getAccountId(), ImmutableMap.<String, String>of(), createdBy, reason, comment);
final PaymentMethods paymentMethodsAfterNoPluginNameCall =
killBillClient.getPaymentMethodsForAccount(account.getAccountId());
assertEquals(paymentMethodsAfterNoPluginNameCall.size(), 1);
assertEquals(paymentMethodsAfterNoPluginNameCall.get(0).getExternalKey(), "someExternalKey");
// WITH WRONG PLUGIN NAME
try {
killBillClient.refreshPaymentMethods(
account.getAccountId(),
"GreatestPluginEver",
ImmutableMap.<String, String>of(),
createdBy,
reason,
comment);
Assert.fail();
} catch (KillBillClientException e) {
Assert.assertEquals(
e.getBillingException().getCode(),
(Integer) ErrorCode.PAYMENT_NO_SUCH_PAYMENT_PLUGIN.getCode());
}
}
@Test(groups = "slow", description = "Verify external key is unique")
public void testUniqueExternalKey() throws Exception {
// Verify the external key is not mandatory
final Account inputWithNoExternalKey =
getAccount(UUID.randomUUID().toString(), null, UUID.randomUUID().toString());
Assert.assertNull(inputWithNoExternalKey.getExternalKey());
final Account account =
killBillClient.createAccount(inputWithNoExternalKey, createdBy, reason, comment);
Assert.assertNotNull(account.getExternalKey());
final Account inputWithSameExternalKey =
getAccount(
UUID.randomUUID().toString(), account.getExternalKey(), UUID.randomUUID().toString());
try {
killBillClient.createAccount(inputWithSameExternalKey, createdBy, reason, comment);
Assert.fail();
} catch (final KillBillClientException e) {
Assert.assertEquals(
e.getBillingException().getCode(), (Integer) ErrorCode.ACCOUNT_ALREADY_EXISTS.getCode());
}
}
@Test(groups = "slow")
public void testUserWithUpdates() throws KillBillClientException {
final String roleDefinition = "somethingNice";
final String allPermissions = "*";
final String username = "******";
final String password = "******";
Response response =
killBillClient.addRoleDefinition(
new RoleDefinition(roleDefinition, ImmutableList.of(allPermissions)),
createdBy,
reason,
comment);
Assert.assertEquals(response.getStatusCode(), 201);
response =
killBillClient.addUserRoles(
new UserRoles(username, password, ImmutableList.of(roleDefinition)),
createdBy,
reason,
comment);
Assert.assertEquals(response.getStatusCode(), 201);
logout();
login(username, password);
Permissions permissions = killBillClient.getPermissions();
Assert.assertEquals(permissions.size(), Permission.values().length);
String newPassword = "******";
killBillClient.updateUserPassword(username, newPassword, createdBy, reason, comment);
logout();
login(username, newPassword);
permissions = killBillClient.getPermissions();
Assert.assertEquals(permissions.size(), Permission.values().length);
final String newRoleDefinition = "somethingLessNice";
// Only enough permissions to invalidate itself in the last step...
final String littlePermissions = "user";
response =
killBillClient.addRoleDefinition(
new RoleDefinition(newRoleDefinition, ImmutableList.of(littlePermissions)),
createdBy,
reason,
comment);
Assert.assertEquals(response.getStatusCode(), 201);
killBillClient.updateUserRoles(
username, ImmutableList.of(newRoleDefinition), createdBy, reason, comment);
permissions = killBillClient.getPermissions();
// This will only work if correct shiro cache invalidation was performed... requires lots of
// sweat to get it to work ;-)
Assert.assertEquals(permissions.size(), 2);
killBillClient.invalidateUser(username, createdBy, reason, comment);
try {
killBillClient.getPermissions();
Assert.fail();
} catch (final KillBillClientException e) {
Assert.assertEquals(e.getResponse().getStatusCode(), Status.UNAUTHORIZED.getStatusCode());
}
}