@Test
public void test() throws Exception {
// use admin
TestContext testContext = TestContainer.getInstance().getTestContext();
// user is created at security.xml
testContext.setUsername(NEXUS504_USER);
testContext.setPassword(TEST_USER_PASSWORD);
assertThat(UserCreationUtil.login(), hasStatusCode(403));
// add login privilege to role
testContext.useAdminForRequests();
RoleResource role = roleUtil.getRole(NEXUS504_ROLE);
role.addPrivilege("2" /* login */);
assertThat(
"Unable to add login privilege to role "
+ NEXUS504_ROLE
+ "\n"
+ RoleMessageUtil.update(role).getDescription(),
RoleMessageUtil.update(role),
isSuccess());
// try to login again
testContext.setUsername(NEXUS504_USER);
testContext.setPassword(TEST_USER_PASSWORD);
Status status2 = UserCreationUtil.login();
assertThat(status2, hasStatusCode(200));
}
@Test
public void getExternalRoles() throws Exception {
List<PlexusRoleResource> roles = roleUtil.getRoles("Simple");
Assert.assertTrue(containsRole(roles, "role-123"), "Role not found");
Assert.assertTrue(containsRole(roles, "role-abc"), "Role not found");
Assert.assertTrue(containsRole(roles, "role-xyz"), "Role not found");
}
@Test
@Category(SECURITY.class)
public void deletePriv() throws Exception {
RoleResource role = roleUtil.getRole(ROLE_ID);
Assert.assertNotNull(role);
MatcherAssert.assertThat(role.getPrivileges(), hasItems(PRIVS));
privUtil.assertExists(PRIVS);
// remove read
Assert.assertTrue(privUtil.delete(READ_PRIV_ID).getStatus().isSuccess());
role = roleUtil.getRole(ROLE_ID);
MatcherAssert.assertThat(role.getPrivileges(), not(hasItems(READ_PRIV_ID)));
MatcherAssert.assertThat(
role.getPrivileges(), hasItems(CREATE_PRIV_ID, UPDATE_PRIV_ID, DELETE_PRIV_ID));
// remove create
Assert.assertTrue(privUtil.delete(CREATE_PRIV_ID).getStatus().isSuccess());
role = roleUtil.getRole(ROLE_ID);
MatcherAssert.assertThat(role.getPrivileges(), not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID)));
MatcherAssert.assertThat(role.getPrivileges(), hasItems(UPDATE_PRIV_ID, DELETE_PRIV_ID));
// remove update
Assert.assertTrue(privUtil.delete(UPDATE_PRIV_ID).getStatus().isSuccess());
role = roleUtil.getRole(ROLE_ID);
MatcherAssert.assertThat(
role.getPrivileges(), not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID, UPDATE_PRIV_ID)));
MatcherAssert.assertThat(role.getPrivileges(), hasItems(DELETE_PRIV_ID));
// remove delete
Assert.assertTrue(privUtil.delete(DELETE_PRIV_ID).getStatus().isSuccess());
role = roleUtil.getRole(ROLE_ID);
MatcherAssert.assertThat(
role.getPrivileges(),
not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID, UPDATE_PRIV_ID, DELETE_PRIV_ID)));
Assert.assertTrue(role.getPrivileges().isEmpty());
privUtil.assertNotExists(PRIVS);
}