@Test
  public void test() throws Exception {
    // use admin
    TestContext testContext = TestContainer.getInstance().getTestContext();

    // user is created at security.xml

    testContext.setUsername(NEXUS504_USER);
    testContext.setPassword(TEST_USER_PASSWORD);

    assertThat(UserCreationUtil.login(), hasStatusCode(403));

    // add login privilege to role
    testContext.useAdminForRequests();

    RoleResource role = roleUtil.getRole(NEXUS504_ROLE);
    role.addPrivilege("2" /* login */);
    assertThat(
        "Unable to add login privilege to role "
            + NEXUS504_ROLE
            + "\n"
            + RoleMessageUtil.update(role).getDescription(),
        RoleMessageUtil.update(role),
        isSuccess());

    // try to login again
    testContext.setUsername(NEXUS504_USER);
    testContext.setPassword(TEST_USER_PASSWORD);
    Status status2 = UserCreationUtil.login();
    assertThat(status2, hasStatusCode(200));
  }
Пример #2
0
 @Test
 public void getExternalRoles() throws Exception {
   List<PlexusRoleResource> roles = roleUtil.getRoles("Simple");
   Assert.assertTrue(containsRole(roles, "role-123"), "Role not found");
   Assert.assertTrue(containsRole(roles, "role-abc"), "Role not found");
   Assert.assertTrue(containsRole(roles, "role-xyz"), "Role not found");
 }
  @Test
  @Category(SECURITY.class)
  public void deletePriv() throws Exception {
    RoleResource role = roleUtil.getRole(ROLE_ID);
    Assert.assertNotNull(role);
    MatcherAssert.assertThat(role.getPrivileges(), hasItems(PRIVS));
    privUtil.assertExists(PRIVS);

    // remove read
    Assert.assertTrue(privUtil.delete(READ_PRIV_ID).getStatus().isSuccess());
    role = roleUtil.getRole(ROLE_ID);
    MatcherAssert.assertThat(role.getPrivileges(), not(hasItems(READ_PRIV_ID)));
    MatcherAssert.assertThat(
        role.getPrivileges(), hasItems(CREATE_PRIV_ID, UPDATE_PRIV_ID, DELETE_PRIV_ID));

    // remove create
    Assert.assertTrue(privUtil.delete(CREATE_PRIV_ID).getStatus().isSuccess());
    role = roleUtil.getRole(ROLE_ID);
    MatcherAssert.assertThat(role.getPrivileges(), not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID)));
    MatcherAssert.assertThat(role.getPrivileges(), hasItems(UPDATE_PRIV_ID, DELETE_PRIV_ID));

    // remove update
    Assert.assertTrue(privUtil.delete(UPDATE_PRIV_ID).getStatus().isSuccess());
    role = roleUtil.getRole(ROLE_ID);
    MatcherAssert.assertThat(
        role.getPrivileges(), not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID, UPDATE_PRIV_ID)));
    MatcherAssert.assertThat(role.getPrivileges(), hasItems(DELETE_PRIV_ID));

    // remove delete
    Assert.assertTrue(privUtil.delete(DELETE_PRIV_ID).getStatus().isSuccess());
    role = roleUtil.getRole(ROLE_ID);
    MatcherAssert.assertThat(
        role.getPrivileges(),
        not(hasItems(READ_PRIV_ID, CREATE_PRIV_ID, UPDATE_PRIV_ID, DELETE_PRIV_ID)));
    Assert.assertTrue(role.getPrivileges().isEmpty());

    privUtil.assertNotExists(PRIVS);
  }