@Test
public void canUpdateApprovals() {
addApproval("marissa", "c1", "uaa.user", 6000, APPROVED);
addApproval("marissa", "c1", "uaa.admin", 12000, DENIED);
addApproval("marissa", "c1", "openid", 6000, APPROVED);
Approval[] app =
new Approval[] {
new Approval("marissa", "c1", "uaa.user", 2000, APPROVED),
new Approval("marissa", "c1", "dash.user", 2000, APPROVED),
new Approval("marissa", "c1", "openid", 2000, DENIED),
new Approval("marissa", "c1", "cloud_controller.read", 2000, APPROVED)
};
List<Approval> response = endpoints.updateApprovals(app);
assertEquals(4, response.size());
assertTrue(response.contains(new Approval("marissa", "c1", "uaa.user", 2000, APPROVED)));
assertTrue(response.contains(new Approval("marissa", "c1", "dash.user", 2000, APPROVED)));
assertTrue(response.contains(new Approval("marissa", "c1", "openid", 2000, DENIED)));
assertTrue(
response.contains(new Approval("marissa", "c1", "cloud_controller.read", 2000, APPROVED)));
List<Approval> updatedApprovals = endpoints.getApprovals("userName eq 'marissa'", 1, 100);
assertEquals(4, updatedApprovals.size());
assertTrue(
updatedApprovals.contains(new Approval("marissa", "c1", "dash.user", 2000, APPROVED)));
assertTrue(updatedApprovals.contains(new Approval("marissa", "c1", "openid", 2000, DENIED)));
assertTrue(
updatedApprovals.contains(
new Approval("marissa", "c1", "cloud_controller.read", 2000, APPROVED)));
assertTrue(
updatedApprovals.contains(new Approval("marissa", "c1", "uaa.user", 2000, APPROVED)));
}
@Test(expected = UaaException.class)
public void userCannotUpdateApprovalsForAnotherUser() {
addApproval("marissa", "c1", "uaa.user", 6000, APPROVED);
addApproval("marissa", "c1", "uaa.admin", 12000, DENIED);
addApproval("marissa", "c1", "openid", 6000, APPROVED);
endpoints.setSecurityContextAccessor(mockSecurityContextAccessor("vidya"));
endpoints.updateApprovals(
new Approval[] {new Approval("marissa", "c1", "uaa.user", 2000, APPROVED)});
}