@Test public void anonymous_should_be_authorized() { setupData("anonymous_should_be_authorized"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); Set<String> componentIds = authorization.keepAuthorizedComponentKeys( Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT, EMPTY_PROJECT), null, "user"); assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE, EMPTY_PROJECT); // group does not have the role "admin" componentIds = authorization.keepAuthorizedComponentKeys( Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT), null, "admin"); assertThat(componentIds).isEmpty(); }
@Test public void group_should_have_global_authorization() { // user is in a group that has authorized access to all projects setupData("group_should_have_global_authorization"); AuthorizationDao authorization = new AuthorizationDao(getMyBatis()); Set<String> componentIds = authorization.keepAuthorizedComponentKeys( Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT, EMPTY_PROJECT), USER, "user"); assertThat(componentIds).containsOnly(PROJECT, PACKAGE, FILE, EMPTY_PROJECT); // group does not have the role "admin" componentIds = authorization.keepAuthorizedComponentKeys( Sets.<String>newHashSet(PROJECT, PACKAGE, FILE, FILE_IN_OTHER_PROJECT, EMPTY_PROJECT), USER, "admin"); assertThat(componentIds).isEmpty(); }