@Test public void shouldLoginAsAdmin() { final RestTestUser admin = AuthEndPointsHandler.loginAsAdmin(); boolean userIsAdmin = UserEndPointsHandler.isUserAdmin(admin.getUserId()); assertThat(userIsAdmin, is(Boolean.TRUE)); AdminCategoryEndPointsHandler.getItems(); }
@Test public void shouldLogin() { UserRegData anotherUserData = RandomUtils.randomUser(); UserDTO anotherUser = AuthEndPointsHandler.registerNewUser(anotherUserData); AuthResponse authResponse = AuthEndPointsHandler.login(anotherUserData.getLogin(), anotherUserData.getPassword()); boolean userIsAdmin = UserEndPointsHandler.isUserAdmin(AuthEndPointsHandler.readUserId(authResponse)); assertThat(userIsAdmin, is(Boolean.FALSE)); }
@Test public void shouldFailNonPublicResourcesGettingIfUnauthorized() { Response response = RequestHelper.doGet( UserRoutes.USER_GET, UserEndPointsHandler.getParams(123), HttpStatus.SC_UNAUTHORIZED); AuthResponse authResponse = response.as(AuthResponse.class); assertThat(authResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED)); assertThat( authResponse.getDetails().get(AuthResponse.ERROR), is(FULL_AUTHENTICATION_IS_REQUIRED_TO_ACCESS_THIS_RESOURCE)); }
@Test public void shouldGoThrough() { UserRegData anotherUserData = RandomUtils.randomUser(); UserDTO anotherUser = AuthEndPointsHandler.registerNewUser(anotherUserData); UserRegData userData = RandomUtils.randomUser(); // register new user UserDTO registeredUser = AuthEndPointsHandler.registerNewUser(userData); // registration of new user is not a authentication - non public resources are not available Response userDataResponse2 = RequestHelper.doGet( UserRoutes.USER_GET, Collections.singletonMap(RestTestConstants.USER_ID, registeredUser.getUserId()), HttpStatus.SC_UNAUTHORIZED); AuthResponse userDataResponse2AuthResponse = userDataResponse2.as(AuthResponse.class); assertThat( userDataResponse2AuthResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED)); // login as earlie registered user AuthResponse authResponse2 = AuthEndPointsHandler.login(userData.getLogin(), userData.getPassword()); // non public resources should be available now UserEditDTO ownData = UserEndPointsHandler.getUserEditData(registeredUser.getUserId()); Response anotherUserDataResponse = RequestHelper.doGet( UserRoutes.USER_GET, Collections.singletonMap(RestTestConstants.USER_ID, anotherUser.getUserId()), HttpStatus.SC_UNPROCESSABLE_ENTITY); Response nonExistingUserDataResponse = RequestHelper.doGet( UserRoutes.USER_GET, Collections.singletonMap(RestTestConstants.USER_ID, 1024), HttpStatus.SC_UNPROCESSABLE_ENTITY); // log out AuthResponse logoutAuthResponse = AuthEndPointsHandler.logout(); assertThat(logoutAuthResponse.getResponseCode(), is(HttpStatus.SC_OK)); // non public resources are not available again Response userDataResponse4 = RequestHelper.doGet( UserRoutes.USER_GET, Collections.singletonMap(RestTestConstants.USER_ID, registeredUser.getUserId()), HttpStatus.SC_UNAUTHORIZED); AuthResponse taskList4AuthResponse = userDataResponse4.as(AuthResponse.class); assertThat(taskList4AuthResponse.getDetails().get(AuthResponse.AUTH_RESULT), is(UNAUTHORIZED)); }