// Test fix to http://issues.appfuse.org/browse/APF-96
  public void testUpdateUserWithUserRole() throws Exception {
    UserManager userManager = makeInterceptedTarget();
    User user = new User("user");
    user.setId(1L);
    user.getRoles().add(new Role(Constants.USER_ROLE));

    userDao.expects(once()).method("saveUser");
    userManager.saveUser(user);
  }
  // Test fix to http://issues.appfuse.org/browse/APF-96
  public void testChangeToAdminRoleFromUserRole() throws Exception {
    UserManager userManager = makeInterceptedTarget();
    User user = new User("user");
    user.setId(1L);
    user.getRoles().add(new Role(Constants.ADMIN_ROLE));

    try {
      userManager.saveUser(user);
      fail("AccessDeniedException not thrown");
    } catch (AccessDeniedException expected) {
      assertNotNull(expected);
      assertEquals(expected.getMessage(), UserSecurityAdvice.ACCESS_DENIED);
    }
  }
  // Test fix to http://issues.appfuse.org/browse/APF-96
  public void testAddUserRoleWhenHasAdminRole() throws Exception {
    SecurityContext context = new SecurityContextImpl();
    User user1 = new User("user");
    user1.setId(1L);
    user1.setPassword("password");
    user1.addRole(new Role(Constants.ADMIN_ROLE));
    UsernamePasswordAuthenticationToken token =
        new UsernamePasswordAuthenticationToken(
            user1.getUsername(), user1.getPassword(), user1.getAuthorities());
    token.setDetails(user1);
    context.setAuthentication(token);
    SecurityContextHolder.setContext(context);

    UserManager userManager = makeInterceptedTarget();
    User user = new User("user");
    user.setId(1L);
    user.getRoles().add(new Role(Constants.ADMIN_ROLE));
    user.getRoles().add(new Role(Constants.USER_ROLE));

    userDao.expects(once()).method("saveUser");
    userManager.saveUser(user);
  }