示例#1
0
  @Test
  public void testModifyPassword() throws Exception {
    String name = "createUser" + r.nextInt();
    String password = "******";
    UserWrapper user = UserHelper.addUser(name, password, true);

    // check user can connect
    BiobankApplicationService newUserAppService = AllTestsSuite.connect(name, password);
    String newPwd = "new123";
    // search the user again otherwise the appService will still try with
    // testuser
    user = UserWrapper.getUser(newUserAppService, name);
    user.modifyPassword(password, newPwd, null);

    // check user can't connect with old password
    try {
      AllTestsSuite.connect(name, password);
      Assert.fail("Should not be able to connect with the old password anymore");
    } catch (ApplicationException ae) {
      Assert.assertTrue(
          "Should failed because of authentication",
          ae.getMessage().contains("Error authenticating user"));
    }
    // check user can't connect with new password
    AllTestsSuite.connect(name, newPwd);
  }
示例#2
0
  @Test
  public void testCreateUser() throws BiobankCheckException, Exception {
    String name = "createUser" + r.nextInt();
    String password = "******";
    UserWrapper user = UserHelper.addUser(name, password, true);

    // check biobank user
    User dbUser = ModelUtils.getObjectWithId(appService, User.class, user.getId());
    Assert.assertNotNull(dbUser);
    Assert.assertEquals(name, dbUser.getLogin());
    Assert.assertNotNull(dbUser.getCsmUserId());

    // check csm user
    UserProvisioningManager upm =
        SecurityServiceProvider.getUserProvisioningManager(
            BiobankCSMSecurityUtil.APPLICATION_CONTEXT_NAME);

    gov.nih.nci.security.authorization.domainobjects.User csmUser = upm.getUser(name);
    Assert.assertNotNull(csmUser);
    Assert.assertNotNull(csmUser.getPassword());
    Assert.assertFalse(csmUser.getPassword().isEmpty());

    // check user can connect
    BiobankApplicationService newUserAppService = AllTestsSuite.connect(name, password);
    // check user can access a biobank object using the new appService
    try {
      newUserAppService.search(Site.class, new Site());
    } catch (AccessDeniedException ade) {
      Assert.fail("User should be able to access any object");
    }
  }