@Test
public void testNoOneCanLoginWithNullPassword() throws Exception {
Experimenter e = createNewUser(rootAdmin);
nullPasswordEntry(e);
assertCannotLogin(e.getOmeName(), "bob");
assertCannotLogin(e.getOmeName(), "");
assertCannotLogin(e.getOmeName(), "ome");
resetPasswordTo_ome(e);
assertCannotLogin(e.getOmeName(), "bob");
assertCannotLogin(e.getOmeName(), "");
assertCanLogin(e.getOmeName(), "ome");
// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nullPasswordEntry(sudo);
assertCannotLogin(sudo_name, "bob");
assertCannotLogin(sudo_name, "");
assertCannotLogin(sudo_name, "ome");
resetPasswordTo_ome(sudo);
assertCannotLogin(sudo_name, "bob");
assertCannotLogin(sudo_name, "");
assertCanLogin(sudo_name, "ome");
}
@Test
public void testUserCanChangeOwnPassword() throws Exception {
Experimenter e = createNewUser(rootAdmin);
resetPasswordTo_ome(e);
assertCanLogin(e.getOmeName(), "ome");
ServiceFactory userServices = new ServiceFactory(new Login(e.getOmeName(), "ome"));
userServices.getAdminService().changePassword("test");
assertCanLogin(e.getOmeName(), "test");
assertCannotLogin(e.getOmeName(), "ome");
}
@Test
public void testAnyOneCanLoginWithEmptyPassword() throws Exception {
Experimenter e = createNewUser(rootAdmin);
setPasswordtoEmptyString(e);
assertCanLogin(e.getOmeName(), "bob");
assertCanLogin(e.getOmeName(), "");
assertCanLogin(e.getOmeName(), "ome");
new ServiceFactory(new Login(e.getOmeName(), "blah")).getAdminService().changePassword("ome");
assertCannotLogin(e.getOmeName(), "bob");
assertCannotLogin(e.getOmeName(), "");
assertCanLogin(e.getOmeName(), "ome");
// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
setPasswordtoEmptyString(sudo);
assertCanLogin(sudo_name, "bob");
assertCanLogin(sudo_name, "");
assertCanLogin(sudo_name, "ome");
getSudoAdmin("blah").changePassword("ome");
assertCannotLogin(sudo_name, "bob");
assertCannotLogin(sudo_name, "");
assertCanLogin(sudo_name, "ome");
}
@Test
public void testSudoCanChangeOthersPassword() throws Exception {
Experimenter e = createNewUser(rootAdmin);
resetPasswordTo_ome(e);
assertCanLogin(e.getOmeName(), "ome");
getSudoAdmin("ome").changeUserPassword(e.getOmeName(), "foo");
assertCanLogin(e.getOmeName(), "foo");
assertCannotLogin(e.getOmeName(), "bar");
assertCannotLogin(e.getOmeName(), "");
getSudoAdmin("ome").changeUserPassword(e.getOmeName(), "");
assertCanLogin(e.getOmeName(), "");
assertCanLogin(e.getOmeName(), "NOTCORRECT");
}
@Test(expectedExceptions = SecurityViolation.class)
public void testUserCantChangeOthersPassword() throws Exception {
Experimenter e = createNewUser(getSudoAdmin("ome"));
resetPasswordTo_ome(e);
assertCanLogin(e.getOmeName(), "ome");
Experimenter target = createNewUser(getSudoAdmin("ome"));
resetPasswordTo_ome(target);
assertCanLogin(target.getOmeName(), "ome");
ServiceFactory userServices = new ServiceFactory(new Login(e.getOmeName(), "ome"));
userServices.getAdminService().changeUserPassword(target.getOmeName(), "test");
}
protected void assertDiscover(Fixture fixture, Map<String, List<String>> users) {
for (String user : users.keySet()) {
Experimenter experimenter = fixture.findExperimenter(user);
assertNotNull(experimenter);
fixture.setDN(experimenter.getId(), null);
List<Experimenter> discoveredExperimenters = fixture.discover();
if (!discoveredExperimenters.isEmpty()) {
boolean discovered = false;
for (Experimenter e : discoveredExperimenters) {
if (experimenter.getId().equals(e.getId())) {
discovered = true;
break;
}
}
assertTrue(discovered);
}
fixture.setDN(experimenter.getId(), "dn");
}
}