/** Dedicated permissions and paging tests */ @Test public void testListingPermissionsAndPaging() throws Exception { PagingResults<String> systems = null; PagingResults<? extends BaseCredentialsInfo> creds = null; // Run as a test user AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_ONE); // Initially both should be empty empty systems = REMOTE_CREDENTIALS_SERVICE.listPersonRemoteSystems(new PagingRequest(10)); assertEquals( "No systems should be found, got " + systems.getPage(), 0, systems.getPage().size()); systems = REMOTE_CREDENTIALS_SERVICE.listSharedRemoteSystems(new PagingRequest(10)); assertEquals( "No systems should be found, got " + systems.getPage(), 0, systems.getPage().size()); // Create some credentials as the first user, for systems One and Two PasswordCredentialsInfoImpl pwCred = new PasswordCredentialsInfoImpl(); pwCred.setRemoteUsername(TEST_REMOTE_USERNAME_ONE); REMOTE_CREDENTIALS_SERVICE.createSharedCredentials(TEST_REMOTE_SYSTEM_ONE, pwCred); pwCred = new PasswordCredentialsInfoImpl(); pwCred.setRemoteUsername(TEST_REMOTE_USERNAME_TWO); REMOTE_CREDENTIALS_SERVICE.createSharedCredentials(TEST_REMOTE_SYSTEM_ONE, pwCred); pwCred = new PasswordCredentialsInfoImpl(); pwCred.setRemoteUsername(TEST_REMOTE_USERNAME_TWO); REMOTE_CREDENTIALS_SERVICE.createSharedCredentials(TEST_REMOTE_SYSTEM_TWO, pwCred); pwCred = new PasswordCredentialsInfoImpl(); pwCred.setRemoteUsername(TEST_REMOTE_USERNAME_TWO); REMOTE_CREDENTIALS_SERVICE.createPersonCredentials(TEST_REMOTE_SYSTEM_TWO, pwCred); // Switch to the second user, create some credentials on Two and Three AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_TWO); pwCred = new PasswordCredentialsInfoImpl(); pwCred.setRemoteUsername(TEST_REMOTE_USERNAME_TWO); REMOTE_CREDENTIALS_SERVICE.createSharedCredentials(TEST_REMOTE_SYSTEM_TWO, pwCred); pwCred = new PasswordCredentialsInfoImpl(); pwCred.setRemoteUsername(TEST_REMOTE_USERNAME_THREE); REMOTE_CREDENTIALS_SERVICE.createSharedCredentials(TEST_REMOTE_SYSTEM_THREE, pwCred); pwCred = new PasswordCredentialsInfoImpl(); pwCred.setRemoteUsername(TEST_REMOTE_USERNAME_THREE); REMOTE_CREDENTIALS_SERVICE.createPersonCredentials(TEST_REMOTE_SYSTEM_THREE, pwCred); // Check the listings of remote systems for each user AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_ONE); systems = REMOTE_CREDENTIALS_SERVICE.listPersonRemoteSystems(new PagingRequest(10)); assertEquals(1, systems.getPage().size()); assertEquals(TEST_REMOTE_SYSTEM_TWO, systems.getPage().get(0)); AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_TWO); systems = REMOTE_CREDENTIALS_SERVICE.listPersonRemoteSystems(new PagingRequest(10)); assertEquals(1, systems.getPage().size()); assertEquals(TEST_REMOTE_SYSTEM_THREE, systems.getPage().get(0)); // Check the listings of remote systems that are shared - shouldn't matter which user AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_ONE); systems = REMOTE_CREDENTIALS_SERVICE.listSharedRemoteSystems(new PagingRequest(10)); assertEquals(3, systems.getPage().size()); AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_TWO); systems = REMOTE_CREDENTIALS_SERVICE.listSharedRemoteSystems(new PagingRequest(10)); assertEquals(3, systems.getPage().size()); // Check the listings of the credentials by user AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_ONE); creds = REMOTE_CREDENTIALS_SERVICE.listPersonCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(0, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listPersonCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); assertEquals(TEST_REMOTE_SYSTEM_TWO, creds.getPage().get(0).getRemoteSystemName()); creds = REMOTE_CREDENTIALS_SERVICE.listPersonCredentials( TEST_REMOTE_SYSTEM_THREE, null, new PagingRequest(10)); assertEquals(0, creds.getPage().size()); AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_TWO); creds = REMOTE_CREDENTIALS_SERVICE.listPersonCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(0, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listPersonCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(10)); assertEquals(0, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listPersonCredentials( TEST_REMOTE_SYSTEM_THREE, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); assertEquals(TEST_REMOTE_SYSTEM_THREE, creds.getPage().get(0).getRemoteSystemName()); // Check the shared listing of credentials, same for both users AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_ONE); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_THREE, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_TWO); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_THREE, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); // Check the paging of remote systems systems = REMOTE_CREDENTIALS_SERVICE.listSharedRemoteSystems(new PagingRequest(10)); assertEquals(3, systems.getPage().size()); assertEquals(false, systems.hasMoreItems()); assertEquals(3, systems.getTotalResultCount().getFirst().intValue()); systems = REMOTE_CREDENTIALS_SERVICE.listSharedRemoteSystems(new PagingRequest(1)); assertEquals(1, systems.getPage().size()); assertEquals(true, systems.hasMoreItems()); assertEquals(3, systems.getTotalResultCount().getFirst().intValue()); systems = REMOTE_CREDENTIALS_SERVICE.listSharedRemoteSystems(new PagingRequest(1, 2)); assertEquals(2, systems.getPage().size()); assertEquals(false, systems.hasMoreItems()); assertEquals(3, systems.getTotalResultCount().getFirst().intValue()); systems = REMOTE_CREDENTIALS_SERVICE.listSharedRemoteSystems(new PagingRequest(2, 2)); assertEquals(1, systems.getPage().size()); assertEquals(false, systems.hasMoreItems()); assertEquals(3, systems.getTotalResultCount().getFirst().intValue()); // Check the paging of credentials creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); assertEquals(false, creds.hasMoreItems()); assertEquals(2, creds.getTotalResultCount().getFirst().intValue()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(1)); assertEquals(1, creds.getPage().size()); assertEquals(true, creds.hasMoreItems()); assertEquals(2, creds.getTotalResultCount().getFirst().intValue()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(1, 1)); assertEquals(1, creds.getPage().size()); assertEquals(false, creds.hasMoreItems()); assertEquals(2, creds.getTotalResultCount().getFirst().intValue()); // Tweak shared permissions AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_TWO); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_THREE, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); // Systems One and Two were created by users one creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(1)); NodeRef sharedS1 = creds.getPage().get(0).getRemoteSystemContainerNodeRef(); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(1)); NodeRef sharedS2 = creds.getPage().get(0).getRemoteSystemContainerNodeRef(); AuthenticationUtil.setFullyAuthenticatedUser(ADMIN_USER); PERMISSION_SERVICE.setInheritParentPermissions(sharedS1, false); PERMISSION_SERVICE.setInheritParentPermissions(sharedS2, false); // Should then only be able to see Three, the one they created AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_TWO); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(0, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(10)); assertEquals(0, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_THREE, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); // User One won't be able to see User Two's shared credentials under S2 under the new // permissions // They can still see their own credentials for S1 and S2, plus all in S3 (permissions // unchanged) AuthenticationUtil.setFullyAuthenticatedUser(TEST_USER_ONE); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_ONE, null, new PagingRequest(10)); assertEquals(2, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_TWO, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); creds = REMOTE_CREDENTIALS_SERVICE.listSharedCredentials( TEST_REMOTE_SYSTEM_THREE, null, new PagingRequest(10)); assertEquals(1, creds.getPage().size()); }