SSDM-5019 : Project Authorization - Step 1.1 (cover project with automated tests)

SVN: 38035

SSDM-5019 : Project Authorization - Step 1.1 (cover project with automated tests)
4a58eb6e · pkupczyk · 4f3b6778 · 4a58eb6e · 4a58eb6e · 4a58eb6e
Commit 4a58eb6e authored 7 years ago by pkupczyk
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationTestCase.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/AuthorizationTestCase.java
@@ -104,6 +104,26 @@ public class AuthorizationTestCase extends AssertJUnit
        return new RoleWithIdentifier(RoleLevel.INSTANCE, roleCode, null);
    }

+    protected RoleAssignmentPE createSpaceRoleAssignment(RoleCode roleCode, String spaceCode)
+    {
+        SpacePE space = new SpacePE();
+        space.setCode(spaceCode);
+
+        RoleAssignmentPE assignment = new RoleAssignmentPE();
+        assignment.setRole(roleCode);
+        assignment.setSpace(space);
+
+        return assignment;
+    }
+
+    protected RoleAssignmentPE createInstanceRoleAssignment(RoleCode roleCode)
+    {
+        RoleAssignmentPE assignment = new RoleAssignmentPE();
+        assignment.setRole(roleCode);
+
+        return assignment;
+    }
+
    /**
     * Creates a person. Only userId and databaseInstance are definied.
     */
@@ -176,6 +196,13 @@ public class AuthorizationTestCase extends AssertJUnit
        return person;
    }

+    protected PersonPE createPersonWithRoleAssignments(RoleAssignmentPE... assignments)
+    {
+        PersonPE person = createPerson();
+        person.setRoleAssignments(new HashSet<RoleAssignmentPE>(Arrays.asList(assignments)));
+        return person;
+    }
+
    /**
     * Assigns two {@link RoleAssignmentPE} instances to specified person. One ADMIN role for database instance {@link #INSTANCE_CODE} and a USER role
     * for the group {@link #createAnotherSpace()}.

--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidatorTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectByIdentiferValidatorTest.java
+/*
+ * Copyright 2017 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
+
+import org.testng.annotations.Test;
+
+import ch.systemsx.cisd.openbis.generic.server.authorization.AuthorizationTestCase;
+import ch.systemsx.cisd.openbis.generic.shared.api.v1.dto.Project;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
+import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
+
+/**
+ * @author pkupczyk
+ */
+public class ProjectByIdentiferValidatorTest extends AuthorizationTestCase
+{
+
+    private static final Project SPACE_PROJECT = new Project(SPACE_CODE, "PROJECT");
+
+    @Test(expectedExceptions = AssertionError.class, expectedExceptionsMessageRegExp = "Unspecified value")
+    public void testWithNull()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createInstanceRoleAssignment(RoleCode.ADMIN));
+        assertFalse(validate(person, null));
+    }
+
+    @Test
+    public void testWithNoAllowedRoles()
+    {
+        PersonPE person = createPerson();
+        assertFalse(validate(person, SPACE_PROJECT));
+    }
+
+    @Test
+    public void testWithMultipleAllowedRoles()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE),
+                createSpaceRoleAssignment(RoleCode.ADMIN, SPACE_CODE));
+        assertTrue(validate(person, SPACE_PROJECT));
+    }
+
+    @Test
+    public void testWithInstanceUser()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createInstanceRoleAssignment(RoleCode.ADMIN));
+        assertTrue(validate(person, SPACE_PROJECT));
+    }
+
+    @Test
+    public void testWithMatchingSpaceUser()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, SPACE_CODE));
+        assertTrue(validate(person, SPACE_PROJECT));
+    }
+
+    @Test
+    public void testWithNonMatchingSpaceUser()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE));
+        assertFalse(validate(person, SPACE_PROJECT));
+    }
+
+    private boolean validate(PersonPE person, Project project)
+    {
+        ProjectByIdentiferValidator validator = new ProjectByIdentiferValidator();
+        validator.init(provider);
+        return validator.isValid(person, project);
+    }
+
+}
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidatorTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/ProjectValidatorTest.java
@@ -19,29 +19,74 @@ package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
 import org.testng.annotations.Test;

 import ch.systemsx.cisd.openbis.generic.server.authorization.AuthorizationTestCase;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Project;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy.RoleCode;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Space;
 import ch.systemsx.cisd.openbis.generic.shared.dto.PersonPE;
-import ch.systemsx.cisd.openbis.generic.shared.translator.ProjectTranslator;

 /**
 * @author Franz-Josef Elmer
 */
 public class ProjectValidatorTest extends AuthorizationTestCase
 {
+
+    private static final Project SPACE_PROJECT = new Project();
+
+    static
+    {
+        Space space = new Space();
+        space.setCode(SPACE_CODE);
+        SPACE_PROJECT.setSpace(space);
+    }
+
+    @Test(expectedExceptions = AssertionError.class, expectedExceptionsMessageRegExp = "Unspecified value")
+    public void testWithNull()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createInstanceRoleAssignment(RoleCode.ADMIN));
+        assertFalse(validate(person, null));
+    }
+
    @Test
-    public void testIsValidWithProjectInTheRightGroup()
+    public void testWithNoAllowedRoles()
    {
-        ProjectValidator validator = new ProjectValidator();
-        PersonPE person = createPersonWithRoleAssignments();
-        assertEquals(true, validator.isValid(person, ProjectTranslator
-                .translate(createProject(createAnotherSpace()))));
+        PersonPE person = createPerson();
+        assertFalse(validate(person, SPACE_PROJECT));
+    }
+
+    @Test
+    public void testWithMultipleAllowedRoles()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE),
+                createSpaceRoleAssignment(RoleCode.ADMIN, SPACE_CODE));
+        assertTrue(validate(person, SPACE_PROJECT));
    }

    @Test
-    public void testIsValidWithProjectInTheRightDatabaseInstance()
+    public void testWithInstanceUser()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createInstanceRoleAssignment(RoleCode.ADMIN));
+        assertTrue(validate(person, SPACE_PROJECT));
+    }
+
+    @Test
+    public void testWithMatchingSpaceUser()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, SPACE_CODE));
+        assertTrue(validate(person, SPACE_PROJECT));
+    }
+
+    @Test
+    public void testWithNonMatchingSpaceUser()
+    {
+        PersonPE person = createPersonWithRoleAssignments(createSpaceRoleAssignment(RoleCode.ADMIN, ANOTHER_SPACE_CODE));
+        assertFalse(validate(person, SPACE_PROJECT));
+    }
+
+    private boolean validate(PersonPE person, Project project)
    {
        ProjectValidator validator = new ProjectValidator();
-        PersonPE person = createPersonWithRoleAssignments();
-        assertEquals(true, validator.isValid(person, ProjectTranslator
-                .translate(createProject(createSpace()))));
+        validator.init(provider);
+        return validator.isValid(person, project);
    }
+
 }