BIS-166 Introducing system tests which tests authorization for AbstractServer.

SVN: 26525

BIS-166 Introducing system tests which tests authorization for AbstractServer.
515ee6c1 · felmer · 62a8456b · 515ee6c1 · 515ee6c1 · 515ee6c1
Commit 515ee6c1 authored 12 years ago by felmer
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/PersonManagementTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/authorization/PersonManagementTest.java
+/*
+ * Copyright 2012 ETH Zuerich, CISD
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package ch.systemsx.cisd.openbis.systemtest.authorization;
+
+import static org.testng.AssertJUnit.assertEquals;
+import static org.testng.AssertJUnit.fail;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.Set;
+import java.util.TreeSet;
+
+import org.apache.log4j.Level;
+import org.testng.annotations.AfterMethod;
+import org.testng.annotations.BeforeMethod;
+import org.testng.annotations.Test;
+
+import ch.systemsx.cisd.common.exceptions.AuthorizationFailureException;
+import ch.systemsx.cisd.common.logging.BufferedAppender;
+import ch.systemsx.cisd.openbis.generic.server.CommonServer;
+import ch.systemsx.cisd.openbis.generic.server.ETLService;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.Person;
+import ch.systemsx.cisd.openbis.generic.shared.basic.dto.RoleWithHierarchy;
+import ch.systemsx.cisd.openbis.generic.shared.dto.SessionContextDTO;
+import ch.systemsx.cisd.openbis.plugin.generic.server.GenericServer;
+import ch.systemsx.cisd.openbis.plugin.query.server.QueryServer;
+import ch.systemsx.cisd.openbis.systemtest.base.BaseTest;
+
+/**
+ * This test tests registering and deactivating a person. It also tests authorization of
+ * {@link CommonServer}, {@link ETLService}, {@link GenericServer}, and {@link QueryServer}.
+ * 
+ * @author Franz-Josef Elmer
+ */
+public class PersonManagementTest extends BaseTest
+{
+    private BufferedAppender logRecorder;
+
+    @BeforeMethod
+    public void setUpLogger()
+    {
+        logRecorder = new BufferedAppender("%-5p %c - %m%n", Level.INFO, "AUTH.CommonServer");
+    }
+
+    @AfterMethod
+    public void resetLogger()
+    {
+        logRecorder.reset();
+    }
+
+    @Test
+    public void testForCommonServerCountActivePersons()
+    {
+        String sessionToken = create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_ADMIN));
+
+        int numberOfActivePersons = commonServer.countActivePersons(sessionToken);
+
+        assertEquals(2, numberOfActivePersons);
+    }
+
+    @Test
+    public void testForETLServiceCountActivePersons()
+    {
+        String sessionToken = create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_ADMIN));
+
+        int numberOfActivePersons = etlService.countActivePersons(sessionToken);
+
+        assertEquals(2, numberOfActivePersons);
+    }
+
+    @Test
+    public void testForGenericServerCountActivePersons()
+    {
+        String sessionToken = create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_ADMIN));
+
+        int numberOfActivePersons = genericServer.countActivePersons(sessionToken);
+
+        assertEquals(2, numberOfActivePersons);
+    }
+
+    @Test
+    public void testForQueryServerCountActivePersons()
+    {
+        String sessionToken = create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_ADMIN));
+
+        int numberOfActivePersons = queryServer.countActivePersons(sessionToken);
+
+        assertEquals(2, numberOfActivePersons);
+    }
+
+    @Test(expectedExceptions =
+        { AuthorizationFailureException.class })
+    public void testForCommonServerCountActivePersonsFailedBecauseOfInsufficientAuthorization()
+    {
+        String sessionToken =
+                create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_OBSERVER));
+
+        commonServer.countActivePersons(sessionToken);
+    }
+
+    @Test(expectedExceptions =
+        { AuthorizationFailureException.class })
+    public void testForETLServiceCountActivePersonsFailedBecauseOfInsufficientAuthorization()
+    {
+        String sessionToken =
+                create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_OBSERVER));
+
+        etlService.countActivePersons(sessionToken);
+    }
+
+    @Test(expectedExceptions =
+        { AuthorizationFailureException.class })
+    public void testForGenericServerCountActivePersonsFailedBecauseOfInsufficientAuthorization()
+    {
+        String sessionToken =
+                create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_OBSERVER));
+
+        genericServer.countActivePersons(sessionToken);
+    }
+
+    @Test(expectedExceptions =
+        { AuthorizationFailureException.class })
+    public void testForQueryServerCountActivePersonsFailedBecauseOfInsufficientAuthorization()
+    {
+        String sessionToken =
+                create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_OBSERVER));
+
+        queryServer.countActivePersons(sessionToken);
+    }
+
+    @Test
+    public void testDeactivatePersons()
+    {
+        String sessionToken = create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_ADMIN));
+
+        commonServer.deactivatePersons(sessionToken, Arrays.asList("system"));
+
+        assertEquals(1, commonServer.countActivePersons(sessionToken));
+        SessionContextDTO session = commonServer.tryToAuthenticate("system", "password");
+        assertEquals(null, session);
+        assertEquals("INFO  AUTH.CommonServer - User 'system' has no role assignments "
+                + "and thus is not permitted to login.", logRecorder.getLogContent());
+    }
+
+    @Test
+    public void testRegisterPerson()
+    {
+        String sessionToken = create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_ADMIN));
+
+        commonServer.registerPerson(sessionToken, "einstein");
+
+        List<Person> persons = commonServer.listPersons(sessionToken);
+        assertPersonExists(persons, "einstein");
+    }
+
+    @Test(expectedExceptions =
+        { AuthorizationFailureException.class })
+    public void testRegisterPersonFailedBecauseOfInsufficientAuthorization()
+    {
+        String sessionToken =
+                create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_OBSERVER));
+
+        commonServer.registerPerson(sessionToken, "einstein");
+    }
+
+    @Test
+    public void testSetSessionUser()
+    {
+        String sessionToken = create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_ADMIN));
+        commonServer.registerPerson(sessionToken, "einstein");
+
+        commonServer.setSessionUser(sessionToken, "einstein");
+
+        try
+        {
+            commonServer.listPersons(sessionToken);
+            fail("AuthorizationFailureException expected");
+        } catch (AuthorizationFailureException ex)
+        {
+            assertEquals("Authorization failure: ERROR: \"No role assignments could be found "
+                    + "for user 'einstein'.\".", ex.getMessage());
+        }
+    }
+
+    @Test(expectedExceptions =
+        { AuthorizationFailureException.class })
+    public void testSetSessionUserFailedBecauseOfInsufficientAuthorization()
+    {
+        String sessionToken =
+                create(aSession().withInstanceRole(RoleWithHierarchy.INSTANCE_OBSERVER));
+
+        commonServer.setSessionUser(sessionToken, "system");
+    }
+
+    private void assertPersonExists(List<Person> persons, String userID)
+    {
+        Set<String> userIDs = new TreeSet<String>();
+        for (Person person : persons)
+        {
+            String userId = person.getUserId();
+            userIDs.add(userId);
+            if (userId.equals(userID))
+            {
+                return;
+            }
+        }
+        fail("Person '" + userID + "' does not exist: " + userIDs);
+    }
+}
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/BaseTest.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/BaseTest.java
@@ -55,6 +55,7 @@ import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SampleIdentifier;
 import ch.systemsx.cisd.openbis.generic.shared.dto.identifier.SpaceIdentifier;
 import ch.systemsx.cisd.openbis.plugin.generic.client.web.client.IGenericClientService;
 import ch.systemsx.cisd.openbis.plugin.generic.shared.IGenericServer;
+import ch.systemsx.cisd.openbis.plugin.query.shared.IQueryServer;
 import ch.systemsx.cisd.openbis.systemtest.base.auth.AndAuthorizationRule;
 import ch.systemsx.cisd.openbis.systemtest.base.auth.AuthorizationRule;
 import ch.systemsx.cisd.openbis.systemtest.base.auth.BasicAuthorizationRule;
@@ -101,6 +102,8 @@ public abstract class BaseTest extends AbstractTransactionalTestNGSpringContextT

    protected IGenericServer genericServer;

+    protected IQueryServer queryServer;
+
    protected ICommonClientService commonClientService;

    protected IGenericClientService genericClientService;
@@ -203,6 +206,13 @@ public abstract class BaseTest extends AbstractTransactionalTestNGSpringContextT
        this.genericServer = genericServer;
    }

+    @Autowired
+    @Test(enabled = false)
+    public final void setQueryServer(final IQueryServer queryServer)
+    {
+        this.queryServer = queryServer;
+    }
+
    @Autowired
    @Test(enabled = false)
    public final void setCommonClientService(final ICommonClientService commonClientService)
@@ -238,7 +248,7 @@ public abstract class BaseTest extends AbstractTransactionalTestNGSpringContextT
        this.sessionManager = sessionManager;
    }

-    protected static <T> T create(Builder<T> builder) throws Exception
+    protected static <T> T create(Builder<T> builder)
    {
        return builder.create();
    }

--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/Builder.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/Builder.java
@@ -37,5 +37,5 @@ public abstract class Builder<T>
        this.systemSession = commonServer.tryToAuthenticateAsSystem().getSessionToken();
    }

-    public abstract T create() throws Exception;
+    public abstract T create();
 }
--- a/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/ExperimentBuilder.java
+++ b/openbis/sourceTest/java/ch/systemsx/cisd/openbis/systemtest/base/builder/ExperimentBuilder.java
@@ -79,7 +79,7 @@ public class ExperimentBuilder extends Builder<Experiment>
    }

    @Override
-    public Experiment create() throws Exception
+    public Experiment create()
    {

        String experimentTypeCode = UUID.randomUUID().toString();
@@ -87,14 +87,13 @@ public class ExperimentBuilder extends Builder<Experiment>
        experimentType.setCode(experimentTypeCode);
        experimentType.setDatabaseInstance(this.project.getSpace().getInstance());
        experimentType.setDescription("description");
-        experimentType
-                .setExperimentTypePropertyTypes(new ArrayList<ExperimentTypePropertyType>());
+        experimentType.setExperimentTypePropertyTypes(new ArrayList<ExperimentTypePropertyType>());

        commonServer.registerExperimentType(systemSession, experimentType);

-        String experimentId = "/" + this.project.getSpace().getCode() + "/" +
-                this.project.getCode() + "/"
-                + this.code;
+        String experimentId =
+                "/" + this.project.getSpace().getCode() + "/" + this.project.getCode() + "/"
+                        + this.code;

        NewExperiment details = new NewExperiment(experimentId, experimentType.getCode());
        details.setAttachments(new ArrayList<NewAttachment>());
@@ -103,8 +102,7 @@ public class ExperimentBuilder extends Builder<Experiment>
        details.setProperties(new IEntityProperty[0]);
        details.setRegisterSamples(false);
        details.setSamples(this.samples);
-        genericServer.registerExperiment(this.session, details,
-                new ArrayList<NewAttachment>());
+        genericServer.registerExperiment(this.session, details, new ArrayList<NewAttachment>());

        return getExperiment(experimentId);
    }
@@ -112,8 +110,7 @@ public class ExperimentBuilder extends Builder<Experiment>
    private Experiment getExperiment(String experimentId)
    {
        String[] codes = experimentId.split("/");
-        return commonServer.getExperimentInfo(systemSession, new ExperimentIdentifier(
-                "CISD",
+        return commonServer.getExperimentInfo(systemSession, new ExperimentIdentifier("CISD",
                codes[1], codes[2], codes[3]));
    }