Skip to content
Snippets Groups Projects
Commit f99d4a67 authored by felmer's avatar felmer
Browse files

LMS-478 Authorization framework moved from 'lims' to 'openbis'. 

SVN: 8341
parent 5648129b
No related branches found
Tags 0.2.1
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 807 additions and 0 deletions
openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/DatabaseInstanceIdentifierPredicateTest.java 0 → 100644
+ 250
0
View file @ f99d4a67
/*
* Copyright 2008 ETH Zuerich, CISD
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
import static org.testng.AssertJUnit.assertEquals;
import static org.testng.AssertJUnit.assertFalse;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import ch.systemsx.cisd.common.exceptions.Status;
import ch.systemsx.cisd.common.exceptions.StatusFlag;
import ch.systemsx.cisd.common.exceptions.UserFailureException;
import ch.systemsx.cisd.lims.base.dto.DatabaseInstancePE;
import ch.systemsx.cisd.lims.base.dto.PersonPE;
import ch.systemsx.cisd.lims.base.identifier.DatabaseInstanceIdentifier;
import ch.systemsx.cisd.lims.base.identifier.GroupIdentifier;
import ch.systemsx.cisd.lims.base.role.RoleCode;
import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifier;
import ch.systemsx.cisd.openbis.generic.server.authorization.RoleWithIdentifierTest;
import ch.systemsx.cisd.openbis.generic.server.dataaccess.IAuthorizationDAOFactory;
import ch.systemsx.cisd.openbis.generic.server.dataaccess.IDatabaseInstanceDAO;
/**
* Test cases for corresponding {@link DatabaseInstanceIdentifierPredicate} class.
*
* @author Christian Ribeaud
*/
public final class DatabaseInstanceIdentifierPredicateTest
{
static final long INSTANCE_ID = 11L;
static final long ANOTHER_INSTANCE_ID = 12L;
static final String INSTANCE_CODE = "DB1";
static final String ANOTHER_INSTANCE_CODE = "DB2";
private Mockery context;
private IAuthorizationDAOFactory daoFactory;
private IDatabaseInstanceDAO databaseInstanceDAO;
final static DatabaseInstancePE createDatabaseInstance()
{
return createDatabaseInstance(INSTANCE_CODE, INSTANCE_ID);
}
final static DatabaseInstancePE createAnotherDatabaseInstance()
{
return createDatabaseInstance(ANOTHER_INSTANCE_CODE, ANOTHER_INSTANCE_ID);
}
final static DatabaseInstancePE createDatabaseInstance(String code, Long id)
{
final DatabaseInstancePE databaseInstance = new DatabaseInstancePE();
databaseInstance.setCode(code);
databaseInstance.setUuid("global_" + code);
databaseInstance.setId(id);
return databaseInstance;
}
final static PersonPE createPerson()
{
final PersonPE personPE = new PersonPE();
personPE.setUserId("megapixel");
personPE.setDatabaseInstance(createDatabaseInstance());
return personPE;
}
final static List<RoleWithIdentifier> createAllowedRoles(final boolean withInstanceRole)
{
final List<RoleWithIdentifier> list = new ArrayList<RoleWithIdentifier>();
final RoleWithIdentifier groupRole =
RoleWithIdentifierTest.createGroupRole(RoleCode.USER, new GroupIdentifier(
INSTANCE_CODE, GroupIdentifierPredicateTest.GROUP_CODE));
list.add(groupRole);
if (withInstanceRole)
{
final RoleWithIdentifier databaseInstanceRole =
RoleWithIdentifierTest.createInstanceRole(RoleCode.USER,
new DatabaseInstanceIdentifier(ANOTHER_INSTANCE_CODE));
list.add(databaseInstanceRole);
}
return list;
}
private final void preparePredicateInit(final DatabaseInstancePE databaseInstance,
final boolean accessHomeGroup)
{
context.checking(new Expectations()
{
{
one(daoFactory).getDatabaseInstancesDAO();
will(returnValue(databaseInstanceDAO));
one(databaseInstanceDAO).listDatabaseInstances();
if (databaseInstance == null)
{
will(returnValue(Collections.EMPTY_LIST));
} else
{
will(returnValue(Arrays.asList(databaseInstance)));
}
if (accessHomeGroup)
{
one(daoFactory).getHomeDatabaseInstance();
will(returnValue(createAnotherDatabaseInstance()));
}
}
});
}
@BeforeMethod
public void setUp()
{
context = new Mockery();
daoFactory = context.mock(IAuthorizationDAOFactory.class);
databaseInstanceDAO = context.mock(IDatabaseInstanceDAO.class);
}
@AfterMethod
public void tearDown()
{
// To following line of code should also be called at the end of each test method.
// Otherwise one do not known which test failed.
context.assertIsSatisfied();
}
@Test
public final void testDoEvaluationWithoutDAOFactory()
{
final DatabaseInstanceIdentifierPredicate predicate = createInstancePredicate();
boolean fail = true;
try
{
predicate.doEvaluation(createPerson(), createAllowedRoles(false),
DatabaseInstanceIdentifier.createHome());
} catch (final AssertionError e)
{
fail = false;
}
assertFalse(fail);
context.assertIsSatisfied();
}
@Test
public final void testSuccessfulEvaluation()
{
final DatabaseInstanceIdentifierPredicate predicate = createInstancePredicate();
final DatabaseInstancePE databaseInstance = createAnotherDatabaseInstance();
preparePredicateInit(databaseInstance, false);
predicate.init(daoFactory);
final Status evaluation =
predicate.doEvaluation(createPerson(), createAllowedRoles(true),
new DatabaseInstanceIdentifier(ANOTHER_INSTANCE_CODE));
assertEquals(Status.OK, evaluation);
context.assertIsSatisfied();
}
@Test
public final void testFailedEvaluation()
{
final DatabaseInstanceIdentifierPredicate predicate = createInstancePredicate();
final DatabaseInstancePE databaseInstance = createAnotherDatabaseInstance();
preparePredicateInit(databaseInstance, false);
predicate.init(daoFactory);
final PersonPE person = createPerson();
final Status evaluation =
predicate.doEvaluation(person, createAllowedRoles(false),
new DatabaseInstanceIdentifier(ANOTHER_INSTANCE_CODE));
assertEquals(StatusFlag.ERROR, evaluation.getFlag());
assertEquals(
"User 'megapixel' does not have enough privileges to read from database instance 'DB2'.",
evaluation.tryGetErrorMessage());
context.assertIsSatisfied();
}
@Test
public final void testSuccessfulEvaluationWithHomeDatabaseInstance()
{
final DatabaseInstanceIdentifierPredicate predicate = createInstancePredicate();
final DatabaseInstancePE databaseInstance = createAnotherDatabaseInstance();
preparePredicateInit(databaseInstance, true);
predicate.init(daoFactory);
final PersonPE person = createPerson();
final Status evaluation =
predicate.doEvaluation(person, createAllowedRoles(true), DatabaseInstanceIdentifier
.createHome());
assertEquals(Status.OK, evaluation);
context.assertIsSatisfied();
}
@Test(expectedExceptions = UserFailureException.class)
public final void testExceptionBecauseInstanceDoesNotExist()
{
final DatabaseInstanceIdentifierPredicate predicate = createInstancePredicate();
preparePredicateInit(null, false);
predicate.init(daoFactory);
predicate.doEvaluation(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
new DatabaseInstanceIdentifier(
DatabaseInstanceIdentifierPredicateTest.INSTANCE_CODE));
context.assertIsSatisfied();
}
@Test
public final void testWithGroupIdentifier()
{
final DatabaseInstanceIdentifierPredicate predicate = createInstancePredicate();
final DatabaseInstancePE databaseInstance = createDatabaseInstance();
preparePredicateInit(databaseInstance, false);
predicate.init(daoFactory);
final PersonPE person = createPerson();
final Status evaluation =
predicate.doEvaluation(person, createAllowedRoles(false), new GroupIdentifier(
new DatabaseInstanceIdentifier(databaseInstance.getCode()),
GroupIdentifierPredicateTest.GROUP_CODE));
assertEquals(Status.OK, evaluation);
context.assertIsSatisfied();
}
private DatabaseInstanceIdentifierPredicate createInstancePredicate()
{
return new DatabaseInstanceIdentifierPredicate(true);
}
}
openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/GroupIdentifierPredicateTest.java 0 → 100644
+ 330
0
View file @ f99d4a67
/*
* Copyright 2008 ETH Zuerich, CISD
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
import static org.testng.AssertJUnit.assertEquals;
import static org.testng.AssertJUnit.assertFalse;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import ch.systemsx.cisd.common.exceptions.Status;
import ch.systemsx.cisd.common.exceptions.StatusFlag;
import ch.systemsx.cisd.common.exceptions.UserFailureException;
import ch.systemsx.cisd.lims.base.dto.DatabaseInstancePE;
import ch.systemsx.cisd.lims.base.dto.GroupPE;
import ch.systemsx.cisd.lims.base.dto.PersonPE;
import ch.systemsx.cisd.lims.base.identifier.GroupIdentifier;
import ch.systemsx.cisd.openbis.generic.server.dataaccess.IAuthorizationDAOFactory;
import ch.systemsx.cisd.openbis.generic.server.dataaccess.IDatabaseInstanceDAO;
import ch.systemsx.cisd.openbis.generic.server.dataaccess.IGroupDAO;
/**
* Test cases for corresponding {@link GroupIdentifierPredicate} class.
*
* @author Christian Ribeaud
*/
public final class GroupIdentifierPredicateTest
{
static final String GROUP_CODE = "G1";
static final String ANOTHER_GROUP_CODE = "G2";
static final Long GROUP_ID = 87L;
static final Long ANOTHER_GROUP_ID = 88L;
private Mockery context;
private IAuthorizationDAOFactory daoFactory;
private IDatabaseInstanceDAO databaseInstanceDAO;
private IGroupDAO groupDAO;
static final List<GroupPE> createGroups()
{
final List<GroupPE> groups = new ArrayList<GroupPE>();
groups.add(createGroup());
groups.add(createAnotherGroup());
return groups;
}
static final GroupPE createGroup(final String groupCode, final Long id,
final DatabaseInstancePE databaseInstancePE)
{
final GroupPE group = new GroupPE();
group.setCode(groupCode);
group.setId(id);
group.setDatabaseInstance(databaseInstancePE);
return group;
}
static final GroupPE createAnotherGroup()
{
return createGroup(ANOTHER_GROUP_CODE, ANOTHER_GROUP_ID,
DatabaseInstanceIdentifierPredicateTest.createAnotherDatabaseInstance());
}
static final GroupPE createGroup()
{
return createGroup(GROUP_CODE, GROUP_ID, DatabaseInstanceIdentifierPredicateTest
.createDatabaseInstance());
}
@BeforeMethod
public void setUp()
{
context = new Mockery();
daoFactory = context.mock(IAuthorizationDAOFactory.class);
databaseInstanceDAO = context.mock(IDatabaseInstanceDAO.class);
groupDAO = context.mock(IGroupDAO.class);
}
@AfterMethod
public void tearDown()
{
// To following line of code should also be called at the end of each test method.
// Otherwise one do not known which test failed.
context.assertIsSatisfied();
}
@Test
public final void testDoEvaluationWithoutDAOFactory()
{
final GroupIdentifierPredicate predicate = new GroupIdentifierPredicate();
boolean fail = true;
try
{
predicate.doEvaluation(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
GroupIdentifier.createHome());
} catch (final AssertionError e)
{
fail = false;
}
assertFalse(fail);
context.assertIsSatisfied();
}
@Test(expectedExceptions = UserFailureException.class)
public final void testExceptionBecauseInstanceDoesNotExist()
{
final GroupIdentifierPredicate predicate = new GroupIdentifierPredicate();
context.checking(new Expectations()
{
{
one(daoFactory).getDatabaseInstancesDAO();
will(returnValue(databaseInstanceDAO));
one(daoFactory).getGroupDAO();
will(returnValue(groupDAO));
one(databaseInstanceDAO).listDatabaseInstances();
will(returnValue(Collections.EMPTY_LIST));
one(groupDAO).listGroups();
will(returnValue(Collections.EMPTY_LIST));
}
});
predicate.init(daoFactory);
predicate.doEvaluation(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
new GroupIdentifier(DatabaseInstanceIdentifierPredicateTest.INSTANCE_CODE,
GROUP_CODE));
context.assertIsSatisfied();
}
@Test(expectedExceptions = UserFailureException.class)
public final void testExceptionBecauseGroupDoesNotExist()
{
final GroupIdentifierPredicate predicate = new GroupIdentifierPredicate();
context.checking(new Expectations()
{
{
one(daoFactory).getDatabaseInstancesDAO();
will(returnValue(databaseInstanceDAO));
one(daoFactory).getGroupDAO();
will(returnValue(groupDAO));
one(databaseInstanceDAO).listDatabaseInstances();
will(returnValue(Arrays.asList(DatabaseInstanceIdentifierPredicateTest
.createDatabaseInstance())));
one(groupDAO).listGroups();
will(returnValue(Collections.EMPTY_LIST));
}
});
predicate.init(daoFactory);
predicate.doEvaluation(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
new GroupIdentifier(DatabaseInstanceIdentifierPredicateTest.INSTANCE_CODE,
GROUP_CODE));
context.assertIsSatisfied();
}
@Test
public final void testSuccessfulEvaluation()
{
final GroupIdentifierPredicate predicate = new GroupIdentifierPredicate();
context.checking(new Expectations()
{
{
one(daoFactory).getDatabaseInstancesDAO();
will(returnValue(databaseInstanceDAO));
one(daoFactory).getGroupDAO();
will(returnValue(groupDAO));
one(databaseInstanceDAO).listDatabaseInstances();
will(returnValue(Arrays.asList(DatabaseInstanceIdentifierPredicateTest
.createDatabaseInstance())));
one(groupDAO).listGroups();
will(returnValue(createGroups()));
}
});
predicate.init(daoFactory);
final Status evaluation =
predicate.doEvaluation(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
new GroupIdentifier(DatabaseInstanceIdentifierPredicateTest.INSTANCE_CODE,
GROUP_CODE));
assertEquals(Status.OK, evaluation);
context.assertIsSatisfied();
}
@Test
public final void testSuccessfulEvaluationWithHomeGroup()
{
final GroupIdentifierPredicate predicate = new GroupIdentifierPredicate();
context.checking(new Expectations()
{
{
one(daoFactory).getDatabaseInstancesDAO();
will(returnValue(databaseInstanceDAO));
one(daoFactory).getGroupDAO();
will(returnValue(groupDAO));
one(databaseInstanceDAO).listDatabaseInstances();
will(returnValue(Arrays.asList(DatabaseInstanceIdentifierPredicateTest
.createAnotherDatabaseInstance(),
DatabaseInstanceIdentifierPredicateTest.createDatabaseInstance())));
one(groupDAO).listGroups();
will(returnValue(createGroups()));
}
});
predicate.init(daoFactory);
final PersonPE person = DatabaseInstanceIdentifierPredicateTest.createPerson();
final GroupPE homeGroup = createGroup();
person.setHomeGroup(homeGroup);
final GroupIdentifier groupIdentifier =
new GroupIdentifier(DatabaseInstanceIdentifierPredicateTest.INSTANCE_CODE, null);
final Status evaluation =
predicate.doEvaluation(person, DatabaseInstanceIdentifierPredicateTest
.createAllowedRoles(false), groupIdentifier);
assertEquals(Status.OK, evaluation);
context.assertIsSatisfied();
}
@Test
public final void testFailedEvaluation()
{
final GroupIdentifierPredicate predicate = new GroupIdentifierPredicate();
context.checking(new Expectations()
{
{
one(daoFactory).getDatabaseInstancesDAO();
will(returnValue(databaseInstanceDAO));
one(daoFactory).getGroupDAO();
will(returnValue(groupDAO));
one(databaseInstanceDAO).listDatabaseInstances();
will(returnValue(Arrays.asList(DatabaseInstanceIdentifierPredicateTest
.createDatabaseInstance(), DatabaseInstanceIdentifierPredicateTest
.createAnotherDatabaseInstance())));
one(groupDAO).listGroups();
will(returnValue(createGroups()));
}
});
predicate.init(daoFactory);
final Status evaluation =
predicate.doEvaluation(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
new GroupIdentifier(
DatabaseInstanceIdentifierPredicateTest.ANOTHER_INSTANCE_CODE,
ANOTHER_GROUP_CODE));
assertEquals(StatusFlag.ERROR, evaluation.getFlag());
assertEquals(
"User 'megapixel' does not have enough privileges to access data in the group 'DB2:/G2'.",
evaluation.tryGetErrorMessage());
context.assertIsSatisfied();
}
@Test
public final void testAccessAnotherGroup()
{
final DatabaseInstancePE homeDatabaseInstance =
DatabaseInstanceIdentifierPredicateTest.createDatabaseInstance();
final GroupIdentifierPredicate predicate = new GroupIdentifierPredicate();
final List<DatabaseInstancePE> databaseInstances =
Arrays.asList(homeDatabaseInstance, DatabaseInstanceIdentifierPredicateTest
.createAnotherDatabaseInstance());
final List<GroupPE> groups = createGroups();
groups.add(createGroup(ANOTHER_GROUP_CODE, 34L, homeDatabaseInstance));
context.checking(new Expectations()
{
{
one(daoFactory).getDatabaseInstancesDAO();
will(returnValue(databaseInstanceDAO));
one(daoFactory).getGroupDAO();
will(returnValue(groupDAO));
one(databaseInstanceDAO).listDatabaseInstances();
will(returnValue(databaseInstances));
one(groupDAO).listGroups();
will(returnValue(groups));
}
});
predicate.init(daoFactory);
final Status evaluation =
predicate.doEvaluation(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
new GroupIdentifier(DatabaseInstanceIdentifierPredicateTest.INSTANCE_CODE,
ANOTHER_GROUP_CODE));
assertEquals(StatusFlag.ERROR, evaluation.getFlag());
assertEquals(
"User 'megapixel' does not have enough privileges to access data in the group 'DB1:/G2'.",
evaluation.tryGetErrorMessage());
context.assertIsSatisfied();
}
}
openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/NewExperimentPredicateTest.java 0 → 100644
+ 54
0
View file @ f99d4a67
/*
* Copyright 2008 ETH Zuerich, CISD
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
import static org.testng.AssertJUnit.assertFalse;
import org.testng.annotations.Test;
import ch.systemsx.cisd.lims.base.dto.NewExperiment;
import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.NewExperimentPredicate;
/**
* Test cases for corresponding {@link NewExperimentPredicate} class.
*
* @author Christian Ribeaud
*/
public final class NewExperimentPredicateTest
{
private final NewExperiment createNewExperiment()
{
return new NewExperiment();
}
@Test
public final void testWithoutInit()
{
final NewExperimentPredicate predicate = new NewExperimentPredicate();
boolean fail = true;
try
{
predicate.evaluate(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
createNewExperiment());
} catch (final AssertionError e)
{
fail = false;
}
assertFalse(fail);
}
}
openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/predicate/QueryRestrictionPredicateTest.java 0 → 100644
+ 55
0
View file @ f99d4a67
/*
* Copyright 2008 ETH Zuerich, CISD
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ch.systemsx.cisd.openbis.generic.server.authorization.predicate;
import static org.testng.AssertJUnit.assertFalse;
import org.testng.annotations.Test;
import ch.systemsx.cisd.lims.base.dto.QueryRestriction;
import ch.systemsx.cisd.openbis.generic.server.authorization.predicate.QueryRestrictionPredicate;
/**
* Test cases for corresponding {@link QueryRestrictionPredicate} class.
*
* @author Christian Ribeaud
*/
public final class QueryRestrictionPredicateTest
{
private final QueryRestriction createQueryRestriction()
{
return new QueryRestriction();
}
@Test
public final void testWithoutInit()
{
final QueryRestrictionPredicate predicate = new QueryRestrictionPredicate();
boolean fail = true;
try
{
predicate.evaluate(DatabaseInstanceIdentifierPredicateTest.createPerson(),
DatabaseInstanceIdentifierPredicateTest.createAllowedRoles(false),
createQueryRestriction());
} catch (final AssertionError e)
{
fail = false;
}
assertFalse(fail);
}
}
openbis/sourceTest/java/ch/systemsx/cisd/openbis/generic/server/authorization/validator/GroupValidatorTest.java 0 → 100644
+ 118
0
View file @ f99d4a67
/*
* Copyright 2008 ETH Zuerich, CISD
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ch.systemsx.cisd.openbis.generic.server.authorization.validator;
import static org.testng.AssertJUnit.assertFalse;
import static org.testng.AssertJUnit.assertTrue;
import java.util.ArrayList;
import java.util.List;
import org.testng.annotations.Test;
import ch.systemsx.cisd.lims.base.dto.DatabaseInstancePE;
import ch.systemsx.cisd.lims.base.dto.GroupPE;
import ch.systemsx.cisd.lims.base.dto.PersonPE;
import ch.systemsx.cisd.lims.base.dto.RoleAssignmentPE;
import ch.systemsx.cisd.lims.base.role.RoleCode;
import ch.systemsx.cisd.openbis.generic.server.authorization.validator.GroupValidator;
/**
* Test cases for corresponding {@link GroupValidator} class.
*
* @author Christian Ribeaud
*/
public final class GroupValidatorTest
{
private static final long GROUP_ID = 123L;
private static final long ANOTHER_GROUP_ID = 456L;
private static final long INSTANCE_ID = 987L;
private final static GroupPE createGroup()
{
final GroupPE group = new GroupPE();
group.setId(GROUP_ID);
group.setDatabaseInstance(createDatabaseInstance());
return group;
}
private final static GroupPE createAnotherGroup()
{
final GroupPE group = new GroupPE();
group.setId(ANOTHER_GROUP_ID);
group.setDatabaseInstance(createDatabaseInstance());
return group;
}
private final static DatabaseInstancePE createDatabaseInstance()
{
final DatabaseInstancePE databaseInstance = new DatabaseInstancePE();
databaseInstance.setId(INSTANCE_ID);
return databaseInstance;
}
final static PersonPE createPerson(final boolean withRoleAssignment)
{
final PersonPE person = new PersonPE();
if (withRoleAssignment)
{
final List<RoleAssignmentPE> list = new ArrayList<RoleAssignmentPE>();
// Database assignment
RoleAssignmentPE assignment = new RoleAssignmentPE();
assignment.setPerson(person);
assignment.setDatabaseInstance(createDatabaseInstance());
assignment.setRole(RoleCode.ADMIN);
list.add(assignment);
// Group assignment
assignment = new RoleAssignmentPE();
assignment.setPerson(person);
assignment.setGroup(createAnotherGroup());
assignment.setRole(RoleCode.USER);
list.add(assignment);
person.setRoleAssignments(list);
}
return person;
}
@Test
public final void testIsValidWithNull()
{
boolean fail = true;
try
{
new GroupValidator().isValid(null, null);
} catch (final AssertionError e)
{
fail = false;
}
assertFalse(fail);
}
@Test
public final void testIsValid()
{
final GroupValidator groupValidator = new GroupValidator();
assertFalse(groupValidator.isValid(createPerson(false), createGroup()));
// Valid because another group is in the same database instance and the person has a role in
// it.
assertTrue(groupValidator.isValid(createPerson(true), createAnotherGroup()));
assertTrue(groupValidator.isValid(createPerson(true), createGroup()));
}
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment