/*
************************************************************************
******************* CANADIAN ASTRONOMY DATA CENTRE *******************
************** CENTRE CANADIEN DE DONNÉES ASTRONOMIQUES **************
*
* (c) 2014. (c) 2014.
* Government of Canada Gouvernement du Canada
* National Research Council Conseil national de recherches
* Ottawa, Canada, K1A 0R6 Ottawa, Canada, K1A 0R6
* All rights reserved Tous droits réservés
*
* NRC disclaims any warranties, Le CNRC dénie toute garantie
* expressed, implied, or énoncée, implicite ou légale,
* statutory, of any kind with de quelque nature que ce
* respect to the software, soit, concernant le logiciel,
* including without limitation y compris sans restriction
* any warranty of merchantability toute garantie de valeur
* or fitness for a particular marchande ou de pertinence
* purpose. NRC shall not be pour un usage particulier.
* liable in any event for any Le CNRC ne pourra en aucun cas
* damages, whether direct or être tenu responsable de tout
* indirect, special or general, dommage, direct ou indirect,
* consequential or incidental, particulier ou général,
* arising from the use of the accessoire ou fortuit, résultant
* software. Neither the name de l'utilisation du logiciel. Ni
* of the National Research le nom du Conseil National de
* Council of Canada nor the Recherches du Canada ni les noms
* names of its contributors may de ses participants ne peuvent
* be used to endorse or promote être utilisés pour approuver ou
* products derived from this promouvoir les produits dérivés
* software without specific prior de ce logiciel sans autorisation
* written permission. préalable et particulière
* par écrit.
*
* This file is part of the Ce fichier fait partie du projet
* OpenCADC project. OpenCADC.
*
* OpenCADC is free software: OpenCADC est un logiciel libre ;
* you can redistribute it and/or vous pouvez le redistribuer ou le
* modify it under the terms of modifier suivant les termes de
* the GNU Affero General Public la “GNU Affero General Public
* License as published by the License” telle que publiée
* Free Software Foundation, par la Free Software Foundation
* either version 3 of the : soit la version 3 de cette
* License, or (at your option) licence, soit (à votre gré)
* any later version. toute version ultérieure.
*
* OpenCADC is distributed in the OpenCADC est distribué
* hope that it will be useful, dans l’espoir qu’il vous
* but WITHOUT ANY WARRANTY; sera utile, mais SANS AUCUNE
* without even the implied GARANTIE : sans même la garantie
* warranty of MERCHANTABILITY implicite de COMMERCIALISABILITÉ
* or FITNESS FOR A PARTICULAR ni d’ADÉQUATION À UN OBJECTIF
* PURPOSE. See the GNU Affero PARTICULIER. Consultez la Licence
* General Public License for Générale Publique GNU Affero
* more details. pour plus de détails.
*
* You should have received Vous devriez avoir reçu une
* a copy of the GNU Affero copie de la Licence Générale
* General Public License along Publique GNU Affero avec
* with OpenCADC. If not, see OpenCADC ; si ce n’est
* . pas le cas, consultez :
* .
*
* $Revision: 4 $
*
************************************************************************
*/
package ca.nrc.cadc.ac.server.ldap;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
import java.io.File;
import java.security.AccessControlException;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Collection;
import javax.security.auth.Subject;
import javax.security.auth.x500.X500Principal;
import org.apache.log4j.Logger;
import org.junit.Test;
import ca.nrc.cadc.ac.PersonalDetails;
import ca.nrc.cadc.ac.User;
import ca.nrc.cadc.ac.UserAlreadyExistsException;
import ca.nrc.cadc.ac.UserNotFoundException;
import ca.nrc.cadc.ac.UserRequest;
import ca.nrc.cadc.auth.DNPrincipal;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.NumericPrincipal;
import ca.nrc.cadc.auth.SSLUtil;
public class LdapUserDAOTest extends AbstractLdapDAOTest
{
private static final Logger log = Logger.getLogger(LdapUserDAOTest.class);
String createUsername()
{
return "CadcDaoTestUser-" + System.currentTimeMillis();
}
@Test
public void testAddIllegalUsername() throws Exception
{
// add user using HttpPrincipal
final String username = "$" + createUsername();
final HttpPrincipal userID = new HttpPrincipal(username);
final User httpExpected = new User();
httpExpected.getIdentities().add(userID);
PersonalDetails pd = new PersonalDetails("foo", "bar");
pd.email = username + "@canada.ca";
httpExpected.personalDetails = pd;
UserRequest userRequest = new UserRequest(httpExpected, "123456".toCharArray());
try
{
final LdapUserDAO httpUserDAO = getUserDAO();
httpUserDAO.addUserRequest(userRequest);
fail("Illegal username " + username + " should've thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {}
}
@Test
public void testAddUser() throws Exception
{
// add user using X500Principal
String username = createUsername();
final X500Principal userID = new X500Principal("cn=" + username + ",ou=cadc,o=hia,c=ca");
final User testUser = new User();
testUser.getIdentities().add(userID);
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUsersDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUser(testUser);
final User actual = userDAO.getUser(userID);
check(testUser, actual);
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
// TODO should test passing in both Http and X500 Principals
}
/**
* Test of addUserRequest method, of class LdapUserDAO.
*/
@Test
public void testAddUserRequest() throws Exception
{
// add user using HttpPrincipal
final String username = createUsername();
final HttpPrincipal userID = new HttpPrincipal(username);
final User expectedUser = new User();
expectedUser.getIdentities().add(userID);
expectedUser.personalDetails = new PersonalDetails("foo", "bar");
expectedUser.personalDetails.email = username + "@canada.ca";
UserRequest userRequest = new UserRequest(expectedUser, "123456".toCharArray());
// Adding a new user is done anonymously
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUserRequest(userRequest);
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUserRequestsDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final User actualUser = userDAO.getUserRequest(userID);
check(expectedUser, actualUser);
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
// try and add another user with the same username
final User dupUsername = new User();
dupUsername.getIdentities().add(userID);
dupUsername.personalDetails = new PersonalDetails("foo", "bar");
dupUsername.personalDetails.email = username + "@foo.com";
UserRequest dupUsernameRequest = new UserRequest(dupUsername, "123456".toCharArray());
try
{
userDAO.addUserRequest(dupUsernameRequest);
fail("adding a duplicate user should throw a UserAlreadyExistsException");
}
catch (UserAlreadyExistsException expected)
{
log.debug("expected exception: " + expected.getMessage());
}
// try and add another user with the same email address
final String username2 = createUsername();
final HttpPrincipal userID2 = new HttpPrincipal(username);
final User dupEmail = new User();
dupEmail.getIdentities().add(userID2);
dupEmail.personalDetails = new PersonalDetails("foo", "bar");
dupEmail.personalDetails.email = username + "@canada.ca";
UserRequest dupEmailRequest = new UserRequest(dupEmail, "123456".toCharArray());
try
{
userDAO.addUserRequest(dupEmailRequest);
fail("adding a user with an existing email address should throw a UserAlreadyExistsException");
}
catch (UserAlreadyExistsException expected)
{
log.debug("expected exception: " + expected.getMessage());
}
}
/**
* Test of getUser method, of class LdapUserDAO.
*/
@Test
public void testGetUserWithHttpPrincipal() throws Exception
{
Subject subject = new Subject();
subject.getPrincipals().add(cadcDaoTest1_HttpPrincipal);
subject.getPrincipals().add(cadcDaoTest1_DNPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
final User actual = userDAO.getUser(cadcDaoTest1_HttpPrincipal);
assertEquals(cadcDaoTest1_User.getHttpPrincipal(), actual.getHttpPrincipal());
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
@Test
public void testGetUserWithX500Principal() throws Exception
{
Subject subject = new Subject();
subject.getPrincipals().add(cadcDaoTest1_X500Principal);
subject.getPrincipals().add(cadcDaoTest1_DNPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
final User actual = userDAO.getUser(cadcDaoTest1_X500Principal);
assertEquals(cadcDaoTest1_User.getHttpPrincipal(), actual.getHttpPrincipal());
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
/**
* Test of getAugmentedUser method, of class LdapUserDAO.
*/
@Test
public void getGetAugmentedUser() throws Exception
{
Subject subject = new Subject();
subject.getPrincipals().add(cadcDaoTest1_HttpPrincipal);
subject.getPrincipals().add(cadcDaoTest1_DNPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
final User actual = userDAO.getUser(cadcDaoTest1_HttpPrincipal);
assertEquals(cadcDaoTest1_User.getHttpPrincipal(), actual.getHttpPrincipal());
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
/**
* Test of getUserByEmailAddress method, of class LdapUserDAO.
*/
@Test
public void testGetUserByEmailAddress() throws Exception
{
// create a user with the email attribute
final String username = createUsername();
final String emailAddress = username +"@canada.ca";
final HttpPrincipal userID = new HttpPrincipal(username);
final User testUser = new User();
testUser.personalDetails = new PersonalDetails("foo", "bar");
testUser.personalDetails.email = username + "@canada.ca";
testUser.getIdentities().add(userID);
addUser(userID, testUser);
try
{
// case 1: only one user matches the email address
testGetOneUserByEmailAddress(emailAddress, username);
}
finally
{
deleteUser(userID);
}
}
@Test
public void testGetPendingUser() throws Exception
{
final String username = "CADCtestRequest";
final String x500DN = "cn=" + username + ",ou=cadc,o=hia,c=ca";
final HttpPrincipal httpPrincipal = new HttpPrincipal(username);
final X500Principal x500Principal = new X500Principal(x500DN);
final User pendingUser = new User();
pendingUser.personalDetails = new PersonalDetails("CADCtest", "Request");
pendingUser.personalDetails.email = username + "@canada.ca";
pendingUser.getIdentities().add(httpPrincipal);
pendingUser.getIdentities().add(x500Principal);
UserRequest userRequest = new UserRequest(pendingUser, "123456".toCharArray());
try
{
final LdapUserDAO httpUserDAO = getUserDAO();
httpUserDAO.addUserRequest(userRequest);
}
catch (UserAlreadyExistsException expected) {}
final Subject subject = new Subject();
subject.getPrincipals().add(httpPrincipal);
subject.getPrincipals().add(x500Principal);
subject.getPrincipals().add(new DNPrincipal(username + "," + config.getUsersDN()));
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
final User actual = userDAO.getUserRequest(httpPrincipal);
check(pendingUser, actual);
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
// TODO testGetUser for a user that doesn't exist
@Test
public void testApproveUser() throws Exception
{
String username = createUsername();
final HttpPrincipal httpPrincipal = new HttpPrincipal(username);
final User expected = new User();
expected.getIdentities().add(httpPrincipal);
expected.personalDetails = new PersonalDetails("foo", "bar");
expected.personalDetails.email = username + "@canada.ca";
final UserRequest userRequest = new UserRequest(expected, "123456".toCharArray());
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUsersDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUserRequest(userRequest);
final User actual = userDAO.approveUserRequest(expected.getHttpPrincipal());
assertNotNull(actual);
assertEquals(expected.getHttpPrincipal(), actual.getHttpPrincipal());
User newUser = userDAO.getUser(userRequest.getUser().getHttpPrincipal());
assertNotNull(newUser);
assertEquals(expected.getHttpPrincipal(), newUser.getHttpPrincipal());
try
{
userDAO.getUserRequest(userRequest.getUser().getHttpPrincipal());
fail("approved user " + userRequest.getUser().getHttpPrincipal() +
" found in pending user tree");
}
catch (UserNotFoundException ignore) {}
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
@Test
public void testUpdateUser() throws Exception
{
// Create a test user
final User testUser;
final String username = createUsername();
final HttpPrincipal userID = new HttpPrincipal(username);
testUser = new User();
testUser.getIdentities().add(userID);
testUser.personalDetails = new PersonalDetails("firstName", "lastName");
testUser.personalDetails.email = username + "@canada.ca";
final UserRequest userRequest = new UserRequest(testUser, "password".toCharArray());
// add the user
Subject subject = new Subject();
subject.getPrincipals().add(userID);
final User newUser = (User) Subject.doAs(subject, new PrivilegedExceptionAction()
{
public User run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUserRequest(userRequest);
userDAO.approveUserRequest(userID);
return userDAO.getUser(userID);
}
catch (Exception e)
{
fail("exception updating user: " + e.getMessage());
}
return null;
}
});
// update the user
newUser.personalDetails.address = "address2";
newUser.personalDetails.institute = "institute2";
newUser.personalDetails.city = "city2";
newUser.personalDetails.country = "country2";
// add a DN
newUser.getIdentities().add(new X500Principal("cn=" + username + ",ou=cadc,o=hia,c=ca"));
// update the userexpected
subject.getPrincipals().add(userID);
User updatedUser = (User) Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
return userDAO.modifyUser(newUser);
}
catch (Exception e)
{
e.printStackTrace();
fail("exception updating user: " + e.getMessage());
}
return null;
}
});
assertNotNull(updatedUser);
check(newUser, updatedUser);
}
// TODO testUpdateUser for a user that doesn't exist
/**
* Test of deleteUser method, of class LdapUserDAO.
*/
@Test
public void deleteUser() throws Exception
{
String username = createUsername();
final HttpPrincipal userID = new HttpPrincipal(username);
final User testUser = new User();
testUser.getIdentities().add(userID);
testUser.personalDetails = new PersonalDetails("foo", "bar");
testUser.personalDetails.email = username + "@canada.ca";
final UserRequest userRequest = new UserRequest(testUser, "password".toCharArray());
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + userID + "," + config.getUsersDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUserRequest(userRequest);
userDAO.approveUserRequest(userID);
userDAO.deleteUser(userID, false);
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
/**
* Test of deleteUserRequest method, of class LdapUserDAO.
*/
@Test
public void deletePendingUser() throws Exception
{
String userID = createUsername();
HttpPrincipal httpPrincipal = new HttpPrincipal(userID);
X500Principal x500Principal = new X500Principal("cn=" + userID + ",ou=cadc,o=hia,c=ca");
final User expected = new User();
expected.getIdentities().add(httpPrincipal);
expected.getIdentities().add(x500Principal);
expected.personalDetails = new PersonalDetails("foo", "bar");
expected.personalDetails.email = userID + "@canada.ca";
final UserRequest userRequest = new UserRequest(expected, "123456".toCharArray());
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUserRequest(userRequest);
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + userID + "," + config.getUserRequestsDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
userDAO.deleteUserRequest(expected.getHttpPrincipal());
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
@Test
public void testGetUsers() throws Exception
{
// authenticated access
Subject subject = new Subject();
subject.getPrincipals().add(cadcDaoTest1_X500Principal);
subject.getPrincipals().add(cadcDaoTest1_DNPrincipal);
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
final Collection users = getUserDAO().getUsers();
assertNotNull("returned users is null", users);
assertFalse("no users found", users.isEmpty());
log.debug("# users found: " + users.size());
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
@Test
public void testGetPendingUsers() throws Exception
{
// authenticated access
Subject subject = new Subject();
subject.getPrincipals().add(cadcDaoTest1_X500Principal);
subject.getPrincipals().add(cadcDaoTest1_DNPrincipal);
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
final Collection users = getUserDAO().getUserRequests();
assertNotNull("returned users is null", users);
assertFalse("no users found", users.isEmpty());
log.debug("# users found: " + users.size());
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
@Test
public void testDoLogin() throws Exception
{
final String username = createUsername();
final String password = "123456";
HttpPrincipal httpPrincipal = new HttpPrincipal(username);
final User testUser = new User();
testUser.getIdentities().add(httpPrincipal);
testUser.personalDetails = new PersonalDetails("foo", "bar");
testUser.personalDetails.email = username + "@canada.ca";
final UserRequest userRequest = new UserRequest(testUser, password.toCharArray());
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUsersDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
// add a user
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUserRequest(userRequest);
// approve the user
userDAO.approveUserRequest(testUser.getHttpPrincipal());
// login as the user
boolean success = userDAO.doLogin(username, password);
assertTrue("login failed", success);
// login with wrong username
try
{
success = userDAO.doLogin("foo", password);
fail("unknown username should throw AccessControlException");
}
catch (AccessControlException expected)
{
log.debug("expected exception " + expected.getMessage());
}
// login with wrong password
try
{
success = userDAO.doLogin(username, "foo");
fail("wrong password should throw AccessControlException");
}
catch (AccessControlException expected)
{
log.debug("expected exception " + expected.getMessage());
}
// delete the user
userDAO.deleteUser(testUser.getHttpPrincipal(), false);
// login as deleted user
try
{
success = userDAO.doLogin(username, password);
fail("deactivated user should throw AccessControlException");
}
catch (AccessControlException expected)
{
log.debug("expected exception " + expected.getMessage());
}
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
//// @Test
public void testSetPassword() throws Exception
{
// LDAPConnection connection =
// new LDAPConnection(SocketFactory.getDefault(), config.getServer(), config.getPort());
// connection.bind(config.getAdminUserDN(), config.getAdminPasswd());
//
// // Create an SSLUtil instance that is configured to trust any certificate.
// SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
// SSLContext sslContext = sslUtil.createSSLContext();
// StartTLSExtendedRequest startTLSRequest = new StartTLSExtendedRequest(sslContext);
// ExtendedResult startTLSResult = connection.processExtendedOperation(startTLSRequest);
// LDAPTestUtils.assertResultCodeEquals(startTLSResult, ResultCode.SUCCESS);
// Create a test user with a known password
final User testUser;
final String username = createUsername();
final char[] password = "foo".toCharArray();
final char[] newPassword = "bar".toCharArray();
final HttpPrincipal httpPrincipal = new HttpPrincipal(username);
testUser = new User();
testUser.getIdentities().add(httpPrincipal);
testUser.personalDetails = new PersonalDetails("firstName", "lastName");
// add the user
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + username + "," + config.getUsersDN());
Subject subject = new Subject();
subject.getPrincipals().add(testUser.getHttpPrincipal());
subject.getPrincipals().add(dnPrincipal);
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.addUser(testUser);
}
catch (Exception e)
{
fail("exception updating user: " + e.getMessage());
}
return null;
}
});
// authenticate new username and password
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
getUserDAO().doLogin(username, String.valueOf(password));
}
catch (Exception e)
{
fail("exception during login: " + e.getMessage());
}
return null;
}
});
// anonymous access should throw exception
subject = new Subject();
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.setPassword(httpPrincipal, String.valueOf(password),
String.valueOf(newPassword));
fail("should throw exception if subject and user are not the same");
}
catch (Exception ignore)
{
}
return null;
}
});
// change the password
subject.getPrincipals().add(testUser.getHttpPrincipal());
subject.getPrincipals().add(dnPrincipal);
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.setPassword(httpPrincipal, String.valueOf(password),
String.valueOf(newPassword));
}
catch (Exception e)
{
e.printStackTrace();
fail("exception setting password: " + e.getMessage());
}
return null;
}
});
// verify new password
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run()
throws Exception
{
try
{
getUserDAO().doLogin(username, String.valueOf(password));
}
catch (Exception e)
{
fail("exception during login: " + e.getMessage());
}
return null;
}
});
}
private static void check(final User expected, final User actual)
{
if (expected.getID() != null)
{
assertEquals(expected, actual);
}
for (Principal p : expected.getIdentities())
{
log.debug("expected P: " + p.getName());
}
for (Principal p : actual.getIdentities())
{
log.debug("actual P: " + p.getName());
}
expected.isConsistent(actual);
for( Principal princ1 : expected.getIdentities())
{
boolean found = false;
for( Principal princ2 : actual.getIdentities())
{
if (princ2.getClass() == princ1.getClass())
{
// NumericPrincipals are server generated, can't compare
if (princ2.getClass() != NumericPrincipal.class)
{
assertEquals(princ1, princ2);
}
found = true;
}
}
assertTrue(princ1.getName(), found);
}
assertEquals(expected.personalDetails, actual.personalDetails);
PersonalDetails pd1 = expected.personalDetails;
PersonalDetails pd2 = actual.personalDetails;
assertEquals(pd1, pd2);
if (pd1 != null && pd2 != null)
{
assertEquals(pd1.getFirstName(), pd2.getFirstName());
assertEquals(pd1.getLastName(), pd2.getLastName());
assertEquals(pd1.address, pd2.address);
assertEquals(pd1.city, pd2.city);
assertEquals(pd1.country, pd2.country);
assertEquals(pd1.email, pd2.email);
assertEquals(pd1.institute, pd2.institute);
}
}
private UserRequest createUserRequest(final HttpPrincipal userID, final String email)
{
final String username = userID.getName();
final String password = "123456";
final User expected = new User();
expected.getIdentities().add(userID);
expected.personalDetails = new PersonalDetails("foo", "bar");
expected.personalDetails.email = email;
final UserRequest userRequest = new UserRequest(expected, password.toCharArray());
return userRequest;
}
private void addUser(final HttpPrincipal userID, final User user)
throws Exception
{
final UserRequest userRequest = new UserRequest(user, "password".toCharArray());
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + userID.getName() + "," + config.getUsersDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
getUserDAO().addUserRequest(userRequest);
getUserDAO().approveUserRequest(userID);
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
private void deleteUser(final HttpPrincipal userID)
throws Exception
{
DNPrincipal dnPrincipal = new DNPrincipal("uid=" + userID.getName() + "," + config.getUsersDN());
Subject subject = new Subject();
subject.getPrincipals().add(dnPrincipal);
// do everything as owner
Subject.doAs(subject, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
userDAO.deleteUser(userID, false);
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
protected void testGetOneUserByEmailAddress(final String emailAddress, final String username)
throws PrivilegedActionException
{
// do as servops
Subject servops = SSLUtil.createSubject(new File(SERVOPS_PEM));
Subject.doAs(servops, new PrivilegedExceptionAction()
{
public Object run() throws Exception
{
try
{
final LdapUserDAO userDAO = getUserDAO();
final User user = userDAO.getUserByEmailAddress(emailAddress);
assertNotNull(user);
PersonalDetails pd = user.personalDetails;
assertEquals(emailAddress, pd.email);
String actualName = user.getHttpPrincipal().getName();
assertEquals(username, actualName);
return null;
}
catch (Exception e)
{
throw new Exception("Problems", e);
}
}
});
}
}