Skip to content
Find file Normal view History Permalink
PermissionsManagerTest.java 5.2 KiB
Newer Older
Sonia Zorba's avatar
Fixed bug in permissions management
Sonia Zorba committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 
package it.inaf.ia2.gms.manager;

import it.inaf.ia2.gms.exception.UnauthorizedException;
import it.inaf.ia2.gms.model.Permission;
import it.inaf.ia2.gms.persistence.LoggingDAO;
import it.inaf.ia2.gms.persistence.model.GroupEntity;
import it.inaf.ia2.gms.persistence.model.PermissionEntity;
import it.inaf.ia2.gms.service.PermissionsService;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.ArgumentMatchers.eq;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import org.mockito.junit.MockitoJUnitRunner;

@RunWith(MockitoJUnitRunner.class)
public class PermissionsManagerTest {

    private static final String USER_ID = "USER_ID";
    private static final String TARGET_USER_ID = "TARGET_USER_ID";

    @Mock
    private PermissionsService permissionsService;
    @Mock
    private HttpServletRequest request;
    @Mock
    private LoggingDAO loggingDAO;

    @InjectMocks
    private PermissionsManager permissionsManager;

    @Before
    public void setUp() {
        UserAwareComponentTestUtil.setUser(permissionsManager, USER_ID);
    }

    @Test
    public void addPermissionFromManager() {

        GroupEntity group = getGroup();

        when(permissionsService.findUserPermissions(eq(group), eq(USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.MANAGE_MEMBERS));

        permissionsManager.addPermission(group, TARGET_USER_ID, Permission.VIEW_MEMBERS);

        verify(permissionsService, times(1)).addPermission(eq(group), eq(TARGET_USER_ID), eq(Permission.VIEW_MEMBERS));
    }

    @Test
    public void addPermissionFromAdmin() {

        GroupEntity group = getGroup();

        when(permissionsService.findUserPermissions(eq(group), eq(USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.ADMIN));

        permissionsManager.addPermission(group, TARGET_USER_ID, Permission.MANAGE_MEMBERS);

        verify(permissionsService, times(1)).addPermission(eq(group), eq(TARGET_USER_ID), eq(Permission.MANAGE_MEMBERS));
    }

    @Test(expected = UnauthorizedException.class)
    public void addPermissionFromUnauthorized() {

        GroupEntity group = getGroup();

        when(permissionsService.findUserPermissions(eq(group), eq(USER_ID)))
                .thenReturn(new ArrayList<>());

        permissionsManager.addPermission(group, TARGET_USER_ID, Permission.MANAGE_MEMBERS);
    }

    @Test
    public void removePermissionFromManager() {

        GroupEntity group = getGroup();

        when(permissionsService.findUserPermissions(eq(group), eq(USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.MANAGE_MEMBERS));

        when(permissionsService.findUserPermissions(eq(group), eq(TARGET_USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.VIEW_MEMBERS));

        permissionsManager.removePermission(group, TARGET_USER_ID);

        verify(permissionsService, times(1)).removePermission(eq(group), eq(TARGET_USER_ID));
    }

    @Test
    public void removePermissionFromManagerAddedByAdmin() {

        GroupEntity group = getGroup();

        when(permissionsService.findUserPermissions(eq(group), eq(USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.MANAGE_MEMBERS));

        when(permissionsService.findUserPermissions(eq(group), eq(TARGET_USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.MANAGE_MEMBERS));

        permissionsManager.removePermission(group, TARGET_USER_ID);

        verify(permissionsService, never()).removePermission(any(), any());
    }

    @Test
    public void removePermissionFromAdmin() {

        GroupEntity group = getGroup();

        when(permissionsService.findUserPermissions(eq(group), eq(USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.ADMIN));

        permissionsManager.removePermission(group, TARGET_USER_ID);

        verify(permissionsService, times(1)).removePermission(eq(group), eq(TARGET_USER_ID));
    }

    @Test(expected = UnauthorizedException.class)
    public void removePermissionFromUnauthorized() {

        GroupEntity group = getGroup();

        when(permissionsService.findUserPermissions(eq(group), eq(USER_ID)))
                .thenReturn(getUserPermissions(group, Permission.VIEW_MEMBERS));

        permissionsManager.removePermission(group, TARGET_USER_ID);
    }

    private List<PermissionEntity> getUserPermissions(GroupEntity group, Permission permission) {
        PermissionEntity entity = new PermissionEntity();
        entity.setPermission(permission);
        entity.setGroupId(group.getId());
        entity.setGroupPath(group.getPath());
        entity.setUserId(USER_ID);
        return Collections.singletonList(entity);
    }

    private GroupEntity getGroup() {
        GroupEntity group = new GroupEntity();
        group.setId("group_id");
        group.setPath("parent_id.group_id");
        return group;
    }
}