Fixed several test failures
git-svn-id: https://svn.libreccm.org/ccm/ccm_ng@5887 8810af33-2d31-482b-a856-94f89814c4df
jensp
parent
5ed6bbd32b
commit
738eede397
|
|
@ -31,6 +31,7 @@ import javax.persistence.EntityManager;
|
|||
import javax.persistence.Query;
|
||||
import javax.persistence.TypedQuery;
|
||||
import javax.transaction.Transactional;
|
||||
|
||||
import java.io.Serializable;
|
||||
import java.lang.reflect.Field;
|
||||
import java.lang.reflect.Modifier;
|
||||
|
|
@ -38,6 +39,7 @@ import java.util.Arrays;
|
|||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.UUID;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
|
|
@ -47,6 +49,7 @@ import java.util.stream.Collectors;
|
|||
*/
|
||||
@RequestScoped
|
||||
public class PermissionManager implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = -6068575941173342106L;
|
||||
|
||||
private static final Logger LOGGER = LogManager
|
||||
|
|
@ -65,6 +68,9 @@ public class PermissionManager implements Serializable {
|
|||
@Inject
|
||||
private CcmObjectRepository ccmObjectRepo;
|
||||
|
||||
@Inject
|
||||
private PermissionRepository permissionRepository;
|
||||
|
||||
/**
|
||||
* Retrieves a permission by its ID. Useful for UI classes.
|
||||
*
|
||||
|
|
@ -172,6 +178,7 @@ public class PermissionManager implements Serializable {
|
|||
permission.setGrantedPrivilege(privilege);
|
||||
permission.setObject(object);
|
||||
permission.setInherited(false);
|
||||
permission.setUuid(UUID.randomUUID().toString());
|
||||
|
||||
entityManager.persist(permission);
|
||||
|
||||
|
|
@ -440,7 +447,7 @@ public class PermissionManager implements Serializable {
|
|||
object.getUuid());
|
||||
|
||||
if (existsPermission(privilege, grantee, object)
|
||||
|| existsInheritedPermission(privilege, grantee, object)) {
|
||||
|| existsInheritedPermission(privilege, grantee, object)) {
|
||||
|
||||
LOGGER.debug("There is a permission for the provided parameters, "
|
||||
+ "revoking it...");
|
||||
|
|
@ -465,7 +472,7 @@ public class PermissionManager implements Serializable {
|
|||
deleteInheritedQuery.setParameter(QUERY_PARAM_PRIVILEGE, privilege);
|
||||
deleteInheritedQuery.setParameter(QUERY_PARAM_GRANTEE, grantee);
|
||||
deleteInheritedQuery.setParameter("object", object);
|
||||
final int deletedInherited = deleteInheritedQuery.executeUpdate();
|
||||
final int deletedInherited = deleteInheritedQuery.executeUpdate();
|
||||
LOGGER.debug("{} inherited permissions deleted.", deletedInherited);
|
||||
} else {
|
||||
LOGGER.warn("No permission granting privilege \"{}\" "
|
||||
|
|
|
|||
|
|
@ -25,8 +25,10 @@ import javax.enterprise.context.RequestScoped;
|
|||
import javax.persistence.EntityGraph;
|
||||
import javax.persistence.TypedQuery;
|
||||
import javax.transaction.Transactional;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.UUID;
|
||||
|
||||
/**
|
||||
* Repository for user objects.
|
||||
|
|
@ -202,6 +204,14 @@ public class UserRepository extends AbstractEntityRepository<Long, User> {
|
|||
super.save(entity);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void initNewEntity(final User entity) {
|
||||
|
||||
entity.setUuid(UUID.randomUUID().toString());
|
||||
}
|
||||
|
||||
|
||||
|
||||
@AuthorizationRequired
|
||||
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
|
||||
@Transactional(Transactional.TxType.REQUIRED)
|
||||
|
|
|
|||
|
|
@ -207,7 +207,7 @@ public class AuthorizationInterceptorTest {
|
|||
token.setRememberMe(true);
|
||||
subject.login(token);
|
||||
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
|
||||
labBean.doSomethingWhichRequiresPermissionOnObject(object1);
|
||||
}
|
||||
|
|
@ -222,7 +222,7 @@ public class AuthorizationInterceptorTest {
|
|||
token.setRememberMe(true);
|
||||
subject.login(token);
|
||||
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
|
||||
labBean.doSomethingWhichRequiresPermissionOnObject(object1);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -134,6 +134,7 @@ public class ChallengeManagerTest {
|
|||
.addPackage(org.libreccm.cdi.utils.CdiUtil.class.getPackage())
|
||||
.addClass(com.arsdigita.kernel.KernelConfig.class)
|
||||
.addClass(com.arsdigita.kernel.security.SecurityConfig.class)
|
||||
.addClass(org.libreccm.imexport.Exportable.class)
|
||||
.addAsLibraries(getModuleDependencies())
|
||||
.addAsResource("configs/shiro.ini", "shiro.ini")
|
||||
.addAsResource("test-persistence.xml",
|
||||
|
|
|
|||
|
|
@ -170,9 +170,9 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(1300)
|
||||
public void isPermittedSystemUser() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(-20003L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(20003L).get();
|
||||
|
||||
shiro.getSystemUser().execute(new Callable<Boolean>() {
|
||||
|
||||
|
|
@ -206,8 +206,8 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(1400)
|
||||
public void isPermittedObjectAuthenticatedUser() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
|
||||
final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
|
||||
"foo123");
|
||||
|
|
@ -227,8 +227,8 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(1500)
|
||||
public void isPermittedObjectUnAuthenticatedUser() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
|
||||
assertThat(permissionChecker.isPermitted("privilege1", object1),
|
||||
is(false));
|
||||
|
|
@ -264,7 +264,7 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(2300)
|
||||
public void checkPermissionObjectAuthenticatedUser() {
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
|
||||
final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
|
||||
"foo123");
|
||||
|
|
@ -279,7 +279,7 @@ public class PermissionCheckerTest {
|
|||
@ShouldThrowException(AuthorizationException.class)
|
||||
@InSequence(2400)
|
||||
public void checkPermissionObjectUnAuthenticatedUser() {
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
|
||||
permissionChecker.checkPermission("privilege2", object2);
|
||||
}
|
||||
|
|
@ -288,7 +288,7 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(2500)
|
||||
public void checkPermissionObjectPublicUser() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
|
||||
permissionChecker.checkPermission("privilege3", object1);
|
||||
}
|
||||
|
|
@ -297,9 +297,9 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(2600)
|
||||
public void checkPermissionObjectSystemUser() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(-20003L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(20003L).get();
|
||||
|
||||
shiro.getSystemUser().execute(new Callable<Boolean>() {
|
||||
|
||||
|
|
@ -323,7 +323,7 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(3100)
|
||||
public void checkPermissionReturnObjectAuthenticatedUser() {
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
|
||||
final UsernamePasswordToken token = new UsernamePasswordToken("jdoe",
|
||||
"foo123");
|
||||
|
|
@ -341,7 +341,7 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(3200)
|
||||
public void checkPermissionReturnObjectUnAuthenticatedUser() {
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
|
||||
final CcmObject result = permissionChecker.checkPermission(
|
||||
"privilege2", object2, CcmObject.class);
|
||||
|
|
@ -354,7 +354,7 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(600)
|
||||
public void checkPermissionReturnObjectPublicUser() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
|
||||
final CcmObject result = permissionChecker.checkPermission(
|
||||
"privilege3", object1, CcmObject.class);
|
||||
|
|
@ -367,9 +367,9 @@ public class PermissionCheckerTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/ShiroTest/data.yml")
|
||||
@InSequence(3200)
|
||||
public void checkPermissionReturnObjectSystemUser() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(-20003L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(20003L).get();
|
||||
|
||||
final List<CcmObject> results = shiro.getSystemUser().execute(
|
||||
new Callable<List<CcmObject>>() {
|
||||
|
|
|
|||
|
|
@ -185,7 +185,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(200)
|
||||
public void grantPermission() {
|
||||
final Role role2 = roleRepository.findByName("role2").get();
|
||||
final CcmObject object3 = ccmObjectRepository.findById(-20003L).get();
|
||||
final CcmObject object3 = ccmObjectRepository.findById(20003L).get();
|
||||
|
||||
shiro.getSystemUser().execute(() -> {
|
||||
permissionManager.grantPrivilege("privilege2", role2, object3);
|
||||
|
|
@ -209,7 +209,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(210)
|
||||
public void grantPermissionAgain() {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
shiro.getSystemUser().execute(() -> {
|
||||
permissionManager.grantPrivilege("privilege1", role1);
|
||||
|
|
@ -232,7 +232,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(211)
|
||||
public void grantPermissionRecursively() {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject category1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject category1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
shiro.getSystemUser().execute(() -> {
|
||||
permissionManager.grantPrivilege("privilege4", role1, category1);
|
||||
|
|
@ -278,7 +278,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(225)
|
||||
public void grantPermissionOnObjectPrivilegeNull() throws Throwable {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
@ -327,7 +327,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(235)
|
||||
public void grantPermissionOnObjectEmptyPrivilege() throws Throwable {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
@ -373,7 +373,7 @@ public class PermissionManagerTest {
|
|||
@ShouldThrowException(IllegalArgumentException.class)
|
||||
@InSequence(240)
|
||||
public void grantPermissionOnObjectToRoleNull() throws Throwable {
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
@ -428,7 +428,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(300)
|
||||
public void revokePermission() {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
shiro.getSystemUser().execute(() -> {
|
||||
permissionManager.revokePrivilege("privilege1", role1);
|
||||
|
|
@ -471,7 +471,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(311)
|
||||
public void revokePermissionRecursivly() {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject category1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject category1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
shiro.getSystemUser().execute(() -> {
|
||||
permissionManager.revokePrivilege("privilege4", role1, category1);
|
||||
|
|
@ -494,7 +494,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(310)
|
||||
public void revokeNotExistingPermissionOnObject() {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
shiro.getSystemUser().execute(
|
||||
() -> permissionManager.revokePrivilege("privilege999",
|
||||
|
|
@ -541,7 +541,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(320)
|
||||
public void revokePermissionOnObjectPrivilegeNull() throws Throwable {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
@ -591,7 +591,7 @@ public class PermissionManagerTest {
|
|||
@InSequence(320)
|
||||
public void revokePermissionOnObjectEmptyPrivilege() throws Throwable {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
@ -637,7 +637,7 @@ public class PermissionManagerTest {
|
|||
@ShouldThrowException(IllegalArgumentException.class)
|
||||
@InSequence(345)
|
||||
public void revokePermissionOnObjectFromRoleNull() throws Throwable {
|
||||
final CcmObject object1 = ccmObjectRepository.findById(-20001L).get();
|
||||
final CcmObject object1 = ccmObjectRepository.findById(20001L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
@ -691,8 +691,8 @@ public class PermissionManagerTest {
|
|||
excludeColumns = {"permission_id"})
|
||||
@InSequence(400)
|
||||
public void copyPermissions() throws Throwable {
|
||||
final CcmObject object2 = ccmObjectRepository.findById(-20002L).get();
|
||||
final CcmObject object3 = ccmObjectRepository.findById(-20003L).get();
|
||||
final CcmObject object2 = ccmObjectRepository.findById(20002L).get();
|
||||
final CcmObject object3 = ccmObjectRepository.findById(20003L).get();
|
||||
|
||||
shiro.getSystemUser().execute(
|
||||
() -> permissionManager.copyPermissions(object2, object3));
|
||||
|
|
@ -712,7 +712,7 @@ public class PermissionManagerTest {
|
|||
@ShouldThrowException(IllegalArgumentException.class)
|
||||
@InSequence(410)
|
||||
public void copyPermissionsNullSource() throws Throwable {
|
||||
final CcmObject object3 = ccmObjectRepository.findById(-20003L).get();
|
||||
final CcmObject object3 = ccmObjectRepository.findById(20003L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
@ -736,7 +736,7 @@ public class PermissionManagerTest {
|
|||
@ShouldThrowException(IllegalArgumentException.class)
|
||||
@InSequence(420)
|
||||
public void copyPermissionsNullTarget() throws Throwable {
|
||||
final CcmObject object2 = ccmObjectRepository.findById(-20002L).get();
|
||||
final CcmObject object2 = ccmObjectRepository.findById(20002L).get();
|
||||
|
||||
try {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
|
|||
|
|
@ -138,8 +138,9 @@ public class RoleManagerTest {
|
|||
@Test
|
||||
@UsingDataSet("datasets/org/libreccm/security/RoleManagerTest/data.yml")
|
||||
@ShouldMatchDataSet(
|
||||
value = "datasets/org/libreccm/security/RoleManagerTest/after-add.yml",
|
||||
excludeColumns = {"membership_id"})
|
||||
excludeColumns = {"membership_id", "uuid"},
|
||||
value = "datasets/org/libreccm/security/RoleManagerTest/after-add.yml"
|
||||
)
|
||||
@InSequence(200)
|
||||
public void assignRoleToParty() {
|
||||
final Role role1 = roleRepository.findByName("role1").get();
|
||||
|
|
|
|||
|
|
@ -167,15 +167,15 @@ public class RoleRepositoryTest {
|
|||
final Optional<Role> user,
|
||||
final Optional<Role> reader) {
|
||||
assertThat(administrator.isPresent(), is(true));
|
||||
assertThat(administrator.get().getRoleId(), is(-10L));
|
||||
assertThat(administrator.get().getRoleId(), is(10L));
|
||||
assertThat(administrator.get().getName(), is(equalTo(ADMINISTRATOR)));
|
||||
|
||||
assertThat(user.isPresent(), is(true));
|
||||
assertThat(user.get().getRoleId(), is(-20L));
|
||||
assertThat(user.get().getRoleId(), is(20L));
|
||||
assertThat(user.get().getName(), is(equalTo(USER)));
|
||||
|
||||
assertThat(reader.isPresent(), is(true));
|
||||
assertThat(reader.get().getRoleId(), is(-30L));
|
||||
assertThat(reader.get().getRoleId(), is(30L));
|
||||
assertThat(reader.get().getName(), is(equalTo(READER)));
|
||||
}
|
||||
|
||||
|
|
@ -187,9 +187,9 @@ public class RoleRepositoryTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/RoleRepositoryTest/data.yml")
|
||||
@InSequence(100)
|
||||
public void findRoleById() {
|
||||
final Optional<Role> administrator = roleRepository.findById(-10L);
|
||||
final Optional<Role> user = roleRepository.findById(-20L);
|
||||
final Optional<Role> reader = roleRepository.findById(-30L);
|
||||
final Optional<Role> administrator = roleRepository.findById(10L);
|
||||
final Optional<Role> user = roleRepository.findById(20L);
|
||||
final Optional<Role> reader = roleRepository.findById(30L);
|
||||
|
||||
checkRoles(administrator, user, reader);
|
||||
}
|
||||
|
|
@ -259,9 +259,9 @@ public class RoleRepositoryTest {
|
|||
"datasets/org/libreccm/security/PermissionManagerTest/data.yml")
|
||||
@InSequence(310)
|
||||
public void findByPrivilegeAndObject() {
|
||||
final CcmObject object1 = ccmObjRepo.findById(-20001L).get();
|
||||
final CcmObject object2 = ccmObjRepo.findById(-20002L).get();
|
||||
final CcmObject object3 = ccmObjRepo.findById(-20003L).get();
|
||||
final CcmObject object1 = ccmObjRepo.findById(20001L).get();
|
||||
final CcmObject object2 = ccmObjRepo.findById(20002L).get();
|
||||
final CcmObject object3 = ccmObjRepo.findById(20003L).get();
|
||||
|
||||
final List<Role> rolesWithPrivilege1 = roleRepository.findByPrivilege(
|
||||
"privilege1", object1);
|
||||
|
|
@ -289,7 +289,7 @@ public class RoleRepositoryTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/RoleRepositoryTest/data.yml")
|
||||
@ShouldMatchDataSet(value = "datasets/org/libreccm/security/"
|
||||
+ "RoleRepositoryTest/after-save-new.yml",
|
||||
excludeColumns = {"role_id"})
|
||||
excludeColumns = {"role_id", "uuid"})
|
||||
@InSequence(400)
|
||||
public void saveNewRole() {
|
||||
final Role role = new Role();
|
||||
|
|
@ -309,7 +309,7 @@ public class RoleRepositoryTest {
|
|||
excludeColumns = {"role_id"})
|
||||
@InSequence(500)
|
||||
public void saveChangedRole() {
|
||||
final Role role = roleRepository.findById(-20L).get();
|
||||
final Role role = roleRepository.findById(20L).get();
|
||||
role.setName("writer");
|
||||
|
||||
roleRepository.save(role);
|
||||
|
|
|
|||
|
|
@ -98,9 +98,9 @@ public class SecuredCollectionTest {
|
|||
|
||||
@Before
|
||||
public void setUp() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(-20003L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(20003L).get();
|
||||
|
||||
final List<CcmObject> list = new ArrayList<>();
|
||||
list.add(object1);
|
||||
|
|
|
|||
|
|
@ -100,9 +100,9 @@ public class SecuredIteratorTest {
|
|||
|
||||
@Before
|
||||
public void setUp() {
|
||||
final CcmObject object1 = objectRepository.findById(-20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(-20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(-20003L).get();
|
||||
final CcmObject object1 = objectRepository.findById(20001L).get();
|
||||
final CcmObject object2 = objectRepository.findById(20002L).get();
|
||||
final CcmObject object3 = objectRepository.findById(20003L).get();
|
||||
|
||||
final List<CcmObject> list = new ArrayList<>();
|
||||
list.add(object1);
|
||||
|
|
|
|||
|
|
@ -186,8 +186,8 @@ public class ShiroTest {
|
|||
assertThat(subject.hasRole("role2"), is(true));
|
||||
|
||||
assertThat(subject.isPermitted("privilege1"), is(false));
|
||||
assertThat(subject.isPermitted("privilege2:-20001"), is(false));
|
||||
assertThat(subject.isPermitted("privilege2:-20002"), is(true));
|
||||
assertThat(subject.isPermitted("privilege2:20001"), is(false));
|
||||
assertThat(subject.isPermitted("privilege2:20002"), is(true));
|
||||
|
||||
assertThat(subject.isPermitted("privilege2"), is(false));
|
||||
assertThat(subject.isPermitted("privilege1:999"), is(false));
|
||||
|
|
@ -209,8 +209,8 @@ public class ShiroTest {
|
|||
assertThat(subject.hasRole("role2"), is(false));
|
||||
|
||||
assertThat(subject.isPermitted("privilege1"), is(true));
|
||||
assertThat(subject.isPermitted("privilege2:-20001"), is(true));
|
||||
assertThat(subject.isPermitted("privilege2:-20002"), is(false));
|
||||
assertThat(subject.isPermitted("privilege2:20001"), is(true));
|
||||
assertThat(subject.isPermitted("privilege2:20002"), is(false));
|
||||
|
||||
assertThat(subject.isPermitted("privilege2"), is(false));
|
||||
assertThat(subject.isPermitted("privilege1"), is(true));
|
||||
|
|
@ -321,9 +321,9 @@ public class ShiroTest {
|
|||
assertThat(publicUser.hasRole("public-role"), is(true));
|
||||
|
||||
assertThat(publicUser.isPermitted("privilege1"), is(false));
|
||||
assertThat(publicUser.isPermitted("privilege2:-20001"), is(false));
|
||||
assertThat(publicUser.isPermitted("privilege2:-20002"), is(false));
|
||||
assertThat(publicUser.isPermitted("privilege3:-20001"), is(true));
|
||||
assertThat(publicUser.isPermitted("privilege2:20001"), is(false));
|
||||
assertThat(publicUser.isPermitted("privilege2:20002"), is(false));
|
||||
assertThat(publicUser.isPermitted("privilege3:20001"), is(true));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -342,9 +342,9 @@ public class ShiroTest {
|
|||
assertThat(publicUser.hasRole("public-role"), is(true));
|
||||
|
||||
assertThat(publicUser.isPermitted("privilege1"), is(true));
|
||||
assertThat(publicUser.isPermitted("privilege2:-20001"), is(true));
|
||||
assertThat(publicUser.isPermitted("privilege2:-20002"), is(true));
|
||||
assertThat(publicUser.isPermitted("privilege3:-20001"), is(true));
|
||||
assertThat(publicUser.isPermitted("privilege2:20001"), is(true));
|
||||
assertThat(publicUser.isPermitted("privilege2:20002"), is(true));
|
||||
assertThat(publicUser.isPermitted("privilege3:20001"), is(true));
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -162,7 +162,7 @@ public class UserManagerTest {
|
|||
@ShouldMatchDataSet(
|
||||
value = "datasets/org/libreccm/security/UserManagerTest/"
|
||||
+ "after-create-user.yml",
|
||||
excludeColumns = {"party_id", "password"})
|
||||
excludeColumns = {"party_id", "password", "uuid"})
|
||||
@InSequence(300)
|
||||
public void createUser() {
|
||||
shiro.getSystemUser().execute(
|
||||
|
|
|
|||
|
|
@ -152,7 +152,7 @@ public class UserRepositoryTest {
|
|||
final Optional<User> joe,
|
||||
final Optional<User> nobody) {
|
||||
assertThat(jdoe.isPresent(), is(true));
|
||||
assertThat(jdoe.get().getPartyId(), is(-10L));
|
||||
assertThat(jdoe.get().getPartyId(), is(10L));
|
||||
assertThat(jdoe.get().getName(), is(equalTo(JDOE)));
|
||||
assertThat(jdoe.get().getFamilyName(), is(equalTo("Doe")));
|
||||
assertThat(jdoe.get().getGivenName(), is(equalTo("John")));
|
||||
|
|
@ -161,7 +161,7 @@ public class UserRepositoryTest {
|
|||
"$shiro1$SHA-512$500000$7xkDcZUN0/whJInHIvGsDw==$WhelBVmJU/cLV7lAkMOrE5B/mqCW0bUuid1WX+xBwzzAaekC5bYn9eeOFGJWhiDgmaC50ZCUmM96/iGsRoc4uA==")));
|
||||
|
||||
assertThat(mmuster.isPresent(), is(true));
|
||||
assertThat(mmuster.get().getPartyId(), is(-20L));
|
||||
assertThat(mmuster.get().getPartyId(), is(20L));
|
||||
assertThat(mmuster.get().getName(), is(equalTo(MMUSTER)));
|
||||
assertThat(mmuster.get().getFamilyName(), is(equalTo("Mustermann")));
|
||||
assertThat(mmuster.get().getGivenName(), is(equalTo("Max")));
|
||||
|
|
@ -170,7 +170,7 @@ public class UserRepositoryTest {
|
|||
"$shiro1$SHA-512$500000$Y7CnccN1h25sR7KCElMOXg==$CVLWBhetodaEzzhDfGjRcCFZtSW02xOnjH7xhBx0lbxO66grKIt6LWmXoUhLEydce1JZ7cbzNLYOxIwwTeqi5Q==")));
|
||||
|
||||
assertThat(joe.isPresent(), is(true));
|
||||
assertThat(joe.get().getPartyId(), is(-30L));
|
||||
assertThat(joe.get().getPartyId(), is(30L));
|
||||
assertThat(joe.get().getName(), is(equalTo(JOE)));
|
||||
assertThat(joe.get().getFamilyName(), is(equalTo("Public")));
|
||||
assertThat(joe.get().getGivenName(), is(equalTo("Joe")));
|
||||
|
|
@ -185,10 +185,10 @@ public class UserRepositoryTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/UserRepositoryTest/data.yml")
|
||||
@InSequence(100)
|
||||
public void findUserById() {
|
||||
final Optional<User> jdoe = userRepository.findById(-10L);
|
||||
final Optional<User> mmuster = userRepository.findById(-20L);
|
||||
final Optional<User> joe = userRepository.findById(-30L);
|
||||
final Optional<User> nobody = userRepository.findById(-999L);
|
||||
final Optional<User> jdoe = userRepository.findById(10L);
|
||||
final Optional<User> mmuster = userRepository.findById(20L);
|
||||
final Optional<User> joe = userRepository.findById(30L);
|
||||
final Optional<User> nobody = userRepository.findById(999L);
|
||||
|
||||
checkUsers(jdoe, mmuster, joe, nobody);
|
||||
}
|
||||
|
|
@ -229,7 +229,7 @@ public class UserRepositoryTest {
|
|||
final User user = userRepository.findByEmailAddress(
|
||||
"max.mustermann@example.org").get();
|
||||
|
||||
assertThat(user.getPartyId(), is(-30L));
|
||||
assertThat(user.getPartyId(), is(30L));
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -245,7 +245,7 @@ public class UserRepositoryTest {
|
|||
@UsingDataSet("datasets/org/libreccm/security/UserRepositoryTest/data.yml")
|
||||
@ShouldMatchDataSet(value = "datasets/org/libreccm/security/"
|
||||
+ "UserRepositoryTest/after-save-new.yml",
|
||||
excludeColumns = {"party_id"}
|
||||
excludeColumns = {"party_id", "uuid"}
|
||||
)
|
||||
@InSequence(500)
|
||||
public void saveNewUser() {
|
||||
|
|
@ -274,7 +274,7 @@ public class UserRepositoryTest {
|
|||
excludeColumns = {"party_id"})
|
||||
@InSequence(600)
|
||||
public void saveChangedUser() {
|
||||
final User user = userRepository.findById(-10L).get();
|
||||
final User user = userRepository.findById(10L).get();
|
||||
|
||||
//foo456
|
||||
user.setPassword(
|
||||
|
|
|
|||
|
|
@ -3,10 +3,6 @@ ccm_core.parties:
|
|||
- party_id: 10
|
||||
uuid: 631be113-7e86-453d-9f8b-8cb6cb6df268
|
||||
name: jdoe
|
||||
# Max Muster
|
||||
- party_id: 20
|
||||
uuid: 3a61d302-97a5-4e46-bbc9-8d716f7c54c4
|
||||
name: mmuster
|
||||
# Joe Public
|
||||
- party_id: 30
|
||||
uuid: 7d5ad4a7-c2bd-4e49-8716-0bfb40413c75
|
||||
|
|
|
|||
Loading…
Reference in New Issue