PageRenderTime 40ms CodeModel.GetById 2ms app.highlight 31ms RepoModel.GetById 2ms app.codeStats 0ms

/sigmah/src/test/java/org/sigmah/server/endpoint/gwtrpc/handler/UpdateUserPermissionsHandlerTest.java

http://sigma-h.googlecode.com/
Java | 241 lines | 119 code | 48 blank | 74 comment | 0 complexity | 7185f1508853a1a7515ee46db8d521f1 MD5 | raw file
  1/*
  2 * All Sigmah code is released under the GNU General Public License v3
  3 * See COPYRIGHT.txt and LICENSE.txt.
  4 */
  5
  6package org.sigmah.server.endpoint.gwtrpc.handler;
  7
  8import static org.easymock.EasyMock.createMock;
  9import static org.easymock.EasyMock.isA;
 10import static org.easymock.EasyMock.replay;
 11import static org.easymock.EasyMock.verify;
 12
 13import java.util.Locale;
 14
 15import org.junit.Before;
 16import org.junit.Test;
 17import org.sigmah.MockDb;
 18import org.sigmah.server.dao.PartnerDAO;
 19import org.sigmah.server.mail.Invitation;
 20import org.sigmah.server.mail.Mailer;
 21import org.sigmah.shared.command.UpdateUserPermissions;
 22import org.sigmah.shared.dao.UserDAO;
 23import org.sigmah.shared.dao.DAO;
 24import org.sigmah.shared.dao.UserDatabaseDAO;
 25import org.sigmah.shared.dao.UserPermissionDAO;
 26import org.sigmah.shared.domain.OrgUnit;
 27import org.sigmah.shared.domain.User;
 28import org.sigmah.shared.domain.UserDatabase;
 29import org.sigmah.shared.domain.UserPermission;
 30import org.sigmah.shared.dto.PartnerDTO;
 31import org.sigmah.shared.dto.UserPermissionDTO;
 32import org.sigmah.shared.exception.IllegalAccessCommandException;
 33import org.sigmah.shared.dao.DAO;
 34
 35/**
 36 * @author Alex Bertram
 37 */
 38public class UpdateUserPermissionsHandlerTest {
 39
 40    private OrgUnit NRC;
 41    private OrgUnit IRC;
 42    private PartnerDTO NRC_DTO;
 43
 44    private MockDb db = new MockDb();
 45    protected Mailer<Invitation> mailer;
 46    protected UpdateUserPermissionsHandler handler;
 47    protected User owner;
 48
 49    @Before
 50    public void setup() {
 51
 52        NRC = new OrgUnit();
 53        NRC.setId(1);
 54        NRC.setName("NRC");
 55        NRC.setFullName("Norwegian Refugee Council");
 56        db.persist(NRC);
 57
 58        IRC = new OrgUnit();
 59        IRC.setId(2);
 60        IRC.setName("IRC");
 61        IRC.setFullName("International Rescue Committee");
 62        db.persist(IRC);
 63
 64        NRC_DTO = new PartnerDTO(1, "NRC");
 65
 66        mailer = createMock("InvitationMailer", Mailer.class);
 67
 68        handler = new UpdateUserPermissionsHandler(
 69                db.getDAO(UserDatabaseDAO.class), db.getDAO(PartnerDAO.class), db.getDAO(UserDAO.class),
 70                db.getDAO(UserPermissionDAO.class), mailer);
 71
 72
 73        owner = new User();
 74        owner.setId(99);
 75        owner.setName("Alex");
 76        db.persist(owner);
 77
 78        UserDatabase udb = new UserDatabase(1, "PEAR");
 79        udb.setOwner(owner);
 80        db.persist(udb);
 81
 82    }
 83
 84    @Test
 85    public void ownerCanAddUser() throws Exception {
 86
 87        mailer.send(isA(Invitation.class), isA(Locale.class));
 88        replay(mailer);
 89
 90        UserPermissionDTO user = new UserPermissionDTO();
 91        user.setEmail("other@foobar");
 92        user.setPartner(NRC_DTO);
 93        user.setAllowView(true);
 94
 95        UpdateUserPermissions cmd = new UpdateUserPermissions(1, user);
 96
 97        handler.execute(cmd, owner);
 98
 99        verify(mailer);
100    }
101
102
103    /**
104     * Asserts that someone with ManageUsersPermission will
105     * be permitted to grant some one edit rights.
106     */
107    @Test
108    public void testVerifyAuthorityForViewPermissions() throws IllegalAccessCommandException {
109
110        UserPermission executingUserPermissions = new UserPermission();
111        executingUserPermissions.setPartner(NRC);
112        executingUserPermissions.setAllowManageUsers(true);
113
114        UserPermissionDTO dto = new UserPermissionDTO();
115        dto.setPartner(NRC_DTO);
116        dto.setAllowView(true);
117
118        UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
119
120        UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
121    }
122
123    /**
124     * Asserts that someone with ManageUsersPermission will
125     * be permitted to grant some one edit rights.
126     */
127    @Test
128    public void testVerifyAuthorityForEditPermissions() throws IllegalAccessCommandException {
129
130        UserPermission executingUserPermissions = new UserPermission();
131        executingUserPermissions.setPartner(NRC);
132        executingUserPermissions.setAllowManageUsers(true);
133
134        UserPermissionDTO dto = new UserPermissionDTO();
135        dto.setPartner(NRC_DTO);
136        dto.setAllowView(true);
137        dto.setAllowEdit(true);
138
139        UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
140
141        UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
142    }
143
144    @Test(expected = IllegalAccessCommandException.class)
145    public void testFailingVerifyAuthorityForView() throws IllegalAccessCommandException {
146
147        UserPermission executingUserPermissions = new UserPermission();
148        executingUserPermissions.setPartner(IRC);
149        executingUserPermissions.setAllowManageUsers(true);
150
151        UserPermissionDTO dto = new UserPermissionDTO();
152        dto.setPartner(NRC_DTO);
153        dto.setAllowView(true);
154        dto.setAllowEdit(true);
155
156        UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
157
158        UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
159    }
160
161    @Test
162    public void testVerifyAuthorityForViewByOtherPartner() throws IllegalAccessCommandException {
163
164        UserPermission executingUserPermissions = new UserPermission();
165        executingUserPermissions.setPartner(IRC);
166        executingUserPermissions.setAllowManageUsers(true);
167        executingUserPermissions.setAllowManageAllUsers(true);
168
169        UserPermissionDTO dto = new UserPermissionDTO();
170        dto.setPartner(NRC_DTO);
171        dto.setAllowView(true);
172        dto.setAllowEdit(true);
173
174        UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
175
176        UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
177    }
178
179
180//
181//
182//    /**
183//     * Verifies that a user with the manageUsers permission can
184//     * add another user to the UserDatabase
185//     *
186//     * @throws CommandException
187//     */
188//    @Test
189//    public void testAuthorizedCreate() throws CommandException {
190//
191//        populate("schema1");
192//
193//        setUser(2);
194//
195//        UserPermissionDTO user = new UserPermissionDTO();
196//        user.setEmail("ralph@lauren.com");
197//        user.setName("Ralph");
198//        user.setPartner(new PartnerDTO(1, "NRC"));
199//        user.setAllowView(true);
200//        user.setAllowEdit(true);
201//
202//        UpdateUserPermissions cmd = new UpdateUserPermissions(1, user);
203//        execute(cmd);
204//
205//        UserResult result = execute(new GetUsers(1));
206//        Assert.assertEquals(1, result.getTotalLength());
207//        Assert.assertEquals("ralph@lauren.com", result.getData().get(0).getEmail());
208//        Assert.assertTrue("edit permissions", result.getData().get(0).getAllowEdit());
209//    }
210//
211//    /**
212//     * Verifies that the owner of a database can update an existing users
213//     * permission
214//     *
215//     * @throws CommandException
216//     */
217//    @Test
218//    public void testOwnerUpdate() throws CommandException {
219//        populate("schema1");
220//        setUser(1);
221//
222//        UserPermissionDTO user = new UserPermissionDTO();
223//        user.setEmail("bavon@nrcdrc.org");
224//        user.setPartner(new PartnerDTO(1, "NRC"));
225//        user.setAllowView(true);
226//        user.setAllowViewAll(false);
227//        user.setAllowEdit(true);
228//        user.setAllowEdit(false);
229//        user.setAllowDesign(true);
230//
231//        execute(new UpdateUserPermissions(1, user));
232//
233//        UserResult result = execute(new GetUsers(1));
234//        UserPermissionDTO reUser = result.getData().get(0);
235//        Assert.assertEquals("bavon@nrcdrc.org", reUser.getEmail());
236//        Assert.assertTrue("design rights", user.getAllowDesign());
237//
238//    }
239
240
241}