/sigmah/src/test/java/org/sigmah/server/endpoint/gwtrpc/handler/UpdateUserPermissionsHandlerTest.java

http://sigma-h.googlecode.com/ · Java · 241 lines · 119 code · 48 blank · 74 comment · 0 complexity · 7185f1508853a1a7515ee46db8d521f1 MD5 · raw file

  1. /*
  2. * All Sigmah code is released under the GNU General Public License v3
  3. * See COPYRIGHT.txt and LICENSE.txt.
  4. */
  5. package org.sigmah.server.endpoint.gwtrpc.handler;
  6. import static org.easymock.EasyMock.createMock;
  7. import static org.easymock.EasyMock.isA;
  8. import static org.easymock.EasyMock.replay;
  9. import static org.easymock.EasyMock.verify;
  10. import java.util.Locale;
  11. import org.junit.Before;
  12. import org.junit.Test;
  13. import org.sigmah.MockDb;
  14. import org.sigmah.server.dao.PartnerDAO;
  15. import org.sigmah.server.mail.Invitation;
  16. import org.sigmah.server.mail.Mailer;
  17. import org.sigmah.shared.command.UpdateUserPermissions;
  18. import org.sigmah.shared.dao.UserDAO;
  19. import org.sigmah.shared.dao.DAO;
  20. import org.sigmah.shared.dao.UserDatabaseDAO;
  21. import org.sigmah.shared.dao.UserPermissionDAO;
  22. import org.sigmah.shared.domain.OrgUnit;
  23. import org.sigmah.shared.domain.User;
  24. import org.sigmah.shared.domain.UserDatabase;
  25. import org.sigmah.shared.domain.UserPermission;
  26. import org.sigmah.shared.dto.PartnerDTO;
  27. import org.sigmah.shared.dto.UserPermissionDTO;
  28. import org.sigmah.shared.exception.IllegalAccessCommandException;
  29. import org.sigmah.shared.dao.DAO;
  30. /**
  31. * @author Alex Bertram
  32. */
  33. public class UpdateUserPermissionsHandlerTest {
  34. private OrgUnit NRC;
  35. private OrgUnit IRC;
  36. private PartnerDTO NRC_DTO;
  37. private MockDb db = new MockDb();
  38. protected Mailer<Invitation> mailer;
  39. protected UpdateUserPermissionsHandler handler;
  40. protected User owner;
  41. @Before
  42. public void setup() {
  43. NRC = new OrgUnit();
  44. NRC.setId(1);
  45. NRC.setName("NRC");
  46. NRC.setFullName("Norwegian Refugee Council");
  47. db.persist(NRC);
  48. IRC = new OrgUnit();
  49. IRC.setId(2);
  50. IRC.setName("IRC");
  51. IRC.setFullName("International Rescue Committee");
  52. db.persist(IRC);
  53. NRC_DTO = new PartnerDTO(1, "NRC");
  54. mailer = createMock("InvitationMailer", Mailer.class);
  55. handler = new UpdateUserPermissionsHandler(
  56. db.getDAO(UserDatabaseDAO.class), db.getDAO(PartnerDAO.class), db.getDAO(UserDAO.class),
  57. db.getDAO(UserPermissionDAO.class), mailer);
  58. owner = new User();
  59. owner.setId(99);
  60. owner.setName("Alex");
  61. db.persist(owner);
  62. UserDatabase udb = new UserDatabase(1, "PEAR");
  63. udb.setOwner(owner);
  64. db.persist(udb);
  65. }
  66. @Test
  67. public void ownerCanAddUser() throws Exception {
  68. mailer.send(isA(Invitation.class), isA(Locale.class));
  69. replay(mailer);
  70. UserPermissionDTO user = new UserPermissionDTO();
  71. user.setEmail("other@foobar");
  72. user.setPartner(NRC_DTO);
  73. user.setAllowView(true);
  74. UpdateUserPermissions cmd = new UpdateUserPermissions(1, user);
  75. handler.execute(cmd, owner);
  76. verify(mailer);
  77. }
  78. /**
  79. * Asserts that someone with ManageUsersPermission will
  80. * be permitted to grant some one edit rights.
  81. */
  82. @Test
  83. public void testVerifyAuthorityForViewPermissions() throws IllegalAccessCommandException {
  84. UserPermission executingUserPermissions = new UserPermission();
  85. executingUserPermissions.setPartner(NRC);
  86. executingUserPermissions.setAllowManageUsers(true);
  87. UserPermissionDTO dto = new UserPermissionDTO();
  88. dto.setPartner(NRC_DTO);
  89. dto.setAllowView(true);
  90. UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
  91. UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
  92. }
  93. /**
  94. * Asserts that someone with ManageUsersPermission will
  95. * be permitted to grant some one edit rights.
  96. */
  97. @Test
  98. public void testVerifyAuthorityForEditPermissions() throws IllegalAccessCommandException {
  99. UserPermission executingUserPermissions = new UserPermission();
  100. executingUserPermissions.setPartner(NRC);
  101. executingUserPermissions.setAllowManageUsers(true);
  102. UserPermissionDTO dto = new UserPermissionDTO();
  103. dto.setPartner(NRC_DTO);
  104. dto.setAllowView(true);
  105. dto.setAllowEdit(true);
  106. UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
  107. UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
  108. }
  109. @Test(expected = IllegalAccessCommandException.class)
  110. public void testFailingVerifyAuthorityForView() throws IllegalAccessCommandException {
  111. UserPermission executingUserPermissions = new UserPermission();
  112. executingUserPermissions.setPartner(IRC);
  113. executingUserPermissions.setAllowManageUsers(true);
  114. UserPermissionDTO dto = new UserPermissionDTO();
  115. dto.setPartner(NRC_DTO);
  116. dto.setAllowView(true);
  117. dto.setAllowEdit(true);
  118. UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
  119. UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
  120. }
  121. @Test
  122. public void testVerifyAuthorityForViewByOtherPartner() throws IllegalAccessCommandException {
  123. UserPermission executingUserPermissions = new UserPermission();
  124. executingUserPermissions.setPartner(IRC);
  125. executingUserPermissions.setAllowManageUsers(true);
  126. executingUserPermissions.setAllowManageAllUsers(true);
  127. UserPermissionDTO dto = new UserPermissionDTO();
  128. dto.setPartner(NRC_DTO);
  129. dto.setAllowView(true);
  130. dto.setAllowEdit(true);
  131. UpdateUserPermissions cmd = new UpdateUserPermissions(1, dto);
  132. UpdateUserPermissionsHandler.verifyAuthority(cmd, executingUserPermissions);
  133. }
  134. //
  135. //
  136. // /**
  137. // * Verifies that a user with the manageUsers permission can
  138. // * add another user to the UserDatabase
  139. // *
  140. // * @throws CommandException
  141. // */
  142. // @Test
  143. // public void testAuthorizedCreate() throws CommandException {
  144. //
  145. // populate("schema1");
  146. //
  147. // setUser(2);
  148. //
  149. // UserPermissionDTO user = new UserPermissionDTO();
  150. // user.setEmail("ralph@lauren.com");
  151. // user.setName("Ralph");
  152. // user.setPartner(new PartnerDTO(1, "NRC"));
  153. // user.setAllowView(true);
  154. // user.setAllowEdit(true);
  155. //
  156. // UpdateUserPermissions cmd = new UpdateUserPermissions(1, user);
  157. // execute(cmd);
  158. //
  159. // UserResult result = execute(new GetUsers(1));
  160. // Assert.assertEquals(1, result.getTotalLength());
  161. // Assert.assertEquals("ralph@lauren.com", result.getData().get(0).getEmail());
  162. // Assert.assertTrue("edit permissions", result.getData().get(0).getAllowEdit());
  163. // }
  164. //
  165. // /**
  166. // * Verifies that the owner of a database can update an existing users
  167. // * permission
  168. // *
  169. // * @throws CommandException
  170. // */
  171. // @Test
  172. // public void testOwnerUpdate() throws CommandException {
  173. // populate("schema1");
  174. // setUser(1);
  175. //
  176. // UserPermissionDTO user = new UserPermissionDTO();
  177. // user.setEmail("bavon@nrcdrc.org");
  178. // user.setPartner(new PartnerDTO(1, "NRC"));
  179. // user.setAllowView(true);
  180. // user.setAllowViewAll(false);
  181. // user.setAllowEdit(true);
  182. // user.setAllowEdit(false);
  183. // user.setAllowDesign(true);
  184. //
  185. // execute(new UpdateUserPermissions(1, user));
  186. //
  187. // UserResult result = execute(new GetUsers(1));
  188. // UserPermissionDTO reUser = result.getData().get(0);
  189. // Assert.assertEquals("bavon@nrcdrc.org", reUser.getEmail());
  190. // Assert.assertTrue("design rights", user.getAllowDesign());
  191. //
  192. // }
  193. }