001: /*
002: * Copyright 2004 Outerthought bvba and Schaubroeck nv
003: *
004: * Licensed under the Apache License, Version 2.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.apache.org/licenses/LICENSE-2.0
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */
016: package org.outerj.daisy.repository.test;
017:
018: import org.outerj.daisy.repository.*;
019: import org.outerj.daisy.repository.testsupport.AbstractDaisyTestCase;
020: import org.outerj.daisy.repository.user.Role;
021: import org.outerj.daisy.repository.user.Roles;
022: import org.outerj.daisy.repository.user.User;
023: import org.outerj.daisy.repository.user.UserManagementException;
024: import org.outerj.daisy.repository.user.UserManager;
025:
026: /**
027: * Tests for user management.
028: */
029: public abstract class AbstractUserManagementTest extends
030: AbstractDaisyTestCase {
031:
032: protected boolean resetDataStores() {
033: /* we want to use a clean data store
034: * for this testcase, hence return
035: * true in this method
036: */
037: return true;
038: }
039:
040: protected abstract RepositoryManager getRepositoryManager()
041: throws Exception;
042:
043: /**
044: * setup this test, assumes that the repository has been freshly created and the password
045: * of the system user didn't change yet - which shouldn't be a problem since the testcases
046: * are running against a separate testdatabase (under normal circumstances)
047: */
048: private void setUpBasicUsersAndRoles() throws Exception {
049: Repository repository = getRepositoryManager().getRepository(
050: new Credentials("testuser", "testuser"));
051: repository.switchRole(Role.ADMINISTRATOR);
052: UserManager userMan = repository.getUserManager();
053:
054: setupRole(userMan, "guest");
055:
056: Role adminRole = userMan.getRole(1, true);
057: Role userRole = userMan.getRole("User", true);
058: Role guestRole = userMan.getRole("guest", true);
059:
060: User testAdminUser = userMan.createUser("testadmin");
061: testAdminUser.addToRole(adminRole);
062: testAdminUser.addToRole(userRole);
063: testAdminUser.setDefaultRole(userRole);
064: testAdminUser.setPassword("secret");
065: testAdminUser.save();
066:
067: User user = userMan.createUser("testnonadmin");
068: user.addToRole(userRole);
069: user.setDefaultRole(userRole);
070: user.setPassword("spa");
071: user.save();
072:
073: }
074:
075: private void setupRole(UserManager userMan, String roleName)
076: throws Exception {
077: try {
078: userMan.getRole(roleName, true);
079: } catch (UserManagementException e) {
080: Role userRole = userMan.createRole(roleName);
081: userRole.save();
082: }
083: }
084:
085: public void testUserManagement() throws Exception {
086: setUpBasicUsersAndRoles();
087: UserManager userManager = null;
088: Repository repository = null;
089:
090: System.out.println("starting user management tests");
091:
092: //2. get the usermanager for an administrative user
093: RepositoryManager repositoryManager = getRepositoryManager();
094: repository = repositoryManager.getRepository(new Credentials(
095: "testadmin", "secret"));
096: repository.switchRole(1);
097: long[] availableRoles = repository.getAvailableRoles();
098:
099: userManager = repository.getUserManager();
100: assertNotNull(userManager);
101:
102: String tmpRoleName = "Confessor" + System.currentTimeMillis();
103: Role confessorRole = userManager.createRole(tmpRoleName);
104:
105: confessorRole
106: .setDescription("if you're touched by confessor magic - you're in quite some trouble :)");
107:
108: confessorRole.save();
109: //id should at this point have been updated from the data store
110: assertTrue(confessorRole.getId() != -1);
111:
112: //let's doublecheck through other method as well
113: Role cfRole = userManager.getRole(tmpRoleName, true);
114: assertTrue(cfRole.getId() != -1);
115:
116: System.out.println("About to delete role with id "
117: + confessorRole.getId());
118: userManager.deleteRole(confessorRole.getId());
119:
120: try {
121: userManager.getRole(tmpRoleName, true);
122: assertTrue("role deletion didn't succeed", false);
123: } catch (UserManagementException e6) {
124: }
125:
126: tmpRoleName += "-partDeux";
127: Role anotherConfessorRole = userManager.createRole(tmpRoleName);
128:
129: tmpRoleName += "x";
130: Role yetAnotherConfessorRole = userManager
131: .createRole(tmpRoleName);
132: //this should work..
133: yetAnotherConfessorRole.setName(tmpRoleName);
134: yetAnotherConfessorRole.save();
135:
136: User kahlanUser = userManager.createUser("KahlanAmnell"
137: + System.currentTimeMillis());
138:
139: kahlanUser.setPassword("ConDar");
140:
141: try {
142: kahlanUser.addToRole(anotherConfessorRole);
143:
144: assertTrue(
145: "adding user to role that wasn't saved yet didn't throw an exception!",
146: false);
147: } catch (Exception e1) {
148: }
149:
150: anotherConfessorRole.save();
151: //ok, we just tried to add, role is saved now, so now we can add the user to this new role
152: kahlanUser.addToRole(anotherConfessorRole);
153: kahlanUser.setDefaultRole(anotherConfessorRole);
154: kahlanUser.save();
155:
156: // now let's load this testuser from the manager again
157: kahlanUser = userManager.getUser(kahlanUser.getLogin(), true);
158: Roles wuRoles = kahlanUser.getAllRoles();
159: // this user should belong to 1 role (see before)
160: Role[] wuRolesArr = wuRoles.getArray();
161: System.out.println("this user belongs to " + wuRolesArr.length
162: + " roles");
163: System.out.println("just checking: this user's login was "
164: + kahlanUser.getLogin());
165:
166: assertEquals(wuRolesArr.length, 1);
167: //we can safely just get the first index from the array and run our test on it
168: assertEquals(wuRolesArr[0].getName(), anotherConfessorRole
169: .getName());
170:
171: //this user has only one role, we now try to delete that role itself
172:
173: try {
174: userManager.deleteRole(anotherConfessorRole.getId());
175: assertTrue(
176: "deleting role when some users only have it as their "
177: + "default role didn't throw an exception",
178: false);
179:
180: } catch (UserManagementException e5) {
181: }
182:
183: String userToBeDeletedLogin = kahlanUser.getLogin();
184: //this should still work....
185: userManager.getUser(userToBeDeletedLogin, true);
186: userManager.deleteUser(kahlanUser.getId());
187:
188: try {
189: userManager.getUser(userToBeDeletedLogin, true);
190: assertTrue("user deletion didn't succeed", false);
191: } catch (UserManagementException e4) {
192: }
193:
194: //just create another user to do further tests
195:
196: // create a user with no password... and try to save
197: User warshanUser = userManager.createUser("Warshan"
198: + System.currentTimeMillis());
199: warshanUser.addToRole(anotherConfessorRole);
200: warshanUser.addToRole(anotherConfessorRole);
201: warshanUser.addToRole(anotherConfessorRole);
202: //added three times to same role - should result in just 1 time addition
203: //and should not have thrown an exception
204: warshanUser.addToRole(yetAnotherConfessorRole);
205:
206: warshanUser.setDefaultRole(anotherConfessorRole);
207:
208: try {
209: warshanUser.save();
210: assertTrue(
211: "saving user with empty password succeeded! Houston, we have a problem!",
212: false);
213: } catch (UserManagementException e2) {
214: }
215:
216: warshanUser.setPassword("Tyskie");
217:
218: // now let's see what happens if we save after correction...
219: warshanUser.save();
220:
221: //let's go for a user update test now
222: User userToUpdate = userManager.getUser(warshanUser.getLogin(),
223: true);
224: //this user should belong to two roles at this moment...
225: assertEquals(userToUpdate.getAllRoles().getArray().length, 2);
226:
227: userToUpdate.setEmail("speedy@gonzales.org");
228: userToUpdate.setFirstName("speedy");
229: userToUpdate.setLastName("gonzales");
230: userToUpdate.setPassword("chachacha");
231: userToUpdate.setAuthenticationScheme("abc");
232:
233: userToUpdate.removeFromRole(anotherConfessorRole);
234: userToUpdate.setDefaultRole(yetAnotherConfessorRole);
235:
236: userToUpdate.save();
237: User updatedUser = userManager.getUser(warshanUser.getLogin(),
238: true);
239: assertEquals(userToUpdate.getAllRoles().getArray().length, 1);
240: assertEquals(updatedUser.getEmail(), "speedy@gonzales.org");
241: assertEquals(updatedUser.getFirstName(), "speedy");
242: assertEquals(updatedUser.getLastName(), "gonzales");
243: assertNotNull(updatedUser.getDefaultRole());
244: assertEquals(updatedUser.getDefaultRole().getName(),
245: yetAnotherConfessorRole.getName());
246: assertEquals("abc", updatedUser.getAuthenticationScheme());
247: //end user update test
248:
249: //role update & concurrency test
250: //remark: normally we would have to actually test concurrency with another user,
251: //but we can test behaviour without having to be obliged to do this.
252:
253: Role roleToUpdate = userManager.getRole(yetAnotherConfessorRole
254: .getName(), true);
255: Role roleToUpdate2 = userManager.getRole(
256: yetAnotherConfessorRole.getName(), true);
257: roleToUpdate.setDescription("bugsbunnyimitator");
258: roleToUpdate.save();
259:
260: Role updatedRole = userManager.getRole(yetAnotherConfessorRole
261: .getName(), true);
262: assertEquals(updatedRole.getDescription(), "bugsbunnyimitator");
263: //modify something (but we know someone else already modified at same time)
264: roleToUpdate2.setDescription("TomskiAndJerrySki");
265: try {
266: roleToUpdate2.save();
267: assertTrue("concurrency problem not detected!", false);
268: } catch (RepositoryException e7) {
269: }
270:
271: //end role update test
272:
273: // check some stuff on the test users which we put in the database ourselves.
274:
275: Role r = userManager.getRole("Administrator", true);
276: assertEquals(r.getName(), "Administrator");
277:
278: // check to see if the list of all roles behaves ok
279: Role[] allRoles = userManager.getRoles().getArray();
280:
281: // at this point there should definitely be more than 1 role in the role list.
282: // theoretically we could even test to see if the net number of roles we created
283: // in this test is correct in the list of all roles.
284: assertTrue(allRoles.length > 1);
285: for (int i = 0; i < allRoles.length; i++) {
286: Role role = allRoles[i];
287: assertNotNull(role);
288: }
289:
290: // some tests on the nonadministrative testuser we put in the database ourselves
291: User simpleNonAdminUser = userManager.getUser("testnonadmin",
292: true);
293: assertNotNull(simpleNonAdminUser);
294: assertNotNull(simpleNonAdminUser.getDefaultRole());
295: Roles simpleNonAdminRoles = simpleNonAdminUser.getAllRoles();
296:
297: // testing the roles of testnonadmin
298: for (int i = 0; i < simpleNonAdminRoles.getArray().length; i++) {
299: Role role = simpleNonAdminRoles.getArray()[i];
300: assertNotNull(role);
301: }
302:
303: // test direct retrieval of display names
304: assertEquals(simpleNonAdminUser.getDisplayName(), userManager
305: .getUserDisplayName(simpleNonAdminUser.getId()));
306:
307: // test caching of user objects (assuming caching is enabled)
308: User nonUpdateableUser1 = userManager.getUser(
309: simpleNonAdminUser.getId(), false);
310: User nonUpdateableUser2 = userManager.getUser(
311: simpleNonAdminUser.getId(), false);
312: assertTrue(
313: "retrieving cached user two times should give same object instance",
314: nonUpdateableUser1 == nonUpdateableUser2);
315:
316: simpleNonAdminUser.setFirstName("jules");
317: simpleNonAdminUser.save();
318: assertEquals("jules", userManager
319: .getUserDisplayName(simpleNonAdminUser.getId()));
320:
321: //
322: // test the "updateableByUser" flag
323: //
324: Role justAUser = userManager.createRole("just_a_user");
325: justAUser.save();
326: Role justAUser2 = userManager.createRole("just_a_user2");
327: justAUser2.save();
328: User herman = userManager.createUser("herman");
329: herman.setPassword("herman");
330: herman.addToRole(justAUser);
331: herman.addToRole(justAUser2);
332: herman.setDefaultRole(justAUser);
333: herman.setUpdateableByUser(true);
334: herman.save();
335:
336: Repository hermanRepository = repositoryManager
337: .getRepository(new Credentials("herman", "herman"));
338: herman = hermanRepository.getUserManager().getUser(
339: herman.getId(), true);
340: herman.setEmail("herman@highanddry");
341: herman.save();
342:
343: Role adminRole = hermanRepository.getUserManager().getRole(
344: Role.ADMINISTRATOR, false);
345: herman.addToRole(adminRole);
346: try {
347: herman.save();
348: fail("User should not be able to change his/her own roles.");
349: } catch (Exception e) {
350: }
351:
352: herman = hermanRepository.getUserManager().getUser(
353: herman.getId(), true);
354: herman.setDefaultRole(justAUser2);
355: try {
356: herman.save();
357: fail("User should not be able to change his/her own default role.");
358: } catch (Exception e) {
359: }
360:
361: herman = hermanRepository.getUserManager().getUser(
362: herman.getId(), true);
363: herman.setLogin("otherHerman");
364: try {
365: herman.save();
366: fail("User should not be able to change his/her own login.");
367: } catch (Exception e) {
368: }
369:
370: //
371: // Test that user $system cannot login and cannot be updated
372: //
373: try {
374: repositoryManager.getRepository(new Credentials("$system",
375: "does_not_matter"));
376: fail("Logging in as user $system should not have succeeded.");
377: } catch (Exception e) {
378: // no good way to check the kind of exception
379: }
380:
381: try {
382: User systemUser = repository.getUserManager().getUser(1,
383: true);
384: systemUser.save();
385: fail("Saving the user $system should have failed.");
386: } catch (Exception e) {
387: // no good way to check the kind of exception
388: }
389:
390: try {
391: User systemUser = repository.getUserManager().getUser(
392: "$system", true);
393: systemUser.save();
394: fail("Saving the user $system should have failed.");
395: } catch (Exception e) {
396: // no good way to check the kind of exception
397: }
398:
399: //
400: // Test the confirmation options
401: //
402: Role testRole = userManager.createRole("test");
403: testRole.save();
404: User confirmUser = userManager.createUser("confirm");
405: confirmUser.setPassword("confirm");
406: confirmUser.addToRole(testRole);
407: confirmUser.setDefaultRole(testRole);
408: assertTrue(confirmUser.isConfirmed());
409: confirmUser.save();
410: assertTrue(confirmUser.isConfirmed());
411: confirmUser = userManager.getUser(confirmUser.getId(), true);
412: assertTrue(confirmUser.isConfirmed());
413: confirmUser.setConfirmed(false);
414: confirmUser.setConfirmKey("abc");
415: confirmUser.save();
416: confirmUser = userManager.getUser(confirmUser.getId(), true);
417: assertFalse(confirmUser.isConfirmed());
418: assertEquals("abc", confirmUser.getConfirmKey());
419:
420: // unconfirmed user should not be able to log in
421: try {
422: repositoryManager.getRepository(new Credentials("confirm",
423: "confirm"));
424: fail("Logging in with unconfirmed user should fail.");
425: } catch (AuthenticationFailedException e) {
426: }
427:
428: //
429: // Test that a user which was last updated by himself can be deleted
430: // (was a problem before because of a foreign key constraint on the DB to itself)
431: //
432: User user = userManager.createUser("deleteLastUpdateTest");
433: Role guestRole = userManager.getRole("guest", false);
434: user.addToRole(guestRole);
435: user.setDefaultRole(guestRole);
436: user.setPassword("dummy");
437: user.setUpdateableByUser(true);
438: user.save();
439:
440: User myself = repositoryManager.getRepository(
441: new Credentials("deleteLastUpdateTest", "dummy"))
442: .getUserManager().getUser("deleteLastUpdateTest", true);
443: myself.save();
444:
445: userManager.deleteUser(user.getId());
446: }
447: }
|