]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


46a7a91f0cd8ed1270f2fda2147f95d36d493f50
[tmp/jakarta-migration.git] /
1 /**
2  * This document is a part of the source code and related artifacts
3  * for CollectionSpace, an open source collections management system
4  * for museums and related institutions:
5  *
6  * http://www.collectionspace.org
7  * http://wiki.collectionspace.org
8  *
9  * Copyright (c)) 2009 Regents of the University of California
10  *
11  * Licensed under the Educational Community License (ECL), Version 2.0.
12  * You may not use this file except in compliance with this License.
13  *
14  * You may obtain a copy of the ECL 2.0 License at
15  * https://source.collectionspace.org/collection-space/LICENSE.txt
16  *
17  *  Unless required by applicable law or agreed to in writing, software
18  *  distributed under the License is distributed on an "AS IS" BASIS,
19  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20  *  See the License for the specific language governing permissions and
21  *  limitations under the License.
22  */
23 package org.collectionspace.services.authentication.client.test;
24
25 import java.util.ArrayList;
26 import java.util.List;
27 import java.util.UUID;
28 import javax.ws.rs.core.MediaType;
29 import javax.ws.rs.core.Response;
30 import org.apache.commons.codec.binary.Base64;
31 import org.collectionspace.services.client.AccountClient;
32 import org.collectionspace.services.account.AccountsCommon;
33 import org.jboss.resteasy.client.ClientResponse;
34 import org.testng.Assert;
35 import org.testng.annotations.Test;
36
37 import org.collectionspace.services.collectionobject.CollectionobjectsCommon;
38 import org.collectionspace.services.client.CollectionObjectClient;
39 import org.collectionspace.services.client.CollectionSpaceClient;
40 import org.collectionspace.services.client.test.AbstractServiceTestImpl;
41 import org.jboss.resteasy.plugins.providers.multipart.MultipartOutput;
42 import org.jboss.resteasy.plugins.providers.multipart.OutputPart;
43 import org.slf4j.Logger;
44 import org.slf4j.LoggerFactory;
45
46 /**
47  * AuthenticationServiceTest uses CollectionObject service to test
48  * authentication
49  * 
50  * $LastChangedRevision: 434 $ $LastChangedDate: 2009-07-28 14:34:15 -0700 (Tue,
51  * 28 Jul 2009) $
52  */
53 public class AuthenticationServiceTest extends AbstractServiceTestImpl {
54
55     /** The known resource id. */
56     private String knownResourceId = null;
57     private String barneyAccountId = null;
58     private String babybopAccountId = null;
59     /** The logger. */
60     final Logger logger = LoggerFactory.getLogger(AuthenticationServiceTest.class);
61
62     /* (non-Javadoc)
63      * @see org.collectionspace.services.client.test.AbstractServiceTest#getServicePathComponent()
64      */
65     @Override
66     protected String getServicePathComponent() {
67         // no need to return anything but null since no auth resources are
68         // accessed
69         return null;
70     }
71
72     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
73     public void createAccounts(String testName) throws Exception {
74         // Perform setup, such as initializing the type of service request
75         // (e.g. CREATE, DELETE), its valid and expected status codes, and
76         // its associated HTTP method name (e.g. POST, DELETE).
77         setupCreate(testName);
78         AccountClient accountClient = new AccountClient();
79         if (!accountClient.isServerSecure()) {
80             logger.warn("set -Dcspace.server.secure=true to run security tests");
81             return;
82         }
83         accountClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
84                 "true");
85         accountClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
86                 "test");
87         accountClient.setProperty(
88                 CollectionSpaceClient.PASSWORD_PROPERTY, "test");
89         // Submit the request to the service and store the response.
90         AccountsCommon account =
91                 createAccountInstance("barney", "barney08", "barney@dinoland.com", "1");
92         ClientResponse<Response> res = accountClient.create(account);
93         int statusCode = res.getStatus();
94
95         if (logger.isDebugEnabled()) {
96             logger.debug(testName + ": barney status = " + statusCode);
97         }
98         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
99                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
100         // Store the ID returned from this create operation
101         // for additional tests below.
102         barneyAccountId = extractId(res);
103         if (logger.isDebugEnabled()) {
104             logger.debug(testName + ": barneyAccountId=" + barneyAccountId);
105         }
106
107         account = createAccountInstance("babybop", "babybop09", "babybop@dinoland.com", "non-existent");
108         res = accountClient.create(account);
109         statusCode = res.getStatus();
110
111         if (logger.isDebugEnabled()) {
112             logger.debug(testName + ": babybop status = " + statusCode);
113         }
114         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
115                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
116
117         // Store the ID returned from this create operation
118         // for additional tests below.
119         babybopAccountId = extractId(res);
120         if (logger.isDebugEnabled()) {
121             logger.debug(testName + ": babybopAccountId=" + babybopAccountId);
122         }
123
124     }
125
126
127     /* (non-Javadoc)
128      * @see org.collectionspace.services.client.test.AbstractServiceTest#create()
129      */
130     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
131     dependsOnMethods = {"createAccounts"})
132     @Override
133     public void create(String testName) {
134         setupCreate(testName);
135         CollectionObjectClient collectionObjectClient = new CollectionObjectClient();
136         String identifier = this.createIdentifier();
137         MultipartOutput multipart = createCollectionObjectInstance(
138                 collectionObjectClient.getCommonPartName(), identifier);
139
140         if (!collectionObjectClient.isServerSecure()) {
141             logger.warn("set -Dcspace.server.secure=true to run security tests");
142             return;
143         }
144         collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
145                 "true");
146         collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
147                 "barney");
148         collectionObjectClient.setProperty(
149                 CollectionSpaceClient.PASSWORD_PROPERTY, "barney08");
150         try {
151             collectionObjectClient.setupHttpClient();
152             collectionObjectClient.setProxy();
153         } catch (Exception e) {
154             logger.error("create: caught " + e.getMessage());
155             return;
156         }
157         ClientResponse<Response> res = collectionObjectClient.create(multipart);
158         if (logger.isDebugEnabled()) {
159             logger.debug("create: status = " + res.getStatus());
160         }
161         Assert.assertEquals(res.getStatus(), Response.Status.CREATED.getStatusCode(), "expected " + Response.Status.CREATED.getStatusCode());
162
163         // Store the ID returned from this create operation for additional tests
164         // below.
165         knownResourceId = extractId(res);
166     }
167
168     /**
169      * Creates the collection object instance without password.
170      */
171     @Test(dependsOnMethods = {"createAccounts"})
172     public void createWithoutPassword() {
173         banner("createWithoutPassword");
174         CollectionObjectClient collectionObjectClient = new CollectionObjectClient();
175         String identifier = this.createIdentifier();
176         MultipartOutput multipart = createCollectionObjectInstance(
177                 collectionObjectClient.getCommonPartName(), identifier);
178         if (!collectionObjectClient.isServerSecure()) {
179             logger.warn("set -Dcspace.server.secure=true to run security tests");
180             return;
181         }
182         collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
183                 "true");
184         collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
185                 "test");
186         collectionObjectClient.removeProperty(CollectionSpaceClient.PASSWORD_PROPERTY);
187         try {
188             collectionObjectClient.setupHttpClient();
189             collectionObjectClient.setProxy();
190         } catch (Exception e) {
191             logger.error("createWithoutPassword: caught " + e.getMessage());
192             return;
193         }
194         ClientResponse<Response> res = collectionObjectClient.create(multipart);
195         if (logger.isDebugEnabled()) {
196             logger.debug("createWithoutPassword: status = " + res.getStatus());
197         }
198         Assert.assertEquals(res.getStatus(), Response.Status.UNAUTHORIZED.getStatusCode(), "expected " + Response.Status.UNAUTHORIZED.getStatusCode());
199     }
200
201     /**
202      * Creates the collection object with unknown user
203      */
204     @Test(dependsOnMethods = {"createAccounts"})
205     public void createWithUnknownUser() {
206         banner("createWithUnknownUser");
207         CollectionObjectClient collectionObjectClient = new CollectionObjectClient();
208         String identifier = this.createIdentifier();
209         MultipartOutput multipart = createCollectionObjectInstance(
210                 collectionObjectClient.getCommonPartName(), identifier);
211         if (!collectionObjectClient.isServerSecure()) {
212             logger.warn("set -Dcspace.server.secure=true to run security tests");
213             return;
214         }
215         collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
216                 "true");
217         collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
218                 "foo");
219         collectionObjectClient.setProperty(CollectionSpaceClient.PASSWORD_PROPERTY,
220                 "bar");
221         try {
222             collectionObjectClient.setupHttpClient();
223             collectionObjectClient.setProxy();
224         } catch (Exception e) {
225             logger.error("createWithUnknownUser: caught " + e.getMessage());
226             return;
227         }
228         ClientResponse<Response> res = collectionObjectClient.create(multipart);
229         if (logger.isDebugEnabled()) {
230             logger.debug("createWithUnknownUser: status = " + res.getStatus());
231         }
232         Assert.assertEquals(res.getStatus(), Response.Status.UNAUTHORIZED.getStatusCode(), "expected " + Response.Status.UNAUTHORIZED.getStatusCode());
233     }
234
235     /**
236      * Creates the collection object instance with incorrect password.
237      */
238     @Test(dependsOnMethods = {"createAccounts"})
239     public void createWithIncorrectPassword() {
240         banner("createWithIncorrectPassword");
241         CollectionObjectClient collectionObjectClient = new CollectionObjectClient();
242         String identifier = this.createIdentifier();
243         MultipartOutput multipart = createCollectionObjectInstance(
244                 collectionObjectClient.getCommonPartName(), identifier);
245         if (!collectionObjectClient.isServerSecure()) {
246             logger.warn("set -Dcspace.server.secure=true to run security tests");
247             return;
248         }
249         collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
250                 "true");
251         collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
252                 "test");
253         collectionObjectClient.setProperty(
254                 CollectionSpaceClient.PASSWORD_PROPERTY, "bar");
255         try {
256             collectionObjectClient.setupHttpClient();
257             collectionObjectClient.setProxy();
258         } catch (Exception e) {
259             logger.error("createWithIncorrectPassword: caught " + e.getMessage());
260             return;
261         }
262         ClientResponse<Response> res = collectionObjectClient.create(multipart);
263         if (logger.isDebugEnabled()) {
264             logger.debug("createWithIncorrectPassword: status = " + res.getStatus());
265         }
266         Assert.assertEquals(res.getStatus(), Response.Status.UNAUTHORIZED.getStatusCode(), "expected " + Response.Status.UNAUTHORIZED.getStatusCode());
267     }
268
269     /**
270      * Creates the collection object instance with incorrect user password.
271      */
272     @Test(dependsOnMethods = {"createAccounts"})
273     public void createWithIncorrectUserPassword() {
274         banner("createWithIncorrectUserPassword");
275         CollectionObjectClient collectionObjectClient = new CollectionObjectClient();
276         String identifier = this.createIdentifier();
277         MultipartOutput multipart = createCollectionObjectInstance(
278                 collectionObjectClient.getCommonPartName(), identifier);
279         if (!collectionObjectClient.isServerSecure()) {
280             logger.warn("set -Dcspace.server.secure=true to run security tests");
281             return;
282         }
283         collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
284                 "true");
285         collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
286                 "foo");
287         collectionObjectClient.setProperty(
288                 CollectionSpaceClient.PASSWORD_PROPERTY, "bar");
289         try {
290             collectionObjectClient.setupHttpClient();
291             collectionObjectClient.setProxy();
292         } catch (Exception e) {
293             logger.error("createWithIncorrectUserPassword: caught " + e.getMessage());
294             return;
295         }
296         ClientResponse<Response> res = collectionObjectClient.create(multipart);
297         if (logger.isDebugEnabled()) {
298             logger.debug("createWithIncorrectUserPassword: status = "
299                     + res.getStatus());
300         }
301         Assert.assertEquals(res.getStatus(), Response.Status.UNAUTHORIZED.getStatusCode(), "expected " + Response.Status.UNAUTHORIZED.getStatusCode());
302     }
303
304     /**
305      * Creates the collection object instance with incorrect user password.
306      */
307     @Test(dependsOnMethods = {"createAccounts"})
308     public void createWithoutTenant() {
309         banner("createWithoutTenant");
310         CollectionObjectClient collectionObjectClient = new CollectionObjectClient();
311         String identifier = this.createIdentifier();
312         MultipartOutput multipart = createCollectionObjectInstance(
313                 collectionObjectClient.getCommonPartName(), identifier);
314         if (!collectionObjectClient.isServerSecure()) {
315             logger.warn("set -Dcspace.server.secure=true to run security tests");
316             return;
317         }
318         collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
319                 "true");
320         collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
321                 "babybop");
322         collectionObjectClient.setProperty(
323                 CollectionSpaceClient.PASSWORD_PROPERTY, "babybop09");
324         try {
325             collectionObjectClient.setupHttpClient();
326             collectionObjectClient.setProxy();
327         } catch (Exception e) {
328             logger.error("createWithoutTenant: caught " + e.getMessage());
329             return;
330         }
331         ClientResponse<Response> res = collectionObjectClient.create(multipart);
332         if (logger.isDebugEnabled()) {
333             logger.debug("createWithoutTenant: status = "
334                     + res.getStatus());
335         }
336         Assert.assertEquals(res.getStatus(), Response.Status.UNAUTHORIZED.getStatusCode(), "expected " + Response.Status.UNAUTHORIZED.getStatusCode());
337     }
338
339     /* (non-Javadoc)
340      * @see org.collectionspace.services.client.test.AbstractServiceTest#delete()
341      */
342     @Override
343     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
344     dependsOnMethods = {"create"})
345     public void delete(String testName) {
346         setupDelete(testName);
347         CollectionObjectClient collectionObjectClient = new CollectionObjectClient();
348         collectionObjectClient = new CollectionObjectClient();
349         if (!collectionObjectClient.isServerSecure()) {
350             logger.warn("set -Dcspace.server.secure=true to run security tests");
351             return;
352         }
353         collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
354                 "true");
355         collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
356                 "test");
357         collectionObjectClient.setProperty(
358                 CollectionSpaceClient.PASSWORD_PROPERTY, "test");
359         try {
360             collectionObjectClient.setupHttpClient();
361             collectionObjectClient.setProxy();
362         } catch (Exception e) {
363             logger.error("deleteCollectionObject: caught " + e.getMessage());
364             return;
365         }
366         if (logger.isDebugEnabled()) {
367             logger.debug("Calling deleteCollectionObject:" + knownResourceId);
368         }
369         ClientResponse<Response> res = collectionObjectClient.delete(knownResourceId);
370         if (logger.isDebugEnabled()) {
371             logger.debug("deleteCollectionObject: status = " + res.getStatus());
372         }
373         Assert.assertEquals(res.getStatus(),
374                 Response.Status.OK.getStatusCode(), "expected " + Response.Status.OK.getStatusCode());
375     }
376
377     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
378     dependsOnMethods = {"delete"})
379     public void deleteAccounts(String testName) throws Exception {
380
381         // Perform setup.
382         setupDelete(testName);
383         AccountClient accountClient = new AccountClient();
384         if (!accountClient.isServerSecure()) {
385             logger.warn("set -Dcspace.server.secure=true to run security tests");
386             return;
387         }
388         accountClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY,
389                 "true");
390         accountClient.setProperty(CollectionSpaceClient.USER_PROPERTY,
391                 "test");
392         accountClient.setProperty(
393                 CollectionSpaceClient.PASSWORD_PROPERTY, "test");
394         // Submit the request to the service and store the response.
395         ClientResponse<Response> res = accountClient.delete(barneyAccountId);
396         int statusCode = res.getStatus();
397         if (logger.isDebugEnabled()) {
398             logger.debug(testName + ": barney status = " + statusCode);
399         }
400         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
401                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
402
403         res = accountClient.delete(babybopAccountId);
404         statusCode = res.getStatus();
405         if (logger.isDebugEnabled()) {
406             logger.debug(testName + ": babybop status = " + statusCode);
407         }
408         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
409                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
410     }
411
412     // ---------------------------------------------------------------
413     // Utility methods used by tests above
414     // ---------------------------------------------------------------
415     /**
416      * Creates the collection object instance.
417      *
418      * @param commonPartName the common part name
419      * @param identifier the identifier
420      *
421      * @return the multipart output
422      */
423     private MultipartOutput createCollectionObjectInstance(
424             String commonPartName, String identifier) {
425         return createCollectionObjectInstance(commonPartName, "objectNumber-" + identifier, "objectName-" + identifier);
426     }
427
428     /**
429      * Creates the collection object instance.
430      *
431      * @param commonPartName the common part name
432      * @param objectNumber the object number
433      * @param objectName the object name
434      *
435      * @return the multipart output
436      */
437     private MultipartOutput createCollectionObjectInstance(
438             String commonPartName, String objectNumber, String objectName) {
439         CollectionobjectsCommon collectionObject = new CollectionobjectsCommon();
440
441         collectionObject.setObjectNumber(objectNumber);
442         collectionObject.setObjectName(objectName);
443         MultipartOutput multipart = new MultipartOutput();
444         OutputPart commonPart = multipart.addPart(collectionObject,
445                 MediaType.APPLICATION_XML_TYPE);
446         commonPart.getHeaders().add("label", commonPartName);
447
448         if (logger.isDebugEnabled()) {
449             logger.debug("to be created, collectionobject common ",
450                     collectionObject, CollectionobjectsCommon.class);
451         }
452         return multipart;
453     }
454
455     private AccountsCommon createAccountInstance(String screenName,
456             String passwd, String email, String tenantId) {
457
458         AccountsCommon account = new AccountsCommon();
459         account.setScreenName(screenName);
460         account.setUserId(screenName);
461         account.setPassword(Base64.encodeBase64(passwd.getBytes()));
462         account.setEmail(email);
463         account.setPhone("1234567890");
464         List<AccountsCommon.Tenant> atl = new ArrayList<AccountsCommon.Tenant>();
465
466         AccountsCommon.Tenant at = new AccountsCommon.Tenant();
467         at.setId(tenantId);//for testing purposes
468         at.setName("movingimages.us");
469         atl.add(at);
470         //disable 2nd tenant till tenant identification is in effect
471         //on the service side for 1-n user-tenants
472 //        AccountsCommon.Tenant at2 = new AccountsCommon.Tenant();
473 //        at2.setId(UUID.randomUUID().toString());
474 //        at2.setName("collectionspace.org");
475 //        atl.add(at2);
476         account.setTenant(atl);
477
478         if (logger.isDebugEnabled()) {
479             logger.debug("to be created, account common");
480             logger.debug(objectAsXmlString(account,
481                     AccountsCommon.class));
482         }
483         return account;
484
485     }
486
487     /* (non-Javadoc)
488      * @see org.collectionspace.services.client.test.AbstractServiceTest#createList()
489      */
490     @Override
491     public void createList(String testName) throws Exception {
492     }
493
494     /* (non-Javadoc)
495      * @see org.collectionspace.services.client.test.AbstractServiceTest#createWithEmptyEntityBody()
496      */
497     @Override
498     public void createWithEmptyEntityBody(String testName) throws Exception {
499     }
500
501     /* (non-Javadoc)
502      * @see org.collectionspace.services.client.test.AbstractServiceTest#createWithMalformedXml()
503      */
504     @Override
505     public void createWithMalformedXml(String testName) throws Exception {
506     }
507
508     /* (non-Javadoc)
509      * @see org.collectionspace.services.client.test.AbstractServiceTest#createWithWrongXmlSchema()
510      */
511     @Override
512     public void createWithWrongXmlSchema(String testName) throws Exception {
513     }
514
515     /* (non-Javadoc)
516      * @see org.collectionspace.services.client.test.AbstractServiceTest#read()
517      */
518     @Override
519     public void read(String testName) throws Exception {
520     }
521
522     /* (non-Javadoc)
523      * @see org.collectionspace.services.client.test.AbstractServiceTest#readNonExistent()
524      */
525     @Override
526     public void readNonExistent(String testName) throws Exception {
527     }
528
529     /* (non-Javadoc)
530      * @see org.collectionspace.services.client.test.AbstractServiceTest#readList()
531      */
532     @Override
533     public void readList(String testName) throws Exception {
534     }
535
536     /* (non-Javadoc)
537      * @see org.collectionspace.services.client.test.AbstractServiceTest#update()
538      */
539     @Override
540     public void update(String testName) throws Exception {
541     }
542
543     /* (non-Javadoc)
544      * @see org.collectionspace.services.client.test.AbstractServiceTest#updateWithEmptyEntityBody()
545      */
546     @Override
547     public void updateWithEmptyEntityBody(String testName) throws Exception {
548     }
549
550     /* (non-Javadoc)
551      * @see org.collectionspace.services.client.test.AbstractServiceTest#updateWithMalformedXml()
552      */
553     @Override
554     public void updateWithMalformedXml(String testName) throws Exception {
555     }
556
557     /* (non-Javadoc)
558      * @see org.collectionspace.services.client.test.AbstractServiceTest#updateWithWrongXmlSchema()
559      */
560     @Override
561     public void updateWithWrongXmlSchema(String testName) throws Exception {
562     }
563
564     /* (non-Javadoc)
565      * @see org.collectionspace.services.client.test.AbstractServiceTest#updateNonExistent()
566      */
567     @Override
568     public void updateNonExistent(String testName) throws Exception {
569     }
570
571     /* (non-Javadoc)
572      * @see org.collectionspace.services.client.test.AbstractServiceTest#deleteNonExistent()
573      */
574     @Override
575     public void deleteNonExistent(String testName) throws Exception {
576     }
577 }