]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


486e4f381b6f2df02ecfc977ac83549d7a4d7e97
[tmp/jakarta-migration.git] /
1 /**
2  * This document is a part of the source code and related artifacts
3  * for CollectionSpace, an open source collections management system
4  * for museums and related institutions:
5  *
6  * http://www.collectionspace.org
7  * http://wiki.collectionspace.org
8  *
9  * Copyright © 2009 Regents of the University of California
10  *
11  * Licensed under the Educational Community License (ECL), Version 2.0.
12  * You may not use this file except in compliance with this License.
13  *
14  * You may obtain a copy of the ECL 2.0 License at
15  * https://source.collectionspace.org/collection-space/LICENSE.txt
16  *
17  * Unless required by applicable law or agreed to in writing, software
18  * distributed under the License is distributed on an "AS IS" BASIS,
19  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20  * See the License for the specific language governing permissions and
21  * limitations under the License.
22  */
23 package org.collectionspace.services.authorization.client.test;
24
25 import java.util.ArrayList;
26 import java.util.List;
27 import javax.ws.rs.core.Response;
28 import org.collectionspace.services.authorization.ActionType;
29 import org.collectionspace.services.authorization.EffectType;
30
31 import org.collectionspace.services.client.PermissionClient;
32 import org.collectionspace.services.authorization.Permission;
33 import org.collectionspace.services.authorization.PermissionAction;
34 import org.collectionspace.services.authorization.PermissionsList;
35 import org.collectionspace.services.client.test.AbstractServiceTestImpl;
36 import org.collectionspace.services.client.test.ServiceRequestType;
37 import org.jboss.resteasy.client.ClientResponse;
38
39 import org.testng.Assert;
40 import org.testng.annotations.Test;
41
42 import org.slf4j.Logger;
43 import org.slf4j.LoggerFactory;
44 import org.testng.annotations.AfterClass;
45
46 /**
47  * PermissionServiceTest, carries out tests against a
48  * deployed and running Permission Service.
49  * 
50  * $LastChangedRevision: 917 $
51  * $LastChangedDate: 2009-11-06 12:20:28 -0800 (Fri, 06 Nov 2009) $
52  */
53 public class PermissionServiceTest extends AbstractServiceTestImpl {
54
55     static private final Logger logger =
56             LoggerFactory.getLogger(PermissionServiceTest.class);
57     // Instance variables specific to this test.
58     private PermissionClient client = new PermissionClient();
59     private String knownResourceId = null;
60     private List<String> allResourceIdsCreated = new ArrayList();
61     boolean addTenant = true;
62     /*
63      * This method is called only by the parent class, AbstractServiceTestImpl
64      */
65
66     @Override
67     protected String getServicePathComponent() {
68         return client.getServicePathComponent();
69     }
70
71     // ---------------------------------------------------------------
72     // CRUD tests : CREATE tests
73     // ---------------------------------------------------------------
74     // Success outcomes
75     @Override
76     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
77     public void create(String testName) throws Exception {
78
79         // Perform setup, such as initializing the type of service request
80         // (e.g. CREATE, DELETE), its valid and expected status codes, and
81         // its associated HTTP method name (e.g. POST, DELETE).
82         setupCreate(testName);
83
84         // Submit the request to the service and store the response.
85         List<PermissionAction> actions = getDefaultActions();
86         Permission permission = createPermissionInstance("accounts",
87                 "default permissions for account",
88                 actions,
89                 EffectType.PERMIT,
90                 true,
91                 true,
92                 true);
93         ClientResponse<Response> res = client.create(permission);
94         int statusCode = res.getStatus();
95
96         // Check the status code of the response: does it match
97         // the expected response(s)?
98         //
99         // Specifically:
100         // Does it fall within the set of valid status codes?
101         // Does it exactly match the expected status code?
102         if (logger.isDebugEnabled()) {
103             logger.debug(testName + ": status = " + statusCode);
104         }
105         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
106                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
107         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
108
109         // Store the ID returned from this create operation
110         // for additional tests below.
111         knownResourceId = extractId(res);
112         if (logger.isDebugEnabled()) {
113             logger.debug(testName + ": knownResourceId=" + knownResourceId);
114         }
115     }
116
117     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
118     dependsOnMethods = {"create"})
119     public void createWithoutResourceName(String testName) throws Exception {
120
121         setupCreate(testName);
122
123         // Submit the request to the service and store the response.
124         List<PermissionAction> actions = getDefaultActions();
125         Permission permission = createPermissionInstance(null,
126                 "default permissions for account",
127                 actions,
128                 EffectType.PERMIT,
129                 false,
130                 true,
131                 true);
132         ClientResponse<Response> res = client.create(permission);
133         int statusCode = res.getStatus();
134         // Does it exactly match the expected status code?
135         if (logger.isDebugEnabled()) {
136             logger.debug(testName + ": status = " + statusCode);
137         }
138         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
139                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
140         Assert.assertEquals(statusCode, Response.Status.BAD_REQUEST.getStatusCode());
141     }
142
143     //to not cause uniqueness violation for permission, createList is removed
144     @Override
145     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
146     dependsOnMethods = {"create"})
147     public void createList(String testName) throws Exception {
148
149         setupCreate(testName);
150         // Submit the request to the service and store the response.
151         List<PermissionAction> actions = getDefaultActions();
152         Permission permission1 = createPermissionInstance("collectionobjects",
153                 "default permissions for collectionobjects",
154                 actions,
155                 EffectType.PERMIT,
156                 true,
157                 true,
158                 true);
159         ClientResponse<Response> res = client.create(permission1);
160         int statusCode = res.getStatus();
161         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
162                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
163         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
164         allResourceIdsCreated.add(extractId(res));
165
166         Permission permission2 = createPermissionInstance("acquisitions",
167                 "default permissions for acquisitions",
168                 actions,
169                 EffectType.PERMIT,
170                 true,
171                 true,
172                 true);
173         res = client.create(permission2);
174         statusCode = res.getStatus();
175         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
176                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
177         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
178         allResourceIdsCreated.add(extractId(res));
179
180         Permission permission3 = createPermissionInstance("ids",
181                 "default permissions for id service",
182                 actions,
183                 EffectType.PERMIT,
184                 true,
185                 true,
186                 true);
187         res = client.create(permission3);
188         statusCode = res.getStatus();
189         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
190                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
191         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
192         allResourceIdsCreated.add(extractId(res));
193     }
194
195     // Failure outcomes
196     // Placeholders until the three tests below can be uncommented.
197     // See Issue CSPACE-401.
198     @Override
199     public void createWithEmptyEntityBody(String testName) throws Exception {
200     }
201
202     @Override
203     public void createWithMalformedXml(String testName) throws Exception {
204     }
205
206     @Override
207     public void createWithWrongXmlSchema(String testName) throws Exception {
208     }
209
210     // ---------------------------------------------------------------
211     // CRUD tests : READ tests
212     // ---------------------------------------------------------------
213     // Success outcomes
214     @Override
215     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
216     dependsOnMethods = {"create"})
217     public void read(String testName) throws Exception {
218
219         // Perform setup.
220         setupRead(testName);
221
222         // Submit the request to the service and store the response.
223         ClientResponse<Permission> res = client.read(knownResourceId);
224         int statusCode = res.getStatus();
225
226         // Check the status code of the response: does it match
227         // the expected response(s)?
228         if (logger.isDebugEnabled()) {
229             logger.debug(testName + ": status = " + statusCode);
230         }
231         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
232                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
233         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
234
235         Permission output = (Permission) res.getEntity();
236         Assert.assertNotNull(output);
237     }
238
239     // Failure outcomes
240     @Override
241     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
242     dependsOnMethods = {"read"})
243     public void readNonExistent(String testName) throws Exception {
244
245         // Perform setup.
246         setupReadNonExistent(testName);
247
248         // Submit the request to the service and store the response.
249         ClientResponse<Permission> res = client.read(NON_EXISTENT_ID);
250         int statusCode = res.getStatus();
251
252         // Check the status code of the response: does it match
253         // the expected response(s)?
254         if (logger.isDebugEnabled()) {
255             logger.debug(testName + ": status = " + statusCode);
256         }
257         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
258                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
259         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
260     }
261
262     // ---------------------------------------------------------------
263     // CRUD tests : READ_LIST tests
264     // ---------------------------------------------------------------
265     // Success outcomes
266     @Override
267     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
268     dependsOnMethods = {"createList", "read"})
269     public void readList(String testName) throws Exception {
270
271         // Perform setup.
272         setupReadList(testName);
273
274         // Submit the request to the service and store the response.
275         ClientResponse<PermissionsList> res = client.readList();
276         PermissionsList list = res.getEntity();
277         int statusCode = res.getStatus();
278
279         // Check the status code of the response: does it match
280         // the expected response(s)?
281         if (logger.isDebugEnabled()) {
282             logger.debug(testName + ": status = " + statusCode);
283         }
284         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
285                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
286         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
287
288         // Optionally output additional data about list members for debugging.
289         boolean iterateThroughList = true;
290         if (iterateThroughList && logger.isDebugEnabled()) {
291             printList(testName, list);
292         }
293     }
294
295     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
296     dependsOnMethods = {"createList", "read"})
297     public void searchResourceName(String testName) throws Exception {
298
299         // Perform setup.
300         setupReadList(testName);
301
302         // Submit the request to the service and store the response.
303         ClientResponse<PermissionsList> res = client.readSearchList("acquisition");
304         PermissionsList list = res.getEntity();
305         int statusCode = res.getStatus();
306         // Check the status code of the response: does it match
307         // the expected response(s)?
308         if (logger.isDebugEnabled()) {
309             logger.debug(testName + ": status = " + statusCode);
310         }
311         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
312                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
313         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
314         int EXPECTED_ITEMS = 1;
315         if (logger.isDebugEnabled()) {
316             logger.debug(testName + ": received = " + list.getPermissions().size()
317                     + " expected=" + EXPECTED_ITEMS);
318         }
319         Assert.assertEquals(EXPECTED_ITEMS, list.getPermissions().size());
320         // Optionally output additional data about list members for debugging.
321         boolean iterateThroughList = true;
322         if (iterateThroughList && logger.isDebugEnabled()) {
323             printList(testName, list);
324         }
325     }
326
327     // Failure outcomes
328     // None at present.
329     // ---------------------------------------------------------------
330     // CRUD tests : UPDATE tests
331     // ---------------------------------------------------------------
332     // Success outcomes
333     @Override
334     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
335     dependsOnMethods = {"read", "readList", "readNonExistent"})
336     public void update(String testName) throws Exception {
337
338         // Perform setup.
339         setupUpdate(testName);
340
341
342         ClientResponse<Permission> res =
343                 client.read(knownResourceId);
344         if (logger.isDebugEnabled()) {
345             logger.debug(testName + ": read status = " + res.getStatus());
346         }
347         Assert.assertEquals(res.getStatus(), EXPECTED_STATUS_CODE);
348
349         if (logger.isDebugEnabled()) {
350             logger.debug("got object to update with ID: " + knownResourceId);
351         }
352         Permission toUpdatePermission =
353                 (Permission) res.getEntity();
354         Assert.assertNotNull(toUpdatePermission);
355
356         // Update the content of this resource.
357         toUpdatePermission.setResourceName("updated-" + toUpdatePermission.getResourceName());
358         if (logger.isDebugEnabled()) {
359             logger.debug("updated object");
360             logger.debug(objectAsXmlString(toUpdatePermission,
361                     Permission.class));
362         }
363
364         // Submit the request to the service and store the response.
365         res = client.update(knownResourceId, toUpdatePermission);
366         int statusCode = res.getStatus();
367         // Check the status code of the response: does it match the expected response(s)?
368         if (logger.isDebugEnabled()) {
369             logger.debug(testName + ": status = " + statusCode);
370         }
371         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
372                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
373         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
374
375
376         Permission updatedPermission = (Permission) res.getEntity();
377         Assert.assertNotNull(updatedPermission);
378
379         Assert.assertEquals(updatedPermission.getResourceName(),
380                 toUpdatePermission.getResourceName(),
381                 "Data in updated object did not match submitted data.");
382     }
383
384     // Failure outcomes
385     // Placeholders until the three tests below can be uncommented.
386     // See Issue CSPACE-401.
387     @Override
388     public void updateWithEmptyEntityBody(String testName) throws Exception {
389     }
390
391     @Override
392     public void updateWithMalformedXml(String testName) throws Exception {
393     }
394
395     @Override
396     public void updateWithWrongXmlSchema(String testName) throws Exception {
397     }
398
399     @Override
400     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
401     dependsOnMethods = {"readNonExistent", "testSubmitRequest"})
402     public void updateNonExistent(String testName) throws Exception {
403
404         // Perform setup.
405         setupUpdateNonExistent(testName);
406
407         // Submit the request to the service and store the response.
408         //
409         // Note: The ID used in this 'create' call may be arbitrary.
410         // The only relevant ID may be the one used in updatePermission(), below.
411         List<PermissionAction> actions = getDefaultActions();
412         Permission permission = createPermissionInstance("acquisitions",
413                 "default permissions for acquisitions",
414                 actions,
415                 EffectType.PERMIT,
416                 true,
417                 true,
418                 true);
419         ClientResponse<Permission> res =
420                 client.update(NON_EXISTENT_ID, permission);
421         int statusCode = res.getStatus();
422
423         // Check the status code of the response: does it match
424         // the expected response(s)?
425         if (logger.isDebugEnabled()) {
426             logger.debug(testName + ": status = " + statusCode);
427         }
428         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
429                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
430         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
431     }
432
433     // ---------------------------------------------------------------
434     // CRUD tests : DELETE tests
435     // ---------------------------------------------------------------
436     // Success outcomes
437     @Override
438     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
439     dependsOnMethods = {"update"})
440     public void delete(String testName) throws Exception {
441
442         // Perform setup.
443         setupDelete(testName);
444
445         // Submit the request to the service and store the response.
446         ClientResponse<Response> res = client.delete(knownResourceId);
447         int statusCode = res.getStatus();
448
449         // Check the status code of the response: does it match
450         // the expected response(s)?
451         if (logger.isDebugEnabled()) {
452             logger.debug(testName + ": status = " + statusCode);
453         }
454         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
455                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
456         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
457     }
458
459     // Failure outcomes
460     @Override
461     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
462     dependsOnMethods = {"delete"})
463     public void deleteNonExistent(String testName) throws Exception {
464
465         // Perform setup.
466         setupDeleteNonExistent(testName);
467
468         // Submit the request to the service and store the response.
469         ClientResponse<Response> res = client.delete(NON_EXISTENT_ID);
470         int statusCode = res.getStatus();
471
472         // Check the status code of the response: does it match
473         // the expected response(s)?
474         if (logger.isDebugEnabled()) {
475             logger.debug(testName + ": status = " + statusCode);
476         }
477         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
478                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
479         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
480     }
481
482     // ---------------------------------------------------------------
483     // Utility tests : tests of code used in tests above
484     // ---------------------------------------------------------------
485     /**
486      * Tests the code for manually submitting data that is used by several
487      * of the methods above.
488      */
489     @Test(dependsOnMethods = {"create", "read"})
490     public void testSubmitRequest() throws Exception {
491
492         // Expected status code: 200 OK
493         final int EXPECTED_STATUS = Response.Status.OK.getStatusCode();
494
495         // Submit the request to the service and store the response.
496         String method = ServiceRequestType.READ.httpMethodName();
497         String url = getResourceURL(knownResourceId);
498         int statusCode = submitRequest(method, url);
499
500         // Check the status code of the response: does it match
501         // the expected response(s)?
502         if (logger.isDebugEnabled()) {
503             logger.debug("testSubmitRequest: url=" + url
504                     + " status=" + statusCode);
505         }
506         Assert.assertEquals(statusCode, EXPECTED_STATUS);
507
508     }
509
510     // ---------------------------------------------------------------
511     // Utility methods used by tests above
512     // ---------------------------------------------------------------
513     /**
514      * create permission instance
515      * @param resourceName
516      * @param description
517      * @param actionList list of actions for this permission
518      * @param effect effect of the permission
519      * @param useResourceName
520      * @param useAction
521      * @param useEffect
522      * @return
523      */
524     static Permission createPermissionInstance(String resourceName,
525             String description,
526             List<PermissionAction> actionList,
527             EffectType effect,
528             boolean useResourceName,
529             boolean useAction,
530             boolean useEffect) {
531
532         Permission permission = new Permission();
533         if (useResourceName) {
534             permission.setResourceName(resourceName);
535         }
536         if (useAction) {
537             permission.setActions(actionList);
538         }
539         if (useEffect) {
540             permission.setEffect(effect);
541         }
542
543
544         if (logger.isDebugEnabled()) {
545             logger.debug("to be created, permission common");
546             logger.debug(objectAsXmlString(permission, Permission.class));
547         }
548         return permission;
549     }
550
551     static List<PermissionAction> getDefaultActions() {
552         List<PermissionAction> actions = new ArrayList<PermissionAction>();
553         PermissionAction create = new PermissionAction();
554         create.setName(ActionType.CREATE);
555         actions.add(create);
556
557         PermissionAction read = new PermissionAction();
558         read.setName(ActionType.READ);
559         actions.add(read);
560
561         PermissionAction update = new PermissionAction();
562         update.setName(ActionType.UPDATE);
563         actions.add(update);
564
565         PermissionAction delete = new PermissionAction();
566         delete.setName(ActionType.DELETE);
567         actions.add(delete);
568
569         PermissionAction search = new PermissionAction();
570         search.setName(ActionType.SEARCH);
571         actions.add(search);
572
573         return actions;
574     }
575
576     @AfterClass(alwaysRun = true)
577     public void cleanUp() {
578         setupDelete("delete");
579         if (logger.isDebugEnabled()) {
580             logger.debug("Cleaning up temporary resources created for testing ...");
581         }
582         for (String resourceId : allResourceIdsCreated) {
583             // Note: Any non-success responses are ignored and not reported.
584             ClientResponse<Response> res = client.delete(resourceId);
585             int statusCode = res.getStatus();
586             Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
587                     invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
588             Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
589         }
590     }
591
592     private int printList(String testName, PermissionsList list) {
593
594         int i = 0;
595
596         for (Permission permission : list.getPermissions()) {
597             logger.debug(testName + " permission csid=" + permission.getCsid()
598                     + " name=" + permission.getResourceName()
599                     + " desc=" + permission.getDescription());
600             i++;
601         }
602         return i;
603     }
604 }