]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


93956036a0041ed1a042aa9bf29380aaa8212f98
[tmp/jakarta-migration.git] /
1 /**
2  *  This document is a part of the source code and related artifacts
3  *  for CollectionSpace, an open source collections management system
4  *  for museums and related institutions:
5
6  *  http://www.collectionspace.org
7  *  http://wiki.collectionspace.org
8
9  *  Copyright 2010 University of California at Berkeley
10
11  *  Licensed under the Educational Community License (ECL), Version 2.0.
12  *  You may not use this file except in compliance with this License.
13
14  *  You may obtain a copy of the ECL 2.0 License at
15
16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
17
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS,
20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 /*
25  * To change this template, choose Tools | Templates
26  * and open the template in the editor.
27  */
28 package org.collectionspace.services.security.client.test;
29
30 import java.util.ArrayList;
31 import java.util.Collection;
32 import java.util.Date;
33 import java.util.Hashtable;
34 import java.util.List;
35 import javax.ws.rs.core.MediaType;
36 import javax.ws.rs.core.Response;
37 import org.collectionspace.services.account.AccountsCommon;
38 import org.collectionspace.services.authorization.AccountRole;
39 import org.collectionspace.services.authorization.AccountValue;
40 import org.collectionspace.services.authorization.ActionType;
41 import org.collectionspace.services.authorization.EffectType;
42
43 import org.collectionspace.services.authorization.Permission;
44 import org.collectionspace.services.authorization.PermissionAction;
45 import org.collectionspace.services.authorization.PermissionRole;
46 import org.collectionspace.services.authorization.PermissionValue;
47 import org.collectionspace.services.authorization.Role;
48 import org.collectionspace.services.authorization.RoleValue;
49 import org.collectionspace.services.client.AccountClient;
50 import org.collectionspace.services.client.AccountFactory;
51 import org.collectionspace.services.client.AccountRoleClient;
52 import org.collectionspace.services.client.AccountRoleFactory;
53 import org.collectionspace.services.client.CollectionSpaceClient;
54 import org.collectionspace.services.client.DimensionClient;
55 import org.collectionspace.services.client.DimensionFactory;
56 import org.collectionspace.services.client.IntakeClient;
57 import org.collectionspace.services.client.PermissionClient;
58 import org.collectionspace.services.client.PermissionFactory;
59 import org.collectionspace.services.client.PermissionRoleClient;
60 import org.collectionspace.services.client.PermissionRoleFactory;
61 import org.collectionspace.services.client.RoleClient;
62 import org.collectionspace.services.client.RoleFactory;
63 import org.collectionspace.services.client.test.AbstractServiceTestImpl;
64 import org.collectionspace.services.dimension.DimensionsCommon;
65 import org.collectionspace.services.intake.IntakesCommon;
66 import org.collectionspace.services.jaxb.AbstractCommonList;
67 import org.jboss.resteasy.client.ClientResponse;
68 import org.jboss.resteasy.plugins.providers.multipart.MultipartInput;
69 import org.jboss.resteasy.plugins.providers.multipart.MultipartOutput;
70 import org.jboss.resteasy.plugins.providers.multipart.OutputPart;
71
72 import org.testng.Assert;
73 import org.testng.annotations.Test;
74
75 import org.slf4j.Logger;
76 import org.slf4j.LoggerFactory;
77 import org.testng.annotations.AfterClass;
78 import org.testng.annotations.BeforeClass;
79
80 /**
81  * AuthorizationServiceTest, carries out tests against a
82  * deployed and running Permission, Role, AccountRole, PermissionRole and
83  * CollectionObject Services.
84  *
85  * Pre-requisite : authorization-mgt/client tests seed some permissions used
86  * by this test
87  *
88  * $LastChangedRevision: 917 $
89  * $LastChangedDate: 2009-11-06 12:20:28 -0800 (Fri, 06 Nov 2009) $
90  */
91 public class AuthorizationServiceTest extends AbstractServiceTestImpl {
92
93     private final String CLASS_NAME = AuthorizationServiceTest.class.getName();
94     private final Logger logger = LoggerFactory.getLogger(CLASS_NAME);
95     // Instance variables specific to this test.
96     private String knownResourceId = null;
97     private List<String> allResourceIdsCreated = new ArrayList();
98     //key for accValues is userId
99     private Hashtable<String, AccountValue> accValues = new Hashtable<String, AccountValue>();
100     //key for permValues is id as there could be several perms for the same resource
101     private Hashtable<String, PermissionValue> permValues = new Hashtable<String, PermissionValue>();
102     //key for roleValues is roleName
103     private Hashtable<String, RoleValue> roleValues = new Hashtable<String, RoleValue>();
104     private String bigbirdPermId;
105     private String elmoPermId;
106     private final static String TEST_SERVICE_NAME = "dimensions";
107     private boolean accountRolesFlipped = false;
108     /*
109      * This method is called only by the parent class, AbstractServiceTestImpl
110      */
111
112     @Override
113     protected String getServicePathComponent() {
114         return null;
115     }
116
117     @BeforeClass(alwaysRun = true)
118     public void seedData() {
119         seedPermissions();
120         seedRoles();
121         seedAccounts();
122         seedAccountRoles();
123         seedPermissionRoles();
124     }
125
126     private void seedPermissions() {
127         String res = TEST_SERVICE_NAME;
128
129         PermissionAction pac = new PermissionAction();
130         pac.setName(ActionType.CREATE);
131         PermissionAction par = new PermissionAction();
132         par.setName(ActionType.READ);
133         PermissionAction pau = new PermissionAction();
134         pau.setName(ActionType.UPDATE);
135
136
137         //bigbird can create, read and update but not delete
138         List<PermissionAction> bbactions = new ArrayList<PermissionAction>();
139         bbactions.add(pac);
140         bbactions.add(par);
141         bbactions.add(pau);
142         bigbirdPermId = createPermission(res, bbactions, EffectType.PERMIT);
143         PermissionValue bbpv = new PermissionValue();
144         bbpv.setResourceName(res);
145         bbpv.setPermissionId(bigbirdPermId);
146         permValues.put(bbpv.getPermissionId(), bbpv);
147
148         //elmo can only read
149         List<PermissionAction> eactions = new ArrayList<PermissionAction>();
150         eactions.add(par);
151         elmoPermId = createPermission(res, eactions, EffectType.PERMIT);
152         PermissionValue epv = new PermissionValue();
153         epv.setResourceName(res);
154         epv.setPermissionId(elmoPermId);
155         permValues.put(epv.getPermissionId(), epv);
156     }
157
158     private void seedRoles() {
159         String rn1 = "ROLE_TEST_CM";
160         String r1RoleId = createRole(rn1);
161         RoleValue rv1 = new RoleValue();
162         rv1.setRoleId(r1RoleId);
163         rv1.setRoleName(rn1);
164         roleValues.put(rv1.getRoleName(), rv1);
165
166         String rn2 = "ROLE_TEST_INTERN";
167         String r2RoleId = createRole(rn2);
168         RoleValue rv2 = new RoleValue();
169         rv2.setRoleId(r2RoleId);
170         rv2.setRoleName(rn2);
171         roleValues.put(rv2.getRoleName(), rv2);
172     }
173
174     private void seedAccounts() {
175         String userId1 = "bigbird2010";
176         String accId1 = createAccount(userId1, "bigbird@cspace.org");
177         AccountValue av1 = new AccountValue();
178         av1.setScreenName(userId1);
179         av1.setUserId(userId1);
180         av1.setAccountId(accId1);
181         accValues.put(av1.getUserId(), av1);
182
183         String userId2 = "elmo2010";
184         String accId2 = createAccount(userId2, "elmo@cspace.org");
185         AccountValue av2 = new AccountValue();
186         av2.setScreenName(userId2);
187         av2.setUserId(userId2);
188         av2.setAccountId(accId2);
189         accValues.put(av2.getUserId(), av2);
190
191         String userId3 = "lockedOut";
192         String accId3 = createAccount(userId3, "lockedOut@cspace.org");
193         AccountValue av3 = new AccountValue();
194         av3.setScreenName(userId3);
195         av3.setUserId(userId3);
196         av3.setAccountId(accId3);
197         accValues.put(av3.getUserId(), av3);
198     }
199
200     private void seedAccountRoles() {
201
202         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
203         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
204         createAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
205
206         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
207         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
208         createAccountRole(accValues.get("elmo2010"), elmoRoleValues);
209     }
210
211     private void seedPermissionRoles() {
212
213         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
214         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
215         createPermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
216
217         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
218         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
219         createPermissionRole(permValues.get(elmoPermId), elmoRoleValues);
220
221     }
222
223
224     /* (non-Javadoc)
225      * @see org.collectionspace.services.client.test.BaseServiceTest#getClientInstance()
226      */
227     @Override
228     protected CollectionSpaceClient getClientInstance() {
229         return null;
230     }
231
232     /* (non-Javadoc)
233      * @see org.collectionspace.services.client.test.BaseServiceTest#getAbstractCommonList(org.jboss.resteasy.client.ClientResponse)
234      */
235     @Override
236     protected AbstractCommonList getAbstractCommonList(
237             ClientResponse<AbstractCommonList> response) {
238         //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
239         throw new UnsupportedOperationException();
240     }
241
242     @Test(dataProvider = "testName")
243     @Override
244     public void readPaginatedList(String testName) throws Exception {
245         //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
246     }
247     // ---------------------------------------------------------------
248     // CRUD tests : CREATE tests
249     // ---------------------------------------------------------------
250     // Success outcomes
251
252     @Override
253     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
254     public void create(String testName) throws Exception {
255         if (logger.isDebugEnabled()) {
256             logger.debug(testBanner(testName, CLASS_NAME));
257         }
258         setupCreate();
259
260         // Submit the request to the service and store the response.
261         DimensionClient client = new DimensionClient();
262         //bigbird allowed to create
263         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
264         String identifier = createIdentifier();
265         DimensionsCommon dimension = new DimensionsCommon();
266         dimension.setDimension("dimensionType");
267         dimension.setValue("value-" + identifier);
268         dimension.setValueDate(new Date().toString());
269         MultipartOutput multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
270                 dimension);
271         ClientResponse<Response> res = client.create(multipart);
272
273         int statusCode = res.getStatus();
274
275         if (logger.isDebugEnabled()) {
276             logger.debug(testName + ": status = " + statusCode);
277         }
278         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
279                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
280         Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
281         knownResourceId = extractId(res);
282         if (logger.isDebugEnabled()) {
283             logger.debug(testName + ": knownResourceId=" + knownResourceId);
284         }
285         
286         // Now verify that elmo cannot create
287         client = new DimensionClient();
288         client.setAuth(true, "elmo2010", true, "elmo2010", true);
289         res = client.create(multipart);
290
291         statusCode = res.getStatus();
292         if (logger.isDebugEnabled()) {
293             logger.debug(testName + " (verify not allowed): status = " + statusCode);
294         }
295         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
296                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
297         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
298         
299         //Finally, verify that elmo has no access to Intakes
300         // Submit the request to the service and store the response.
301         IntakeClient iclient = new IntakeClient();
302         iclient.setAuth(true, "elmo2010", true, "elmo2010", true);
303         multipart = createIntakeInstance(
304                 "entryNumber-" + identifier,
305                 "entryDate-" + identifier,
306                 "depositor-" + identifier);
307         res = iclient.create(multipart);
308         if (logger.isDebugEnabled()) {
309             logger.debug(testName + " (verify create intake not allowed): status = " + statusCode);
310         }
311         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
312                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
313         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
314         
315     }
316     
317     /**
318      * Creates the intake instance.
319      *
320      * @param entryNumber the entry number
321      * @param entryDate the entry date
322      * @param depositor the depositor
323      * @return the multipart output
324      */
325     private MultipartOutput createIntakeInstance(String entryNumber,
326                 String entryDate,
327                 String depositor) {
328         IntakesCommon intake = new IntakesCommon();
329         intake.setEntryNumber(entryNumber);
330         intake.setEntryDate(entryDate);
331         intake.setDepositor(depositor);
332
333         MultipartOutput multipart = new MultipartOutput();
334         OutputPart commonPart =
335             multipart.addPart(intake, MediaType.APPLICATION_XML_TYPE);
336         commonPart.getHeaders().add("label", new IntakeClient().getCommonPartName());
337
338         if(logger.isDebugEnabled()){
339             logger.debug("to be created, intake common");
340             logger.debug(objectAsXmlString(intake, IntakesCommon.class));
341         }
342
343         return multipart;
344     }
345
346     
347     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
348             dependsOnMethods = {"delete"})
349     public void verifyCreateWithFlippedRoles(String testName) throws Exception {
350         if (logger.isDebugEnabled()) {
351             logger.debug(testBanner(testName, CLASS_NAME));
352         }
353         setupCreate();
354
355         // Submit the request to the service and store the response.
356         DimensionClient client = new DimensionClient();
357         flipInitialAccountRoles();
358
359         // Now verify that elmo can create
360         client.setAuth(true, "elmo2010", true, "elmo2010", true);
361         client = new DimensionClient();
362         
363         String identifier = createIdentifier();
364         DimensionsCommon dimension = new DimensionsCommon();
365         dimension.setDimension("dimensionType");
366         dimension.setValue("value-" + identifier);
367         dimension.setValueDate(new Date().toString());
368         MultipartOutput multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
369                 dimension);
370         ClientResponse<Response> res = client.create(multipart);
371
372         int statusCode = res.getStatus();
373
374         if (logger.isDebugEnabled()) {
375             logger.debug(testName + ": status = " + statusCode);
376         }
377         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
378                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
379         Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
380         knownResourceId = extractId(res);
381         if (logger.isDebugEnabled()) {
382             logger.debug(testName + ": knownResourceId=" + knownResourceId);
383         }
384         
385         //bigbird no longer allowed to create
386         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
387         res = client.create(multipart);
388
389         statusCode = res.getStatus();
390         if (logger.isDebugEnabled()) {
391             logger.debug(testName + " (verify not allowed): status = " + statusCode);
392         }
393         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
394                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
395         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
396         restoreInitialAccountRoles();
397     }
398
399     //to not cause uniqueness violation for permRole, createList is removed
400     @Override
401     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
402     dependsOnMethods = {"create"})
403     public void createList(String testName) throws Exception {
404     }
405
406     // Failure outcomes
407     // Placeholders until the three tests below can be uncommented.
408     // See Issue CSPACE-401.
409     @Override
410     public void createWithEmptyEntityBody(String testName) throws Exception {
411     }
412
413     @Override
414     public void createWithMalformedXml(String testName) throws Exception {
415     }
416
417     @Override
418     public void createWithWrongXmlSchema(String testName) throws Exception {
419     }
420
421     // ---------------------------------------------------------------
422     // CRUD tests : READ tests
423     // ---------------------------------------------------------------
424     // Success outcomes
425     @Override
426     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
427     dependsOnMethods = {"create"})
428     public void read(String testName) throws Exception {
429
430         if (logger.isDebugEnabled()) {
431             logger.debug(testBanner(testName, CLASS_NAME));
432         }
433         // Perform setup.
434         setupRead();
435
436         // Submit the request to the service and store the response.
437         DimensionClient client = new DimensionClient();
438         //elmo allowed to read
439         client.setAuth(true, "elmo2010", true, "elmo2010", true);
440         ClientResponse<MultipartInput> res = client.read(knownResourceId);
441         int statusCode = res.getStatus();
442
443         // Check the status code of the response: does it match
444         // the expected response(s)?
445         if (logger.isDebugEnabled()) {
446             logger.debug(testName + ": status = " + statusCode);
447         }
448         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
449                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
450         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
451
452         MultipartInput input = (MultipartInput) res.getEntity();
453         DimensionsCommon dimension = (DimensionsCommon) extractPart(input,
454                 client.getCommonPartName(), DimensionsCommon.class);
455         Assert.assertNotNull(dimension);
456     }
457
458     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
459             dependsOnMethods = {"read"})
460     public void readLockedOut(String testName) throws Exception {
461
462         if (logger.isDebugEnabled()) {
463             logger.debug(testBanner(testName, CLASS_NAME));
464         }
465         // Perform setup.
466         setupRead();
467
468         // Submit the request to the service and store the response.
469         DimensionClient client = new DimensionClient();
470         //lockedOut allowed to read
471         client.setAuth(true, "lockedOut", true, "lockedOut", true);
472         ClientResponse<MultipartInput> res = client.read(knownResourceId);
473         int statusCode = res.getStatus();
474
475         // Check the status code of the response: does it match
476         // the expected response(s)?
477         if (logger.isDebugEnabled()) {
478             logger.debug(testName + " (test lockedOut): status = " + statusCode);
479         }
480         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
481                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
482         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
483     }
484
485     // Failure outcomes
486     @Override
487     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
488     public void readNonExistent(String testName) throws Exception {
489
490         // Perform setup.
491         setupReadNonExistent();
492     }
493
494     // ---------------------------------------------------------------
495     // CRUD tests : READ_LIST tests
496     // ---------------------------------------------------------------
497     // Success outcomes
498     @Override
499     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
500     dependsOnMethods = {"createList", "read"})
501     public void readList(String testName) throws Exception {
502         setupReadList();
503     }
504
505     // Failure outcomes
506     // None at present.
507     // ---------------------------------------------------------------
508     // CRUD tests : UPDATE tests
509     // ---------------------------------------------------------------
510     // Success outcomes
511     @Override
512     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
513     dependsOnMethods = {"read", "readList", "readNonExistent"})
514     public void update(String testName) throws Exception {
515         setupUpdate();
516
517     }
518
519     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
520     dependsOnMethods = {"read", "readList", "readNonExistent"})
521     public void updateNotAllowed(String testName) throws Exception {
522
523         if (logger.isDebugEnabled()) {
524             logger.debug(testBanner(testName, CLASS_NAME));
525         }
526         setupUpdate();
527
528         DimensionClient client = new DimensionClient();
529
530         //elmo not allowed to update
531         client.setAuth(true, "elmo2010", true, "elmo2010", true);
532
533         DimensionsCommon dimension = new DimensionsCommon();
534         dimension.setDimension("dimensionType");
535         // Update the content of this resource.
536         dimension.setValue("updated-" + dimension.getValue());
537         dimension.setValueDate("updated-" + dimension.getValueDate());
538         // Submit the request to the service and store the response.
539         MultipartOutput output = new MultipartOutput();
540         OutputPart commonPart = output.addPart(dimension, MediaType.APPLICATION_XML_TYPE);
541         commonPart.getHeaders().add("label", client.getCommonPartName());
542
543         ClientResponse<MultipartInput> res = client.update(knownResourceId, output);
544         int statusCode = res.getStatus();
545         // Check the status code of the response: does it match the expected response(s)?
546         if (logger.isDebugEnabled()) {
547             logger.debug(testName + ": status = " + statusCode);
548         }
549         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
550                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
551         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
552         
553         client = new DimensionClient();
554
555         //lockedOut not allowed to update
556         client.setAuth(true, "lockedOut", true, "lockedOut", true);
557         res = client.update(knownResourceId, output);
558         statusCode = res.getStatus();
559         // Check the status code of the response: does it match the expected response(s)?
560         if (logger.isDebugEnabled()) {
561             logger.debug(testName + ": (lockedOut) status = " + statusCode);
562         }
563         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
564                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
565         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
566         
567     }
568
569     // Failure outcomes
570     // Placeholders until the three tests below can be uncommented.
571     // See Issue CSPACE-401.
572     @Override
573     public void updateWithEmptyEntityBody(String testName) throws Exception {
574     }
575
576     @Override
577     public void updateWithMalformedXml(String testName) throws Exception {
578     }
579
580     @Override
581     public void updateWithWrongXmlSchema(String testName) throws Exception {
582     }
583
584     @Override
585     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
586     dependsOnMethods = {"readNonExistent", "testSubmitRequest"})
587     public void updateNonExistent(String testName) throws Exception {
588     }
589
590     // ---------------------------------------------------------------
591     // CRUD tests : DELETE tests
592     // ---------------------------------------------------------------
593     // Success outcomes
594     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
595     dependsOnMethods = {"updateNotAllowed"})
596     public void deleteNotAllowed(String testName) throws Exception {
597
598         if (logger.isDebugEnabled()) {
599             logger.debug(testBanner(testName, CLASS_NAME));
600         }
601         // Perform setup.
602         setupDelete();
603
604         // Submit the request to the service and store the response.
605         DimensionClient client = new DimensionClient();
606         //bigbird can not delete
607         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
608         ClientResponse<Response> res = client.delete(knownResourceId);
609         int statusCode = res.getStatus();
610
611         // Check the status code of the response: does it match
612         // the expected response(s)?
613         if (logger.isDebugEnabled()) {
614             logger.debug(testName + ": status = " + statusCode);
615         }
616         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
617                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
618         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
619
620     }
621
622     @Override
623     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
624     dependsOnMethods = {"deleteNotAllowed"})
625     public void delete(String testName) throws Exception {
626
627         if (logger.isDebugEnabled()) {
628             logger.debug(testBanner(testName, CLASS_NAME));
629         }
630         // Perform setup.
631         setupDelete();
632
633         // Submit the request to the service and store the response.
634         DimensionClient client = new DimensionClient();
635
636         ClientResponse<Response> res = client.delete(knownResourceId);
637         int statusCode = res.getStatus();
638
639         // Check the status code of the response: does it match
640         // the expected response(s)?
641         if (logger.isDebugEnabled()) {
642             logger.debug(testName + ": status = " + statusCode);
643         }
644         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
645                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
646         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
647
648     }
649
650     // Failure outcomes
651     @Override
652     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
653     public void deleteNonExistent(String testName) throws Exception {
654         //ignoring this test as the service side returns 200 now even if it does
655         //not find a record in the db
656     }
657
658     // ---------------------------------------------------------------
659     // Utility tests : tests of code used in tests above
660     // ---------------------------------------------------------------
661     /**
662      * Tests the code for manually submitting data that is used by several
663      * of the methods above.
664      */
665     @Test(dependsOnMethods = {"create"})
666     public void testSubmitRequest() throws Exception {
667     }
668
669     // ---------------------------------------------------------------
670     // Utility methods used by tests above
671     // ---------------------------------------------------------------
672     @AfterClass(alwaysRun = true)
673     public void cleanUp() {
674         setupDelete();
675         String noTest = System.getProperty("noTestCleanup");
676         if (Boolean.TRUE.toString().equalsIgnoreCase(noTest)) {
677             if (logger.isDebugEnabled()) {
678                 logger.debug("Skipping Cleanup phase ...");
679             }
680             return;
681         }
682         if (logger.isDebugEnabled()) {
683             logger.debug("Cleaning up temporary resources created for testing ...");
684         }
685
686         deletePermissionRoles();
687         deleteAccountRoles();
688         //FIXME delete on permission deletes all associations with roles
689         //this would delete association with ROLE_ADMINISTRATOR too
690         //deletePermissions();
691         deleteRoles();
692         deleteAccounts();
693     }
694
695     private void deletePermissionRoles() {
696
697         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
698         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
699         deletePermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
700
701         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
702         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
703         deletePermissionRole(permValues.get(elmoPermId), elmoRoleValues);
704
705     }
706
707     private void deleteAccountRoles() {
708         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
709         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
710
711         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
712         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
713         if(!accountRolesFlipped) {
714                 deleteAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
715                 deleteAccountRole(accValues.get("elmo2010"), elmoRoleValues);
716         } else {
717                 deleteAccountRole(accValues.get("bigbird2010"), elmoRoleValues);
718                 deleteAccountRole(accValues.get("elmo2010"),bigbirdRoleValues );
719         }
720     }
721     
722     private void flipInitialAccountRoles() {
723         if(!accountRolesFlipped) {
724                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
725                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
726                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
727                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
728                 
729                 deleteAccountRole(accValues.get("bigbird2010"), cmRoleValues);
730                 deleteAccountRole(accValues.get("elmo2010"), internRoleValues);
731
732                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
733                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
734                 
735                 accountRolesFlipped = true;
736         }
737     }
738
739     private void restoreInitialAccountRoles() {
740         if(accountRolesFlipped) {
741                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
742                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
743                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
744                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
745                 
746                 deleteAccountRole(accValues.get("bigbird2010"), internRoleValues);
747                 deleteAccountRole(accValues.get("elmo2010"), cmRoleValues);
748
749                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
750                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
751                 accountRolesFlipped = false;
752         }
753     }
754
755
756
757     private void deletePermissions() {
758         //delete entities
759         for (PermissionValue pv : permValues.values()) {
760             deletePermission(pv.getPermissionId());
761         }
762     }
763
764     private void deleteRoles() {
765         for (RoleValue rv : roleValues.values()) {
766             deleteRole(rv.getRoleId());
767         }
768     }
769
770     private void deleteAccounts() {
771
772         for (AccountValue av1 : accValues.values()) {
773             deleteAccount(av1.getAccountId());
774         }
775     }
776
777     private String createPermission(String resName, EffectType effect) {
778         List<PermissionAction> actions = PermissionFactory.createDefaultActions();
779         return createPermission(resName, actions, effect);
780     }
781
782     private String createPermission(String resName,
783             List<PermissionAction> actions, EffectType effect) {
784         setupCreate();
785         PermissionClient permClient = new PermissionClient();
786         Permission permission = PermissionFactory.createPermissionInstance(resName,
787                 "default permissions for " + resName,
788                 actions, effect, true, true, true);
789         ClientResponse<Response> res = permClient.create(permission);
790         int statusCode = res.getStatus();
791         if (logger.isDebugEnabled()) {
792             logger.debug("createPermission: resName=" + resName
793                     + " status = " + statusCode);
794         }
795         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
796                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
797         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
798         res.releaseConnection();
799         return extractId(res);
800     }
801
802     private void deletePermission(String permId) {
803         setupDelete();
804         PermissionClient permClient = new PermissionClient();
805         ClientResponse<Response> res = permClient.delete(permId);
806         int statusCode = res.getStatus();
807         if (logger.isDebugEnabled()) {
808             logger.debug("deletePermission: delete permission id="
809                     + permId + " status=" + statusCode);
810         }
811         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
812                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
813         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
814         res.releaseConnection();
815     }
816
817     private String createRole(String roleName) {
818         setupCreate();
819         RoleClient roleClient = new RoleClient();
820
821         Role role = RoleFactory.createRoleInstance(roleName,
822                         roleName, //the display name
823                 "role for " + roleName, true);
824         ClientResponse<Response> res = roleClient.create(role);
825         int statusCode = res.getStatus();
826         if (logger.isDebugEnabled()) {
827             logger.debug("createRole: name=" + roleName
828                     + " status = " + statusCode);
829         }
830         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
831                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
832         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
833         res.releaseConnection();
834         return extractId(res);
835     }
836
837     private void deleteRole(String roleId) {
838         setupDelete();
839         RoleClient roleClient = new RoleClient();
840         ClientResponse<Response> res = roleClient.delete(roleId);
841         int statusCode = res.getStatus();
842         if (logger.isDebugEnabled()) {
843             logger.debug("deleteRole: delete role id=" + roleId
844                     + " status=" + statusCode);
845         }
846         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
847                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
848         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
849         res.releaseConnection();
850     }
851
852     private String createAccount(String userName, String email) {
853         setupCreate();
854         AccountClient accountClient = new AccountClient();
855         AccountsCommon account = AccountFactory.createAccountInstance(
856                 userName, userName, userName, email, accountClient.getTenantId(),
857                 true, false, true, true);
858         ClientResponse<Response> res = accountClient.create(account);
859         int statusCode = res.getStatus();
860         if (logger.isDebugEnabled()) {
861             logger.debug("createAccount: userName=" + userName
862                     + " status = " + statusCode);
863         }
864         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
865                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
866         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
867         res.releaseConnection();
868         return extractId(res);
869     }
870
871     private void deleteAccount(String accId) {
872         setupDelete();
873         AccountClient accClient = new AccountClient();
874         ClientResponse<Response> res = accClient.delete(accId);
875         int statusCode = res.getStatus();
876         if (logger.isDebugEnabled()) {
877             logger.debug("deleteAccount: delete account id="
878                     + accId + " status=" + statusCode);
879         }
880         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
881                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
882         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
883         res.releaseConnection();
884     }
885
886     private String createAccountRole(AccountValue av,
887             Collection<RoleValue> rvs) {
888         setupCreate();
889
890         // Submit the request to the service and store the response.
891         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
892                 av, rvs, true, true);
893         AccountRoleClient client = new AccountRoleClient();
894         ClientResponse<Response> res = client.create(av.getAccountId(), accRole);
895         int statusCode = res.getStatus();
896
897         if (logger.isDebugEnabled()) {
898             logger.debug("createAccountRole: status = " + statusCode);
899         }
900         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
901                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
902         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
903         res.releaseConnection();
904         return extractId(res);
905     }
906
907     private void deleteAccountRole(AccountValue av,
908             Collection<RoleValue> rvs) {
909         // Perform setup.
910         setupDelete();
911
912         // Submit the request to the service and store the response.
913         AccountRoleClient client = new AccountRoleClient();
914         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
915                 av, rvs, true, true);
916         ClientResponse<Response> res = client.delete(
917                 av.getAccountId());
918         int statusCode = res.getStatus();
919
920         // Check the status code of the response: does it match
921         // the expected response(s)?
922         if (logger.isDebugEnabled()) {
923             logger.debug("deleteAccountRole: status = " + statusCode);
924         }
925         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
926                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
927         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
928         res.releaseConnection();
929     }
930
931     private String createPermissionRole(PermissionValue pv,
932             Collection<RoleValue> rvs) {
933         setupCreate();
934         List<RoleValue> rvls = new ArrayList<RoleValue>();
935         rvls.addAll(rvs);
936         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
937                 pv, rvls, true, true);
938         PermissionRoleClient client = new PermissionRoleClient();
939         ClientResponse<Response> res = client.create(pv.getPermissionId(), permRole);
940         int statusCode = res.getStatus();
941
942         if (logger.isDebugEnabled()) {
943             logger.debug("createPermissionRole: status = " + statusCode);
944         }
945         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
946                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
947         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
948         res.releaseConnection();
949         return extractId(res);
950     }
951
952     private void deletePermissionRole(PermissionValue pv,
953             Collection<RoleValue> rvs) {
954         List<RoleValue> rvls = new ArrayList<RoleValue>();
955         rvls.addAll(rvs);
956
957         // Perform setup.
958         setupDelete();
959
960         // Submit the request to the service and store the response.
961         PermissionRoleClient client = new PermissionRoleClient();
962         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
963                 pv, rvls, true, true);
964         ClientResponse<Response> res = client.delete(pv.getPermissionId());
965         int statusCode = res.getStatus();
966
967         // Check the status code of the response: does it match
968         // the expected response(s)?
969         if (logger.isDebugEnabled()) {
970             logger.debug("deletePermissionRole : status = " + statusCode);
971         }
972         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
973                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
974         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
975         res.releaseConnection();
976     }
977 }