]> git.aero2k.de Git - tmp/jakarta-migration.git/blob
projects / tmp / jakarta-migration.git / blob
? search:


ec73d0cd7714e5fe3dc2c26d1bafb3809c4b93f6
[tmp/jakarta-migration.git] /
1 /**
2  *  This document is a part of the source code and related artifacts
3  *  for CollectionSpace, an open source collections management system
4  *  for museums and related institutions:
5
6  *  http://www.collectionspace.org
7  *  http://wiki.collectionspace.org
8
9  *  Copyright 2010 University of California at Berkeley
10
11  *  Licensed under the Educational Community License (ECL), Version 2.0.
12  *  You may not use this file except in compliance with this License.
13
14  *  You may obtain a copy of the ECL 2.0 License at
15
16  *  https://source.collectionspace.org/collection-space/LICENSE.txt
17
18  *  Unless required by applicable law or agreed to in writing, software
19  *  distributed under the License is distributed on an "AS IS" BASIS,
20  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
21  *  See the License for the specific language governing permissions and
22  *  limitations under the License.
23  */
24 /*
25  * To change this template, choose Tools | Templates
26  * and open the template in the editor.
27  */
28 package org.collectionspace.services.security.client.test;
29
30 import java.util.ArrayList;
31 import java.util.Collection;
32 import java.util.Date;
33 import java.util.Hashtable;
34 import java.util.List;
35 import javax.ws.rs.core.MediaType;
36 import javax.ws.rs.core.Response;
37 import org.collectionspace.services.account.AccountsCommon;
38 import org.collectionspace.services.authorization.AccountRole;
39 import org.collectionspace.services.authorization.AccountValue;
40 import org.collectionspace.services.authorization.perms.ActionType;
41 import org.collectionspace.services.authorization.perms.EffectType;
42
43 import org.collectionspace.services.authorization.perms.Permission;
44 import org.collectionspace.services.authorization.perms.PermissionAction;
45 import org.collectionspace.services.authorization.PermissionRole;
46 import org.collectionspace.services.authorization.PermissionValue;
47 import org.collectionspace.services.authorization.Role;
48 import org.collectionspace.services.authorization.RoleValue;
49 import org.collectionspace.services.client.AccountClient;
50 import org.collectionspace.services.client.AccountFactory;
51 import org.collectionspace.services.client.AccountRoleClient;
52 import org.collectionspace.services.client.AccountRoleFactory;
53 import org.collectionspace.services.client.CollectionSpaceClient;
54 import org.collectionspace.services.client.DimensionClient;
55 import org.collectionspace.services.client.DimensionFactory;
56 import org.collectionspace.services.client.IntakeClient;
57 import org.collectionspace.services.client.PayloadOutputPart;
58 import org.collectionspace.services.client.PermissionClient;
59 import org.collectionspace.services.client.PermissionFactory;
60 import org.collectionspace.services.client.PermissionRoleClient;
61 import org.collectionspace.services.client.PermissionRoleFactory;
62 import org.collectionspace.services.client.PoxPayloadIn;
63 import org.collectionspace.services.client.PoxPayloadOut;
64 import org.collectionspace.services.client.RoleClient;
65 import org.collectionspace.services.client.RoleFactory;
66 import org.collectionspace.services.client.test.AbstractServiceTestImpl;
67 import org.collectionspace.services.dimension.DimensionsCommon;
68 import org.collectionspace.services.intake.IntakesCommon;
69 import org.collectionspace.services.jaxb.AbstractCommonList;
70 import org.jboss.resteasy.client.ClientResponse;
71 import org.jboss.resteasy.plugins.providers.multipart.MultipartInput;
72 import org.jboss.resteasy.plugins.providers.multipart.MultipartOutput;
73 import org.jboss.resteasy.plugins.providers.multipart.OutputPart;
74
75 import org.testng.Assert;
76 import org.testng.annotations.Test;
77
78 import org.slf4j.Logger;
79 import org.slf4j.LoggerFactory;
80 import org.testng.annotations.AfterClass;
81 import org.testng.annotations.BeforeClass;
82
83 /**
84  * AuthorizationServiceTest, carries out tests against a
85  * deployed and running Permission, Role, AccountRole, PermissionRole and
86  * CollectionObject Services.
87  *
88  * Pre-requisite : authorization-mgt/client tests seed some permissions used
89  * by this test
90  *
91  * $LastChangedRevision: 917 $
92  * $LastChangedDate: 2009-11-06 12:20:28 -0800 (Fri, 06 Nov 2009) $
93  */
94 public class AuthorizationServiceTest extends AbstractServiceTestImpl {
95
96     private final String CLASS_NAME = AuthorizationServiceTest.class.getName();
97     private final Logger logger = LoggerFactory.getLogger(CLASS_NAME);
98     // Instance variables specific to this test.
99     private String knownResourceId = null;
100     private List<String> allResourceIdsCreated = new ArrayList();
101     //key for accValues is userId
102     private Hashtable<String, AccountValue> accValues = new Hashtable<String, AccountValue>();
103     //key for permValues is id as there could be several perms for the same resource
104     private Hashtable<String, PermissionValue> permValues = new Hashtable<String, PermissionValue>();
105     //key for roleValues is roleName
106     private Hashtable<String, RoleValue> roleValues = new Hashtable<String, RoleValue>();
107     private String bigbirdPermId;
108     private String elmoPermId;
109     private final static String TEST_SERVICE_NAME = "dimensions";
110     private boolean accountRolesFlipped = false;
111     /*
112      * This method is called only by the parent class, AbstractServiceTestImpl
113      */
114
115     @Override
116         protected String getServiceName() {
117         // no need to return anything but null since no auth resources are
118         // accessed
119         throw new UnsupportedOperationException();
120         }
121         
122     @Override
123     protected String getServicePathComponent() {
124         // no need to return anything but null since no auth resources are
125         // accessed
126         throw new UnsupportedOperationException();
127     }
128
129     @BeforeClass(alwaysRun = true)
130     public void seedData() {
131         seedPermissions();
132         seedRoles();
133         seedAccounts();
134         seedAccountRoles();
135         seedPermissionRoles();
136     }
137
138     private void seedPermissions() {
139         String res = TEST_SERVICE_NAME;
140
141         PermissionAction pac = new PermissionAction();
142         pac.setName(ActionType.CREATE);
143         PermissionAction par = new PermissionAction();
144         par.setName(ActionType.READ);
145         PermissionAction pau = new PermissionAction();
146         pau.setName(ActionType.UPDATE);
147
148
149         //bigbird can create, read and update but not delete
150         List<PermissionAction> bbactions = new ArrayList<PermissionAction>();
151         bbactions.add(pac);
152         bbactions.add(par);
153         bbactions.add(pau);
154         bigbirdPermId = createPermission(res, bbactions, EffectType.PERMIT);
155         PermissionValue bbpv = new PermissionValue();
156         bbpv.setResourceName(res);
157         bbpv.setPermissionId(bigbirdPermId);
158         permValues.put(bbpv.getPermissionId(), bbpv);
159
160         //elmo can only read
161         List<PermissionAction> eactions = new ArrayList<PermissionAction>();
162         eactions.add(par);
163         elmoPermId = createPermission(res, eactions, EffectType.PERMIT);
164         PermissionValue epv = new PermissionValue();
165         epv.setResourceName(res);
166         epv.setPermissionId(elmoPermId);
167         permValues.put(epv.getPermissionId(), epv);
168     }
169
170     private void seedRoles() {
171         String rn1 = "ROLE_TEST_CM";
172         String r1RoleId = createRole(rn1);
173         RoleValue rv1 = new RoleValue();
174         rv1.setRoleId(r1RoleId);
175         rv1.setRoleName(rn1);
176         roleValues.put(rv1.getRoleName(), rv1);
177
178         String rn2 = "ROLE_TEST_INTERN";
179         String r2RoleId = createRole(rn2);
180         RoleValue rv2 = new RoleValue();
181         rv2.setRoleId(r2RoleId);
182         rv2.setRoleName(rn2);
183         roleValues.put(rv2.getRoleName(), rv2);
184     }
185
186     private void seedAccounts() {
187         String userId1 = "bigbird2010";
188         String accId1 = createAccount(userId1, "bigbird@cspace.org");
189         AccountValue av1 = new AccountValue();
190         av1.setScreenName(userId1);
191         av1.setUserId(userId1);
192         av1.setAccountId(accId1);
193         accValues.put(av1.getUserId(), av1);
194
195         String userId2 = "elmo2010";
196         String accId2 = createAccount(userId2, "elmo@cspace.org");
197         AccountValue av2 = new AccountValue();
198         av2.setScreenName(userId2);
199         av2.setUserId(userId2);
200         av2.setAccountId(accId2);
201         accValues.put(av2.getUserId(), av2);
202
203         String userId3 = "lockedOut";
204         String accId3 = createAccount(userId3, "lockedOut@cspace.org");
205         AccountValue av3 = new AccountValue();
206         av3.setScreenName(userId3);
207         av3.setUserId(userId3);
208         av3.setAccountId(accId3);
209         accValues.put(av3.getUserId(), av3);
210     }
211
212     private void seedAccountRoles() {
213
214         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
215         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
216         createAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
217
218         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
219         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
220         createAccountRole(accValues.get("elmo2010"), elmoRoleValues);
221     }
222
223     private void seedPermissionRoles() {
224
225         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
226         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
227         createPermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
228
229         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
230         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
231         createPermissionRole(permValues.get(elmoPermId), elmoRoleValues);
232
233     }
234
235
236     /* (non-Javadoc)
237      * @see org.collectionspace.services.client.test.BaseServiceTest#getClientInstance()
238      */
239     @Override
240     protected CollectionSpaceClient getClientInstance() {
241         return null;
242     }
243
244     /* (non-Javadoc)
245      * @see org.collectionspace.services.client.test.BaseServiceTest#getAbstractCommonList(org.jboss.resteasy.client.ClientResponse)
246      */
247     @Override
248     protected AbstractCommonList getAbstractCommonList(
249             ClientResponse<AbstractCommonList> response) {
250         //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
251         throw new UnsupportedOperationException();
252     }
253
254     @Test(dataProvider = "testName")
255     @Override
256     public void readPaginatedList(String testName) throws Exception {
257         //FIXME: http://issues.collectionspace.org/browse/CSPACE-1697
258     }
259     // ---------------------------------------------------------------
260     // CRUD tests : CREATE tests
261     // ---------------------------------------------------------------
262     // Success outcomes
263
264     @Override
265     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
266     public void create(String testName) throws Exception {
267         if (logger.isDebugEnabled()) {
268             logger.debug(testBanner(testName, CLASS_NAME));
269         }
270         setupCreate();
271
272         // Submit the request to the service and store the response.
273         DimensionClient client = new DimensionClient();
274         //bigbird allowed to create
275         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
276         String identifier = createIdentifier();
277         DimensionsCommon dimension = new DimensionsCommon();
278         dimension.setDimension("dimensionType");
279         dimension.setMeasurementUnit("measurementUnit-" + identifier);
280         dimension.setValueDate(new Date().toString());
281         PoxPayloadOut multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
282                 dimension);
283         ClientResponse<Response> res = client.create(multipart);
284
285         int statusCode = res.getStatus();
286
287         if (logger.isDebugEnabled()) {
288             logger.debug(testName + ": status = " + statusCode);
289         }
290         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
291                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
292         Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
293         knownResourceId = extractId(res);
294         if (logger.isDebugEnabled()) {
295             logger.debug(testName + ": knownResourceId=" + knownResourceId);
296         }
297         
298         // Now verify that elmo cannot create
299         client = new DimensionClient();
300         client.setAuth(true, "elmo2010", true, "elmo2010", true);
301         res = client.create(multipart);
302
303         statusCode = res.getStatus();
304         if (logger.isDebugEnabled()) {
305             logger.debug(testName + " (verify not allowed): status = " + statusCode);
306         }
307         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
308                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
309         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
310         
311         //Finally, verify that elmo has no access to Intakes
312         // Submit the request to the service and store the response.
313         IntakeClient iclient = new IntakeClient();
314         iclient.setAuth(true, "elmo2010", true, "elmo2010", true);
315         multipart = createIntakeInstance(
316                 "entryNumber-" + identifier,
317                 "entryDate-" + identifier,
318                 "depositor-" + identifier);
319         res = iclient.create(multipart);
320         if (logger.isDebugEnabled()) {
321             logger.debug(testName + " (verify create intake not allowed): status = " + statusCode);
322         }
323         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
324                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
325         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
326         
327     }
328     
329     /**
330      * Creates the intake instance.
331      *
332      * @param entryNumber the entry number
333      * @param entryDate the entry date
334      * @param depositor the depositor
335      * @return the multipart output
336      */
337     private PoxPayloadOut createIntakeInstance(String entryNumber,
338                 String entryDate,
339                 String depositor) {
340         IntakesCommon intake = new IntakesCommon();
341         intake.setEntryNumber(entryNumber);
342         intake.setEntryDate(entryDate);
343         intake.setDepositor(depositor);
344
345         PoxPayloadOut multipart = new PoxPayloadOut(IntakeClient.SERVICE_PAYLOAD_NAME);
346         PayloadOutputPart commonPart =
347             multipart.addPart(intake, MediaType.APPLICATION_XML_TYPE);
348         commonPart.setLabel(new IntakeClient().getCommonPartName());
349
350         if(logger.isDebugEnabled()){
351             logger.debug("to be created, intake common");
352             logger.debug(objectAsXmlString(intake, IntakesCommon.class));
353         }
354
355         return multipart;
356     }
357
358     
359     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
360             dependsOnMethods = {"delete"})
361     public void verifyCreateWithFlippedRoles(String testName) throws Exception {
362         if (logger.isDebugEnabled()) {
363             logger.debug(testBanner(testName, CLASS_NAME));
364         }
365         setupCreate();
366
367         // Submit the request to the service and store the response.
368         DimensionClient client = new DimensionClient();
369         flipInitialAccountRoles();
370
371         // Now verify that elmo can create
372         client.setAuth(true, "elmo2010", true, "elmo2010", true);
373         client = new DimensionClient();
374         
375         String identifier = createIdentifier();
376         DimensionsCommon dimension = new DimensionsCommon();
377         dimension.setDimension("dimensionType");
378         dimension.setMeasurementUnit("measurementUnit-" + identifier);
379         dimension.setValueDate(new Date().toString());
380         PoxPayloadOut multipart = DimensionFactory.createDimensionInstance(client.getCommonPartName(),
381                 dimension);
382         ClientResponse<Response> res = client.create(multipart);
383
384         int statusCode = res.getStatus();
385
386         if (logger.isDebugEnabled()) {
387             logger.debug(testName + ": status = " + statusCode);
388         }
389         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
390                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
391         Assert.assertEquals(statusCode, Response.Status.CREATED.getStatusCode());
392         knownResourceId = extractId(res);
393         if (logger.isDebugEnabled()) {
394             logger.debug(testName + ": knownResourceId=" + knownResourceId);
395         }
396         
397         //bigbird no longer allowed to create
398         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
399         res = client.create(multipart);
400
401         statusCode = res.getStatus();
402         if (logger.isDebugEnabled()) {
403             logger.debug(testName + " (verify not allowed): status = " + statusCode);
404         }
405         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
406                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
407         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
408         restoreInitialAccountRoles();
409     }
410
411     //to not cause uniqueness violation for permRole, createList is removed
412     @Override
413     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
414     dependsOnMethods = {"create"})
415     public void createList(String testName) throws Exception {
416     }
417
418     // Failure outcomes
419     // Placeholders until the three tests below can be uncommented.
420     // See Issue CSPACE-401.
421     @Override
422     public void createWithEmptyEntityBody(String testName) throws Exception {
423     }
424
425     @Override
426     public void createWithMalformedXml(String testName) throws Exception {
427     }
428
429     @Override
430     public void createWithWrongXmlSchema(String testName) throws Exception {
431     }
432
433     // ---------------------------------------------------------------
434     // CRUD tests : READ tests
435     // ---------------------------------------------------------------
436     // Success outcomes
437     @Override
438     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
439     dependsOnMethods = {"create"})
440     public void read(String testName) throws Exception {
441
442         if (logger.isDebugEnabled()) {
443             logger.debug(testBanner(testName, CLASS_NAME));
444         }
445         // Perform setup.
446         setupRead();
447
448         // Submit the request to the service and store the response.
449         DimensionClient client = new DimensionClient();
450         //elmo allowed to read
451         client.setAuth(true, "elmo2010", true, "elmo2010", true);
452         ClientResponse<String> res = client.read(knownResourceId);
453         int statusCode = res.getStatus();
454
455         // Check the status code of the response: does it match
456         // the expected response(s)?
457         if (logger.isDebugEnabled()) {
458             logger.debug(testName + ": status = " + statusCode);
459         }
460         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
461                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
462         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
463
464         PoxPayloadIn input = new PoxPayloadIn(res.getEntity());
465         DimensionsCommon dimension = (DimensionsCommon) extractPart(input,
466                 client.getCommonPartName(), DimensionsCommon.class);
467         Assert.assertNotNull(dimension);
468     }
469
470     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
471             dependsOnMethods = {"read"})
472     public void readLockedOut(String testName) throws Exception {
473
474         if (logger.isDebugEnabled()) {
475             logger.debug(testBanner(testName, CLASS_NAME));
476         }
477         // Perform setup.
478         setupRead();
479
480         // Submit the request to the service and store the response.
481         DimensionClient client = new DimensionClient();
482         //lockedOut allowed to read
483         client.setAuth(true, "lockedOut", true, "lockedOut", true);
484         ClientResponse<String> res = client.read(knownResourceId);
485         int statusCode = res.getStatus();
486
487         // Check the status code of the response: does it match
488         // the expected response(s)?
489         if (logger.isDebugEnabled()) {
490             logger.debug(testName + " (test lockedOut): status = " + statusCode);
491         }
492         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
493                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
494         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
495     }
496
497     // Failure outcomes
498     @Override
499     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
500     public void readNonExistent(String testName) throws Exception {
501
502         // Perform setup.
503         setupReadNonExistent();
504     }
505
506     // ---------------------------------------------------------------
507     // CRUD tests : READ_LIST tests
508     // ---------------------------------------------------------------
509     // Success outcomes
510     @Override
511     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
512     dependsOnMethods = {"createList", "read"})
513     public void readList(String testName) throws Exception {
514         setupReadList();
515     }
516
517     // Failure outcomes
518     // None at present.
519     // ---------------------------------------------------------------
520     // CRUD tests : UPDATE tests
521     // ---------------------------------------------------------------
522     // Success outcomes
523     @Override
524     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
525     dependsOnMethods = {"read", "readList", "readNonExistent"})
526     public void update(String testName) throws Exception {
527         setupUpdate();
528
529     }
530
531     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
532     dependsOnMethods = {"read", "readList", "readNonExistent"})
533     public void updateNotAllowed(String testName) throws Exception {
534
535         if (logger.isDebugEnabled()) {
536             logger.debug(testBanner(testName, CLASS_NAME));
537         }
538         setupUpdate();
539
540         DimensionClient client = new DimensionClient();
541
542         //elmo not allowed to update
543         client.setAuth(true, "elmo2010", true, "elmo2010", true);
544
545         DimensionsCommon dimension = new DimensionsCommon();
546         dimension.setDimension("dimensionType");
547         // Update the content of this resource.
548         dimension.setMeasurementUnit("updated-" + dimension.getMeasurementUnit());
549         dimension.setValueDate("updated-" + dimension.getValueDate());
550         // Submit the request to the service and store the response.
551         PoxPayloadOut output = new PoxPayloadOut(DimensionClient.SERVICE_PAYLOAD_NAME);
552         PayloadOutputPart commonPart = output.addPart(dimension, MediaType.APPLICATION_XML_TYPE);
553         commonPart.setLabel(client.getCommonPartName());
554
555         ClientResponse<String> res = client.update(knownResourceId, output);
556         int statusCode = res.getStatus();
557         // Check the status code of the response: does it match the expected response(s)?
558         if (logger.isDebugEnabled()) {
559             logger.debug(testName + ": status = " + statusCode);
560         }
561         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
562                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
563         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
564         
565         client = new DimensionClient();
566
567         //lockedOut not allowed to update
568         client.setAuth(true, "lockedOut", true, "lockedOut", true);
569         res = client.update(knownResourceId, output);
570         statusCode = res.getStatus();
571         // Check the status code of the response: does it match the expected response(s)?
572         if (logger.isDebugEnabled()) {
573             logger.debug(testName + ": (lockedOut) status = " + statusCode);
574         }
575         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
576                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
577         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
578         
579     }
580
581     // Failure outcomes
582     // Placeholders until the three tests below can be uncommented.
583     // See Issue CSPACE-401.
584     @Override
585     public void updateWithEmptyEntityBody(String testName) throws Exception {
586     }
587
588     @Override
589     public void updateWithMalformedXml(String testName) throws Exception {
590     }
591
592     @Override
593     public void updateWithWrongXmlSchema(String testName) throws Exception {
594     }
595
596     @Override
597     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
598     dependsOnMethods = {"readNonExistent", "testSubmitRequest"})
599     public void updateNonExistent(String testName) throws Exception {
600     }
601
602     // ---------------------------------------------------------------
603     // CRUD tests : DELETE tests
604     // ---------------------------------------------------------------
605     // Success outcomes
606     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
607     dependsOnMethods = {"updateNotAllowed"})
608     public void deleteNotAllowed(String testName) throws Exception {
609
610         if (logger.isDebugEnabled()) {
611             logger.debug(testBanner(testName, CLASS_NAME));
612         }
613         // Perform setup.
614         setupDelete();
615
616         // Submit the request to the service and store the response.
617         DimensionClient client = new DimensionClient();
618         //bigbird can not delete
619         client.setAuth(true, "bigbird2010", true, "bigbird2010", true);
620         ClientResponse<Response> res = client.delete(knownResourceId);
621         int statusCode = res.getStatus();
622
623         // Check the status code of the response: does it match
624         // the expected response(s)?
625         if (logger.isDebugEnabled()) {
626             logger.debug(testName + ": status = " + statusCode);
627         }
628         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
629                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
630         Assert.assertEquals(statusCode, Response.Status.FORBIDDEN.getStatusCode());
631
632     }
633
634     @Override
635     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class,
636     dependsOnMethods = {"deleteNotAllowed"})
637     public void delete(String testName) throws Exception {
638
639         if (logger.isDebugEnabled()) {
640             logger.debug(testBanner(testName, CLASS_NAME));
641         }
642         // Perform setup.
643         setupDelete();
644
645         // Submit the request to the service and store the response.
646         DimensionClient client = new DimensionClient();
647
648         ClientResponse<Response> res = client.delete(knownResourceId);
649         int statusCode = res.getStatus();
650
651         // Check the status code of the response: does it match
652         // the expected response(s)?
653         if (logger.isDebugEnabled()) {
654             logger.debug(testName + ": status = " + statusCode);
655         }
656         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
657                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
658         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
659
660     }
661
662     // Failure outcomes
663     @Override
664     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
665     public void deleteNonExistent(String testName) throws Exception {
666         //ignoring this test as the service side returns 200 now even if it does
667         //not find a record in the db
668     }
669     
670     // ---------------------------------------------------------------
671     // Search tests
672     // ---------------------------------------------------------------
673     
674     @Override
675     @Test(dataProvider = "testName", dataProviderClass = AbstractServiceTestImpl.class)
676     public void searchWorkflowDeleted(String testName) throws Exception {
677         // Fixme: null test for now, overriding test in base class
678     } 
679
680     // ---------------------------------------------------------------
681     // Utility tests : tests of code used in tests above
682     // ---------------------------------------------------------------
683     /**
684      * Tests the code for manually submitting data that is used by several
685      * of the methods above.
686      */
687     @Test(dependsOnMethods = {"create"})
688     public void testSubmitRequest() throws Exception {
689     }
690
691     // ---------------------------------------------------------------
692     // Utility methods used by tests above
693     // ---------------------------------------------------------------
694     @AfterClass(alwaysRun = true)
695     public void cleanUp() {
696         setupDelete();
697         String noTest = System.getProperty("noTestCleanup");
698         if (Boolean.TRUE.toString().equalsIgnoreCase(noTest)) {
699             if (logger.isDebugEnabled()) {
700                 logger.debug("Skipping Cleanup phase ...");
701             }
702             return;
703         }
704         if (logger.isDebugEnabled()) {
705             logger.debug("Cleaning up temporary resources created for testing ...");
706         }
707
708         deletePermissionRoles();
709         deleteAccountRoles();
710         //FIXME delete on permission deletes all associations with roles
711         //this would delete association with ROLE_ADMINISTRATOR too
712         //deletePermissions();
713         deleteRoles();
714         deleteAccounts();
715     }
716
717     private void deletePermissionRoles() {
718
719         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
720         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
721         deletePermissionRole(permValues.get(bigbirdPermId), bigbirdRoleValues);
722
723         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
724         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
725         deletePermissionRole(permValues.get(elmoPermId), elmoRoleValues);
726
727     }
728
729     private void deleteAccountRoles() {
730         List<RoleValue> bigbirdRoleValues = new ArrayList<RoleValue>();
731         bigbirdRoleValues.add(roleValues.get("ROLE_TEST_CM"));
732
733         List<RoleValue> elmoRoleValues = new ArrayList<RoleValue>();
734         elmoRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
735         if(!accountRolesFlipped) {
736                 deleteAccountRole(accValues.get("bigbird2010"), bigbirdRoleValues);
737                 deleteAccountRole(accValues.get("elmo2010"), elmoRoleValues);
738         } else {
739                 deleteAccountRole(accValues.get("bigbird2010"), elmoRoleValues);
740                 deleteAccountRole(accValues.get("elmo2010"),bigbirdRoleValues );
741         }
742     }
743     
744     private void flipInitialAccountRoles() {
745         if(!accountRolesFlipped) {
746                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
747                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
748                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
749                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
750                 
751                 deleteAccountRole(accValues.get("bigbird2010"), cmRoleValues);
752                 deleteAccountRole(accValues.get("elmo2010"), internRoleValues);
753
754                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
755                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
756                 
757                 accountRolesFlipped = true;
758         }
759     }
760
761     private void restoreInitialAccountRoles() {
762         if(accountRolesFlipped) {
763                 List<RoleValue> cmRoleValues = new ArrayList<RoleValue>();
764                 List<RoleValue> internRoleValues = new ArrayList<RoleValue>();
765                 cmRoleValues.add(roleValues.get("ROLE_TEST_CM"));
766                 internRoleValues.add(roleValues.get("ROLE_TEST_INTERN"));
767                 
768                 deleteAccountRole(accValues.get("bigbird2010"), internRoleValues);
769                 deleteAccountRole(accValues.get("elmo2010"), cmRoleValues);
770
771                 createAccountRole(accValues.get("bigbird2010"), internRoleValues);
772                 createAccountRole(accValues.get("elmo2010"), cmRoleValues);
773                 accountRolesFlipped = false;
774         }
775     }
776
777
778
779     private void deletePermissions() {
780         //delete entities
781         for (PermissionValue pv : permValues.values()) {
782             deletePermission(pv.getPermissionId());
783         }
784     }
785
786     private void deleteRoles() {
787         for (RoleValue rv : roleValues.values()) {
788             deleteRole(rv.getRoleId());
789         }
790     }
791
792     private void deleteAccounts() {
793
794         for (AccountValue av1 : accValues.values()) {
795             deleteAccount(av1.getAccountId());
796         }
797     }
798
799     private String createPermission(String resName, EffectType effect) {
800         List<PermissionAction> actions = PermissionFactory.createDefaultActions();
801         return createPermission(resName, actions, effect);
802     }
803
804     private String createPermission(String resName,
805             List<PermissionAction> actions, EffectType effect) {
806         setupCreate();
807         PermissionClient permClient = new PermissionClient();
808         Permission permission = PermissionFactory.createPermissionInstance(resName,
809                 "default permissions for " + resName,
810                 actions, effect, true, true, true);
811         ClientResponse<Response> res = permClient.create(permission);
812         int statusCode = res.getStatus();
813         if (logger.isDebugEnabled()) {
814             logger.debug("createPermission: resName=" + resName
815                     + " status = " + statusCode);
816         }
817         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
818                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
819         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
820         res.releaseConnection();
821         return extractId(res);
822     }
823
824     private void deletePermission(String permId) {
825         setupDelete();
826         PermissionClient permClient = new PermissionClient();
827         ClientResponse<Response> res = permClient.delete(permId);
828         int statusCode = res.getStatus();
829         if (logger.isDebugEnabled()) {
830             logger.debug("deletePermission: delete permission id="
831                     + permId + " status=" + statusCode);
832         }
833         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
834                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
835         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
836         res.releaseConnection();
837     }
838
839     private String createRole(String roleName) {
840         setupCreate();
841         RoleClient roleClient = new RoleClient();
842
843         Role role = RoleFactory.createRoleInstance(roleName,
844                         roleName, //the display name
845                 "role for " + roleName, true);
846         ClientResponse<Response> res = roleClient.create(role);
847         int statusCode = res.getStatus();
848         if (logger.isDebugEnabled()) {
849             logger.debug("createRole: name=" + roleName
850                     + " status = " + statusCode);
851         }
852         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
853                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
854         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
855         res.releaseConnection();
856         return extractId(res);
857     }
858
859     private void deleteRole(String roleId) {
860         setupDelete();
861         RoleClient roleClient = new RoleClient();
862         ClientResponse<Response> res = roleClient.delete(roleId);
863         int statusCode = res.getStatus();
864         if (logger.isDebugEnabled()) {
865             logger.debug("deleteRole: delete role id=" + roleId
866                     + " status=" + statusCode);
867         }
868         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
869                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
870         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
871         res.releaseConnection();
872     }
873
874     private String createAccount(String userName, String email) {
875         setupCreate();
876         AccountClient accountClient = new AccountClient();
877         AccountsCommon account = AccountFactory.createAccountInstance(
878                 userName, userName, userName, email, accountClient.getTenantId(),
879                 true, false, true, true);
880         ClientResponse<Response> res = accountClient.create(account);
881         int statusCode = res.getStatus();
882         if (logger.isDebugEnabled()) {
883             logger.debug("createAccount: userName=" + userName
884                     + " status = " + statusCode);
885         }
886         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
887                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
888         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
889         res.releaseConnection();
890         return extractId(res);
891     }
892
893     private void deleteAccount(String accId) {
894         setupDelete();
895         AccountClient accClient = new AccountClient();
896         ClientResponse<Response> res = accClient.delete(accId);
897         int statusCode = res.getStatus();
898         if (logger.isDebugEnabled()) {
899             logger.debug("deleteAccount: delete account id="
900                     + accId + " status=" + statusCode);
901         }
902         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
903                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
904         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
905         res.releaseConnection();
906     }
907
908     private String createAccountRole(AccountValue av,
909             Collection<RoleValue> rvs) {
910         setupCreate();
911
912         // Submit the request to the service and store the response.
913         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
914                 av, rvs, true, true);
915         AccountRoleClient client = new AccountRoleClient();
916         ClientResponse<Response> res = client.create(av.getAccountId(), accRole);
917         int statusCode = res.getStatus();
918
919         if (logger.isDebugEnabled()) {
920             logger.debug("createAccountRole: status = " + statusCode);
921         }
922         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
923                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
924         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
925         res.releaseConnection();
926         return extractId(res);
927     }
928
929     private void deleteAccountRole(AccountValue av,
930             Collection<RoleValue> rvs) {
931         // Perform setup.
932         setupDelete();
933
934         // Submit the request to the service and store the response.
935         AccountRoleClient client = new AccountRoleClient();
936         AccountRole accRole = AccountRoleFactory.createAccountRoleInstance(
937                 av, rvs, true, true);
938         ClientResponse<Response> res = client.delete(
939                 av.getAccountId());
940         int statusCode = res.getStatus();
941
942         // Check the status code of the response: does it match
943         // the expected response(s)?
944         if (logger.isDebugEnabled()) {
945             logger.debug("deleteAccountRole: status = " + statusCode);
946         }
947         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
948                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
949         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
950         res.releaseConnection();
951     }
952
953     private String createPermissionRole(PermissionValue pv,
954             Collection<RoleValue> rvs) {
955         setupCreate();
956         List<RoleValue> rvls = new ArrayList<RoleValue>();
957         rvls.addAll(rvs);
958         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
959                 pv, rvls, true, true);
960         PermissionRoleClient client = new PermissionRoleClient();
961         ClientResponse<Response> res = client.create(pv.getPermissionId(), permRole);
962         int statusCode = res.getStatus();
963
964         if (logger.isDebugEnabled()) {
965             logger.debug("createPermissionRole: status = " + statusCode);
966         }
967         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
968                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
969         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
970         res.releaseConnection();
971         return extractId(res);
972     }
973
974     private void deletePermissionRole(PermissionValue pv,
975             Collection<RoleValue> rvs) {
976         List<RoleValue> rvls = new ArrayList<RoleValue>();
977         rvls.addAll(rvs);
978
979         // Perform setup.
980         setupDelete();
981
982         // Submit the request to the service and store the response.
983         PermissionRoleClient client = new PermissionRoleClient();
984         PermissionRole permRole = PermissionRoleFactory.createPermissionRoleInstance(
985                 pv, rvls, true, true);
986         ClientResponse<Response> res = client.delete(pv.getPermissionId());
987         int statusCode = res.getStatus();
988
989         // Check the status code of the response: does it match
990         // the expected response(s)?
991         if (logger.isDebugEnabled()) {
992             logger.debug("deletePermissionRole : status = " + statusCode);
993         }
994         Assert.assertTrue(REQUEST_TYPE.isValidStatusCode(statusCode),
995                 invalidStatusCodeMessage(REQUEST_TYPE, statusCode));
996         Assert.assertEquals(statusCode, EXPECTED_STATUS_CODE);
997         res.releaseConnection();
998     }
999 }