Clover icon

sunshower-sdk

  1. Project Clover database Wed Apr 4 2018 21:39:43 UTC
  2. Package io.sunshower.sdk.v1.core.security

File DefaultSignupEndpointTest.java

 

Code metrics

2
57
7
1
224
190
13
0.23
8.14
7
1.86

Classes

Class Line # Actions
DefaultSignupEndpointTest 29 57 13
0.9545454495.5%
 

Contributing tests

This file is covered by 7 tests. .

Source view

1    package io.sunshower.sdk.v1.core.security;
2   
3    import io.sunshower.model.core.auth.Role;
4    import io.sunshower.sdk.core.ActivationEndpoint;
5    import io.sunshower.sdk.test.SdkTest;
6    import io.sunshower.sdk.v1.endpoints.core.security.SecurityEndpoint;
7    import io.sunshower.sdk.v1.endpoints.core.security.SignupEndpoint;
8    import io.sunshower.sdk.v1.model.core.security.*;
9    import io.sunshower.service.security.PermissionsService;
10    import io.sunshower.service.signup.SignupService;
11    import io.sunshower.test.ws.Remote;
12    import org.junit.jupiter.api.Test;
13    import org.springframework.test.annotation.DirtiesContext;
14   
15    import javax.inject.Inject;
16    import javax.persistence.EntityManager;
17    import javax.persistence.PersistenceContext;
18    import javax.ws.rs.BadRequestException;
19    import javax.ws.rs.ClientErrorException;
20    import javax.ws.rs.NotAuthorizedException;
21    import java.util.List;
22    import java.util.stream.Collectors;
23   
24    import static org.hamcrest.CoreMatchers.*;
25    import static org.junit.Assert.*;
26    import static org.junit.jupiter.api.Assertions.assertThrows;
27   
28    @DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
 
29    public class DefaultSignupEndpointTest extends SdkTest {
30   
31    @Inject private SignupService signupService;
32   
33    @Remote private SignupEndpoint signupEndpoint;
34   
35    @Inject private PermissionsService<?> permissionsService;
36   
37    @Remote private SecurityEndpoint securityEndpoint;
38   
39    @Remote private ActivationEndpoint activationEndpoint;
40   
41    @PersistenceContext private EntityManager entityManager;
42   
 
43  1 toggle @Test
44    public void ensureSignupEndpointIsInjected() {
45  1 assertThat(signupEndpoint, is(not(nullValue())));
46    }
47   
 
48  1 toggle @Test
49    public void ensureSignupEndpoint() {
50  1 assertThrows(
51    BadRequestException.class,
52    () -> {
53  1 signupEndpoint.signup(new RegistrationRequestElement());
54    });
55    }
56   
 
57  1 toggle @Test
58    public void ensureSigningUpUserWorksAndRequiresNoAuthentication() {
59  1 RegistrationRequestElement e =
60    RegistrationRequestElement.newRegistration()
61    .username("usernameasdfasfasdf")
62    .emailAddress("joe@haswelladsfadfasdf.com")
63    .password("frapper")
64    .firstName("coolbeans")
65    .lastName("whatever")
66    .phoneNumber("970-581-1999")
67    .create();
68  1 RegistrationConfirmationElement signup = signupEndpoint.signup(e);
69  1 assertThat(signup.getPrincipal().getUsername(), is("usernameasdfasfasdf"));
70  1 assertThat(signup.getRegistrationId(), is(not(nullValue())));
71   
72  1 try {
73  1 signupEndpoint.list().size();
74  0 fail("should've not been able to do this");
75    } catch (NotAuthorizedException ex) {
76   
77    } finally {
78  1 signupEndpoint.delete(signup.getRegistrationId());
79    }
80    }
81   
 
82  1 toggle @Test
83    public void ensureListingElementsWorksWhenAuthorized() {
84  1 RegistrationRequestElement e =
85    RegistrationRequestElement.newRegistration()
86    .username("frapperfradfasdfasdfom")
87    .emailAddress("joe@haswelladsfadfasdf.comasdfasf")
88    .password("frapper")
89    .firstName("coolbeans")
90    .lastName("whatever")
91    .phoneNumber("970-581-1999")
92    .create();
93  1 RegistrationConfirmationElement signup = signupEndpoint.signup(e);
94   
95  1 permissionsService.impersonate(
96    () -> {
97  1 try {
98  1 List<RegistrationRequestElement> list = signupEndpoint.list();
99    // assertThat(list.size(), is(1));
100  1 assertThat(list.size() > 0, is(true));
101   
102  1 RegistrationRequestElement registration = list.get(0);
103   
104  1 assertThat(registration.getRegistrationId(), is(not(nullValue())));
105    } finally {
106  1 signupEndpoint.delete(signup.getRegistrationId());
107    }
108    },
109    new Role("admin"));
110    }
111   
 
112  1 toggle @Test
113    public void
114    ensureApprovingRegistrationThenAuthenticatingWithApprovedIdWorksAndReturnsCorrectRoles() {
115   
116  1 RegistrationRequestElement el =
117    RegistrationRequestElement.newRegistration()
118    .username("new-user2")
119    .emailAddress("user@new2.com")
120    .password("password")
121    .firstName("asfafasdfcoolbeans")
122    .lastName("whateverafadsfadsf")
123    .phoneNumber("970-581-2131")
124    .create();
125  1 RegistrationConfirmationElement signup = signupEndpoint.signup(el);
126  1 permissionsService.impersonate(
127    () -> {
128  1 try {
129  1 List<RegistrationRequestElement> list = signupEndpoint.list();
130    // assertThat(list.size(), is(1));
131  1 assertTrue(list.size() > 0);
132  1 RegistrationRequestElement e =
133    list.stream().filter(t -> t.getUsername().equals("new-user2")).findFirst().get();
134   
135  1 signupEndpoint.approve(e.getRegistrationId());
136   
137  1 AuthenticationElement element =
138    Authenticate.as("new-user2").withPassword("password").at(securityEndpoint);
139  1 List<RoleElement> roles = element.getPrincipal().getRoles();
140  1 assertThat(roles.size(), is(1));
141  1 assertThat(
142    roles
143    .stream()
144    .map(RoleElement::getAuthority)
145    .collect(Collectors.toSet())
146    .contains("tenant:user"),
147    is(true));
148    } finally {
149  1 try {
150  1 signupEndpoint.delete(signup.getRegistrationId());
151    } catch (Exception e) {
152   
153    }
154    }
155    },
156    new Role("admin"));
157    }
158   
 
159  1 toggle @Test
160    public void ensureDeactivatingUserResultsInUserNotBeingAbleToAuthenticate() {
161   
162  1 RegistrationRequestElement reg =
163    RegistrationRequestElement.newRegistration()
164    .username("username1")
165    .emailAddress("joe1@haswell.com")
166    .password("frapper")
167    .firstName("coolbeans")
168    .lastName("whatever")
169    .phoneNumber("970-212-9191")
170    .create();
171  1 RegistrationConfirmationElement signup = signupEndpoint.signup(reg);
172  1 permissionsService.impersonate(
173    () -> {
174  1 List<RegistrationRequestElement> list = signupEndpoint.list();
175  1 assertThat(list.size(), is(1));
176  1 RegistrationRequestElement e = list.get(0);
177   
178  1 signupEndpoint.approve(e.getRegistrationId());
179   
180  1 AuthenticationElement element =
181    Authenticate.as("username1").withPassword("frapper").at(securityEndpoint);
182   
183  1 signupEndpoint.revoke(element.getPrincipal().getId());
184  1 try {
185  1 Authenticate.as("username1").withPassword("frapper").at(securityEndpoint);
186  0 fail("Should've been rejected");
187    } catch (NotAuthorizedException ex) {
188   
189    } finally {
190  1 try {
191  1 signupEndpoint.delete(signup.getRegistrationId());
192    } catch (Exception ex) {
193    // TODO log
194    }
195    }
196    },
197    new Role("admin"));
198    }
199   
 
200  1 toggle @Test
201    public void ensureSubmittingDuplicatesResultsIn409() {
202  1 RegistrationRequestElement reg = null;
203  1 RegistrationConfirmationElement el = null;
204  1 try {
205  1 reg =
206    RegistrationRequestElement.newRegistration()
207    .username("username")
208    .emailAddress("joe@haswell.com")
209    .password("frapper")
210    .firstName("coolbeans")
211    .lastName("whatever")
212    .phoneNumber("970-212-9191")
213    .create();
214  1 el = signupEndpoint.signup(reg);
215  1 signupEndpoint.signup(reg);
216    } catch (ClientErrorException ex) {
217  1 assertThat(ex.getResponse().getStatus(), is(409));
218    } finally {
219  1 if (el != null) {
220  1 signupEndpoint.delete(el.getRegistrationId());
221    }
222    }
223    }
224    }