Package org.projectforge.fibu

Source Code of org.projectforge.fibu.ProjektDaoTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
/////////////////////////////////////////////////////////////////////////////
//
// Project ProjectForge Community Edition
//         www.projectforge.org
//
// Copyright (C) 2001-2014 Kai Reinhard (k.reinhard@micromata.de)
//
// ProjectForge is dual-licensed.
//
// This community edition is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License as published
// by the Free Software Foundation; version 3 of the License.
//
// This community edition is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General
// Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, see http://www.gnu.org/licenses/.
//
/////////////////////////////////////////////////////////////////////////////

package org.projectforge.fibu;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;

import java.io.Serializable;

import org.junit.Test;
import org.projectforge.access.AccessException;
import org.projectforge.test.TestBase;
import org.projectforge.user.GroupDO;


public class ProjektDaoTest extends TestBase
{
  private ProjektDao projektDao;

  @Test
  public void checkAccess()
  {
    logon(TEST_FINANCE_USER);
    final GroupDO group = initTestDB.addGroup("ProjektDaoTest.ProjectManagers", TEST_PROJECT_ASSISTANT_USER);
    ProjektDO projekt = new ProjektDO();
    projekt.setName("ACME - Webportal");
    projekt.setProjektManagerGroup(group);
    Serializable id = projektDao.save(projekt);
    projekt = projektDao.getById(id);
    projekt.setDescription("Test");
    projektDao.update(projekt);
   
    logon(TEST_CONTROLLING_USER);
    checkNoWriteAccess(id, projekt, "Controlling");

    logon(TEST_USER);
    checkNoAccess(id, "Other");
    checkNoAccess(id, projekt, "Other");

    logon(TEST_PROJECT_MANAGER_USER);
    projektDao.getList(new ProjektFilter());
    checkNoAccess(id, projekt, "Project manager");

    logon(TEST_PROJECT_ASSISTANT_USER);
    projektDao.getList(new ProjektFilter());
    checkNoWriteAccess(id, projekt, "Project assistant");
    checkNoHistoryAccess(id, projekt, "Project assistant");

    logon(TEST_ADMIN_USER);
    checkNoAccess(id, projekt, "Admin ");
    checkNoAccess(id, projekt, "Project manager");
  }
 
  private void checkNoAccess(Serializable id, String who) {
    try {
      ProjektFilter filter = new ProjektFilter();
      projektDao.getList(filter);
      fail("AccessException expected: " + who + " users should not have select list access to projects.");
    } catch (AccessException ex) {
      // OK
    }
  }

  private void checkNoAccess(Serializable id, ProjektDO projekt, String who)
  {
    try {
      projektDao.getById(id);
      fail("AccessException expected: " + who + " users should not have select access to projects.");
    } catch (AccessException ex) {
      // OK
    }
    checkNoHistoryAccess(id, projekt, who);
    checkNoWriteAccess(id, projekt, who);
  }
 
  private void checkNoHistoryAccess(Serializable id, ProjektDO projekt, String who)
  {
    assertEquals(who + " users should not have select access to history of projects.",projektDao.hasLoggedInUserHistoryAccess(false), false);
    try {
      projektDao.hasLoggedInUserHistoryAccess(true);
      fail("AccessException expected: " + who + " users should not have select access to history of projects.");
    } catch (AccessException ex) {
      // OK
    }
    assertEquals(who + " users should not have select access to history of projects.", projektDao.hasLoggedInUserHistoryAccess(projekt, false), false);
    try {
      projektDao.hasLoggedInUserHistoryAccess(projekt, true);
      fail("AccessException expected: " + who + " users should not have select access to history of invoices.");
    } catch (AccessException ex) {
      // OK
    }
  } 

  private void checkNoWriteAccess(Serializable id, ProjektDO projekt, String who)
  {
    try {
      ProjektDO ku = new ProjektDO();
      projekt.setName("ACME - Webportal 2");
      projektDao.save(ku);
      fail("AccessException expected: " + who + " users should not have save access to projects.");
    } catch (AccessException ex) {
      // OK
    }
    try {
      projekt.setDescription(who);
      projektDao.update(projekt);
      fail("AccessException expected: " + who + " users should not have update access to projects.");
    } catch (AccessException ex) {
      // OK
    }
  }

  public void setProjektDao(ProjektDao projektDao)
  {
    this.projektDao = projektDao;
  }
}
TOP

Related Classes of org.projectforge.fibu.ProjektDaoTest

  • org.projectforge.user.GroupDO
  • java.io.Serializable
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.