Package org.geomajas.plugin.staticsecurity.command

Source Code of org.geomajas.plugin.staticsecurity.command.LoginCommandTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
/*
* This is part of Geomajas, a GIS framework, http://www.geomajas.org/.
*
* Copyright 2008-2011 Geosparc nv, http://www.geosparc.com/, Belgium.
*
* The program is available in open source according to the GNU Affero
* General Public License. All contributions in this program are covered
* by the Geomajas Contributors License Agreement. For full licensing
* details, see LICENSE.txt in the project root.
*/

package org.geomajas.plugin.staticsecurity.command;

import org.geomajas.plugin.staticsecurity.command.dto.LoginRequest;
import org.geomajas.plugin.staticsecurity.command.dto.LoginResponse;
import org.geomajas.plugin.staticsecurity.command.staticsecurity.LoginCommand;
import org.geomajas.plugin.staticsecurity.security.AuthenticationTokenService;
import org.geomajas.security.Authentication;
import org.geomajas.security.BaseAuthorization;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

/**
* Verify the functioning of the {@link org.geomajas.plugin.staticsecurity.command.staticsecurity.LoginCommand} class.
*
* @author Joachim Van der Auwera
*/
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = {"/org/geomajas/spring/geomajasContext.xml",
    "/org/geomajas/plugin/staticsecurity/security.xml"})
public class LoginCommandTest {

  @Autowired
  private LoginCommand loginCommand;

  @Autowired
  private AuthenticationTokenService tokenService;

  @Test
  public void testValidLogin() throws Exception {
    LoginRequest request = new LoginRequest();
    request.setLogin("luc");
    request.setPassword("luc");
    LoginResponse response = loginCommand.getEmptyCommandResponse();
    loginCommand.execute(request, response);
    String token = response.getToken();
    Assert.assertNotNull(token);

    Authentication auth = tokenService.getAuthentication(token);
    Assert.assertEquals(1, auth.getAuthorizations().length);
    BaseAuthorization authorizaton = auth.getAuthorizations()[0];
    Assert.assertTrue(authorizaton.isToolAuthorized("bla"));
    Assert.assertTrue(authorizaton.isCommandAuthorized("bla"));
    Assert.assertTrue(authorizaton.isLayerVisible("bla"));
    Assert.assertTrue(authorizaton.isLayerVisible("roads"));
    Assert.assertTrue(authorizaton.isLayerVisible("rivers"));
    Assert.assertTrue(authorizaton.isLayerUpdateAuthorized("bla"));
    Assert.assertTrue(authorizaton.isLayerCreateAuthorized("bla"));
    Assert.assertTrue(authorizaton.isLayerDeleteAuthorized("bla"));
  }

  @Test
  public void testValidLogin2() throws Exception {
    LoginRequest request = new LoginRequest();
    request.setLogin("marino");
    request.setPassword("marino");
    LoginResponse response = loginCommand.getEmptyCommandResponse();
    loginCommand.execute(request, response);
    String token = response.getToken();
    Assert.assertNotNull(token);

    Authentication auth = tokenService.getAuthentication(token);
    Assert.assertEquals(1, auth.getAuthorizations().length);
    BaseAuthorization authorizaton = auth.getAuthorizations()[0];
    Assert.assertFalse(authorizaton.isToolAuthorized("bla"));
    Assert.assertTrue(authorizaton.isCommandAuthorized("bla"));
    Assert.assertFalse(authorizaton.isLayerVisible("bla"));
    Assert.assertTrue(authorizaton.isLayerVisible("roads"));
    Assert.assertTrue(authorizaton.isLayerVisible("rivers"));
    Assert.assertFalse(authorizaton.isLayerUpdateAuthorized("bla"));
    Assert.assertFalse(authorizaton.isLayerCreateAuthorized("bla"));
    Assert.assertFalse(authorizaton.isLayerDeleteAuthorized("bla"));
  }

  @Test
  public void testInvalidLogin() throws Exception {
    LoginRequest request = new LoginRequest();
    request.setLogin("chris");
    request.setPassword("chris");
    LoginResponse response = loginCommand.getEmptyCommandResponse();
    loginCommand.execute(request, response);
    Assert.assertNull(response.getToken());

    request.setLogin("luc");
    request.setPassword("some");
    loginCommand.execute(request, response);
    Assert.assertNull(response.getToken());

    request.setLogin(null);
    request.setPassword("luc");
    loginCommand.execute(request, response);
    Assert.assertNull(response.getToken());

    request.setLogin("luc");
    request.setPassword(null);
    loginCommand.execute(request, response);
    Assert.assertNull(response.getToken());

    request.setLogin("empty");
    request.setPassword("");
    loginCommand.execute(request, response);
    Assert.assertNull(response.getToken());
  }
}
TOP

Related Classes of org.geomajas.plugin.staticsecurity.command.LoginCommandTest

  • org.geomajas.plugin.staticsecurity.command.dto.LoginRequest
  • org.geomajas.plugin.staticsecurity.command.dto.LoginResponse
  • org.geomajas.security.Authentication
  • org.geomajas.security.BaseAuthorization
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.