usermanagertest.java

jspwiki source code,jspwiki source code

      m_mgr.setUserProfile( session, profile );

      // Test 5: the wiki session should have the new login name in Subject
      principals = session.getPrincipals();
      assertFalse( ArrayUtils.contains( principals, new WikiPrincipal( oldLogin ) ) );
      assertTrue ( ArrayUtils.contains( principals, new WikiPrincipal( oldName  ) ) );
      assertTrue ( ArrayUtils.contains( principals, new WikiPrincipal( newLogin ) ) );
      assertFalse( ArrayUtils.contains( principals, new WikiPrincipal( newName  ) ) );
      
      // Test 6: our group should not contain the old name OR login name any more
      // (the full name is always used)
      group = groupManager.getGroup( m_groupName );
      assertFalse( group.isMember( new WikiPrincipal( oldLogin ) ) );
      assertTrue ( group.isMember( new WikiPrincipal( oldName  ) ) );
      assertFalse( group.isMember( new WikiPrincipal( newLogin ) ) );
      assertFalse( group.isMember( new WikiPrincipal( newName  ) ) );
      
      // Test 7: our page should not contain the old wiki name OR login name
      // in the ACL any more (the full name is always used)
      p = m_engine.getPage( pageName );
      assertNull   ( p.getAcl().getEntry( new WikiPrincipal( oldLogin ) ) );
      assertNotNull( p.getAcl().getEntry( new WikiPrincipal( oldName  ) ) );
      assertNull   ( p.getAcl().getEntry( new WikiPrincipal( newLogin ) ) );
      assertNull   ( p.getAcl().getEntry( new WikiPrincipal( newName  ) ) );
      assertTrue( "Test User view page", authManager.checkPermission( session, PermissionFactory.getPagePermission( p, "view" ) ) );
      assertFalse( "Bob !view page", authManager.checkPermission( bobSession, PermissionFactory.getPagePermission( p, "view" ) ) );
      
      // Test 8: our page text should have been re-written
      // (The new full name should be in the ACL, but the login name should have been removed)
      expectedText = "[{ALLOW view Alice," + oldName + "}]\nMore test text.  More text.\r\n";
      actualText = m_engine.getText( pageName );
      assertEquals( expectedText, actualText );
      
      // CLEANUP: delete the profile; user and page; should be back to old counts
      m_db.deleteByLoginName( newLogin );
      assertEquals( oldUserCount, m_db.getWikiNames().length );
      
      groupManager.removeGroup( group.getName() );
      assertEquals( oldGroupCount, groupManager.getRoles().length );
      
      m_engine.deletePage( pageName );
      assertEquals( oldPageCount, pageManager.getTotalPageCount() );
  }

  public void testSetUserProfile() throws Exception
  {
      // First, count the number of users in the db now.
      int oldUserCount = m_db.getWikiNames().length;
      
      // Create a new user with random name
      WikiSession session = m_engine.guestSession();
      String loginName = "TestUser" + String.valueOf( System.currentTimeMillis() );
      UserProfile profile = m_db.newProfile();
      profile.setEmail( "testuser@testville.com" );
      profile.setLoginName( loginName );
      profile.setFullname( "FullName"+loginName );
      profile.setPassword( "password");
      m_mgr.setUserProfile( session, profile );
      
      // Make sure the profile saved successfully
      profile = m_mgr.getUserProfile( session );
      assertEquals( loginName, profile.getLoginName() );
      assertEquals( oldUserCount+1, m_db.getWikiNames().length );

      // Now delete the profile; should be back to old count
      m_db.deleteByLoginName( loginName );
      assertEquals( oldUserCount, m_db.getWikiNames().length );
  }

  public void testSetUserProfileWithApproval() throws Exception
  {
      setUpWithWorkflow();
      
      // First, count the number of users in the db now.
      int oldUserCount = m_db.getWikiNames().length;
      
      // Create a new user with random name
      WikiSession session = m_engine.guestSession();
      String loginName = "TestUser" + String.valueOf( System.currentTimeMillis() );
      UserProfile profile = m_db.newProfile();
      profile.setEmail( "testuser@testville.com" );
      profile.setLoginName( loginName );
      profile.setFullname( "FullName"+loginName );
      profile.setPassword( "password");
      
      // Because user profile saves require approvals, we will catch a Redirect
      try 
      {
          m_mgr.setUserProfile( session, profile );
          fail( "We should have caught a DecisionRequiredException caused by approval!" );
      }
      catch ( DecisionRequiredException e )
      {
      }
      
      // The user should NOT be saved yet
      assertEquals( oldUserCount, m_db.getWikiNames().length );
      
      // Now, look in Admin's queue, and verify there's a pending Decision there
      DecisionQueue dq = m_engine.getWorkflowManager().getDecisionQueue();
      Collection decisions = dq.getActorDecisions( m_engine.adminSession() );
      assertEquals( 1, decisions.size() );

      // Verify that the Decision has all the facts and attributes we need
      Decision d = (Decision)decisions.iterator().next();
      List facts = d.getFacts();
      assertEquals( new Fact( UserManager.PREFS_FULL_NAME, profile.getFullname() ), facts.get(0) );
      assertEquals( new Fact( UserManager.PREFS_LOGIN_NAME, profile.getLoginName() ), facts.get(1) );
      assertEquals( new Fact( UserManager.FACT_SUBMITTER, session.getUserPrincipal().getName() ), facts.get(2) );
      assertEquals( new Fact( UserManager.PREFS_EMAIL, profile.getEmail() ), facts.get(3) );
      assertEquals( profile, d.getWorkflow().getAttribute( UserManager.SAVED_PROFILE ) );
      
      // Approve the profile
      d.decide( Outcome.DECISION_APPROVE );
      
      // Make sure the profile saved successfully
      assertEquals( oldUserCount+1, m_db.getWikiNames().length );

      // Now delete the profile; should be back to old count
      m_db.deleteByLoginName( loginName );
      assertEquals( oldUserCount, m_db.getWikiNames().length );
  }
  
  public void testSetUserProfileWithDenial() throws Exception
  {
      setUpWithWorkflow();
      
      // First, count the number of users in the db now.
      int oldUserCount = m_db.getWikiNames().length;
      
      // Create a new user with random name
      WikiSession session = m_engine.guestSession();
      String loginName = "TestUser" + String.valueOf( System.currentTimeMillis() );
      UserProfile profile = m_db.newProfile();
      profile.setEmail( "testuser@testville.com" );
      profile.setLoginName( loginName );
      profile.setFullname( "FullName"+loginName );
      profile.setPassword( "password");
      
      // Because user profile saves require approvals, we will catch a Redirect
      try 
      {
          m_mgr.setUserProfile( session, profile );
          fail( "We should have caught a DecisionRequiredException caused by approval!" );
      }
      catch ( DecisionRequiredException e )
      {
      }
      
      // The user should NOT be saved yet
      assertEquals( oldUserCount, m_db.getWikiNames().length );
      
      // Now, look in Admin's queue, and verify there's a pending Decision there
      DecisionQueue dq = m_engine.getWorkflowManager().getDecisionQueue();
      Collection decisions = dq.getActorDecisions( m_engine.adminSession() );
      assertEquals( 1, decisions.size() );

      // Verify that the Decision has all the facts and attributes we need
      Decision d = (Decision)decisions.iterator().next();
      List facts = d.getFacts();
      assertEquals( new Fact( UserManager.PREFS_FULL_NAME, profile.getFullname() ), facts.get(0) );
      assertEquals( new Fact( UserManager.PREFS_LOGIN_NAME, profile.getLoginName() ), facts.get(1) );
      assertEquals( new Fact( UserManager.FACT_SUBMITTER, session.getUserPrincipal().getName() ), facts.get(2) );
      assertEquals( new Fact( UserManager.PREFS_EMAIL, profile.getEmail() ), facts.get(3) );
      assertEquals( profile, d.getWorkflow().getAttribute( UserManager.SAVED_PROFILE ) );
      
      // Approve the profile
      d.decide( Outcome.DECISION_DENY );
      
      // Make sure the profile did NOT save
      assertEquals( oldUserCount, m_db.getWikiNames().length );
  }
  
  public void testSetCollidingUserProfile() throws Exception
  {
      // First, count the number of users in the db now.
      int oldUserCount = m_db.getWikiNames().length;
      
      // Create a new user with random name
      WikiSession session = m_engine.guestSession();
      String loginName = "TestUser" + String.valueOf( System.currentTimeMillis() );
      UserProfile profile = m_db.newProfile();
      profile.setEmail( "testuser@testville.com" );
      profile.setLoginName( loginName );
      profile.setFullname( "FullName"+loginName );
      profile.setPassword( "password");
      
      // Set the login name to collide with Janne's: should prohibit saving
      profile.setLoginName( "janne" );
      try 
      {
          m_mgr.setUserProfile( session, profile );
          fail( "UserManager allowed saving of user with login name 'janne', but it shouldn't have." ); 
      }
      catch ( DuplicateUserException e )
      {
          // Good! That's what we expected; reset for next test
          profile.setLoginName( loginName );
      }
            
      // Set the login name to collide with Janne's: should prohibit saving
      profile.setFullname( "Janne Jalkanen" );
      try 
      {
          m_mgr.setUserProfile( session, profile );
          fail( "UserManager allowed saving of user with login name 'janne', but it shouldn't have." ); 
      }
      catch ( DuplicateUserException e )
      {
          // Good! That's what we expected
      }
      
      // There shouldn't have been any users added
      assertEquals( oldUserCount, m_db.getWikiNames().length );
  }
  
}