1 package org.apache.turbine.services.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import java.util.List;
23
24 import junit.framework.Test;
25 import junit.framework.TestSuite;
26
27 import org.apache.turbine.om.security.User;
28 import org.apache.turbine.test.BaseTurbineHsqlTest;
29 import org.apache.turbine.util.security.DataBackendException;
30 import org.apache.turbine.util.security.EntityExistsException;
31 import org.apache.turbine.util.security.PasswordMismatchException;
32 import org.apache.turbine.util.security.UnknownEntityException;
33
34 public class TestSecurityUserManager
35 extends BaseTurbineHsqlTest
36 {
37 public TestSecurityUserManager(String name)
38 throws Exception
39 {
40 super(name, "conf/test/TurbineResources.properties");
41 }
42
43 public static Test suite()
44 {
45 return new TestSuite(TestSecurityUserManager.class);
46 }
47
48 private void checkUserList()
49 throws Exception
50 {
51 SecurityService ss = TurbineSecurity.getService();
52 UserManager um = ss.getUserManager();
53 assertEquals("User added to storage!", um.retrieveList(new org.apache.torque.util.Criteria()).size(), 2);
54 }
55
56 public void testUserManager1()
57 throws Exception
58 {
59 SecurityService ss = TurbineSecurity.getService();
60 UserManager um = ss.getUserManager();
61
62 assertTrue(um.accountExists("admin"));
63 assertFalse(um.accountExists("does-not-exist"));
64
65 User admin = um.retrieve("admin");
66 assertTrue(um.accountExists(admin));
67
68 User doesNotExist = TurbineSecurity.getUserInstance();
69 assertFalse(um.accountExists(doesNotExist));
70
71 checkUserList();
72 }
73
74 public void testUserManager2()
75 throws Exception
76 {
77 SecurityService ss = TurbineSecurity.getService();
78 UserManager um = ss.getUserManager();
79
80 User admin = um.retrieve("admin");
81
82 try
83 {
84 User doesNotExist = um.retrieve("does-not-exist");
85 fail("Non existing Account was retrieved");
86 }
87 catch (Exception e)
88 {
89 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
90 }
91
92 checkUserList();
93 }
94
95 public void testUserManager3()
96 throws Exception
97 {
98 SecurityService ss = TurbineSecurity.getService();
99 UserManager um = ss.getUserManager();
100
101 User admin = um.retrieve("admin", "admin");
102
103 try
104 {
105 admin = um.retrieve("admin", "no such password");
106 fail("User was authenticated with wrong password");
107 }
108 catch (Exception e)
109 {
110 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), PasswordMismatchException.class);
111 }
112
113 checkUserList();
114 }
115
116 public void testUserManager4()
117 throws Exception
118 {
119 SecurityService ss = TurbineSecurity.getService();
120 UserManager um = ss.getUserManager();
121
122 User admin = um.retrieve("admin");
123 um.store(admin);
124
125 try
126 {
127 User newbie = TurbineSecurity.getUserInstance();
128 newbie.setName("newbie");
129
130 um.store(newbie);
131 fail("Non Existing User could be stored!");
132 }
133 catch (Exception e)
134 {
135 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
136 }
137
138 checkUserList();
139 }
140
141 public void testUserManager5()
142 throws Exception
143 {
144 SecurityService ss = TurbineSecurity.getService();
145 UserManager um = ss.getUserManager();
146
147 User admin = um.retrieve("admin");
148
149 um.authenticate(admin, "admin");
150
151 try
152 {
153 User newbie = TurbineSecurity.getUserInstance();
154 newbie.setName("newbie");
155
156 um.authenticate(newbie, "somePw");
157 fail("User was authenticated with wrong password");
158 }
159 catch (Exception e)
160 {
161 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
162 }
163
164 checkUserList();
165 }
166
167 public void testUserManager6()
168 throws Exception
169 {
170 SecurityService ss = TurbineSecurity.getService();
171 UserManager um = ss.getUserManager();
172
173 User [] users = um.retrieve(new org.apache.torque.util.Criteria());
174 assertNotNull(users);
175 assertEquals("Wrong number of users retrieved!", users.length, 2);
176
177 List userList = um.retrieveList(new org.apache.torque.util.Criteria());
178 assertNotNull(userList);
179 assertEquals("Wrong number of userList retrieved!", userList.size(), 2);
180
181 assertEquals("Array and List have different sizes!", users.length, userList.size());
182
183 checkUserList();
184 }
185
186 public void testUserManager7()
187 throws Exception
188 {
189 SecurityService ss = TurbineSecurity.getService();
190 UserManager um = ss.getUserManager();
191
192 User admin = um.retrieveById(new Integer(1));
193
194 try
195 {
196 User doesNotExist = um.retrieveById(new Integer(667));
197 fail("Non existing Account was retrieved");
198 }
199 catch (Exception e)
200 {
201 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
202 }
203
204 checkUserList();
205 }
206
207 public void testAddUser()
208 throws Exception
209 {
210 SecurityService ss = TurbineSecurity.getService();
211 UserManager um = ss.getUserManager();
212
213 User newbie = TurbineSecurity.getUserInstance();
214 newbie.setName("newbie");
215
216 newbie.setFirstName("John");
217 newbie.setLastName("Doe");
218
219 um.createAccount(newbie, "newbie");
220
221 List users = um.retrieveList(new org.apache.torque.util.Criteria());
222 assertEquals("User was not added", users.size(), 3);
223
224 try
225 {
226 User admin = um.retrieve("admin");
227
228 um.createAccount(admin, "admin");
229 fail("Existing User could be added!");
230 }
231 catch (Exception e)
232 {
233 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), EntityExistsException.class);
234 }
235
236 try
237 {
238 User empty = TurbineSecurity.getUserInstance();
239
240 um.createAccount(empty, "empty");
241 fail("User with empty Username could be added!");
242 }
243 catch (Exception e)
244 {
245 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), DataBackendException.class);
246 }
247
248 assertEquals("User was not added", users.size(), 3);
249 }
250
251 public void testRemoveUser()
252 throws Exception
253 {
254 SecurityService ss = TurbineSecurity.getService();
255 UserManager um = ss.getUserManager();
256
257 User newbie = um.retrieve("newbie");
258 assertNotNull(newbie);
259
260 um.removeAccount(newbie);
261
262 try
263 {
264 User foo = TurbineSecurity.getUserInstance();
265 foo.setName("foo");
266
267 um.removeAccount(foo);
268 fail("Non Existing User could be deleted!");
269 }
270 catch (Exception e)
271 {
272 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
273 }
274
275 checkUserList();
276 }
277
278 public void testChangePassword()
279 throws Exception
280 {
281 SecurityService ss = TurbineSecurity.getService();
282 UserManager um = ss.getUserManager();
283
284 User admin = um.retrieve("admin");
285 assertNotNull(admin);
286
287 um.changePassword(admin, admin.getPassword(), "foobar");
288
289 User admin2 = um.retrieve("admin");
290 assertEquals("Password was not changed!", "foobar", admin2.getPassword());
291
292 try
293 {
294 admin = um.retrieve("admin");
295 um.changePassword(admin, "admin", "foobar");
296 fail("Password could be changed without old password!");
297 }
298 catch (Exception e)
299 {
300 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), PasswordMismatchException.class);
301 }
302
303 admin2 = um.retrieve("admin");
304 assertEquals("Password was changed!", "foobar", admin2.getPassword());
305
306 checkUserList();
307 }
308
309 public void testForcePassword()
310 throws Exception
311 {
312 SecurityService ss = TurbineSecurity.getService();
313 UserManager um = ss.getUserManager();
314
315 User admin = um.retrieve("admin");
316 assertNotNull(admin);
317
318 um.forcePassword(admin, "barbaz");
319
320 User admin2 = um.retrieve("admin");
321 assertEquals("Password was not changed!", "barbaz", admin2.getPassword());
322
323 um.forcePassword(admin, "admin");
324
325 admin2 = um.retrieve("admin");
326 assertEquals("Password was not reset!", "admin", admin2.getPassword());
327
328
329 checkUserList();
330 }
331 }
332