1 package org.apache.turbine.services.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 import java.util.List;
20
21 import junit.framework.Test;
22 import junit.framework.TestSuite;
23
24 import org.apache.turbine.om.security.User;
25 import org.apache.turbine.test.BaseTurbineHsqlTest;
26 import org.apache.turbine.util.security.DataBackendException;
27 import org.apache.turbine.util.security.EntityExistsException;
28 import org.apache.turbine.util.security.PasswordMismatchException;
29 import org.apache.turbine.util.security.UnknownEntityException;
30
31 public class TestSecurityUserManager
32 extends BaseTurbineHsqlTest
33 {
34 public TestSecurityUserManager(String name)
35 throws Exception
36 {
37 super(name, "conf/test/TurbineResources.properties");
38 }
39
40 public static Test suite()
41 {
42 return new TestSuite(TestSecurityUserManager.class);
43 }
44
45 private void checkUserList()
46 throws Exception
47 {
48 SecurityService ss = TurbineSecurity.getService();
49 UserManager um = ss.getUserManager();
50 assertEquals("User added to storage!", um.retrieveList(new org.apache.torque.util.Criteria()).size(), 2);
51 }
52
53 public void testUserManager1()
54 throws Exception
55 {
56 SecurityService ss = TurbineSecurity.getService();
57 UserManager um = ss.getUserManager();
58
59 assertTrue(um.accountExists("admin"));
60 assertFalse(um.accountExists("does-not-exist"));
61
62 User admin = um.retrieve("admin");
63 assertTrue(um.accountExists(admin));
64
65 User doesNotExist = TurbineSecurity.getUserInstance();
66 assertFalse(um.accountExists(doesNotExist));
67
68 checkUserList();
69 }
70
71 public void testUserManager2()
72 throws Exception
73 {
74 SecurityService ss = TurbineSecurity.getService();
75 UserManager um = ss.getUserManager();
76
77 User admin = um.retrieve("admin");
78
79 try
80 {
81 User doesNotExist = um.retrieve("does-not-exist");
82 fail("Non existing Account was retrieved");
83 }
84 catch (Exception e)
85 {
86 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
87 }
88
89 checkUserList();
90 }
91
92 public void testUserManager3()
93 throws Exception
94 {
95 SecurityService ss = TurbineSecurity.getService();
96 UserManager um = ss.getUserManager();
97
98 User admin = um.retrieve("admin", "admin");
99
100 try
101 {
102 admin = um.retrieve("admin", "no such password");
103 fail("User was authenticated with wrong password");
104 }
105 catch (Exception e)
106 {
107 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), PasswordMismatchException.class);
108 }
109
110 checkUserList();
111 }
112
113 public void testUserManager4()
114 throws Exception
115 {
116 SecurityService ss = TurbineSecurity.getService();
117 UserManager um = ss.getUserManager();
118
119 User admin = um.retrieve("admin");
120 um.store(admin);
121
122 try
123 {
124 User newbie = TurbineSecurity.getUserInstance();
125 newbie.setName("newbie");
126
127 um.store(newbie);
128 fail("Non Existing User could be stored!");
129 }
130 catch (Exception e)
131 {
132 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
133 }
134
135 checkUserList();
136 }
137
138 public void testUserManager5()
139 throws Exception
140 {
141 SecurityService ss = TurbineSecurity.getService();
142 UserManager um = ss.getUserManager();
143
144 User admin = um.retrieve("admin");
145
146 um.authenticate(admin, "admin");
147
148 try
149 {
150 User newbie = TurbineSecurity.getUserInstance();
151 newbie.setName("newbie");
152
153 um.authenticate(newbie, "somePw");
154 fail("User was authenticated with wrong password");
155 }
156 catch (Exception e)
157 {
158 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
159 }
160
161 checkUserList();
162 }
163
164 public void testUserManager6()
165 throws Exception
166 {
167 SecurityService ss = TurbineSecurity.getService();
168 UserManager um = ss.getUserManager();
169
170 User [] users = um.retrieve(new org.apache.torque.util.Criteria());
171 assertNotNull(users);
172 assertEquals("Wrong number of users retrieved!", users.length, 2);
173
174 List userList = um.retrieveList(new org.apache.torque.util.Criteria());
175 assertNotNull(userList);
176 assertEquals("Wrong number of userList retrieved!", userList.size(), 2);
177
178 assertEquals("Array and List have different sizes!", users.length, userList.size());
179
180 checkUserList();
181 }
182
183 public void testUserManager7()
184 throws Exception
185 {
186 SecurityService ss = TurbineSecurity.getService();
187 UserManager um = ss.getUserManager();
188
189 User admin = um.retrieveById(new Integer(1));
190
191 try
192 {
193 User doesNotExist = um.retrieveById(new Integer(667));
194 fail("Non existing Account was retrieved");
195 }
196 catch (Exception e)
197 {
198 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
199 }
200
201 checkUserList();
202 }
203
204 public void testAddUser()
205 throws Exception
206 {
207 SecurityService ss = TurbineSecurity.getService();
208 UserManager um = ss.getUserManager();
209
210 User newbie = TurbineSecurity.getUserInstance();
211 newbie.setName("newbie");
212
213 newbie.setFirstName("John");
214 newbie.setLastName("Doe");
215
216 um.createAccount(newbie, "newbie");
217
218 List users = um.retrieveList(new org.apache.torque.util.Criteria());
219 assertEquals("User was not added", users.size(), 3);
220
221 try
222 {
223 User admin = um.retrieve("admin");
224
225 um.createAccount(admin, "admin");
226 fail("Existing User could be added!");
227 }
228 catch (Exception e)
229 {
230 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), EntityExistsException.class);
231 }
232
233 try
234 {
235 User empty = TurbineSecurity.getUserInstance();
236
237 um.createAccount(empty, "empty");
238 fail("User with empty Username could be added!");
239 }
240 catch (Exception e)
241 {
242 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), DataBackendException.class);
243 }
244
245 assertEquals("User was not added", users.size(), 3);
246 }
247
248 public void testRemoveUser()
249 throws Exception
250 {
251 SecurityService ss = TurbineSecurity.getService();
252 UserManager um = ss.getUserManager();
253
254 User newbie = um.retrieve("newbie");
255 assertNotNull(newbie);
256
257 um.removeAccount(newbie);
258
259 try
260 {
261 User foo = TurbineSecurity.getUserInstance();
262 foo.setName("foo");
263
264 um.removeAccount(foo);
265 fail("Non Existing User could be deleted!");
266 }
267 catch (Exception e)
268 {
269 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
270 }
271
272 checkUserList();
273 }
274
275 public void testChangePassword()
276 throws Exception
277 {
278 SecurityService ss = TurbineSecurity.getService();
279 UserManager um = ss.getUserManager();
280
281 User admin = um.retrieve("admin");
282 assertNotNull(admin);
283
284 um.changePassword(admin, admin.getPassword(), "foobar");
285
286 User admin2 = um.retrieve("admin");
287 assertEquals("Password was not changed!", "foobar", admin2.getPassword());
288
289 try
290 {
291 admin = um.retrieve("admin");
292 um.changePassword(admin, "admin", "foobar");
293 fail("Password could be changed without old password!");
294 }
295 catch (Exception e)
296 {
297 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), PasswordMismatchException.class);
298 }
299
300 admin2 = um.retrieve("admin");
301 assertEquals("Password was changed!", "foobar", admin2.getPassword());
302
303 checkUserList();
304 }
305
306 public void testForcePassword()
307 throws Exception
308 {
309 SecurityService ss = TurbineSecurity.getService();
310 UserManager um = ss.getUserManager();
311
312 User admin = um.retrieve("admin");
313 assertNotNull(admin);
314
315 um.forcePassword(admin, "barbaz");
316
317 User admin2 = um.retrieve("admin");
318 assertEquals("Password was not changed!", "barbaz", admin2.getPassword());
319
320 um.forcePassword(admin, "admin");
321
322 admin2 = um.retrieve("admin");
323 assertEquals("Password was not reset!", "admin", admin2.getPassword());
324
325
326 checkUserList();
327 }
328 }
329