NIHVIVO-1207 Rewrite a unit test to use an AuthenticatorStub, now that it has been factored out.
This commit is contained in:
jeb228
parent
cc7026fc1d
commit
c6ff668647
5 changed files with 283 additions and 454 deletions
|
|
@ -223,7 +223,7 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
}
|
||||
|
||||
String username = bean.getUsername();
|
||||
|
||||
|
||||
if (getAuthenticator(request).isCurrentPassword(username, newPassword)) {
|
||||
bean.setMessage(Message.USING_OLD_PASSWORD);
|
||||
return null;
|
||||
|
|
@ -261,8 +261,8 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
getAuthenticator(request).setLoggedIn(user);
|
||||
|
||||
// Remove the login process info from the session.
|
||||
HttpSession session = request.getSession();
|
||||
session.removeAttribute(LoginProcessBean.SESSION_ATTRIBUTE);
|
||||
request.getSession()
|
||||
.removeAttribute(LoginProcessBean.SESSION_ATTRIBUTE);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -280,7 +280,6 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
*/
|
||||
private void redirectCancellingUser(HttpServletRequest request,
|
||||
HttpServletResponse response) throws IOException {
|
||||
// Remove the login process info from the session.
|
||||
request.getSession()
|
||||
.removeAttribute(LoginProcessBean.SESSION_ATTRIBUTE);
|
||||
|
||||
|
|
@ -331,8 +330,8 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
// If the user is a self-editor, send them to their home page.
|
||||
User user = getLoggedInUser(request);
|
||||
if (userIsANonEditor(user)) {
|
||||
List<String> uris = getAuthenticator(request).asWhomMayThisUserEdit(
|
||||
user);
|
||||
List<String> uris = getAuthenticator(request)
|
||||
.asWhomMayThisUserEdit(user);
|
||||
if (uris != null && uris.size() > 0) {
|
||||
String userHomePage = request.getContextPath()
|
||||
+ "/individual?uri="
|
||||
|
|
@ -376,14 +375,24 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
private State getCurrentLoginState(HttpServletRequest request) {
|
||||
HttpSession session = request.getSession(false);
|
||||
if (session == null) {
|
||||
log.debug("no session: current state is NOWHERE");
|
||||
return State.NOWHERE;
|
||||
}
|
||||
|
||||
if (LoginStatusBean.getBean(request).isLoggedIn()) {
|
||||
log.debug("found a LoginStatusBean: current state is LOGGED IN");
|
||||
return State.LOGGED_IN;
|
||||
}
|
||||
|
||||
return getLoginProcessBean(request).getState();
|
||||
if (session.getAttribute(LoginProcessBean.SESSION_ATTRIBUTE) == null) {
|
||||
log.debug("no LoginSessionBean, no LoginProcessBean: "
|
||||
+ "current state is NOWHERE");
|
||||
return State.NOWHERE;
|
||||
}
|
||||
|
||||
State state = getLoginProcessBean(request).getState();
|
||||
log.debug("state from LoginProcessBean is " + state);
|
||||
return state;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -0,0 +1,182 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.User;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.edit.Authenticate;
|
||||
|
||||
/**
|
||||
* A simple stub for unit tests that require an Authenticator. Call setup() to
|
||||
* put it into place.
|
||||
*/
|
||||
public class AuthenticatorStub extends Authenticator {
|
||||
// ----------------------------------------------------------------------
|
||||
// factory
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* Create a single instance of the stub. Force our factory into the
|
||||
* Authenticator, so each request for an instance returns that one.
|
||||
*
|
||||
* Call this at the top of each unit test, so you get fresh instance for
|
||||
* each test.
|
||||
*/
|
||||
public static AuthenticatorStub setup() throws SecurityException,
|
||||
NoSuchFieldException, IllegalArgumentException,
|
||||
IllegalAccessException {
|
||||
AuthenticatorStub authenticator = new AuthenticatorStub();
|
||||
|
||||
Field factoryField = Authenticator.class.getDeclaredField("factory");
|
||||
factoryField.setAccessible(true);
|
||||
Authenticator.AuthenticatorFactory factory = new AuthenticatorStub.AuthenticatorFactory(
|
||||
authenticator);
|
||||
factoryField.set(null, factory);
|
||||
|
||||
return authenticator;
|
||||
}
|
||||
|
||||
/**
|
||||
* This factory holds a single instance of the stub, and hands it out each
|
||||
* time we request an "newInstance".
|
||||
*/
|
||||
private static class AuthenticatorFactory implements
|
||||
Authenticator.AuthenticatorFactory {
|
||||
private final AuthenticatorStub authenticator;
|
||||
|
||||
public AuthenticatorFactory(AuthenticatorStub authenticator) {
|
||||
this.authenticator = authenticator;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Authenticator newInstance(HttpServletRequest request) {
|
||||
authenticator.setRequest(request);
|
||||
return authenticator;
|
||||
}
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub infrastructure
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private final Map<String, User> usersByName = new HashMap<String, User>();
|
||||
private final Map<String, List<String>> editingPermissions = new HashMap<String, List<String>>();
|
||||
private final List<String> recordedLogins = new ArrayList<String>();
|
||||
private final List<String> loginSessions = new ArrayList<String>();
|
||||
private final Map<String, String> newPasswords = new HashMap<String, String>();
|
||||
|
||||
private HttpServletRequest request;
|
||||
|
||||
private void setRequest(HttpServletRequest request) {
|
||||
this.request = request;
|
||||
}
|
||||
|
||||
public void addUser(User user) {
|
||||
usersByName.put(user.getUsername(), user);
|
||||
}
|
||||
|
||||
public void addEditingPermission(String userUri, String personUri) {
|
||||
if (!editingPermissions.containsKey(userUri)) {
|
||||
editingPermissions.put(userUri, new ArrayList<String>());
|
||||
}
|
||||
editingPermissions.get(userUri).add(personUri);
|
||||
}
|
||||
|
||||
public List<String> getRecordedLoginUsernames() {
|
||||
return recordedLogins;
|
||||
}
|
||||
|
||||
public Map<String, String> getNewPasswordMap() {
|
||||
return newPasswords;
|
||||
}
|
||||
|
||||
public Collection<? extends String> getLoginSessions() {
|
||||
return loginSessions;
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public boolean isExistingUser(String username) {
|
||||
return usersByName.containsKey(username);
|
||||
}
|
||||
|
||||
@Override
|
||||
public User getUserByUsername(String username) {
|
||||
return usersByName.get(username);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isCurrentPassword(String username, String clearTextPassword) {
|
||||
if (!isExistingUser(username)) {
|
||||
return false;
|
||||
}
|
||||
String md5Password = Authenticate.applyMd5Encoding(clearTextPassword);
|
||||
User user = getUserByUsername(username);
|
||||
return md5Password.equals(user.getMd5password());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void recordNewPassword(User user, String newClearTextPassword) {
|
||||
newPasswords.put(user.getUsername(), newClearTextPassword);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> asWhomMayThisUserEdit(User user) {
|
||||
String userUri = user.getURI();
|
||||
if (editingPermissions.containsKey(userUri)) {
|
||||
return editingPermissions.get(userUri);
|
||||
} else {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void recordSuccessfulLogin(User user) {
|
||||
recordedLogins.add(user.getUsername());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setLoggedIn(User user) {
|
||||
LoginStatusBean lsb = new LoginStatusBean(user.getURI(),
|
||||
user.getUsername(), parseUserSecurityLevel(user.getRoleURI()));
|
||||
LoginStatusBean.setBean(request.getSession(), lsb);
|
||||
|
||||
loginSessions.add(user.getUsername());
|
||||
}
|
||||
|
||||
private static final String ROLE_NAMESPACE = "role:/";
|
||||
|
||||
/**
|
||||
* Parse the role URI from User. Don't crash if it is not valid.
|
||||
*/
|
||||
private int parseUserSecurityLevel(String roleURI) {
|
||||
try {
|
||||
if (roleURI.startsWith(ROLE_NAMESPACE)) {
|
||||
String roleLevel = roleURI.substring(ROLE_NAMESPACE.length());
|
||||
return Integer.parseInt(roleLevel);
|
||||
} else {
|
||||
return Integer.parseInt(roleURI);
|
||||
}
|
||||
} catch (NumberFormatException e) {
|
||||
throw new IllegalArgumentException(e);
|
||||
}
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Un-implemented methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
}
|
||||
|
|
@ -6,14 +6,15 @@ import static edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean
|
|||
import static edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State.LOGGING_IN;
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertNotNull;
|
||||
import static org.junit.Assert.assertNull;
|
||||
|
||||
import java.net.MalformedURLException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.net.URL;
|
||||
import java.util.Collections;
|
||||
import java.util.Arrays;
|
||||
import java.util.Date;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
|
@ -27,11 +28,13 @@ import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
|||
import edu.cornell.mannlib.vitro.testing.AbstractTestClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.User;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.Authenticator;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.AuthenticatorStub;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean.State;
|
||||
|
||||
/**
|
||||
* TODO
|
||||
* Test the Authentate class.
|
||||
*/
|
||||
public class AuthenticateTest extends AbstractTestClass {
|
||||
private static final String USER_DBA_NAME = "dbaName";
|
||||
|
|
@ -56,11 +59,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
private static final LoginStatusBean LOGIN_STATUS_DBA = new LoginStatusBean(
|
||||
USER_DBA_URI, USER_DBA_NAME, LoginStatusBean.DBA);
|
||||
|
||||
private static final LoginStatusBean LOGIN_STATUS_OLDHAND = new LoginStatusBean(
|
||||
USER_OLDHAND_URI, USER_OLDHAND_NAME, LoginStatusBean.NON_EDITOR);
|
||||
|
||||
private UserDaoStub userDao;
|
||||
private WebappDaoFactoryStub webappDaoFactory;
|
||||
private AuthenticatorStub authenticator;
|
||||
private ServletContextStub servletContext;
|
||||
private ServletConfigStub servletConfig;
|
||||
private HttpSessionStub session;
|
||||
|
|
@ -69,33 +68,13 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
private Authenticate auth;
|
||||
|
||||
@Before
|
||||
public void setup() throws MalformedURLException, ServletException {
|
||||
User dbaUser = new User();
|
||||
dbaUser.setUsername(USER_DBA_NAME);
|
||||
dbaUser.setURI(USER_DBA_URI);
|
||||
dbaUser.setRoleURI("50");
|
||||
dbaUser.setMd5password(Authenticate.applyMd5Encoding(USER_DBA_PASSWORD));
|
||||
dbaUser.setFirstTime(null);
|
||||
dbaUser.setLoginCount(0);
|
||||
public void setup() throws Exception {
|
||||
authenticator = AuthenticatorStub.setup();
|
||||
|
||||
User ohUser = new User();
|
||||
ohUser.setUsername(USER_OLDHAND_NAME);
|
||||
ohUser.setURI(USER_OLDHAND_URI);
|
||||
ohUser.setRoleURI("1");
|
||||
ohUser.setMd5password(Authenticate
|
||||
.applyMd5Encoding(USER_OLDHAND_PASSWORD));
|
||||
ohUser.setLoginCount(USER_OLDHAND_LOGIN_COUNT);
|
||||
ohUser.setFirstTime(new Date(0));
|
||||
|
||||
userDao = new UserDaoStub();
|
||||
userDao.addUser(dbaUser);
|
||||
userDao.addUser(ohUser);
|
||||
|
||||
webappDaoFactory = new WebappDaoFactoryStub();
|
||||
webappDaoFactory.setUserDao(userDao);
|
||||
authenticator.addUser(createNewDbaUser());
|
||||
authenticator.addUser(createOldHandUser());
|
||||
|
||||
servletContext = new ServletContextStub();
|
||||
servletContext.setAttribute("webappDaoFactory", webappDaoFactory);
|
||||
|
||||
servletConfig = new ServletConfigStub();
|
||||
servletConfig.setServletContext(servletContext);
|
||||
|
|
@ -114,6 +93,33 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.init(servletConfig);
|
||||
}
|
||||
|
||||
private User createNewDbaUser() {
|
||||
User dbaUser = new User();
|
||||
dbaUser.setUsername(USER_DBA_NAME);
|
||||
dbaUser.setURI(USER_DBA_URI);
|
||||
dbaUser.setRoleURI("50");
|
||||
dbaUser.setMd5password(Authenticate.applyMd5Encoding(USER_DBA_PASSWORD));
|
||||
dbaUser.setFirstTime(null);
|
||||
dbaUser.setLoginCount(0);
|
||||
return dbaUser;
|
||||
}
|
||||
|
||||
private User createOldHandUser() {
|
||||
User ohUser = new User();
|
||||
ohUser.setUsername(USER_OLDHAND_NAME);
|
||||
ohUser.setURI(USER_OLDHAND_URI);
|
||||
ohUser.setRoleURI("1");
|
||||
ohUser.setMd5password(Authenticate
|
||||
.applyMd5Encoding(USER_OLDHAND_PASSWORD));
|
||||
ohUser.setLoginCount(USER_OLDHAND_LOGIN_COUNT);
|
||||
ohUser.setFirstTime(new Date(0));
|
||||
return ohUser;
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// the tests
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Test
|
||||
public void alreadyLoggedIn() {
|
||||
LoginStatusBean.setBean(session, LOGIN_STATUS_DBA);
|
||||
|
|
@ -122,8 +128,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoProcessBean();
|
||||
assertExpectedStatusBean(LOGIN_STATUS_DBA);
|
||||
assertExpectedUserValues(USER_DBA_NAME, USER_DBA_PASSWORD, 0, false);
|
||||
assertExpectedLoginSessions();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -131,16 +136,8 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
|
||||
// TODO Surprise! if no session, we get this:
|
||||
// assertNoLoginProcessBean();
|
||||
|
||||
// TODO Surprise! if there is a session, we would have expected this:
|
||||
// assertExpectedLoginProcessBean(LOGGING_IN, "", "", "");
|
||||
|
||||
// TODO Surprise! but we get this:
|
||||
assertExpectedProcessBean(State.NOWHERE, "", "", "");
|
||||
assertExpectedLoginSessions();
|
||||
assertNoProcessBean();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -150,7 +147,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(LOGGING_IN, "", "",
|
||||
"Please enter your email address.");
|
||||
}
|
||||
|
|
@ -163,7 +160,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(LOGGING_IN, "unknownBozo", "",
|
||||
"The email or password you entered is incorrect.");
|
||||
}
|
||||
|
|
@ -176,7 +173,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(LOGGING_IN, USER_DBA_NAME, "",
|
||||
"Please enter your password.");
|
||||
}
|
||||
|
|
@ -189,7 +186,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(LOGGING_IN, USER_DBA_NAME, "",
|
||||
"The email or password you entered is incorrect.");
|
||||
}
|
||||
|
|
@ -201,11 +198,9 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
|
||||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertExpectedStatusBean(LOGIN_STATUS_OLDHAND);
|
||||
assertNoProcessBean();
|
||||
assertExpectedUserValues(USER_OLDHAND_NAME, USER_OLDHAND_PASSWORD,
|
||||
USER_OLDHAND_LOGIN_COUNT + 1, true);
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertExpectedLoginSessions(USER_OLDHAND_NAME);
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
|
|
@ -220,9 +215,8 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(FORCED_PASSWORD_CHANGE, USER_DBA_NAME, "", "");
|
||||
assertExpectedUserValues(USER_DBA_NAME, USER_DBA_PASSWORD, 0, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -233,9 +227,8 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_HOME_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertNoProcessBean();
|
||||
assertExpectedUserValues(USER_DBA_NAME, USER_DBA_PASSWORD, 0, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -246,10 +239,9 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(FORCED_PASSWORD_CHANGE, USER_DBA_NAME, "",
|
||||
"Please enter a password between 6 and 12 characters in length.");
|
||||
assertExpectedUserValues(USER_DBA_NAME, USER_DBA_PASSWORD, 0, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -260,10 +252,9 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(FORCED_PASSWORD_CHANGE, USER_DBA_NAME, "",
|
||||
"The passwords entered do not match.");
|
||||
assertExpectedUserValues(USER_DBA_NAME, USER_DBA_PASSWORD, 0, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -274,11 +265,10 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertNoStatusBean();
|
||||
assertExpectedLoginSessions();
|
||||
assertExpectedProcessBean(FORCED_PASSWORD_CHANGE, USER_DBA_NAME, "",
|
||||
"Please choose a different password from the "
|
||||
+ "temporary one provided initially.");
|
||||
assertExpectedUserValues(USER_DBA_NAME, USER_DBA_PASSWORD, 0, false);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -288,10 +278,10 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
|
||||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertExpectedStatusBean(LOGIN_STATUS_DBA);
|
||||
assertNoProcessBean();
|
||||
assertExpectedUserValues(USER_DBA_NAME, "NewPassword", 1, true);
|
||||
assertExpectedRedirect(URL_LOGIN_PAGE);
|
||||
assertExpectedLoginSessions(USER_DBA_NAME);
|
||||
assertExpectedPasswordChanges(USER_DBA_NAME, "NewPassword");
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
|
|
@ -323,8 +313,7 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
|
||||
@Test
|
||||
public void redirectSelfEditor() {
|
||||
userDao.setIndividualsUserMayEditAs(USER_OLDHAND_URI,
|
||||
Collections.singletonList("selfEditorURI"));
|
||||
authenticator.addEditingPermission(USER_OLDHAND_URI, "selfEditorURI");
|
||||
loginNotFirstTime();
|
||||
assertExpectedRedirect(URL_SELF_EDITOR_PAGE);
|
||||
}
|
||||
|
|
@ -374,7 +363,8 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
}
|
||||
|
||||
private void assertNoProcessBean() {
|
||||
assertNull(session.getAttribute(LoginProcessBean.SESSION_ATTRIBUTE));
|
||||
assertEquals("null process bean", null,
|
||||
session.getAttribute(LoginProcessBean.SESSION_ATTRIBUTE));
|
||||
}
|
||||
|
||||
private void assertExpectedProcessBean(State state, String username,
|
||||
|
|
@ -388,30 +378,32 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
assertEquals("username", username, bean.getUsername());
|
||||
}
|
||||
|
||||
private void assertNoStatusBean() {
|
||||
assertNull(session.getAttribute("loginStatus"));
|
||||
private void assertExpectedPasswordChanges(String... strings) {
|
||||
if ((strings.length % 2) != 0) {
|
||||
throw new RuntimeException(
|
||||
"supply even number of args: username and password");
|
||||
}
|
||||
|
||||
Map<String, String> expected = new HashMap<String, String>();
|
||||
for (int i = 0; i < strings.length; i += 2) {
|
||||
expected.put(strings[i], strings[i + 1]);
|
||||
}
|
||||
|
||||
assertEquals("password changes", expected,
|
||||
authenticator.getNewPasswordMap());
|
||||
}
|
||||
|
||||
private void assertExpectedStatusBean(LoginStatusBean expected) {
|
||||
LoginStatusBean bean = (LoginStatusBean) session
|
||||
.getAttribute("loginStatus");
|
||||
assertNotNull("login status bean", bean);
|
||||
assertEquals("user URI", expected.getUserURI(), bean.getUserURI());
|
||||
assertEquals("user name", expected.getUsername(), bean.getUsername());
|
||||
assertEquals("security level", expected.getSecurityLevel(),
|
||||
bean.getSecurityLevel());
|
||||
}
|
||||
/** How many folks logged in? */
|
||||
private void assertExpectedLoginSessions(String... usernames) {
|
||||
Set<String> expected = new HashSet<String>(Arrays.asList(usernames));
|
||||
|
||||
/** Check that this user looks like we expected. */
|
||||
private void assertExpectedUserValues(String username, String password,
|
||||
int loginCount, boolean firstTimeIsSet) {
|
||||
User user = userDao.getUserByUsername(username);
|
||||
assertEquals("user " + username + " password",
|
||||
Authenticate.applyMd5Encoding(password), user.getMd5password());
|
||||
assertEquals("user " + username + " login count", loginCount,
|
||||
user.getLoginCount());
|
||||
assertEquals("user " + username + " firstTimeIsSet", firstTimeIsSet,
|
||||
user.getFirstTime() != null);
|
||||
Set<String> actualRecorded = new HashSet<String>(
|
||||
authenticator.getRecordedLoginUsernames());
|
||||
assertEquals("login recorded on user", expected, actualRecorded);
|
||||
|
||||
Set<String> actualSessions = new HashSet<String>(
|
||||
authenticator.getLoginSessions());
|
||||
assertEquals("login sessions", expected, actualSessions);
|
||||
}
|
||||
|
||||
/** Boilerplate login process for the rediret tests. */
|
||||
|
|
@ -421,10 +413,8 @@ public class AuthenticateTest extends AbstractTestClass {
|
|||
|
||||
auth.doPost(request, response);
|
||||
|
||||
assertExpectedStatusBean(LOGIN_STATUS_OLDHAND);
|
||||
assertExpectedLoginSessions(USER_OLDHAND_NAME);
|
||||
assertNoProcessBean();
|
||||
assertExpectedUserValues(USER_OLDHAND_NAME, USER_OLDHAND_PASSWORD,
|
||||
USER_OLDHAND_LOGIN_COUNT + 1, true);
|
||||
}
|
||||
|
||||
@SuppressWarnings("unused")
|
||||
|
|
|
|||
|
|
@ -1,92 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.User;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
|
||||
|
||||
public class UserDaoStub implements UserDao {
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub infrastructure
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private Map<String, User> usersByUsername = new HashMap<String, User>();
|
||||
private Map<String, List<String>> individualsUserMayEditAs = new HashMap<String, List<String>>();
|
||||
|
||||
public void addUser(User user) {
|
||||
usersByUsername.put(user.getUsername(), user);
|
||||
}
|
||||
|
||||
public void setIndividualsUserMayEditAs(String userUri, List<String> uriList) {
|
||||
individualsUserMayEditAs.put(userUri, uriList);
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public User getUserByUsername(String username) {
|
||||
return usersByUsername.get(username);
|
||||
}
|
||||
|
||||
/**
|
||||
* Does nothing for now. Do we need to record that the user has been
|
||||
* updated?
|
||||
*/
|
||||
@Override
|
||||
public void updateUser(User user) {
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> getIndividualsUserMayEditAs(String userURI) {
|
||||
if (individualsUserMayEditAs.containsKey(userURI)) {
|
||||
return individualsUserMayEditAs.get(userURI);
|
||||
} else {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Un-implemented methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public User getUserByURI(String URI) {
|
||||
throw new RuntimeException(
|
||||
"UserDaoStub.getUserByURI() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<User> getAllUsers() {
|
||||
throw new RuntimeException("UserDaoStub.getAllUsers() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String insertUser(User user) {
|
||||
throw new RuntimeException("UserDaoStub.insertUser() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteUser(User user) {
|
||||
throw new RuntimeException("UserDaoStub.deleteUser() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> getUserAccountEmails() {
|
||||
throw new RuntimeException(
|
||||
"UserDaoStub.getUserAccountEmails() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUserEmailAddress(String userURI) {
|
||||
throw new RuntimeException(
|
||||
"UserDaoStub.getUserEmailAddress() not implemented.");
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,260 +0,0 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.controller.edit;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ApplicationDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.Classes2ClassesDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.DataPropertyDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.DataPropertyStatementDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.DatatypeDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.FlagDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.KeywordDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.KeywordIndividualRelationDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.LinksDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.LinktypeDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.NamespaceDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyStatementDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PortalDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyGroupDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.PropertyInstanceDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.TabDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.TabIndividualRelationDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.TabVClassRelationDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.UserDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VClassDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.VClassGroupDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
/**
|
||||
* A simple stub for the WebappDaoFactory.
|
||||
*/
|
||||
public class WebappDaoFactoryStub implements WebappDaoFactory {
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub infrastructure
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private UserDao userDao;
|
||||
|
||||
public void setUserDao(UserDao userDao) {
|
||||
this.userDao = userDao;
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Stub methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public UserDao getUserDao() {
|
||||
return userDao;
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// Un-implemented methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
@Override
|
||||
public Map<String, String> getProperties() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getProperties() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String checkURI(String uriStr) {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.checkURI() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String checkURI(String uriStr, boolean checkUniqueness) {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.checkURI() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getLanguageProfile() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getLanguageProfile() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getDefaultNamespace() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getDefaultNamespace() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public Set<String> getNonuserNamespaces() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getNonuserNamespaces() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String[] getPreferredLanguages() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getPreferredLanguages() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> getCommentsForResource(String resourceURI) {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getCommentsForResource() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public WebappDaoFactory getUserAwareDaoFactory(String userURI) {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getUserAwareDaoFactory() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getUserURI() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getUserURI() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public Classes2ClassesDao getClasses2ClassesDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getClasses2ClassesDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public DataPropertyDao getDataPropertyDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getDataPropertyDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public DatatypeDao getDatatypeDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getDatatypeDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPropertyDao getObjectPropertyDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getObjectPropertyDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public OntologyDao getOntologyDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getOntologyDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public VClassDao getVClassDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getVClassDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public DataPropertyStatementDao getDataPropertyStatementDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getDataPropertyStatementDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public IndividualDao getIndividualDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getIndividualDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public ObjectPropertyStatementDao getObjectPropertyStatementDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getObjectPropertyStatementDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public ApplicationDao getApplicationDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getApplicationDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public PortalDao getPortalDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getPortalDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public TabDao getTabDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getTabDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public TabIndividualRelationDao getTabs2EntsDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getTabs2EntsDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public TabVClassRelationDao getTabs2TypesDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getTabs2TypesDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public KeywordIndividualRelationDao getKeys2EntsDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getKeys2EntsDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public KeywordDao getKeywordDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getKeywordDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public LinksDao getLinksDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getLinksDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public LinktypeDao getLinktypeDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getLinktypeDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public FlagDao getFlagDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getFlagDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public VClassGroupDao getVClassGroupDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getVClassGroupDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public PropertyGroupDao getPropertyGroupDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getPropertyGroupDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public NamespaceDao getNamespaceDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getNamespaceDao() not implemented.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public PropertyInstanceDao getPropertyInstanceDao() {
|
||||
throw new RuntimeException(
|
||||
"WebappDaoFactoryStub.getPropertyInstanceDao() not implemented.");
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Add table
Reference in a new issue