use of nl.knaw.huygens.timbuctoo.v5.security.UserValidator in project timbuctoo by HuygensING.
the class AuthCheckTest method checkAdminAccessReturnsNullIfTheUserIsAnAdminForTheDataSet.
@Test
public void checkAdminAccessReturnsNullIfTheUserIsAnAdminForTheDataSet() throws Exception {
User notOwner = User.create(null, "user");
UserValidator userValidator = mock(UserValidator.class);
given(userValidator.getUserFromAccessToken(anyString())).willReturn(Optional.of(notOwner));
PermissionFetcher permissionFetcher = mock(PermissionFetcher.class);
given(permissionFetcher.getPermissions(any(User.class), any(BasicDataSetMetaData.class))).willReturn(permissionsForAdmin());
Response response = checkAdminAccess(permissionFetcher, userValidator, "auth", new BasicDataSetMetaData("ownerid", "datasetid", "http://ex.org", "http://example.org/prefix/", false, false));
assertThat(response.getStatus(), is(200));
}
use of nl.knaw.huygens.timbuctoo.v5.security.UserValidator in project timbuctoo by HuygensING.
the class EntityToJsonMapperTest method setUp.
@Before
public void setUp() throws Exception {
userValidator = mock(UserValidator.class);
when(userValidator.getUserFromUserId(USER_ID)).thenReturn(Optional.of(User.create(USER_NAME, "")));
instance = new EntityToJsonMapper(userValidator, (collection, id1, rev) -> URI.create("www.example.com"));
}
use of nl.knaw.huygens.timbuctoo.v5.security.UserValidator in project timbuctoo by HuygensING.
the class AuthCheckTest method checkAdminAccessReturnsAnUnauthorizedResponseIfTheUserIsUnknown.
@Test
public void checkAdminAccessReturnsAnUnauthorizedResponseIfTheUserIsUnknown() throws Exception {
UserValidator userValidator = mock(UserValidator.class);
given(userValidator.getUserFromAccessToken(anyString())).willReturn(Optional.empty());
Response response = checkAdminAccess(null, userValidator, "auth", new BasicDataSetMetaData("ownerid", "datasetid", "http://ex.org", "http://example.org/prefix/", false, false));
assertThat(response.getStatus(), is(UNAUTHORIZED.getStatusCode()));
}
use of nl.knaw.huygens.timbuctoo.v5.security.UserValidator in project timbuctoo by HuygensING.
the class AuthCheckTest method checkAdminAccessReturnsAForbiddenResponseIfTheUserIsNotAnAdminForTheDataSet.
@Test
public void checkAdminAccessReturnsAForbiddenResponseIfTheUserIsNotAnAdminForTheDataSet() throws Exception {
User notOwner = User.create(null, "user");
UserValidator userValidator = mock(UserValidator.class);
given(userValidator.getUserFromAccessToken(anyString())).willReturn(Optional.of(notOwner));
PermissionFetcher permissionFetcher = mock(PermissionFetcher.class);
given(permissionFetcher.getPermissions(any(User.class), any(BasicDataSetMetaData.class))).willReturn(permissionsForNonAdmin());
Response response = checkAdminAccess(permissionFetcher, userValidator, "auth", new BasicDataSetMetaData("ownerid", "datasetid", "http://ex.org", "http://example.org/prefix/", false, false));
assertThat(response.getStatus(), is(FORBIDDEN.getStatusCode()));
}
use of nl.knaw.huygens.timbuctoo.v5.security.UserValidator in project timbuctoo by HuygensING.
the class AuthCheckTest method checkAdminAccessReturnsNullIfTheUserHasAdminPermissionsForTheDataSet.
@Test
public void checkAdminAccessReturnsNullIfTheUserHasAdminPermissionsForTheDataSet() throws Exception {
User notOwner = User.create(null, "user");
UserValidator userValidator = mock(UserValidator.class);
given(userValidator.getUserFromAccessToken(anyString())).willReturn(Optional.of(notOwner));
PermissionFetcher permissionFetcher = mock(PermissionFetcher.class);
given(permissionFetcher.getPermissions(any(User.class), any(BasicDataSetMetaData.class))).willReturn(permissionsForAdmin());
Response response = checkAdminAccess(permissionFetcher, userValidator, "auth", new BasicDataSetMetaData("ownerid", "datasetid", "http://ex.org", "http://example.org/prefix/", false, false));
assertThat(response.getStatus(), is(200));
}
Aggregations