Example 1 with Permissions
use of org.killbill.billing.client.model.Permissions in project killbill by killbill.
the class TestSecurity method testUserWithUpdates.
@Test(groups = "slow")
public void testUserWithUpdates() throws KillBillClientException {
final String roleDefinition = "somethingNice";
final String allPermissions = "*";
final String username = "GuanYu";
final String password = "IamAGreatWarrior";
Response response = killBillClient.addRoleDefinition(new RoleDefinition(roleDefinition, ImmutableList.of(allPermissions)), createdBy, reason, comment);
Assert.assertEquals(response.getStatusCode(), 201);
response = killBillClient.addUserRoles(new UserRoles(username, password, ImmutableList.of(roleDefinition)), createdBy, reason, comment);
Assert.assertEquals(response.getStatusCode(), 201);
logout();
login(username, password);
Permissions permissions = killBillClient.getPermissions();
Assert.assertEquals(permissions.size(), Permission.values().length);
String newPassword = "IamTheBestWarrior";
killBillClient.updateUserPassword(username, newPassword, createdBy, reason, comment);
logout();
login(username, newPassword);
permissions = killBillClient.getPermissions();
Assert.assertEquals(permissions.size(), Permission.values().length);
final String newRoleDefinition = "somethingLessNice";
// Only enough permissions to invalidate itself in the last step...
final String littlePermissions = "user";
response = killBillClient.addRoleDefinition(new RoleDefinition(newRoleDefinition, ImmutableList.of(littlePermissions)), createdBy, reason, comment);
Assert.assertEquals(response.getStatusCode(), 201);
killBillClient.updateUserRoles(username, ImmutableList.of(newRoleDefinition), createdBy, reason, comment);
permissions = killBillClient.getPermissions();
// This will only work if correct shiro cache invalidation was performed... requires lots of sweat to get it to work ;-)
Assert.assertEquals(permissions.size(), 2);
killBillClient.invalidateUser(username, createdBy, reason, comment);
try {
killBillClient.getPermissions();
Assert.fail();
} catch (final KillBillClientException e) {
Assert.assertEquals(e.getResponse().getStatusCode(), Status.UNAUTHORIZED.getStatusCode());
}
}
Also used :
Response(com.ning.http.client.Response)
UserRoles(org.killbill.billing.client.model.UserRoles)
RoleDefinition(org.killbill.billing.client.model.RoleDefinition)
Permissions(org.killbill.billing.client.model.Permissions)
KillBillClientException(org.killbill.billing.client.KillBillClientException)
Test(org.testng.annotations.Test)
Example 2 with Permissions
use of org.killbill.billing.client.model.Permissions in project killbill by killbill.
the class TestSecurity method testDynamicUserRolesNoPermissions.
@Test(groups = "slow")
public void testDynamicUserRolesNoPermissions() throws Exception {
final String username = UUID.randomUUID().toString();
final String password = UUID.randomUUID().toString();
final String role = UUID.randomUUID().toString();
testDynamicUserRolesInternal(username, password, role, ImmutableList.of(""), false);
final Permissions permissions = killBillClient.getPermissions(RequestOptions.builder().withUser(username).withPassword(password).build());
Assert.assertEquals(permissions.size(), 0);
}
Also used :
Permissions(org.killbill.billing.client.model.Permissions)
Test(org.testng.annotations.Test)
Aggregations
Permissions (org.killbill.billing.client.model.Permissions)2
Test (org.testng.annotations.Test)2
Response (com.ning.http.client.Response)1
KillBillClientException (org.killbill.billing.client.KillBillClientException)1
RoleDefinition (org.killbill.billing.client.model.RoleDefinition)1
UserRoles (org.killbill.billing.client.model.UserRoles)1
