Search in sources :

Example 51 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testOrganizationSwitchingForbidden.

@Test
public void testOrganizationSwitchingForbidden() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    EasyMock.replay(securityService);
    userResponder.setResponse(switchingUser);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.ORGANIZATION_HEADER)).andReturn("mh_default_org").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    response.sendError(EasyMock.anyInt());
    EasyMock.expectLastCall().times(1);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(response);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityService(org.opencastproject.security.api.SecurityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Example 52 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method setUp.

/**
 * @throws java.lang.Exception
 */
@Before
public void setUp() throws Exception {
    defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, new DefaultOrganization()));
    switchingUser = new JaxbUser("switch", "test", new DefaultOrganization(), new JaxbRole("ROLE_USER", new DefaultOrganization()));
    userResponder = new Responder<User>(defaultUser);
    chain = EasyMock.createNiceMock(FilterChain.class);
    EasyMock.replay(chain);
    UserDirectoryService userDirectoryService = EasyMock.createNiceMock(UserDirectoryService.class);
    switchingUserResponder = new Responder<User>(switchingUser);
    EasyMock.expect(userDirectoryService.loadUser(EasyMock.anyObject(String.class))).andAnswer(switchingUserResponder).anyTimes();
    EasyMock.replay(userDirectoryService);
    OrganizationDirectoryService organizationDirectoryService = EasyMock.createNiceMock(OrganizationDirectoryService.class);
    EasyMock.expect(organizationDirectoryService.getOrganization(EasyMock.anyObject(String.class))).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.replay(organizationDirectoryService);
    filter = new RemoteUserAndOrganizationFilter();
    filter.setOrganizationDirectoryService(organizationDirectoryService);
    filter.setUserDirectoryService(userDirectoryService);
}
Also used : JaxbRole(org.opencastproject.security.api.JaxbRole) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) FilterChain(javax.servlet.FilterChain) JaxbUser(org.opencastproject.security.api.JaxbUser) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) UserDirectoryService(org.opencastproject.security.api.UserDirectoryService) OrganizationDirectoryService(org.opencastproject.security.api.OrganizationDirectoryService) Before(org.junit.Before)

Example 53 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testUserSwitchingForbidden.

@Test
public void testUserSwitchingForbidden() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    EasyMock.replay(securityService);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.USER_HEADER)).andReturn("joe").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    response.sendError(EasyMock.anyInt());
    EasyMock.expectLastCall().times(1);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(response);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityService(org.opencastproject.security.api.SecurityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Example 54 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testRolesSwitchingForbiddenAdmin.

@Test
public void testRolesSwitchingForbiddenAdmin() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    EasyMock.replay(securityService);
    User defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_SUDO_ROLE, new DefaultOrganization()));
    userResponder.setResponse(defaultUser);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.ROLES_HEADER)).andReturn("ROLE_TEST,ROLE_ADMIN").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    response.sendError(EasyMock.anyInt());
    EasyMock.expectLastCall().times(1);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(response);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) User(org.opencastproject.security.api.User) JaxbUser(org.opencastproject.security.api.JaxbUser) JaxbRole(org.opencastproject.security.api.JaxbRole) SecurityService(org.opencastproject.security.api.SecurityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) JaxbUser(org.opencastproject.security.api.JaxbUser) IOException(java.io.IOException) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Example 55 with DefaultOrganization

use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.

the class RemoteUserAndOrganizationFilterTest method testRolesSwitchingForbidden.

@Test
public void testRolesSwitchingForbidden() throws IOException {
    SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
    filter.setSecurityService(securityService);
    EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
    EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
    EasyMock.replay(securityService);
    HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
    EasyMock.expect(request.getHeader(SecurityConstants.ROLES_HEADER)).andReturn("ROLE_TEST").anyTimes();
    EasyMock.replay(request);
    HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
    response.sendError(EasyMock.anyInt());
    EasyMock.expectLastCall().times(1);
    EasyMock.replay(response);
    try {
        filter.doFilter(request, response, chain);
    } catch (Exception e) {
        Assert.fail(e.getMessage());
    }
    EasyMock.verify(response);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) SecurityService(org.opencastproject.security.api.SecurityService) HttpServletResponse(javax.servlet.http.HttpServletResponse) IOException(java.io.IOException) DefaultOrganization(org.opencastproject.security.api.DefaultOrganization) Test(org.junit.Test)

Aggregations

DefaultOrganization (org.opencastproject.security.api.DefaultOrganization)88 SecurityService (org.opencastproject.security.api.SecurityService)62 Before (org.junit.Before)47 JaxbUser (org.opencastproject.security.api.JaxbUser)45 JaxbRole (org.opencastproject.security.api.JaxbRole)39 User (org.opencastproject.security.api.User)38 Organization (org.opencastproject.security.api.Organization)31 OrganizationDirectoryService (org.opencastproject.security.api.OrganizationDirectoryService)29 UserDirectoryService (org.opencastproject.security.api.UserDirectoryService)26 Test (org.junit.Test)24 Workspace (org.opencastproject.workspace.api.Workspace)23 HashSet (java.util.HashSet)21 ArrayList (java.util.ArrayList)20 MediaPackage (org.opencastproject.mediapackage.MediaPackage)18 File (java.io.File)17 ServiceRegistryInMemoryImpl (org.opencastproject.serviceregistry.api.ServiceRegistryInMemoryImpl)17 IOException (java.io.IOException)16 MessageSender (org.opencastproject.message.broker.api.MessageSender)15 InputStream (java.io.InputStream)14 AuthorizationService (org.opencastproject.security.api.AuthorizationService)13