use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.
the class RemoteUserAndOrganizationFilterTest method testOrganizationSwitchingForbidden.
@Test
public void testOrganizationSwitchingForbidden() throws IOException {
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
filter.setSecurityService(securityService);
EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
EasyMock.replay(securityService);
userResponder.setResponse(switchingUser);
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
EasyMock.expect(request.getHeader(SecurityConstants.ORGANIZATION_HEADER)).andReturn("mh_default_org").anyTimes();
EasyMock.replay(request);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
response.sendError(EasyMock.anyInt());
EasyMock.expectLastCall().times(1);
EasyMock.replay(response);
try {
filter.doFilter(request, response, chain);
} catch (Exception e) {
Assert.fail(e.getMessage());
}
EasyMock.verify(response);
}
use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.
the class RemoteUserAndOrganizationFilterTest method setUp.
/**
* @throws java.lang.Exception
*/
@Before
public void setUp() throws Exception {
defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_ADMIN_ROLE, new DefaultOrganization()));
switchingUser = new JaxbUser("switch", "test", new DefaultOrganization(), new JaxbRole("ROLE_USER", new DefaultOrganization()));
userResponder = new Responder<User>(defaultUser);
chain = EasyMock.createNiceMock(FilterChain.class);
EasyMock.replay(chain);
UserDirectoryService userDirectoryService = EasyMock.createNiceMock(UserDirectoryService.class);
switchingUserResponder = new Responder<User>(switchingUser);
EasyMock.expect(userDirectoryService.loadUser(EasyMock.anyObject(String.class))).andAnswer(switchingUserResponder).anyTimes();
EasyMock.replay(userDirectoryService);
OrganizationDirectoryService organizationDirectoryService = EasyMock.createNiceMock(OrganizationDirectoryService.class);
EasyMock.expect(organizationDirectoryService.getOrganization(EasyMock.anyObject(String.class))).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.replay(organizationDirectoryService);
filter = new RemoteUserAndOrganizationFilter();
filter.setOrganizationDirectoryService(organizationDirectoryService);
filter.setUserDirectoryService(userDirectoryService);
}
use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.
the class RemoteUserAndOrganizationFilterTest method testUserSwitchingForbidden.
@Test
public void testUserSwitchingForbidden() throws IOException {
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
filter.setSecurityService(securityService);
EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
EasyMock.replay(securityService);
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
EasyMock.expect(request.getHeader(SecurityConstants.USER_HEADER)).andReturn("joe").anyTimes();
EasyMock.replay(request);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
response.sendError(EasyMock.anyInt());
EasyMock.expectLastCall().times(1);
EasyMock.replay(response);
try {
filter.doFilter(request, response, chain);
} catch (Exception e) {
Assert.fail(e.getMessage());
}
EasyMock.verify(response);
}
use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.
the class RemoteUserAndOrganizationFilterTest method testRolesSwitchingForbiddenAdmin.
@Test
public void testRolesSwitchingForbiddenAdmin() throws IOException {
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
filter.setSecurityService(securityService);
EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
EasyMock.replay(securityService);
User defaultUser = new JaxbUser("admin", "test", new DefaultOrganization(), new JaxbRole(SecurityConstants.GLOBAL_SUDO_ROLE, new DefaultOrganization()));
userResponder.setResponse(defaultUser);
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
EasyMock.expect(request.getHeader(SecurityConstants.ROLES_HEADER)).andReturn("ROLE_TEST,ROLE_ADMIN").anyTimes();
EasyMock.replay(request);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
response.sendError(EasyMock.anyInt());
EasyMock.expectLastCall().times(1);
EasyMock.replay(response);
try {
filter.doFilter(request, response, chain);
} catch (Exception e) {
Assert.fail(e.getMessage());
}
EasyMock.verify(response);
}
use of org.opencastproject.security.api.DefaultOrganization in project opencast by opencast.
the class RemoteUserAndOrganizationFilterTest method testRolesSwitchingForbidden.
@Test
public void testRolesSwitchingForbidden() throws IOException {
SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);
filter.setSecurityService(securityService);
EasyMock.expect(securityService.getOrganization()).andReturn(new DefaultOrganization()).anyTimes();
EasyMock.expect(securityService.getUser()).andAnswer(userResponder).anyTimes();
EasyMock.replay(securityService);
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
EasyMock.expect(request.getHeader(SecurityConstants.ROLES_HEADER)).andReturn("ROLE_TEST").anyTimes();
EasyMock.replay(request);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
response.sendError(EasyMock.anyInt());
EasyMock.expectLastCall().times(1);
EasyMock.replay(response);
try {
filter.doFilter(request, response, chain);
} catch (Exception e) {
Assert.fail(e.getMessage());
}
EasyMock.verify(response);
}
Aggregations