Examples with JpaUser org.opencastproject.security.impl.jpa.JpaUser used on opensource projects

Example 11 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaUserProviderTest method testUpdateUserForbiddenForNonAdminUsers.

@Test
public void testUpdateUserForbiddenForNonAdminUsers() throws Exception {
    JpaUser adminUser = createUserWithRoles(org1, "admin", SecurityConstants.GLOBAL_ADMIN_ROLE);
    JpaUser user = createUserWithRoles(org1, "user", "ROLE_USER");
    provider.addUser(adminUser);
    provider.addUser(user);
    provider.setSecurityService(mockSecurityServiceWithUser(user));
    // try to add ROLE_USER
    Set<JpaRole> updatedRoles = Collections.set(new JpaRole("ROLE_USER", org1), new JpaRole(SecurityConstants.GLOBAL_ADMIN_ROLE, org1));
    try {
        provider.updateUser(new JpaUser(adminUser.getUsername(), adminUser.getPassword(), org1, adminUser.getName(), true, updatedRoles));
        fail("The current user may not edit an admin user");
    } catch (UnauthorizedException e) {
    // pass
    }
    // try to remove ROLE_ADMIN
    updatedRoles = Collections.set(new JpaRole("ROLE_USER", org1));
    try {
        provider.updateUser(new JpaUser(adminUser.getUsername(), adminUser.getPassword(), org1, adminUser.getName(), true, updatedRoles));
        fail("The current user may not remove the admin role on other user");
    } catch (UnauthorizedException e) {
    // pass
    }
}

Example 12 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaUserProviderTest method testAddUserWithGlobalAdminRoleNotAllowedAsNonAdminUser.

@Test(expected = UnauthorizedException.class)
public void testAddUserWithGlobalAdminRoleNotAllowedAsNonAdminUser() throws Exception {
    provider.setSecurityService(mockSecurityServiceWithUser(createUserWithRoles(org1, "user1", "ROLE_USER")));
    JpaUser newUser = createUserWithRoles(org1, "admin2", SecurityConstants.GLOBAL_ADMIN_ROLE);
    provider.addUser(newUser);
    fail("The current user shouldn't able to create an global admin user.");
}

Example 13 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaUserProviderTest method testAddUserWithOrgAdminRoleNotAllowedAsNonAdminUser.

@Test(expected = UnauthorizedException.class)
public void testAddUserWithOrgAdminRoleNotAllowedAsNonAdminUser() throws Exception {
    provider.setSecurityService(mockSecurityServiceWithUser(createUserWithRoles(org1, "user1", "ROLE_USER")));
    JpaUser newUser = createUserWithRoles(org1, "org_admin2", org1.getAdminRole());
    provider.addUser(newUser);
    fail("The current user shouldn't able to create an global admin user.");
}

Example 14 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaUserProviderTest method testUpdateUser.

@Test
public void testUpdateUser() throws Exception {
    Set<JpaRole> authorities = new HashSet<JpaRole>();
    authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2011_STUDENT", org1));
    JpaUser user = new JpaUser("user1", "pass1", org1, provider.getName(), true, authorities);
    provider.addUser(user);
    User loadUser = provider.loadUser("user1");
    assertNotNull(loadUser);
    authorities.add(new JpaRole("ROLE_ASTRO_101_SPRING_2013_STUDENT", org1));
    String newPassword = "newPassword";
    JpaUser updateUser = new JpaUser(user.getUsername(), newPassword, org1, provider.getName(), true, authorities);
    User loadUpdatedUser = provider.updateUser(updateUser);
    // User loadUpdatedUser = provider.loadUser(user.getUsername());
    assertNotNull(loadUpdatedUser);
    assertEquals(user.getUsername(), loadUpdatedUser.getUsername());
    assertEquals(PasswordEncoder.encode(newPassword, user.getUsername()), loadUpdatedUser.getPassword());
    assertEquals(authorities.size(), loadUpdatedUser.getRoles().size());
    updateUser = new JpaUser("unknown", newPassword, org1, provider.getName(), true, authorities);
    try {
        provider.updateUser(updateUser);
        fail("Should throw a NotFoundException");
    } catch (NotFoundException e) {
        assertTrue("User not found.", true);
    }
}

Example 15 with JpaUser

use of org.opencastproject.security.impl.jpa.JpaUser in project opencast by opencast.

the class JpaUserProviderTest method testAddUserWithOrgAdminRoleAsOrgAdmin.

@Test
public void testAddUserWithOrgAdminRoleAsOrgAdmin() throws Exception {
    provider.setSecurityService(mockSecurityServiceWithUser(createUserWithRoles(org1, "org_admin", org1.getAdminRole())));
    JpaUser newUser = createUserWithRoles(org1, "org_admin2", org1.getAdminRole());
    provider.addUser(newUser);
    User loadedUser = provider.loadUser(newUser.getUsername());
    assertNotNull("The currently added user isn't loaded as expected", loadedUser);
    assertEquals(newUser.getUsername(), loadedUser.getUsername());
    assertEquals(newUser.getRoles(), loadedUser.getRoles());
}