Example 11 with PermissionMessageException
use of org.openlmis.stockmanagement.exception.PermissionMessageException in project openlmis-stockmanagement by OpenLMIS.
the class PermissionService method checkUserToken.
private ResultDto<Boolean> checkUserToken(String rightName, UUID program, UUID facility, UUID warehouse) {
UserDto user = authenticationHelper.getCurrentUser();
RightDto right = authenticationHelper.getRight(rightName);
try {
return userReferenceDataService.hasRight(user.getId(), right.getId(), program, facility, warehouse);
} catch (HttpClientErrorException httpException) {
throw new PermissionMessageException(new Message(ERROR_PERMISSION_CHECK_FAILED, httpException.getMessage()), httpException);
}
}
Also used :
RightDto(org.openlmis.stockmanagement.dto.referencedata.RightDto)
HttpClientErrorException(org.springframework.web.client.HttpClientErrorException)
Message(org.openlmis.stockmanagement.util.Message)
UserDto(org.openlmis.stockmanagement.dto.referencedata.UserDto)
PermissionMessageException(org.openlmis.stockmanagement.exception.PermissionMessageException)
Example 12 with PermissionMessageException
use of org.openlmis.stockmanagement.exception.PermissionMessageException in project openlmis-stockmanagement by OpenLMIS.
the class StockCardSummariesV2ControllerIntegrationTest method shouldReturnForbiddenIfNoPermission.
@Test
public void shouldReturnForbiddenIfNoPermission() throws Exception {
doThrow(new PermissionMessageException(new Message("no permission"))).when(stockCardSummariesService).findStockCards(any(StockCardSummariesV2SearchParams.class));
ResultActions resultActions = mvc.perform(get(API_STOCK_CARD_SUMMARIES).param(ACCESS_TOKEN, ACCESS_TOKEN_VALUE).param(PAGE, String.valueOf(pageable.getPageNumber())).param(SIZE, String.valueOf(pageable.getPageSize())).param(PROGRAM_ID, params.getProgramId().toString()).param(FACILITY_ID, params.getFacilityId().toString()));
resultActions.andExpect(status().isForbidden());
}
Also used :
Message(org.openlmis.stockmanagement.util.Message)
StockCardSummariesV2SearchParams(org.openlmis.stockmanagement.service.StockCardSummariesV2SearchParams)
ResultActions(org.springframework.test.web.servlet.ResultActions)
PermissionMessageException(org.openlmis.stockmanagement.exception.PermissionMessageException)
Test(org.junit.Test)
BaseWebTest(org.openlmis.stockmanagement.web.BaseWebTest)
Example 13 with PermissionMessageException
use of org.openlmis.stockmanagement.exception.PermissionMessageException in project openlmis-stockmanagement by OpenLMIS.
the class OrganizationControllerIntegrationTest method shouldReturn403WhenUserHasNoPermissionToManageOrganizations.
@Test
public void shouldReturn403WhenUserHasNoPermissionToManageOrganizations() throws Exception {
// given
doThrow(new PermissionMessageException(new Message("key"))).when(permissionService).canManageOrganizations();
Organization organization = createOrganization("Would Get 403");
// 1. try to create organization
ResultActions postResult = mvc.perform(post(ORGANIZATION_API).param(ACCESS_TOKEN, ACCESS_TOKEN_VALUE).contentType(MediaType.APPLICATION_JSON).content(objectToJsonString(organization)));
postResult.andExpect(status().isForbidden());
// 2. try to update organization
ResultActions putResult = mvc.perform(put(ORGANIZATION_API + UUID.randomUUID().toString()).param(ACCESS_TOKEN, ACCESS_TOKEN_VALUE).contentType(MediaType.APPLICATION_JSON).content(objectToJsonString(organization)));
putResult.andExpect(status().isForbidden());
// 3. try to retrieve organizations
ResultActions getResult = mvc.perform(get(ORGANIZATION_API).param(ACCESS_TOKEN, ACCESS_TOKEN_VALUE).contentType(MediaType.APPLICATION_JSON));
getResult.andExpect(status().isForbidden());
}
Also used :
Organization(org.openlmis.stockmanagement.domain.sourcedestination.Organization)
Message(org.openlmis.stockmanagement.util.Message)
ResultActions(org.springframework.test.web.servlet.ResultActions)
PermissionMessageException(org.openlmis.stockmanagement.exception.PermissionMessageException)
Test(org.junit.Test)
Aggregations
PermissionMessageException (org.openlmis.stockmanagement.exception.PermissionMessageException)13
Message (org.openlmis.stockmanagement.util.Message)13
Test (org.junit.Test)11
ResultActions (org.springframework.test.web.servlet.ResultActions)7
UUID (java.util.UUID)5
StockEventDto (org.openlmis.stockmanagement.dto.StockEventDto)3
StockEventDtoDataBuilder.createNoSourceDestinationStockEventDto (org.openlmis.stockmanagement.testutils.StockEventDtoDataBuilder.createNoSourceDestinationStockEventDto)3
StockEventDtoDataBuilder.createStockEventDto (org.openlmis.stockmanagement.testutils.StockEventDtoDataBuilder.createStockEventDto)3
UUID.randomUUID (java.util.UUID.randomUUID)1
BaseIntegrationTest (org.openlmis.stockmanagement.BaseIntegrationTest)1
StockEvent (org.openlmis.stockmanagement.domain.event.StockEvent)1
StockCardLineItemReason (org.openlmis.stockmanagement.domain.reason.StockCardLineItemReason)1
Organization (org.openlmis.stockmanagement.domain.sourcedestination.Organization)1
StockCardTemplate (org.openlmis.stockmanagement.domain.template.StockCardTemplate)1
RightDto (org.openlmis.stockmanagement.dto.referencedata.RightDto)1
UserDto (org.openlmis.stockmanagement.dto.referencedata.UserDto)1
StockCardSummariesV2SearchParams (org.openlmis.stockmanagement.service.StockCardSummariesV2SearchParams)1
StockCardSummariesV2SearchParamsDataBuilder (org.openlmis.stockmanagement.testutils.StockCardSummariesV2SearchParamsDataBuilder)1
BaseWebTest (org.openlmis.stockmanagement.web.BaseWebTest)1
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)1
