Search in sources :

Example 1 with OrcidSecurityManager

use of org.orcid.core.manager.v3.OrcidSecurityManager in project ORCID-Source by ORCID.

the class MemberV3ApiServiceDelegator_GeneralTest method testSearchByQuery.

@Test
public void testSearchByQuery() {
    Search search = new Search();
    Result result = new Result();
    result.setOrcidIdentifier(new OrcidIdentifier("some-orcid-id"));
    search.getResults().add(result);
    OrcidSearchManager orcidSearchManager = Mockito.mock(OrcidSearchManagerImpl.class);
    Mockito.when(orcidSearchManager.findOrcidIds(Matchers.<Map<String, List<String>>>any())).thenReturn(search);
    OrcidSecurityManager orcidSecurityManager = Mockito.mock(OrcidSecurityManagerImpl.class);
    Mockito.doNothing().when(orcidSecurityManager).checkScopes(Mockito.any(ScopePathType.class));
    MemberV3ApiServiceDelegatorImpl delegator = new MemberV3ApiServiceDelegatorImpl();
    ReflectionTestUtils.setField(delegator, "orcidSearchManager", orcidSearchManager);
    ReflectionTestUtils.setField(delegator, "orcidSecurityManager", orcidSecurityManager);
    Response response = delegator.searchByQuery(new HashMap<String, List<String>>());
    assertNotNull(response);
    assertNotNull(response.getEntity());
    assertTrue(response.getEntity() instanceof Search);
    assertEquals(1, ((Search) response.getEntity()).getResults().size());
    assertEquals("some-orcid-id", ((Search) response.getEntity()).getResults().get(0).getOrcidIdentifier().getPath());
}
Also used : Response(javax.ws.rs.core.Response) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OrcidIdentifier(org.orcid.jaxb.model.v3.dev1.common.OrcidIdentifier) Search(org.orcid.jaxb.model.v3.dev1.search.Search) OrcidSecurityManager(org.orcid.core.manager.v3.OrcidSecurityManager) List(java.util.List) MemberV3ApiServiceDelegatorImpl(org.orcid.api.memberV3.server.delegator.impl.MemberV3ApiServiceDelegatorImpl) OrcidSearchManager(org.orcid.core.manager.v3.OrcidSearchManager) Result(org.orcid.jaxb.model.v3.dev1.search.Result) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 2 with OrcidSecurityManager

use of org.orcid.core.manager.v3.OrcidSecurityManager in project ORCID-Source by ORCID.

the class MemberV3ApiServiceDelegator_GeneralTest method testSearchByQueryBadScope.

@Test(expected = AccessControlException.class)
public void testSearchByQueryBadScope() {
    OrcidSecurityManager orcidSecurityManager = Mockito.mock(OrcidSecurityManagerImpl.class);
    Mockito.doThrow(new AccessControlException("some problem with scope")).when(orcidSecurityManager).checkScopes(Mockito.any(ScopePathType.class));
    MemberV3ApiServiceDelegatorImpl delegator = new MemberV3ApiServiceDelegatorImpl();
    ReflectionTestUtils.setField(delegator, "orcidSecurityManager", orcidSecurityManager);
    delegator.searchByQuery(new HashMap<>());
}
Also used : ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OrcidSecurityManager(org.orcid.core.manager.v3.OrcidSecurityManager) AccessControlException(java.security.AccessControlException) MemberV3ApiServiceDelegatorImpl(org.orcid.api.memberV3.server.delegator.impl.MemberV3ApiServiceDelegatorImpl) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 3 with OrcidSecurityManager

use of org.orcid.core.manager.v3.OrcidSecurityManager in project ORCID-Source by ORCID.

the class PublicV3ApiServiceDelegatorTest method testSearchByQueryLegalStart.

@Test
public void testSearchByQueryLegalStart() {
    Map<String, List<String>> params = new HashMap<>();
    params.put("start", Arrays.asList(Integer.toString(OrcidSearchManager.MAX_SEARCH_START)));
    LocaleManager localeManager = Mockito.mock(LocaleManagerImpl.class);
    Mockito.when(localeManager.resolveMessage(Mockito.anyString())).thenReturn("a message");
    OrcidSearchManager orcidSearchManager = Mockito.mock(OrcidSearchManagerImpl.class);
    Mockito.when(orcidSearchManager.findOrcidIds(Mockito.anyMap())).thenReturn(new Search());
    OrcidSecurityManager orcidSecurityManager = Mockito.mock(OrcidSecurityManagerImpl.class);
    Mockito.when(orcidSecurityManager.getClientIdFromAPIRequest()).thenReturn(null);
    PublicV3ApiServiceDelegatorImpl delegator = new PublicV3ApiServiceDelegatorImpl();
    ReflectionTestUtils.setField(delegator, "localeManager", localeManager);
    ReflectionTestUtils.setField(delegator, "orcidSearchManager", orcidSearchManager);
    ReflectionTestUtils.setField(delegator, "orcidSecurityManager", orcidSecurityManager);
    Response response = delegator.searchByQuery(params);
    assertNotNull(response);
}
Also used : Response(javax.ws.rs.core.Response) HashMap(java.util.HashMap) PublicV3ApiServiceDelegatorImpl(org.orcid.api.publicV3.server.delegator.impl.PublicV3ApiServiceDelegatorImpl) Search(org.orcid.jaxb.model.v3.dev1.search.Search) OrcidSecurityManager(org.orcid.core.manager.v3.OrcidSecurityManager) ArrayList(java.util.ArrayList) List(java.util.List) LocaleManager(org.orcid.core.locale.LocaleManager) OrcidSearchManager(org.orcid.core.manager.v3.OrcidSearchManager) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 4 with OrcidSecurityManager

use of org.orcid.core.manager.v3.OrcidSecurityManager in project ORCID-Source by ORCID.

the class ManageProfileControllerTest method initMocks.

@Before
public void initMocks() throws Exception {
    controller = new ManageProfileController();
    MockitoAnnotations.initMocks(this);
    SecurityContextHolder.getContext().setAuthentication(getAuthentication(USER_ORCID));
    TargetProxyHelper.injectIntoProxy(controller, "profileEntityCacheManager", mockProfileEntityCacheManager);
    TargetProxyHelper.injectIntoProxy(controller, "encryptionManager", mockEncryptionManager);
    TargetProxyHelper.injectIntoProxy(controller, "emailManager", mockEmailManager);
    TargetProxyHelper.injectIntoProxy(controller, "localeManager", mockLocaleManager);
    TargetProxyHelper.injectIntoProxy(controller, "profileEntityManager", mockProfileEntityManager);
    TargetProxyHelper.injectIntoProxy(controller, "givenPermissionToManager", mockGivenPermissionToManager);
    TargetProxyHelper.injectIntoProxy(controller, "givenPermissionToManagerReadOnly", mockGivenPermissionToManagerReadOnly);
    TargetProxyHelper.injectIntoProxy(controller, "orcidSecurityManager", mockOrcidSecurityManager);
    TargetProxyHelper.injectIntoProxy(controller, "orcidIdentifierUtils", mockOrcidIdentifierUtils);
    TargetProxyHelper.injectIntoProxy(controller, "profileLastModifiedAspect", profileLastModifiedAspect);
    when(mockOrcidSecurityManager.isPasswordConfirmationRequired()).thenReturn(true);
    when(mockEncryptionManager.hashMatches(Mockito.anyString(), Mockito.anyString())).thenReturn(true);
    when(mockEncryptionManager.hashMatches(Mockito.eq("invalid password"), Mockito.anyString())).thenReturn(false);
    when(mockProfileEntityManager.deprecateProfile(Mockito.eq(DEPRECATED_USER_ORCID), Mockito.eq(USER_ORCID), Mockito.eq(ProfileEntity.USER_DRIVEN_DEPRECATION), Mockito.isNull())).thenReturn(true);
    when(mockProfileEntityManager.deprecateProfile(Mockito.eq(DEPRECATED_USER_ORCID), Mockito.eq(USER_ORCID), Mockito.anyString(), Mockito.anyString())).thenReturn(true);
    when(mockProfileEntityManager.deprecateProfile(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.anyString())).thenReturn(false);
    when(profileLastModifiedAspect.retrieveLastModifiedDate(anyString())).thenReturn(new Date());
    when(mockOrcidIdentifierUtils.buildOrcidIdentifier(Mockito.anyString())).thenAnswer(new Answer<OrcidIdentifier>() {

        @Override
        public OrcidIdentifier answer(InvocationOnMock invocation) throws Throwable {
            OrcidIdentifier result = new OrcidIdentifier();
            result.setPath(invocation.getArgument(0));
            return result;
        }
    });
    when(mockLocaleManager.resolveMessage(Mockito.anyString(), Mockito.any())).thenAnswer(new Answer<String>() {

        @Override
        public String answer(InvocationOnMock invocation) throws Throwable {
            return invocation.getArgument(0);
        }
    });
    when(mockProfileEntityCacheManager.retrieve(Mockito.anyString())).then(new Answer<ProfileEntity>() {

        @Override
        public ProfileEntity answer(InvocationOnMock invocation) throws Throwable {
            ProfileEntity entity = new ProfileEntity();
            entity.setId(invocation.getArgument(0));
            Set<GivenPermissionToEntity> givenPermissionTo = new HashSet<GivenPermissionToEntity>();
            IntStream.range(0, 2).forEachOrdered(i -> {
                GivenPermissionToEntity e1 = new GivenPermissionToEntity();
                e1.setId(Long.valueOf(i));
                Date now = new Date();
                e1.setApprovalDate(now);
                e1.setDateCreated(now);
                e1.setGiver(invocation.getArgument(0));
                ProfileSummaryEntity ps = new ProfileSummaryEntity();
                RecordNameEntity recordName = new RecordNameEntity();
                recordName.setVisibility(org.orcid.jaxb.model.common_v2.Visibility.PUBLIC);
                if (i == 0) {
                    ps.setId("0000-0000-0000-0004");
                    recordName.setCreditName("Credit Name");
                } else {
                    ps.setId("0000-0000-0000-0005");
                    recordName.setFamilyName("Family Name");
                    recordName.setGivenNames("Given Names");
                }
                ps.setRecordNameEntity(recordName);
                e1.setReceiver(ps);
                givenPermissionTo.add(e1);
            });
            entity.setGivenPermissionTo(givenPermissionTo);
            EmailEntity email1 = new EmailEntity();
            email1.setId(invocation.getArgument(0) + "_1@test.orcid.org");
            email1.setVerified(true);
            email1.setCurrent(true);
            email1.setDateCreated(new Date());
            email1.setLastModified(new Date());
            email1.setPrimary(true);
            email1.setVisibility(org.orcid.jaxb.model.common_v2.Visibility.PUBLIC);
            EmailEntity email2 = new EmailEntity();
            email2.setId(invocation.getArgument(0) + "_2@test.orcid.org");
            email2.setVerified(true);
            email2.setCurrent(false);
            email2.setDateCreated(new Date());
            email2.setLastModified(new Date());
            email2.setPrimary(false);
            email2.setVisibility(org.orcid.jaxb.model.common_v2.Visibility.PUBLIC);
            Set<EmailEntity> emails = new HashSet<EmailEntity>();
            emails.add(email1);
            emails.add(email2);
            entity.setEmails(emails);
            entity.setRecordNameEntity(getRecordName(invocation.getArgument(0)));
            entity.setEncryptedPassword("password");
            return entity;
        }
    });
    when(mockEmailManager.getEmails(Mockito.anyString())).thenAnswer(new Answer<Emails>() {

        @Override
        public Emails answer(InvocationOnMock invocation) throws Throwable {
            Emails emails = new Emails();
            Email email1 = new Email();
            email1.setEmail(invocation.getArgument(0) + "_1@test.orcid.org");
            email1.setVisibility(Visibility.PUBLIC);
            emails.getEmails().add(email1);
            Email email2 = new Email();
            email2.setEmail(invocation.getArgument(0) + "_2@test.orcid.org");
            email2.setVisibility(Visibility.PUBLIC);
            emails.getEmails().add(email2);
            return emails;
        }
    });
    when(mockEmailManager.findCaseInsensitive(Mockito.anyString())).thenAnswer(new Answer<EmailEntity>() {

        @Override
        public EmailEntity answer(InvocationOnMock invocation) throws Throwable {
            String emailString = invocation.getArgument(0);
            String orcidString = emailString.substring(0, (emailString.indexOf("_")));
            EmailEntity email = new EmailEntity();
            email.setId(emailString);
            email.setVisibility(org.orcid.jaxb.model.common_v2.Visibility.PUBLIC);
            ProfileEntity entity = new ProfileEntity(orcidString);
            entity.setEncryptedPassword("password");
            entity.setRecordNameEntity(getRecordName(orcidString));
            email.setProfile(entity);
            return email;
        }
    });
    when(mockGivenPermissionToManagerReadOnly.findByGiver(anyString(), anyLong())).thenAnswer(new Answer<List<DelegateForm>>() {

        @Override
        public List<DelegateForm> answer(InvocationOnMock invocation) throws Throwable {
            XMLGregorianCalendar now = DateUtils.convertToXMLGregorianCalendar(new Date());
            List<DelegateForm> list = new ArrayList<DelegateForm>();
            DelegateForm one = new DelegateForm();
            one.setGiverOrcid(new OrcidIdentifier(USER_ORCID));
            one.setReceiverOrcid(new OrcidIdentifier("0000-0000-0000-0004"));
            one.setReceiverName(Text.valueOf("Credit Name"));
            one.setApprovalDate(now);
            list.add(one);
            DelegateForm two = new DelegateForm();
            two.setGiverOrcid(new OrcidIdentifier(USER_ORCID));
            two.setReceiverOrcid(new OrcidIdentifier("0000-0000-0000-0005"));
            two.setReceiverName(Text.valueOf("Given Names Family Name"));
            two.setApprovalDate(now);
            list.add(two);
            return list;
        }
    });
}
Also used : Arrays(java.util.Arrays) TargetProxyHelper(org.orcid.test.TargetProxyHelper) ProfileSummaryEntity(org.orcid.persistence.jpa.entities.ProfileSummaryEntity) Date(java.util.Date) Emails(org.orcid.jaxb.model.v3.dev1.record.Emails) DelegateForm(org.orcid.pojo.DelegateForm) EmailManager(org.orcid.core.manager.v3.EmailManager) RecordNameEntity(org.orcid.persistence.jpa.entities.RecordNameEntity) StringUtils(org.apache.commons.lang3.StringUtils) NamesForm(org.orcid.pojo.ajaxForm.NamesForm) MockitoAnnotations(org.mockito.MockitoAnnotations) ProfileLastModifiedAspect(org.orcid.persistence.aop.ProfileLastModifiedAspect) ManageDelegate(org.orcid.pojo.ManageDelegate) BiographyManager(org.orcid.core.manager.v3.BiographyManager) ProfileEntityCacheManager(org.orcid.core.manager.ProfileEntityCacheManager) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) BiographyForm(org.orcid.pojo.ajaxForm.BiographyForm) OrcidIdentifier(org.orcid.jaxb.model.v3.dev1.common.OrcidIdentifier) EncryptionManager(org.orcid.core.manager.EncryptionManager) Set(java.util.Set) CreditName(org.orcid.jaxb.model.v3.dev1.common.CreditName) FamilyName(org.orcid.jaxb.model.v3.dev1.record.FamilyName) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) LocaleManager(org.orcid.core.locale.LocaleManager) Text(org.orcid.pojo.ajaxForm.Text) List(java.util.List) GivenPermissionToManagerReadOnly(org.orcid.core.manager.v3.read_only.GivenPermissionToManagerReadOnly) OrcidWebRole(org.orcid.core.security.OrcidWebRole) Email(org.orcid.jaxb.model.v3.dev1.record.Email) EmailEntity(org.orcid.persistence.jpa.entities.EmailEntity) VerificationModeFactory.times(org.mockito.internal.verification.VerificationModeFactory.times) Assert.assertFalse(org.junit.Assert.assertFalse) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) Authentication(org.springframework.security.core.Authentication) IntStream(java.util.stream.IntStream) ArgumentMatchers.anyLong(org.mockito.ArgumentMatchers.anyLong) Biography(org.orcid.jaxb.model.v3.dev1.record.Biography) NoSuchRequestHandlingMethodException(org.springframework.web.servlet.mvc.multiaction.NoSuchRequestHandlingMethodException) Mock(org.mockito.Mock) ProfileEntityManager(org.orcid.core.manager.v3.ProfileEntityManager) OrcidIdentifierUtils(org.orcid.core.utils.v3.OrcidIdentifierUtils) DateUtils(org.orcid.utils.DateUtils) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) GivenPermissionToEntity(org.orcid.persistence.jpa.entities.GivenPermissionToEntity) Answer(org.mockito.stubbing.Answer) RecordNameManager(org.orcid.core.manager.v3.RecordNameManager) InvocationOnMock(org.mockito.invocation.InvocationOnMock) SecurityQuestion(org.orcid.pojo.SecurityQuestion) OrcidSecurityManager(org.orcid.core.manager.v3.OrcidSecurityManager) Before(org.junit.Before) OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails) GivenNames(org.orcid.jaxb.model.v3.dev1.record.GivenNames) DeprecateProfile(org.orcid.pojo.DeprecateProfile) GivenPermissionToManager(org.orcid.core.manager.v3.GivenPermissionToManager) Assert.assertNotNull(org.junit.Assert.assertNotNull) Assert.assertTrue(org.junit.Assert.assertTrue) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Visibility(org.orcid.jaxb.model.v3.dev1.common.Visibility) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) Mockito.verify(org.mockito.Mockito.verify) Mockito(org.mockito.Mockito) Assert.assertNull(org.junit.Assert.assertNull) Name(org.orcid.jaxb.model.v3.dev1.record.Name) Assert.assertEquals(org.junit.Assert.assertEquals) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) ProfileSummaryEntity(org.orcid.persistence.jpa.entities.ProfileSummaryEntity) Set(java.util.Set) HashSet(java.util.HashSet) Email(org.orcid.jaxb.model.v3.dev1.record.Email) RecordNameEntity(org.orcid.persistence.jpa.entities.RecordNameEntity) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) OrcidIdentifier(org.orcid.jaxb.model.v3.dev1.common.OrcidIdentifier) DelegateForm(org.orcid.pojo.DelegateForm) List(java.util.List) ArrayList(java.util.ArrayList) Emails(org.orcid.jaxb.model.v3.dev1.record.Emails) GivenPermissionToEntity(org.orcid.persistence.jpa.entities.GivenPermissionToEntity) EmailEntity(org.orcid.persistence.jpa.entities.EmailEntity) Date(java.util.Date) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) InvocationOnMock(org.mockito.invocation.InvocationOnMock) Before(org.junit.Before)

Example 5 with OrcidSecurityManager

use of org.orcid.core.manager.v3.OrcidSecurityManager in project ORCID-Source by ORCID.

the class MemberV3ApiServiceDelegator_GeneralTest method testSearchByQueryTooManyRows.

@Test(expected = OrcidBadRequestException.class)
public void testSearchByQueryTooManyRows() {
    Map<String, List<String>> params = new HashMap<>();
    params.put("rows", Arrays.asList(Integer.toString(OrcidSearchManager.MAX_SEARCH_ROWS + 20)));
    LocaleManager localeManager = Mockito.mock(LocaleManagerImpl.class);
    Mockito.when(localeManager.resolveMessage(Mockito.anyString())).thenReturn("a message");
    OrcidSecurityManager orcidSecurityManager = Mockito.mock(OrcidSecurityManagerImpl.class);
    Mockito.doNothing().when(orcidSecurityManager).checkScopes(Mockito.any(ScopePathType.class));
    MemberV3ApiServiceDelegatorImpl delegator = new MemberV3ApiServiceDelegatorImpl();
    ReflectionTestUtils.setField(delegator, "localeManager", localeManager);
    ReflectionTestUtils.setField(delegator, "orcidSecurityManager", orcidSecurityManager);
    delegator.searchByQuery(params);
}
Also used : ScopePathType(org.orcid.jaxb.model.message.ScopePathType) HashMap(java.util.HashMap) OrcidSecurityManager(org.orcid.core.manager.v3.OrcidSecurityManager) List(java.util.List) MemberV3ApiServiceDelegatorImpl(org.orcid.api.memberV3.server.delegator.impl.MemberV3ApiServiceDelegatorImpl) LocaleManager(org.orcid.core.locale.LocaleManager) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)7 OrcidSecurityManager (org.orcid.core.manager.v3.OrcidSecurityManager)7 List (java.util.List)6 DBUnitTest (org.orcid.test.DBUnitTest)6 ArrayList (java.util.ArrayList)4 LocaleManager (org.orcid.core.locale.LocaleManager)4 HashMap (java.util.HashMap)3 Response (javax.ws.rs.core.Response)3 MemberV3ApiServiceDelegatorImpl (org.orcid.api.memberV3.server.delegator.impl.MemberV3ApiServiceDelegatorImpl)3 PublicV3ApiServiceDelegatorImpl (org.orcid.api.publicV3.server.delegator.impl.PublicV3ApiServiceDelegatorImpl)3 OrcidSearchManager (org.orcid.core.manager.v3.OrcidSearchManager)3 ScopePathType (org.orcid.jaxb.model.message.ScopePathType)3 OrcidIdentifier (org.orcid.jaxb.model.v3.dev1.common.OrcidIdentifier)3 Search (org.orcid.jaxb.model.v3.dev1.search.Search)3 AccessControlException (java.security.AccessControlException)1 Arrays (java.util.Arrays)1 Date (java.util.Date)1 HashSet (java.util.HashSet)1 Set (java.util.Set)1 IntStream (java.util.stream.IntStream)1