Example 21 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class ValidateRequestParametersCommandTest method testExecute_EMPTY_USERNAME.
@Test
public void testExecute_EMPTY_USERNAME() throws Exception {
when(contextMock.getUserName()).thenReturn(null);
assertEquals(State.FINISH, command.execute(contextMock));
verify(contextMock).redirectWithCredentialError(SimbaMessageKey.EMPTY_USERNAME);
verify(auditMock).log(captor.capture());
AuditLogEvent resultAuditLogEvent = captor.getValue();
assertEquals(AuditLogEventCategory.AUTHENTICATION, resultAuditLogEvent.getCategory());
assertEquals("not yet logged in", resultAuditLogEvent.getUsername());
assertEquals(CLIENT_IP, FAILURE + EMPTY_USERNAME, resultAuditLogEvent.getMessage());
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
Test(org.junit.Test)
Example 22 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class URLRuleCheckCommandTest method continueWhenAccessIsAllowed.
@Test
public void continueWhenAccessIsAllowed() throws Exception {
when(authorizationServiceMock.isURLRuleAllowed(USERNAME, REQUEST_URL, REQUEST_METHOD)).thenReturn(new PolicyDecision(true, Long.MAX_VALUE));
assertEquals(State.CONTINUE, command.execute(contextMock));
verify(auditMock).log(captor.capture());
AuditLogEvent resultAuditLogEvent = captor.getValue();
assertEquals(AuditLogEventCategory.AUTHOR, resultAuditLogEvent.getCategory());
assertEquals(AuditMessages.SUCCESS + AuditMessages.CHECK_URL_RULE, resultAuditLogEvent.getMessage());
verifyZeroInteractions(auditMock);
verify(contextMock, never()).redirectToAccessDenied();
}
Also used :
PolicyDecision(org.simbasecurity.api.service.thrift.PolicyDecision)
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
Test(org.junit.Test)
Example 23 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class CheckShowChangePasswordCommandTest method redirectToChangePasswordPageWhenIsShowChangePassword.
@Test
public void redirectToChangePasswordPageWhenIsShowChangePassword() throws Exception {
when(chainContextMock.isShowChangePasswordRequest()).thenReturn(true);
State state = command.execute(chainContextMock);
verify(chainContextMock).redirectToChangePasswordDirect();
verify(auditMock).log(captor.capture());
AuditLogEvent resultAuditLogEvent = captor.getValue();
assertEquals(AuditLogEventCategory.AUTHENTICATION, resultAuditLogEvent.getCategory());
assertEquals(REDIRECT_TO_CHANGE_PASSWORD, resultAuditLogEvent.getMessage());
assertEquals(FINISH, state);
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
State(org.simbasecurity.core.chain.Command.State)
Test(org.junit.Test)
Example 24 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class CheckAccountBlockedCommandTest method testExecute_AccountNotBlocked.
@Test
public void testExecute_AccountNotBlocked() throws Exception {
when(contextMock.getUserName()).thenReturn(USER_NAME);
when(credentialServiceMock.checkUserStatus(USER_NAME, Status.BLOCKED)).thenReturn(false);
assertEquals(State.CONTINUE, command.execute(contextMock));
verify(auditMock).log(captor.capture());
AuditLogEvent resultAuditLogEvent = captor.getValue();
assertEquals(AuditLogEventCategory.AUTHENTICATION, resultAuditLogEvent.getCategory());
assertEquals(SUCCESS + CHECK_ACCOUNT_BLOCKED, resultAuditLogEvent.getMessage());
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
Test(org.junit.Test)
Example 25 with AuditLogEvent
use of org.simbasecurity.core.audit.AuditLogEvent in project simba-os by cegeka.
the class CheckAccountBlockedCommandTest method testExecute_AccountBlocked.
@Test
public void testExecute_AccountBlocked() throws Exception {
when(contextMock.getUserName()).thenReturn(USER_NAME);
when(contextMock.getClientIpAddress()).thenReturn(CLIENT_IP);
when(credentialServiceMock.checkUserStatus(USER_NAME, Status.BLOCKED)).thenReturn(true);
assertEquals(State.FINISH, command.execute(contextMock));
verify(auditMock).log(captor.capture());
AuditLogEvent resultAuditLogEvent = captor.getValue();
assertEquals(AuditLogEventCategory.AUTHENTICATION, resultAuditLogEvent.getCategory());
assertEquals(FAILURE + DENIED_ACCESS_TO_BLOCKED_ACCOUNT, resultAuditLogEvent.getMessage());
verify(contextMock).redirectWithCredentialError(SimbaMessageKey.ACCOUNT_BLOCKED);
}
Also used :
AuditLogEvent(org.simbasecurity.core.audit.AuditLogEvent)
Test(org.junit.Test)
Aggregations
AuditLogEvent (org.simbasecurity.core.audit.AuditLogEvent)36
Test (org.junit.Test)32
Command (org.simbasecurity.core.chain.Command)9
User (org.simbasecurity.core.domain.User)8
State (org.simbasecurity.core.chain.Command.State)6
UserTestBuilder.aDefaultUser (org.simbasecurity.core.domain.UserTestBuilder.aDefaultUser)6
SSOToken (org.simbasecurity.api.service.thrift.SSOToken)4
Token (org.simbasecurity.core.domain.communication.token.Token)3
URL (java.net.URL)2
PolicyDecision (org.simbasecurity.api.service.thrift.PolicyDecision)2
Session (org.simbasecurity.core.domain.Session)2
EmailAddress (org.simbasecurity.core.domain.user.EmailAddress)2
TemplateWithLinks (org.simbasecurity.core.service.communication.mail.template.TemplateWithLinks)2
Optional (java.util.Optional)1
Audit (org.simbasecurity.core.audit.Audit)1
AuditLogEventFactory (org.simbasecurity.core.audit.AuditLogEventFactory)1
ChainContext (org.simbasecurity.core.chain.ChainContext)1
CONTINUE (org.simbasecurity.core.chain.Command.State.CONTINUE)1
FINISH (org.simbasecurity.core.chain.Command.State.FINISH)1
UserTestBuilder.aUser (org.simbasecurity.core.domain.UserTestBuilder.aUser)1
