Example 21 with User
use of org.structr.web.entity.User in project structr by structr.
the class PerformanceTest method setup.
// ----- private methods -----
private SecurityContext setup() {
final App app = StructrApp.getInstance();
User user = null;
try (final Tx tx = app.tx()) {
user = app.create(User.class, new NodeAttribute<>(StructrApp.key(AbstractNode.class, "name"), "admin"), new NodeAttribute<>(StructrApp.key(User.class, "password"), "admin"), new NodeAttribute<>(StructrApp.key(User.class, "isAdmin"), true));
tx.success();
} catch (FrameworkException ex) {
logger.error(ex.toString());
fail("Unexpected exception");
}
return SecurityContext.getInstance(user, AccessMode.Backend);
}
Also used :
StructrApp(org.structr.core.app.StructrApp)
App(org.structr.core.app.App)
NodeAttribute(org.structr.core.graph.NodeAttribute)
User(org.structr.web.entity.User)
Tx(org.structr.core.graph.Tx)
FrameworkException(org.structr.common.error.FrameworkException)
AbstractNode(org.structr.core.entity.AbstractNode)
Example 22 with User
use of org.structr.web.entity.User in project structr by structr.
the class SimpleTest method check.
// ----- private methods -----
private void check() {
try (final Tx tx = app.tx()) {
final List<User> users = app.nodeQuery(User.class).getAsList();
assertEquals("Expected no users to be created because of constraints", 0, users.size());
tx.success();
} catch (FrameworkException fex) {
fail("Unexpected exception");
logger.warn("", fex);
}
}
Also used :
User(org.structr.web.entity.User)
Tx(org.structr.core.graph.Tx)
FrameworkException(org.structr.common.error.FrameworkException)
Example 23 with User
use of org.structr.web.entity.User in project structr by structr.
the class UiScriptingTest method testDoPrivileged.
@Test
public void testDoPrivileged() {
User tester = null;
try (final Tx tx = app.tx()) {
// create admin user
createTestNode(User.class, new NodeAttribute<>(StructrApp.key(User.class, "name"), "admin"), new NodeAttribute<>(StructrApp.key(User.class, "password"), "admin"), new NodeAttribute<>(StructrApp.key(User.class, "isAdmin"), true));
// create test user
tester = createTestNode(User.class, new NodeAttribute<>(StructrApp.key(User.class, "name"), "tester"), new NodeAttribute<>(StructrApp.key(User.class, "password"), "test"));
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception.");
}
final String script1 = "${{ return Structr.find('User', 'name', 'admin'); }}\n";
final String script2 = "${{ return Structr.doPrivileged(function() { return Structr.find('User', 'name', 'admin'); }); }}\n";
final SecurityContext userContext = SecurityContext.getInstance(tester, AccessMode.Backend);
final App app = StructrApp.getInstance(userContext);
final RenderContext renderContext = new RenderContext(userContext, new RequestMockUp(), new ResponseMockUp(), RenderContext.EditMode.NONE);
try (final Tx tx = app.tx()) {
// unprivileged call
final Object result = Scripting.evaluate(renderContext, null, script1, "test");
assertEquals("Result is of invalid type", ArrayList.class, result.getClass());
assertEquals("Script in user context should not see admin", 0, ((List) result).size());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception.");
}
try (final Tx tx = app.tx()) {
// doPrivileged call
final Object result = Scripting.evaluate(renderContext, null, script2, "test");
assertEquals("Result is of invalid type", ArrayList.class, result.getClass());
assertEquals("Privileged script should not see admin", 1, ((List) result).size());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception.");
}
}
Also used :
App(org.structr.core.app.App)
StructrApp(org.structr.core.app.StructrApp)
NodeAttribute(org.structr.core.graph.NodeAttribute)
RenderContext(org.structr.web.common.RenderContext)
User(org.structr.web.entity.User)
Tx(org.structr.core.graph.Tx)
FrameworkException(org.structr.common.error.FrameworkException)
SecurityContext(org.structr.common.SecurityContext)
Test(org.junit.Test)
StructrUiTest(org.structr.web.StructrUiTest)
Example 24 with User
use of org.structr.web.entity.User in project structr by structr.
the class UiTest method testImageAndThumbnailDelete.
@Test
public void testImageAndThumbnailDelete() {
User tester = null;
try (final Tx tx = app.tx()) {
final Image image = ImageHelper.createFileBase64(securityContext, base64Image, Image.class);
tester = app.create(User.class, "tester");
image.setProperty(Image.name, "test.png");
// allow non-admin user to delete the image
image.grant(Permission.delete, tester);
image.grant(Permission.read, tester);
image.getProperty(StructrApp.key(Image.class, "tnSmall"));
image.getProperty(StructrApp.key(Image.class, "tnMid"));
assertEquals("Image should have two thumbnails", 2, image.getThumbnails().size());
tx.success();
} catch (IOException | FrameworkException fex) {
fex.printStackTrace();
fail("Unexpected exception");
}
final SecurityContext ctx = SecurityContext.getInstance(tester, AccessMode.Backend);
final App testerApp = StructrApp.getInstance(ctx);
try (final Tx tx = testerApp.tx()) {
final Image deleteMe = testerApp.nodeQuery(Image.class).getFirst();
assertNotNull("Image should be visible to test user", deleteMe);
testerApp.delete(deleteMe);
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
}
try (final Tx tx = testerApp.tx()) {
assertEquals("No images should be visible to test user", 0, testerApp.nodeQuery(Image.class).getAsList().size());
tx.success();
} catch (FrameworkException fex) {
fex.printStackTrace();
}
}
Also used :
StructrApp(org.structr.core.app.StructrApp)
App(org.structr.core.app.App)
User(org.structr.web.entity.User)
Tx(org.structr.core.graph.Tx)
FrameworkException(org.structr.common.error.FrameworkException)
SecurityContext(org.structr.common.SecurityContext)
IOException(java.io.IOException)
Image(org.structr.web.entity.Image)
Test(org.junit.Test)
StructrUiTest(org.structr.web.StructrUiTest)
Example 25 with User
use of org.structr.web.entity.User in project structr by structr.
the class UserSelfRegistrationTest method testResetPassword.
@Test
public void testResetPassword() {
final String eMail = "test@structr.com";
String id = null;
// since we cannot test the mail confirmation workflow, we just disable sending an e-mail
Settings.SmtpTesting.setValue(true);
Settings.ForceArrays.setValue(false);
// switch to REST servlet
RestAssured.basePath = restUrl;
grant("_resetPassword", UiAuthenticator.NON_AUTH_USER_POST, true);
grant("_login", UiAuthenticator.NON_AUTH_USER_POST, false);
try (final Tx tx = app.tx()) {
final User user = app.create(User.class, new NodeAttribute<>(StructrApp.key(User.class, "name"), "tester"), new NodeAttribute<>(StructrApp.key(User.class, "eMail"), eMail), new NodeAttribute<>(StructrApp.key(User.class, "password"), "correct"));
// store ID for later user
id = user.getProperty(User.id);
tx.success();
} catch (Throwable t) {
fail("Unexpected exception.");
}
// verify failing login
RestAssured.given().body("{ eMail: '" + eMail + "', password: 'incorrect' }").expect().statusCode(401).body("code", equalTo(401)).body("message", equalTo("Wrong username or password, or user is blocked. Check caps lock. Note: Username is case sensitive!")).when().post("/login");
// verify successful login
RestAssured.given().body("{ eMail: '" + eMail + "', password: 'correct' }").filter(ResponseLoggingFilter.logResponseTo(System.out)).expect().statusCode(200).body("result.type", equalTo("User")).body("result.name", equalTo("tester")).body("result.isUser", equalTo(true)).body("result.id", equalTo(id)).when().post("/login");
// verify reset password doesn't disclose information about existing users
RestAssured.given().body("{ eMail: 'unknown@structr.com' }").expect().statusCode(200).when().post("/reset-password");
RestAssured.given().body("{ eMail: '" + eMail + "' }").expect().statusCode(200).when().post("/reset-password");
}
Also used :
User(org.structr.web.entity.User)
Tx(org.structr.core.graph.Tx)
Test(org.junit.Test)
StructrUiTest(org.structr.web.StructrUiTest)
Aggregations
User (org.structr.web.entity.User)32
Tx (org.structr.core.graph.Tx)27
FrameworkException (org.structr.common.error.FrameworkException)23
Test (org.junit.Test)21
StructrUiTest (org.structr.web.StructrUiTest)16
PropertyMap (org.structr.core.property.PropertyMap)14
Principal (org.structr.core.entity.Principal)10
App (org.structr.core.app.App)8
StructrApp (org.structr.core.app.StructrApp)8
NodeAttribute (org.structr.core.graph.NodeAttribute)7
SecurityContext (org.structr.common.SecurityContext)5
Folder (org.structr.web.entity.Folder)5
SchemaMethod (org.structr.core.entity.SchemaMethod)4
SchemaNode (org.structr.core.entity.SchemaNode)4
Page (org.structr.web.entity.dom.Page)4
GraphObject (org.structr.core.GraphObject)3
RenderContext (org.structr.web.common.RenderContext)3
File (org.structr.web.entity.File)3
Body (org.structr.web.entity.html.Body)3
Div (org.structr.web.entity.html.Div)3
