1 package org.cacert.gigi.pages.orga;
3 import static org.hamcrest.CoreMatchers.*;
4 import static org.junit.Assert.*;
6 import java.io.IOException;
7 import java.io.UnsupportedEncodingException;
8 import java.net.HttpURLConnection;
9 import java.net.MalformedURLException;
10 import java.net.URLConnection;
11 import java.net.URLEncoder;
12 import java.sql.SQLException;
13 import java.util.List;
15 import org.cacert.gigi.GigiApiException;
16 import org.cacert.gigi.dbObjects.Organisation;
17 import org.cacert.gigi.dbObjects.Organisation.Affiliation;
18 import org.cacert.gigi.dbObjects.User;
19 import org.cacert.gigi.pages.account.MyDetails;
20 import org.cacert.gigi.testUtils.IOUtils;
21 import org.cacert.gigi.testUtils.OrgTest;
22 import org.junit.After;
23 import org.junit.Test;
25 public class TestOrgManagement extends OrgTest {
27 public TestOrgManagement() throws IOException {
32 public void purgeDbAfterTest() throws SQLException, IOException {
37 public void testAdd() throws IOException {
38 for (Organisation i : Organisation.getOrganisations(0, 30)) {
41 assertNull(executeBasicWebInteraction(cookie, CreateOrgPage.DEFAULT_PATH, "action=new&O=name&contact=mail@serv.tld&L=K%C3%B6ln&ST=" + URLEncoder.encode(DIFFICULT_CHARS, "UTF-8") + "&C=DE&comments=jkl%C3%B6loiuzfdfgjlh%C3%B6&optionalName=opname&postalAddress=postaladdress", 0));
42 Organisation[] orgs = Organisation.getOrganisations(0, 30);
43 assertEquals(1, orgs.length);
44 assertEquals("mail@serv.tld", orgs[0].getContactEmail());
45 assertEquals("name", orgs[0].getName());
46 assertEquals("Köln", orgs[0].getCity());
47 assertEquals(DIFFICULT_CHARS, orgs[0].getProvince());
48 assertEquals("opname", orgs[0].getOptionalName());
49 assertEquals("postaladdress", orgs[0].getPostalAddress());
51 User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
52 assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&do_affiliate=y&master=y", 1));
53 List<Affiliation> allAdmins = orgs[0].getAllAdmins();
54 assertEquals(1, allAdmins.size());
55 Affiliation affiliation = allAdmins.get(0);
56 assertSame(u2, affiliation.getTarget());
57 assertTrue(affiliation.isMaster());
59 assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&do_affiliate=y", 1));
60 allAdmins = orgs[0].getAllAdmins();
61 assertEquals(2, allAdmins.size());
62 Affiliation affiliation2 = allAdmins.get(0);
63 if (affiliation2.getTarget().getId() == u2.getId()) {
64 affiliation2 = allAdmins.get(1);
66 assertEquals(u.getId(), affiliation2.getTarget().getId());
67 assertFalse(affiliation2.isMaster());
69 assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1));
70 assertEquals(1, orgs[0].getAllAdmins().size());
72 assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1));
73 assertEquals(0, orgs[0].getAllAdmins().size());
75 assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "action=updateCertificateData&O=name1&contact=&L=K%C3%B6ln&ST=%C3%9C%C3%96%C3%84%C3%9F&C=DE&comments=jkl%C3%B6loiuzfdfgjlh%C3%B6", 0));
77 orgs = Organisation.getOrganisations(0, 30);
78 assertEquals("name1", orgs[0].getName());
82 public void testNonAssurerSeeOnlyOwn() throws IOException, GigiApiException {
83 User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
84 Organisation o1 = createUniqueOrg();
85 Organisation o2 = createUniqueOrg();
86 o1.addAdmin(u2, u, false);
87 String session2 = login(u2.getEmail(), TEST_PASSWORD);
89 URLConnection uc = get(session2, ViewOrgPage.DEFAULT_PATH);
90 assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
92 uc = get(session2, MyDetails.PATH);
93 String content = IOUtils.readURL(uc);
94 assertThat(content, containsString(o1.getName()));
95 assertThat(content, not(containsString(o2.getName())));
96 uc = get(session2, ViewOrgPage.DEFAULT_PATH + "/" + o1.getId());
97 assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
98 uc = get(session2, ViewOrgPage.DEFAULT_PATH + "/" + o2.getId());
99 assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
101 uc = get(ViewOrgPage.DEFAULT_PATH);
102 content = IOUtils.readURL(uc);
103 assertThat(content, containsString(o1.getName()));
104 assertThat(content, containsString(o2.getName()));
105 uc = get(ViewOrgPage.DEFAULT_PATH + "/" + o1.getId());
106 assertEquals(200, ((HttpURLConnection) uc).getResponseCode());
107 uc = get(ViewOrgPage.DEFAULT_PATH + "/" + o2.getId());
108 assertEquals(200, ((HttpURLConnection) uc).getResponseCode());
114 public void testAffiliationRights() throws IOException, GigiApiException {
115 User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
116 User u3 = User.getById(createAssuranceUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
117 User u4_dummy = User.getById(createVerifiedUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
118 Organisation o1 = createUniqueOrg();
119 o1.addAdmin(u3, u, true);
121 // must fail because u4 is no RA-Agent
122 o1.addAdmin(u4_dummy, u3, false);
123 fail("No exception!");
124 } catch (GigiApiException e) {
126 o1.addAdmin(u2, u3, false);
128 // must fail because u2 may not add admins
129 o1.addAdmin(u3, u2, false);
130 fail("No exception!");
131 } catch (GigiApiException e) {
134 // must fail because u4 is no RA-Agent
135 o1.addAdmin(u4_dummy, u, false);
136 fail("No exception!");
137 } catch (GigiApiException e) {
139 o1.removeAdmin(u2, u3);
140 o1.removeAdmin(u3, u3);
141 assertEquals(0, o1.getAllAdmins().size());
146 public void testUpdateOrgCertData() throws IOException, GigiApiException {
147 Organisation o1 = createUniqueOrg();
148 o1.updateCertData("name", "DE", DIFFICULT_CHARS, "Köln");
149 assertEquals("name", o1.getName());
150 assertEquals("DE", o1.getState());
151 assertEquals(DIFFICULT_CHARS, o1.getProvince());
152 assertEquals("Köln", o1.getCity());
157 public void testUpdateOrgData() throws IOException, GigiApiException {
158 Organisation o1 = createUniqueOrg();
159 o1.updateOrgData("mail", "opname", "Köln" + DIFFICULT_CHARS);
160 assertEquals("mail", o1.getContactEmail());
161 assertEquals("opname", o1.getOptionalName());
162 assertEquals("Köln" + DIFFICULT_CHARS, o1.getPostalAddress());
167 * Tests various contraints on organisation fields.
170 public void testLengthConstraint() throws IOException, GigiApiException {
171 Organisation o1 = createUniqueOrg();
172 String str128 = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz-_ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz-_";
174 String s64 = str128.substring(0, 64);
175 String s65 = str128.substring(0, 65);
177 String s128 = str128;
178 String s129 = str128 + "a";
180 assertNull(upCertData(o1, o1.getName(), o1.getState(), o1.getProvince(), o1.getCity()));
182 // test organisation name
183 assertNotNull(upCertData(o1, "", o1.getState(), o1.getProvince(), o1.getCity()));
184 assertNull(upCertData(o1, "A", o1.getState(), o1.getProvince(), o1.getCity()));
185 assertNull(upCertData(o1, s64, o1.getState(), o1.getProvince(), o1.getCity()));
186 assertNotNull(upCertData(o1, s65, o1.getState(), o1.getProvince(), o1.getCity()));
189 assertNotNull(upCertData(o1, o1.getName(), o1.getState(), se, o1.getCity()));
190 assertNull(upCertData(o1, o1.getName(), o1.getState(), "A", o1.getCity()));
191 assertNull(upCertData(o1, o1.getName(), o1.getState(), s128, o1.getCity()));
192 assertNotNull(upCertData(o1, o1.getName(), o1.getState(), s129, o1.getCity()));
195 assertNotNull(upCertData(o1, o1.getName(), o1.getState(), o1.getProvince(), se));
196 assertNull(upCertData(o1, o1.getName(), o1.getState(), o1.getProvince(), "A"));
197 assertNull(upCertData(o1, o1.getName(), o1.getState(), o1.getProvince(), s128));
198 assertNotNull(upCertData(o1, o1.getName(), o1.getState(), o1.getProvince(), s129));
201 assertNotNull(upCertData(o1, o1.getName(), "", o1.getProvince(), o1.getCity()));
202 assertNotNull(upCertData(o1, o1.getName(), "D", o1.getProvince(), o1.getCity()));
203 assertNull(upCertData(o1, o1.getName(), "DE", o1.getProvince(), o1.getCity()));
204 assertNotNull(upCertData(o1, o1.getName(), "DES", o1.getProvince(), o1.getCity()));
205 // country code does not exist
206 assertNotNull(upCertData(o1, o1.getName(), "DD", o1.getProvince(), o1.getCity()));
207 // 3-letter country code should not be accepted
208 assertNotNull(upCertData(o1, o1.getName(), "DEU", o1.getProvince(), o1.getCity()));
211 assertNull(upOptData(o1, o1.getContactEmail()));
212 assertNotNull(upOptData(o1, "_mail@domail"));
217 * Updates Organisation optional data via web interface.
220 * Organisation to update.
222 * the new contact email
223 * @return an error message or <code>null</code>
225 private String upOptData(Organisation o1, String email) throws IOException, MalformedURLException, UnsupportedEncodingException {
226 return executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + o1.getId(), "action=updateOrganisationData&contact=" + email + "&optionalName=" + o1.getOptionalName() + "&postalAddress=" + o1.getPostalAddress(), 0);
230 * Updates Organisation certificate data via web interface.
233 * Organisation to update.
239 * the new "province/state"
241 * the new city or "locality"
242 * @return an error message or <code>null</code>
244 private String upCertData(Organisation o1, String o, String c, String province, String ct) throws IOException, MalformedURLException, UnsupportedEncodingException {
245 return executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + o1.getId(), "action=updateCertificateData&O=" + o + "&C=" + c + "&ST=" + province + "&L=" + ct, 0);