X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=tests%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2FTestCertificateRequest.java;h=0beaef87998a8b24e1e4a7387bd9534329390094;hb=d7c0f42f9a60ae6dfff83d1f01e547bbf5681c0d;hp=4d668b74caba6b6740d0086613876ec6355078dc;hpb=0fad27fa1dbd119648945ec77cd8e4a1b7965885;p=gigi.git diff --git a/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java b/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java index 4d668b74..0beaef87 100644 --- a/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java +++ b/tests/org/cacert/gigi/pages/account/TestCertificateRequest.java @@ -11,22 +11,24 @@ import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Group; import org.cacert.gigi.pages.account.certs.CertificateRequest; import org.cacert.gigi.testUtils.ClientTest; +import org.cacert.gigi.util.AuthorizationContext; import org.junit.Test; public class TestCertificateRequest extends ClientTest { KeyPair kp = generateKeypair(); - public TestCertificateRequest() throws GeneralSecurityException, IOException { - makeAssurer(u.getId()); - grant(email, Group.CODESIGNING); + AuthorizationContext ac; + public TestCertificateRequest() throws GeneralSecurityException, IOException, GigiApiException { + ac = new AuthorizationContext(u, u); + makeAssurer(u.getId()); } @Test public void testIssuingOtherName() throws Exception { try { - new CertificateRequest(u, generatePEMCSR(kp, "CN=hansi")).draft(); + new CertificateRequest(ac, generatePEMCSR(kp, "CN=hansi")).draft(); fail(); } catch (GigiApiException e) { assertThat(e.getMessage(), containsString("name you entered was invalid")); @@ -35,18 +37,18 @@ public class TestCertificateRequest extends ClientTest { @Test public void testIssuingDefault() throws Exception { - new CertificateRequest(u, generatePEMCSR(kp, "CN=" + CertificateRequest.DEFAULT_CN + ",EMAIL=" + email)).draft(); + new CertificateRequest(ac, generatePEMCSR(kp, "CN=" + CertificateRequest.DEFAULT_CN + ",EMAIL=" + email)).draft(); } @Test public void testIssuingRealName() throws Exception { - new CertificateRequest(u, generatePEMCSR(kp, "CN=a b,EMAIL=" + email)).draft(); + new CertificateRequest(ac, generatePEMCSR(kp, "CN=a b,EMAIL=" + email)).draft(); } @Test public void testIssuingModifiedName() throws Exception { try { - new CertificateRequest(u, generatePEMCSR(kp, "CN=a ab")).draft(); + new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab")).draft(); fail(); } catch (GigiApiException e) { assertThat(e.getMessage(), containsString("name you entered was invalid")); @@ -58,11 +60,28 @@ public class TestCertificateRequest extends ClientTest { @Test public void testCodesignModifiedName() throws Exception { try { - CertificateRequest cr = new CertificateRequest(u, generatePEMCSR(kp, "CN=a ab")); - cr.update("name", "SHA512", "code-a", null, null, "email:" + email, null, null); + u.grantGroup(getSupporter(), Group.CODESIGNING); + CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab")); + cr.update("name", "SHA512", "code-a", null, null, "email:" + email); + cr.draft(); + fail(); } catch (GigiApiException e) { assertThat(e.getMessage(), containsString("does not match the details")); } } + + // TODO annotate that this depends on default config + @Test + public void testCodesignNoPermModifiedName() throws Exception { + try { + CertificateRequest cr = new CertificateRequest(ac, generatePEMCSR(kp, "CN=a ab")); + cr.update("name", "SHA512", "code-a", null, null, "email:" + email); + cr.draft(); + fail(); + } catch (GigiApiException e) { + assertThat(e.getMessage(), containsString("Certificate Profile is invalid.")); + } + + } }