X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=tests%2Forg%2Fcacert%2Fgigi%2Fpages%2Forga%2FTestOrgaManagement.java;h=3ecc7a21dbb6705525db623b206c21390adba97e;hb=904cc8f11532b1a87c1fb19a69bdcf248ad9be30;hp=f0a07a801d39e24ff8c2d912834c36061385000e;hpb=ec24cf6925bb3729a644580ad4a9375d05883c62;p=gigi.git diff --git a/tests/org/cacert/gigi/pages/orga/TestOrgaManagement.java b/tests/org/cacert/gigi/pages/orga/TestOrgaManagement.java index f0a07a80..3ecc7a21 100644 --- a/tests/org/cacert/gigi/pages/orga/TestOrgaManagement.java +++ b/tests/org/cacert/gigi/pages/orga/TestOrgaManagement.java @@ -8,26 +8,39 @@ import java.net.HttpURLConnection; import java.net.URL; import java.net.URLConnection; import java.net.URLEncoder; +import java.sql.SQLException; import java.util.List; +import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Group; import org.cacert.gigi.dbObjects.Organisation; import org.cacert.gigi.dbObjects.Organisation.Affiliation; import org.cacert.gigi.dbObjects.User; +import org.cacert.gigi.pages.account.MyDetails; import org.cacert.gigi.testUtils.ClientTest; import org.cacert.gigi.testUtils.IOUtils; +import org.junit.After; import org.junit.Test; public class TestOrgaManagement extends ClientTest { public TestOrgaManagement() throws IOException { - u.grantGroup(u, Group.getByString("orgassurer")); + u.grantGroup(u, Group.ORGASSURER); + makeAssurer(u.getId()); clearCaches(); cookie = login(email, TEST_PASSWORD); } + @After + public void purgeDbAfterTest() throws SQLException, IOException { + purgeDatabase(); + } + @Test public void testAdd() throws IOException { + for (Organisation i : Organisation.getOrganisations(0, 30)) { + i.delete(); + } executeBasicWebInteraction(cookie, CreateOrgPage.DEFAULT_PATH, "O=name&contact=mail&L=K%C3%B6ln&ST=%C3%9C%C3%96%C3%84%C3%9F&C=DE&comments=jkl%C3%B6loiuzfdfgjlh%C3%B6", 0); Organisation[] orgs = Organisation.getOrganisations(0, 30); assertEquals(1, orgs.length); @@ -36,7 +49,7 @@ public class TestOrgaManagement extends ClientTest { assertEquals("Köln", orgs[0].getCity()); assertEquals("ÜÖÄß", orgs[0].getProvince()); - User u2 = User.getById(createVerifiedUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD)); + User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD)); executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&do_affiliate=y&master=y", 1); List allAdmins = orgs[0].getAllAdmins(); assertEquals(1, allAdmins.size()); @@ -51,7 +64,7 @@ public class TestOrgaManagement extends ClientTest { if (affiliation2.getTarget().getId() == u2.getId()) { affiliation2 = allAdmins.get(1); } - assertSame(u.getId(), affiliation2.getTarget().getId()); + assertEquals(u.getId(), affiliation2.getTarget().getId()); assertFalse(affiliation2.isMaster()); executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1); @@ -67,22 +80,26 @@ public class TestOrgaManagement extends ClientTest { } @Test - public void testNonAssurerSeeOnlyOwn() throws IOException { - User u2 = User.getById(createVerifiedUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD)); + public void testNonAssurerSeeOnlyOwn() throws IOException, GigiApiException { + User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD)); Organisation o1 = new Organisation("name21", "DE", "sder", "Rostov", "email", u); Organisation o2 = new Organisation("name12", "DE", "sder", "Rostov", "email", u); - o1.addAdmin(u2, u2, false); + o1.addAdmin(u2, u, false); String session2 = login(u2.getEmail(), TEST_PASSWORD); URLConnection uc = new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH).openConnection(); uc.addRequestProperty("Cookie", session2); + assertEquals(403, ((HttpURLConnection) uc).getResponseCode()); + + uc = new URL("https://" + getServerName() + MyDetails.PATH).openConnection(); + uc.addRequestProperty("Cookie", session2); String content = IOUtils.readURL(uc); assertThat(content, containsString("name21")); assertThat(content, not(containsString("name12"))); uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o1.getId()).openConnection(), session2); - assertEquals(200, ((HttpURLConnection) uc).getResponseCode()); + assertEquals(403, ((HttpURLConnection) uc).getResponseCode()); uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o2.getId()).openConnection(), session2); - assertEquals(404, ((HttpURLConnection) uc).getResponseCode()); + assertEquals(403, ((HttpURLConnection) uc).getResponseCode()); uc = new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH).openConnection(); uc.addRequestProperty("Cookie", cookie); @@ -96,4 +113,36 @@ public class TestOrgaManagement extends ClientTest { o1.delete(); o2.delete(); } + + @Test + public void testAffiliationRights() throws IOException, GigiApiException { + User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD)); + User u3 = User.getById(createAssuranceUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD)); + User u4_dummy = User.getById(createVerifiedUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD)); + Organisation o1 = new Organisation("name21", "DE", "sder", "Rostov", "email", u); + o1.addAdmin(u3, u, true); + try { + // must fail because u4 is no assurer + o1.addAdmin(u4_dummy, u3, false); + fail("No exception!"); + } catch (GigiApiException e) { + } + o1.addAdmin(u2, u3, false); + try { + // must fail because u2 may not add admins + o1.addAdmin(u3, u2, false); + fail("No exception!"); + } catch (GigiApiException e) { + } + try { + // must fail because u4 is no assurer + o1.addAdmin(u4_dummy, u, false); + fail("No exception!"); + } catch (GigiApiException e) { + } + o1.removeAdmin(u2, u3); + o1.removeAdmin(u3, u3); + assertEquals(0, o1.getAllAdmins().size()); + o1.delete(); + } }