1 package org.cacert.gigi.pages.orga;
3 import static org.hamcrest.CoreMatchers.*;
4 import static org.junit.Assert.*;
6 import java.io.IOException;
7 import java.net.HttpURLConnection;
9 import java.net.URLConnection;
10 import java.net.URLEncoder;
11 import java.sql.SQLException;
12 import java.util.List;
14 import org.cacert.gigi.GigiApiException;
15 import org.cacert.gigi.dbObjects.Group;
16 import org.cacert.gigi.dbObjects.Organisation;
17 import org.cacert.gigi.dbObjects.Organisation.Affiliation;
18 import org.cacert.gigi.dbObjects.User;
19 import org.cacert.gigi.pages.account.MyDetails;
20 import org.cacert.gigi.testUtils.ClientTest;
21 import org.cacert.gigi.testUtils.IOUtils;
22 import org.junit.After;
23 import org.junit.Test;
25 public class TestOrgaManagement extends ClientTest {
27 public TestOrgaManagement() throws IOException {
28 u.grantGroup(u, Group.ORGASSURER);
29 makeAssurer(u.getId());
31 cookie = login(email, TEST_PASSWORD);
35 public void purgeDbAfterTest() throws SQLException, IOException {
40 public void testAdd() throws IOException {
41 for (Organisation i : Organisation.getOrganisations(0, 30)) {
44 executeBasicWebInteraction(cookie, CreateOrgPage.DEFAULT_PATH, "O=name&contact=mail&L=K%C3%B6ln&ST=%C3%9C%C3%96%C3%84%C3%9F&C=DE&comments=jkl%C3%B6loiuzfdfgjlh%C3%B6", 0);
45 Organisation[] orgs = Organisation.getOrganisations(0, 30);
46 assertEquals(1, orgs.length);
47 assertEquals("mail", orgs[0].getContactEmail());
48 assertEquals("name", orgs[0].getName());
49 assertEquals("Köln", orgs[0].getCity());
50 assertEquals("ÜÖÄß", orgs[0].getProvince());
52 User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
53 executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&do_affiliate=y&master=y", 1);
54 List<Affiliation> allAdmins = orgs[0].getAllAdmins();
55 assertEquals(1, allAdmins.size());
56 Affiliation affiliation = allAdmins.get(0);
57 assertSame(u2, affiliation.getTarget());
58 assertTrue(affiliation.isMaster());
60 executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&do_affiliate=y", 1);
61 allAdmins = orgs[0].getAllAdmins();
62 assertEquals(2, allAdmins.size());
63 Affiliation affiliation2 = allAdmins.get(0);
64 if (affiliation2.getTarget().getId() == u2.getId()) {
65 affiliation2 = allAdmins.get(1);
67 assertEquals(u.getId(), affiliation2.getTarget().getId());
68 assertFalse(affiliation2.isMaster());
70 executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1);
71 assertEquals(1, orgs[0].getAllAdmins().size());
73 executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1);
74 assertEquals(0, orgs[0].getAllAdmins().size());
76 executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "O=name1&contact=&L=K%C3%B6ln&ST=%C3%9C%C3%96%C3%84%C3%9F&C=DE&comments=jkl%C3%B6loiuzfdfgjlh%C3%B6", 0);
78 orgs = Organisation.getOrganisations(0, 30);
79 assertEquals("name1", orgs[0].getName());
83 public void testNonAssurerSeeOnlyOwn() throws IOException, GigiApiException {
84 User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
85 Organisation o1 = new Organisation("name21", "DE", "sder", "Rostov", "email", u);
86 Organisation o2 = new Organisation("name12", "DE", "sder", "Rostov", "email", u);
87 o1.addAdmin(u2, u, false);
88 String session2 = login(u2.getEmail(), TEST_PASSWORD);
90 URLConnection uc = new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH).openConnection();
91 uc.addRequestProperty("Cookie", session2);
92 assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
94 uc = new URL("https://" + getServerName() + MyDetails.PATH).openConnection();
95 uc.addRequestProperty("Cookie", session2);
96 String content = IOUtils.readURL(uc);
97 assertThat(content, containsString("name21"));
98 assertThat(content, not(containsString("name12")));
99 uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o1.getId()).openConnection(), session2);
100 assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
101 uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o2.getId()).openConnection(), session2);
102 assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
104 uc = new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH).openConnection();
105 uc.addRequestProperty("Cookie", cookie);
106 content = IOUtils.readURL(uc);
107 assertThat(content, containsString("name21"));
108 assertThat(content, containsString("name12"));
109 uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o1.getId()).openConnection(), cookie);
110 assertEquals(200, ((HttpURLConnection) uc).getResponseCode());
111 uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o2.getId()).openConnection(), cookie);
112 assertEquals(200, ((HttpURLConnection) uc).getResponseCode());
118 public void testAffiliationRights() throws IOException, GigiApiException {
119 User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
120 User u3 = User.getById(createAssuranceUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
121 User u4_dummy = User.getById(createVerifiedUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
122 Organisation o1 = new Organisation("name21", "DE", "sder", "Rostov", "email", u);
123 o1.addAdmin(u3, u, true);
125 // must fail because u4 is no assurer
126 o1.addAdmin(u4_dummy, u3, false);
127 fail("No exception!");
128 } catch (GigiApiException e) {
130 o1.addAdmin(u2, u3, false);
132 // must fail because u2 may not add admins
133 o1.addAdmin(u3, u2, false);
134 fail("No exception!");
135 } catch (GigiApiException e) {
138 // must fail because u4 is no assurer
139 o1.addAdmin(u4_dummy, u, false);
140 fail("No exception!");
141 } catch (GigiApiException e) {
143 o1.removeAdmin(u2, u3);
144 o1.removeAdmin(u3, u3);
145 assertEquals(0, o1.getAllAdmins().size());