tests/org/cacert/gigi/pages/orga/TestOrgaManagement.java

   1 package org.cacert.gigi.pages.orga;
   2
   3 import static org.hamcrest.CoreMatchers.*;
   4 import static org.junit.Assert.*;
   5
   6 import java.io.IOException;
   7 import java.net.HttpURLConnection;
   8 import java.net.URL;
   9 import java.net.URLConnection;
  10 import java.net.URLEncoder;
  11 import java.util.List;
  12
  13 import org.cacert.gigi.GigiApiException;
  14 import org.cacert.gigi.dbObjects.Group;
  15 import org.cacert.gigi.dbObjects.Organisation;
  16 import org.cacert.gigi.dbObjects.Organisation.Affiliation;
  17 import org.cacert.gigi.dbObjects.User;
  18 import org.cacert.gigi.pages.account.MyDetails;
  19 import org.cacert.gigi.testUtils.ClientTest;
  20 import org.cacert.gigi.testUtils.IOUtils;
  21 import org.junit.Test;
  22
  23 public class TestOrgaManagement extends ClientTest {
  24
  25     public TestOrgaManagement() throws IOException {
  26         u.grantGroup(u, Group.ORGASSURER);
  27         makeAssurer(u.getId());
  28         clearCaches();
  29         cookie = login(email, TEST_PASSWORD);
  30     }
  31
  32     @Test
  33     public void testAdd() throws IOException {
  34         for (Organisation i : Organisation.getOrganisations(0, 30)) {
  35             i.delete();
  36         }
  37         executeBasicWebInteraction(cookie, CreateOrgPage.DEFAULT_PATH, "O=name&contact=mail&L=K%C3%B6ln&ST=%C3%9C%C3%96%C3%84%C3%9F&C=DE&comments=jkl%C3%B6loiuzfdfgjlh%C3%B6", 0);
  38         Organisation[] orgs = Organisation.getOrganisations(0, 30);
  39         assertEquals(1, orgs.length);
  40         assertEquals("mail", orgs[0].getContactEmail());
  41         assertEquals("name", orgs[0].getName());
  42         assertEquals("Köln", orgs[0].getCity());
  43         assertEquals("ÜÖÄß", orgs[0].getProvince());
  44
  45         User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
  46         executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&do_affiliate=y&master=y", 1);
  47         List<Affiliation> allAdmins = orgs[0].getAllAdmins();
  48         assertEquals(1, allAdmins.size());
  49         Affiliation affiliation = allAdmins.get(0);
  50         assertSame(u2, affiliation.getTarget());
  51         assertTrue(affiliation.isMaster());
  52
  53         executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&do_affiliate=y", 1);
  54         allAdmins = orgs[0].getAllAdmins();
  55         assertEquals(2, allAdmins.size());
  56         Affiliation affiliation2 = allAdmins.get(0);
  57         if (affiliation2.getTarget().getId() == u2.getId()) {
  58             affiliation2 = allAdmins.get(1);
  59         }
  60         assertEquals(u.getId(), affiliation2.getTarget().getId());
  61         assertFalse(affiliation2.isMaster());
  62
  63         executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1);
  64         assertEquals(1, orgs[0].getAllAdmins().size());
  65
  66         executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1);
  67         assertEquals(0, orgs[0].getAllAdmins().size());
  68
  69         executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "O=name1&contact=&L=K%C3%B6ln&ST=%C3%9C%C3%96%C3%84%C3%9F&C=DE&comments=jkl%C3%B6loiuzfdfgjlh%C3%B6", 0);
  70         clearCaches();
  71         orgs = Organisation.getOrganisations(0, 30);
  72         assertEquals("name1", orgs[0].getName());
  73     }
  74
  75     @Test
  76     public void testNonAssurerSeeOnlyOwn() throws IOException, GigiApiException {
  77         User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
  78         Organisation o1 = new Organisation("name21", "DE", "sder", "Rostov", "email", u);
  79         Organisation o2 = new Organisation("name12", "DE", "sder", "Rostov", "email", u);
  80         o1.addAdmin(u2, u, false);
  81         String session2 = login(u2.getEmail(), TEST_PASSWORD);
  82
  83         URLConnection uc = new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH).openConnection();
  84         uc.addRequestProperty("Cookie", session2);
  85         assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
  86
  87         uc = new URL("https://" + getServerName() + MyDetails.PATH).openConnection();
  88         uc.addRequestProperty("Cookie", session2);
  89         String content = IOUtils.readURL(uc);
  90         assertThat(content, containsString("name21"));
  91         assertThat(content, not(containsString("name12")));
  92         uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o1.getId()).openConnection(), session2);
  93         assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
  94         uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o2.getId()).openConnection(), session2);
  95         assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
  96
  97         uc = new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH).openConnection();
  98         uc.addRequestProperty("Cookie", cookie);
  99         content = IOUtils.readURL(uc);
 100         assertThat(content, containsString("name21"));
 101         assertThat(content, containsString("name12"));
 102         uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o1.getId()).openConnection(), cookie);
 103         assertEquals(200, ((HttpURLConnection) uc).getResponseCode());
 104         uc = cookie(new URL("https://" + getServerName() + ViewOrgPage.DEFAULT_PATH + "/" + o2.getId()).openConnection(), cookie);
 105         assertEquals(200, ((HttpURLConnection) uc).getResponseCode());
 106         o1.delete();
 107         o2.delete();
 108     }
 109
 110     @Test
 111     public void testAffiliationRights() throws IOException, GigiApiException {
 112         User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
 113         User u3 = User.getById(createAssuranceUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
 114         User u4_dummy = User.getById(createVerifiedUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
 115         Organisation o1 = new Organisation("name21", "DE", "sder", "Rostov", "email", u);
 116         o1.addAdmin(u3, u, true);
 117         try {
 118             // must fail because u4 is no assurer
 119             o1.addAdmin(u4_dummy, u3, false);
 120             fail("No exception!");
 121         } catch (GigiApiException e) {
 122         }
 123         o1.addAdmin(u2, u3, false);
 124         try {
 125             // must fail because u2 may not add admins
 126             o1.addAdmin(u3, u2, false);
 127             fail("No exception!");
 128         } catch (GigiApiException e) {
 129         }
 130         try {
 131             // must fail because u4 is no assurer
 132             o1.addAdmin(u4_dummy, u, false);
 133             fail("No exception!");
 134         } catch (GigiApiException e) {
 135         }
 136         o1.removeAdmin(u2, u3);
 137         o1.removeAdmin(u3, u3);
 138         assertEquals(0, o1.getAllAdmins().size());
 139         o1.delete();
 140     }
 141 }