import java.net.MalformedURLException;
import java.net.URLConnection;
import java.net.URLEncoder;
+import java.security.PrivateKey;
import java.sql.SQLException;
import java.util.List;
import org.junit.Test;
import club.wpia.gigi.GigiApiException;
+import club.wpia.gigi.dbObjects.Certificate;
import club.wpia.gigi.dbObjects.Country;
-import club.wpia.gigi.dbObjects.Organisation;
-import club.wpia.gigi.dbObjects.User;
import club.wpia.gigi.dbObjects.Country.CountryCodeType;
+import club.wpia.gigi.dbObjects.Organisation;
import club.wpia.gigi.dbObjects.Organisation.Affiliation;
+import club.wpia.gigi.dbObjects.User;
import club.wpia.gigi.pages.account.MyDetails;
-import club.wpia.gigi.pages.orga.CreateOrgPage;
-import club.wpia.gigi.pages.orga.ViewOrgPage;
import club.wpia.gigi.testUtils.IOUtils;
import club.wpia.gigi.testUtils.OrgTest;
assertEquals("opname", orgs[0].getOptionalName());
assertEquals("postaladdress", orgs[0].getPostalAddress());
- User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
+ User u2 = User.getById(createVerificationUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&do_affiliate=y&master=y", 1));
List<Affiliation> allAdmins = orgs[0].getAllAdmins();
assertEquals(1, allAdmins.size());
assertSame(u2, affiliation.getTarget());
assertTrue(affiliation.isMaster());
- assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&do_affiliate=y", 1));
+ User u3 = User.getById(createVerificationUser("testworker2", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
+ assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "email=" + URLEncoder.encode(u3.getEmail(), "UTF-8") + "&do_affiliate=y", 1));
allAdmins = orgs[0].getAllAdmins();
assertEquals(2, allAdmins.size());
Affiliation affiliation2 = allAdmins.get(0);
if (affiliation2.getTarget().getId() == u2.getId()) {
affiliation2 = allAdmins.get(1);
}
- assertEquals(u.getId(), affiliation2.getTarget().getId());
+ assertEquals(u3.getId(), affiliation2.getTarget().getId());
assertFalse(affiliation2.isMaster());
- assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1));
+ assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u3.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1));
assertEquals(1, orgs[0].getAllAdmins().size());
assertNull(executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + orgs[0].getId(), "del=" + URLEncoder.encode(u2.getEmail(), "UTF-8") + "&email=&do_affiliate=y", 1));
}
@Test
- public void testNonAssurerSeeOnlyOwn() throws IOException, GigiApiException {
- User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
+ public void testNonAgentSeeOnlyOwn() throws IOException, GigiApiException {
+ User u2 = User.getById(createVerificationUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
Organisation o1 = createUniqueOrg();
Organisation o2 = createUniqueOrg();
o1.addAdmin(u2, u, false);
String session2 = login(u2.getEmail(), TEST_PASSWORD);
+ Certificate c1 = loginCertificate;
+ PrivateKey pk1 = loginPrivateKey;
+ loginCertificate = null;
+
URLConnection uc = get(session2, ViewOrgPage.DEFAULT_PATH);
assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
+ session2 = cookieWithCertificateLogin(u2);
uc = get(session2, MyDetails.PATH);
String content = IOUtils.readURL(uc);
assertThat(content, containsString(o1.getName()));
uc = get(session2, ViewOrgPage.DEFAULT_PATH + "/" + o2.getId());
assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
+ loginCertificate = c1;
+ loginPrivateKey = pk1;
+
uc = get(ViewOrgPage.DEFAULT_PATH);
content = IOUtils.readURL(uc);
assertThat(content, containsString(o1.getName()));
@Test
public void testAffiliationRights() throws IOException, GigiApiException {
- User u2 = User.getById(createAssuranceUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
- User u3 = User.getById(createAssuranceUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
+ User u2 = User.getById(createVerificationUser("testworker", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
+ User u3 = User.getById(createVerificationUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
User u4_dummy = User.getById(createVerifiedUser("testmaster", "testname", createUniqueName() + "@testdom.com", TEST_PASSWORD));
Organisation o1 = createUniqueOrg();
o1.addAdmin(u3, u, true);
o1.removeAdmin(u2, u3);
o1.removeAdmin(u3, u3);
assertEquals(0, o1.getAllAdmins().size());
+ try {
+ // must fail because one may not add oneself
+ o1.addAdmin(u3, u3, false);
+ fail("No exception!");
+ } catch (GigiApiException e) {
+ }
+ assertEquals(0, o1.getAllAdmins().size());
+ try {
+ // must fail because one may not add oneself
+ o1.addAdmin(u3, u3, true);
+ fail("No exception!");
+ } catch (GigiApiException e) {
+ }
+ assertEquals(0, o1.getAllAdmins().size());
o1.delete();
}
return executeBasicWebInteraction(cookie, ViewOrgPage.DEFAULT_PATH + "/" + o1.getId(), "action=updateCertificateData&O=" + o + "&C=" + c + "&ST=" + province + "&L=" + ct, 0);
}
+ @Test
+ public void testAgentWithoutCertLogin() throws IOException, GigiApiException {
+ cookie = login(u.getEmail(), TEST_PASSWORD);
+ loginCertificate = null;
+ URLConnection uc = get(cookie, ViewOrgPage.DEFAULT_PATH);
+ assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
+ uc = get(cookie, CreateOrgPage.DEFAULT_PATH);
+ assertEquals(403, ((HttpURLConnection) uc).getResponseCode());
+ }
}