add: defense-in-depth mechanism to prevent unauthorized adding of groups

[gigi.git] / tests / org / cacert / gigi / TestOrga.java

diff --git a/tests/org/cacert/gigi/TestOrga.java b/tests/org/cacert/gigi/TestOrga.java
index e93070d6adf3fbc2a1c235857293539e277a7666..ff3a56cc82fd3bc998101d1fd400fe78edde5b2e 100644 (file)
--- a/tests/org/cacert/gigi/TestOrga.java
+++ b/tests/org/cacert/gigi/TestOrga.java
@@ -2,31 +2,47 @@ package org.cacert.gigi;
 
 import static org.junit.Assert.*;
 
+import java.io.IOException;
+
+import org.cacert.gigi.dbObjects.Country;
+import org.cacert.gigi.dbObjects.Country.CountryCodeType;
+import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.Organisation;
 import org.cacert.gigi.dbObjects.User;
-import org.cacert.gigi.testUtils.ManagedTest;
+import org.cacert.gigi.testUtils.BusinessTest;
 import org.junit.Test;
 
-public class TestOrga extends ManagedTest {
+public class TestOrga extends BusinessTest {
 
     @Test
-    public void testAddRm() {
-        User u1 = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        User u2 = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        User u3 = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        User u4 = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        Organisation o1 = new Organisation("name", "ST", "prov", "city", u1);
+    public void testAddRm() throws GigiApiException, IOException {
+        User u1 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
+        u1.grantGroup(getSupporter(), Group.ORGASSURER);
+        User u2 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
+        u2.grantGroup(getSupporter(), Group.ORGASSURER);
+        User u3 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
+        u3.grantGroup(getSupporter(), Group.ORGASSURER);
+        User u4 = User.getById(createAssuranceUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
+        u4.grantGroup(getSupporter(), Group.ORGASSURER);
+        Organisation o1 = new Organisation("name", Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "prov", "city", "email", "optional name", "postal address", u1);
         assertEquals(0, o1.getAllAdmins().size());
         o1.addAdmin(u2, u1, false);
         assertEquals(1, o1.getAllAdmins().size());
+        o1.addAdmin(u2, u1, false); // Insert double should be ignored
+        assertEquals(1, o1.getAllAdmins().size());
         o1.addAdmin(u3, u1, false);
         assertEquals(2, o1.getAllAdmins().size());
         o1.addAdmin(u4, u1, false);
         assertEquals(3, o1.getAllAdmins().size());
         o1.removeAdmin(u3, u1);
         assertEquals(2, o1.getAllAdmins().size());
+        o1.addAdmin(u3, u1, false); // add again
+        assertEquals(3, o1.getAllAdmins().size());
+        o1.removeAdmin(u3, u1);
+        assertEquals(2, o1.getAllAdmins().size());
         o1.removeAdmin(u4, u1);
         o1.removeAdmin(u2, u1);
         assertEquals(0, o1.getAllAdmins().size());
     }
+
 }