add: defense-in-depth mechanism to prevent unauthorized adding of groups

[gigi.git] / tests / org / cacert / gigi / api / IssueCert.java

diff --git a/tests/org/cacert/gigi/api/IssueCert.java b/tests/org/cacert/gigi/api/IssueCert.java
index f6040008fd718b9e0f423c5e45b5a2a90dd7a1ab..fc1e9d1ce0991dc52cce96cf7c1257742d9be4fe 100644 (file)
--- a/tests/org/cacert/gigi/api/IssueCert.java
+++ b/tests/org/cacert/gigi/api/IssueCert.java
@@ -19,6 +19,8 @@ import org.cacert.gigi.dbObjects.Certificate;
 import org.cacert.gigi.dbObjects.Certificate.CSRType;
 import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
 import org.cacert.gigi.dbObjects.CertificateProfile;
+import org.cacert.gigi.dbObjects.Country;
+import org.cacert.gigi.dbObjects.Country.CountryCodeType;
 import org.cacert.gigi.dbObjects.Digest;
 import org.cacert.gigi.dbObjects.Domain;
 import org.cacert.gigi.dbObjects.Group;
@@ -44,6 +46,7 @@ public class IssueCert extends ClientTest {
             kp = generateKeypair();
             String key1 = generatePEMCSR(kp, "EMAIL=testmail@example.com");
             c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1));
+            c.setLoginEnabled(true);
             pk = kp.getPrivate();
             await(c.issue(null, "2y", u));
             ce = c.cert();
@@ -84,9 +87,9 @@ public class IssueCert extends ClientTest {
     @Test
     public void testIssueOrgCert() throws Exception {
         makeAssurer(id);
-        u.grantGroup(u, Group.ORGASSURER);
+        u.grantGroup(getSupporter(), Group.ORGASSURER);
 
-        Organisation o1 = new Organisation("name", "st", "pr", "st", "test@mail", "", "", u);
+        Organisation o1 = new Organisation("name", Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "pr", "st", "test@mail", "", "", u);
         o1.addAdmin(u, u, false);
         String testdom = createUniqueName() + "-example.com";
         Domain d2 = new Domain(u, o1, testdom);