add: ensure that for TTP Agent actions certificate login is used

author INOPIAE <m.maengel@inopiae.de>

Sun, 14 Jul 2019 04:43:47 +0000 (06:43 +0200)

committer INOPIAE <m.maengel@inopiae.de>

Sun, 8 Sep 2019 19:20:23 +0000 (21:20 +0200)
author INOPIAE <m.maengel@inopiae.de>
Sun, 14 Jul 2019 04:43:47 +0000 (06:43 +0200)
committer INOPIAE <m.maengel@inopiae.de>
Sun, 8 Sep 2019 19:20:23 +0000 (21:20 +0200)
diff --git a/src/club/wpia/gigi/pages/admin/TTPAdminPage.java b/src/club/wpia/gigi/pages/admin/TTPAdminPage.java

index 3e7c4e86e52baa2b38d6fb2e5b20c5c8616c2d6b..90d58b24b6fb9173394904ed52f34afe4a35e693 100644 (file)
--- a/src/club/wpia/gigi/pages/admin/TTPAdminPage.java
+++ b/src/club/wpia/gigi/pages/admin/TTPAdminPage.java
@@ -90,6 +90,6 @@ public class TTPAdminPage extends Page {
  
      @Override
      public boolean isPermitted(AuthorizationContext ac) {
-        return ac != null && ac.isInGroup(Group.TTP_AGENT);
+        return ac != null && ac.isInGroup(Group.TTP_AGENT) && ac.isStronglyAuthenticated();
      }
  }
diff --git a/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java b/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java

index d518dea4e3c177986222730576e1e357c2872b57..0e11f6df501c479c8b0d6fea2da5780c315e7368 100644 (file)
--- a/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java
+++ b/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java
@@ -4,6 +4,7 @@ import static org.junit.Assert.*;
  
  import java.io.IOException;
  import java.net.MalformedURLException;
+import java.security.GeneralSecurityException;
  
  import org.junit.Test;
  
@@ -22,21 +23,21 @@ public class TestTTPAdmin extends ClientTest {
      }
  
      @Test
-    public void testHasRight() throws IOException, GigiApiException {
+    public void testHasRight() throws IOException, GigiApiException, GeneralSecurityException, InterruptedException {
          testTTPAdmin(true);
      }
  
      @Test
-    public void testHasNoRight() throws IOException, GigiApiException {
+    public void testHasNoRight() throws IOException, GigiApiException, GeneralSecurityException, InterruptedException {
          testTTPAdmin(false);
      }
  
-    public void testTTPAdmin(boolean hasRight) throws IOException, GigiApiException {
+    public void testTTPAdmin(boolean hasRight) throws IOException, GigiApiException, GeneralSecurityException, InterruptedException {
          if (hasRight) {
              grant(u, Group.TTP_AGENT);
          }
          grant(u, TTPAdminPage.TTP_APPLICANT);
-        cookie = login(u.getEmail(), TEST_PASSWORD);
+        cookie = cookieWithCertificateLogin(u);
  
          assertEquals( !hasRight ? 403 : 200, fetchStatusCode(TTPAdminPage.PATH));
          assertEquals( !hasRight ? 403 : 200, fetchStatusCode(TTPAdminPage.PATH + "/"));
@@ -48,4 +49,11 @@ public class TestTTPAdmin extends ClientTest {
      private int fetchStatusCode(String path) throws MalformedURLException, IOException {
          return get(path).getResponseCode();
      }
+
+    @Test
+    public void testVerifyWithoutCertLogin() throws IOException {
+        cookie = login(u.getEmail(), TEST_PASSWORD);
+        loginCertificate = null;
+        assertEquals(403, get(cookie, TTPAdminPage.PATH).getResponseCode());
+    }
  }
author	INOPIAE <m.maengel@inopiae.de>
	Sun, 14 Jul 2019 04:43:47 +0000 (06:43 +0200)
committer	INOPIAE <m.maengel@inopiae.de>
	Sun, 8 Sep 2019 19:20:23 +0000 (21:20 +0200)
src/club/wpia/gigi/pages/admin/TTPAdminPage.java		patch \| blob \| history
tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java		patch \| blob \| history