RANGER-1170 : Improvement of Unit Test coverage in Ranger

Signed-off-by: Velmurugan Periasamy <v...@apache.org>


Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/4a64c4fa
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/4a64c4fa
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/4a64c4fa

Branch: refs/heads/ranger-0.6
Commit: 4a64c4fa11109d8366185320b5a28f58685328a4
Parents: 26bfd13
Author: pradeep agrawal <pradeep.agra...@freestoneinfotech.com>
Authored: Wed Oct 12 18:10:57 2016 +0530
Committer: Velmurugan Periasamy <v...@apache.org>
Committed: Fri Oct 14 15:44:58 2016 -0400

----------------------------------------------------------------------
 .../org/apache/ranger/biz/RangerBizUtil.java    |   4 +-
 .../java/org/apache/ranger/biz/UserMgr.java     | 215 ++++++--------
 .../java/org/apache/ranger/rest/UserREST.java   |  70 ++---
 .../java/org/apache/ranger/biz/TestUserMgr.java | 287 ++++++++++++++++++-
 4 files changed, 413 insertions(+), 163 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4a64c4fa/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
----------------------------------------------------------------------
diff --git 
a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java 
b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
index 32ffef9..728b85d 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/RangerBizUtil.java
@@ -1386,12 +1386,12 @@ public class RangerBizUtil {
                                return AppConstants.DB_FLAVOR_SQLANYWHERE;
                        }else {
                                if(logger.isDebugEnabled()) {
-                                       logger.debug("DB Falvor could not be 
determined from property - " + propertyName + "=" + propertyValue);
+                                       logger.debug("DB Flavor could not be 
determined from property - " + propertyName + "=" + propertyValue);
                                }
                        }
                }
 
-               logger.error("DB Falvor could not be determined");
+               logger.error("DB Flavor could not be determined");
 
                return AppConstants.DB_FLAVOR_UNKNOWN;
        }

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4a64c4fa/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java 
b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
index 6c305c4..3c473c8 100644
--- a/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
+++ b/security-admin/src/main/java/org/apache/ranger/biz/UserMgr.java
@@ -25,8 +25,8 @@ import java.util.HashMap;
 import java.util.List;
 
 import javax.persistence.Query;
+import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.lang.StringUtils;
 import org.apache.log4j.Logger;
 import org.apache.ranger.common.AppConstants;
 import org.apache.ranger.common.ContextUtil;
@@ -374,142 +374,108 @@ public class UserMgr {
         * @return
         */
        public VXResponse changePassword(VXPasswordChange pwdChange) {
-               VXResponse ret = new VXResponse();
-
-               // First let's get the XXPortalUser for the current logged in 
user
-               String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
-               XXPortalUser gjUserCurrent = daoManager.getXXPortalUser()
-                               .findByLoginId(currentUserLoginId);
-               checkAccess(gjUserCurrent);
-
-               String encryptedOldPwd = encrypt(gjUserCurrent.getLoginId(),
-                               pwdChange.getOldPassword());
-
-               if (!stringUtil.equals(encryptedOldPwd, 
gjUserCurrent.getPassword())) {
-                       logger.info("changePassword(). Invalid old password. 
userId="
-                                       + pwdChange.getId());
-
-                       throw restErrorUtil.createRESTException(
-                                       "serverMsg.userMgrPassword",
-                                       MessageEnums.OPER_NO_PERMISSION, null, 
null,
-                                       "" + pwdChange.getId());
-               }
-
-               // Get the user for whom we want to change the password
-               XXPortalUser gjUser = daoManager.getXXPortalUser().getById(
-                               pwdChange.getId());
-               if (gjUser == null) {
-                       logger.warn("SECURITY:changePassword(). User not found. 
userId="
-                                       + pwdChange.getId());
-                       throw restErrorUtil.createRESTException(
-                                       "serverMsg.userMgrInvalidUser",
-                                       MessageEnums.DATA_NOT_FOUND, null, null,
-                                       "" + pwdChange.getId());
-               }
-
-               if (!stringUtil
-                               .validatePassword(
-                                               pwdChange.getUpdPassword(),
-                                               new String[] { 
gjUser.getFirstName(),
-                                                               
gjUser.getLastName(), gjUser.getLoginId(),
-                                                               
gjUserCurrent.getFirstName(),
-                                                               
gjUserCurrent.getLastName(),
-                                                               
gjUserCurrent.getLoginId() })) {
-                       logger.warn("SECURITY:changePassword(). Invalid new 
password. userId="
-                                       + pwdChange.getId());
-
-                       throw restErrorUtil.createRESTException(
-                                       "serverMsg.userMgrNewPassword",
-                                       MessageEnums.INVALID_PASSWORD, null, 
null,
-                                       "" + pwdChange.getId());
-               }
-
-               String encryptedNewPwd = encrypt(gjUser.getLoginId(),
-                               pwdChange.getUpdPassword());
-
-               String currentPassword = gjUser.getPassword();
-
-               if (!encryptedNewPwd.equals(currentPassword)) {
-
-                       List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
-                       XXTrxLog xTrxLog = new XXTrxLog();
-
-                       xTrxLog.setAttributeName("Password");
-                       xTrxLog.setPreviousValue(currentPassword);
-                       xTrxLog.setNewValue(encryptedNewPwd);
-                       xTrxLog.setAction("password change");
-                       
xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_PASSWORD_CHANGE);
-                       xTrxLog.setObjectId(pwdChange.getId());
-                       xTrxLog.setObjectName(pwdChange.getLoginId());
-                       trxLogList.add(xTrxLog);
+        VXResponse ret = new VXResponse();
+
+        // First let's get the XXPortalUser for the current logged in user
+        String currentUserLoginId = ContextUtil.getCurrentUserLoginId();
+        XXPortalUser gjUserCurrent = 
daoManager.getXXPortalUser().findByLoginId(currentUserLoginId);
+        checkAccessForUpdate(gjUserCurrent);
+
+        // Get the user of whom we want to change the password
+        XXPortalUser gjUser = 
daoManager.getXXPortalUser().findByLoginId(pwdChange.getLoginId());
+        if (gjUser == null) {
+            logger.warn("SECURITY:changePassword(). User not found. LoginId="+ 
pwdChange.getLoginId());
+            throw 
restErrorUtil.createRESTException("serverMsg.userMgrInvalidUser",MessageEnums.DATA_NOT_FOUND,
 null, null,pwdChange.getLoginId());
+        }
 
-                       msBizUtil.createTrxLog(trxLogList);
+        //check current password and provided old password is same or not
+        String encryptedOldPwd = 
encrypt(pwdChange.getLoginId(),pwdChange.getOldPassword());
+        if (!stringUtil.equals(encryptedOldPwd, gjUser.getPassword())) {
+            logger.info("changePassword(). Invalid old password. LoginId="+ 
pwdChange.getLoginId());
+            throw 
restErrorUtil.createRESTException("serverMsg.userMgrOldPassword",MessageEnums.INVALID_INPUT_DATA,
 null, null,pwdChange.getLoginId());
+        }
 
-                       gjUser.setPassword(encryptedNewPwd);
-                       gjUser = daoManager.getXXPortalUser().update(gjUser);
+        //validate new password
+        if (!stringUtil.validatePassword(pwdChange.getUpdPassword(),new 
String[] { gjUser.getFirstName(),gjUser.getLastName(), gjUser.getLoginId()})) {
+            logger.warn("SECURITY:changePassword(). Invalid new password. 
LoginId="+ pwdChange.getLoginId());
+            throw 
restErrorUtil.createRESTException("serverMsg.userMgrNewPassword",MessageEnums.INVALID_PASSWORD,
 null, null,pwdChange.getLoginId());
+        }
 
-                       ret.setMsgDesc("Password successfully updated");
-                       ret.setStatusCode(VXResponse.STATUS_SUCCESS);
-               } else {
-                       ret.setMsgDesc("Password update failed");
-                       ret.setStatusCode(VXResponse.STATUS_ERROR);
-                       throw restErrorUtil.createRESTException(
-                                       "serverMsg.userMgrOldPassword",
-                                       MessageEnums.INVALID_INPUT_DATA, 
gjUser.getId(),
-                                       "password", gjUser.toString());
-               }
-               return ret;
-       }
+        String encryptedNewPwd = 
encrypt(pwdChange.getLoginId(),pwdChange.getUpdPassword());
+        String currentPassword = gjUser.getPassword();
+        if (!encryptedNewPwd.equals(currentPassword)) {
+            List<XXTrxLog> trxLogList = new ArrayList<XXTrxLog>();
+            XXTrxLog xTrxLog = new XXTrxLog();
+            xTrxLog.setAttributeName("Password");
+            xTrxLog.setPreviousValue(currentPassword);
+            xTrxLog.setNewValue(encryptedNewPwd);
+            xTrxLog.setAction("password change");
+            
xTrxLog.setObjectClassType(AppConstants.CLASS_TYPE_PASSWORD_CHANGE);
+            xTrxLog.setObjectId(pwdChange.getId());
+            xTrxLog.setObjectName(pwdChange.getLoginId());
+            trxLogList.add(xTrxLog);
+            msBizUtil.createTrxLog(trxLogList);
+            gjUser.setPassword(encryptedNewPwd);
+            gjUser = daoManager.getXXPortalUser().update(gjUser);
+            ret.setMsgDesc("Password successfully updated");
+            ret.setStatusCode(VXResponse.STATUS_SUCCESS);
+        } else {
+            ret.setMsgDesc("Password update failed");
+            ret.setStatusCode(VXResponse.STATUS_ERROR);
+            throw 
restErrorUtil.createRESTException("serverMsg.userMgrNewPassword",MessageEnums.INVALID_INPUT_DATA,
 gjUser.getId(),"password", gjUser.toString());
+        }
+        return ret;
+    }
 
        /**
         * @param gjUser
         * @param changeEmail
         * @return
         */
-       public VXPortalUser changeEmailAddress(XXPortalUser gjUser,
-                       VXPasswordChange changeEmail) {
-               checkAccess(gjUser);
-               if (StringUtils.isEmpty(changeEmail.getEmailAddress())) {
-                       throw restErrorUtil.createRESTException(
-                                       "serverMsg.userMgrInvalidEmail",
-                                       MessageEnums.INVALID_INPUT_DATA, 
changeEmail.getId(),
-                                       "emailAddress", changeEmail.toString());
-               }
+    public VXPortalUser changeEmailAddress(XXPortalUser gjUser,
+            VXPasswordChange changeEmail) {
+        checkAccessForUpdate(gjUser);
+        if (stringUtil.isEmpty(changeEmail.getEmailAddress())) {
+            throw restErrorUtil.createRESTException(
+                    "serverMsg.userMgrInvalidEmail",
+                    MessageEnums.INVALID_INPUT_DATA, changeEmail.getId(),
+                    "emailAddress", changeEmail.toString());
+        }
 
-               String encryptedOldPwd = encrypt(gjUser.getLoginId(),
-                               changeEmail.getOldPassword());
+        String encryptedOldPwd = encrypt(gjUser.getLoginId(),
+                changeEmail.getOldPassword());
 
-               if (!stringUtil.validateEmail(changeEmail.getEmailAddress())) {
-                       logger.info("Invalid email address." + changeEmail);
-                       throw restErrorUtil.createRESTException(
-                                       "serverMsg.userMgrInvalidEmail",
-                                       MessageEnums.INVALID_INPUT_DATA, 
changeEmail.getId(),
-                                       "emailAddress", changeEmail.toString());
+        if (!stringUtil.validateEmail(changeEmail.getEmailAddress())) {
+            logger.info("Invalid email address." + changeEmail);
+            throw restErrorUtil.createRESTException(
+                    "serverMsg.userMgrInvalidEmail",
+                    MessageEnums.INVALID_INPUT_DATA, changeEmail.getId(),
+                    "emailAddress", changeEmail.toString());
 
-               }
+        }
 
-               if (!stringUtil.equals(encryptedOldPwd, gjUser.getPassword())) {
-                       logger.info("changeEmailAddress(). Invalid  password. 
changeEmail="
-                                       + changeEmail);
+        if (!stringUtil.equals(encryptedOldPwd, gjUser.getPassword())) {
+            logger.info("changeEmailAddress(). Invalid  password. changeEmail="
+                    + changeEmail);
 
-                       throw restErrorUtil.createRESTException(
-                                       "serverMsg.userMgrWrongPassword",
-                                       MessageEnums.OPER_NO_PERMISSION, null, 
null, ""
-                                                       + changeEmail);
-               }
+            throw restErrorUtil.createRESTException(
+                    "serverMsg.userMgrWrongPassword",
+                    MessageEnums.OPER_NO_PERMISSION, null, null, ""
+                            + changeEmail);
+        }
 
-               // Normalize email. Make it lower case
-               gjUser.setEmailAddress(stringUtil.normalizeEmail(changeEmail
-                               .getEmailAddress()));
+        // Normalize email. Make it lower case
+        gjUser.setEmailAddress(stringUtil.normalizeEmail(changeEmail
+                .getEmailAddress()));
 
-               String saltEncodedpasswd = encrypt(gjUser.getLoginId(),
-                               changeEmail.getOldPassword());
+        String saltEncodedpasswd = encrypt(gjUser.getLoginId(),
+                changeEmail.getOldPassword());
 
-               gjUser.setPassword(saltEncodedpasswd);
+        gjUser.setPassword(saltEncodedpasswd);
 
-               daoManager.getXXPortalUser().update(gjUser);
-               return mapXXPortalUserVXPortalUser(gjUser);
-       }
+        daoManager.getXXPortalUser().update(gjUser);
+        return mapXXPortalUserVXPortalUser(gjUser);
+    }
 
        /**
         * @param userId
@@ -529,7 +495,7 @@ public class UserMgr {
        public VXPortalUser getUserProfile(Long id) {
                XXPortalUser user = daoManager.getXXPortalUser().getById(id);
                if (user != null) {
-                       checkAccessForRead(user);
+                       checkAccess(user);
                        return mapXXPortalUserVXPortalUser(user);
                } else {
                        if (logger.isDebugEnabled()) {
@@ -1075,7 +1041,7 @@ public class UserMgr {
 
        }
 
-       public void checkAccessForRead(XXPortalUser gjUser) {
+       public void checkAccessForUpdate(XXPortalUser gjUser) {
                if (gjUser == null) {
                        throw restErrorUtil
                                        
.create403RESTException("serverMsg.userMgrWrongUser");
@@ -1084,7 +1050,7 @@ public class UserMgr {
                if (sess != null) {
 
                        // Admin
-                       if (sess != null && sess.isUserAdmin() || 
sess.isKeyAdmin()) {
+                       if (sess != null && sess.isUserAdmin()) {
                                return;
                        }
 
@@ -1094,11 +1060,14 @@ public class UserMgr {
                        }
 
                }
-               throw restErrorUtil.create403RESTException("User "
+               VXResponse vXResponse = new VXResponse();
+               vXResponse.setStatusCode(HttpServletResponse.SC_FORBIDDEN);
+               vXResponse.setMsgDesc("User "
                                + " access denied. loggedInUser="
                                + (sess != null ? sess.getXXPortalUser().getId()
                                                : "Not Logged In") + ", 
accessing user="
                                + gjUser.getId());
+               throw restErrorUtil.createRESTException(vXResponse);
 
        }
 

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4a64c4fa/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
----------------------------------------------------------------------
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java 
b/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
index 3fad7b4..63729d6 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
@@ -296,22 +296,24 @@ public class UserREST {
        @Path("{userId}/passwordchange")
        @Produces({ "application/xml", "application/json" })
        public VXResponse changePassword(@PathParam("userId") Long userId,
-                       VXPasswordChange changePassword) {
-               logger.info("changePassword:" + userId);
-
-               XXPortalUser gjUser = 
daoManager.getXXPortalUser().getById(userId);
-               if (gjUser == null) {
-                       logger.warn("SECURITY:changePassword(): Invalid userId 
provided: userId="
-                                       + userId);
-                       throw 
restErrorUtil.createRESTException("serverMsg.userRestUser",
-                                       MessageEnums.DATA_NOT_FOUND, null, 
null, "" + userId);
-               }
-
-               userManager.checkAccess(gjUser);
-               changePassword.setId(userId);
-               VXResponse ret = userManager.changePassword(changePassword);
-               return ret;
-       }
+            VXPasswordChange changePassword) {
+        if(changePassword==null || 
stringUtil.isEmpty(changePassword.getLoginId())){
+            logger.warn("SECURITY:changePassword(): Invalid loginId provided. 
loginId was empty or null");
+            throw 
restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
 null, null,"");
+        }
+
+        logger.info("changePassword:" + changePassword.getLoginId());
+        XXPortalUser gjUser = 
daoManager.getXXPortalUser().findByLoginId(changePassword.getLoginId());
+        if (gjUser == null) {
+            logger.warn("SECURITY:changePassword(): Invalid loginId provided: 
loginId="+ changePassword.getLoginId());
+            throw 
restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
 null, null, changePassword.getLoginId());
+        }
+
+        userManager.checkAccessForUpdate(gjUser);
+        changePassword.setId(gjUser.getId());
+        VXResponse ret = userManager.changePassword(changePassword);
+        return ret;
+    }
 
        /**      
         * 
@@ -322,22 +324,24 @@ public class UserREST {
        @POST
        @Path("{userId}/emailchange")
        @Produces({ "application/xml", "application/json" })
-       public VXPortalUser changeEmailAddress(@PathParam("userId") Long userId,
-                       VXPasswordChange changeEmail) {
-               logger.info("changeEmail:" + userId);
-
-               XXPortalUser gjUser = 
daoManager.getXXPortalUser().getById(userId);
-               if (gjUser == null) {
-                       logger.warn("SECURITY:changeEmail(): Invalid userId 
provided: userId="
-                                       + userId);
-                       throw 
restErrorUtil.createRESTException("serverMsg.userRestUser",
-                                       MessageEnums.DATA_NOT_FOUND, null, 
null, "" + userId);
-               }
-
-               userManager.checkAccess(gjUser);
-               changeEmail.setId(userId);
-               VXPortalUser ret = userManager.changeEmailAddress(gjUser, 
changeEmail);
-               return ret;
-       }
+    public VXPortalUser changeEmailAddress(@PathParam("userId") Long userId,
+            VXPasswordChange changeEmail) {
+        if(changeEmail==null || stringUtil.isEmpty(changeEmail.getLoginId())){
+            logger.warn("SECURITY:changeEmail(): Invalid loginId provided. 
loginId was empty or null");
+            throw 
restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
 null, null,"");
+        }
+
+        logger.info("changeEmail:" + changeEmail.getLoginId());
+        XXPortalUser gjUser = 
daoManager.getXXPortalUser().findByLoginId(changeEmail.getLoginId());
+        if (gjUser == null) {
+            logger.warn("SECURITY:changeEmail(): Invalid loginId provided: 
loginId="+ changeEmail.getLoginId());
+            throw 
restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
 null, null, changeEmail.getLoginId());
+        }
+
+        userManager.checkAccessForUpdate(gjUser);
+        changeEmail.setId(gjUser.getId());
+        VXPortalUser ret = userManager.changeEmailAddress(gjUser, changeEmail);
+        return ret;
+    }
 
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/4a64c4fa/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
----------------------------------------------------------------------
diff --git 
a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java 
b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
index 701ec4f..86169d0 100644
--- a/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
+++ b/security-admin/src/test/java/org/apache/ranger/biz/TestUserMgr.java
@@ -56,7 +56,6 @@ import org.apache.ranger.view.VXString;
 import org.apache.ranger.view.VXUserPermission;
 import org.junit.Assert;
 import org.junit.FixMethodOrder;
-import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
@@ -121,6 +120,29 @@ public class TestUserMgr {
                currentUserSession.setUserAdmin(true);
        }
 
+       public void setupKeyAdmin() {
+               RangerSecurityContext context = new RangerSecurityContext();
+               context.setUserSession(new UserSessionBase());
+               RangerContextHolder.setSecurityContext(context);
+               UserSessionBase currentUserSession = 
ContextUtil.getCurrentUserSession();
+               XXPortalUser userKeyAdmin = new XXPortalUser();
+               userKeyAdmin.setId(userProfile().getId());
+               userKeyAdmin.setLoginId(userProfile().getLoginId());
+               currentUserSession.setXXPortalUser(userKeyAdmin);
+               currentUserSession.setKeyAdmin(true);
+       }
+
+       public void setupUser() {
+        RangerSecurityContext context = new RangerSecurityContext();
+        context.setUserSession(new UserSessionBase());
+        RangerContextHolder.setSecurityContext(context);
+        UserSessionBase currentUserSession = 
ContextUtil.getCurrentUserSession();
+        XXPortalUser user = new XXPortalUser();
+        user.setId(userProfile().getId());
+        user.setLoginId(userProfile().getLoginId());
+        currentUserSession.setXXPortalUser(user);
+       }
+
        private VXPortalUser userProfile() {
                VXPortalUser userProfile = new VXPortalUser();
                userProfile.setEmailAddress("t...@test.com");
@@ -243,7 +265,7 @@ public class TestUserMgr {
        }
 
        @Test
-       public void test15ChangePassword() {
+       public void test13ChangePasswordAsAdmin() {
                setup();
                XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
                VXPortalUser userProfile = userProfile();
@@ -281,8 +303,68 @@ public class TestUserMgr {
                                new String[] { Mockito.anyString() });
        }
 
+       public void test14ChangePasswordAsKeyAdmin() {
+        setupKeyAdmin();
+        XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+        VXPortalUser userProfile = userProfile();
+
+        VXPasswordChange pwdChange = new VXPasswordChange();
+        pwdChange.setId(userProfile.getId());
+        pwdChange.setLoginId(userProfile.getLoginId());
+        pwdChange.setOldPassword(userProfile.getPassword());
+        pwdChange.setEmailAddress(userProfile.getEmailAddress());
+        pwdChange.setUpdPassword(userProfile.getPassword());
+
+        XXPortalUser userKeyAdmin = new XXPortalUser();
+        userKeyAdmin.setId(userProfile.getId());
+        userKeyAdmin.setLoginId(userProfile.getLoginId());
+        Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+        
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(userKeyAdmin);
+        Mockito.when(stringUtil.equals(Mockito.anyString(), 
Mockito.anyString())).thenReturn(true);
+        Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+        
Mockito.when(userDao.getById(Mockito.anyLong())).thenReturn(userKeyAdmin);
+        Mockito.when(stringUtil.validatePassword(Mockito.anyString(),new 
String[] { Mockito.anyString() })).thenReturn(true);
+
+        VXResponse dbVXResponse = userMgr.changePassword(pwdChange);
+        Assert.assertNotNull(dbVXResponse);
+        
Assert.assertEquals(userProfile.getStatus(),dbVXResponse.getStatusCode());
+
+        
Mockito.verify(stringUtil).equals(Mockito.anyString(),Mockito.anyString());
+        Mockito.verify(stringUtil).validatePassword(Mockito.anyString(),new 
String[] { Mockito.anyString() });
+       }
+
+       public void test15ChangePasswordAsUser() {
+        setupUser();
+        XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+        VXPortalUser userProfile = userProfile();
+
+        VXPasswordChange pwdChange = new VXPasswordChange();
+        pwdChange.setId(userProfile.getId());
+        pwdChange.setLoginId(userProfile.getLoginId());
+        pwdChange.setOldPassword(userProfile.getPassword());
+        pwdChange.setEmailAddress(userProfile.getEmailAddress());
+        pwdChange.setUpdPassword(userProfile.getPassword());
+
+        XXPortalUser user = new XXPortalUser();
+        user.setId(userProfile.getId());
+        user.setLoginId(userProfile.getLoginId());
+        Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+        
Mockito.when(userDao.findByLoginId(Mockito.anyString())).thenReturn(user);
+        Mockito.when(stringUtil.equals(Mockito.anyString(), 
Mockito.anyString())).thenReturn(true);
+        Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+        Mockito.when(userDao.getById(Mockito.anyLong())).thenReturn(user);
+        Mockito.when(stringUtil.validatePassword(Mockito.anyString(),new 
String[] { Mockito.anyString() })).thenReturn(true);
+
+        VXResponse dbVXResponse = userMgr.changePassword(pwdChange);
+        Assert.assertNotNull(dbVXResponse);
+        
Assert.assertEquals(userProfile.getStatus(),dbVXResponse.getStatusCode());
+
+        
Mockito.verify(stringUtil).equals(Mockito.anyString(),Mockito.anyString());
+        Mockito.verify(stringUtil).validatePassword(Mockito.anyString(),new 
String[] { Mockito.anyString() });
+       }
+
        @Test
-       public void test16ChangeEmailAddress() {
+       public void test16ChangeEmailAddressAsAdmin() {
                setup();
                XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
                XXPortalUserRoleDao roleDao = 
Mockito.mock(XXPortalUserRoleDao.class);
@@ -384,6 +466,201 @@ public class TestUserMgr {
        }
 
        @Test
+       public void test17ChangeEmailAddressAsKeyAdmin() {
+               setupKeyAdmin();
+               XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+               XXPortalUserRoleDao roleDao = 
Mockito.mock(XXPortalUserRoleDao.class);
+               XXUserPermissionDao xUserPermissionDao = 
Mockito.mock(XXUserPermissionDao.class);
+               XXGroupPermissionDao xGroupPermissionDao = 
Mockito.mock(XXGroupPermissionDao.class);
+               XXModuleDefDao xModuleDefDao = 
Mockito.mock(XXModuleDefDao.class);
+               XXModuleDef xModuleDef = Mockito.mock(XXModuleDef.class);
+               VXPortalUser userProfile = userProfile();
+
+               XXPortalUser userKeyAdmin = new XXPortalUser();
+               userKeyAdmin.setEmailAddress(userProfile.getEmailAddress());
+               userKeyAdmin.setFirstName(userProfile.getFirstName());
+               userKeyAdmin.setLastName(userProfile.getLastName());
+               userKeyAdmin.setLoginId(userProfile.getLoginId());
+               String encryptedPwd = 
userMgr.encrypt(userProfile.getLoginId(),userProfile.getPassword());
+               userKeyAdmin.setPassword(encryptedPwd);
+               userKeyAdmin.setUserSource(userProfile.getUserSource());
+               
userKeyAdmin.setPublicScreenName(userProfile.getPublicScreenName());
+               userKeyAdmin.setId(userProfile.getId());
+
+               VXPasswordChange changeEmail = new VXPasswordChange();
+               changeEmail.setEmailAddress("testu...@test.com");
+               changeEmail.setId(userKeyAdmin.getId());
+               changeEmail.setLoginId(userKeyAdmin.getLoginId());
+               changeEmail.setOldPassword(userProfile.getPassword());
+
+               XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
+               XXPortalUserRole.setId(userId);
+               XXPortalUserRole.setUserRole("ROLE_USER");
+               List<XXPortalUserRole> list = new ArrayList<XXPortalUserRole>();
+               list.add(XXPortalUserRole);
+
+               List<XXUserPermission> xUserPermissionsList = new 
ArrayList<XXUserPermission>();
+               XXUserPermission xUserPermissionObj = new XXUserPermission();
+               xUserPermissionObj.setAddedByUserId(userId);
+               xUserPermissionObj.setCreateTime(new Date());
+               xUserPermissionObj.setId(userId);
+               xUserPermissionObj.setIsAllowed(1);
+               xUserPermissionObj.setModuleId(1L);
+               xUserPermissionObj.setUpdatedByUserId(userId);
+               xUserPermissionObj.setUpdateTime(new Date());
+               xUserPermissionObj.setUserId(userId);
+               xUserPermissionsList.add(xUserPermissionObj);
+
+               List<XXGroupPermission> xGroupPermissionList = new 
ArrayList<XXGroupPermission>();
+               XXGroupPermission xGroupPermissionObj = new XXGroupPermission();
+               xGroupPermissionObj.setAddedByUserId(userId);
+               xGroupPermissionObj.setCreateTime(new Date());
+               xGroupPermissionObj.setId(userId);
+               xGroupPermissionObj.setIsAllowed(1);
+               xGroupPermissionObj.setModuleId(1L);
+               xGroupPermissionObj.setUpdatedByUserId(userId);
+               xGroupPermissionObj.setUpdateTime(new Date());
+               xGroupPermissionObj.setGroupId(userId);
+               xGroupPermissionList.add(xGroupPermissionObj);
+
+               VXUserPermission userPermission = new VXUserPermission();
+               userPermission.setId(1L);
+               userPermission.setIsAllowed(1);
+               userPermission.setModuleId(1L);
+               userPermission.setUserId(userId);
+               userPermission.setUserName("xyz");
+               userPermission.setOwner("admin");
+
+               VXGroupPermission groupPermission = new VXGroupPermission();
+               groupPermission.setId(1L);
+               groupPermission.setIsAllowed(1);
+               groupPermission.setModuleId(1L);
+               groupPermission.setGroupId(userId);
+               groupPermission.setGroupName("xyz");
+               groupPermission.setOwner("admin");
+
+               
Mockito.when(stringUtil.validateEmail(Mockito.anyString())).thenReturn(true);
+               Mockito.when(stringUtil.equals(Mockito.anyString(), 
Mockito.anyString())).thenReturn(true);
+               
Mockito.when(stringUtil.normalizeEmail(Mockito.anyString())).thenReturn(changeEmail.getEmailAddress());
+               Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+               
Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(roleDao);
+               
Mockito.when(roleDao.findByParentId(Mockito.anyLong())).thenReturn(list);
+               
Mockito.when(daoManager.getXXUserPermission()).thenReturn(xUserPermissionDao);
+               
Mockito.when(daoManager.getXXGroupPermission()).thenReturn(xGroupPermissionDao);
+               
Mockito.when(xUserPermissionDao.findByUserPermissionIdAndIsAllowed(userProfile.getId())).thenReturn(xUserPermissionsList);
+               
Mockito.when(xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId())).thenReturn(xGroupPermissionList);
+               
Mockito.when(xGroupPermissionService.populateViewBean(xGroupPermissionObj)).thenReturn(groupPermission);
+               
Mockito.when(xUserPermissionService.populateViewBean(xUserPermissionObj)).thenReturn(userPermission);
+               
Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+               
Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong())).thenReturn(xModuleDef);
+
+               VXPortalUser dbVXPortalUser = 
userMgr.changeEmailAddress(userKeyAdmin,changeEmail);
+               Assert.assertNotNull(dbVXPortalUser);
+               Assert.assertEquals(userId, dbVXPortalUser.getId());
+               
Assert.assertEquals(userProfile.getLastName(),dbVXPortalUser.getLastName());
+               
Assert.assertEquals(changeEmail.getLoginId(),dbVXPortalUser.getLoginId());
+               
Assert.assertEquals(changeEmail.getEmailAddress(),dbVXPortalUser.getEmailAddress());
+       }
+
+
+       @Test
+       public void test18ChangeEmailAddressAsUser() {
+               setupUser();
+               XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
+               XXPortalUserRoleDao roleDao = 
Mockito.mock(XXPortalUserRoleDao.class);
+               XXUserPermissionDao xUserPermissionDao = 
Mockito.mock(XXUserPermissionDao.class);
+               XXGroupPermissionDao xGroupPermissionDao = 
Mockito.mock(XXGroupPermissionDao.class);
+               XXModuleDefDao xModuleDefDao = 
Mockito.mock(XXModuleDefDao.class);
+               XXModuleDef xModuleDef = Mockito.mock(XXModuleDef.class);
+               VXPortalUser userProfile = userProfile();
+
+               XXPortalUser user = new XXPortalUser();
+               user.setEmailAddress(userProfile.getEmailAddress());
+               user.setFirstName(userProfile.getFirstName());
+               user.setLastName(userProfile.getLastName());
+               user.setLoginId(userProfile.getLoginId());
+               String encryptedPwd = 
userMgr.encrypt(userProfile.getLoginId(),userProfile.getPassword());
+               user.setPassword(encryptedPwd);
+               user.setUserSource(userProfile.getUserSource());
+               user.setPublicScreenName(userProfile.getPublicScreenName());
+               user.setId(userProfile.getId());
+
+               VXPasswordChange changeEmail = new VXPasswordChange();
+               changeEmail.setEmailAddress("testu...@test.com");
+               changeEmail.setId(user.getId());
+               changeEmail.setLoginId(user.getLoginId());
+               changeEmail.setOldPassword(userProfile.getPassword());
+
+               XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
+               XXPortalUserRole.setId(userId);
+               XXPortalUserRole.setUserRole("ROLE_USER");
+               List<XXPortalUserRole> list = new ArrayList<XXPortalUserRole>();
+               list.add(XXPortalUserRole);
+
+               List<XXUserPermission> xUserPermissionsList = new 
ArrayList<XXUserPermission>();
+               XXUserPermission xUserPermissionObj = new XXUserPermission();
+               xUserPermissionObj.setAddedByUserId(userId);
+               xUserPermissionObj.setCreateTime(new Date());
+               xUserPermissionObj.setId(userId);
+               xUserPermissionObj.setIsAllowed(1);
+               xUserPermissionObj.setModuleId(1L);
+               xUserPermissionObj.setUpdatedByUserId(userId);
+               xUserPermissionObj.setUpdateTime(new Date());
+               xUserPermissionObj.setUserId(userId);
+               xUserPermissionsList.add(xUserPermissionObj);
+
+               List<XXGroupPermission> xGroupPermissionList = new 
ArrayList<XXGroupPermission>();
+               XXGroupPermission xGroupPermissionObj = new XXGroupPermission();
+               xGroupPermissionObj.setAddedByUserId(userId);
+               xGroupPermissionObj.setCreateTime(new Date());
+               xGroupPermissionObj.setId(userId);
+               xGroupPermissionObj.setIsAllowed(1);
+               xGroupPermissionObj.setModuleId(1L);
+               xGroupPermissionObj.setUpdatedByUserId(userId);
+               xGroupPermissionObj.setUpdateTime(new Date());
+               xGroupPermissionObj.setGroupId(userId);
+               xGroupPermissionList.add(xGroupPermissionObj);
+
+               VXUserPermission userPermission = new VXUserPermission();
+               userPermission.setId(1L);
+               userPermission.setIsAllowed(1);
+               userPermission.setModuleId(1L);
+               userPermission.setUserId(userId);
+               userPermission.setUserName("xyz");
+               userPermission.setOwner("admin");
+
+               VXGroupPermission groupPermission = new VXGroupPermission();
+               groupPermission.setId(1L);
+               groupPermission.setIsAllowed(1);
+               groupPermission.setModuleId(1L);
+               groupPermission.setGroupId(userId);
+               groupPermission.setGroupName("xyz");
+               groupPermission.setOwner("admin");
+
+               
Mockito.when(stringUtil.validateEmail(Mockito.anyString())).thenReturn(true);
+               Mockito.when(stringUtil.equals(Mockito.anyString(), 
Mockito.anyString())).thenReturn(true);
+               
Mockito.when(stringUtil.normalizeEmail(Mockito.anyString())).thenReturn(changeEmail.getEmailAddress());
+               Mockito.when(daoManager.getXXPortalUser()).thenReturn(userDao);
+               
Mockito.when(daoManager.getXXPortalUserRole()).thenReturn(roleDao);
+               
Mockito.when(roleDao.findByParentId(Mockito.anyLong())).thenReturn(list);
+               
Mockito.when(daoManager.getXXUserPermission()).thenReturn(xUserPermissionDao);
+               
Mockito.when(daoManager.getXXGroupPermission()).thenReturn(xGroupPermissionDao);
+               
Mockito.when(xUserPermissionDao.findByUserPermissionIdAndIsAllowed(userProfile.getId())).thenReturn(xUserPermissionsList);
+               
Mockito.when(xGroupPermissionDao.findbyVXPortalUserId(userProfile.getId())).thenReturn(xGroupPermissionList);
+               
Mockito.when(xGroupPermissionService.populateViewBean(xGroupPermissionObj)).thenReturn(groupPermission);
+               
Mockito.when(xUserPermissionService.populateViewBean(xUserPermissionObj)).thenReturn(userPermission);
+               
Mockito.when(daoManager.getXXModuleDef()).thenReturn(xModuleDefDao);
+               
Mockito.when(xModuleDefDao.findByModuleId(Mockito.anyLong())).thenReturn(xModuleDef);
+
+               VXPortalUser dbVXPortalUser = 
userMgr.changeEmailAddress(user,changeEmail);
+               Assert.assertNotNull(dbVXPortalUser);
+               Assert.assertEquals(userId, dbVXPortalUser.getId());
+               
Assert.assertEquals(userProfile.getLastName(),dbVXPortalUser.getLastName());
+               
Assert.assertEquals(changeEmail.getLoginId(),dbVXPortalUser.getLoginId());
+               
Assert.assertEquals(changeEmail.getEmailAddress(),dbVXPortalUser.getEmailAddress());
+       }
+
+       @Test
        public void test21CreateUser() {
                setup();
                XXPortalUserDao userDao = Mockito.mock(XXPortalUserDao.class);
@@ -985,10 +1262,10 @@ public class TestUserMgr {
 
        @Test
        public void test19updateRoles() {
-               //setup();
+               setup();
                Collection<String> rolesList = new ArrayList<String>();
                rolesList.add("ROLE_USER");
-               rolesList.add("ROLE_ADMIN");
+               rolesList.add("ROLE_SYS_ADMIN");
                XXPortalUserRole XXPortalUserRole = new XXPortalUserRole();
                XXPortalUserRole.setId(userId);
                XXPortalUserRole.setUserRole("ROLE_USER");

Reply via email to