This is an automated email from the ASF dual-hosted git repository.
enorman pushed a commit to branch master
in repository
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-launchpad-integration-tests.git
The following commit(s) were added to refs/heads/master by this push:
new 1bdf87f SLING-10444 Remove duplicate tests from
org-apache-sling-launchpad-integration-tests
1bdf87f is described below
commit 1bdf87fcbd9e077a5f54b6f0617bdc3daa96076b
Author: Eric Norman <[email protected]>
AuthorDate: Thu Jun 10 12:56:25 2021 -0700
SLING-10444 Remove duplicate tests from
org-apache-sling-launchpad-integration-tests
---
.../userManager/CreateGroupTest.java | 197 ---------
.../userManager/CreateUserTest.java | 313 ---------------
.../userManager/RemoveAuthorizablesTest.java | 266 ------------
.../userManager/UpdateGroupTest.java | 322 ---------------
.../userManager/UpdateUserTest.java | 392 ------------------
.../userManager/UserManagerTestUtil.java | 107 -----
.../userManager/UserPrivilegesInfoTest.java | 444 ---------------------
.../usermanager/privileges-info.json.esp | 31 --
8 files changed, 2072 deletions(-)
diff --git
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/CreateGroupTest.java
b/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/CreateGroupTest.java
deleted file mode 100644
index 7f261b6..0000000
---
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/CreateGroupTest.java
+++ /dev/null
@@ -1,197 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.launchpad.webapp.integrationtest.userManager;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Random;
-
-import javax.json.JsonException;
-import javax.json.JsonObject;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.NameValuePair;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.sling.commons.testing.integration.HttpTest;
-import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
-
-/**
- * Tests for the 'createGroup' Sling Post Operation
- */
-public class CreateGroupTest extends UserManagerTestUtil {
- private static Random random = new Random(System.currentTimeMillis());
-
- String testUserId = null;
- String testGroupId = null;
- String testGroupId2 = null;
-
- @Override
- public void tearDown() throws Exception {
- if (testGroupId != null) {
- //remove the test group if it exists.
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group/" + testGroupId + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testGroupId2 != null) {
- //remove the test group if it exists.
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group/" + testGroupId2 + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testUserId != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- super.tearDown();
- }
-
- public void testCreateGroup() throws IOException, JsonException {
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.html";
-
- testGroupId = "testGroup" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testGroupId));
- postParams.add(new NameValuePair("marker", testGroupId));
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the group profile json to verify the settings
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".json";
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String json = getAuthenticatedContent(creds, getUrl,
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testGroupId, jsonObj.getString("marker"));
- }
-
- public void testNotAuthorizedCreateGroup() throws IOException,
JsonException {
- testUserId = createTestUser();
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.html";
-
- Credentials creds = new UsernamePasswordCredentials(testUserId,
"testPwd");
-
- String testGroupId2 = "testGroup" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testGroupId2));
- postParams.add(new NameValuePair("marker", testGroupId2));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- public void testAuthorizedCreateGroup() throws IOException,
JsonException {
- testUserId = createTestUser();
- grantUserManagementRights(testUserId);
-
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.html";
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
-
- testGroupId = "testGroup" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testGroupId));
- postParams.add(new NameValuePair("marker", testGroupId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the group profile json to verify the settings
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".json";
- String json = getAuthenticatedContent(creds, getUrl,
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testGroupId, jsonObj.getString("marker"));
- }
-
- /**
- * Test for SLING-7831
- */
- public void testCreateGroupCustomPostResponse() throws IOException,
JsonException {
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.html";
-
- testGroupId = "testGroup" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":responseType", "custom"));
- postParams.add(new NameValuePair(":name", testGroupId));
- postParams.add(new NameValuePair("marker", testGroupId));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String content = getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_HTML, postParams, HttpServletResponse.SC_OK);
- assertEquals("Thanks!", content); //verify that the content
matches the custom response
- }
-
- public void testCreateGroupMissingGroupId() throws IOException {
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- public void testCreateGroupAlreadyExists() throws IOException {
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.html";
-
- testGroupId = "testGroup" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testGroupId));
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //post the same info again, should fail
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- public void testCreateGroupWithExtraProperties() throws IOException,
JsonException {
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.html";
-
- testGroupId = "testGroup" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testGroupId));
- postParams.add(new NameValuePair("marker", testGroupId));
- postParams.add(new NameValuePair("displayName", "My Test
Group"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org";));
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the group profile json to verify the settings
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".json";
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String json = getAuthenticatedContent(creds, getUrl,
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testGroupId, jsonObj.getString("marker"));
- assertEquals("My Test Group", jsonObj.getString("displayName"));
- assertEquals("http://www.apache.org";, jsonObj.getString("url"));
- }
-
-
- /**
- * Test for SLING-1677
- */
- public void testCreateGroupResponseAsJSON() throws IOException,
JsonException {
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group.create.json";
-
- testGroupId = "testGroup" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testGroupId));
- postParams.add(new NameValuePair("marker", testGroupId));
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String json = getAuthenticatedPostContent(creds, postUrl,
CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);
-
- //make sure the json response can be parsed as a JSON object
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertNotNull(jsonObj);
- }
-}
diff --git
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/CreateUserTest.java
b/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/CreateUserTest.java
deleted file mode 100644
index 85038c1..0000000
---
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/CreateUserTest.java
+++ /dev/null
@@ -1,313 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.launchpad.webapp.integrationtest.userManager;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Random;
-
-import javax.json.JsonException;
-import javax.json.JsonObject;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.NameValuePair;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.sling.commons.testing.integration.HttpTest;
-import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-/**
- * Tests for the 'createUser' Sling Post Operation
- */
-public class CreateUserTest {
- private static Random random = new Random(System.currentTimeMillis());
- private String testUserId;
- private String testUserId2;
-
- private final UserManagerTestUtil H = new UserManagerTestUtil();
-
- @Before
- public void setup() throws Exception {
- H.setUp();
- }
-
- @After
- public void cleanup() throws Exception {
- if (testUserId != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testUserId2 != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId2 + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- H.tearDown();
- }
-
- /*
- <form action="/system/userManager/user.create.html"
method="POST">
- <div>Name: <input type="text" name=":name" value="testUser"
/></div>
- <div>Password: <input type="text" name="pwd"
value="testUser" /></div>
- <div>Password Confirm: <input type="text" name="pwdConfirm"
value="testUser" /></div>
- <input type="submit" value="Submit" />
- </form>
- */
- @Test
- public void testCreateUser() throws IOException, JsonException {
- testUserId = "testUser" + random.nextInt() +
System.currentTimeMillis();
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
- final List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testUserId));
- postParams.add(new NameValuePair("marker", testUserId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- final Credentials creds = new
UsernamePasswordCredentials("admin", "admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- {
- // fetch the user profile json to verify the settings
- final String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".json";
- final String json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- final JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testUserId, jsonObj.getString("marker"));
- assertFalse(jsonObj.containsKey(":name"));
- assertFalse(jsonObj.containsKey("pwd"));
- assertFalse(jsonObj.containsKey("pwdConfirm"));
- }
-
- {
- // fetch the session info to verify that the user can log in
- final Credentials newUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
- final String getUrl = HttpTest.HTTP_BASE_URL +
"/system/sling/info.sessionInfo.json";
- final String json = H.getAuthenticatedContent(newUserCreds,
getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- final JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testUserId, jsonObj.getString("userID"));
- }
- }
-
- @Test
- public void testNotAuthorizedCreateUser() throws IOException,
JsonException {
- testUserId2 = H.createTestUser();
-
- String testUserId3 = "testUser" + random.nextInt() +
System.currentTimeMillis();
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
- final List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testUserId3));
- postParams.add(new NameValuePair("marker", testUserId3));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- final Credentials creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- @Test
- public void testAuthorizedCreateUser() throws IOException,
JsonException {
- testUserId2 = H.createTestUser();
- H.grantUserManagementRights(testUserId2);
-
- testUserId = "testUser" + random.nextInt() +
System.currentTimeMillis();
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
- final List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testUserId));
- postParams.add(new NameValuePair("marker", testUserId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- final Credentials creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- {
- // fetch the user profile json to verify the settings
- final String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".json";
- final String json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- final JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testUserId, jsonObj.getString("marker"));
- assertFalse(jsonObj.containsKey(":name"));
- assertFalse(jsonObj.containsKey("pwd"));
- assertFalse(jsonObj.containsKey("pwdConfirm"));
- }
-
- {
- // fetch the session info to verify that the user can log in
- final Credentials newUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
- final String getUrl = HttpTest.HTTP_BASE_URL +
"/system/sling/info.sessionInfo.json";
- final String json = H.getAuthenticatedContent(newUserCreds,
getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- final JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testUserId, jsonObj.getString("userID"));
- }
- }
-
- @Test
- public void testCreateUserMissingUserId() throws IOException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- @Test
- public void testCreateUserMissingPwd() throws IOException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
-
- String userId = "testUser" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", userId));
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- @Test
- public void testCreateUserWrongConfirmPwd() throws IOException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
-
- String userId = "testUser" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", userId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd2"));
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- @Test
- public void testCreateUserUserAlreadyExists() throws IOException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
-
- testUserId = "testUser" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testUserId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //post the same info again, should fail
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- /*
- <form action="/system/userManager/user.create.html" method="POST">
- <div>Name: <input type="text" name=":name" value="testUser" /></div>
- <div>Password: <input type="text" name="pwd" value="testUser"
/></div>
- <div>Password Confirm: <input type="text" name="pwdConfirm"
value="testUser" /></div>
- <div>Extra Property #1: <input type="text" name="displayName"
value="My Test User" /></div>
- <div>Extra Property #2: <input type="text" name="url"
value="http://www.apache.org"; /></div>
- <input type="submit" value="Submit" />
- </form>
- */
- @Test
- public void testCreateUserWithExtraProperties() throws IOException,
JsonException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
-
- testUserId = "testUser" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testUserId));
- postParams.add(new NameValuePair("marker", testUserId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- postParams.add(new NameValuePair("displayName", "My Test
User"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org";));
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the user profile json to verify the settings
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".json";
- String json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals(testUserId, jsonObj.getString("marker"));
- assertEquals("My Test User", jsonObj.getString("displayName"));
- assertEquals("http://www.apache.org";, jsonObj.getString("url"));
- assertFalse(jsonObj.containsKey(":name"));
- assertFalse(jsonObj.containsKey("pwd"));
- assertFalse(jsonObj.containsKey("pwdConfirm"));
- }
-
- /**
- * Test for SLING-1642 to verify that user self-registration by the
anonymous
- * user is not allowed by default.
- */
- @Test
- public void testAnonymousSelfRegistrationDisabled() throws IOException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
-
- String userId = "testUser" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", userId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- //user create without logging in as a privileged user should
return a 500 error
- H.getHttpClient().getState().clearCredentials();
- H.assertPostStatus(postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
-
- /**
- * Test for SLING-1677
- */
- @Test
- public void testCreateUserResponseAsJSON() throws IOException,
JsonException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.json";
-
- testUserId = "testUser" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":name", testUserId));
- postParams.add(new NameValuePair("marker", testUserId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String json = H.getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);
-
- //make sure the json response can be parsed as a JSON object
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertNotNull(jsonObj);
- }
-
- /**
- * Test for SLING-7831
- */
- @Test
- public void testCreateUserCustomPostResponse() throws IOException,
JsonException {
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user.create.html";
-
- testUserId = "testUser" + random.nextInt();
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":responseType", "custom"));
- postParams.add(new NameValuePair(":name", testUserId));
- postParams.add(new NameValuePair("pwd", "testPwd"));
- postParams.add(new NameValuePair("pwdConfirm", "testPwd"));
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String content = H.getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_HTML, postParams, HttpServletResponse.SC_OK);
- assertEquals("Thanks!", content); //verify that the content
matches the custom response
- }
-}
diff --git
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/RemoveAuthorizablesTest.java
b/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/RemoveAuthorizablesTest.java
deleted file mode 100644
index 4524bda..0000000
---
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/RemoveAuthorizablesTest.java
+++ /dev/null
@@ -1,266 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.launchpad.webapp.integrationtest.userManager;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.json.JsonException;
-import javax.json.JsonObject;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.NameValuePair;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.sling.commons.testing.integration.HttpTest;
-import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
-
-/**
- * Tests for the 'removeAuthorizable' Sling Post Operation
- */
-public class RemoveAuthorizablesTest extends UserManagerTestUtil {
- private String testUserId2;
-
-
- /* (non-Javadoc)
- * @see org.apache.sling.commons.testing.integration.HttpTest#tearDown()
- */
- @Override
- public void tearDown() throws Exception {
- if (testUserId2 != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId2 + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- super.tearDown();
- }
-
- public void testRemoveUser() throws IOException {
- String userId = createTestUser();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/user/" + userId +
".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request
returns some data
- }
-
- public void testNotAuthorizedRemoveUser() throws IOException {
- //a user who is not authorized to do the action
- testUserId2 = createTestUser();
-
- String userId = createTestUser();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- Credentials creds2 = new UsernamePasswordCredentials(testUserId2,
"testPwd");
- String postUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedPostStatus(creds2, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/user/" + userId +
".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- }
-
- public void testAuthorizedRemoveUser() throws IOException {
- //a user who is authorized to do the action
- testUserId2 = createTestUser();
- grantUserManagementRights(testUserId2);
-
- String userId = createTestUser();
-
- Credentials creds = new UsernamePasswordCredentials(testUserId2,
"testPwd");
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/user/" + userId +
".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request
returns some data
- }
-
- /**
- * Test for SLING-7831
- */
- public void testRemoveUserCustomPostResponse() throws IOException {
- String userId = createTestUser();
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":responseType", "custom"));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String content = getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_HTML, postParams, HttpServletResponse.SC_OK);
- assertEquals("Thanks!", content); //verify that the content
matches the custom response
- }
-
- public void testRemoveGroup() throws IOException {
- String groupId = createTestGroup();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId
+ ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request
returns some data
- }
-
- public void testNotAuthorizedRemoveGroup() throws IOException {
- //a user who is not authorized to do the action
- testUserId2 = createTestUser();
-
- String groupId = createTestGroup();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- Credentials creds2 = new UsernamePasswordCredentials(testUserId2,
"testPwd");
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedPostStatus(creds2, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId
+ ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- }
-
- public void testAuthorizedRemoveGroup() throws IOException {
- //a user who is authorized to do the action
- testUserId2 = createTestUser();
- grantUserManagementRights(testUserId2);
-
- String groupId = createTestGroup();
-
- Credentials creds = new UsernamePasswordCredentials(testUserId2,
"testPwd");
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId
+ ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request
returns some data
- }
-
- /**
- * Test for SLING-7831
- */
- public void testRemoveGroupCustomPostResponse() throws IOException {
- String groupId = createTestGroup();
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":responseType", "custom"));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String content = getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_HTML, postParams, HttpServletResponse.SC_OK);
- assertEquals("Thanks!", content); //verify that the content
matches the custom response
- }
-
- public void testRemoveAuthorizables() throws IOException {
- String userId = createTestUser();
- String groupId = createTestGroup();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/user/" +
userId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId
+ ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- String postUrl = HTTP_BASE_URL +
"/system/userManager.delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":applyTo", "group/" +
groupId));
- postParams.add(new NameValuePair(":applyTo", "user/" + userId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/user/" + userId +
".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request
returns some data
-
- getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId
+ ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request
returns some data
- }
-
- /**
- * Test the problem reported as SLING-1237
- */
- public void testRemoveGroupWithMembers() throws IOException {
- String groupId = createTestGroup();
- String userId = createTestUser();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
- String addMemberPostUrl = HTTP_BASE_URL + "/system/userManager/group/"
+ groupId + ".update.html";
- List<NameValuePair> addMemberPostParams = new
ArrayList<NameValuePair>();
- addMemberPostParams.add(new NameValuePair(":member", userId));
- assertAuthenticatedPostStatus(creds, addMemberPostUrl,
HttpServletResponse.SC_OK, addMemberPostParams, null);
-
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
groupId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- getUrl = HTTP_BASE_URL + "/system/userManager/group/" + groupId
+ ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request
returns some data
- }
-
-
- /**
- * Test for SLING-1677
- */
- public void testRemoveAuthorizablesResponseAsJSON() throws IOException,
JsonException {
- String userId = createTestUser();
- String groupId = createTestGroup();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
-
- String postUrl = HTTP_BASE_URL +
"/system/userManager.delete.json";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":applyTo", "group/" +
groupId));
- postParams.add(new NameValuePair(":applyTo", "user/" + userId));
- String json = getAuthenticatedPostContent(creds, postUrl,
CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);
-
- //make sure the json response can be parsed as a JSON object
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertNotNull(jsonObj);
- }
-}
diff --git
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UpdateGroupTest.java
b/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UpdateGroupTest.java
deleted file mode 100644
index 72a01c3..0000000
---
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UpdateGroupTest.java
+++ /dev/null
@@ -1,322 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.launchpad.webapp.integrationtest.userManager;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.json.JsonArray;
-import javax.json.JsonException;
-import javax.json.JsonObject;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.NameValuePair;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.sling.commons.testing.integration.HttpTest;
-import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
-
-/**
- * Tests for the 'updateAuthorizable' Sling Post Operation on
- * a group resource.
- */
-public class UpdateGroupTest extends UserManagerTestUtil {
-
- String testGroupId = null;
-
- String testUserId = null;
- String testUserId2 = null;
-
- @Override
- public void tearDown() throws Exception {
- if (testUserId != null) {
- //remove the test user if it exists.
- String postUrl = HTTP_BASE_URL + "/system/userManager/user/" +
testUserId + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testUserId2 != null) {
- //remove the test user if it exists.
- String postUrl = HTTP_BASE_URL + "/system/userManager/user/" +
testUserId2 + ".delete.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- if (testGroupId != null) {
- //remove the test group if it exists.
- String postUrl = HTTP_BASE_URL +
"/system/userManager/group/" + testGroupId + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- super.tearDown();
- }
-
- public void testUpdateGroup() throws IOException, JsonException {
- testGroupId = createTestGroup();
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test Group"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the user profile json to verify the settings
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- String json = getAuthenticatedContent(creds, getUrl,
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals("My Updated Test Group",
jsonObj.getString("displayName"));
- assertEquals("http://www.apache.org/updated";,
jsonObj.getString("url"));
- }
-
- public void testNotAuthorizedUpdateGroup() throws IOException,
JsonException {
- //a user who is not authorized to do the action
- testUserId2 = createTestUser();
-
- testGroupId = createTestGroup();
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test Group"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
-
- Credentials creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- public void testAuthorizedUpdateGroup() throws IOException,
JsonException {
- //a user who is authorized to do the action
- testUserId2 = createTestUser();
- grantUserManagementRights(testUserId2);
-
- testGroupId = createTestGroup();
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test Group"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
-
- Credentials creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the user profile json to verify the settings
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- String json = getAuthenticatedContent(creds, getUrl,
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals("My Updated Test Group",
jsonObj.getString("displayName"));
- assertEquals("http://www.apache.org/updated";,
jsonObj.getString("url"));
- }
-
- /**
- * Test for SLING-7831
- */
- public void testUpdateGroupCustomPostResponse() throws IOException,
JsonException {
- testGroupId = createTestGroup();
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":responseType", "custom"));
- postParams.add(new NameValuePair("displayName", "My Updated
Test Group"));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String content = getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_HTML, postParams, HttpServletResponse.SC_OK);
- assertEquals("Thanks!", content); //verify that the content
matches the custom response
- }
-
- public void testUpdateGroupMembers() throws IOException, JsonException {
- testGroupId = createTestGroup();
- testUserId = createTestUser();
-
- Credentials creds = new UsernamePasswordCredentials("admin", "admin");
-
- // verify that the members array exists, but is empty
- JsonArray members = getTestGroupMembers(creds);
- assertEquals(0, members.size());
-
- JsonArray memberships = getTestUserMemberships(creds);
- assertEquals(0, memberships.size());
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- // add a group member
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":member", testUserId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- members = getTestGroupMembers(creds);
- assertEquals(1, members.size());
- assertEquals("/system/userManager/user/" + testUserId,
members.getString(0));
-
- memberships = getTestUserMemberships(creds);
- assertEquals(1, memberships.size());
- assertEquals("/system/userManager/group/" + testGroupId,
memberships.getString(0));
-
- // delete a group member
- postParams.clear();
- postParams.add(new NameValuePair(":member@Delete", testUserId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- members = getTestGroupMembers(creds);
- assertEquals(0, members.size());
-
- memberships = getTestUserMemberships(creds);
- assertEquals(0, memberships.size());
-
- }
-
- public void testNotAuthorizedUpdateGroupMembers() throws IOException,
JsonException {
- //a user who is authorized to do the action
- testUserId2 = createTestUser();
- grantUserManagementRights(testUserId2);
-
- testGroupId = createTestGroup();
- testUserId = createTestUser();
-
- Credentials creds = new UsernamePasswordCredentials(testUserId2,
"testPwd");
-
- // verify that the members array exists, but is empty
- JsonArray members = getTestGroupMembers(creds);
- assertEquals(0, members.size());
-
- JsonArray memberships = getTestUserMemberships(creds);
- assertEquals(0, memberships.size());
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- // add a group member
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":member", testUserId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- members = getTestGroupMembers(creds);
- assertEquals(1, members.size());
- assertEquals("/system/userManager/user/" + testUserId,
members.getString(0));
-
- memberships = getTestUserMemberships(creds);
- assertEquals(1, memberships.size());
- assertEquals("/system/userManager/group/" + testGroupId,
memberships.getString(0));
-
- // delete a group member
- postParams.clear();
- postParams.add(new NameValuePair(":member@Delete", testUserId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- members = getTestGroupMembers(creds);
- assertEquals(0, members.size());
-
- memberships = getTestUserMemberships(creds);
- assertEquals(0, memberships.size());
-
- }
-
- public void testAuthorizedUpdateGroupMembers() throws IOException,
JsonException {
- //a user who is authorized to do the action
- testUserId2 = createTestUser();
- grantUserManagementRights(testUserId2);
-
- testGroupId = createTestGroup();
- testUserId = createTestUser();
-
- Credentials creds = new UsernamePasswordCredentials(testUserId2,
"testPwd");
-
- // verify that the members array exists, but is empty
- JsonArray members = getTestGroupMembers(creds);
- assertEquals(0, members.size());
-
- JsonArray memberships = getTestUserMemberships(creds);
- assertEquals(0, memberships.size());
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- // add a group member
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":member", testUserId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- members = getTestGroupMembers(creds);
- assertEquals(1, members.size());
- assertEquals("/system/userManager/user/" + testUserId,
members.getString(0));
-
- memberships = getTestUserMemberships(creds);
- assertEquals(1, memberships.size());
- assertEquals("/system/userManager/group/" + testGroupId,
memberships.getString(0));
-
- // delete a group member
- postParams.clear();
- postParams.add(new NameValuePair(":member@Delete", testUserId));
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- members = getTestGroupMembers(creds);
- assertEquals(0, members.size());
-
- memberships = getTestUserMemberships(creds);
- assertEquals(0, memberships.size());
-
- }
-
- JsonArray getTestUserMemberships(Credentials creds) throws IOException,
JsonException {
- String getUrl = HTTP_BASE_URL + "/system/userManager/user/" +
testUserId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- String json = getAuthenticatedContent(creds, getUrl,
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- JsonArray memberships = jsonObj.getJsonArray("memberOf");
- return memberships;
- }
-
- JsonArray getTestGroupMembers(Credentials creds) throws IOException,
JsonException {
- String getUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".json";
- assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- String json = getAuthenticatedContent(creds, getUrl,
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- JsonArray members = jsonObj.getJsonArray("members");
- return members;
- }
-
- /**
- * Test for SLING-1677
- */
- public void testUpdateGroupResponseAsJSON() throws IOException,
JsonException {
- testGroupId = createTestGroup();
-
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.json";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test Group"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- String json = getAuthenticatedPostContent(creds, postUrl,
CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);
-
- //make sure the json response can be parsed as a JSON object
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertNotNull(jsonObj);
- }
-}
-
diff --git
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UpdateUserTest.java
b/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UpdateUserTest.java
deleted file mode 100644
index a4422c7..0000000
---
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UpdateUserTest.java
+++ /dev/null
@@ -1,392 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.launchpad.webapp.integrationtest.userManager;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.json.JsonException;
-import javax.json.JsonObject;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.HttpMethod;
-import org.apache.commons.httpclient.NameValuePair;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.sling.commons.testing.integration.HttpTest;
-import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-/**
- * Tests for the 'updateAuthorizable' and 'changePassword' Sling Post
- * Operations on a user resource.
- */
-public class UpdateUserTest {
-
- String testUserId = null;
- String testUserId2 = null;
- private final UserManagerTestUtil H = new UserManagerTestUtil();
-
- @Before
- public void setup() throws Exception {
- H.setUp();
- }
-
- @After
- public void cleanup() throws Exception {
- if (testUserId != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testUserId2 != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId2 + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- H.tearDown();
- }
-
- @Test
- public void testUpdateUser() throws IOException, JsonException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test User"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
- // add nested param (SLING-6747)
- postParams.add(new NameValuePair("nested/param", "value"));
- Credentials creds = new UsernamePasswordCredentials(testUserId,
"testPwd");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the user profile json to verify the settings
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".json";
- H.assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- String json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals("My Updated Test User",
jsonObj.getString("displayName"));
- assertEquals("http://www.apache.org/updated";,
jsonObj.getString("url"));
- // get path (SLING-6753)
- String path = jsonObj.getString("path");
- assertNotNull(path);
- // retrieve nested property via regular GET servlet
- getUrl = HttpTest.HTTP_BASE_URL + path + "/nested.json";
- json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
- assertEquals("value", jsonObj.getString("param"));
- }
-
- /**
- * SLING-7901 test to verify update user delete nested property
functionality
- */
- @Test
- public void testUpdateUserDeleteProperties() throws IOException,
JsonException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
- // add nested param (SLING-6747)
- postParams.add(new NameValuePair("nested/param", "value"));
- Credentials creds = new UsernamePasswordCredentials(testUserId,
"testPwd");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the user profile json to verify the settings
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".json";
- H.assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- String json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals("http://www.apache.org/updated";,
jsonObj.getString("url"));
- // get path (SLING-6753)
- String path = jsonObj.getString("path");
- assertNotNull(path);
- // retrieve nested property via regular GET servlet
- getUrl = HttpTest.HTTP_BASE_URL + path + "/nested.json";
- json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
- assertEquals("value", jsonObj.getString("param"));
-
- //now remove
- postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("url@Delete", "true"));
- // remove nested param
- postParams.add(new NameValuePair("nested/param@Delete",
"true"));
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
-
- //and verify
- getUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/" +
testUserId + ".json";
- H.assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
- assertFalse(jsonObj.containsKey("url"));
- // get path (SLING-6753)
- path = jsonObj.getString("path");
- assertNotNull(path);
- // retrieve nested property via regular GET servlet
- getUrl = HttpTest.HTTP_BASE_URL + path + "/nested.json";
- json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
- assertFalse("Nested property should not exist",
jsonObj.containsKey("param"));
- }
-
- @Test
- public void testNotAuthorizedUpdateUser() throws IOException,
JsonException {
- //a user who is not authorized to do the action
- testUserId2 = H.createTestUser();
-
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test User"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
- // add nested param (SLING-6747)
- postParams.add(new NameValuePair("nested/param", "value"));
- Credentials creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
-
- //fetch the user profile json to verify the settings
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".json";
- H.assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_NOT_FOUND, null); //make sure the profile request is not
there
- }
-
- @Test
- public void testAuthorizedUpdateUser() throws IOException,
JsonException {
- //a user who is authorized to do the action
- testUserId2 = H.createTestUser();
- H.grantUserManagementRights(testUserId2);
-
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test User"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
- // add nested param (SLING-6747)
- postParams.add(new NameValuePair("nested/param", "value"));
- Credentials creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //fetch the user profile json to verify the settings
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".json";
- H.assertAuthenticatedHttpStatus(creds, getUrl,
HttpServletResponse.SC_OK, null); //make sure the profile request returns some
data
- String json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertEquals("My Updated Test User",
jsonObj.getString("displayName"));
- assertEquals("http://www.apache.org/updated";,
jsonObj.getString("url"));
- // get path (SLING-6753)
- String path = jsonObj.getString("path");
- assertNotNull(path);
- // retrieve nested property via regular GET servlet
- getUrl = HttpTest.HTTP_BASE_URL + path + "/nested.json";
- json = H.getAuthenticatedContent(creds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
- assertEquals("value", jsonObj.getString("param"));
- }
-
- /**
- * Test for SLING-7831
- */
- @Test
- public void testUpdateUserCustomPostResponse() throws IOException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":responseType", "custom"));
- postParams.add(new NameValuePair("displayName", "My Updated
Test User"));
-
- Credentials creds = new UsernamePasswordCredentials(testUserId,
"testPwd");
- String content = H.getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_HTML, postParams, HttpServletResponse.SC_OK);
- assertEquals("Thanks!", content); //verify that the content
matches the custom response
- }
-
- @Test
- public void testChangeUserPassword() throws IOException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".changePassword.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("oldPwd", "testPwd"));
- postParams.add(new NameValuePair("newPwd", "testNewPwd"));
- postParams.add(new NameValuePair("newPwdConfirm",
"testNewPwd"));
-
- Credentials creds = new UsernamePasswordCredentials(testUserId,
"testPwd");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- /**
- * Test for SLING-7831
- */
- @Test
- public void testChangeUserPasswordCustomPostResponse() throws
IOException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".changePassword.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":responseType", "custom"));
- postParams.add(new NameValuePair("oldPwd", "testPwd"));
- postParams.add(new NameValuePair("newPwd", "testNewPwd"));
- postParams.add(new NameValuePair("newPwdConfirm",
"testNewPwd"));
-
- Credentials creds = new UsernamePasswordCredentials(testUserId,
"testPwd");
- String content = H.getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_HTML, postParams, HttpServletResponse.SC_OK);
- assertEquals("Thanks!", content); //verify that the content
matches the custom response
- }
-
- @Test
- public void testChangeUserPasswordWrongOldPwd() throws IOException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".changePassword.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("oldPwd", "wrongTestPwd"));
- postParams.add(new NameValuePair("newPwd", "testNewPwd"));
- postParams.add(new NameValuePair("newPwdConfirm",
"testNewPwd"));
-
- //Credentials creds = new
UsernamePasswordCredentials(testUserId, "testPwd");
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- @Test
- public void testChangeUserPasswordWrongConfirmPwd() throws IOException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".changePassword.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("oldPwd", "testPwd"));
- postParams.add(new NameValuePair("newPwd", "testNewPwd"));
- postParams.add(new NameValuePair("newPwdConfirm",
"wrongTestNewPwd"));
-
- //Credentials creds = new
UsernamePasswordCredentials(testUserId, "testPwd");
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_INTERNAL_SERVER_ERROR, postParams, null);
- }
-
- /**
- * Test for SLING-1677
- */
- @Test
- public void testUpdateUserResponseAsJSON() throws IOException,
JsonException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".update.json";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("displayName", "My Updated
Test User"));
- postParams.add(new NameValuePair("url",
"http://www.apache.org/updated";));
- Credentials creds = new UsernamePasswordCredentials(testUserId,
"testPwd");
- String json = H.getAuthenticatedPostContent(creds, postUrl,
HttpTest.CONTENT_TYPE_JSON, postParams, HttpServletResponse.SC_OK);
-
- //make sure the json response can be parsed as a JSON object
- JsonObject jsonObj = JsonUtil.parseObject(json);
- assertNotNull(jsonObj);
- }
-
-
- /**
- * Test for SLING-2069
- * @throws IOException
- */
- @Test
- public void testChangeUserPasswordAsAdministratorWithoutOldPwd() throws
IOException {
- testUserId = H.createTestUser();
-
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".changePassword.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("newPwd", "testNewPwd"));
- postParams.add(new NameValuePair("newPwdConfirm",
"testNewPwd"));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- /**
- * Test for SLING-2072
- * @throws IOException
- */
- @Test
- public void testDisableUser() throws IOException {
- testUserId = H.createTestUser();
-
- //login before the user is disabled, so login should work
- List<NameValuePair> params = new ArrayList<NameValuePair>();
- params.add(new NameValuePair("j_username", testUserId));
- params.add(new NameValuePair("j_password", "testPwd"));
- params.add(new NameValuePair("j_validate", "true"));
- HttpMethod post = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params, null);
- assertNull(post.getResponseHeader("X-Reason"));
- H.getHttpClient().getState().clearCredentials();
- H.getHttpClient().getState().clearCookies();
-
- //update the user to disable it
- String postUrl = HttpTest.HTTP_BASE_URL + "/system/userManager/user/"
+ testUserId + ".update.html";
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":disabled", "true"));
- postParams.add(new NameValuePair(":disabledReason", "Just
Testing"));
- H.assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //the user is now disabled, so login should fail
- post = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_FORBIDDEN, params, null);
- assertNotNull(post.getResponseHeader("X-Reason"));
- H.getHttpClient().getState().clearCredentials();
- H.getHttpClient().getState().clearCookies();
-
- //enable the user again
- postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":disabled", "false"));
- H.assertAuthenticatedAdminPostStatus(postUrl,
HttpServletResponse.SC_OK, postParams, null);
-
- //login after the user is enabled, so login should work
- post = H.assertPostStatus(HttpTest.HTTP_BASE_URL +
"/j_security_check", HttpServletResponse.SC_OK, params, null);
- assertNull(post.getResponseHeader("X-Reason"));
- H.getHttpClient().getState().clearCredentials();
- H.getHttpClient().getState().clearCookies();
- }
-}
diff --git
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UserManagerTestUtil.java
b/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UserManagerTestUtil.java
deleted file mode 100644
index 796f423..0000000
---
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UserManagerTestUtil.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.launchpad.webapp.integrationtest.userManager;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.NameValuePair;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.sling.commons.testing.integration.HttpTest;
-import org.apache.sling.launchpad.webapp.integrationtest.AuthenticatedTestUtil;
-
-/**
- * Base class for UserManager tests. - it's called "Util" now
- * as we're moving tests to JUnit4-style which won't extend
- * this anymore - but right now some still do.
- */
-public class UserManagerTestUtil extends AuthenticatedTestUtil {
-
- /**
- * Helper to assist adding a user to a group
- * @param testUserId the user
- * @param testGroupId the group
- */
- public void addUserToGroup(String testUserId, String testGroupId)
throws IOException {
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":member", testUserId));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- final String info = "Adding user " + testUserId + " to group
via " + postUrl;
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, info);
- }
-
- /**
- * Helper to assist removing a user from a group
- * @param testUserId the user
- * @param testGroupId the group
- */
- public void removeUserFromGroup(String testUserId, String testGroupId)
throws IOException {
- String postUrl = HTTP_BASE_URL + "/system/userManager/group/" +
testGroupId + ".update.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair(":member@Delete", testUserId));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- final String info = "Removing user " + testUserId + " from group via "
+ postUrl;
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, info);
- }
-
- /**
- * Add test user to the 'UserAdmin' group
- * @param testUserId the user
- */
- public void addUserToUserAdminGroup(String testUserId) throws
IOException {
- addUserToGroup(testUserId, "UserAdmin");
- }
-
- /**
- * Add test user to the 'GroupAdmin' group
- * @param testUserId the user
- */
- public void addUserToGroupAdminGroup(String testUserId) throws
IOException {
- addUserToGroup(testUserId, "GroupAdmin");
- }
-
- /**
- * Grant the minimum privilges neede for oak User Management
- *
- * @param principalId the principal
- */
- public void grantUserManagementRights(String principalId) throws
IOException {
- String postUrl = HttpTest.HTTP_BASE_URL + "/home.modifyAce.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("principalId", principalId));
- postParams.add(new NameValuePair("privilege@jcr:read",
"granted"));
- postParams.add(new NameValuePair("privilege@rep:write",
"granted"));
- postParams.add(new
NameValuePair("privilege@jcr:readAccessControl", "granted"));
- postParams.add(new
NameValuePair("privilege@jcr:modifyAccessControl", "granted"));
- postParams.add(new
NameValuePair("privilege@rep:userManagement", "granted"));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- final String info = "Granting principal " + principalId + " user
management rights via " + postUrl;
- assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, info);
- }
-
-}
diff --git
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UserPrivilegesInfoTest.java
b/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UserPrivilegesInfoTest.java
deleted file mode 100644
index a484765..0000000
---
a/src/main/java/org/apache/sling/launchpad/webapp/integrationtest/userManager/UserPrivilegesInfoTest.java
+++ /dev/null
@@ -1,444 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sling.launchpad.webapp.integrationtest.userManager;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertNotNull;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import javax.json.JsonException;
-import javax.json.JsonObject;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.httpclient.Credentials;
-import org.apache.commons.httpclient.NameValuePair;
-import org.apache.commons.httpclient.UsernamePasswordCredentials;
-import org.apache.sling.commons.testing.integration.HttpTest;
-import org.apache.sling.launchpad.webapp.integrationtest.util.JsonUtil;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-public class UserPrivilegesInfoTest {
-
- String testUserId = null;
- String testUserId2 = null;
- String testUserId3 = null;
- String testGroupId = null;
- Set<String> toDelete = new HashSet<String>();
-
- private final UserManagerTestUtil H = new UserManagerTestUtil();
-
- @Before
- public void setup() throws Exception {
- H.setUp();
-
- // Script for server-side PrivilegeInfo calculations
- String scriptPath = "/apps/sling/servlet/default";
- H.getTestClient().mkdirs(HttpTest.WEBDAV_BASE_URL, scriptPath);
- toDelete.add(H.uploadTestScript(scriptPath,
- "usermanager/privileges-info.json.esp",
- "privileges-info.json.esp"));
- }
-
- @After
- public void cleanup() throws Exception {
- H.tearDown();
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
-
- if (testGroupId != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/group/" + testGroupId + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testUserId != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testUserId2 != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId2 + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
- if (testUserId3 != null) {
- //remove the test user if it exists.
- String postUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId3 + ".delete.html";
- List<NameValuePair> postParams = new
ArrayList<NameValuePair>();
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- for(String script : toDelete) {
- H.getTestClient().delete(script);
- }
- }
-
- private void grantUserManagerRights(String principalId) throws
IOException {
- String postUrl = HttpTest.HTTP_BASE_URL + "/home.modifyAce.html";
-
- List<NameValuePair> postParams = new ArrayList<NameValuePair>();
- postParams.add(new NameValuePair("principalId", principalId));
- postParams.add(new NameValuePair("privilege@jcr:read",
"granted"));
- postParams.add(new NameValuePair("privilege@rep:write",
"granted"));
- postParams.add(new
NameValuePair("privilege@jcr:readAccessControl", "granted"));
- postParams.add(new
NameValuePair("privilege@jcr:modifyAccessControl", "granted"));
- postParams.add(new
NameValuePair("privilege@rep:userManagement", "granted"));
-
- Credentials creds = new UsernamePasswordCredentials("admin",
"admin");
- H.assertAuthenticatedPostStatus(creds, postUrl,
HttpServletResponse.SC_OK, postParams, null);
- }
-
- /**
- * Checks whether the current user has been granted privileges
- * to add a new user.
- */
- @Test
- public void testCanAddUser() throws JsonException, IOException {
- testUserId = H.createTestUser();
-
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".privileges-info.json";
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
-
- String json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(false, jsonObj.getBoolean("canAddUser"));
-
- //try admin user
- testUserCreds = new UsernamePasswordCredentials("admin",
"admin");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canAddUser"));
-
- //try non-admin with sufficient privileges
- testUserId3 = H.createTestUser();
- grantUserManagerRights(testUserId3);
-
- testUserCreds = new UsernamePasswordCredentials(testUserId3,
"testPwd");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canAddUser"));
- }
-
- /**
- * Checks whether the current user has been granted privileges
- * to add a new group.
- */
- @Test
- public void testCanAddGroup() throws IOException, JsonException {
- testUserId = H.createTestUser();
-
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".privileges-info.json";
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
-
- String json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(false, jsonObj.getBoolean("canAddGroup"));
-
- //try admin user
- testUserCreds = new UsernamePasswordCredentials("admin",
"admin");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canAddGroup"));
-
- //try non-admin with sufficient privileges
- testUserId3 = H.createTestUser();
- grantUserManagerRights(testUserId3);
-
- testUserCreds = new UsernamePasswordCredentials(testUserId3,
"testPwd");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canAddGroup"));
- }
-
- /**
- * Checks whether the current user has been granted privileges
- * to update the properties of the specified user.
- */
- @Test
- public void testCanUpdateUserProperties() throws IOException,
JsonException {
- testUserId = H.createTestUser();
-
- //1. verify user can update thier own properties
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".privileges-info.json";
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
-
- String json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
-
- //user can update their own properties
- assertEquals(true, jsonObj.getBoolean("canUpdateProperties"));
-
-
- //2. now try another user
- testUserId2 = H.createTestUser();
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUser2Creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
-
- String json2 = H.getAuthenticatedContent(testUser2Creds,
getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json2);
- JsonObject jsonObj2 = JsonUtil.parseObject(json2);
-
- //user can not update other users properties
- assertEquals(false, jsonObj2.getBoolean("canUpdateProperties"));
-
-
- //try admin user
- testUserCreds = new UsernamePasswordCredentials("admin",
"admin");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canUpdateProperties"));
-
- //try non-admin with sufficient privileges
- testUserId3 = H.createTestUser();
- grantUserManagerRights(testUserId3);
-
- testUserCreds = new UsernamePasswordCredentials(testUserId3,
"testPwd");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canUpdateProperties"));
- }
-
- /**
- * Checks whether the current user has been granted privileges
- * to update the properties of the specified group.
- */
- @Test
- public void testCanUpdateGroupProperties() throws IOException,
JsonException {
- testGroupId = H.createTestGroup();
- testUserId = H.createTestUser();
-
- //1. Verify non admin user can not update group properties
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/group/" + testGroupId + ".privileges-info.json";
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
-
- String json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
-
- //normal user can not update group properties
- assertEquals(false, jsonObj.getBoolean("canUpdateProperties"));
-
-
- //try admin user
- testUserCreds = new UsernamePasswordCredentials("admin",
"admin");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canUpdateProperties"));
-
- //try non-admin with sufficient privileges
- testUserId3 = H.createTestUser();
- grantUserManagerRights(testUserId3);
-
- testUserCreds = new UsernamePasswordCredentials(testUserId3,
"testPwd");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canUpdateProperties"));
- }
-
- /**
- * Checks whether the current user has been granted privileges
- * to remove the specified user.
- */
- @Test
- public void testCanRemoveUser() throws IOException, JsonException {
- testUserId = H.createTestUser();
-
- //1. verify user can remove themselves as they have jcr:all
permissions by default in the starter
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/user/" + testUserId + ".privileges-info.json";
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
-
- String json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
-
- //user can remove themself
- assertEquals(true, jsonObj.getBoolean("canRemove"));
-
-
- //2. now try another user
- testUserId2 = H.createTestUser();
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUser2Creds = new
UsernamePasswordCredentials(testUserId2, "testPwd");
-
- String json2 = H.getAuthenticatedContent(testUser2Creds,
getUrl, HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json2);
- JsonObject jsonObj2 = JsonUtil.parseObject(json2);
-
- //user can not delete other users
- assertEquals(false, jsonObj2.getBoolean("canRemove"));
-
-
- //try admin user
- testUserCreds = new UsernamePasswordCredentials("admin",
"admin");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canRemove"));
-
- //try non-admin with sufficient privileges
- testUserId3 = H.createTestUser();
- grantUserManagerRights(testUserId3);
-
- testUserCreds = new UsernamePasswordCredentials(testUserId3,
"testPwd");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canRemove"));
- }
-
- /**
- * Checks whether the current user has been granted privileges
- * to remove the specified group.
- */
- @Test
- public void testCanRemoveGroup() throws IOException, JsonException {
- testGroupId = H.createTestGroup();
- testUserId = H.createTestUser();
-
- //1. Verify non admin user can not remove group
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/group/" + testGroupId + ".privileges-info.json";
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
-
- String json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
-
- //normal user can not remove group
- assertEquals(false, jsonObj.getBoolean("canRemove"));
-
- //try admin user
- testUserCreds = new UsernamePasswordCredentials("admin",
"admin");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canRemove"));
-
- //try non-admin with sufficient privileges
- testUserId3 = H.createTestUser();
- grantUserManagerRights(testUserId3);
-
- testUserCreds = new UsernamePasswordCredentials(testUserId3,
"testPwd");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canRemove"));
- }
-
- /**
- * Checks whether the current user has been granted privileges
- * to update the membership of the specified group.
- */
- @Test
- public void testCanUpdateGroupMembers() throws IOException,
JsonException {
- testGroupId = H.createTestGroup();
- testUserId = H.createTestUser();
-
- //1. Verify non admin user can not update group membership
- String getUrl = HttpTest.HTTP_BASE_URL +
"/system/userManager/group/" + testGroupId + ".privileges-info.json";
-
- //fetch the JSON for the test page to verify the settings.
- Credentials testUserCreds = new
UsernamePasswordCredentials(testUserId, "testPwd");
-
- String json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- JsonObject jsonObj = JsonUtil.parseObject(json);
-
- //normal user can not remove group
- assertEquals(false,
jsonObj.getBoolean("canUpdateGroupMembers"));
-
- //try admin user
- testUserCreds = new UsernamePasswordCredentials("admin",
"admin");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canUpdateGroupMembers"));
-
- //try non-admin with sufficient privileges
- testUserId3 = H.createTestUser();
- grantUserManagerRights(testUserId3);
-
- testUserCreds = new UsernamePasswordCredentials(testUserId3,
"testPwd");
-
- json = H.getAuthenticatedContent(testUserCreds, getUrl,
HttpTest.CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
- assertNotNull(json);
- jsonObj = JsonUtil.parseObject(json);
-
- assertEquals(true, jsonObj.getBoolean("canUpdateGroupMembers"));
- }
-}
diff --git
a/src/main/resources/integration-test/usermanager/privileges-info.json.esp
b/src/main/resources/integration-test/usermanager/privileges-info.json.esp
deleted file mode 100644
index 08bda9c..0000000
--- a/src/main/resources/integration-test/usermanager/privileges-info.json.esp
+++ /dev/null
@@ -1,31 +0,0 @@
-<%
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-var privilegesInfo =
sling.getService(Packages.org.apache.sling.jackrabbit.usermanager.AuthorizablePrivilegesInfo);
-var authorizable =
resource.adaptTo(Packages.org.apache.jackrabbit.api.security.user.Authorizable);
-var userID = authorizable ? authorizable.getID() : null;
-%>
-{
- "canAddUser" : <%=privilegesInfo.canAddUser(currentSession)%>,
- "canAddGroup" : <%=privilegesInfo.canAddGroup(currentSession)%>,
- "canUpdateProperties" :
<%=privilegesInfo.canUpdateProperties(currentSession, userID)%>,
- "canRemove" : <%=privilegesInfo.canRemove(currentSession, userID)%>,
- "canUpdateGroupMembers" :
<%=privilegesInfo.canUpdateGroupMembers(currentSession, userID)%>
-}
