Repository: usergrid Updated Branches: refs/heads/hotfix-2.1.0 17de74208 -> 6ad720e18
Add additional test for validating admin user access. Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/6ad720e1 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/6ad720e1 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/6ad720e1 Branch: refs/heads/hotfix-2.1.0 Commit: 6ad720e182504fc0329553c3b10e3b4cc5e46252 Parents: 17de742 Author: Michael Russo <[email protected]> Authored: Mon Feb 22 18:27:35 2016 -0800 Committer: Michael Russo <[email protected]> Committed: Mon Feb 22 18:27:35 2016 -0800 ---------------------------------------------------------------------- .../usergrid/rest/management/AdminUsersIT.java | 35 ++++++++++++++++++++ 1 file changed, 35 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/6ad720e1/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java b/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java index 9793393..56d6584 100644 --- a/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java +++ b/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java @@ -411,6 +411,41 @@ public class AdminUsersIT extends AbstractRestIT { } + @Test + public void updateManagementUserWrongAdminToken() throws Exception { + + Organization newOrg = createOrgPayload( "updateManagementUserWrongAdminToken", null ); + Organization orgReturned = clientSetup.getRestClient().management().orgs().post( newOrg ); + assertNotNull( orgReturned.getOwner() ); + + // add a new management user to the org for the purpose of a 'wrong' user trying update others + Entity adminUserPayload = new Entity(); + String wrongAdminUsername = "wrongAdminUser"+UUIDUtils.newTimeUUID(); + adminUserPayload.put( "username", wrongAdminUsername ); + adminUserPayload.put( "name", wrongAdminUsername ); + adminUserPayload.put( "email", wrongAdminUsername+"@usergrid.com" ); + adminUserPayload.put( "password", wrongAdminUsername ); + management().orgs().org( clientSetup.getOrganizationName() ).users().post(User.class ,adminUserPayload ); + + + // get token of the newly added wrongAdminUser + Token wrongAdminToken = management.token().get(wrongAdminUsername, wrongAdminUsername); + assertNotNull(wrongAdminToken); + management.token().setToken( wrongAdminToken ); + + try{ + //Add a property to management user + Entity userProperty = new Entity( ).chainPut( "company","usergrid" ); + management().users().user( newOrg.getUsername() ).put( userProperty ); + + } catch( UniformInterfaceException e ){ + + int status = e.getResponse().getStatus(); + assertEquals(401, status); + } + + } +
