Code development platform for open source projects from the European Union institutions :large_blue_circle: EU Login authentication by SMS will be completely phased out by mid-2025. To see alternatives please check here

Skip to content
Snippets Groups Projects
Commit da4b1d82 authored by Joze RIHTARSIC's avatar Joze RIHTARSIC
Browse files

add unit tests

parent 712a2f89
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/AuthenticationResourceTest.java
+ 6
1
View file @ da4b1d82
package eu.europa.ec.edelivery.smp.ui;
import com.fasterxml.jackson.databind.ObjectMapper;
import eu.europa.ec.edelivery.smp.config.PropertiesTestConfig;
import eu.europa.ec.edelivery.smp.config.SmpAppConfig;
import eu.europa.ec.edelivery.smp.config.SmpWebAppConfig;
import eu.europa.ec.edelivery.smp.config.SpringSecurityConfig;
import eu.europa.ec.edelivery.smp.data.ui.UserRO;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
......@@ -16,6 +18,7 @@ import org.springframework.test.context.jdbc.SqlConfig;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.request.RequestPostProcessor;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.ContextLoaderListener;
......@@ -24,10 +27,11 @@ import org.springframework.web.context.WebApplicationContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.MediaType;
import static org.junit.Assert.*;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
......@@ -82,6 +86,7 @@ public class AuthenticationResourceTest {
assertNotNull(session);
}
@Test
public void authenticateInvalidPasswordTest() throws Exception {
......
smp-webapp/src/test/java/eu/europa/ec/edelivery/smp/ui/UserResourceTest.java
+ 175
8
View file @ da4b1d82
......@@ -5,12 +5,10 @@ import eu.europa.ec.edelivery.smp.config.PropertiesTestConfig;
import eu.europa.ec.edelivery.smp.config.SmpAppConfig;
import eu.europa.ec.edelivery.smp.config.SmpWebAppConfig;
import eu.europa.ec.edelivery.smp.config.SpringSecurityConfig;
import eu.europa.ec.edelivery.smp.data.ui.CertificateRO;
import eu.europa.ec.edelivery.smp.data.ui.ServiceGroupRO;
import eu.europa.ec.edelivery.smp.data.ui.ServiceResult;
import eu.europa.ec.edelivery.smp.data.ui.UserRO;
import eu.europa.ec.edelivery.smp.data.ui.*;
import eu.europa.ec.edelivery.smp.testutils.X509CertificateTestUtils;
import org.apache.commons.io.IOUtils;
import org.hamcrest.CoreMatchers;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
......@@ -25,20 +23,26 @@ import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;
import org.springframework.test.web.servlet.request.RequestPostProcessor;
import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.ContextLoaderListener;
import org.springframework.web.context.WebApplicationContext;
import javax.servlet.ServletContextEvent;
import javax.servlet.ServletContextListener;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.MediaType;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.*;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
/**
......@@ -65,6 +69,7 @@ public class UserResourceTest {
private MockMvc mvc;
private static final RequestPostProcessor ADMIN_CREDENTIALS = httpBasic("smp_admin", "test123");
private static final RequestPostProcessor SYSTEM_CREDENTIALS = httpBasic("sys_admin", "test123");
private static final RequestPostProcessor SG_ADMIN_CREDENTIALS = httpBasic("sg_admin", "test123");
@Before
public void setup() {
mvc = MockMvcBuilders.webAppContextSetup(webAppContext)
......@@ -101,6 +106,121 @@ public class UserResourceTest {
});
}
@Test
public void testUpdateCurrentUserOK() throws Exception {
// given when - log as SMP admin
MvcResult result = mvc.perform(post("/ui/rest/security/authentication")
.header("Content-Type","application/json")
.content("{\"username\":\"smp_admin\",\"password\":\"test123\"}"))
.andExpect(status().isOk()).andReturn();
ObjectMapper mapper = new ObjectMapper();
UserRO userRO = mapper.readValue(result.getResponse().getContentAsString(), UserRO.class);
assertNotNull(userRO);
// when
userRO.setActive(!userRO.isActive());
userRO.setEmailAddress("test@mail.com");
userRO.setPassword(UUID.randomUUID().toString());
if (userRO.getCertificate()==null) {
userRO.setCertificate(new CertificateRO());
}
userRO.getCertificate().setCertificateId(UUID.randomUUID().toString());
mvc.perform(put(PATH+"/"+userRO.getId()).with(ADMIN_CREDENTIALS)
.contentType(MediaType.APPLICATION_JSON)
.content(mapper.writeValueAsString(userRO))
).andExpect(status().isOk()).andReturn();
}
@Test
public void testUpdateCurrentUserNotAuthenticatedUser() throws Exception {
// given when - log as SMP admin
// then change values and list uses for changed value
MvcResult result = mvc.perform(post("/ui/rest/security/authentication")
.header("Content-Type","application/json")
.content("{\"username\":\"smp_admin\",\"password\":\"test123\"}"))
.andExpect(status().isOk()).andReturn();
ObjectMapper mapper = new ObjectMapper();
UserRO userRO = mapper.readValue(result.getResponse().getContentAsString(), UserRO.class);
assertNotNull(userRO);
// when
userRO.setActive(!userRO.isActive());
userRO.setEmailAddress("test@mail.com");
userRO.setPassword(UUID.randomUUID().toString());
if (userRO.getCertificate()==null) {
userRO.setCertificate(new CertificateRO());
}
userRO.getCertificate().setCertificateId(UUID.randomUUID().toString());
mvc.perform(put(PATH+"/"+userRO.getId()).with(SYSTEM_CREDENTIALS)
.contentType(MediaType.APPLICATION_JSON)
.content(mapper.writeValueAsString(userRO))
).andExpect(status().isUnauthorized());
}
@Test
public void testUpdateUserList() throws Exception {
// given when
MvcResult result = mvc.perform(get(PATH).with(SYSTEM_CREDENTIALS)).
andExpect(status().isOk()).andReturn();
ObjectMapper mapper = new ObjectMapper();
ServiceResult res = mapper.readValue(result.getResponse().getContentAsString(), ServiceResult.class);
assertNotNull(res);
assertFalse(res.getServiceEntities().isEmpty());
UserRO userRO = mapper.convertValue(res.getServiceEntities().get(0), UserRO.class);
// then
userRO.setActive(!userRO.isActive());
userRO.setEmailAddress("test@mail.com");
userRO.setPassword(UUID.randomUUID().toString());
if (userRO.getCertificate()==null) {
userRO.setCertificate(new CertificateRO());
}
userRO.getCertificate().setCertificateId(UUID.randomUUID().toString());
mvc.perform(put(PATH)
.with(SYSTEM_CREDENTIALS).contentType(MediaType.APPLICATION_JSON)
.content(mapper.writeValueAsString(Arrays.asList(userRO)))
).andExpect(status().isOk());
}
@Test
public void testUpdateUserListWrongAuthentication() throws Exception {
// given when
MvcResult result = mvc.perform(get(PATH).with(SYSTEM_CREDENTIALS)).
andExpect(status().isOk()).andReturn();
ObjectMapper mapper = new ObjectMapper();
ServiceResult res = mapper.readValue(result.getResponse().getContentAsString(), ServiceResult.class);
assertNotNull(res);
assertFalse(res.getServiceEntities().isEmpty());
UserRO userRO = mapper.convertValue(res.getServiceEntities().get(0), UserRO.class);
// then
userRO.setActive(!userRO.isActive());
userRO.setEmailAddress("test@mail.com");
userRO.setPassword(UUID.randomUUID().toString());
if (userRO.getCertificate()==null) {
userRO.setCertificate(new CertificateRO());
}
userRO.getCertificate().setCertificateId(UUID.randomUUID().toString());
// anonymous
mvc.perform(put(PATH)
.contentType(MediaType.APPLICATION_JSON)
.content(mapper.writeValueAsString(Arrays.asList(userRO)))
).andExpect(status().isUnauthorized());
mvc.perform(put(PATH)
.with(ADMIN_CREDENTIALS).contentType(MediaType.APPLICATION_JSON)
.content(mapper.writeValueAsString(Arrays.asList(userRO)))
).andExpect(status().isUnauthorized());
mvc.perform(put(PATH)
.with(SG_ADMIN_CREDENTIALS).contentType(MediaType.APPLICATION_JSON)
.content(mapper.writeValueAsString(Arrays.asList(userRO)))
).andExpect(status().isUnauthorized());
}
@Test
public void uploadCertificateSystemAdmin() throws Exception {
byte[] buff = IOUtils.toByteArray(UserResourceTest.class.getResourceAsStream("/SMPtest.crt"));
......@@ -123,6 +243,19 @@ public class UserResourceTest {
assertEquals("sno=3&subject=1.2.840.113549.1.9.1%3D%23160c736d7040746573742e636f6d%2CCN%3DSMP+test%2CO%3DDIGIT%2CC%3DBE&validfrom=May+22+20%3A59%3A00+2018+GMT&validto=May+22+20%3A56%3A00+2019+GMT&issuer=CN%3DIntermediate+CA%2CO%3DDIGIT%2CC%3DBE", res.getBlueCoatHeader());
}
@Test
public void uploadInvalidCertificate() throws Exception {
byte[] buff = (new String("Not a certficate :) ")).getBytes();
// given when
mvc.perform(post(PATH+"/1098765430/certdata")
.with(SYSTEM_CREDENTIALS)
.content(buff))
.andExpect(status().is5xxServerError())
.andExpect(content().string(CoreMatchers.containsString(" The certificate is not valid")));
}
@Test
public void uploadCertificateIdWithEmailSerialNumberInSubjectCertIdTest() throws Exception {
String subject = "CN=common name,emailAddress=CEF-EDELIVERY-SUPPORT@ec.europa.eu,serialNumber=1,O=org,ST=My town,postalCode=2151, L=GreatTown,street=My Street. 20, C=BE";
......@@ -189,4 +322,38 @@ public class UserResourceTest {
}
@Test
public void testValidateDeleteUserOK() throws Exception {
MvcResult result = mvc.perform(post(PATH+"/validateDelete")
.with(SYSTEM_CREDENTIALS)
.contentType(org.springframework.http.MediaType.APPLICATION_JSON)
.content("[5]"))
.andExpect(status().isOk()).andReturn();
ObjectMapper mapper = new ObjectMapper();
DeleteEntityValidation res = mapper.readValue(result.getResponse().getContentAsString(), DeleteEntityValidation.class);
assertFalse(res.getListIds().isEmpty());
assertTrue(res.getListDeleteNotPermitedIds().isEmpty());
assertEquals(5, res.getListIds().get(0).intValue());
}
@Test
public void testValidateDeleteUserNotOK() throws Exception {
// note system credential has id 3!
MvcResult result = mvc.perform(post(PATH+"/validateDelete")
.with(SYSTEM_CREDENTIALS)
.contentType(org.springframework.http.MediaType.APPLICATION_JSON)
.content("[3]"))
.andExpect(status().isOk())
.andReturn();
ObjectMapper mapper = new ObjectMapper();
DeleteEntityValidation res = mapper.readValue(result.getResponse().getContentAsString(), DeleteEntityValidation.class);
assertTrue(res.getListIds().isEmpty());
assertEquals("Could not delete logged user!",res.getStringMessage());
}
}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

For further information about the platform and support, please see https://code.europa.eu/info/about