| /******************************************************************************* |
| * Copyright (c) 2011-2015 EclipseSource Muenchen GmbH and others. |
| * |
| * All rights reserved. This program and the accompanying materials |
| * are made available under the terms of the Eclipse Public License v1.0 |
| * which accompanies this distribution, and is available at |
| * http://www.eclipse.org/legal/epl-v10.html |
| * |
| * Contributors: |
| * Edgar Mueller - initial API and implementation |
| ******************************************************************************/ |
| package org.eclipse.emf.emfstore.server.accesscontrol.test; |
| |
| import static org.hamcrest.MatcherAssert.assertThat; |
| import static org.hamcrest.core.IsInstanceOf.instanceOf; |
| |
| import org.eclipse.core.runtime.NullProgressMonitor; |
| import org.eclipse.emf.emfstore.client.ESRemoteProject; |
| import org.eclipse.emf.emfstore.client.test.common.dsl.Roles; |
| import org.eclipse.emf.emfstore.client.test.common.util.ServerUtil; |
| import org.eclipse.emf.emfstore.internal.client.model.Usersession; |
| import org.eclipse.emf.emfstore.internal.client.model.impl.api.ESUsersessionImpl; |
| import org.eclipse.emf.emfstore.internal.server.core.Messages; |
| import org.eclipse.emf.emfstore.internal.server.model.ProjectId; |
| import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.ACOrgUnitId; |
| import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.roles.ProjectAdminRole; |
| import org.eclipse.emf.emfstore.internal.server.model.accesscontrol.roles.Role; |
| import org.eclipse.emf.emfstore.internal.server.model.impl.api.ESGlobalProjectIdImpl; |
| import org.eclipse.emf.emfstore.server.auth.ESProjectAdminPrivileges; |
| import org.eclipse.emf.emfstore.server.exceptions.ESException; |
| import org.junit.BeforeClass; |
| import org.junit.Rule; |
| import org.junit.Test; |
| import org.junit.rules.ExpectedException; |
| |
| /** |
| * Specification for testing the {@link org.eclipse.emf.emfstore.internal.server.AdminEmfStore#addInitialParticipant |
| * AdminEmfStore#addInitialParticipant} server call. |
| * |
| * @author emueller |
| * |
| */ |
| public class AddInitialParticipantTest extends ProjectAdminTest { |
| |
| // BEGIN COMPLEX CODE |
| // Checkstyle complains about public modifier.. |
| @Rule |
| public final ExpectedException expectedException = ExpectedException.none(); |
| |
| // END COMPLEX CODE |
| |
| @BeforeClass |
| public static void beforeClass() { |
| startEMFStoreWithPAProperties( |
| ESProjectAdminPrivileges.ShareProject, |
| ESProjectAdminPrivileges.AssignRoleToOrgUnit // needed for share |
| ); |
| } |
| |
| @Test(expected = ESException.class) |
| public void shouldThrowESExceptionWhenRequestingUserHasNoProjectAdminRole() throws ESException { |
| getLocalProject().shareProject(getSuperUsersession(), new NullProgressMonitor()); |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| getAdminBroker().addInitialParticipant(getProjectSpace().getProjectId(), |
| session.getACUser().getId(), |
| Roles.projectAdmin()); |
| } |
| |
| @Test |
| public void shouldThrowESExceptionWhenRequestingUserTriesToAssignAServerAdminRole() |
| throws ESException { |
| expectedException.expect(ESException.class); |
| expectedException.expectMessage(Messages.AdminEmfStoreImpl_Not_Allowed_To_Assign_ServerAdminRole); |
| |
| getLocalProject().shareProject(getSuperUsersession(), new NullProgressMonitor()); |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| final ACOrgUnitId userId = session.getACUser().getId(); |
| getSuperAdminBroker().changeRole( |
| getProjectSpace().getProjectId(), |
| userId, |
| Roles.projectAdmin()); |
| getAdminBroker().addInitialParticipant(getProjectSpace().getProjectId(), |
| userId, |
| Roles.serverAdmin()); |
| } |
| |
| @Test |
| public void shouldThrowESExceptionIfRequestingUserDidNotShareProjectBefore() |
| throws ESException { |
| expectedException.expect(ESException.class); |
| expectedException.expectMessage(Messages.AdminEmfStoreImpl_IllegalRequestToAddInitialRole); |
| |
| getLocalProject().shareProject(getSuperUsersession(), new NullProgressMonitor()); |
| |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| final ACOrgUnitId userId = session.getACUser().getId(); |
| getSuperAdminBroker().changeRole( |
| getProjectSpace().getProjectId(), |
| userId, |
| Roles.projectAdmin()); |
| getAdminBroker().addInitialParticipant(getProjectSpace().getProjectId(), |
| userId, |
| Roles.projectAdmin()); |
| } |
| |
| @Test |
| public void shouldThrowESExceptionIfRequestingUserDidShareAnotherProjectBefore() |
| throws ESException { |
| expectedException.expect(ESException.class); |
| expectedException.expectMessage(Messages.AdminEmfStoreImpl_IllegalRequestToAddInitialRole); |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| final ACOrgUnitId userId = session.getACUser().getId(); |
| |
| getSuperAdminBroker().assignRole( |
| userId, |
| Roles.projectAdmin()); |
| |
| final ESRemoteProject sharedProject = getLocalProject().shareProject(getUsersession(), |
| new NullProgressMonitor()); |
| final ProjectId projectId = ESGlobalProjectIdImpl.class.cast(sharedProject.getGlobalProjectId()) |
| .toInternalAPI(); |
| |
| getLocalProject().shareProject(getUsersession(), new NullProgressMonitor()); |
| |
| getAdminBroker().addInitialParticipant( |
| projectId, |
| userId, |
| Roles.projectAdmin()); |
| } |
| |
| @Test(expected = ESException.class) |
| public void shouldThrowESExceptionIfRequestingUserDidShareButHasNoProjectAdminRoleAnymore() throws ESException { |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| final ACOrgUnitId userId = session.getACUser().getId(); |
| |
| getSuperAdminBroker().assignRole( |
| userId, |
| Roles.projectAdmin()); |
| |
| final ESRemoteProject shareProject = getLocalProject() |
| .shareProject(getUsersession(), new NullProgressMonitor()); |
| final ProjectId projectId = ESGlobalProjectIdImpl.class.cast(shareProject.getGlobalProjectId()).toInternalAPI(); |
| |
| getSuperAdminBroker().changeRole( |
| getProjectSpace().getProjectId(), |
| userId, |
| Roles.writer()); |
| |
| getAdminBroker().addInitialParticipant( |
| projectId, |
| userId, |
| Roles.projectAdmin()); |
| } |
| |
| @Test |
| public void shouldThrowESExceptionIfRequestingUserDiffersFromUserTheRoleShouldBeAssignedTo() throws ESException { |
| expectedException.expect(ESException.class); |
| expectedException.expectMessage(Messages.AdminEmfStoreImpl_OnlyAllowedForRequstingUser); |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| final ACOrgUnitId userId = session.getACUser().getId(); |
| |
| getSuperAdminBroker().assignRole( |
| userId, |
| Roles.projectAdmin()); |
| |
| final ESRemoteProject sharedProject = getLocalProject().shareProject( |
| getUsersession(), |
| new NullProgressMonitor()); |
| final ProjectId projectId = ESGlobalProjectIdImpl.class.cast( |
| sharedProject.getGlobalProjectId()) |
| .toInternalAPI(); |
| final ACOrgUnitId dummyUserId = ServerUtil.createUser( |
| getSuperUsersession(), "dummyUser"); //$NON-NLS-1$ |
| |
| getAdminBroker().addInitialParticipant( |
| projectId, |
| dummyUserId, |
| Roles.projectAdmin()); |
| } |
| |
| @Test |
| public void shouldThrowExceptionIfTryingToCallMethodExplicitely() throws ESException { |
| expectedException.expect(ESException.class); |
| expectedException.expectMessage(Messages.AdminEmfStoreImpl_IllegalRequestToAddInitialRole); |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| final ACOrgUnitId userId = session.getACUser().getId(); |
| |
| getSuperAdminBroker().assignRole( |
| userId, |
| Roles.projectAdmin()); |
| |
| final ESRemoteProject sharedProject = getLocalProject().shareProject(getUsersession(), |
| new NullProgressMonitor()); |
| final ProjectId projectId = ESGlobalProjectIdImpl.class.cast(sharedProject.getGlobalProjectId()) |
| .toInternalAPI(); |
| |
| getAdminBroker().addInitialParticipant( |
| projectId, |
| userId, |
| Roles.projectAdmin()); |
| } |
| |
| @Test |
| public void shouldSucceedIfAllPrerequisitesAreMet() throws ESException { |
| final Usersession session = ESUsersessionImpl.class.cast(getUsersession()).toInternalAPI(); |
| final ACOrgUnitId userId = session.getACUser().getId(); |
| |
| getSuperAdminBroker().assignRole( |
| userId, |
| Roles.projectAdmin()); |
| |
| final ESRemoteProject sharedProject = getLocalProject().shareProject( |
| getUsersession(), |
| new NullProgressMonitor()); |
| final ProjectId projectId = ESGlobalProjectIdImpl.class.cast( |
| sharedProject.getGlobalProjectId()) |
| .toInternalAPI(); |
| |
| final Role role = getSuperAdminBroker().getRole(projectId, userId); |
| assertThat(role, instanceOf(ProjectAdminRole.class)); |
| } |
| } |