Commit ce11c083 authored by Raigo Ukkivi's avatar Raigo Ukkivi
Browse files

TEIS-343. Access privileges integration tests.

parent a66d20bb
......@@ -3,11 +3,15 @@ package ee.sm.ti.teis.officials.group;
import ee.sm.ti.teis.OfficialsAppTestBase;
import ee.sm.ti.teis.errors.CommonErrorCode;
import ee.sm.ti.teis.officegateway.official.dto.OfficialsGroupDto;
import ee.sm.ti.teis.officegateway.official.request.AddOfficialsGroupMembersRequest;
import ee.sm.ti.teis.officegateway.official.request.CreateOfficialsGroupRequest;
import ee.sm.ti.teis.officegateway.official.request.DeleteOfficialsGroupMemberRequest;
import ee.sm.ti.teis.officegateway.official.request.DeleteOfficialsGroupRequest;
import ee.sm.ti.teis.officegateway.official.request.OfficialsGroupsRequest;
import ee.sm.ti.teis.officegateway.official.request.UpdateOfficialsGroupRequest;
import ee.sm.ti.teis.officegateway.official.response.AddOfficialsGroupMembersResponse;
import ee.sm.ti.teis.officegateway.official.response.CreateOfficialsGroupResponse;
import ee.sm.ti.teis.officegateway.official.response.DeleteOfficialsGroupMemberResponse;
import ee.sm.ti.teis.officegateway.official.response.DeleteOfficialsGroupResponse;
import ee.sm.ti.teis.officegateway.official.response.OfficialsGroupsResponse;
import ee.sm.ti.teis.officegateway.official.response.UpdateOfficialsGroupResponse;
......@@ -23,6 +27,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.mock.mockito.MockBean;
import java.util.ArrayList;
import java.util.Collections;
import java.util.UUID;
import static java.util.List.of;
......@@ -133,6 +138,50 @@ class OfficialsGroupListenerPrivilegesTest extends OfficialsAppTestBase {
verifyDeleteOfficialsGroupsAccessIsDenied(requestMetaDTO);
}
//ADD OFFICIALS GROUP MEMBER
@Test
void addOfficialGroupMembers_shouldBeAllowed_if_correctPrivileges() {
RequestMetaDTO requestMetaDTO = createRequestMeta(UUID.randomUUID().toString(), UserType.OFFICIAL_USER, null,
of(RolePrivilegeCode.TI_MANAGE_OFFICIALS_GROUPS.name()));
verifyAddOfficialGroupMembersAccessIsAllowed(requestMetaDTO);
}
@Test
void addOfficialGroupMembers_shouldBeDenied_if_wrongPrivileges() {
RequestMetaDTO requestMetaDTO = createRequestMeta(UUID.randomUUID().toString(), UserType.OFFICIAL_USER, null,
of(RolePrivilegeCode.TI_MANAGE_REPRESENTATIVES.name()));
verifyAddOfficialGroupMembersAccessIsDenied(requestMetaDTO);
}
@Test
void addOfficialGroupMembers_shouldBeDenied_if_not_officialUser() {
RequestMetaDTO requestMetaDTO = createRequestMeta(UUID.randomUUID().toString(), UserType.PERSON, null,
of(RolePrivilegeCode.TI_MANAGE_OFFICIALS_GROUPS.name()));
verifyAddOfficialGroupMembersAccessIsDenied(requestMetaDTO);
}
//DELETE OFFICIALS GROUP MEMBER
@Test
void deleteOfficialGroupMember_shouldBeAllowed_if_correctPrivileges() {
RequestMetaDTO requestMetaDTO = createRequestMeta(UUID.randomUUID().toString(), UserType.OFFICIAL_USER, null,
of(RolePrivilegeCode.TI_MANAGE_OFFICIALS_GROUPS.name()));
verifyDeleteOfficialGroupMemberAccessIsAllowed(requestMetaDTO);
}
@Test
void deleteOfficialGroupMember_shouldBeDenied_if_wrongPrivileges() {
RequestMetaDTO requestMetaDTO = createRequestMeta(UUID.randomUUID().toString(), UserType.OFFICIAL_USER, null,
of(RolePrivilegeCode.TI_MANAGE_REPRESENTATIVES.name()));
verifyDeleteOfficialGroupMemberAccessIsDenied(requestMetaDTO);
}
@Test
void deleteOfficialGroupMember_shouldBeDenied_if_not_officialUser() {
RequestMetaDTO requestMetaDTO = createRequestMeta(UUID.randomUUID().toString(), UserType.PERSON, null,
of(RolePrivilegeCode.TI_MANAGE_OFFICIALS_GROUPS.name()));
verifyDeleteOfficialGroupMemberAccessIsDenied(requestMetaDTO);
}
private void verifyDeleteOfficialsGroupsIsAllowed(RequestMetaDTO requestMetaDTO) {
DeleteOfficialsGroupRequest request = new DeleteOfficialsGroupRequest();
request.setPayload(new DeleteOfficialsGroupRequest.Parameters(UUID.randomUUID().toString()), requestMetaDTO);
......@@ -206,5 +255,36 @@ class OfficialsGroupListenerPrivilegesTest extends OfficialsAppTestBase {
assertThat(response.getError().getCode()).isEqualTo(CommonErrorCode.FORBIDDEN.getCode());
}
private void verifyAddOfficialGroupMembersAccessIsAllowed(RequestMetaDTO requestMetaDTO) {
AddOfficialsGroupMembersRequest request = new AddOfficialsGroupMembersRequest();
request.setPayload(new AddOfficialsGroupMembersRequest.Parameters(UUID.randomUUID().toString(), Collections.emptyList()), requestMetaDTO);
AddOfficialsGroupMembersResponse response = groupGwListener.addOfficialsGroupMembers(request);
if (response.getError() != null) {
assertThat(response.getError().getCode()).isNotEqualTo(CommonErrorCode.FORBIDDEN.getCode());
}
}
private void verifyAddOfficialGroupMembersAccessIsDenied(RequestMetaDTO requestMetaDTO) {
AddOfficialsGroupMembersRequest request = new AddOfficialsGroupMembersRequest();
request.setPayload(new AddOfficialsGroupMembersRequest.Parameters(UUID.randomUUID().toString(), Collections.emptyList()), requestMetaDTO);
AddOfficialsGroupMembersResponse response = groupGwListener.addOfficialsGroupMembers(request);
assertThat(response.getError().getCode()).isEqualTo(CommonErrorCode.FORBIDDEN.getCode());
}
private void verifyDeleteOfficialGroupMemberAccessIsAllowed(RequestMetaDTO requestMetaDTO) {
AddOfficialsGroupMembersRequest request = new AddOfficialsGroupMembersRequest();
request.setPayload(new AddOfficialsGroupMembersRequest.Parameters(UUID.randomUUID().toString(), Collections.emptyList()), requestMetaDTO);
AddOfficialsGroupMembersResponse response = groupGwListener.addOfficialsGroupMembers(request);
if (response.getError() != null) {
assertThat(response.getError().getCode()).isNotEqualTo(CommonErrorCode.FORBIDDEN.getCode());
}
}
private void verifyDeleteOfficialGroupMemberAccessIsDenied(RequestMetaDTO requestMetaDTO) {
DeleteOfficialsGroupMemberRequest request = new DeleteOfficialsGroupMemberRequest();
request.setPayload(new DeleteOfficialsGroupMemberRequest.Parameters(UUID.randomUUID().toString(), ""), requestMetaDTO);
DeleteOfficialsGroupMemberResponse response = groupGwListener.deleteOfficialsGroupMember(request);
assertThat(response.getError().getCode()).isEqualTo(CommonErrorCode.FORBIDDEN.getCode());
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment