/**
* Abiquo community edition
* cloud management application for hybrid clouds
* Copyright (C) 2008-2010 - Abiquo Holdings S.L.
*
* This application is free software; you can redistribute it and/or
* modify it under the terms of the GNU LESSER GENERAL PUBLIC
* LICENSE as published by the Free Software Foundation under
* version 3 of the License
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* LESSER GENERAL PUBLIC LICENSE v.3 for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the
* Free Software Foundation, Inc., 59 Temple Place - Suite 330,
* Boston, MA 02111-1307, USA.
*/
package com.abiquo.api.handlers;
import static com.abiquo.api.common.UriTestResolver.resolveEnterpriseActionGetIPsURI;
import static com.abiquo.api.common.UriTestResolver.resolveEnterpriseURI;
import static com.abiquo.api.common.UriTestResolver.resolveEnterprisesURI;
import static com.abiquo.api.common.UriTestResolver.resolveUserURI;
import static com.abiquo.api.common.UriTestResolver.resolveUsersURI;
import static com.abiquo.server.core.common.EnvironmentGenerator.SYSADMIN;
import static org.testng.Assert.assertEquals;
import javax.ws.rs.core.Response.Status;
import org.apache.wink.client.ClientResponse;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import com.abiquo.api.resources.AbstractJpaGeneratorIT;
import com.abiquo.model.enumerator.Privileges;
import com.abiquo.server.core.cloud.VirtualMachinesDto;
import com.abiquo.server.core.common.EnvironmentGenerator;
import com.abiquo.server.core.enterprise.Enterprise;
import com.abiquo.server.core.enterprise.EnterpriseDto;
import com.abiquo.server.core.enterprise.EnterprisesDto;
import com.abiquo.server.core.enterprise.Role;
import com.abiquo.server.core.enterprise.User;
import com.abiquo.server.core.enterprise.UserDto;
import com.abiquo.server.core.enterprise.UsersDto;
import com.abiquo.server.core.infrastructure.network.IpsPoolManagementDto;
import com.abiquo.testng.TestConfig;
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public class AdminEnterpriseSecurityIT extends AbstractJpaGeneratorIT
{
private final String USER = "simpleuser";
private EnvironmentGenerator sysadminEnvironment;
private EnvironmentGenerator userEnvironment;
private Enterprise sysadminEnt;
private Enterprise userEnt;
@BeforeMethod
public void setupSyasdminEnvironment()
{
// Generate the environment
sysadminEnvironment = new EnvironmentGenerator(seed);
sysadminEnvironment.generateEnterprise();
setup(sysadminEnvironment.getEnvironment().toArray());
// Get the entities we'll need from the environment
sysadminEnt = sysadminEnvironment.get(Enterprise.class);
}
@BeforeMethod(dependsOnMethods = "setupSyasdminEnvironment")
public void setupUserEnvironment()
{
Role role = roleGenerator.createInstance(Privileges.simpleRole());
// user enterprise will be generated by userEnvironment.generateEnterprise() method
User user = userGenerator.createInstance(null, role, USER, USER);
// Generate the environment
userEnvironment = new EnvironmentGenerator(seed);
userEnvironment.generateEnterprise(user);
// Get the entities we'll need from the environment
userEnt = userEnvironment.get(Enterprise.class);
setup(userEnvironment.getEnvironment().toArray());
}
// ----------------------- //
// VIRTUALDATACENTERS LIST //
// ----------------------- //
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsEnterprises()
{
ClientResponse response =
get(resolveEnterprisesURI(), SYSADMIN, SYSADMIN, EnterprisesDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
EnterprisesDto ents = response.getEntity(EnterprisesDto.class);
assertEquals(ents.getCollection().size(), 2);
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsVirtualEnterprises()
{
ClientResponse response =
get(resolveEnterprisesURI(), USER, USER, EnterprisesDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
EnterprisesDto vdcs = response.getEntity(EnterprisesDto.class);
assertEquals(vdcs.getCollection().size(), 1);
assertEquals(userEnt.getId(), vdcs.getCollection().get(0).getId());
}
// ---------- //
// ENTERPRISE //
// ---------- //
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsOtherEnterprise()
{
ClientResponse response =
get(resolveEnterpriseURI(userEnt.getId()), SYSADMIN, SYSADMIN, EnterpriseDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
assertEquals(response.getEntity(EnterpriseDto.class).getId(), userEnt.getId());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsOtherEnterprise()
{
ClientResponse response =
get(resolveEnterpriseURI(sysadminEnt.getId()), USER, USER, EnterpriseDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.FORBIDDEN.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsEnterpriseNOTExists()
{
ClientResponse response =
get(resolveEnterpriseURI(userEnt.getId() + sysadminEnt.getId() + 1), SYSADMIN,
SYSADMIN, EnterpriseDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.NOT_FOUND.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsEnterpriseNOTExists()
{
ClientResponse response =
get(resolveEnterpriseURI(userEnt.getId() + sysadminEnt.getId() + 1), USER, USER,
EnterpriseDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.FORBIDDEN.getStatusCode());
}
// ----- //
// USERS //
// ----- //
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsUsersOwnEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(sysadminEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUsersURI(sysadminEnt.getId()), SYSADMIN, SYSADMIN, UsersDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
UsersDto users = response.getEntity(UsersDto.class);
assertEquals(users.getCollection().size(), 2);
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsUsersOwnEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(userEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUsersURI(userEnt.getId()), USER, USER, UsersDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
UsersDto users = response.getEntity(UsersDto.class);
assertEquals(users.getCollection().size(), 1);
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsUsersOtherEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(userEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUsersURI(userEnt.getId()), SYSADMIN, SYSADMIN, UsersDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
UsersDto users = response.getEntity(UsersDto.class);
assertEquals(users.getCollection().size(), 2);
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsUsersOtherEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(sysadminEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUsersURI(sysadminEnt.getId()), USER, USER, UsersDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.FORBIDDEN.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsUsersAllEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(userEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUsersURI("_"), SYSADMIN, SYSADMIN, UsersDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
UsersDto users = response.getEntity(UsersDto.class);
assertEquals(users.getCollection().size(), 3);
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsUsersAllEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(userEnt, r);
setup(u.getRole(), u);
ClientResponse response = get(resolveUsersURI("_"), USER, USER, UsersDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
UsersDto users = response.getEntity(UsersDto.class);
assertEquals(users.getCollection().size(), 1);
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void syadminGetsUserOwnEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(sysadminEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUserURI(sysadminEnt.getId(), u.getId()), SYSADMIN, SYSADMIN,
UserDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
UserDto us = response.getEntity(UserDto.class);
assertEquals(us.getId(), u.getId());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsUserOwnEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(userEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUserURI(userEnt.getId(), u.getId()), USER, USER, UserDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.FORBIDDEN.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void syadminGetsUserOtherEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(userEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUserURI(userEnt.getId(), u.getId()), SYSADMIN, SYSADMIN, UserDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
UserDto us = response.getEntity(UserDto.class);
assertEquals(us.getId(), u.getId());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsUserOtherEnterprise()
{
Role r = roleGenerator.createInstance();
User u = userGenerator.createInstance(sysadminEnt, r);
setup(u.getRole(), u);
ClientResponse response =
get(resolveUserURI(sysadminEnt.getId(), u.getId()), USER, USER, UserDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.FORBIDDEN.getStatusCode());
}
// --- //
// IPS //
// --- //
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsIPsOwnEnterprise()
{
ClientResponse response =
get(resolveEnterpriseActionGetIPsURI(sysadminEnt.getId()), SYSADMIN, SYSADMIN,
IpsPoolManagementDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsIPsOwnEnterprise()
{
ClientResponse response =
get(resolveEnterpriseActionGetIPsURI(userEnt.getId()), USER, USER,
IpsPoolManagementDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsIPsOtherEnterprise()
{
ClientResponse response =
get(resolveEnterpriseActionGetIPsURI(userEnt.getId()), SYSADMIN, SYSADMIN,
IpsPoolManagementDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.OK.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsIPsOtherEnterprise()
{
ClientResponse response =
get(resolveEnterpriseActionGetIPsURI(sysadminEnt.getId()), USER, USER,
IpsPoolManagementDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.FORBIDDEN.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsIPsAllEnterprise()
{
ClientResponse response =
get(resolveEnterprisesURI() + "/_/action/ips", SYSADMIN, SYSADMIN,
IpsPoolManagementDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.NOT_FOUND.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsIPsAllEnterprise()
{
ClientResponse response =
get(resolveEnterprisesURI() + "/_/action/ips", USER, USER,
IpsPoolManagementDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.NOT_FOUND.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void sysadminGetsVirtualmachinesAllEnterprise()
{
ClientResponse response =
get(resolveEnterprisesURI() + "/_/action/virtualmachines", SYSADMIN, SYSADMIN,
VirtualMachinesDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.NOT_FOUND.getStatusCode());
}
@Test(groups = {TestConfig.SECURITY_HANDLERS_INTEGRATION_TESTS})
public void userGetsIPsVirtualmachinesEnterprise()
{
ClientResponse response =
get(resolveEnterprisesURI() + "/_/action/virtualmachines", USER, USER,
VirtualMachinesDto.MEDIA_TYPE);
assertEquals(response.getStatusCode(), Status.NOT_FOUND.getStatusCode());
}
// Can be added:
// - actions
// - user actions
// - limits
// - datacenter repositories
// - reserverd machines
// - appslib
// - properties
}