/**********************************************************************************
* $URL: https://source.sakaiproject.org/svn/sections/trunk/sections-app/src/test/org/sakaiproject/test/section/AuthzTest.java $
* $Id: AuthzTest.java 105080 2012-02-24 23:10:31Z ottenhoff@longsight.com $
***********************************************************************************
*
* Copyright (c) 2005, 2006, 2008 The Sakai Foundation
*
* Licensed under the Educational Community License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.opensource.org/licenses/ECL-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
**********************************************************************************/
package org.sakaiproject.test.section;
import java.util.List;
import junit.framework.Assert;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.sakaiproject.section.api.CourseManager;
import org.sakaiproject.section.api.SectionManager;
import org.sakaiproject.section.api.coursemanagement.Course;
import org.sakaiproject.section.api.coursemanagement.CourseSection;
import org.sakaiproject.section.api.coursemanagement.User;
import org.sakaiproject.section.api.facade.Role;
import org.sakaiproject.section.api.facade.manager.Authz;
import org.sakaiproject.section.api.facade.manager.Context;
import org.sakaiproject.component.section.support.UserManager;
/**
* Each test method is isolated in its own transaction, which is rolled back when
* the method exits. Since we can not assume that data will exist, we need to use
* the SectionManager api to insert data before retrieving it with SectionAwareness.
*
* @author <a href="mailto:jholtzman@berkeley.edu">Josh Holtzman</a>
*
*/
public class AuthzTest extends SectionsTestBase{
private static final Log log = LogFactory.getLog(AuthzTest.class);
private Authz authz;
private Context context;
private SectionManager secMgr;
private CourseManager courseMgr;
private UserManager userMgr;
protected void onSetUpInTransaction() throws Exception {
authz = (Authz)applicationContext.getBean("org.sakaiproject.section.api.facade.manager.Authz");
context = (Context)applicationContext.getBean("org.sakaiproject.section.api.facade.manager.Context");
secMgr = (SectionManager)applicationContext.getBean("org.sakaiproject.section.api.SectionManager");
courseMgr = (CourseManager)applicationContext.getBean("org.sakaiproject.section.api.CourseManager");
userMgr = (UserManager)applicationContext.getBean("org.sakaiproject.component.section.support.UserManager");
}
public void testSectionMembership() throws Exception {
String siteContext = context.getContext(null);
List categories = secMgr.getSectionCategories(siteContext);
// Add a course and a section to work from
Course course = courseMgr.createCourse(siteContext, "A course", false, false, false);
CourseSection sec1 = secMgr.addSection(course.getUuid(), "A section", (String)categories.get(0), Integer.valueOf(10), null, null, null, false, false, false, false, false, false, false);
CourseSection sec2 = secMgr.addSection(course.getUuid(), "Another section", (String)categories.get(1), Integer.valueOf(10), null, null, null, false, false, false, false, false, false, false);
// Load students
User student1 = userMgr.createUser("student1", "Joe Student", "Student, Joe", "jstudent");
User student2 = userMgr.createUser("student2", "Jane Undergrad", "Undergrad, Jane", "jundergrad");
// Load TAs
User ta1 = userMgr.createUser("ta1", "Mike Grad", "Grad, Mike", "mgrad");
User ta2 = userMgr.createUser("ta2", "Sara Postdoc", "Postdoc, Sara", "spostdoc");
// Load instructors
User instructor1 = userMgr.createUser("instructor1", "Bill Economist", "Economist, Bill", "beconomist");
// Load enrollments into the course
courseMgr.addEnrollment(student1, course);
courseMgr.addEnrollment(student2, course);
// Load enrollments into sections
secMgr.addSectionMembership("student1", Role.STUDENT, sec1.getUuid());
secMgr.addSectionMembership("student2", Role.STUDENT, sec2.getUuid());
// Load TAs into the course
courseMgr.addTA(ta1, course);
courseMgr.addTA(ta2, course);
// Load TAs into the sections
secMgr.addSectionMembership("ta1", Role.TA, sec1.getUuid());
secMgr.addSectionMembership("ta2", Role.TA, sec2.getUuid());
// Load instructor into the courses
courseMgr.addInstructor(instructor1, course);
Assert.assertTrue(authz.isViewOwnSectionsAllowed(student1.getUserUid(), siteContext));
Assert.assertTrue(authz.isViewOwnSectionsAllowed(student2.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isViewOwnSectionsAllowed(ta1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isViewOwnSectionsAllowed(ta2.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isViewOwnSectionsAllowed(instructor1.getUserUid(), siteContext));
Assert.assertTrue(authz.isSectionEnrollmentMangementAllowed(instructor1.getUserUid(), siteContext));
Assert.assertTrue(authz.isSectionEnrollmentMangementAllowed(ta1.getUserUid(), siteContext));
Assert.assertTrue(authz.isSectionEnrollmentMangementAllowed(ta2.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionEnrollmentMangementAllowed(student1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionEnrollmentMangementAllowed(student2.getUserUid(), siteContext));
Assert.assertTrue(authz.isSectionManagementAllowed(instructor1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionManagementAllowed(ta1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionManagementAllowed(ta2.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionManagementAllowed(student1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionManagementAllowed(student2.getUserUid(), siteContext));
Assert.assertTrue(authz.isSectionOptionsManagementAllowed(instructor1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionOptionsManagementAllowed(ta1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionOptionsManagementAllowed(ta2.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionOptionsManagementAllowed(student1.getUserUid(), siteContext));
Assert.assertTrue( ! authz.isSectionOptionsManagementAllowed(student2.getUserUid(), siteContext));
}
}