TestRoleSaveAction.java example

Explorer
biobank-master
- eclipse_ws
package edu.ualberta.med.biobank.test.action.security;

import junit.framework.Assert;

import org.hibernate.Transaction;
import org.hibernate.criterion.Restrictions;
import org.junit.Test;

import edu.ualberta.med.biobank.common.action.IdResult;
import edu.ualberta.med.biobank.common.action.exception.AccessDeniedException;
import edu.ualberta.med.biobank.common.action.security.RoleSaveAction;
import edu.ualberta.med.biobank.common.action.security.RoleSaveInput;
import edu.ualberta.med.biobank.model.PermissionEnum;
import edu.ualberta.med.biobank.model.Rank;
import edu.ualberta.med.biobank.model.Role;
import edu.ualberta.med.biobank.model.User;
import edu.ualberta.med.biobank.test.Factory.Domain;
import edu.ualberta.med.biobank.test.action.TestAction;

public class TestRoleSaveAction extends TestAction {
    @Test
    public void superAdminAccess() {
        Transaction tx = session.beginTransaction();
        Role role = factory.createRole();
        tx.commit();

        exec(new RoleSaveAction(new RoleSaveInput(role)));
    }

    @Test
    public void adminAccess() {
        Transaction tx = session.beginTransaction();
        Role role = factory.createRole();
        User user = factory.createUser();
        factory.createMembership(Domain.CENTER_STUDY, Rank.ADMINISTRATOR);
        tx.commit();

        try {
            execAs(user, new RoleSaveAction(new RoleSaveInput(role)));
            Assert.fail();
        } catch (AccessDeniedException e) {
        }
    }

    @Test
    public void normalAccess() {
        Transaction tx = session.beginTransaction();
        Role role = factory.createRole();
        User user = factory.createUser();
        tx.commit();

        try {
            execAs(user, new RoleSaveAction(new RoleSaveInput(role)));
            Assert.fail();
        } catch (AccessDeniedException e) {
        }
    }

    @Test
    public void managerAccess() {
        Transaction tx = session.beginTransaction();
        Role role = factory.createRole();
        User manager = factory.createUser();
        factory.createMembership(Domain.CENTER_STUDY, Rank.MANAGER);
        tx.commit();

        try {
            execAs(manager, new RoleSaveAction(new RoleSaveInput(role)));
            Assert.fail();
        } catch (AccessDeniedException e) {
        }
    }

    @Test
    public void insert() {
        Role role = new Role();
        role.setName(getMethodNameR());
        role.getPermissions().addAll(PermissionEnum.valuesList());

        IdResult result = exec(new RoleSaveAction(new RoleSaveInput(role)));

        Object o = session.createCriteria(Role.class)
            .add(Restrictions.idEq(result.getId()))
            .uniqueResult();

        Assert.assertTrue(o instanceof Role);

        Role saved = (Role) o;

        Assert.assertTrue("name not inserted properly",
            role.getName().equals(saved.getName()));

        Assert.assertTrue("permissions not inserted properly",
            role.getPermissions().equals(saved.getPermissions()));
    }

    @Test
    public void update() {
        Transaction tx = session.beginTransaction();
        Role role = factory.createRole();
        role.getPermissions().add(PermissionEnum.REPORTS);
        session.update(role);
        tx.commit();

        role.setName(factory.getName(Role.class));
        role.getPermissions().clear();

        IdResult result = exec(new RoleSaveAction(new RoleSaveInput(role)));

        Assert.assertEquals("id should not change",
            role.getId(), result.getId());

        Object o = session.createCriteria(Role.class)
            .add(Restrictions.idEq(role.getId()))
            .uniqueResult();

        Assert.assertTrue(o instanceof Role);

        Role saved = (Role) o;

        Assert.assertEquals("name not updated properly",
            role.getName(), saved.getName());

        Assert.assertEquals("permissions not updated properly",
            role.getPermissions(), saved.getPermissions());
    }
}