DmsIntegrationTests.java

/*
 * Copyright 2002-2016 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package sample;

/*
 * Copyright 2002-2016 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

import org.junit.After;
import org.junit.Test;
import sample.dms.AbstractElement;
import sample.dms.Directory;
import sample.dms.DocumentDao;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.AbstractTransactionalJUnit4SpringContextTests;

import static org.assertj.core.api.Assertions.assertThat;

/**
 * Basic integration test for DMS sample.
 *
 * @author Ben Alex
 *
 */
@ContextConfiguration(locations = { "classpath:applicationContext-dms-shared.xml",
		"classpath:applicationContext-dms-insecure.xml" })
public class DmsIntegrationTests extends AbstractTransactionalJUnit4SpringContextTests {

	@Autowired
	protected JdbcTemplate jdbcTemplate;

	@Autowired
	protected DocumentDao documentDao;

	@After
	public void clearContext() {
		SecurityContextHolder.clearContext();
	}

	public void setDocumentDao(DocumentDao documentDao) {
		this.documentDao = documentDao;
	}

	@Test
	public void testBasePopulation() {
		assertThat(this.jdbcTemplate.queryForObject("select count(id) from DIRECTORY",
				Integer.class)).isEqualTo(9);
		assertThat((int) this.jdbcTemplate.queryForObject("select count(id) from FILE",
				Integer.class)).isEqualTo(90);
		assertThat(this.documentDao.findElements(Directory.ROOT_DIRECTORY).length)
				.isEqualTo(3);
	}

	@Test
	public void testMarissaRetrieval() {
		process("rod", "koala", false);
	}

	@Test
	public void testScottRetrieval() {
		process("scott", "wombat", false);
	}

	@Test
	public void testDianneRetrieval() {
		process("dianne", "emu", false);
	}

	protected void process(String username, String password, boolean shouldBeFiltered) {
		SecurityContextHolder.getContext().setAuthentication(
				new UsernamePasswordAuthenticationToken(username, password));
		System.out.println("------ Test for username: " + username + " ------");
		AbstractElement[] rootElements = this.documentDao
				.findElements(Directory.ROOT_DIRECTORY);
		assertThat(rootElements.length).isEqualTo(3);
		Directory homeDir = null;
		Directory nonHomeDir = null;
		for (int i = 0; i < rootElements.length; i++) {
			if (rootElements[i].getName().equals(username)) {
				homeDir = (Directory) rootElements[i];
			}
			else {
				nonHomeDir = (Directory) rootElements[i];
			}
		}
		System.out.println("Home directory......: " + homeDir.getFullName());
		System.out.println("Non-home directory..: " + nonHomeDir.getFullName());

		AbstractElement[] homeElements = this.documentDao.findElements(homeDir);
		assertThat(homeElements.length).isEqualTo(12); // confidential and shared
														// directories,
		// plus 10 files

		AbstractElement[] nonHomeElements = this.documentDao.findElements(nonHomeDir);
		assertThat(nonHomeElements.length).isEqualTo(shouldBeFiltered ? 11 : 12); // cannot
																					// see
		// the user's
		// "confidential"
		// sub-directory
		// when
		// filtering

		// Attempt to read the other user's confidential directory from the returned
		// results
		// Of course, we shouldn't find a "confidential" directory in the results if we're
		// filtering
		Directory nonHomeConfidentialDir = null;
		for (int i = 0; i < nonHomeElements.length; i++) {
			if (nonHomeElements[i].getName().equals("confidential")) {
				nonHomeConfidentialDir = (Directory) nonHomeElements[i];
			}
		}

		if (shouldBeFiltered) {
			assertThat(nonHomeConfidentialDir)
					.withFailMessage(
							"Found confidential directory when we should not have")
					.isNull();
		}
		else {
			System.out.println(
					"Inaccessible dir....: " + nonHomeConfidentialDir.getFullName());
			assertThat(this.documentDao.findElements(nonHomeConfidentialDir).length)
					.isEqualTo(10); // 10
			// files
			// (no
			// sub-directories)
		}

		SecurityContextHolder.clearContext();
	}

}