Skip to content

Commit

Permalink
SHIBUI-2015
Browse files Browse the repository at this point in the history 
parsing group from shib
  • Loading branch information
@chasegawa
chasegawa committed Aug 24, 2021
1 parent bd0d11b commit 65694f6
Show file tree
Hide file tree
Showing 3 changed files with 209 additions and 0 deletions.
17 changes: 17 additions & 0 deletions ...ovy/edu/internet2/tier/shibboleth/admin/ui/security/service/GroupServiceForTesting.groovy
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
package edu.internet2.tier.shibboleth.admin.ui.security.service

import org.springframework.transaction.annotation.Transactional

class GroupServiceForTesting extends GroupServiceImpl {
public GroupServiceForTesting(GroupServiceImpl impl) {
this.groupRepository = impl.groupRepository
this.ownershipRepository = impl.ownershipRepository
}

@Transactional
public void clearAllForTesting() {
groupRepository.deleteAll();
ownershipRepository.clearAllOwnedByGroup()
ensureAdminGroupExists()
}
}
140 changes: 140 additions & 0 deletions pac4j-module/src/test/groovy/net/unicon/shibui/pac4j/AddNewUserFilterTests.groovy
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,140 @@
package net.unicon.shibui.pac4j

import edu.internet2.tier.shibboleth.admin.ui.security.model.Role
import edu.internet2.tier.shibboleth.admin.ui.security.model.User
import edu.internet2.tier.shibboleth.admin.ui.security.repository.OwnershipRepository
import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository
import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository
import edu.internet2.tier.shibboleth.admin.ui.security.service.GroupServiceForTesting
import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService
import org.pac4j.core.matching.matcher.PathMatcher
import org.pac4j.saml.profile.SAML2Profile
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.boot.autoconfigure.domain.EntityScan
import org.springframework.boot.context.properties.EnableConfigurationProperties
import org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest
import org.springframework.data.jpa.repository.config.EnableJpaRepositories
import org.springframework.security.core.Authentication
import org.springframework.security.core.context.SecurityContext
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.test.annotation.DirtiesContext
import org.springframework.test.context.ContextConfiguration
import org.springframework.transaction.annotation.Transactional
import spock.lang.Specification
import spock.lang.Subject

import javax.servlet.FilterChain
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse

@DataJpaTest
@ContextConfiguration(classes=[Pac4JTestingConfig])
@EnableJpaRepositories(basePackages = ["edu.internet2.tier.shibboleth.admin.ui"])
@EntityScan("edu.internet2.tier.shibboleth.admin.ui")
@DirtiesContext
@EnableConfigurationProperties([Pac4jConfigurationProperties])
class AddNewUserFilterTests extends Specification {
@Subject
AddNewUserFilter addNewUserFilter

@Autowired
GroupServiceForTesting groupService

@Autowired
OwnershipRepository ownershipRepository

@Autowired
RoleRepository roleRepository

@Autowired
Pac4jConfigurationProperties pac4jConfigurationProperties

@Autowired
UserRepository userRepository

@Autowired
UserService userService

HttpServletRequest request = Mock()
HttpServletResponse response = Mock()
FilterChain chain = Mock()

SecurityContext securityContext = Mock()
Authentication authentication = Mock()
SAML2Profile saml2Profile = Mock()

Pac4jConfigurationProperties.SimpleProfileMapping profileMapping

@Transactional
def setup() {
SecurityContextHolder.setContext(securityContext)
securityContext.getAuthentication() >> authentication
authentication.getPrincipal() >> saml2Profile

addNewUserFilter = new AddNewUserFilter(pac4jConfigurationProperties, userService, roleRepository, new PathMatcher(), groupService, Optional.empty())
profileMapping = pac4jConfigurationProperties.simpleProfileMapping

userRepository.findAll().forEach {
userService.delete(it.getUsername())
}
userRepository.flush()

roleRepository.deleteAll()
roleRepository.flush()
groupService.clearAllForTesting() //leaves us just the admingroup

def roles = [new Role().with {
name = 'ROLE_ADMIN'
it
}, new Role().with {
name = 'ROLE_USER'
it
}, new Role().with {
name = 'ROLE_NONE'
it
}]
roles.each {
roleRepository.save(it)
}
}

def "new user created"() {
given:
['Username': 'newUser',
'FirstName': 'New',
'LastName': 'User',
'Email': 'newuser@institution.edu'].each { key, value ->
saml2Profile.getAttribute(profileMapping."get${key}"()) >> [value]
}
saml2Profile.getUsername() >> "newUser"

when:
addNewUserFilter.doFilter(request, response, chain)

then:
1 * response.sendRedirect("/unsecured/error.html")
User user = userRepository.findByUsername("newUser").get()
user.getGroupId() == "newUser"
}

def "new user created with group - assumes saml2profile got property for groups"() {
given:
['Username': 'newUser',
'FirstName': 'New',
'LastName': 'User',
'Email': 'newuser@institution.edu',
'GroupsName':'AAAGroup'
].each { key, value ->
saml2Profile.getAttribute(profileMapping."get${key}"()) >> [value]
}
saml2Profile.getUsername() >> "newUser"

when:
addNewUserFilter.doFilter(request, response, chain)

then:
1 * response.sendRedirect("/unsecured/error.html")
User user = userRepository.findByUsername("newUser").get()
user.getGroupId() == "AAAGroup"
}
}
52 changes: 52 additions & 0 deletions pac4j-module/src/test/groovy/net/unicon/shibui/pac4j/Pac4JTestingConfig.groovy
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
package net.unicon.shibui.pac4j

import edu.internet2.tier.shibboleth.admin.ui.security.model.listener.GroupUpdatedEntityListener
import edu.internet2.tier.shibboleth.admin.ui.security.model.listener.UserUpdatedEntityListener
import edu.internet2.tier.shibboleth.admin.ui.security.repository.GroupsRepository
import edu.internet2.tier.shibboleth.admin.ui.security.repository.OwnershipRepository
import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository
import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository
import edu.internet2.tier.shibboleth.admin.ui.security.service.GroupServiceForTesting
import edu.internet2.tier.shibboleth.admin.ui.security.service.GroupServiceImpl
import edu.internet2.tier.shibboleth.admin.ui.security.service.IGroupService
import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration
import org.springframework.context.annotation.Primary

@Configuration
class Pac4JTestingConfig {
@Bean
@Primary
GroupServiceForTesting groupServiceForTesting(GroupsRepository repo, OwnershipRepository ownershipRepository) {
GroupServiceForTesting result = new GroupServiceForTesting(new GroupServiceImpl().with {
it.groupRepository = repo
it.ownershipRepository = ownershipRepository
return it
})
result.ensureAdminGroupExists()
return result
}

@Bean
@Primary
GroupUpdatedEntityListener groupUpdatedEntityListener(OwnershipRepository repo) {
GroupUpdatedEntityListener listener = new GroupUpdatedEntityListener()
listener.init(repo)
return listener
}

@Bean
@Primary
UserUpdatedEntityListener userUpdatedEntityListener(OwnershipRepository repo, GroupsRepository groupRepo) {
UserUpdatedEntityListener listener = new UserUpdatedEntityListener()
listener.init(repo, groupRepo)
return listener
}

@Bean
@Primary
UserService userService(IGroupService groupService, OwnershipRepository ownershipRepository, RoleRepository roleRepository, UserRepository userRepository) {
return new UserService(groupService, ownershipRepository, roleRepository, userRepository)
}
}

0 comments on commit 65694f6

Please sign in to comment.