diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy index a137526a4..2bc831cd0 100644 --- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy +++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/configuration/DevConfig.groovy @@ -79,6 +79,14 @@ class DevConfig { emailAddress = 'anon@institution.edu' roles.add(roleRepository.findByName('ROLE_ADMIN').get()) it + }, new User().with { // allow us to auto-login as an admin + username = 'wsmith@unicon.net' + password = '{noop}anonymous' + firstName = 'Anon' + lastName = 'Ymous' + emailAddress = 'anon@institution.edu' + roles.add(roleRepository.findByName('ROLE_ADMIN').get()) + it }] users.each { adminUserRepository.save(it) diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy index 1a66ad333..d3079fa3c 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/controller/EntityDescriptorControllerTests.groovy @@ -8,13 +8,13 @@ import edu.internet2.tier.shibboleth.admin.ui.configuration.TestConfiguration import edu.internet2.tier.shibboleth.admin.ui.domain.EntityDescriptor import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects import edu.internet2.tier.shibboleth.admin.ui.repository.EntityDescriptorRepository -import edu.internet2.tier.shibboleth.admin.ui.security.model.User import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository import edu.internet2.tier.shibboleth.admin.ui.security.service.UserService import edu.internet2.tier.shibboleth.admin.ui.service.JPAEntityDescriptorServiceImpl import edu.internet2.tier.shibboleth.admin.ui.service.JPAEntityServiceImpl import edu.internet2.tier.shibboleth.admin.ui.util.RandomGenerator +import edu.internet2.tier.shibboleth.admin.ui.util.TestHelpers import edu.internet2.tier.shibboleth.admin.ui.util.TestObjectGenerator import groovy.json.JsonOutput import groovy.json.JsonSlurper @@ -83,14 +83,20 @@ class EntityDescriptorControllerTests extends Specification { controller.entityDescriptorService = service controller.restTemplate = mockRestTemplate + mockMvc = MockMvcBuilders.standaloneSetup(controller).build() securityContext.getAuthentication() >> authentication + SecurityContextHolder.setContext(securityContext) + } def 'GET /EntityDescriptors with empty repository as admin'() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def emptyRecordsFromRepository = [].stream() def expectedEmptyListResponseBody = '[]' def expectedResponseContentType = APPLICATION_JSON_UTF8 @@ -110,7 +116,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptors with 1 record in repository as admin'() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def entityDescriptor = new EntityDescriptor(resourceId: 'uuid-1', entityID: 'eid1', serviceProviderName: 'sp1', serviceEnabled: true, createdDate: LocalDateTime.parse(expectedCreationDate)) @@ -157,7 +166,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptors with 2 records in repository as admin'() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def entityDescriptorOne = new EntityDescriptor(resourceId: 'uuid-1', entityID: 'eid1', serviceProviderName: 'sp1', serviceEnabled: true, @@ -228,7 +240,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptors with 1 record in repository as user returns only that user\'s records'() { given: - prepareUser('someUser', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USER' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def entityDescriptorOne = new EntityDescriptor(resourceId: 'uuid-1', entityID: 'eid1', serviceProviderName: 'sp1', serviceEnabled: true, @@ -276,7 +291,10 @@ class EntityDescriptorControllerTests extends Specification { def 'POST /EntityDescriptor and successfully create new record'() { given: - prepareUser('admin', 'ROLE_ADMIN') + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def expectedEntityId = 'https://shib' def expectedSpName = 'sp1' @@ -356,7 +374,10 @@ class EntityDescriptorControllerTests extends Specification { def 'POST /EntityDescriptor as user disallows enabling'() { given: - prepareUser('user', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USER' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedEntityId = 'https://shib' def expectedSpName = 'sp1' @@ -430,7 +451,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptor/{resourceId} non-existent'() { given: - prepareUser('admin', 'ROLE_ADMIN') + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def providedResourceId = 'uuid-1' when: @@ -444,7 +468,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptor/{resourceId} existing'() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def providedResourceId = 'uuid-1' def expectedSpName = 'sp1' @@ -492,7 +519,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptor/{resourceId} existing, owned by non-admin'() { given: - prepareUser('someUser', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USER' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def providedResourceId = 'uuid-1' def expectedSpName = 'sp1' @@ -541,7 +571,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptor/{resourceId} existing, owned by some other user'() { given: - prepareUser('someUser', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USER' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def providedResourceId = 'uuid-1' def expectedSpName = 'sp1' @@ -564,7 +597,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptor/{resourceId} existing (xml)'() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def providedResourceId = 'uuid-1' def expectedSpName = 'sp1' @@ -596,7 +632,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptor/{resourceId} existing (xml), user-owned'() { given: - prepareUser('someUser', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USER' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def providedResourceId = 'uuid-1' def expectedSpName = 'sp1' @@ -629,7 +668,10 @@ class EntityDescriptorControllerTests extends Specification { def 'GET /EntityDescriptor/{resourceId} existing (xml), other user-owned'() { given: - prepareUser('someUser', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USER' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def expectedCreationDate = '2017-10-23T11:11:11' def providedResourceId = 'uuid-1' def expectedSpName = 'sp1' @@ -656,7 +698,10 @@ class EntityDescriptorControllerTests extends Specification { def "POST /EntityDescriptor handles XML happily"() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def postedBody = ''' @@ -773,7 +818,10 @@ class EntityDescriptorControllerTests extends Specification { def "POST /EntityDescriptor handles x-www-form-urlencoded happily"() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def postedMetadataUrl = "http://test.scaldingspoon.org/test1" def restXml = ''' @@ -853,7 +901,10 @@ class EntityDescriptorControllerTests extends Specification { def "PUT /EntityDescriptor updates entity descriptors properly as admin"() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def entityDescriptor = generator.buildEntityDescriptor() def updatedEntityDescriptor = generator.buildEntityDescriptor() updatedEntityDescriptor.resourceId = entityDescriptor.resourceId @@ -881,7 +932,10 @@ class EntityDescriptorControllerTests extends Specification { def "PUT /EntityDescriptor disallows user from enabling"() { given: - prepareUser('someUser', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USER' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def entityDescriptor = generator.buildEntityDescriptor() entityDescriptor.serviceEnabled = false def updatedEntityDescriptor = generator.buildEntityDescriptor() @@ -908,7 +962,10 @@ class EntityDescriptorControllerTests extends Specification { def "PUT /EntityDescriptor denies the request if the PUTing user is not an ADMIN and not the createdBy user"() { given: - prepareUser('randomUser', 'ROLE_USER') + def username = 'someUser' + def role = 'ROLE_USERN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def entityDescriptor = generator.buildEntityDescriptor() entityDescriptor.createdBy = 'someoneElse' def updatedEntityDescriptor = generator.buildEntityDescriptor() @@ -931,7 +988,10 @@ class EntityDescriptorControllerTests extends Specification { def "PUT /EntityDescriptor 409's if the version numbers don't match"() { given: - prepareAdminUser() + def username = 'admin' + def role = 'ROLE_ADMIN' + authentication.getPrincipal() >> username + userRepository.findByUsername(username) >> TestHelpers.generateOptionalUser(username, role) def entityDescriptor = generator.buildEntityDescriptor() def updatedEntityDescriptor = generator.buildEntityDescriptor() updatedEntityDescriptor.resourceId = entityDescriptor.resourceId @@ -951,16 +1011,4 @@ class EntityDescriptorControllerTests extends Specification { then: result.andExpect(status().is(409)) } - - def prepareAdminUser() { - prepareUser('foo', 'ROLE_ADMIN') - } - - def prepareUser(String username, String rolename) { - authentication.getPrincipal() >> username - SecurityContextHolder.setContext(securityContext) - def user = new User(username: username, role: rolename) - Optional currentUser = Optional.of(user) - userRepository.findByUsername(username) >> currentUser - } } diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy index 9311fde2d..672618b30 100644 --- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy +++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/util/TestHelpers.groovy @@ -1,7 +1,9 @@ package edu.internet2.tier.shibboleth.admin.ui.util +import edu.internet2.tier.shibboleth.admin.ui.security.model.User import groovy.xml.XmlUtil import org.apache.commons.lang.StringUtils +import org.springframework.security.core.context.SecurityContextHolder import org.w3c.dom.Document import org.xmlunit.builder.DiffBuilder import org.xmlunit.builder.Input @@ -39,4 +41,9 @@ class TestHelpers { static String XmlDocumentToString(Document document) { return XmlUtil.serialize(document.documentElement) } + + static Optional generateOptionalUser(String username, String rolename) { + def user = new User(username: username, role: rolename) + Optional.of(user) + } }