Merge branch 'master' into github

wfe-app/pom.xml

@@ -96,7 +96,7 @@
 			<dependency>
 				<groupId>commons-beanutils</groupId>
 				<artifactId>commons-beanutils</artifactId>
-				<version>1.8.3</version>
+				<version>1.9.2</version>
 			</dependency>
 			<dependency>
 				<groupId>javax</groupId>

wfe-cactus-it/src/test/java/ru/runa/af/delegate/AuthenticationServiceDelegatePasswordLoginModuleTest.java

@@ -27,80 +27,74 @@
 import ru.runa.wfe.user.User;
 
 public class AuthenticationServiceDelegatePasswordLoginModuleTest extends ServletTestCase {
-
-    private static final String PREFIX = AuthenticationServiceDelegatePasswordLoginModuleTest.class.getName();
-
     private static final String ACTOR1_NAME = "actor1";
-
     private static final String ACTOR2_NAME = "actor2";
-
     private static final String ACTOR_VALID_PWD = "validPWD";
 
-    private ServiceTestHelper th;
+    private final String PREFIX = getClass().getName();
 
+    private ServiceTestHelper h;
     private AuthenticationService authenticationService;
-
     private ExecutorService executorService;
 
     private Actor validActor;
 
-    protected void setUp() throws Exception {
-        th = new ServiceTestHelper(PREFIX);
-        authenticationService = th.getAuthenticationService();
-        executorService = th.getExecutorService();
-
-        validActor = th.createActorIfNotExist(PREFIX + ACTOR1_NAME, "");
-        executorService.setPassword(th.getAdminUser(), validActor, ACTOR_VALID_PWD);
+    @Override
+    protected void setUp() {
+        h = new ServiceTestHelper(PREFIX);
+        authenticationService = h.getAuthenticationService();
+        executorService = h.getExecutorService();
 
-        super.setUp();
+        validActor = h.createActorIfNotExist(PREFIX + ACTOR1_NAME, "");
+        executorService.setPassword(h.getAdminUser(), validActor, ACTOR_VALID_PWD);
     }
 
-    protected void tearDown() throws Exception {
-        th.releaseResources();
-        th = null;
+    @Override
+    protected void tearDown() {
+        h.releaseResources();
+        h = null;
         authenticationService = null;
         executorService = null;
         validActor = null;
-        super.tearDown();
     }
 
-    public void testValidPassword() throws Exception {
+    public void testValidPassword() {
         User validSubject = authenticationService.authenticateByLoginPassword(validActor.getName(), ACTOR_VALID_PWD);
         assertEquals("authenticated subject doesn't contains actor principal", validSubject.getActor(), validActor);
     }
 
-    public void testValidPasswordWithAnotherActorWithSamePassword() throws Exception {
-        Actor actor2 = th.createActorIfNotExist(PREFIX + ACTOR2_NAME, "");
-        executorService.setPassword(th.getAdminUser(), actor2, ACTOR_VALID_PWD);
+    public void testValidPasswordWithAnotherActorWithSamePassword() {
+        Actor actor2 = h.createActorIfNotExist(PREFIX + ACTOR2_NAME, "");
+        executorService.setPassword(h.getAdminUser(), actor2, ACTOR_VALID_PWD);
 
         User validSubject = authenticationService.authenticateByLoginPassword(validActor.getName(), ACTOR_VALID_PWD);
         assertEquals("authenticated subject doesn't contains actor principal", validSubject.getActor(), validActor);
     }
 
-    public void testLoginFakeActor() throws Exception {
+    public void testLoginFakeActor() {
         try {
-            authenticationService.authenticateByLoginPassword(th.getFakeActor().getName(), ACTOR_VALID_PWD);
+            authenticationService.authenticateByLoginPassword(h.getFakeActor().getName(), ACTOR_VALID_PWD);
             fail("allowing fake actor");
         } catch (AuthenticationException e) {
-            // expected
+            // Expected.
         }
     }
 
-    public void testInValidPassword() throws Exception {
+    public void testInValidPassword() {
         try {
             authenticationService.authenticateByLoginPassword(validActor.getName(), ACTOR_VALID_PWD + "Invalid");
             fail("allowing invalid password");
         } catch (AuthenticationException e) {
-            // expected
+            // Expected.
         }
     }
 
-    public void testInValidLogin() throws Exception {
+    public void testInValidLogin() {
         try {
             authenticationService.authenticateByLoginPassword(validActor.getName() + "Invalid", ACTOR_VALID_PWD);
             fail("allowing invalid login");
         } catch (AuthenticationException e) {
-            // expected
+            // Expected.
         }
     }
 }

wfe-cactus-it/src/test/java/ru/runa/af/delegate/AuthorizationServiceDelegateGetExecutorsWithPermissionTest.java

@@ -17,94 +17,78 @@
  */
 package ru.runa.af.delegate;
 
-import java.util.Collection;
-import java.util.List;
-
+import com.google.common.collect.Lists;
+import lombok.val;
 import org.apache.cactus.ServletTestCase;
-
 import ru.runa.af.service.ServiceTestHelper;
 import ru.runa.junit.ArrayAssert;
 import ru.runa.wfe.InternalApplicationException;
 import ru.runa.wfe.presentation.BatchPresentation;
 import ru.runa.wfe.security.AuthenticationException;
 import ru.runa.wfe.security.AuthorizationException;
 import ru.runa.wfe.security.Permission;
-import ru.runa.wfe.security.SecuredSingleton;
 import ru.runa.wfe.service.AuthorizationService;
 import ru.runa.wfe.service.delegate.Delegates;
-import ru.runa.wfe.user.Actor;
-import ru.runa.wfe.user.Executor;
-
-import com.google.common.collect.Lists;
 
 /**
- * Created on 20.08.2004
- * 
+ * Created on 20.08.2004.
  */
 public class AuthorizationServiceDelegateGetExecutorsWithPermissionTest extends ServletTestCase {
-    private ServiceTestHelper helper;
-
+    private ServiceTestHelper h;
     private AuthorizationService authorizationService;
-
     private BatchPresentation batchPresentation;
 
     @Override
-    protected void setUp() throws Exception {
-        helper = new ServiceTestHelper(AuthorizationServiceDelegateGetExecutorsWithPermissionTest.class.getName());
-        helper.createDefaultExecutorsMap();
-
-        Collection<Permission> executorP = Lists.newArrayList(Permission.READ);
-        helper.setPermissionsToAuthorizedPerformer(executorP, helper.getBaseGroupActor());
-        helper.setPermissionsToAuthorizedPerformer(executorP, helper.getBaseGroup());
-
+    protected void setUp() {
+        h = new ServiceTestHelper(AuthorizationServiceDelegateGetExecutorsWithPermissionTest.class.getName());
         authorizationService = Delegates.getAuthorizationService();
-        batchPresentation = helper.getExecutorBatchPresentation();
+        batchPresentation = h.getExecutorBatchPresentation();
 
-        authorizationService.setPermissions(helper.getAdminUser(), helper.getBaseGroupActor().getId(), executorP, helper.getBaseGroupActor());
-        authorizationService.setPermissions(helper.getAdminUser(), helper.getAuthorizedPerformerActor().getId(), executorP,
-                helper.getAuthorizedPerformerActor());
+        h.createDefaultExecutorsMap();
 
-        super.setUp();
+        val pp = Lists.newArrayList(Permission.READ);
+        h.setPermissionsToAuthorizedActor(pp, h.getBaseGroupActor());
+        h.setPermissionsToAuthorizedActor(pp, h.getBaseGroup());
+        h.setPermissionsToAuthorizedActor(pp, h.getAuthorizedActor());
+        authorizationService.setPermissions(h.getAdminUser(), h.getBaseGroupActor().getId(), pp, h.getBaseGroupActor());
     }
 
     @Override
-    protected void tearDown() throws Exception {
-        helper.releaseResources();
+    protected void tearDown() {
+        h.releaseResources();
         authorizationService = null;
-        batchPresentation = null;
-        super.tearDown();
     }
 
-    public void testGetExecutorsWithPermissionFakeSubject() throws Exception {
+    public void testGetExecutorsWithPermissionFakeUser() {
         try {
-            authorizationService.getExecutorsWithPermission(helper.getFakeUser(), SecuredSingleton.EXECUTORS, batchPresentation, true);
+            authorizationService.getExecutorsWithPermission(h.getFakeUser(), h.getBaseGroupActor(), batchPresentation, true);
             fail("AuthorizationDelegate.getExecutorsWithPermission() allows fake subject");
         } catch (AuthenticationException e) {
+            // Expected. Although we also can get here because user is not fake but is not allowed to read object's permissions.
         }
     }
 
-    public void testGetExecutorsWithPermissionFakeSecuredObject() throws Exception {
+    public void testGetExecutorsWithPermissionFakeObject() {
         try {
-            authorizationService.getExecutorsWithPermission(helper.getAuthorizedPerformerUser(), helper.getFakeActor(), batchPresentation, true);
+            authorizationService.getExecutorsWithPermission(h.getAuthorizedUser(), h.getFakeActor(), batchPresentation, true);
             fail("AuthorizationDelegate.getExecutorsWithPermission() allows fake SecuredObject");
         } catch (InternalApplicationException e) {
+            // Expected.
         }
     }
 
-    public void testGetExecutorsWithPermission() throws Exception {
-        List<Actor> expected = Lists.newArrayList(helper.getAuthorizedPerformerActor(), helper.getBaseGroupActor());
-        List<Executor> actual = authorizationService.getExecutorsWithPermission(helper.getAuthorizedPerformerUser(), helper.getBaseGroupActor(),
-                batchPresentation, true);
+    public void testGetExecutorsWithPermission() {
+        val expected = Lists.newArrayList(h.getAuthorizedActor(), h.getBaseGroupActor());
+        val actual = authorizationService.getExecutorsWithPermission(h.getAuthorizedUser(), h.getBaseGroupActor(), batchPresentation, true);
         ArrayAssert.assertWeakEqualArrays("AuthorizationDelegate.getExecutorsWithPermission() returns wrong executors", expected, actual);
     }
 
-    public void testGetExecutorsWithPermissionUnauthorized() throws Exception {
+    public void testGetExecutorsWithPermissionUnauthorized() {
         try {
-            authorizationService.getExecutorsWithPermission(helper.getUnauthorizedPerformerUser(), helper.getBaseGroupActor(), batchPresentation,
-                    true);
+            authorizationService.getExecutorsWithPermission(h.getUnauthorizedUser(), h.getBaseGroupActor(), batchPresentation, true);
             fail("AuthorizationDelegate.getExecutorsWithPermission() allows unauthorized operation");
         } catch (AuthorizationException e) {
+            // Expected.
         }
     }
-
 }

wfe-cactus-it/src/test/java/ru/runa/af/delegate/AuthorizationServiceDelegateGetExecutorsWithoutPermissionTest.java

@@ -17,88 +17,78 @@
  */
 package ru.runa.af.delegate;
 
-import java.util.Collection;
-import java.util.List;
-
+import com.google.common.collect.Lists;
+import lombok.val;
 import org.apache.cactus.ServletTestCase;
-
 import ru.runa.af.service.ServiceTestHelper;
 import ru.runa.junit.ArrayAssert;
 import ru.runa.wfe.InternalApplicationException;
-import ru.runa.wfe.audit.SystemLog;
+import ru.runa.wfe.presentation.BatchPresentation;
 import ru.runa.wfe.security.AuthenticationException;
 import ru.runa.wfe.security.AuthorizationException;
 import ru.runa.wfe.security.Permission;
-import ru.runa.wfe.security.SecuredSingleton;
 import ru.runa.wfe.service.AuthorizationService;
 import ru.runa.wfe.service.delegate.Delegates;
-import ru.runa.wfe.user.Executor;
-import ru.runa.wfe.user.Group;
-
-import com.google.common.collect.Lists;
-import com.itextpdf.text.log.SysoLogger;
 
 /**
- * Created on 20.08.2004
- * 
+ * Created on 20.08.2004.
  */
 public class AuthorizationServiceDelegateGetExecutorsWithoutPermissionTest extends ServletTestCase {
-    private ServiceTestHelper helper;
-
+    private ServiceTestHelper h;
     private AuthorizationService authorizationService;
+    private BatchPresentation batchPresentation;
 
     @Override
-    protected void setUp() throws Exception {
-        helper = new ServiceTestHelper(AuthorizationServiceDelegateGetExecutorsWithoutPermissionTest.class.getName());
-        helper.createDefaultExecutorsMap();
+    protected void setUp() {
+        h = new ServiceTestHelper(AuthorizationServiceDelegateGetExecutorsWithoutPermissionTest.class.getName());
+        authorizationService = Delegates.getAuthorizationService();
 
-        Collection<Permission> executorP = Lists.newArrayList(Permission.READ);
-        helper.setPermissionsToAuthorizedPerformer(executorP, helper.getBaseGroupActor());
-        helper.setPermissionsToAuthorizedPerformer(executorP, helper.getBaseGroup());
+        batchPresentation = h.getExecutorBatchPresentation();
 
-        authorizationService = Delegates.getAuthorizationService();
-        authorizationService.setPermissions(helper.getAdminUser(), helper.getBaseGroupActor().getId(), executorP, helper.getBaseGroupActor());
-        super.setUp();
+        h.createDefaultExecutorsMap();
+
+        val pp = Lists.newArrayList(Permission.READ);
+        h.setPermissionsToAuthorizedActor(pp, h.getBaseGroupActor());
+        h.setPermissionsToAuthorizedActor(pp, h.getBaseGroup());
+        authorizationService.setPermissions(h.getAdminUser(), h.getBaseGroupActor().getId(), pp, h.getBaseGroupActor());
     }
 
     @Override
-    protected void tearDown() throws Exception {
-        helper.releaseResources();
+    protected void tearDown() {
+        h.releaseResources();
         authorizationService = null;
-        super.tearDown();
     }
 
-    public void testGetExecutorsWithoutPermissionFakeSubject() throws Exception {
+    public void testGetExecutorsWithoutPermissionFakeUser() {
         try {
-            authorizationService.getExecutorsWithPermission(helper.getFakeUser(), SecuredSingleton.EXECUTORS, helper.getExecutorBatchPresentation(), false);
+            authorizationService.getExecutorsWithPermission(h.getFakeUser(), h.getBaseGroupActor(), batchPresentation, false);
             fail("AuthorizationDelegate.getExecutorsWithoutPermission() allows fake subject");
         } catch (AuthenticationException e) {
+            // Expected. Although we also can get here because user is not fake but is not allowed to read object's permissions.
         }
     }
 
-    public void testGetExecutorsWithoutPermissionFakeSecuredObject() throws Exception {
+    public void testGetExecutorsWithoutPermissionFakeObject() {
         try {
-            authorizationService.getExecutorsWithPermission(helper.getAuthorizedPerformerUser(), helper.getFakeActor(),
-                    helper.getExecutorBatchPresentation(), false);
+            authorizationService.getExecutorsWithPermission(h.getAuthorizedUser(), h.getFakeActor(), batchPresentation, false);
             fail("AuthorizationDelegate.getExecutorsWithoutPermission() allows fake SecuredObject");
         } catch (InternalApplicationException e) {
+            // Expected.
         }
     }
 
-    public void testGetExecutorsWithoutPermission() throws Exception {
-        List<Group> expected = Lists.newArrayList(helper.getBaseGroup());
-        List<Executor> actual = authorizationService.getExecutorsWithPermission(helper.getAuthorizedPerformerUser(), helper.getBaseGroupActor(),
-                helper.getExecutorBatchPresentation(), false);
+    public void testGetExecutorsWithoutPermission() {
+        val expected = Lists.newArrayList(h.getBaseGroup());
+        val actual = authorizationService.getExecutorsWithPermission(h.getAuthorizedUser(), h.getBaseGroupActor(), batchPresentation, false);
         ArrayAssert.assertWeakEqualArrays("AuthorizationDelegate.getExecutorsWithoutPermission() returns wrong executors", expected, actual);
     }
 
-    public void testGetExecutorsWithoutPermissionUnauthorized() throws Exception {
+    public void testGetExecutorsWithoutPermissionUnauthorized() {
         try {
-            authorizationService.getExecutorsWithPermission(helper.getUnauthorizedPerformerUser(), helper.getBaseGroupActor(),
-                    helper.getExecutorBatchPresentation(), false);
+            authorizationService.getExecutorsWithPermission(h.getUnauthorizedUser(), h.getBaseGroupActor(), batchPresentation, false);
             fail("AuthorizationDelegate.getExecutorsWithoutPermission() allows unauthorized operation");
         } catch (AuthorizationException e) {
+            // Expected.
         }
     }
-
 }