View Javadoc
1   /*
2    * Copyright (c) 2002-2025, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.web.features;
35  
36  import java.math.BigInteger;
37  import java.security.SecureRandom;
38  import java.util.Random;
39  
40  import org.apache.commons.lang3.StringUtils;
41  import org.springframework.mock.web.MockHttpServletRequest;
42  
43  import fr.paris.lutece.portal.business.right.Level;
44  import fr.paris.lutece.portal.business.right.LevelHome;
45  import fr.paris.lutece.portal.business.user.AdminUser;
46  import fr.paris.lutece.portal.service.admin.AccessDeniedException;
47  import fr.paris.lutece.portal.service.security.SecurityTokenService;
48  import fr.paris.lutece.portal.web.constants.Parameters;
49  import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean;
50  import fr.paris.lutece.test.LuteceTestCase;
51  import fr.paris.lutece.test.Utils;
52  
53  /**
54   * LevelsJspBeanTest Test Class
55   *
56   */
57  public class LevelsJspBeanTest extends LuteceTestCase
58  {
59      // Templates files path
60      private static final String TEMPLATE_CREATE_LEVEL = "admin/features/create_level.html";
61      private static final String TEMPLATE_MODIFY_LEVEL = "admin/features/modify_level.html";
62      private static final String TEST_LEVEL_ID = "0"; // administrator level_right
63      private MockHttpServletRequest request;
64      private LevelsJspBean instance;
65  
66      @Override
67      protected void setUp( ) throws Exception
68      {
69          super.setUp( );
70          request = new MockHttpServletRequest( );
71          Utils.registerAdminUserWithRigth( request, new AdminUser( ), LevelsJspBean.RIGHT_MANAGE_LEVELS );
72  
73          instance = new LevelsJspBean( );
74          instance.init( request, LevelsJspBean.RIGHT_MANAGE_LEVELS );
75      }
76  
77      /**
78       * Test of getCreateLevel method, of class fr.paris.lutece.portal.web.features.LevelsJspBean.
79       */
80      public void testGetCreateLevel( ) throws AccessDeniedException
81      {
82          assertTrue( StringUtils.isNotEmpty( instance.getCreateLevel( request ) ) );
83      }
84  
85      /**
86       * Test of doCreateLevel method, of class fr.paris.lutece.portal.web.features.LevelsJspBean.
87       * 
88       * @throws AccessDeniedException
89       */
90      public void testDoCreateLevel( ) throws AccessDeniedException
91      {
92          final String name = getRandomName( );
93          request.setParameter( "level_name", name );
94          request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_LEVEL ) );
95  
96          LevelHome.getLevelsList( ).forEach( level -> {
97              assertFalse( name.equals( level.getName( ) ) );
98          } );
99          try
100         {
101             instance.doCreateLevel( request );
102             assertEquals( 1, LevelHome.getLevelsList( ).stream( ).filter( level -> {
103                 return name.equals( level.getName( ) );
104             } ).count( ) );
105         }
106         finally
107         {
108             LevelHome.getLevelsList( ).stream( ).filter( level -> {
109                 return name.equals( level.getName( ) );
110             } ).forEach( level -> {
111                 LevelHome.remove( level.getId( ) );
112             } );
113         }
114     }
115 
116     public void testDoCreateLevelInvalidToken( ) throws AccessDeniedException
117     {
118         final String name = getRandomName( );
119         request.setParameter( "level_name", name );
120         request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_CREATE_LEVEL ) + "b" );
121 
122         LevelHome.getLevelsList( ).forEach( level -> {
123             assertFalse( name.equals( level.getName( ) ) );
124         } );
125         try
126         {
127             instance.doCreateLevel( request );
128             fail( "Should have thrown" );
129         }
130         catch( AccessDeniedException e )
131         {
132             LevelHome.getLevelsList( ).forEach( level -> {
133                 assertFalse( name.equals( level.getName( ) ) );
134             } );
135         }
136         finally
137         {
138             LevelHome.getLevelsList( ).stream( ).filter( level -> {
139                 return name.equals( level.getName( ) );
140             } ).forEach( level -> {
141                 LevelHome.remove( level.getId( ) );
142             } );
143         }
144     }
145 
146     public void testDoCreateLevelNoToken( ) throws AccessDeniedException
147     {
148         final String name = getRandomName( );
149         request.setParameter( "level_name", name );
150 
151         LevelHome.getLevelsList( ).forEach( level -> {
152             assertFalse( name.equals( level.getName( ) ) );
153         } );
154         try
155         {
156             instance.doCreateLevel( request );
157             fail( "Should have thrown" );
158         }
159         catch( AccessDeniedException e )
160         {
161             LevelHome.getLevelsList( ).forEach( level -> {
162                 assertFalse( name.equals( level.getName( ) ) );
163             } );
164         }
165         finally
166         {
167             LevelHome.getLevelsList( ).stream( ).filter( level -> {
168                 return name.equals( level.getName( ) );
169             } ).forEach( level -> {
170                 LevelHome.remove( level.getId( ) );
171             } );
172         }
173     }
174 
175     private String getRandomName( )
176     {
177         Random rand = new SecureRandom( );
178         BigInteger bigInt = new BigInteger( 128, rand );
179         return "junit" + bigInt.toString( 36 );
180     }
181 
182     /**
183      * Test of getModifyLevel method, of class fr.paris.lutece.portal.web.features.LevelsJspBean.
184      */
185     public void testGetModifyLevel( ) throws AccessDeniedException
186     {
187         request.addParameter( Parameters.LEVEL_ID, TEST_LEVEL_ID );
188 
189         assertTrue( StringUtils.isNotEmpty( instance.getModifyLevel( request ) ) );
190     }
191 
192     /**
193      * Test of doModifyLevel method, of class fr.paris.lutece.portal.web.features.LevelsJspBean.
194      * 
195      * @throws AccessDeniedException
196      */
197     public void testDoModifyLevel( ) throws AccessDeniedException
198     {
199         final String name = getRandomName( );
200         Level level = new Level( );
201         level.setName( name );
202         LevelHome.create( level );
203         request.setParameter( Parameters.LEVEL_ID, Integer.toString( level.getId( ) ) );
204         request.setParameter( Parameters.LEVEL_NAME, name + "_mod" );
205         request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_LEVEL ) );
206         try
207         {
208             assertEquals( name, LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) );
209             instance.doModifyLevel( request );
210             assertEquals( name + "_mod", LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) );
211         }
212         finally
213         {
214             LevelHome.remove( level.getId( ) );
215         }
216     }
217 
218     public void testDoModifyLevelInvalidToken( ) throws AccessDeniedException
219     {
220         final String name = getRandomName( );
221         Level level = new Level( );
222         level.setName( name );
223         LevelHome.create( level );
224         request.setParameter( Parameters.LEVEL_ID, Integer.toString( level.getId( ) ) );
225         request.setParameter( Parameters.LEVEL_NAME, name + "_mod" );
226         request.setParameter( SecurityTokenService.PARAMETER_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TEMPLATE_MODIFY_LEVEL ) + "b" );
227         try
228         {
229             assertEquals( name, LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) );
230             instance.doModifyLevel( request );
231             fail( "Should have thrown" );
232         }
233         catch( AccessDeniedException e )
234         {
235             assertEquals( name, LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) );
236         }
237         finally
238         {
239             LevelHome.remove( level.getId( ) );
240         }
241     }
242 
243     public void testDoModifyLevelNoToken( ) throws AccessDeniedException
244     {
245         final String name = getRandomName( );
246         Level level = new Level( );
247         level.setName( name );
248         LevelHome.create( level );
249         request.setParameter( Parameters.LEVEL_ID, Integer.toString( level.getId( ) ) );
250         request.setParameter( Parameters.LEVEL_NAME, name + "_mod" );
251         try
252         {
253             assertEquals( name, LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) );
254             instance.doModifyLevel( request );
255             fail( "Should have thrown" );
256         }
257         catch( AccessDeniedException e )
258         {
259             assertEquals( name, LevelHome.findByPrimaryKey( level.getId( ) ).getName( ) );
260         }
261         finally
262         {
263             LevelHome.remove( level.getId( ) );
264         }
265     }
266 }