1 package de.dlr.shepard.auth.users.services;
2
3 import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
4 import static org.junit.jupiter.api.Assertions.assertEquals;
5 import static org.junit.jupiter.api.Assertions.assertThrows;
6 import static org.mockito.ArgumentMatchers.any;
7 import static org.mockito.Mockito.never;
8 import static org.mockito.Mockito.verify;
9 import static org.mockito.Mockito.when;
10
11 import de.dlr.shepard.auth.permission.model.Permissions;
12 import de.dlr.shepard.auth.permission.services.PermissionsService;
13 import de.dlr.shepard.auth.security.AuthenticationContext;
14 import de.dlr.shepard.auth.users.daos.UserGroupDAO;
15 import de.dlr.shepard.auth.users.entities.User;
16 import de.dlr.shepard.auth.users.entities.UserGroup;
17 import de.dlr.shepard.auth.users.io.UserGroupIO;
18 import de.dlr.shepard.common.exceptions.InvalidPathException;
19 import de.dlr.shepard.common.util.AccessType;
20 import de.dlr.shepard.common.util.DateHelper;
21 import de.dlr.shepard.common.util.QueryParamHelper;
22 import io.quarkus.test.InjectMock;
23 import io.quarkus.test.component.QuarkusComponentTest;
24 import jakarta.inject.Inject;
25 import jakarta.ws.rs.NotFoundException;
26 import java.util.ArrayList;
27 import java.util.Date;
28 import java.util.List;
29 import java.util.Optional;
30 import org.junit.jupiter.api.Test;
31 import org.neo4j.ogm.session.Session;
32
33 @QuarkusComponentTest
34 public class UserGroupServiceTest {
35
36 @InjectMock
37 UserGroupDAO userGroupDAO;
38
39 @InjectMock
40 UserService userService;
41
42 @InjectMock
43 PermissionsService permissionsService;
44
45 @InjectMock
46 Session session;
47
48 @InjectMock
49 DateHelper dateHelper;
50
51 @InjectMock
52 AuthenticationContext authenticationContext;
53
54 @Inject
55 UserGroupService service;
56
57 private final User user = new User("Testuser");
58
59 @Test
60 public void createUserGroupTest() {
61 var creator = new User("creator");
62 var date = new Date(23);
63
64 UserGroupIO input = new UserGroupIO();
65 input.setName("group");
66 input.setUsernames(new String[] { "user", null });
67
68 UserGroup toCreate = new UserGroup();
69 toCreate.setName("group");
70 var user = new User("user");
71 ArrayList<User> users = new ArrayList<>();
72 users.add(user);
73 toCreate.setUsers(users);
74 toCreate.setCreatedBy(creator);
75 toCreate.setCreatedAt(date);
76
77 var created = new UserGroup();
78 created.setName("group");
79 created.setUsers(users);
80 created.setCreatedBy(creator);
81 created.setCreatedAt(date);
82 created.setId(1L);
83
84 when(userService.getCurrentUser()).thenReturn(creator);
85 when(userService.getUserOptional("user")).thenReturn(Optional.of(user));
86 when(dateHelper.getDate()).thenReturn(date);
87 when(userGroupDAO.createOrUpdate(toCreate)).thenReturn(created);
88 when(permissionsService.createPermissions(any(), any(), any())).thenReturn(null);
89
90 UserGroup actual = service.createUserGroup(input);
91 assertEquals(created, actual);
92 }
93
94 @Test
95 public void getUserGroupTest() {
96 UserGroup userGroup = new UserGroup();
97 userGroup.setName("group");
98 Long userGroupId = 1L;
99
100 when(userGroupDAO.findByNeo4jId(userGroupId)).thenReturn(userGroup);
101 when(authenticationContext.getCurrentUserName()).thenReturn(user.getUsername());
102 when(
103 permissionsService.isAccessTypeAllowedForUser(
104 userGroupId,
105 AccessType.Read,
106 authenticationContext.getCurrentUserName()
107 )
108 ).thenReturn(true);
109
110 UserGroup actual = service.getUserGroup(1L);
111 assertEquals(userGroup, actual);
112 }
113
114 @Test
115 public void getAllUserGroupsTest() {
116 List<UserGroup> allUserGroups = new ArrayList<>();
117 QueryParamHelper params = new QueryParamHelper();
118 when(userGroupDAO.findAllUserGroups(params, "user1")).thenReturn(allUserGroups);
119 assertEquals(0, service.getAllUserGroups(params).size());
120 }
121
122 @Test
123 public void updateUserGroupTest() {
124 var creator = new User("creator");
125 var date = new Date(23);
126 var updateUser = new User("updater");
127 var updateDate = new Date(43);
128
129 UserGroupIO input = new UserGroupIO();
130 input.setName("group");
131 input.setUsernames(new String[] { "listUser" });
132 input.setId(1L);
133
134 UserGroup oldGroup = new UserGroup();
135 oldGroup.setName("group");
136 ArrayList<User> users = new ArrayList<>();
137 users.add(user);
138 oldGroup.setUsers(users);
139 oldGroup.setCreatedBy(creator);
140 oldGroup.setCreatedAt(date);
141 oldGroup.setId(1L);
142
143 UserGroup newGroup = new UserGroup();
144 newGroup.setName("newName");
145 newGroup.setUsers(users);
146 newGroup.setCreatedBy(creator);
147 newGroup.setCreatedAt(date);
148 newGroup.setId(1L);
149 newGroup.setUpdatedAt(updateDate);
150 newGroup.setUpdatedBy(updateUser);
151
152 when(userGroupDAO.findByNeo4jId(1L)).thenReturn(oldGroup);
153 when(userService.getUser("updater")).thenReturn(updateUser);
154 when(dateHelper.getDate()).thenReturn(updateDate);
155 when(userGroupDAO.createOrUpdate(oldGroup)).thenReturn(newGroup);
156 when(authenticationContext.getCurrentUserName()).thenReturn(user.getUsername());
157 when(
158 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Read, authenticationContext.getCurrentUserName())
159 ).thenReturn(true);
160 when(
161 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Write, authenticationContext.getCurrentUserName())
162 ).thenReturn(true);
163
164 var actual = service.updateUserGroup(input.getId(), input);
165 assertEquals(newGroup, actual);
166 }
167
168 @Test
169 public void deleteUserGroupTest() {
170 var userGroup = new UserGroup();
171 userGroup.setId(1L);
172 var permissions = new Permissions();
173 permissions.setId(2L);
174
175 when(userGroupDAO.findByNeo4jId(1L)).thenReturn(userGroup);
176 when(userGroupDAO.deleteByNeo4jId(1L)).thenReturn(true);
177 when(permissionsService.getPermissionsOfEntityOptional(1L)).thenReturn(Optional.of(permissions));
178 when(permissionsService.deletePermissions(permissions)).thenReturn(true);
179 when(authenticationContext.getCurrentUserName()).thenReturn(user.getUsername());
180 when(
181 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Read, authenticationContext.getCurrentUserName())
182 ).thenReturn(true);
183 when(
184 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Write, authenticationContext.getCurrentUserName())
185 ).thenReturn(true);
186
187 assertDoesNotThrow(() -> service.deleteUserGroup(1L));
188 }
189
190 @Test
191 public void deleteUserGroupTest_noPermissions() {
192 var userGroup = new UserGroup();
193 userGroup.setId(1L);
194
195 when(userGroupDAO.findByNeo4jId(1L)).thenReturn(userGroup);
196 when(userGroupDAO.deleteByNeo4jId(1L)).thenReturn(true);
197 when(permissionsService.getPermissionsOfEntityOptional(1L)).thenReturn(Optional.empty());
198 when(authenticationContext.getCurrentUserName()).thenReturn(user.getUsername());
199 when(
200 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Read, authenticationContext.getCurrentUserName())
201 ).thenReturn(true);
202 when(
203 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Write, authenticationContext.getCurrentUserName())
204 ).thenReturn(true);
205
206 assertDoesNotThrow(() -> service.deleteUserGroup(1L));
207 }
208
209 @Test
210 public void deleteUserGroupTest_permissionsFailed() {
211 var userGroup = new UserGroup();
212 userGroup.setId(1L);
213 var permissions = new Permissions();
214 permissions.setId(2L);
215
216 when(userGroupDAO.findByNeo4jId(1L)).thenReturn(userGroup);
217 when(permissionsService.getPermissionsOfEntityOptional(1L)).thenReturn(Optional.of(permissions));
218 when(permissionsService.deletePermissions(permissions)).thenReturn(false);
219 when(
220 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Read, authenticationContext.getCurrentUserName())
221 ).thenReturn(true);
222 when(
223 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Write, authenticationContext.getCurrentUserName())
224 ).thenReturn(true);
225
226 assertThrows(NotFoundException.class, () -> service.deleteUserGroup(1L));
227
228 verify(userGroupDAO, never()).deleteByNeo4jId(1L);
229 }
230
231 @Test
232 public void deleteUserGroupTest_notFound() {
233 when(userGroupDAO.findByNeo4jId(1L)).thenReturn(null);
234 when(
235 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Read, authenticationContext.getCurrentUserName())
236 ).thenReturn(true);
237 when(
238 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Write, authenticationContext.getCurrentUserName())
239 ).thenReturn(true);
240
241 assertThrows(InvalidPathException.class, () -> service.deleteUserGroup(1L));
242 verify(userGroupDAO, never()).deleteByNeo4jId(1L);
243 }
244
245 @Test
246 public void deleteUserGroupTest_failed() {
247 var userGroup = new UserGroup();
248 userGroup.setId(1L);
249 var permissions = new Permissions();
250 permissions.setId(2L);
251
252 when(userGroupDAO.findByNeo4jId(1L)).thenReturn(userGroup);
253 when(userGroupDAO.deleteByNeo4jId(1L)).thenReturn(false);
254 when(permissionsService.getPermissionsOfEntityOptional(1L)).thenReturn(Optional.of(permissions));
255 when(permissionsService.deletePermissions(permissions)).thenReturn(true);
256 when(
257 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Read, authenticationContext.getCurrentUserName())
258 ).thenReturn(true);
259 when(
260 permissionsService.isAccessTypeAllowedForUser(1L, AccessType.Write, authenticationContext.getCurrentUserName())
261 ).thenReturn(true);
262
263 assertThrows(NotFoundException.class, () -> service.deleteUserGroup(1L));
264 }
265 }