SecurityInvocationHandler(SessionContext sessionContext, Method beanMethod) { this.sessionContext = sessionContext; RolesAllowed rolesAllowed = beanMethod.getAnnotation(RolesAllowed.class); // a somewhat nasty scenario: a bean is spied using Mockito, so the // roles allowed annotations have to be retrieved from the superclass... Class<?> declaringClass = beanMethod.getDeclaringClass(); Class<?> superclass = declaringClass.getSuperclass(); if (declaringClass.getName().contains("Mockito") && !superclass.equals(Object.class)) { try { Method method = superclass.getMethod(beanMethod.getName(), beanMethod.getParameterTypes()); rolesAllowed = method.getAnnotation(RolesAllowed.class); } catch (Exception e) { e.printStackTrace(); } } if (rolesAllowed == null) { this.rolesAllowed = new String[0]; } else { this.rolesAllowed = rolesAllowed.value(); } }
@Before public void setUp() throws Exception { trackingCodeManagementServiceBean = spy(new TrackingCodeManagementServiceBean()); marketplace = new Marketplace(); marketplace.setMarketplaceId(MARKETPLACE_ID); marketplace.setTrackingCode(TRACKING_CODE); mpServiceLocal = mock(MarketplaceServiceLocal.class); doReturn(marketplace).when(mpServiceLocal).getMarketplace( eq(MARKETPLACE_ID)); doNothing().when(mpServiceLocal).updateMarketplaceTrackingCode( anyString(), anyInt(), anyString()); response = new Response(); trackingCodeManagementServiceBean.mpServiceLocal = mpServiceLocal; trackingCodeManagementServiceBean.sessionCtx = mock(SessionContext.class); }
@Before public void setup() { bean = new SubscriptionDetailsServiceBean(); bean.accountService = mock(AccountService.class); bean.discountService = mock(DiscountService.class); bean.ds = mock(DataService.class); bean.identityService = mock(IdentityService.class); bean.partnerService = mock(PartnerService.class); bean.serviceProvisioningService = mock(ServiceProvisioningService.class); bean.serviceProvisioningServiceInternal = mock(ServiceProvisioningServiceInternal.class); bean.sessionCtx = mock(SessionContext.class); bean.sessionService = mock(SessionService.class); bean.subscriptionService = mock(SubscriptionService.class); bean.subscriptionServiceInternal = mock(SubscriptionServiceInternal.class); PlatformUser pu = new PlatformUser(); pu.setOrganization(new Organization()); pu.getOrganization().setKey(CURRENT_ORG_KEY); when(bean.ds.getCurrentUser()).thenReturn(pu); }
@Before public void setup() { owner = new Organization(); owner.setOrganizationId("owner"); owner.setKey(1234); notOwner = new Organization(); notOwner.setOrganizationId("notOwner"); notOwner.setKey(4321); technicalProduct = new TechnicalProduct(); technicalProduct.setKey(9876); technicalProduct.setTechnicalProductId("TP Id"); sessionMock = mock(SessionContext.class); loggerMock = mock(Log4jLogger.class); }
@Before public void setup() { bean = new SubscriptionServiceBean(); bean.sessionCtx = mock(SessionContext.class); sub = new Subscription(); sub.setSubscriptionId("subscriptionId"); Product prod = new Product(); prod.setParameterSet(new ParameterSet()); ParameterDefinition pd = new ParameterDefinition(); pd.setParameterId(PlatformParameterIdentifiers.NAMED_USER); pd.setParameterType(ParameterType.PLATFORM_PARAMETER); param = new Parameter(); param.setParameterDefinition(pd); param.setParameterSet(prod.getParameterSet()); prod.getParameterSet().getParameters().add(param); sub.setProduct(prod); }
/** * Checks if the provided {@link Organization} is the owner of the provided * {@link UdaDefinition} and throws an * {@link OperationNotPermittedException} if this is not the case. * * @param def * the {@link UdaDefinition} to check the ownership for * @param org * the {@link Organization} to check if it is the owner * @param logger * the optional logger - if not <code>null</code> it logs the * created exception as warning to the system log * @param context * if not <code>null</code>, * {@link SessionContext#setRollbackOnly()} will called. * @throws OperationNotPermittedException */ public static void owns(UdaDefinition def, Organization org, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { if (def.getOrganization() != org) { String message = String .format("Organization '%s' tried to access uda definition '%s' that is owned by a different organization", org.getOrganizationId(), Long.valueOf(def.getKey())); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn( Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_INSUFFICIENT_AUTH_BY_UDA_DEFINITION_ACCESS, org.getOrganizationId(), String.valueOf(def.getKey())); } if (context != null) { context.setRollbackOnly(); } throw e; } }
/** * Checks if the provided supplier {@link Organization} is supplier of the * provided customer {@link Organization} and throws an * {@link OperationNotPermittedException} if this is not the case. * * @param sup * the {@link Organization} to check if it is supplier of the * passed customer {@link Organization} * @param cust * the {@link Organization} to check if it is customer of the * passed supplier {@link Organization} * @param logger * the optional logger - if not <code>null</code> it logs the * created exception as warning to the system log * @param context * if not <code>null</code>, * {@link SessionContext#setRollbackOnly()} will called. * @throws OperationNotPermittedException */ public static void supplierOfCustomer(Organization sup, Organization cust, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { List<Organization> customers = sup.getCustomersOfSupplier(); if (!customers.contains(cust)) { String message = String.format( "Organization '%s' is not supplier of customer '%s'", sup.getOrganizationId(), cust.getOrganizationId()); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn(Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_NO_SUPPLIER_OF_CUSTOMER, sup.getOrganizationId(), cust.getOrganizationId()); } if (context != null) { context.setRollbackOnly(); } throw e; } }
/** * Checks if the provided reseller {@link Organization} is a broker of the * provided customer {@link Organization} and throws an * {@link OperationNotPermittedException} if this is not the case. * * @param broker * the {@link Organization} to check if it is a broker of the * passed customer {@link Organization} * @param cust * the {@link Organization} to check if it is customer of the * passed broker {@link Organization} * @param logger * the optional logger - if not <code>null</code> it logs the * created exception as warning to the system log * @param context * if not <code>null</code>, * {@link SessionContext#setRollbackOnly()} will called. * @throws OperationNotPermittedException */ public static void brokerOfCustomer(Organization broker, Organization cust, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { List<Organization> customers = broker.getCustomersOfBroker(); if (!customers.contains(cust)) { String message = String.format( "Organization '%s' is not broker of customer '%s'", broker.getOrganizationId(), cust.getOrganizationId()); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn(Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_NO_BROKER_OF_CUSTOMER, broker.getOrganizationId(), cust.getOrganizationId()); } if (context != null) { context.setRollbackOnly(); } throw e; } }
/** * Checks if the provided reseller {@link Organization} is reseller of the * provided customer {@link Organization} and throws an * {@link OperationNotPermittedException} if this is not the case. * * @param reseller * the {@link Organization} to check if it is reseller of the * passed customer {@link Organization} * @param cust * the {@link Organization} to check if it is customer of the * passed reseller {@link Organization} * @param logger * the optional logger - if not <code>null</code> it logs the * created exception as warning to the system log * @param context * if not <code>null</code>, * {@link SessionContext#setRollbackOnly()} will called. * @throws OperationNotPermittedException */ public static void resellerOfCustomer(Organization reseller, Organization cust, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { List<Organization> customers = reseller.getCustomersOfReseller(); if (!customers.contains(cust)) { String message = String.format( "Organization '%s' is not reseller of customer '%s'", reseller.getOrganizationId(), cust.getOrganizationId()); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn(Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_NO_RESELLER_OF_CUSTOMER, reseller.getOrganizationId(), cust.getOrganizationId()); } if (context != null) { context.setRollbackOnly(); } throw e; } }
/** * Checks if the provided {@link Organization} is the owner of the provided * {@link Marketplace} and throws an {@link OperationNotPermittedException} * if this is not the case. * * @param mp * the {@link Marketplace} to check the ownership for * @param org * the {@link Organization} to check if it is the owner * @param logger * the optional logger - if not <code>null</code> it logs the * created exception as warning to the system log * @param context * if not <code>null</code>, * {@link SessionContext#setRollbackOnly()} will called. * @throws OperationNotPermittedException */ public static void owns(Marketplace mp, Organization org, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { if (mp.getOrganization() != org) { String message = String .format("Organization '%s' tried to access marketplace '%s' that is owned by a different organization", org.getOrganizationId(), Long.valueOf(mp.getKey())); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn( Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_INSUFFICIENT_AUTH_BY_MARKETPLACE_ACCESS, org.getOrganizationId(), String.valueOf(mp.getKey())); } if (context != null) { context.setRollbackOnly(); } throw e; } }
/** * Checks if the provided {@link Organization} is the owner of the provided * {@link Product} and throws an {@link OperationNotPermittedException} if * this is not the case. * * @param prod * the {@link Product} to check the ownership for * @param org * the {@link Organization} to check if it is the owner * @param logger * the optional logger - if not <code>null</code> it logs the * created exception as warning to the system log * @param context * if not <code>null</code>, * {@link SessionContext#setRollbackOnly()} will called. * @throws OperationNotPermittedException */ public static void owns(Product prod, Organization org, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { if (prod.getVendor() != org) { String message = String .format("Organization '%s' tried to access service '%s' that is owned by a different organization", org.getOrganizationId(), Long.valueOf(prod.getKey())); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn( Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_INSUFFICIENT_AUTH_BY_SERVICE_ACCESS, org.getOrganizationId(), String.valueOf(prod.getKey())); } if (context != null) { context.setRollbackOnly(); } throw e; } }
/** * Checks if the provided {@link Organization} is the owner of the provided * {@link TechnicalProduct} and throws an * {@link OperationNotPermittedException} if this is not the case. * * @param tp * the {@link TechnicalProduct} to check the ownership for * @param org * the {@link Organization} to check if it is the owner * @param logger * the optional logger - if not <code>null</code> it logs the * created exception as warning to the system log * @param context * if not <code>null</code>, * {@link SessionContext#setRollbackOnly()} will called. * @throws OperationNotPermittedException */ public static void owns(TechnicalProduct tp, Organization org, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { if (tp.getOrganization() != org) { String message = String .format("Organization '%s' tried to access technical service '%s' that is owned by a different organization", org.getOrganizationId(), Long.valueOf(tp.getKey())); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn( Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_INSUFFICIENT_AUTH_BY_TECH_SERVICE_ACCESS, org.getOrganizationId(), String.valueOf(tp.getKey())); } if (context != null) { context.setRollbackOnly(); } throw e; } }
public static void same(Organization org1, Organization org2, Log4jLogger logger, SessionContext context) throws OperationNotPermittedException { if (org1 != org2) { String message = String .format("Organization '%s' tried to access organization '%s' but is not allowed to.", org1.getOrganizationId(), org2.getOrganizationId()); OperationNotPermittedException e = new OperationNotPermittedException( message); if (logger != null) { logger.logWarn( Log4jLogger.SYSTEM_LOG, e, LogMessageIdentifier.WARN_INSUFFICIENT_AUTH_BY_ORGANIZATION_ACCESS, org1.getOrganizationId(), org2.getOrganizationId()); } if (context != null) { context.setRollbackOnly(); } throw e; } }
@Before public void setup() throws Exception { opSrvBean = new OperatorServiceBean(); createdOrg = null; currentUser = new PlatformUser(); currentUser.setLocale("en"); ds = mock(DataService.class); doReturn(currentUser).when(ds).getCurrentUser(); opSrvBean.dm = ds; as = mock(AccountServiceLocal.class); opSrvBean.accMgmt = as; sctx = mock(SessionContext.class); opSrvBean.sessionCtx = sctx; lsl = mock(LocalizerServiceLocal.class); opSrvBean.localizer = lsl; }
@Before public void setUp() throws Exception { operatorServiceLocalBean = spy(new OperatorServiceLocalBean()); sessionCtxMock = mock(SessionContext.class); operatorServiceLocalBean.sessionCtx = sessionCtxMock; ds = mock(DataService.class); operatorServiceLocalBean.dm = ds; getLanguages = mock(Query.class); getDefaultLanguages = mock(Query.class); getActiveLanguages = mock(Query.class); getPlatformEvent = mock(Query.class); getPlatformParameter = mock(Query.class); getReportName = mock(Query.class); getPaymentTypeName = mock(Query.class); sl1 = getSupportedLanguage(1, "en", true, true); sl2 = getSupportedLanguage(2, "de", true, false); slNew = getSupportedLanguage(0, "te", false, false); doReturn(sl1).when(ds).getReferenceByBusinessKey(sl1); doReturn(sl2).when(ds).getReferenceByBusinessKey(sl2); localizer = mock(LocalizerServiceLocal.class); operatorServiceLocalBean.localizer = localizer; defaultLanguageISOCodeList = new ArrayList<String>(); }
@Before public void setUp() throws Exception { MockitoAnnotations.initMocks(this); operatorServiceBean = new OperatorServiceBean(); sessionCtxMock = mock(SessionContext.class); operatorServiceBean.sessionCtx = sessionCtxMock; accountServiceMock = mock(AccountServiceLocal.class); operatorServiceBean.accMgmt = accountServiceMock; dm = mock(DataService.class); operatorServiceBean.dm = dm; LocalizerServiceLocal localizer = mock(LocalizerServiceLocal.class); operatorServiceBean.localizer = localizer; marketplaceService = mock(MarketplaceServiceLocal.class); operatorServiceBean.marketplaceService=marketplaceService; createOrganization(); createUser(); }
/** Creates a new instance of BusinessObjectHelper */ public BusinessObjectHelper( SessionContext ctx, UserService userService, EJBContext context) { this.ctx = ctx; this.userService = userService; this.context = context; // 05.02..2013, krane, Client application crashes server, when selecting a large collection. // So for entities in this List, the collections are not initialized to show in rich-client // TODO: make this customizable or make a client application, which not automatically requests everything collectionVetoList.add("nirwana"); collectionVetoList.add("shipped"); collectionVetoList.add("shipping"); collectionVetoList.add("versand"); collectionVetoList.add("papierkorb"); collectionVetoList.add("trash"); collectionVetoList.add("goods-in"); collectionVetoList.add("wareneingang"); collectionVetoList.add("goods-out"); collectionVetoList.add("warenausgang"); }
SecurityInvocationHandler(SessionContext sessionContext, Method beanMethod) { this.sessionContext = sessionContext; RolesAllowed rolesAllowed = beanMethod .getAnnotation(RolesAllowed.class); // a somewhat nasty scenario: a bean is spied using Mockito, so the // roles allowed annotations have to be retrieved from the superclass... Class<?> declaringClass = beanMethod.getDeclaringClass(); Class<?> superclass = declaringClass.getSuperclass(); if (declaringClass.getName().contains("Mockito") && !superclass.equals(Object.class)) { try { Method method = superclass.getMethod(beanMethod.getName(), beanMethod.getParameterTypes()); rolesAllowed = method.getAnnotation(RolesAllowed.class); } catch (Exception e) { e.printStackTrace(); } } if (rolesAllowed == null) { this.rolesAllowed = new String[0]; } else { this.rolesAllowed = rolesAllowed.value(); } }
public void setSessionContext(SessionContext ctx) throws EJBException, RemoteException { // this.ctx = ctx; // after the setSessionContext() we can access the special place of the bean try { InitialContext ic = new InitialContext(); // lookup the special place of the bean myCtx = (Context) ic.lookup("java:comp/env"); // lookup the env-entry setted in the DD (just use cast, but when // looking up for stubs - remote // home interface - should use narrow) Double value = (Double) myCtx.lookup("percDiscount"); this.percDiscount = value.doubleValue(); value = (Double) myCtx.lookup("maxDiscount"); this.maxDiscount = value.doubleValue(); } catch(NamingException e) { System.err.println("Erro at: " + e.getLocalizedMessage()); } }
@Before public void setup() { testOrder = TestOrder.getInstance(); testCatalog = TestCatalog.getInstance(); entityManager = emf.createEntityManager(); catalogEntityManager = catalogEmf.createEntityManager(); sessionContextMock = mock(SessionContext.class); priceEngineMock = mock(PriceEngine.class); final MailTemplateFinder mailTemplateFinder = new MailTemplateFinder(entityManager); paymentTransactionEngine = new DefaultPaymentTransactionEngine( new OrderFinder(entityManager, catalogEntityManager, new OrderConfiguration("20", "3")), mailTemplateFinder, new Mailer(), catalogEntityManager); service = new Orders(entityManager, new OrderFinder(entityManager, catalogEntityManager, new OrderConfiguration("11.0", "20.0")), new UserFinder(entityManager), mailTemplateFinder, null, sessionContextMock, priceEngineMock, paymentTransactionEngine); }
public void lookupSessionContext() throws TestFailureException { try { try { final InitialContext ctx = new InitialContext(); Assert.assertNotNull("The InitialContext is null", ctx); // lookup in enc final SessionContext sctx = (SessionContext) ctx.lookup("java:comp/env/sessioncontext"); Assert.assertNotNull("The SessionContext got from java:comp/env/sessioncontext is null", sctx); // lookup using global name final EJBContext ejbCtx = (EJBContext) ctx.lookup("java:comp/EJBContext"); Assert.assertNotNull("The SessionContext got from java:comp/EJBContext is null ", ejbCtx); // verify context was set via legacy set method Assert.assertNotNull("The SessionContext is null from setter method", ejbContext); } catch (final Exception e) { Assert.fail("Received Exception " + e.getClass() + " : " + e.getMessage()); } } catch (final AssertionFailedError afe) { throw new TestFailureException(afe); } }
public void lookupSessionContext() throws TestFailureException { try { try { final InitialContext ctx = new InitialContext(); Assert.assertNotNull("The InitialContext is null", ctx); // lookup in enc final SessionContext sctx = (SessionContext) ctx.lookup("java:comp/env/sessioncontext"); Assert.assertNotNull("The SessionContext got from java:comp/env/sessioncontext is null", sctx); // lookup using global name final EJBContext ejbCtx = (EJBContext) ctx.lookup("java:comp/EJBContext"); Assert.assertNotNull("The SessionContext got from java:comp/EJBContext is null ", ejbCtx); } catch (final Exception e) { Assert.fail("Received Exception " + e.getClass() + " : " + e.getMessage()); } } catch (final AssertionFailedError afe) { throw new TestFailureException(afe); } }
