@Test(expected = EJBAccessException.class) public void savePublicLandingpageConfig_invalidRole() throws Throwable { // given String invalidRole = UserRoleType.ORGANIZATION_ADMIN.name(); container.login(mpOwnerUserKey, invalidRole); // when try { landingpageServiceLocal .savePublicLandingpageConfig(new VOPublicLandingpage()); } catch (EJBException e) { throw e.getCause(); } // then fail(); }
@Test(expected = EJBAccessException.class) public void getAvailableReportsForOrgAdmin_NotAuthorized() throws Exception { runTX(new Callable<Void>() { @Override public Void call() throws Exception { container.login(String.valueOf(supplierUserA.getKey()), UserRoleType.SUBSCRIPTION_MANAGER.name()); try { reportService .getAvailableReportsForOrgAdmin(ReportType.ALL); } catch (EJBException e) { throw e.getCausedByException(); } return null; } }); }
@Test public void saveOrganizationVats_asReseller() throws Exception { // given container.login(givenReseller().getKey(), UserRoleType.RESELLER_MANAGER.name()); // when try { vatService.saveOrganizationVats( new ArrayList<VOOrganizationVatRate>()); fail("EJBException expected as operation must fail due to not allowed role!"); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void updateCustomerDiscount_asReseller() throws Exception { // given container.login(givenReseller().getKey(), UserRoleType.RESELLER_MANAGER.name()); // when try { as.updateCustomerDiscount(new VOOrganization()); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void updateCustomerDiscount_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); // when try { as.updateCustomerDiscount(new VOOrganization()); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getCustomerPaymentConfiguration_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); try { // when as.getCustomerPaymentConfiguration(); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getDefaultPaymentConfiguration_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); try { // when as.getDefaultPaymentConfiguration(); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getDefaultServicePaymentConfiguration_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); try { // when as.getDefaultServicePaymentConfiguration(); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getServicePaymentConfiguration_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); try { // when as.getServicePaymentConfiguration(); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getPartnerRevenueShareForAllStatesService_invalidRole() throws Exception { setupWithContainer(); // given container.login(mpOwnerUserKey, UserRoleType.TECHNOLOGY_MANAGER.name()); // when try { pricingService.getPartnerRevenueShareForAllStatesService( new POServiceForPricing()); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getPartnerRevenueShareForService_invalidRole() throws Exception { setupWithContainer(); // given container.login(mpOwnerUserKey, UserRoleType.TECHNOLOGY_MANAGER.name()); // when try { pricingService.getPartnerRevenueShareForService( new POServiceForPricing()); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getPricingForMarketplace_invalidRole() throws Exception { // given container.login(givenTechProvider().getKey(), UserRoleType.TECHNOLOGY_MANAGER.name()); // when try { pricingService.getPricingForMarketplace(OPEN_MP_ID); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getPartnerRevenueSharesForMarketplace_invalidRole() throws Exception { // given container.login(mpOwnerUserKey, UserRoleType.TECHNOLOGY_MANAGER.name()); // when try { pricingService.getPartnerRevenueSharesForMarketplace(MARKETPLACEID); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getMarketplaceRevenueShares_invalidRole() throws Exception { // given container.login(mpOwnerUserKey, UserRoleType.TECHNOLOGY_MANAGER.name()); // when try { pricingService.getMarketplaceRevenueShares(MARKETPLACEID); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void saveAllVats_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); // when try { vatService.saveAllVats(new VOVatRate(), new ArrayList<VOCountryVatRate>(), new ArrayList<VOOrganizationVatRate>()); fail("EJBException expected as operation must fail due to not allowed role!"); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test(expected = EJBAccessException.class) public void availableServices_invalidRole() throws Throwable { // given String invalidRole = UserRoleType.ORGANIZATION_ADMIN.name(); container.login(mpOwnerUserKey, invalidRole); // when try { landingpageServiceLocal.availableServices(MARKETPLACEID); } catch (EJBException e) { throw e.getCause(); } // then fail(); }
@Test public void getBrokerOrganizations_asReseller() throws Exception { // given container.login(givenReseller().getKey(), UserRoleType.RESELLER_MANAGER.name()); try { // when publishService.getBrokers(0L); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getResellerOrganizations_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); try { // when publishService.getResellers(0L); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void getResellerOrganizations_asReseller() throws Exception { // given container.login(givenReseller().getKey(), UserRoleType.RESELLER_MANAGER.name()); try { // when publishService.getResellers(0L); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test(expected = EJBAccessException.class) public void getSubscriptionsForOrgSize_NotAuthorized() throws Exception { runTX(new Callable<Void>() { @Override public Void call() throws Exception { container.login(String.valueOf(admin.getKey())); try { service.getSubscriptionsForOrgSize( new HashSet<SubscriptionStatus>(), new Pagination()); } catch (EJBException e) { throw e.getCausedByException(); } return null; } }); }
/** * User must have "MARKETPLACE_OWNER" role */ @Test(expected = EJBAccessException.class) public void saveEnterpriseLandingpageConfig_invalidRole() throws Throwable { // given wrong role String invalidRole = UserRoleType.ORGANIZATION_ADMIN.name(); container.login(mpOwnerUserKey, invalidRole); // when saving, then exception must be thrown try { landingpageServiceLocal .saveEnterpriseLandingpageConfig(MARKETPLACEID); } catch (EJBException e) { throw e.getCause(); } }
@Test public void saveOrganizationVats_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); // when try { vatService.saveOrganizationVats( new ArrayList<VOOrganizationVatRate>()); fail("EJBException expected as operation must fail due to not allowed role!"); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@AroundInvoke public Object aroundInvoke(final InvocationContext invocationContext) throws Exception { KeycloakToken keycloakToken = null; Map<String, Object> contextData = invocationContext.getContextData(); if (contextData.containsKey(KeycloakToken.TOKEN_KEY)) { keycloakToken = (KeycloakToken) contextData.get(KeycloakToken.TOKEN_KEY); logger.info("Successfully found KeycloakToken passed from client"); ContextStateCache stateCache = null; try { try { // We have been requested to use an authentication token so now we attempt the switch. // This userPrincipal and credential will be found by JAAS login modules SimplePrincipal userPrincipal = new SimplePrincipal(keycloakToken.getUsername()); String accessToken = keycloakToken.getToken(); stateCache = SecurityActions.pushIdentity(userPrincipal, accessToken); logger.infof("Successfully pushed userPrincipal %s and his credential", userPrincipal.getName()); } catch (Exception e) { logger.error("Failed to switch security context for user", e); // Don't propagate the exception stacktrace back to the client for security reasons throw new EJBAccessException("Unable to attempt switching of user."); } return invocationContext.proceed(); } finally { // switch back to original context if (stateCache != null) { SecurityActions.popIdentity(stateCache); ; } } } else { logger.warn("No Keycloak token found"); return invocationContext.proceed(); } }
@Test public void saveCountryVats_asBroker() throws Exception { // given container.login(givenBroker().getKey(), UserRoleType.BROKER_MANAGER.name()); // when try { vatService.saveCountryVats(new ArrayList<VOCountryVatRate>()); fail("EJBException expected as operation must fail due to not allowed role!"); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void savePriceModelForSubscription_asReseller() throws Exception { // given container.login(1L, UserRoleType.RESELLER_MANAGER.name()); // when try { sps.savePriceModelForSubscription(new VOServiceDetails(), new VOPriceModel()); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void savePriceModelForSubscription_asBroker() throws Exception { // given container.login(1L, UserRoleType.BROKER_MANAGER.name()); // when try { sps.savePriceModelForSubscription(new VOServiceDetails(), new VOPriceModel()); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void savePriceModelForCustomer_asReseller() throws Exception { // given container.login(1L, UserRoleType.RESELLER_MANAGER.name()); // when try { sps.savePriceModelForCustomer(new VOServiceDetails(), new VOPriceModel(), new VOOrganization()); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void updateService_asBroker() throws Exception { // given container.login(1L, UserRoleType.BROKER_MANAGER.name()); // when try { sps.updateService(new VOServiceDetails(), null); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
@Test public void updateService_asReseller() throws Exception { // given container.login(1L, UserRoleType.RESELLER_MANAGER.name()); // when try { sps.updateService(new VOServiceDetails(), null); fail(); } catch (EJBException e) { // then assertTrue(e.getCausedByException() instanceof EJBAccessException); } }
/** * verify creation of marketplace is not allowed to MARKETPLACE_OWNER */ @Test public void createMarketplace_notPermitted() throws Exception { VOMarketplace marketplace = buildMarketplace("UNALLOWED_CREATED", "UNALLOWED_CREATED", null); // operation not permitted to roles not equal PLATFORM_OPERATOR container.login(supplier1Key, OrganizationRoleType.MARKETPLACE_OWNER.name()); try { marketplaceService.createMarketplace(marketplace); } catch (EJBException e) { assertTrue(e.getCause().getClass() == EJBAccessException.class); } }
@Test(expected = EJBAccessException.class) public void testSavePriceModelLocalizationWrongRole() throws Exception { try { // create product for the technical product container.login(providerUserKey, ROLE_TECHNOLOGY_MANAGER); final VOService productVO = createProduct(techProduct, PRODUCT_ID1, svcProv); VOPriceModel priceModel = prepareVOPriceModel(productVO, EUR); container.login(providerUserKey, ROLE_MARKETPLACE_OWNER); svcProv.savePriceModelLocalization(priceModel, new VOPriceModelLocalization()); } catch (EJBException e) { throw e.getCausedByException(); } }
@Test(expected = EJBAccessException.class) public void getRevenueShareData_InvalidRoleOrganizationAdmin() throws Exception { // given no revenue share result entries. Login with invalid user role container.login(brokerUser.getKey(), ROLE_ORGANIZATION_ADMIN); // when try { bs.getRevenueShareData(Long.valueOf(PERIOD_START_MONTH1), Long.valueOf(PERIOD_END_MONTH1), BillingSharesResultType.BROKER); fail(); } catch (EJBException e) { throw (EJBAccessException) e.getCause(); } }
@Test public void testAsEmployee() throws Exception { employee.call(new Callable<Object>() { public Object call() throws Exception { Movie movie1 = new Movie("Sabina Guzzanti", "La trattativa", 2014); Movie movie2 = new Movie("Roberto Saviano", "Gomorra", 2008); Movie movie3 = new Movie("Joel Coen", "The Big Lebowski", 1998); movies.addMovie(movie1); movies.addMovie(movie2); movies.addMovie(movie3); List<Movie> list = movies.getMovies(); assertEquals("List.size()", 3, list.size()); try { movies.deleteMovie(movie1); fail("Employees should not be allowed to delete"); } catch (EJBAccessException e) { logger.info("It go here. Good"); } // The list should still be three movies long assertEquals("Movies.getMovies()", 3, movies.getMovies().size()); return null; } }); }
@Test(expected = EJBAccessException.class) public void testGetPaymentInfos_NotAuthorized() throws Exception { container.login(String.valueOf(supplier1User.getKey())); try { accountMgmt.getPaymentInfos(); } catch (EJBException e) { throw e.getCausedByException(); } }
@Test(expected = EJBAccessException.class) public void testLiftBanSupplier_callingOrghasWrongRole() throws Throwable { container.login(adminUserSupp1.getKey(), ROLE_SERVICE_MANAGER); try { marketplaceService.liftBanOrganizationsFromMarketplace( Collections.singletonList(supplier1_orgId), GLOBAL_OPEN_MP_ID); } catch (EJBException e) { assertTrue(e.getMessage() .contains("Allowed roles are: [MARKETPLACE_OWNER]")); throw e.getCause(); } }
@Test(expected = EJBAccessException.class) public void testDeletePaymentInfo_NotAuthorized() throws Exception { container.login(String.valueOf(supplier1User.getKey())); try { accountMgmt.deletePaymentInfo(new VOPaymentInfo()); } catch (EJBException e) { throw e.getCausedByException(); } }
@Test(expected = EJBAccessException.class) public void testDeleteBillingContact_NotAuthorized() throws Exception { container.login(String.valueOf(supplier1User.getKey())); try { accountMgmt.deleteBillingContact(new VOBillingContact()); } catch (EJBException e) { throw e.getCausedByException(); } }
@Test(expected = EJBAccessException.class) public void testSavePaymentInfo_NotAuthorized() throws Exception { container.login(String.valueOf(supplier1User.getKey())); try { accountMgmt.savePaymentInfo(new VOPaymentInfo()); } catch (EJBException e) { throw e.getCausedByException(); } }
@Test(expected = EJBAccessException.class) public void testGetAvailablePaymentTypes_NotAuthorized() throws Exception { container.login(String.valueOf(supplier1User.getKey())); try { accountMgmt.getAvailablePaymentTypes(); } catch (EJBException e) { throw e.getCausedByException(); } }
@Test(expected = EJBAccessException.class) public void testBanSupplier_callingOrghasWrongRole() throws Throwable { container.login(adminUserSupp1.getKey(), ROLE_SERVICE_MANAGER); try { marketplaceService.banOrganizationsFromMarketplace( Collections.singletonList(supplier1_orgId), GLOBAL_OPEN_MP_ID); } catch (EJBException e) { assertTrue(e.getMessage() .contains("Allowed roles are: [MARKETPLACE_OWNER]")); throw e.getCause(); } }
