You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by mr...@apache.org on 2016/02/23 03:28:00 UTC
usergrid git commit: Add additional test for validating admin user
access.
Repository: usergrid
Updated Branches:
refs/heads/hotfix-2.1.0 17de74208 -> 6ad720e18
Add additional test for validating admin user access.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/6ad720e1
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/6ad720e1
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/6ad720e1
Branch: refs/heads/hotfix-2.1.0
Commit: 6ad720e182504fc0329553c3b10e3b4cc5e46252
Parents: 17de742
Author: Michael Russo <mr...@apigee.com>
Authored: Mon Feb 22 18:27:35 2016 -0800
Committer: Michael Russo <mr...@apigee.com>
Committed: Mon Feb 22 18:27:35 2016 -0800
----------------------------------------------------------------------
.../usergrid/rest/management/AdminUsersIT.java | 35 ++++++++++++++++++++
1 file changed, 35 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/6ad720e1/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java b/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java
index 9793393..56d6584 100644
--- a/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java
+++ b/stack/rest/src/test/java/org/apache/usergrid/rest/management/AdminUsersIT.java
@@ -411,6 +411,41 @@ public class AdminUsersIT extends AbstractRestIT {
}
+ @Test
+ public void updateManagementUserWrongAdminToken() throws Exception {
+
+ Organization newOrg = createOrgPayload( "updateManagementUserWrongAdminToken", null );
+ Organization orgReturned = clientSetup.getRestClient().management().orgs().post( newOrg );
+ assertNotNull( orgReturned.getOwner() );
+
+ // add a new management user to the org for the purpose of a 'wrong' user trying update others
+ Entity adminUserPayload = new Entity();
+ String wrongAdminUsername = "wrongAdminUser"+UUIDUtils.newTimeUUID();
+ adminUserPayload.put( "username", wrongAdminUsername );
+ adminUserPayload.put( "name", wrongAdminUsername );
+ adminUserPayload.put( "email", wrongAdminUsername+"@usergrid.com" );
+ adminUserPayload.put( "password", wrongAdminUsername );
+ management().orgs().org( clientSetup.getOrganizationName() ).users().post(User.class ,adminUserPayload );
+
+
+ // get token of the newly added wrongAdminUser
+ Token wrongAdminToken = management.token().get(wrongAdminUsername, wrongAdminUsername);
+ assertNotNull(wrongAdminToken);
+ management.token().setToken( wrongAdminToken );
+
+ try{
+ //Add a property to management user
+ Entity userProperty = new Entity( ).chainPut( "company","usergrid" );
+ management().users().user( newOrg.getUsername() ).put( userProperty );
+
+ } catch( UniformInterfaceException e ){
+
+ int status = e.getResponse().getStatus();
+ assertEquals(401, status);
+ }
+
+ }
+