You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/01/24 09:18:08 UTC
[2/2] syncope git commit: [SYNCOPE-999] Adding specific test case for
checking 401 and 403 response statuses
[SYNCOPE-999] Adding specific test case for checking 401 and 403 response statuses
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/319fff45
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/319fff45
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/319fff45
Branch: refs/heads/master
Commit: 319fff45d0197e5d139180c9ddde675ce7bd9882
Parents: 2b0a38d
Author: Francesco Chicchiricc� <il...@apache.org>
Authored: Tue Jan 24 10:17:50 2017 +0100
Committer: Francesco Chicchiricc� <il...@apache.org>
Committed: Tue Jan 24 10:17:57 2017 +0100
----------------------------------------------------------------------
.../org/apache/syncope/fit/core/RESTITCase.java | 31 ++++++++++++++++++++
1 file changed, 31 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/319fff45/fit/core-reference/src/test/java/org/apache/syncope/fit/core/RESTITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/RESTITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/RESTITCase.java
index f11e421..9d8d920 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/RESTITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/RESTITCase.java
@@ -26,6 +26,9 @@ import static org.junit.Assert.fail;
import java.io.IOException;
import java.io.InputStream;
+import java.security.AccessControlException;
+import java.util.List;
+import javax.ws.rs.ForbiddenException;
import javax.ws.rs.core.EntityTag;
import javax.ws.rs.core.GenericType;
import javax.ws.rs.core.HttpHeaders;
@@ -42,6 +45,7 @@ import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.patch.GroupPatch;
import org.apache.syncope.common.lib.patch.StringReplacePatchItem;
import org.apache.syncope.common.lib.patch.UserPatch;
+import org.apache.syncope.common.lib.to.ConnInstanceTO;
import org.apache.syncope.common.lib.to.GroupTO;
import org.apache.syncope.common.lib.to.ProvisioningResult;
import org.apache.syncope.common.lib.to.UserTO;
@@ -49,6 +53,7 @@ import org.apache.syncope.common.lib.types.ClientExceptionType;
import org.apache.syncope.common.rest.api.Preference;
import org.apache.syncope.common.rest.api.RESTHeaders;
import org.apache.syncope.common.rest.api.service.AnyTypeClassService;
+import org.apache.syncope.common.rest.api.service.ConnectorService;
import org.apache.syncope.common.rest.api.service.GroupService;
import org.apache.syncope.common.rest.api.service.UserService;
import org.apache.syncope.fit.AbstractITCase;
@@ -57,6 +62,32 @@ import org.junit.Test;
public class RESTITCase extends AbstractITCase {
@Test
+ public void unauthorizedOrForbidden() {
+ // service as admin: it works
+ List<ConnInstanceTO> connectors = connectorService.list(null);
+ assertNotNull(connectors);
+ assertFalse(connectors.isEmpty());
+
+ // service with bad password: 401 unauthorized
+ SyncopeClient badClient = clientFactory.create("bellini", "passwor");
+ try {
+ badClient.getService(ConnectorService.class).list(null);
+ fail();
+ } catch (AccessControlException e) {
+ assertNotNull(e);
+ }
+
+ // service with good password, but no entitlements owned: 403 forbidden
+ SyncopeClient goodClient = clientFactory.create("bellini", "password");
+ try {
+ goodClient.getService(ConnectorService.class).list(null);
+ fail();
+ } catch (ForbiddenException e) {
+ assertNotNull(e);
+ }
+ }
+
+ @Test
public void noContent() throws IOException {
SyncopeClient noContentclient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
GroupService noContentService = noContentclient.prefer(GroupService.class, Preference.RETURN_NO_CONTENT);