DC/dc-project
1
1
Fork 0
Code Issues 25 Pull Requests 2 Actions Packages Projects Releases Wiki Activity
Files
03350db56f7a95dff50563635b4059d5cd1de98e
dc-project/src/test/kotlin/unit/security/Citizen Access Control.kt
Fabrice f380231e1e Multiple minors fix and improve 
use data class for entity
Add sealed on entity interfaces
Replace listOf() by setOf() instead of deduplicate
use interface instead of EntityRef
replace .toLowerCase() to .lowercase()
fix test.sh
2022-03-03 19:42:18 +01:00

96 lines
3.0 KiB
Kotlin
Raw Blame History

package unit.security
import fr.dcproject.common.security.AccessDecision.DENIED
import fr.dcproject.common.security.AccessDecision.GRANTED
import fr.dcproject.component.auth.database.User
import fr.dcproject.component.auth.database.UserI
import fr.dcproject.component.citizen.CitizenAccessControl
import fr.dcproject.component.citizen.database.CitizenCart
import fr.dcproject.component.citizen.database.CitizenI
import org.amshove.kluent.`should be`
import org.joda.time.DateTime
import org.junit.jupiter.api.Tag
import org.junit.jupiter.api.Tags
import org.junit.jupiter.api.Test
import org.junit.jupiter.api.TestInstance
import org.junit.jupiter.api.parallel.Execution
import org.junit.jupiter.api.parallel.ExecutionMode.CONCURRENT
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
@Execution(CONCURRENT)
@Tags(Tag("security"), Tag("unit"), Tag("citizen"))
internal class `Citizen Access Control` {
private val tesla = CitizenCart(
user = User(
username = "nicolas-tesla",
roles = setOf(UserI.Roles.ROLE_USER)
),
name = CitizenI.Name("Nicolas", "Tesla")
)
private val einstein = CitizenCart(
user = User(
username = "albert-einstein",
roles = setOf(UserI.Roles.ROLE_USER)
),
name = CitizenI.Name("Albert", "Einstein")
)
private val curie = CitizenCart(
user = User(
username = "marie-curie",
roles = setOf(UserI.Roles.ROLE_USER)
),
name = CitizenI.Name("Marie", "Curie"),
deletedAt = DateTime.now()
)
@Test
fun `can be view the citizen`() {
CitizenAccessControl()
.canView(subject = einstein, connectedCitizen = tesla)
.decision `should be` GRANTED
}
@Test
fun `can be view the citizen list`() {
CitizenAccessControl()
.canView(subjects = listOf(tesla, einstein), connectedCitizen = einstein)
.decision `should be` GRANTED
}
@Test
fun `can not view deleted citizen`() {
CitizenAccessControl()
.canView(subject = curie, connectedCitizen = tesla)
.decision `should be` DENIED
}
@Test
fun `can be update itself`() {
CitizenAccessControl()
.canUpdate(subject = einstein, connectedCitizen = einstein)
.decision `should be` GRANTED
}
@Test
fun `can not be update other citizen`() {
CitizenAccessControl()
.canUpdate(subject = tesla, connectedCitizen = einstein)
.decision `should be` DENIED
}
@Test
fun `can be change password of itself`() {
CitizenAccessControl()
.canChangePassword(subject = einstein, connectedCitizen = einstein)
.decision `should be` GRANTED
}
@Test
fun `can not be change password of other citizen`() {
CitizenAccessControl()
.canChangePassword(subject = tesla, connectedCitizen = einstein)
.decision `should be` DENIED
}
}
Reference in New Issue View Git Blame Copy Permalink