/*
* This file is part of ARSnova Backend.
* Copyright (C) 2012-2017 The ARSnova Team
*
* ARSnova Backend is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* ARSnova Backend is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package de.thm.arsnova.services;
import de.thm.arsnova.config.AppConfig;
import de.thm.arsnova.config.TestAppConfig;
import de.thm.arsnova.config.TestSecurityConfig;
import de.thm.arsnova.dao.StubDatabaseDao;
import de.thm.arsnova.entities.InterposedQuestion;
import de.thm.arsnova.entities.Question;
import de.thm.arsnova.exceptions.NotFoundException;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
import java.util.ArrayList;
import java.util.List;
import static org.junit.Assert.*;
@RunWith(SpringJUnit4ClassRunner.class)
@WebAppConfiguration
@ContextConfiguration(classes = {AppConfig.class, TestAppConfig.class, TestSecurityConfig.class})
@ActiveProfiles("test")
public class QuestionServiceTest {
@Autowired
private IQuestionService questionService;
@Autowired
private StubUserService userService;
@Autowired
private StubDatabaseDao databaseDao;
private void setAuthenticated(final boolean isAuthenticated, final String username) {
if (isAuthenticated) {
final List<GrantedAuthority> ga = new ArrayList<>();
final UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, "secret", ga);
SecurityContextHolder.getContext().setAuthentication(token);
userService.setUserAuthenticated(isAuthenticated, username);
} else {
userService.setUserAuthenticated(isAuthenticated);
}
}
@Before
public void startup() {
SecurityContextHolder.clearContext();
}
@After
public void cleanup() {
SecurityContextHolder.clearContext();
}
@Test(expected = AuthenticationCredentialsNotFoundException.class)
public void testShouldNotReturnQuestionsIfNotAuthenticated() {
setAuthenticated(false, "nobody");
questionService.getSkillQuestions("12345678");
}
@Test(expected = NotFoundException.class)
public void testShouldFindQuestionsForNonExistantSession() {
setAuthenticated(true, "ptsr00");
questionService.getSkillQuestions("00000000");
}
@Test
public void testShouldFindQuestions() {
setAuthenticated(true, "ptsr00");
assertEquals(1, questionService.getSkillQuestionCount("12345678"));
}
@Test
public void testShouldMarkInterposedQuestionAsReadIfSessionCreator() throws Exception {
setAuthenticated(true, "ptsr00");
final InterposedQuestion theQ = new InterposedQuestion();
theQ.setRead(false);
theQ.set_id("the internal id");
theQ.setSessionId("12345678");
databaseDao.interposedQuestion = theQ;
questionService.readInterposedQuestion(theQ.get_id());
assertTrue(theQ.isRead());
}
@Test
public void testShouldNotMarkInterposedQuestionAsReadIfRegularUser() throws Exception {
setAuthenticated(true, "regular user");
final InterposedQuestion theQ = new InterposedQuestion();
theQ.setRead(false);
theQ.set_id("the internal id");
theQ.setSessionId("12345678");
theQ.setCreator("regular user");
databaseDao.interposedQuestion = theQ;
questionService.readInterposedQuestion(theQ.get_id());
assertFalse(theQ.isRead());
}
@Test(expected = AccessDeniedException.class)
public void testShouldSaveQuestion() throws Exception{
setAuthenticated(true, "regular user");
final Question question = new Question();
question.setSessionKeyword("12345678");
question.setQuestionVariant("freetext");
questionService.saveQuestion(question);
}
@Test(expected = AccessDeniedException.class)
public void testShouldNotDeleteQuestion() throws Exception{
setAuthenticated(true, "otheruser");
questionService.deleteQuestion("a1a2a3a4a5a6a7a8a9a");
}
@Test(expected = AccessDeniedException.class)
public void testShouldNotDeleteInterposedQuestion() throws Exception{
setAuthenticated(true, "otheruser");
questionService.deleteInterposedQuestion("a1a2a3a4a5a6a7a8a9a");
}
}