From deeaa675bb945eab4151ea23b31c65390889f997 Mon Sep 17 00:00:00 2001 From: Adam Lowe Date: Mon, 19 Mar 2012 20:15:19 +0000 Subject: [PATCH] vcloud-director 1.5: adding tests of unlockUser --- .../v1_5/features/UserClientExpectTest.java | 31 ++++++- .../v1_5/features/UserClientLiveTest.java | 84 +++++++++++++++---- 2 files changed, 95 insertions(+), 20 deletions(-) diff --git a/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientExpectTest.java b/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientExpectTest.java index fa95254858..e42c064c4d 100644 --- a/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientExpectTest.java +++ b/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientExpectTest.java @@ -24,6 +24,7 @@ import java.net.URI; import java.util.Collections; import org.jclouds.vcloud.director.v1_5.VCloudDirectorClient; +import org.jclouds.vcloud.director.v1_5.VCloudDirectorException; import org.jclouds.vcloud.director.v1_5.VCloudDirectorMediaType; import org.jclouds.vcloud.director.v1_5.domain.Link; import org.jclouds.vcloud.director.v1_5.domain.Reference; @@ -172,8 +173,6 @@ public class UserClientExpectTest extends BaseVCloudDirectorRestClientExpectTest .build(); } -// POST /admin/user/{id}/action/unlock - @Test public void testDeleteUser() { VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse, @@ -186,4 +185,32 @@ public class UserClientExpectTest extends BaseVCloudDirectorRestClientExpectTest client.getUserClient().deleteUser(userRef.getHref()); } + + @Test + public void testUnlockUser() { + VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse, + new VcloudHttpRequestPrimer() + .apiCommand("POST", "/admin/user/b37223f3-8792-477a-820f-334998f61cd6/action/unlock") + .acceptAnyMedia() + .httpRequestBuilder().build(), + new VcloudHttpResponsePrimer() + .httpResponseBuilder().statusCode(204).build()); + + client.getUserClient().unlockUser(userRef.getHref()); + } + + @Test(expectedExceptions = VCloudDirectorException.class) + public void testUnlockUserFailNotFound() { + VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse, + new VcloudHttpRequestPrimer() + .apiCommand("POST", "/admin/user/b37223f3-8792-477a-820f-334998f61cd6/action/unlock") + .acceptAnyMedia() + .httpRequestBuilder().build(), + new VcloudHttpResponsePrimer() + .httpResponseBuilder().statusCode(403) + .payload(payloadFromResourceWithContentType("/org/error400.xml", VCloudDirectorMediaType.ERROR)) + .build()); + + client.getUserClient().unlockUser(userRef.getHref()); + } } diff --git a/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientLiveTest.java b/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientLiveTest.java index 197240f748..7dda4fef8c 100644 --- a/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientLiveTest.java +++ b/labs/vcloud-director/src/test/java/org/jclouds/vcloud/director/v1_5/features/UserClientLiveTest.java @@ -21,17 +21,24 @@ package org.jclouds.vcloud.director.v1_5.features; import static com.google.common.base.Objects.equal; import static org.jclouds.vcloud.director.v1_5.VCloudDirectorLiveTestConstants.OBJ_FIELD_UPDATABLE; import static org.testng.Assert.assertEquals; +import static org.testng.Assert.assertNotNull; import static org.testng.Assert.assertTrue; import static org.testng.Assert.fail; +import static org.testng.AssertJUnit.assertFalse; import java.net.URI; +import org.jclouds.rest.AuthorizationException; import org.jclouds.vcloud.director.v1_5.VCloudDirectorException; import org.jclouds.vcloud.director.v1_5.domain.Checks; import org.jclouds.vcloud.director.v1_5.domain.Error; +import org.jclouds.vcloud.director.v1_5.domain.OrgPasswordPolicySettings; import org.jclouds.vcloud.director.v1_5.domain.Reference; +import org.jclouds.vcloud.director.v1_5.domain.SessionWithToken; import org.jclouds.vcloud.director.v1_5.domain.User; import org.jclouds.vcloud.director.v1_5.internal.BaseVCloudDirectorClientLiveTest; +import org.jclouds.vcloud.director.v1_5.login.SessionClient; +import org.testng.AssertJUnit; import org.testng.annotations.AfterClass; import org.testng.annotations.BeforeClass; import org.testng.annotations.Test; @@ -39,7 +46,7 @@ import org.testng.annotations.Test; import com.google.common.collect.Iterables; /** - * Tests live behavior of {@link AdminGroupClient}. + * Tests live behavior of {@link UserClient}. * * @author danikov */ @@ -165,28 +172,69 @@ public class UserClientLiveTest extends BaseVCloudDirectorClientLiveTest { String.format(OBJ_FIELD_UPDATABLE, USER, "storedVmQuota")); assertTrue(equal(user.getDeployedVmQuota(), newUser.getDeployedVmQuota()), String.format(OBJ_FIELD_UPDATABLE, USER, "deployedVmQuota")); - - // TODO: assert password is changed with session client? + + // session client isn't typically exposed to the user, as it is implicit + SessionClient sessionClient = context.utils().injector().getInstance(SessionClient.class); + + // Check the user can really login with the changed password + // NOTE: the password is NOT returned in the User object returned from the server + SessionWithToken sessionWithToken = sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "newPassword"); + assertNotNull(sessionWithToken.getToken()); + sessionClient.logoutSessionWithToken(sessionWithToken.getSession().getHref(), sessionWithToken.getToken()); } - @Test(testName = "POST /admin/user/{id}/action/unlock", - dependsOnMethods = { "testUpdateUser" }, enabled=false ) + @Test(testName = "POST /admin/user/{id}/action/unlock", dependsOnMethods = { "testUpdateUser" }) public void testUnlockUser() { - // FIXME Need to simulate failed login, to lock the account? - // - // UserType.isLocked states: - // This flag is set if the user account has been locked due to too many invalid login attempts. - // A locked user account can be re-enabled by updating the user with this flag set to false. - // (However, the account cannot be manually locked by setting it to true - setting this flag is - // only done by the login process). + // Need to know how many times to fail login to lock account + AdminOrgClient adminOrgClient = context.getApi().getAdminOrgClient(); + OrgPasswordPolicySettings settingsToRevertTo = null; + + // session client isn't typically exposed to the user, as it is implicit + SessionClient sessionClient = context.utils().injector().getInstance(SessionClient.class); - //TODO: check previous tests a) enabled lockout, b) set password - //TODO: attempt too many times with the wrong password - //TODO: verify access is denied - //TODO: unlock user - //TODO: verify access is renewed + OrgPasswordPolicySettings settings = adminOrgClient.getSettings(orgRef.getHref()).getPasswordPolicy(); + assertNotNull(settings); + + // Adjust account settings so we can lock the account - be careful to not set invalidLoginsBeforeLockout too low! + if (!settings.isAccountLockoutEnabled()) { + settingsToRevertTo = settings; + settings = settings.toBuilder().accountLockoutEnabled(true).invalidLoginsBeforeLockout(5).build(); + settings = adminOrgClient.updatePasswordPolicy(orgRef.getHref(), settings); + } + + assertTrue(settings.isAccountLockoutEnabled()); - throw new UnsupportedOperationException("Test not yet implemented; need to first cause account to be locked"); + for (int i=0; i