vcloud-director 1.5: adding tests of unlockUser

This commit is contained in:
Adam Lowe 2012-03-19 20:15:19 +00:00
parent ea382b9f9e
commit deeaa675bb
2 changed files with 95 additions and 20 deletions

View File

@ -24,6 +24,7 @@ import java.net.URI;
import java.util.Collections; import java.util.Collections;
import org.jclouds.vcloud.director.v1_5.VCloudDirectorClient; import org.jclouds.vcloud.director.v1_5.VCloudDirectorClient;
import org.jclouds.vcloud.director.v1_5.VCloudDirectorException;
import org.jclouds.vcloud.director.v1_5.VCloudDirectorMediaType; import org.jclouds.vcloud.director.v1_5.VCloudDirectorMediaType;
import org.jclouds.vcloud.director.v1_5.domain.Link; import org.jclouds.vcloud.director.v1_5.domain.Link;
import org.jclouds.vcloud.director.v1_5.domain.Reference; import org.jclouds.vcloud.director.v1_5.domain.Reference;
@ -172,8 +173,6 @@ public class UserClientExpectTest extends BaseVCloudDirectorRestClientExpectTest
.build(); .build();
} }
// POST /admin/user/{id}/action/unlock
@Test @Test
public void testDeleteUser() { public void testDeleteUser() {
VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse, VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse,
@ -186,4 +185,32 @@ public class UserClientExpectTest extends BaseVCloudDirectorRestClientExpectTest
client.getUserClient().deleteUser(userRef.getHref()); client.getUserClient().deleteUser(userRef.getHref());
} }
@Test
public void testUnlockUser() {
VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse,
new VcloudHttpRequestPrimer()
.apiCommand("POST", "/admin/user/b37223f3-8792-477a-820f-334998f61cd6/action/unlock")
.acceptAnyMedia()
.httpRequestBuilder().build(),
new VcloudHttpResponsePrimer()
.httpResponseBuilder().statusCode(204).build());
client.getUserClient().unlockUser(userRef.getHref());
}
@Test(expectedExceptions = VCloudDirectorException.class)
public void testUnlockUserFailNotFound() {
VCloudDirectorClient client = requestsSendResponses(loginRequest, sessionResponse,
new VcloudHttpRequestPrimer()
.apiCommand("POST", "/admin/user/b37223f3-8792-477a-820f-334998f61cd6/action/unlock")
.acceptAnyMedia()
.httpRequestBuilder().build(),
new VcloudHttpResponsePrimer()
.httpResponseBuilder().statusCode(403)
.payload(payloadFromResourceWithContentType("/org/error400.xml", VCloudDirectorMediaType.ERROR))
.build());
client.getUserClient().unlockUser(userRef.getHref());
}
} }

View File

@ -21,17 +21,24 @@ package org.jclouds.vcloud.director.v1_5.features;
import static com.google.common.base.Objects.equal; import static com.google.common.base.Objects.equal;
import static org.jclouds.vcloud.director.v1_5.VCloudDirectorLiveTestConstants.OBJ_FIELD_UPDATABLE; import static org.jclouds.vcloud.director.v1_5.VCloudDirectorLiveTestConstants.OBJ_FIELD_UPDATABLE;
import static org.testng.Assert.assertEquals; import static org.testng.Assert.assertEquals;
import static org.testng.Assert.assertNotNull;
import static org.testng.Assert.assertTrue; import static org.testng.Assert.assertTrue;
import static org.testng.Assert.fail; import static org.testng.Assert.fail;
import static org.testng.AssertJUnit.assertFalse;
import java.net.URI; import java.net.URI;
import org.jclouds.rest.AuthorizationException;
import org.jclouds.vcloud.director.v1_5.VCloudDirectorException; import org.jclouds.vcloud.director.v1_5.VCloudDirectorException;
import org.jclouds.vcloud.director.v1_5.domain.Checks; import org.jclouds.vcloud.director.v1_5.domain.Checks;
import org.jclouds.vcloud.director.v1_5.domain.Error; import org.jclouds.vcloud.director.v1_5.domain.Error;
import org.jclouds.vcloud.director.v1_5.domain.OrgPasswordPolicySettings;
import org.jclouds.vcloud.director.v1_5.domain.Reference; import org.jclouds.vcloud.director.v1_5.domain.Reference;
import org.jclouds.vcloud.director.v1_5.domain.SessionWithToken;
import org.jclouds.vcloud.director.v1_5.domain.User; import org.jclouds.vcloud.director.v1_5.domain.User;
import org.jclouds.vcloud.director.v1_5.internal.BaseVCloudDirectorClientLiveTest; import org.jclouds.vcloud.director.v1_5.internal.BaseVCloudDirectorClientLiveTest;
import org.jclouds.vcloud.director.v1_5.login.SessionClient;
import org.testng.AssertJUnit;
import org.testng.annotations.AfterClass; import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass; import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test; import org.testng.annotations.Test;
@ -39,7 +46,7 @@ import org.testng.annotations.Test;
import com.google.common.collect.Iterables; import com.google.common.collect.Iterables;
/** /**
* Tests live behavior of {@link AdminGroupClient}. * Tests live behavior of {@link UserClient}.
* *
* @author danikov * @author danikov
*/ */
@ -165,28 +172,69 @@ public class UserClientLiveTest extends BaseVCloudDirectorClientLiveTest {
String.format(OBJ_FIELD_UPDATABLE, USER, "storedVmQuota")); String.format(OBJ_FIELD_UPDATABLE, USER, "storedVmQuota"));
assertTrue(equal(user.getDeployedVmQuota(), newUser.getDeployedVmQuota()), assertTrue(equal(user.getDeployedVmQuota(), newUser.getDeployedVmQuota()),
String.format(OBJ_FIELD_UPDATABLE, USER, "deployedVmQuota")); String.format(OBJ_FIELD_UPDATABLE, USER, "deployedVmQuota"));
// TODO: assert password is changed with session client? // session client isn't typically exposed to the user, as it is implicit
SessionClient sessionClient = context.utils().injector().getInstance(SessionClient.class);
// Check the user can really login with the changed password
// NOTE: the password is NOT returned in the User object returned from the server
SessionWithToken sessionWithToken = sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "newPassword");
assertNotNull(sessionWithToken.getToken());
sessionClient.logoutSessionWithToken(sessionWithToken.getSession().getHref(), sessionWithToken.getToken());
} }
@Test(testName = "POST /admin/user/{id}/action/unlock", @Test(testName = "POST /admin/user/{id}/action/unlock", dependsOnMethods = { "testUpdateUser" })
dependsOnMethods = { "testUpdateUser" }, enabled=false )
public void testUnlockUser() { public void testUnlockUser() {
// FIXME Need to simulate failed login, to lock the account? // Need to know how many times to fail login to lock account
// AdminOrgClient adminOrgClient = context.getApi().getAdminOrgClient();
// UserType.isLocked states: OrgPasswordPolicySettings settingsToRevertTo = null;
// This flag is set if the user account has been locked due to too many invalid login attempts.
// A locked user account can be re-enabled by updating the user with this flag set to false. // session client isn't typically exposed to the user, as it is implicit
// (However, the account cannot be manually locked by setting it to true - setting this flag is SessionClient sessionClient = context.utils().injector().getInstance(SessionClient.class);
// only done by the login process).
//TODO: check previous tests a) enabled lockout, b) set password OrgPasswordPolicySettings settings = adminOrgClient.getSettings(orgRef.getHref()).getPasswordPolicy();
//TODO: attempt too many times with the wrong password assertNotNull(settings);
//TODO: verify access is denied
//TODO: unlock user // Adjust account settings so we can lock the account - be careful to not set invalidLoginsBeforeLockout too low!
//TODO: verify access is renewed if (!settings.isAccountLockoutEnabled()) {
settingsToRevertTo = settings;
settings = settings.toBuilder().accountLockoutEnabled(true).invalidLoginsBeforeLockout(5).build();
settings = adminOrgClient.updatePasswordPolicy(orgRef.getHref(), settings);
}
assertTrue(settings.isAccountLockoutEnabled());
throw new UnsupportedOperationException("Test not yet implemented; need to first cause account to be locked"); for (int i=0; i<settings.getInvalidLoginsBeforeLockout()+1; i++) {
try {
sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "wrongpassword!");
fail("Managed to login using the wrong password!");
} catch(AuthorizationException ex) {
}
}
user = userClient.getUser(user.getHref());
assertTrue(user.isLocked());
try {
sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "newPassword");
fail("Managed to login to locked account!");
} catch(AuthorizationException ex) {
}
userClient.unlockUser(user.getHref());
user = userClient.getUser(user.getHref());
assertFalse(user.isLocked());
// Double-check the user can now login again
SessionWithToken sessionWithToken = sessionClient.loginUserInOrgWithPassword(URI.create(endpoint + "/sessions"), user.getName(), orgRef.getName(), "newPassword");
assertNotNull(sessionWithToken.getToken());
sessionClient.logoutSessionWithToken(sessionWithToken.getSession().getHref(), sessionWithToken.getToken());
// Return account settings to the previous values, if necessary
if (settingsToRevertTo != null) {
adminOrgClient.updatePasswordPolicy(orgRef.getHref(), settingsToRevertTo);
}
} }
@Test(testName = "DELETE /admin/user/{id}", @Test(testName = "DELETE /admin/user/{id}",