add test for check roles

2024-11-06 00:15:23 +00:00 · 2021-03-05 14:36:08 +03:00 · 2021-03-05 14:36:08 +03:00 · e177a2a275
commit e177a2a275
parent bd41a8017e
2 changed files with 78 additions and 0 deletions
--- a/src/test/java/com/rbkmoney/orgmanager/TestObjectFactory.java
+++ b/src/test/java/com/rbkmoney/orgmanager/TestObjectFactory.java
@ -8,6 +8,8 @@ import com.rbkmoney.bouncer.context.v1.User;
 import com.rbkmoney.orgmanager.entity.MemberEntity;
 import com.rbkmoney.orgmanager.service.dto.BouncerContextDto;
 import com.rbkmoney.orgmanager.service.dto.RoleDto;
+import com.rbkmoney.swag.organizations.model.MemberRole;
+import com.rbkmoney.swag.organizations.model.RoleId;
 import org.keycloak.representations.AccessToken;

 import java.time.LocalDateTime;
@ -70,6 +72,12 @@ public abstract class TestObjectFactory {
                .build();
    }

+    public static MemberRole testMemberRole() {
+        MemberRole memberRole = new MemberRole();
+        memberRole.setRoleId(RoleId.MANAGER);
+        return memberRole;
+    }
+
    public static String randomString() {
        return UUID.randomUUID().toString();
    }
--- a/src/test/java/com/rbkmoney/orgmanager/service/ResourceAccessServiceImplTest.java
+++ b/src/test/java/com/rbkmoney/orgmanager/service/ResourceAccessServiceImplTest.java
@ -4,6 +4,7 @@ import com.rbkmoney.orgmanager.TestObjectFactory;
 import com.rbkmoney.orgmanager.config.properties.AccessProperties;
 import com.rbkmoney.orgmanager.exception.AccessDeniedException;
 import com.rbkmoney.orgmanager.service.dto.BouncerContextDto;
+import com.rbkmoney.swag.organizations.model.MemberRole;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
@ -118,4 +119,73 @@ class ResourceAccessServiceImplTest {
        when(bouncerService.havePrivileges(any(BouncerContextDto.class))).thenReturn(true);
        assertDoesNotThrow(() -> resourceAccessService.checkMemberRights(orgId, memberId));
    }
+
+    @Test
+    void checkRoleNotEnabled() {
+        accessProperties.setEnabled(false);
+        var orgId = "test";
+        var memberRole = new MemberRole();
+
+        assertDoesNotThrow(() -> resourceAccessService.checkRoleRights(orgId, memberRole));
+
+        verify(bouncerService, times(0)).havePrivileges(any(BouncerContextDto.class));
+    }
+
+    @Test
+    void checkRoleRightsWithoutAccess() {
+        String orgId = TestObjectFactory.randomString();
+        MemberRole memberRole = TestObjectFactory.testMemberRole();
+        when(bouncerService.havePrivileges(any(BouncerContextDto.class))).thenReturn(false);
+
+        var exception = assertThrows(AccessDeniedException.class,
+                () -> resourceAccessService.checkRoleRights(orgId, memberRole));
+
+        assertThat(exception.getMessage(),
+                stringContainsInOrder("No rights to perform", orgId, memberRole.getRoleId().getValue()));
+    }
+
+    @Test
+    void checkRoleRightsSuccess() {
+        String orgId = TestObjectFactory.randomString();
+        MemberRole memberRole = TestObjectFactory.testMemberRole();
+        when(bouncerService.havePrivileges(any(BouncerContextDto.class))).thenReturn(true);
+        assertDoesNotThrow(() -> resourceAccessService.checkRoleRights(orgId, memberRole));
+    }
+
+    @Test
+    void checkMemberRoleNotEnabled() {
+        accessProperties.setEnabled(false);
+        var orgId = TestObjectFactory.randomString();
+        var memberId = TestObjectFactory.randomString();
+        var memberRole = new MemberRole();
+
+        assertDoesNotThrow(() -> resourceAccessService.checkMemberRoleRights(orgId, memberId, memberRole));
+
+        verify(bouncerService, times(0)).havePrivileges(any(BouncerContextDto.class));
+    }
+
+    @Test
+    void checkMemberRoleRightsWithoutAccess() {
+        String orgId = TestObjectFactory.randomString();
+        String memberId = TestObjectFactory.randomString();
+        MemberRole memberRole = TestObjectFactory.testMemberRole();
+        when(bouncerService.havePrivileges(any(BouncerContextDto.class))).thenReturn(false);
+
+        var exception = assertThrows(AccessDeniedException.class,
+                () -> resourceAccessService.checkMemberRoleRights(orgId, memberId, memberRole));
+
+        assertThat(exception.getMessage(),
+                stringContainsInOrder("No rights to perform", orgId, memberId, memberRole.getRoleId().getValue()));
+    }
+
+    @Test
+    void checkMemberRoleRightsSuccess() {
+        String orgId = TestObjectFactory.randomString();
+        String memberId = TestObjectFactory.randomString();
+        MemberRole memberRole = TestObjectFactory.testMemberRole();
+        when(bouncerService.havePrivileges(any(BouncerContextDto.class))).thenReturn(true);
+        assertDoesNotThrow(() -> resourceAccessService.checkMemberRoleRights(orgId, memberId, memberRole));
+    }
+
+
 }