javatests/com/google/gerrit/acceptance/rest/account/GetAccountDetailIT.java - gerrit - Git at Google

 // Copyright (C) 2015 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.google.gerrit.acceptance.rest.account;

 import static com.google.common.truth.Truth.assertThat;
 import static com.google.gerrit.acceptance.rest.account.AccountAssert.assertAccountInfo;

 import com.google.common.collect.ImmutableList;
 import com.google.gerrit.acceptance.AbstractDaemonTest;
 import com.google.gerrit.acceptance.RestResponse;
 import com.google.gerrit.acceptance.testsuite.account.AccountOperations;
 import com.google.gerrit.acceptance.testsuite.group.GroupOperations;
 import com.google.gerrit.entities.Account;
 import com.google.gerrit.entities.AccountGroup;
 import com.google.gerrit.extensions.annotations.Exports;
 import com.google.gerrit.extensions.common.AccountDetailInfo;
 import com.google.gerrit.extensions.common.AccountInfo;
 import com.google.gerrit.extensions.config.FactoryModule;
 import com.google.gerrit.server.account.AccountTagProvider;
 import com.google.gerrit.server.account.ServiceUserClassifier;
 import com.google.gerrit.server.permissions.GlobalPermission;
 import com.google.gerrit.server.permissions.PermissionBackend;
 import com.google.inject.Inject;
 import com.google.inject.Module;
 import java.util.List;
 import org.junit.Test;

 public class GetAccountDetailIT extends AbstractDaemonTest {
   @Inject private GroupOperations groupOperations;
   @Inject private AccountOperations accountOperations;

   @Override
   public Module createModule() {
     return new FactoryModule() {
       @Override
       public void configure() {
         bind(AccountTagProvider.class)
             .annotatedWith(Exports.named("CustomAccountTagProvider"))
             .to(CustomAccountTagProvider.class);
       }
     };
   }

   @Test
   public void getDetail() throws Exception {
     RestResponse r = adminRestSession.get("/accounts/" + admin.username() + "/detail/");
     AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
     assertAccountInfo(admin, info);
     Account account = getAccount(admin.id());
     assertThat(info.registeredOn.getTime()).isEqualTo(account.registeredOn().toEpochMilli());
   }

   @Test
   public void getDetailForServiceUser() throws Exception {
     Account.Id serviceUser = accountOperations.newAccount().create();
     groupOperations
         .group(
             groupCache
                 .get(AccountGroup.nameKey(ServiceUserClassifier.SERVICE_USERS))
                 .get()
                 .getGroupUUID())
         .forUpdate()
         .addMember(serviceUser)
         .update();
     RestResponse r = adminRestSession.get("/accounts/" + serviceUser.get() + "/detail/");
     AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
     assertThat(info.tags).containsExactly(AccountInfo.Tags.SERVICE_USER);
   }

   @Test
   public void getDetailForExtensionPointAccountTag() throws Exception {
     RestResponse r = userRestSession.get("/accounts/" + user.username() + "/detail/");
     AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
     assertThat(info.tags).containsExactly("BASIC_USER");
   }

   @Test
   public void searchForSecondaryEmailRequiresModifyAccountPermission() throws Exception {
     Account.Id id =
         accountOperations
             .newAccount()
             .preferredEmail("preferred@email")
             .addSecondaryEmail("secondary@email")
             .create();
     RestResponse r = userRestSession.get("/accounts/secondary/detail/");
     r.assertStatus(404);
     // The admin has MODIFY_ACCOUNT permission and can see the user.
     r = adminRestSession.get("/accounts/secondary/detail/");
     r.assertStatus(200);
     AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
     assertThat(info._accountId).isEqualTo(id.get());
   }

   private static class CustomAccountTagProvider implements AccountTagProvider {
     private PermissionBackend permissions;

     @Inject
     public CustomAccountTagProvider(PermissionBackend permissions) {
       this.permissions = permissions;
     }

     @Override
     public List<String> getTags(Account.Id id) {
       try {
         if (!permissions.currentUser().test(GlobalPermission.ADMINISTRATE_SERVER)) {
           return ImmutableList.of("BASIC_USER");
         }
       } catch (Exception e) {
         throw new IllegalStateException("can't check admin permissions", e);
       }
       return ImmutableList.of();
     }
   }
 }
	// Copyright (C) 2015 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.google.gerrit.acceptance.rest.account;

	import static com.google.common.truth.Truth.assertThat;
	import static com.google.gerrit.acceptance.rest.account.AccountAssert.assertAccountInfo;

	import com.google.common.collect.ImmutableList;
	import com.google.gerrit.acceptance.AbstractDaemonTest;
	import com.google.gerrit.acceptance.RestResponse;
	import com.google.gerrit.acceptance.testsuite.account.AccountOperations;
	import com.google.gerrit.acceptance.testsuite.group.GroupOperations;
	import com.google.gerrit.entities.Account;
	import com.google.gerrit.entities.AccountGroup;
	import com.google.gerrit.extensions.annotations.Exports;
	import com.google.gerrit.extensions.common.AccountDetailInfo;
	import com.google.gerrit.extensions.common.AccountInfo;
	import com.google.gerrit.extensions.config.FactoryModule;
	import com.google.gerrit.server.account.AccountTagProvider;
	import com.google.gerrit.server.account.ServiceUserClassifier;
	import com.google.gerrit.server.permissions.GlobalPermission;
	import com.google.gerrit.server.permissions.PermissionBackend;
	import com.google.inject.Inject;
	import com.google.inject.Module;
	import java.util.List;
	import org.junit.Test;

	public class GetAccountDetailIT extends AbstractDaemonTest {
	@Inject private GroupOperations groupOperations;
	@Inject private AccountOperations accountOperations;

	@Override
	public Module createModule() {
	return new FactoryModule() {
	@Override
	public void configure() {
	bind(AccountTagProvider.class)
	.annotatedWith(Exports.named("CustomAccountTagProvider"))
	.to(CustomAccountTagProvider.class);
	}
	};
	}

	@Test
	public void getDetail() throws Exception {
	RestResponse r = adminRestSession.get("/accounts/" + admin.username() + "/detail/");
	AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
	assertAccountInfo(admin, info);
	Account account = getAccount(admin.id());
	assertThat(info.registeredOn.getTime()).isEqualTo(account.registeredOn().toEpochMilli());
	}

	@Test
	public void getDetailForServiceUser() throws Exception {
	Account.Id serviceUser = accountOperations.newAccount().create();
	groupOperations
	.group(
	groupCache
	.get(AccountGroup.nameKey(ServiceUserClassifier.SERVICE_USERS))
	.get()
	.getGroupUUID())
	.forUpdate()
	.addMember(serviceUser)
	.update();
	RestResponse r = adminRestSession.get("/accounts/" + serviceUser.get() + "/detail/");
	AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
	assertThat(info.tags).containsExactly(AccountInfo.Tags.SERVICE_USER);
	}

	@Test
	public void getDetailForExtensionPointAccountTag() throws Exception {
	RestResponse r = userRestSession.get("/accounts/" + user.username() + "/detail/");
	AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
	assertThat(info.tags).containsExactly("BASIC_USER");
	}

	@Test
	public void searchForSecondaryEmailRequiresModifyAccountPermission() throws Exception {
	Account.Id id =
	accountOperations
	.newAccount()
	.preferredEmail("preferred@email")
	.addSecondaryEmail("secondary@email")
	.create();
	RestResponse r = userRestSession.get("/accounts/secondary/detail/");
	r.assertStatus(404);
	// The admin has MODIFY_ACCOUNT permission and can see the user.
	r = adminRestSession.get("/accounts/secondary/detail/");
	r.assertStatus(200);
	AccountDetailInfo info = newGson().fromJson(r.getReader(), AccountDetailInfo.class);
	assertThat(info._accountId).isEqualTo(id.get());
	}

	private static class CustomAccountTagProvider implements AccountTagProvider {
	private PermissionBackend permissions;

	@Inject
	public CustomAccountTagProvider(PermissionBackend permissions) {
	this.permissions = permissions;
	}

	@Override
	public List<String> getTags(Account.Id id) {
	try {
	if (!permissions.currentUser().test(GlobalPermission.ADMINISTRATE_SERVER)) {
	return ImmutableList.of("BASIC_USER");
	}
	} catch (Exception e) {
	throw new IllegalStateException("can't check admin permissions", e);
	}
	return ImmutableList.of();
	}
	}
	}