Reviewed scenarios and added supported ones.

Commented on missing scenarios.
neo4j · Jun 22, 2016 · 20d042f · 20d042f
1 parent df3a357
commit 20d042f
Show file tree

Hide file tree

Showing 3 changed files with 260 additions and 112 deletions.
diff --git a/...curity/src/test/java/org/neo4j/server/security/enterprise/auth/AuthProcedureTestBase.java b/...curity/src/test/java/org/neo4j/server/security/enterprise/auth/AuthProcedureTestBase.java
@@ -64,6 +64,10 @@ public class AuthProcedureTestBase
     protected AuthSubject readSubject;
     protected AuthSubject noneSubject;
 
+    protected String[] initialUsers = { "adminSubject", "readSubject", "schemaSubject",
+        "readWriteSubject", "noneSubject", "neo4j" };
+    protected String[] initialRoles = { "admin", "architect", "publisher", "reader", "empty" };
+
     protected GraphDatabaseAPI db;
     protected ShiroAuthManager manager;
 
@@ -102,13 +106,18 @@ public void tearDown() throws Throwable
         manager.shutdown();
     }
 
-    //------------- Helper functions---------------
+    protected String[] with( String[] strs, String... moreStr )
+    {
+        return Stream.concat( Arrays.stream(strs), Arrays.stream( moreStr ) ).toArray( String[]::new );
+    }
 
     protected List<String> listOf( String... values )
     {
         return Stream.of( values ).collect( Collectors.toList() );
     }
 
+    //------------- Helper functions---------------
+
     protected void testSuccessfulReadAction( AuthSubject subject, int count )
     {
         testCallCount( db, subject, "MATCH (n) RETURN n", null, count );
@@ -172,9 +181,10 @@ protected void testFailDeleteUser( AuthSubject subject )
                 AuthProcedures.PERMISSION_DENIED );
     }
 
-    protected void testSuccessfulListUsersAction( AuthSubject subject, int count )
+    protected void testSuccessfulListUsersAction( AuthSubject subject, String[] users )
     {
-        testCallCount( db, subject, "CALL dbms.listUsers() YIELD value AS users RETURN users", null, count );
+        testResult( db, subject, "CALL dbms.listUsers() YIELD username AS users RETURN users",
+                r -> resultKeyIsArray( r, "users", users ) );
     }
 
     protected void testFailListUsers( AuthSubject subject, int count )
@@ -184,9 +194,10 @@ protected void testFailListUsers( AuthSubject subject, int count )
                 QueryExecutionException.class, AuthProcedures.PERMISSION_DENIED );
     }
 
-    protected void testSuccessfulListRolesAction( AuthSubject subject )
+    protected void testSuccessfulListRolesAction( AuthSubject subject, String[] roles )
     {
-        testCallCount( db, subject, "CALL dbms.listRoles() YIELD value AS roles RETURN roles", null, 5 );
+        testResult( db, subject, "CALL dbms.listRoles() YIELD role AS roles RETURN roles",
+                r -> resultKeyIsArray( r, "roles", roles ) );
     }
 
     protected void testFailListRoles( AuthSubject subject )
@@ -215,8 +226,13 @@ protected List<Object> getObjectsAsList( Result r, String key )
         return r.stream().map( s -> s.get( key ) ).collect( Collectors.toList() );
     }
 
-    protected void resultContainsInAnyOrder( Result r, String key, Object... items )
+    protected void resultKeyIs( Result r, String key, String... items )
     {
+        resultKeyIsArray( r, key, items );
+    }
+
+    protected void resultKeyIsArray( Result r, String key, String[] items )
+        {
         List<Object> results = getObjectsAsList( r, key );
         Assert.assertThat( results, containsInAnyOrder( items ) );
         assertEquals( Arrays.asList( items ).size(), results.size() );

diff --git a/.../security/src/test/java/org/neo4j/server/security/enterprise/auth/AuthProceduresTest.java b/.../security/src/test/java/org/neo4j/server/security/enterprise/auth/AuthProceduresTest.java
@@ -19,42 +19,20 @@
  */
 package org.neo4j.server.security.enterprise.auth;
 
-import org.apache.shiro.authc.AuthenticationException;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
 import org.junit.Test;
 
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
 import java.util.Map;
-import java.util.function.Consumer;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
 
 import org.neo4j.graphdb.QueryExecutionException;
-import org.neo4j.graphdb.Result;
-import org.neo4j.graphdb.Transaction;
-import org.neo4j.graphdb.security.AuthorizationViolationException;
-import org.neo4j.kernel.api.KernelTransaction;
 import org.neo4j.kernel.api.security.AuthSubject;
 import org.neo4j.kernel.api.security.AuthenticationResult;
-import org.neo4j.kernel.internal.GraphDatabaseAPI;
-import org.neo4j.server.security.auth.BasicPasswordPolicy;
-import org.neo4j.server.security.auth.InMemoryUserRepository;
-import org.neo4j.test.TestEnterpriseGraphDatabaseFactory;
-
-import static java.time.Clock.systemUTC;
-import static org.hamcrest.CoreMatchers.containsString;
-import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.containsInAnyOrder;
+
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
+
 import static org.neo4j.helpers.collection.MapUtil.map;
 import static org.neo4j.server.security.auth.SecurityTestUtils.authToken;
 import static org.neo4j.server.security.enterprise.auth.PredefinedRolesBuilder.ADMIN;
@@ -290,7 +268,7 @@ public void shouldNotAllowNonAdminDeleteUser() throws Exception
     }
 
     @Test
-    public void shouldAllowDeletingUserMultipleTimes() throws Exception
+    public void shouldNotAllowDeletingNonExistingUser() throws Exception
     {
         testCallEmpty( db, adminSubject, "CALL dbms.createUser('Craig', '1234', true)" );
         assertNotNull( "User Craig should exist", manager.getUser( "Craig" ) );
@@ -338,7 +316,7 @@ public void shouldFailOnNonAdminActivate() throws Exception
     public void shouldReturnUsers() throws Exception
     {
         testResult( db, adminSubject, "CALL dbms.listUsers() YIELD username",
-                r -> resultContainsInAnyOrder( r, "username", "adminSubject", "readSubject", "schemaSubject",
+                r -> resultKeyIs( r, "username", "adminSubject", "readSubject", "schemaSubject",
                         "readWriteSubject", "noneSubject", "neo4j" ) );
     }
 
@@ -388,7 +366,7 @@ public void shouldNotAllowNonAdminListUsers() throws Exception
     public void shouldReturnRoles() throws Exception
     {
         testResult( db, adminSubject, "CALL dbms.listRoles() YIELD role AS roles RETURN roles",
-                r -> resultContainsInAnyOrder( r, "roles", ADMIN, ARCHITECT, PUBLISHER, READER, "empty" ) );
+                r -> resultKeyIs( r, "roles", ADMIN, ARCHITECT, PUBLISHER, READER, "empty" ) );
     }
 
     @Test
@@ -418,7 +396,7 @@ public void shouldNotAllowNonAdminListRoles() throws Exception
     public void shouldListRolesForUser() throws Exception
     {
         testResult( db, adminSubject, "CALL dbms.listRolesForUser('adminSubject') YIELD value as roles RETURN roles",
-                r -> resultContainsInAnyOrder( r, "roles", ADMIN ) );
+                r -> resultKeyIs( r, "roles", ADMIN ) );
     }
 
     @Test
@@ -448,7 +426,7 @@ public void shouldListNoRolesForUserWithNoRoles() throws Exception
     public void shouldListUsersForRole() throws Exception
     {
         testResult( db, adminSubject, "CALL dbms.listUsersForRole('admin') YIELD value as users RETURN users",
-                r -> resultContainsInAnyOrder( r, "users", adminSubject.name(), "neo4j" ) );
+                r -> resultKeyIs( r, "users", adminSubject.name(), "neo4j" ) );
     }
 
     @Test