Source Code of org.ejbca.core.ejb.config.GlobalConfigurationSessionBeanTest

/*************************************************************************
 *                                                                       *
 *  EJBCA: The OpenSource Certificate Authority                          *
 *                                                                       *
 *  This software is free software; you can redistribute it and/or       *
 *  modify it under the terms of the GNU Lesser General Public           *
 *  License as published by the Free Software Foundation; either         *
 *  version 2.1 of the License, or any later version.                    *
 *                                                                       *
 *  See terms of license at gnu.org.                                     *
 *                                                                       *
 *************************************************************************/

package org.ejbca.core.ejb.config;

import java.util.Collection;

import org.ejbca.config.GlobalConfiguration;
import org.ejbca.core.ejb.authorization.AuthorizationSessionRemote;
import org.ejbca.core.ejb.ca.CaTestCase;
import org.ejbca.core.ejb.ca.caadmin.CAAdminSessionRemote;
import org.ejbca.core.ejb.ca.caadmin.CaSessionRemote;
import org.ejbca.core.model.authorization.AuthorizationDeniedException;
import org.ejbca.core.model.ca.caadmin.CAInfo;
import org.ejbca.core.model.log.Admin;
import org.ejbca.util.InterfaceCache;

/**
 * Tests the global configuration entity bean.
 *
 * TODO: Remake this test into a mocked unit test, to allow testing of a multiple instance database.
 * TODO: Add more tests for other remote methods similar to testNonCLIUser_* and testDisabledCLI_*.
 *
 * @version $Id: GlobalConfigurationSessionBeanTest.java 11818 2011-04-26 11:14:44Z jeklund $
 */
public class GlobalConfigurationSessionBeanTest extends CaTestCase {

  private static final Admin[] NON_CLI_ADMINS = new Admin[] {
    new Admin(Admin.TYPE_INTERNALUSER),
    new Admin(Admin.TYPE_PUBLIC_WEB_USER)
  };

  private Collection<Integer> caids;

  private GlobalConfigurationSessionRemote globalConfigurationSession = InterfaceCache.getGlobalConfigurationSession();

  private CaSessionRemote caSession = InterfaceCache.getCaSession();
  private CAAdminSessionRemote caAdminSession = InterfaceCache.getCAAdminSession();
  private AuthorizationSessionRemote authorizationSession = InterfaceCache.getAuthorizationSession();

    private Admin administrator = new Admin(Admin.TYPE_CACOMMANDLINE_USER);
    private GlobalConfiguration original = null;

    /**
     * Creates a new TestGlobalConfiguration object.
     *
     * @param name
     *            name
     */
    public GlobalConfigurationSessionBeanTest(String name) {
        super(name);
    }

    public void setUp() throws Exception {
      enableCLI(true);
      createTestCA();

        // First save the original
        // FIXME: Do this in @BeforeClass in JUnit4
        if (original == null) {
            original = this.globalConfigurationSession.getCachedGlobalConfiguration(administrator);
        }
          caids = caSession.getAvailableCAs(administrator);
          assertFalse("No CAs exists so this test will not work", caids.isEmpty());
        }

    public void tearDown() throws Exception {
      globalConfigurationSession.saveGlobalConfigurationRemote(administrator, original);
      enableCLI(true);
        administrator = null;
        removeTestCA();
    }

    /**
     * Tests adding a global configuration and waiting for the cache to be updated.
     *
     * @throws Exception
     *             error
     */
    public void testAddAndReadGlobalConfigurationCache() throws Exception {

        // Read a value to reset the timer
      globalConfigurationSession.getCachedGlobalConfiguration(administrator);
        setInitialValue();

        // Set a brand new value
        GlobalConfiguration newValue = new GlobalConfiguration();
        newValue.setEjbcaTitle("BAR");
        globalConfigurationSession.saveGlobalConfigurationRemote(administrator, newValue);

        GlobalConfiguration cachedValue = globalConfigurationSession.getCachedGlobalConfiguration(administrator);

        cachedValue = globalConfigurationSession.getCachedGlobalConfiguration(administrator);
        assertEquals("The GlobalConfigfuration cache was not automatically updated.", "BAR", cachedValue.getEjbcaTitle());

    }

  /**
     * Set a preliminary value and allows the cache to set it.
     * @throws InterruptedException
     */
    private void setInitialValue() throws InterruptedException, AuthorizationDeniedException {

        GlobalConfiguration initial = new GlobalConfiguration();
        initial.setEjbcaTitle("FOO");
        globalConfigurationSession.saveGlobalConfigurationRemote(administrator, initial);
    }

    /**
     * Tests that we can not pretend to be something other than command line
     * user and call the method getAvailableCAs.
     * @throws Exception
     */
    public void testNonCLIUser_getAvailableCAs() throws Exception {
      enableCLI(true);
      for (Admin admin : NON_CLI_ADMINS) {
        operationGetAvailabeCAs(admin);
      }
    }
    /**
     * Tests that we can disable the CLI and then that we can not call the
     * method getAvailableCAs.
     * @throws Exception
     */
    public void testDisabledCLI_getAvailableCAs() throws Exception {
      enableCLI(false);
      operationGetAvailabeCAs(administrator);
    }

    /**
     * Tests that we can not pretend to be something other than command line
     * user and call the method getAvailableCAs.
     * @throws Exception
     */
    public void testNonCLIUser_getCAInfo() throws Exception {
      enableCLI(true);
      for (Admin admin : NON_CLI_ADMINS) {
        operationGetCAInfo(admin, caids);
      }
    }
    /**
     * Tests that we can disable the CLI and then that we can not call the
     * method getAvailableCAs.
     * @throws Exception
     */
    public void testDisabledCLI_getCAInfo() throws Exception {
      enableCLI(false);
      operationGetCAInfo(administrator, caids);
    }

    /**
     * Enables/disables CLI and flushes caches unless the property does not
     * aready have the right value.
     * @param enable
     */
    private void enableCLI(final boolean enable) {
      final GlobalConfiguration config = globalConfigurationSession.flushCache();
      final GlobalConfiguration newConfig;
      if (config.getEnableCommandLineInterface() == enable) {
        newConfig = config;
      } else {
        config.setEnableCommandLineInterface(enable);
        globalConfigurationSession.saveGlobalConfigurationRemote(administrator, config);
        newConfig = globalConfigurationSession.flushCache();
      }
      assertEquals("CLI should have been enabled/disabled",
          enable, newConfig.getEnableCommandLineInterface());
      authorizationSession.flushAuthorizationRuleCache();
    }

    /**
     * Try to get available CAs. Test assumes the CLI is disabled or that the admin
     *  is not authorized.
     * @param admin To perform the operation with.
     */
    private void operationGetAvailabeCAs(final Admin admin) {
      // Get some CA ids: should be empty now
      final Collection<Integer> emptyCaids = caSession.getAvailableCAs(admin);
      assertTrue("Should not have got any CAs as admin of type "
          + admin.getAdminType(), emptyCaids.isEmpty());
    }

    /**
     * Try to get CA infos. Test assumes the CLI is disabled or that the admin
     *  is not authorized.
     * @param admin to perform the operation with.
     * @param knownCaids IDs to test with.
     */
    private void operationGetCAInfo(final Admin admin, final Collection<Integer> knownCaids) {
      // Get CA infos: We should not get any CA infos even if we know the IDs
      for (int caid : knownCaids)  {
        final CAInfo ca = caAdminSession.getCAInfo(admin, caid);
        assertNull("Got CA " + caid + " as admin of type " + admin.getAdminType(), ca);
      }
    }

}