keycloak-uncached
Changes
testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js 10(+10 -0)
testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/partials/album/create.html 1(+1 -0)
testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java 12(+7 -5)
Details
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js
index bf71b43..691e01a 100755
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/js/app.js
@@ -88,6 +88,16 @@ module.controller('AlbumCtrl', function ($scope, $http, $routeParams, $location,
$location.path('/');
});
};
+
+ $scope.createWithInvalidUser = function () {
+ var newAlbum = new Album($scope.album);
+ newAlbum.$save({user: 'invalidUser'}, function (data) {
+ document.getElementById("output").innerHTML = 'Request was successful'
+ },
+ function (response) {
+ document.getElementById("output").innerHTML = response.data;
+ });
+ };
});
module.controller('ProfileCtrl', function ($scope, $http, $routeParams, $location, Profile) {
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/partials/album/create.html b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/partials/album/create.html
index d9ddd25..403adfa 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/partials/album/create.html
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-html5-client/src/main/webapp/partials/album/create.html
@@ -4,4 +4,5 @@
Name: <input type="text" id="album.name" ng-model="album.name"/>
<button ng-click="create()" id="save-album">Save</button>
+ <button ng-click="createWithInvalidUser()" id="save-album-invalid">Save with invalid user</button>
</form>
diff --git a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java
index 81c5a53..cd4fdba 100644
--- a/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java
+++ b/testsuite/integration-arquillian/test-apps/photoz/photoz-restful-api/src/main/java/org/keycloak/example/photoz/album/AlbumService.java
@@ -22,6 +22,7 @@ import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
@@ -54,17 +55,18 @@ public class AlbumService {
@POST
@Consumes("application/json")
- public Response create(Album newAlbum) {
+ public Response create(Album newAlbum, @QueryParam("user") String username) {
newAlbum.setId(++nextId);
- Principal userPrincipal = request.getUserPrincipal();
-
- newAlbum.setUserId(userPrincipal.getName());
+ if (username == null) {
+ username = request.getUserPrincipal().getName();
+ }
+ newAlbum.setUserId(username);
Query queryDuplicatedAlbum = this.entityManager.createQuery("from Album where name = :name and userId = :userId");
queryDuplicatedAlbum.setParameter("name", newAlbum.getName());
- queryDuplicatedAlbum.setParameter("userId", userPrincipal.getName());
+ queryDuplicatedAlbum.setParameter("userId", username);
if (!queryDuplicatedAlbum.getResultList().isEmpty()) {
throw new ErrorResponse("Name [" + newAlbum.getName() + "] already taken. Choose another one.", Status.CONFLICT);
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java
index b721166..2285be0 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/adapter/page/PhotozClientAuthzTestApp.java
@@ -53,23 +53,34 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
protected ConsentPage consentPage;
@FindBy(xpath = "//a[@ng-click = 'Identity.logout()']")
- WebElement signOutButton;
+ private WebElement signOutButton;
@FindBy(id = "entitlement")
- WebElement entitlement;
+ private WebElement entitlement;
@FindBy(id = "entitlements")
- WebElement entitlements;
+ private WebElement entitlements;
+
+ @FindBy(id = "output")
+ private WebElement output;
public void createAlbum(String name) {
+ createAlbum(name, "save-album");
+ }
+
+ public void createAlbum(String name, String buttonId) {
navigateTo();
this.driver.findElement(By.id("create-album")).click();
Form.setInputValue(this.driver.findElement(By.id("album.name")), name);
pause(200); // We need to wait a bit for the form to "accept" the input (otherwise it registers the input as empty)
- this.driver.findElement(By.id("save-album")).click();
+ this.driver.findElement(By.id(buttonId)).click();
pause(WAIT_AFTER_OPERATION);
}
+ public void createAlbumWithInvalidUser(String name) {
+ createAlbum(name, "save-album-invalid");
+ }
+
@Override
public URL getInjectedUrl() {
return this.url;
@@ -137,6 +148,10 @@ public class PhotozClientAuthzTestApp extends AbstractPageWithInjectedUrl {
pause(WAIT_AFTER_OPERATION);
}
+ public WebElement getOutput() {
+ return output;
+ }
+
@Override
public void navigateTo(boolean waitForMatch) {
super.navigateTo(waitForMatch);
diff --git a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
index d6f9134..332dd2f 100644
--- a/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
+++ b/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/authorization/AbstractPhotozExampleAdapterTest.java
@@ -59,6 +59,7 @@ import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.keycloak.testsuite.util.IOUtil.loadJson;
import static org.keycloak.testsuite.util.IOUtil.loadRealm;
+import static org.keycloak.testsuite.util.WaitUtils.waitUntilElement;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
@@ -142,6 +143,22 @@ public abstract class AbstractPhotozExampleAdapterTest extends AbstractExampleAd
}
@Test
+ public void createAlbumWithInvalidUser() {
+ try {
+ this.deployer.deploy(RESOURCE_SERVER_ID);
+
+ loginToClientPage("alice", "alice");
+
+ clientPage.createAlbumWithInvalidUser("Alice Family Album");
+
+ waitUntilElement(clientPage.getOutput()).text().not().contains("Request was successful");
+ waitUntilElement(clientPage.getOutput()).text().contains("Could not register protected resource");
+ } finally {
+ this.deployer.undeploy(RESOURCE_SERVER_ID);
+ }
+ }
+
+ @Test
public void testOnlyOwnerCanDeleteAlbum() throws Exception {
try {
this.deployer.deploy(RESOURCE_SERVER_ID);