This is an automated email from the ASF dual-hosted git repository.
madhan pushed a commit to branch ranger-2.4
in repository https://gitbox.apache.org/repos/asf/ranger.git
The following commit(s) were added to refs/heads/ranger-2.4 by this push:
new 556675a15 RANGER-3883: updated REST APIs to validate id/userId path
parameter
556675a15 is described below
commit 556675a15a0b99d871d5668e08a109a1b04429b7
Author: Ramachandran Krishnan <ramachandran.k.krish...@oracle.com>
AuthorDate: Tue Nov 29 17:23:33 2022 +0530
RANGER-3883: updated REST APIs to validate id/userId path parameter
Signed-off-by: Madhan Neethiraj <mad...@apache.org>
(cherry picked from commit d1fd921e419c469d3b02e96ae9a5c4d1081cd15a)
---
.../java/org/apache/ranger/rest/AssetREST.java | 11 +-
.../java/org/apache/ranger/rest/PublicAPIs.java | 2 +-
.../java/org/apache/ranger/rest/PublicAPIsv2.java | 8 +-
.../java/org/apache/ranger/rest/ServiceREST.java | 29 +++-
.../main/java/org/apache/ranger/rest/UserREST.java | 14 +-
.../java/org/apache/ranger/rest/XUserREST.java | 12 +-
.../java/org/apache/ranger/rest/TestAssetREST.java | 54 ++++++-
.../org/apache/ranger/rest/TestPublicAPIs.java | 7 +-
.../org/apache/ranger/rest/TestPublicAPIsv2.java | 16 +--
.../org/apache/ranger/rest/TestServiceREST.java | 155 +++++++++++++++++++--
.../java/org/apache/ranger/rest/TestUserREST.java | 33 +++--
.../java/org/apache/ranger/rest/TestXUserREST.java | 41 +++++-
12 files changed, 322 insertions(+), 60 deletions(-)
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
index a0ba3b750..abc324dd1 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/AssetREST.java
@@ -341,15 +341,22 @@ public class AssetREST {
@Path("/resources/{id}")
@Consumes({ "application/json" })
@Produces({ "application/json" })
- public VXResource updateXResource(VXResource vXResource) {
+ public VXResource updateXResource(VXResource vXResource ,
@PathParam("id") Long id) {
if(logger.isDebugEnabled()) {
logger.debug("==> AssetREST.updateXResource(" +
vXResource + ")");
}
+ // if vXResource.id is specified, it should be same as the
param 'id'
+ if (vXResource.getId() == null) {
+ vXResource.setId(id);
+ } else if(!vXResource.getId().equals(id)) {
+ throw
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST ,
"resource Id mismatch", true);
+ }
+
RangerService service =
serviceREST.getService(vXResource.getAssetId());
RangerPolicy policy = serviceUtil.toRangerPolicy(vXResource,
service);
- RangerPolicy updatedPolicy = serviceREST.updatePolicy(policy);
+ RangerPolicy updatedPolicy = serviceREST.updatePolicy(policy,
policy.getId());
VXResource ret = serviceUtil.toVXResource(updatedPolicy,
service);
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
index 2e7e90bb4..a6b86e965 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIs.java
@@ -321,7 +321,7 @@ public class PublicAPIs {
if(policy != null) {
policy.setVersion(existing.getVersion());
- RangerPolicy updatedPolicy =
serviceREST.updatePolicy(policy);
+ RangerPolicy updatedPolicy =
serviceREST.updatePolicy(policy, policy.getId());
ret = serviceUtil.toVXPolicy(updatedPolicy, service);
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
index 293107f24..c7a6ea0a6 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/PublicAPIsv2.java
@@ -253,7 +253,7 @@ public class PublicAPIsv2 {
throw
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST ,
"serviceDef id mismatch", true);
}
- return serviceREST.updateServiceDef(serviceDef);
+ return serviceREST.updateServiceDef(serviceDef,
serviceDef.getId());
}
@@ -279,7 +279,7 @@ public class PublicAPIsv2 {
serviceDef.setGuid(existingServiceDef.getGuid());
}
- return serviceREST.updateServiceDef(serviceDef);
+ return serviceREST.updateServiceDef(serviceDef, null);
}
/*
@@ -538,7 +538,7 @@ public class PublicAPIsv2 {
throw
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST ,
"policyID mismatch", true);
}
- return serviceREST.updatePolicy(policy);
+ return serviceREST.updatePolicy(policy, id);
}
@PUT
@@ -563,7 +563,7 @@ public class PublicAPIsv2 {
policy.setName(StringUtils.trim(oldPolicy.getName()));
}
- return serviceREST.updatePolicy(policy);
+ return serviceREST.updatePolicy(policy, policy.getId());
}
diff --git
a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
index c556f1e90..0538a7820 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java
@@ -323,11 +323,19 @@ public class ServiceREST {
@Consumes({ "application/json" })
@Produces({ "application/json" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" +
RangerAPIList.UPDATE_SERVICE_DEF + "\")")
- public RangerServiceDef updateServiceDef(RangerServiceDef serviceDef) {
+ public RangerServiceDef updateServiceDef(RangerServiceDef serviceDef,
@PathParam("id") Long id) {
if(LOG.isDebugEnabled()) {
LOG.debug("==>
ServiceREST.updateServiceDef(serviceDefName=" + serviceDef.getName() + ")");
}
+ // if serviceDef.id and param 'id' are specified, serviceDef.id
should be same as the param 'id'
+ // if serviceDef.id is null, then set param 'id' into
serviceDef Object
+ if (serviceDef.getId() == null) {
+ serviceDef.setId(id);
+ } else if(!serviceDef.getId().equals(id)) {
+ throw
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST ,
"serviceDef Id mismatch", true);
+ }
+
RangerServiceDef ret = null;
RangerPerfTracer perf = null;
@@ -1650,7 +1658,7 @@ public class ServiceREST {
RangerPolicy existingPolicy =
getPolicyMatchByName(policy, request);
if (existingPolicy != null) {
policy.setId(existingPolicy.getId());
- ret = updatePolicy(policy);
+ ret = updatePolicy(policy, null);
} else {
ret =
createPolicyUnconditionally(policy);
}
@@ -1749,7 +1757,7 @@ public class ServiceREST {
} else {
policy.setId(existingPolicy.getId());
}
- ret = updatePolicy(policy);
+ ret = updatePolicy(policy, null);
}
} catch(WebApplicationException excp) {
throw excp;
@@ -1772,10 +1780,19 @@ public class ServiceREST {
@Path("/policies/{id}")
@Consumes({ "application/json" })
@Produces({ "application/json" })
- public RangerPolicy updatePolicy(RangerPolicy policy) {
+ public RangerPolicy updatePolicy(RangerPolicy policy, @PathParam("id")
Long id) {
if(LOG.isDebugEnabled()) {
LOG.debug("==> ServiceREST.updatePolicy(" + policy +
")");
}
+
+ // if policy.id and param 'id' are specified, policy.id should
be same as the param 'id'
+ // if policy.id is null, then set param 'id' into policy Object
+ if (policy.getId() == null) {
+ policy.setId(id);
+ } else if(!policy.getId().equals(id)) {
+ throw
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST ,
"policyID mismatch", true);
+ }
+
RangerPolicy ret = null;
RangerPerfTracer perf = null;
@@ -2471,7 +2488,7 @@ public class ServiceREST {
createPolicy(policy, request);
} else {
ServiceRESTUtil.mergeExactMatchPolicyForResource(existingPolicy, policy);
-
updatePolicy(existingPolicy);
+
updatePolicy(existingPolicy, null);
}
} else {
createPolicy(policy, request);
@@ -2507,7 +2524,7 @@ public class ServiceREST {
createPolicy(policy, request);
} else {
ServiceRESTUtil.mergeExactMatchPolicyForResource(existingPolicy, policy);
-
updatePolicy(existingPolicy);
+
updatePolicy(existingPolicy, null);
}
} else {
createPolicy(policy, request);
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
index 5fc18034b..c6557b11c 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/UserREST.java
@@ -307,8 +307,13 @@ public class UserREST {
@Produces({ "application/json" })
public VXResponse changePassword(@PathParam("userId") Long userId,
VXPasswordChange changePassword) {
- if(changePassword==null ||
stringUtil.isEmpty(changePassword.getLoginId())){
+ if(changePassword==null ||
stringUtil.isEmpty(changePassword.getLoginId())) {
logger.warn("SECURITY:changePassword(): Invalid loginId
provided. loginId was empty or null");
+ throw
restErrorUtil.createRESTException("serverMsg.userRestUser",
MessageEnums.DATA_NOT_FOUND, null, null, "");
+ } else if (changePassword.getId() == null) {
+ changePassword.setId(userId);
+ } else if (!changePassword.getId().equals(userId) ) {
+ logger.warn("SECURITY:changePassword(): userId
mismatch");
throw
restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
null, null,"");
}
@@ -336,8 +341,13 @@ public class UserREST {
@Produces({ "application/json" })
public VXPortalUser changeEmailAddress(@PathParam("userId") Long userId,
VXPasswordChange changeEmail) {
- if(changeEmail==null ||
stringUtil.isEmpty(changeEmail.getLoginId())){
+ if(changeEmail==null ||
stringUtil.isEmpty(changeEmail.getLoginId())) {
logger.warn("SECURITY:changeEmail(): Invalid loginId
provided. loginId was empty or null");
+ throw
restErrorUtil.createRESTException("serverMsg.userRestUser",
MessageEnums.DATA_NOT_FOUND, null, null, "");
+ } else if (changeEmail.getId() == null) {
+ changeEmail.setId(userId);
+ } else if (!changeEmail.getId().equals(userId) ) {
+ logger.warn("SECURITY:changeEmail(): userId mismatch");
throw
restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
null, null,"");
}
diff --git a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
index dd12048ac..faad41c6c 100644
--- a/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
+++ b/security-admin/src/main/java/org/apache/ranger/rest/XUserREST.java
@@ -1111,7 +1111,7 @@ public class XUserREST {
public VXGroupPermission createXGroupPermission(
VXGroupPermission vXGroupPermission) {
xUserMgr.checkAdminAccess();
- bizUtil.blockAuditorRoleUser();
+ bizUtil.blockAuditorRoleUser();
return xUserMgr.createXGroupPermission(vXGroupPermission);
}
@@ -1128,10 +1128,16 @@ public class XUserREST {
@Consumes({ "application/json" })
@Produces({ "application/json" })
@PreAuthorize("@rangerPreAuthSecurityHandler.isAPIAccessible(\"" +
RangerAPIList.UPDATE_X_GROUP_PERMISSION + "\")")
- public VXGroupPermission updateXGroupPermission(
+ public VXGroupPermission updateXGroupPermission(@PathParam("id") Long
id,
VXGroupPermission vXGroupPermission) {
+ // if VXGroupPermission.id is specified, it should be same as
the param 'id'
+ if(vXGroupPermission.getId() == null) {
+ vXGroupPermission.setId(id);
+ } else if(!vXGroupPermission.getId().equals(id)) {
+ throw
restErrorUtil.createRESTException(HttpServletResponse.SC_BAD_REQUEST ,
"vXGroupPermission Id mismatch", true);
+ }
xUserMgr.checkAdminAccess();
- bizUtil.blockAuditorRoleUser();
+ bizUtil.blockAuditorRoleUser();
return xUserMgr.updateXGroupPermission(vXGroupPermission);
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java
index abd4b1c1c..cc0d75872 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestAssetREST.java
@@ -36,6 +36,7 @@ import org.apache.commons.lang.StringUtils;
import org.apache.ranger.admin.client.datatype.RESTResponse;
import org.apache.ranger.biz.AssetMgr;
import org.apache.ranger.biz.RangerBizUtil;
+import org.apache.ranger.common.RESTErrorUtil;
import org.apache.ranger.common.RangerSearchUtil;
import org.apache.ranger.common.SearchCriteria;
import org.apache.ranger.common.ServiceUtil;
@@ -84,7 +85,9 @@ import org.apache.ranger.view.VXTrxLog;
import org.apache.ranger.view.VXTrxLogList;
import org.junit.Assert;
import org.junit.FixMethodOrder;
+import org.junit.Rule;
import org.junit.Test;
+import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
import org.junit.runners.MethodSorters;
import org.mockito.InjectMocks;
@@ -105,8 +108,8 @@ public class TestAssetREST {
@Mock
RangerSearchUtil searchUtil;
- @Mock
- RangerBizUtil xaBizUtil;
+ @Mock
+ RangerBizUtil xaBizUtil;
@Mock
XAssetService xAssetService;
@@ -143,6 +146,11 @@ public class TestAssetREST {
@InjectMocks
AssetREST assetREST = new AssetREST();
+ @Rule public ExpectedException thrown = ExpectedException.none();
+ @Mock RESTErrorUtil restErrorUtil;
+ @Mock WebApplicationException webApplicationException;
+
+
public void TestAssetRest() {
}
@@ -202,6 +210,7 @@ public class TestAssetREST {
private VXResource vxResource(Long id) {
VXResource vXResource = new VXResource();
vXResource.setName("HDFS_1-1-20150316062453");
+ vXResource.setId(id);
vXResource.setAssetId(id);
return vXResource;
}
@@ -453,14 +462,49 @@ public class TestAssetREST {
RangerPolicy rangerPolicy = rangerPolicy(Id);
RangerService rangerService = rangerService(Id);
Mockito.when(serviceREST.getService(vxResource.getAssetId())).thenReturn(rangerService);
-
Mockito.when(serviceREST.updatePolicy(rangerPolicy)).thenReturn(rangerPolicy);
+ Mockito.when(serviceREST.updatePolicy(rangerPolicy,
Id)).thenReturn(rangerPolicy);
+ Mockito.when(serviceUtil.toRangerPolicy(vxResource,
rangerService)).thenReturn(rangerPolicy);
+ Mockito.when(serviceUtil.toVXResource(rangerPolicy,
rangerService)).thenReturn(vxResource);
+ VXResource actualvxResource =
assetREST.updateXResource(vxResource, Id);
+ Assert.assertNotNull(actualvxResource);
+ Assert.assertEquals(vxResource, actualvxResource);
+ Mockito.verify(serviceREST).getService(vxResource.getAssetId());
+ Mockito.verify(serviceREST).updatePolicy(rangerPolicy, Id);
+ Mockito.verify(serviceUtil).toRangerPolicy(vxResource,
rangerService);
+ Mockito.verify(serviceUtil).toVXResource(rangerPolicy,
rangerService);
+ }
+
+ @Test
+ public void testUpdateXResourceForInvalidResourceId() {
+ VXResource vxResource = vxResource(Id);
+ RangerPolicy rangerPolicy = rangerPolicy(Id);
+ RangerService rangerService = rangerService(Id);
+
Mockito.when(restErrorUtil.createRESTException(Mockito.anyInt(),
Mockito.anyString(), Mockito.anyBoolean())).thenThrow(new
WebApplicationException());
+ thrown.expect(WebApplicationException.class);
+ VXResource actualvxResource =
assetREST.updateXResource(vxResource, -11L);
+ Assert.assertNotNull(actualvxResource);
+ Assert.assertEquals(vxResource, actualvxResource);
+ Mockito.verify(serviceREST).getService(vxResource.getAssetId());
+ Mockito.verify(serviceREST).updatePolicy(rangerPolicy, Id);
+ Mockito.verify(serviceUtil).toRangerPolicy(vxResource,
rangerService);
+ Mockito.verify(serviceUtil).toVXResource(rangerPolicy,
rangerService);
+ }
+
+ @Test
+ public void testUpdateXResourceWhenResourceIdIsNull() {
+ VXResource vxResource = vxResource(Id);
+ vxResource.setId(null);
+ RangerPolicy rangerPolicy = rangerPolicy(Id);
+ RangerService rangerService = rangerService(Id);
+
Mockito.when(serviceREST.getService(vxResource.getAssetId())).thenReturn(rangerService);
+ Mockito.when(serviceREST.updatePolicy(rangerPolicy,
Id)).thenReturn(rangerPolicy);
Mockito.when(serviceUtil.toRangerPolicy(vxResource,
rangerService)).thenReturn(rangerPolicy);
Mockito.when(serviceUtil.toVXResource(rangerPolicy,
rangerService)).thenReturn(vxResource);
- VXResource actualvxResource =
assetREST.updateXResource(vxResource);
+ VXResource actualvxResource =
assetREST.updateXResource(vxResource, Id);
Assert.assertNotNull(actualvxResource);
Assert.assertEquals(vxResource, actualvxResource);
Mockito.verify(serviceREST).getService(vxResource.getAssetId());
- Mockito.verify(serviceREST).updatePolicy(rangerPolicy);
+ Mockito.verify(serviceREST).updatePolicy(rangerPolicy, Id);
Mockito.verify(serviceUtil).toRangerPolicy(vxResource,
rangerService);
Mockito.verify(serviceUtil).toVXResource(rangerPolicy,
rangerService);
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIs.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIs.java
index 2bf5ee6c9..eb0cb6452 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIs.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIs.java
@@ -425,7 +425,7 @@ public class TestPublicAPIs {
Mockito.when(xXPolicyDao.getById(Id)).thenReturn(xXPolicy);
Mockito.when(serviceREST.getServiceByName(vXPolicy.getRepositoryName())).thenReturn(service);
Mockito.when(serviceUtil.toRangerPolicy(vXPolicy,service)).thenReturn(policy);
-
Mockito.when(serviceREST.updatePolicy(policy)).thenReturn(policy);
+ Mockito.when(serviceREST.updatePolicy(policy,
Id)).thenReturn(policy);
Mockito.when(serviceUtil.toVXPolicy(policy,
service)).thenReturn(vXPolicy);
VXPolicy dbVXPolicy = publicAPIs.updatePolicy(vXPolicy, Id);
@@ -435,7 +435,7 @@ public class TestPublicAPIs {
vXPolicy.getId());
Assert.assertEquals(dbVXPolicy.getRepositoryName(),
vXPolicy.getRepositoryName());
- Mockito.verify(serviceREST).updatePolicy(policy);
+ Mockito.verify(serviceREST).updatePolicy(policy, Id);
Mockito.verify(serviceREST).getServiceByName(vXPolicy.getRepositoryName());
Mockito.verify(serviceUtil).toVXPolicy(policy, service);
Mockito.verify(serviceUtil).toRangerPolicy(vXPolicy,service);
@@ -508,6 +508,5 @@ public class TestPublicAPIs {
Mockito.verify(serviceUtil).rangerPolicyListToPublic(policyList,filter);
}
-
-
+
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
index 1069f013d..2a123de93 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestPublicAPIsv2.java
@@ -302,7 +302,7 @@ public class TestPublicAPIsv2 {
@Test
public void test5updateServiceDef() throws Exception {
RangerServiceDef rangerServiceDef = rangerServiceDef();
-
Mockito.when(serviceREST.updateServiceDef(rangerServiceDef)).thenReturn(rangerServiceDef);
+ Mockito.when(serviceREST.updateServiceDef(rangerServiceDef,
rangerServiceDef.getId())).thenReturn(rangerServiceDef);
RangerServiceDef dbRangerServiceDef =
publicAPIsv2.updateServiceDef(rangerServiceDef, Id);
Assert.assertNotNull(dbRangerServiceDef);
Assert.assertEquals(dbRangerServiceDef, rangerServiceDef);
@@ -310,7 +310,7 @@ public class TestPublicAPIsv2 {
rangerServiceDef.getId());
Assert.assertEquals(dbRangerServiceDef.getName(),
rangerServiceDef.getName());
- Mockito.verify(serviceREST).updateServiceDef(rangerServiceDef);
+ Mockito.verify(serviceREST).updateServiceDef(rangerServiceDef,
rangerServiceDef.getId());
}
@Test
@@ -318,7 +318,7 @@ public class TestPublicAPIsv2 {
RangerServiceDef rangerServiceDef = rangerServiceDef();
String name = rangerServiceDef.getName();
Mockito.when(serviceREST.getServiceDefByName(name)).thenReturn(rangerServiceDef);
-
Mockito.when(serviceREST.updateServiceDef(rangerServiceDef)).thenReturn(rangerServiceDef);
+ Mockito.when(serviceREST.updateServiceDef(rangerServiceDef,
null)).thenReturn(rangerServiceDef);
RangerServiceDef dbRangerServiceDef =
publicAPIsv2.updateServiceDefByName(rangerServiceDef, name);
Assert.assertNotNull(dbRangerServiceDef);
Assert.assertEquals(dbRangerServiceDef, rangerServiceDef);
@@ -326,7 +326,7 @@ public class TestPublicAPIsv2 {
rangerServiceDef.getId());
Assert.assertEquals(dbRangerServiceDef.getName(),
rangerServiceDef.getName());
- Mockito.verify(serviceREST).updateServiceDef(rangerServiceDef);
+ Mockito.verify(serviceREST).updateServiceDef(rangerServiceDef,
null);
Mockito.verify(serviceREST).getServiceDefByName(name);
}
@@ -541,7 +541,7 @@ public class TestPublicAPIsv2 {
@Test
public void test22updatePolicy() throws Exception {
RangerPolicy rangerPolicy = rangerPolicy();
-
Mockito.when(serviceREST.updatePolicy(rangerPolicy)).thenReturn(rangerPolicy);
+ Mockito.when(serviceREST.updatePolicy(rangerPolicy,
Id)).thenReturn(rangerPolicy);
RangerPolicy dbRangerPolicy =
publicAPIsv2.updatePolicy(rangerPolicy, Id);
Assert.assertNotNull(dbRangerPolicy);
Assert.assertEquals(dbRangerPolicy, rangerPolicy);
@@ -549,7 +549,7 @@ public class TestPublicAPIsv2 {
rangerPolicy.getId());
Assert.assertEquals(dbRangerPolicy.getName(),
rangerPolicy.getName());
- Mockito.verify(serviceREST).updatePolicy(rangerPolicy);
+ Mockito.verify(serviceREST).updatePolicy(rangerPolicy, Id);
}
@Test
@@ -562,7 +562,7 @@ public class TestPublicAPIsv2 {
List<RangerPolicy> policies = new ArrayList<RangerPolicy>();
policies.add(rangerPolicy);
Mockito.when(serviceREST.getPolicies((SearchFilter)
Mockito.any())).thenReturn(policies);
-
Mockito.when(serviceREST.updatePolicy(rangerPolicy)).thenReturn(rangerPolicy);
+ Mockito.when(serviceREST.updatePolicy(rangerPolicy,
rangerPolicy.getId())).thenReturn(rangerPolicy);
RangerPolicy dbRangerPolicy =
publicAPIsv2.updatePolicyByName(rangerPolicy, serviceName, policyName, request);
Assert.assertNotNull(dbRangerPolicy);
Assert.assertEquals(dbRangerPolicy, rangerPolicy);
@@ -570,7 +570,7 @@ public class TestPublicAPIsv2 {
rangerPolicy.getId());
Assert.assertEquals(dbRangerPolicy.getName(),
rangerPolicy.getName());
- Mockito.verify(serviceREST).updatePolicy(rangerPolicy);
+ Mockito.verify(serviceREST).updatePolicy(rangerPolicy,
rangerPolicy.getId());
Mockito.verify(serviceREST).getPolicies((SearchFilter)
Mockito.any());
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
index 375135a5a..7b15810e0 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestServiceREST.java
@@ -499,7 +499,7 @@ public class TestServiceREST {
.any())).thenReturn(rangerServiceDef);
RangerServiceDef dbRangerServiceDef = serviceREST
- .updateServiceDef(rangerServiceDef);
+ .updateServiceDef(rangerServiceDef,
rangerServiceDef.getId());
Assert.assertNotNull(dbRangerServiceDef);
Assert.assertEquals(dbRangerServiceDef, rangerServiceDef);
Assert.assertEquals(dbRangerServiceDef.getId(),
@@ -851,7 +851,7 @@ public class TestServiceREST {
servicePolicies.setServiceDef(rangerServiceDef);
servicePolicies.setPolicies(policies);
- List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerServiceDef.RangerAccessTypeDef>();
+ List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerAccessTypeDef>();
RangerAccessTypeDef rangerAccessTypeDefObj = new
RangerAccessTypeDef();
rangerAccessTypeDefObj.setLabel("Read");
rangerAccessTypeDefObj.setName("read");
@@ -893,7 +893,7 @@ public class TestServiceREST {
userGroupsList.add("group1");
userGroupsList.add("group2");
- List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerServiceDef.RangerAccessTypeDef>();
+ List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerAccessTypeDef>();
RangerAccessTypeDef rangerAccessTypeDefObj = new
RangerAccessTypeDef();
rangerAccessTypeDefObj.setLabel("Read");
rangerAccessTypeDefObj.setName("read");
@@ -912,7 +912,7 @@ public class TestServiceREST {
Mockito.when(xServiceDao.findByName(Mockito.anyString())).thenReturn(xService);
Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
Mockito.when(xServiceDefDao.getById(xService.getType())).thenReturn(xServiceDef);
- RangerPolicy dbRangerPolicy =
serviceREST.updatePolicy(rangerPolicy);
+ RangerPolicy dbRangerPolicy =
serviceREST.updatePolicy(rangerPolicy, Id);
Assert.assertNull(dbRangerPolicy);
Mockito.verify(validatorFactory).getPolicyValidator(svcStore);
}
@@ -929,7 +929,7 @@ public class TestServiceREST {
userGroupsList.add("group1");
userGroupsList.add("group2");
- List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerServiceDef.RangerAccessTypeDef>();
+ List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerAccessTypeDef>();
RangerAccessTypeDef rangerAccessTypeDefObj = new
RangerAccessTypeDef();
rangerAccessTypeDefObj.setLabel("Read");
rangerAccessTypeDefObj.setName("read");
@@ -963,7 +963,7 @@ public class TestServiceREST {
userGroupsList.add("group1");
userGroupsList.add("group2");
- List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerServiceDef.RangerAccessTypeDef>();
+ List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerAccessTypeDef>();
RangerAccessTypeDef rangerAccessTypeDefObj = new
RangerAccessTypeDef();
rangerAccessTypeDefObj.setLabel("Read");
rangerAccessTypeDefObj.setName("read");
@@ -1162,7 +1162,7 @@ public class TestServiceREST {
Mockito.when(request.getParameter("policyId")).thenReturn("1");
Mockito.when(request.getParameter("versionNo")).thenReturn("1");
RangerPolicy policy=new RangerPolicy();
- Map<String, RangerPolicyResource> resources=new HashMap<String,
RangerPolicy.RangerPolicyResource>();
+ Map<String, RangerPolicyResource> resources=new HashMap<String,
RangerPolicyResource>();
policy.setService("services");
policy.setResources(resources);
Mockito.when(svcStore.getPolicyFromEventTime(strdt,
1l)).thenReturn(policy);
@@ -2039,7 +2039,7 @@ public class TestServiceREST {
Mockito.when(request.getParameter("policyId")).thenReturn("1");
Mockito.when(request.getParameter("versionNo")).thenReturn("1");
RangerPolicy policy = new RangerPolicy();
- Map<String, RangerPolicyResource> resources = new
HashMap<String, RangerPolicy.RangerPolicyResource>();
+ Map<String, RangerPolicyResource> resources = new
HashMap<String, RangerPolicyResource>();
policy.setService("services");
policy.setResources(resources);
Mockito.when(svcStore.getPolicyFromEventTime(strdt,
1l)).thenReturn(null);
@@ -2378,4 +2378,143 @@ public class TestServiceREST {
assert response.getIsDeleted();
}
}
+
+ @Test
+ public void test72updatePolicyWithPolicyIdIsNull() throws Exception {
+ RangerPolicy rangerPolicy = rangerPolicy();
+ Long policyId = rangerPolicy.getId();
+ rangerPolicy.setId(null);
+ String userName = "admin";
+
+ Set<String> userGroupsList = new HashSet<String>();
+ userGroupsList.add("group1");
+ userGroupsList.add("group2");
+
+ List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerAccessTypeDef>();
+ RangerAccessTypeDef rangerAccessTypeDefObj = new
RangerAccessTypeDef();
+ rangerAccessTypeDefObj.setLabel("Read");
+ rangerAccessTypeDefObj.setName("read");
+ rangerAccessTypeDefObj.setRbKeyLabel(null);
+ rangerAccessTypeDefList.add(rangerAccessTypeDefObj);
+ XXServiceDef xServiceDef = serviceDef();
+ XXService xService = xService();
+ XXServiceDefDao xServiceDefDao =
Mockito.mock(XXServiceDefDao.class);
+ XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
+
+
Mockito.when(validatorFactory.getPolicyValidator(svcStore)).thenReturn(
+ policyValidator);
+ Mockito.when(bizUtil.isAdmin()).thenReturn(true);
+
Mockito.when(bizUtil.getCurrentUserLoginId()).thenReturn(userName);
+ Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
+
Mockito.when(xServiceDao.findByName(Mockito.anyString())).thenReturn(xService);
+
Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
+
Mockito.when(xServiceDefDao.getById(xService.getType())).thenReturn(xServiceDef);
+ RangerPolicy dbRangerPolicy =
serviceREST.updatePolicy(rangerPolicy, policyId);
+ Assert.assertNull(dbRangerPolicy);
+ Mockito.verify(validatorFactory).getPolicyValidator(svcStore);
+ }
+
+ @Test
+ public void test72updatePolicyWithInvalidPolicyId() throws Exception {
+ RangerPolicy rangerPolicy = rangerPolicy();
+ String userName = "admin";
+
+ Set<String> userGroupsList = new HashSet<String>();
+ userGroupsList.add("group1");
+ userGroupsList.add("group2");
+
+ List<RangerAccessTypeDef> rangerAccessTypeDefList = new
ArrayList<RangerAccessTypeDef>();
+ RangerAccessTypeDef rangerAccessTypeDefObj = new
RangerAccessTypeDef();
+ rangerAccessTypeDefObj.setLabel("Read");
+ rangerAccessTypeDefObj.setName("read");
+ rangerAccessTypeDefObj.setRbKeyLabel(null);
+ rangerAccessTypeDefList.add(rangerAccessTypeDefObj);
+ XXServiceDefDao xServiceDefDao =
Mockito.mock(XXServiceDefDao.class);
+ XXServiceDao xServiceDao = Mockito.mock(XXServiceDao.class);
+
+ Mockito.when(daoManager.getXXService()).thenReturn(xServiceDao);
+
Mockito.when(daoManager.getXXServiceDef()).thenReturn(xServiceDefDao);
+
Mockito.when(restErrorUtil.createRESTException(Mockito.anyInt(),
Mockito.anyString(), Mockito.anyBoolean())).thenThrow(new
WebApplicationException());
+ thrown.expect(WebApplicationException.class);
+ RangerPolicy dbRangerPolicy =
serviceREST.updatePolicy(rangerPolicy, -11L);
+ Assert.assertNull(dbRangerPolicy);
+ Mockito.verify(validatorFactory).getPolicyValidator(svcStore);
+ }
+
+ @Test
+ public void test73updateServiceDefWhenIdIsNull() throws Exception {
+ RangerServiceDef rangerServiceDef = rangerServiceDef();
+ Long id = rangerServiceDef.getId();
+ rangerServiceDef.setId(null);
+
+ Mockito.when(validatorFactory.getServiceDefValidator(svcStore))
+ .thenReturn(serviceDefValidator);
+
+ Mockito.when(
+ svcStore.updateServiceDef((RangerServiceDef) Mockito
+ .any())).thenReturn(rangerServiceDef);
+
+ RangerServiceDef dbRangerServiceDef = serviceREST
+ .updateServiceDef(rangerServiceDef,
rangerServiceDef.getId());
+ Assert.assertNotNull(dbRangerServiceDef);
+ Assert.assertEquals(dbRangerServiceDef, rangerServiceDef);
+ Assert.assertEquals(dbRangerServiceDef.getId(),
+ rangerServiceDef.getId());
+ Assert.assertEquals(dbRangerServiceDef.getName(),
+ rangerServiceDef.getName());
+ Assert.assertEquals(dbRangerServiceDef.getImplClass(),
+ rangerServiceDef.getImplClass());
+ Assert.assertEquals(dbRangerServiceDef.getLabel(),
+ rangerServiceDef.getLabel());
+ Assert.assertEquals(dbRangerServiceDef.getDescription(),
+ rangerServiceDef.getDescription());
+ Assert.assertEquals(dbRangerServiceDef.getRbKeyDescription(),
+ rangerServiceDef.getRbKeyDescription());
+ Assert.assertEquals(dbRangerServiceDef.getUpdatedBy(),
+ rangerServiceDef.getUpdatedBy());
+ Assert.assertEquals(dbRangerServiceDef.getUpdateTime(),
+ rangerServiceDef.getUpdateTime());
+ Assert.assertEquals(dbRangerServiceDef.getVersion(),
+ rangerServiceDef.getVersion());
+ Assert.assertEquals(dbRangerServiceDef.getConfigs(),
+ rangerServiceDef.getConfigs());
+
+
Mockito.verify(validatorFactory).getServiceDefValidator(svcStore);
+ Mockito.verify(svcStore).updateServiceDef(rangerServiceDef);
+ }
+ @Test
+ public void test74updateServiceDefWithInvalidDefId() throws Exception {
+ RangerServiceDef rangerServiceDef = rangerServiceDef();
+
+
Mockito.when(restErrorUtil.createRESTException(Mockito.anyInt(),
Mockito.anyString(), Mockito.anyBoolean())).thenThrow(new
WebApplicationException());
+ thrown.expect(WebApplicationException.class);
+
+ RangerServiceDef dbRangerServiceDef = serviceREST
+ .updateServiceDef(rangerServiceDef, -1L);
+ Assert.assertNotNull(dbRangerServiceDef);
+ Assert.assertEquals(dbRangerServiceDef, rangerServiceDef);
+ Assert.assertEquals(dbRangerServiceDef.getId(),
+ rangerServiceDef.getId());
+ Assert.assertEquals(dbRangerServiceDef.getName(),
+ rangerServiceDef.getName());
+ Assert.assertEquals(dbRangerServiceDef.getImplClass(),
+ rangerServiceDef.getImplClass());
+ Assert.assertEquals(dbRangerServiceDef.getLabel(),
+ rangerServiceDef.getLabel());
+ Assert.assertEquals(dbRangerServiceDef.getDescription(),
+ rangerServiceDef.getDescription());
+ Assert.assertEquals(dbRangerServiceDef.getRbKeyDescription(),
+ rangerServiceDef.getRbKeyDescription());
+ Assert.assertEquals(dbRangerServiceDef.getUpdatedBy(),
+ rangerServiceDef.getUpdatedBy());
+ Assert.assertEquals(dbRangerServiceDef.getUpdateTime(),
+ rangerServiceDef.getUpdateTime());
+ Assert.assertEquals(dbRangerServiceDef.getVersion(),
+ rangerServiceDef.getVersion());
+ Assert.assertEquals(dbRangerServiceDef.getConfigs(),
+ rangerServiceDef.getConfigs());
+
+
Mockito.verify(validatorFactory).getServiceDefValidator(svcStore);
+ Mockito.verify(svcStore).updateServiceDef(rangerServiceDef);
+ }
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestUserREST.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestUserREST.java
index 48cd7face..cb2ccc47c 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestUserREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestUserREST.java
@@ -112,6 +112,9 @@ public class TestUserREST {
String loginId = "xyzId";
String emailId = "a...@example.com";
+ String oldPassword = "ranger123$";
+ String newPassword = "rangerAdmin1234$";
+
@Test
public void test1SearchUsers() {
SearchCriteria searchCriteria = new SearchCriteria();
@@ -383,13 +386,14 @@ public class TestUserREST {
public void test16ChangePassword() {
XXPortalUser xxPUser = new XXPortalUser();
VXResponse vxResponseExp = new VXResponse();
+ VXPasswordChange vxPasswordChange = createPasswordChange();
vxResponseExp.setStatusCode(10);
XXPortalUserDao xxPortalUserDao =
Mockito.mock(XXPortalUserDao.class);
Mockito.when(daoManager.getXXPortalUser()).thenReturn(xxPortalUserDao);
-
Mockito.when(restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
null, null, changePassword.getLoginId())).thenThrow(new
WebApplicationException());
+
Mockito.when(restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
null, null, vxPasswordChange.getLoginId())).thenThrow(new
WebApplicationException());
thrown.expect(WebApplicationException.class);
- VXResponse vxResponseAct = userREST.changePassword(userId,
changePassword);
+ VXResponse vxResponseAct = userREST.changePassword(userId,
vxPasswordChange);
Assert.assertNotNull(vxResponseAct);
Assert.assertEquals(vxResponseExp, vxResponseAct);
@@ -398,15 +402,12 @@ public class TestUserREST {
Mockito.verify(daoManager).getXXPortalUser();
Mockito.verify(xxPortalUserDao).getById(userId);
Mockito.verify(userManager).checkAccessForUpdate(xxPUser);
- Mockito.verify(changePassword).setId(userId);
- Mockito.verify(userManager).changePassword(changePassword);
+ Mockito.verify(userManager).changePassword(vxPasswordChange);
}
@Test
public void test17ChangePassword() {
XXPortalUserDao xxPortalUserDao =
Mockito.mock(XXPortalUserDao.class);
-
-
Mockito.when(daoManager.getXXPortalUser()).thenReturn(xxPortalUserDao);
Mockito.when(restErrorUtil.createRESTException(Mockito.anyString(),
(MessageEnums) Mockito.any(),
Mockito.nullable(Long.class),
Mockito.nullable(String.class), Mockito.nullable(String.class))).thenReturn(new
WebApplicationException());
thrown.expect(WebApplicationException.class);
@@ -423,13 +424,14 @@ public class TestUserREST {
public void test18ChangeEmailAddress() {
XXPortalUser xxPUser = new XXPortalUser();
VXPortalUser vxPUserExp = CreateVXPortalUser();
+ VXPasswordChange changeEmail = createPasswordChange();
XXPortalUserDao xxPortalUserDao =
Mockito.mock(XXPortalUserDao.class);
Mockito.when(daoManager.getXXPortalUser()).thenReturn(xxPortalUserDao);
-
Mockito.when(restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
null, null, changePassword.getLoginId())).thenThrow(new
WebApplicationException());
+
Mockito.when(restErrorUtil.createRESTException("serverMsg.userRestUser",MessageEnums.DATA_NOT_FOUND,
null, null, changeEmail.getLoginId())).thenThrow(new
WebApplicationException());
thrown.expect(WebApplicationException.class);
- VXPortalUser vxPortalUserAct =
userREST.changeEmailAddress(userId, changePassword);
+ VXPortalUser vxPortalUserAct =
userREST.changeEmailAddress(userId, changeEmail);
Assert.assertNotNull(vxPortalUserAct);
Assert.assertEquals(vxPUserExp, vxPortalUserAct);
@@ -439,15 +441,12 @@ public class TestUserREST {
Mockito.verify(daoManager).getXXPortalUser();
Mockito.verify(xxPortalUserDao).getById(userId);
Mockito.verify(userManager).checkAccessForUpdate(xxPUser);
- Mockito.verify(changePassword).setId(userId);
- Mockito.verify(userManager).changeEmailAddress(xxPUser,
changePassword);
+ Mockito.verify(userManager).changeEmailAddress(xxPUser,
changeEmail);
}
@Test
public void test19ChangeEmailAddress() {
XXPortalUserDao xxPortalUserDao =
Mockito.mock(XXPortalUserDao.class);
-
-
Mockito.when(daoManager.getXXPortalUser()).thenReturn(xxPortalUserDao);
Mockito.when(restErrorUtil.createRESTException(Mockito.anyString(),
(MessageEnums) Mockito.any(),
Mockito.nullable(Long.class),
Mockito.nullable(String.class), Mockito.nullable(String.class))).thenReturn(new
WebApplicationException());
thrown.expect(WebApplicationException.class);
@@ -470,4 +469,14 @@ public class TestUserREST {
vxPUserExp.setLoginId(loginId);
return vxPUserExp;
}
+
+ private VXPasswordChange createPasswordChange() {
+ VXPasswordChange vxPasswordChange = new VXPasswordChange();
+ vxPasswordChange.setId(userId);
+ vxPasswordChange.setOldPassword(oldPassword);
+ vxPasswordChange.setUpdPassword(newPassword);
+ vxPasswordChange.setEmailAddress(emailId);
+ vxPasswordChange.setLoginId(loginId);
+ return vxPasswordChange;
+ }
}
diff --git
a/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
b/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
index 2b25ba813..74744e6cf 100644
--- a/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
+++ b/security-admin/src/test/java/org/apache/ranger/rest/TestXUserREST.java
@@ -1596,18 +1596,17 @@ public class TestXUserREST {
}
@Test
public void test90updateXGroupPermission() {
-
+
VXGroupPermission testVXGroupPermission =
createVXGroupPermission();
Mockito.doNothing().when(xUserMgr).checkAdminAccess();
Mockito.when(xUserMgr.updateXGroupPermission(testVXGroupPermission)).thenReturn(testVXGroupPermission);
- VXGroupPermission
retVXGroupPermission=xUserRest.updateXGroupPermission(testVXGroupPermission);
+ VXGroupPermission
retVXGroupPermission=xUserRest.updateXGroupPermission(testVXGroupPermission.getId(),
testVXGroupPermission);
Mockito.verify(xUserMgr).updateXGroupPermission(testVXGroupPermission);
Mockito.verify(xUserMgr).checkAdminAccess();
assertNotNull(retVXGroupPermission);
assertEquals(retVXGroupPermission.getId(),
testVXGroupPermission.getId());
assertEquals(retVXGroupPermission.getClass(),
testVXGroupPermission.getClass());
-
-
+
}
@Test
public void test91deleteXGroupPermission() {
@@ -2022,7 +2021,7 @@ public class TestXUserREST {
xUserRest.searchXUsers(request);
}
-
+
@SuppressWarnings({ "unchecked", "static-access" })
@Test
public void test114RoleUserWillGetOnlyHisOwnUserDetails() {
@@ -2076,6 +2075,38 @@ public class TestXUserREST {
assertEquals(gotVXUserList.getList().get(0).getId(),
expectedUser.getId());
assertEquals(gotVXUserList.getList().get(0).getName(),
expectedUser.getName());
}
+
+ @Test
+ public void test115updateXGroupPermissionWithInvalidPermissionId() {
+
+ VXGroupPermission testVXGroupPermission =
createVXGroupPermission();
+
Mockito.when(restErrorUtil.createRESTException(Mockito.anyInt(),
Mockito.anyString(), Mockito.anyBoolean())).thenThrow(new
WebApplicationException());
+ thrown.expect(WebApplicationException.class);
+ VXGroupPermission
retVXGroupPermission=xUserRest.updateXGroupPermission(-1L,
testVXGroupPermission);
+
Mockito.verify(xUserMgr).updateXGroupPermission(testVXGroupPermission);
+ Mockito.verify(xUserMgr).checkAdminAccess();
+ assertNotNull(retVXGroupPermission);
+ assertEquals(retVXGroupPermission.getId(),
testVXGroupPermission.getId());
+ assertEquals(retVXGroupPermission.getClass(),
testVXGroupPermission.getClass());
+
+ }
+
+ @Test
+ public void test116updateXGroupPermissionWithPermissionIdIsNull() {
+
+ VXGroupPermission testVXGroupPermission =
createVXGroupPermission();
+ Long testVXGroupPermissionId = testVXGroupPermission.getId();
+ testVXGroupPermission.setId(null);
+ Mockito.doNothing().when(xUserMgr).checkAdminAccess();
+
Mockito.when(xUserMgr.updateXGroupPermission(testVXGroupPermission)).thenReturn(testVXGroupPermission);
+ VXGroupPermission
retVXGroupPermission=xUserRest.updateXGroupPermission(testVXGroupPermissionId,
testVXGroupPermission);
+
Mockito.verify(xUserMgr).updateXGroupPermission(testVXGroupPermission);
+ Mockito.verify(xUserMgr).checkAdminAccess();
+ assertNotNull(retVXGroupPermission);
+ assertEquals(retVXGroupPermission.getId(),
testVXGroupPermission.getId());
+ assertEquals(retVXGroupPermission.getClass(),
testVXGroupPermission.getClass());
+
+ }
@After
public void destroySession() {
