From 515ff52ee137de99e91c74d8a49421cd91d3fa9b Mon Sep 17 00:00:00 2001
From: zhou-hao <i@hsweb.me>
Date: Tue, 28 Nov 2017 16:11:57 +0800
Subject: [PATCH] add test case

---
 .../builder/SimpleAuthenticationBuilder.java  | 15 ++-
 .../authorization/AuthenticationTests.java    | 82 +++++++++++++++++
 .../authorization/UserTokenManagerTests.java  | 92 +++++++++++++++++++
 .../authorization/UserTokenManagerTests.java  | 45 ---------
 4 files changed, 185 insertions(+), 49 deletions(-)
 create mode 100644 hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/AuthenticationTests.java
 create mode 100644 hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java
 delete mode 100644 hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java

diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleAuthenticationBuilder.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleAuthenticationBuilder.java
index 8ad9ce745..f2dc0aa49 100644
--- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleAuthenticationBuilder.java
+++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/simple/builder/SimpleAuthenticationBuilder.java
@@ -86,10 +86,17 @@ public class SimpleAuthenticationBuilder implements AuthenticationBuilder {
             JSONObject jsonObject = jsonArray.getJSONObject(0);
             SimplePermission permission = new SimplePermission();
             permission.setId(jsonObject.getString("id"));
-            permission.setActions(new HashSet<>(jsonObject.getJSONArray("actions").toJavaList(String.class)));
-            permission.setDataAccesses(jsonObject.getJSONArray("dataAccesses").stream().map(JSONObject.class::cast)
-                    .map(dataJson -> dataBuilderFactory.create().fromJson(dataJson.toJSONString()).build())
-                    .collect(Collectors.toSet()));
+
+            JSONArray actions = jsonObject.getJSONArray("actions");
+            if (actions != null) {
+                permission.setActions(new HashSet<>(actions.toJavaList(String.class)));
+            }
+            JSONArray dataAccess = jsonObject.getJSONArray("dataAccesses");
+            if (null != dataAccess) {
+                permission.setDataAccesses(dataAccess.stream().map(JSONObject.class::cast)
+                        .map(dataJson -> dataBuilderFactory.create().fromJson(dataJson.toJSONString()).build())
+                        .collect(Collectors.toSet()));
+            }
             permissions.add(permission);
         }
         authentication.setPermissions(permissions);
diff --git a/hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/AuthenticationTests.java b/hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/AuthenticationTests.java
new file mode 100644
index 000000000..fea5b44b3
--- /dev/null
+++ b/hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/AuthenticationTests.java
@@ -0,0 +1,82 @@
+package org.hswebframework.web.authorization;
+
+import org.hswebframework.web.authorization.builder.AuthenticationBuilder;
+import org.hswebframework.web.authorization.exception.UnAuthorizedException;
+import org.hswebframework.web.authorization.simple.builder.SimpleAuthenticationBuilder;
+import org.hswebframework.web.authorization.simple.builder.SimpleDataAccessConfigBuilderFactory;
+import org.hswebframework.web.authorization.token.*;
+import org.junit.Assert;
+import org.junit.Test;
+
+import static org.junit.Assert.*;
+
+public class AuthenticationTests {
+
+    private AuthenticationBuilder builder = new SimpleAuthenticationBuilder(new SimpleDataAccessConfigBuilderFactory());
+
+    /**
+     * 测试初始化基本的权限信息
+     */
+    @Test
+    public void testInitUserRoleAndPermission() {
+        Authentication authentication = builder.user("{\"id\":\"admin\",\"username\":\"admin\",\"name\":\"Administrator\",\"type\":\"default\"}")
+                .role("[{\"id\":\"admin-role\",\"name\":\"admin\"}]")
+                .permission("[{\"id\":\"user-manager\",\"actions\":[\"GET\",\"UPDATE\"]}]")
+                .build();
+
+        //test user
+        assertEquals(authentication.getUser().getId(), "admin");
+        assertEquals(authentication.getUser().getUsername(), "admin");
+        assertEquals(authentication.getUser().getName(), "Administrator");
+        assertEquals(authentication.getUser().getType(), "default");
+
+        //test role
+        assertNotNull(authentication.getRole("admin-role").orElse(null));
+        assertEquals(authentication.getRole("admin-role").orElse(null).getName(), "admin");
+        assertTrue(authentication.hasRole("admin-role"));
+
+
+        //test permission
+        assertEquals(authentication.getPermissions().size(), 1);
+        assertTrue(authentication.hasPermission("user-manager"));
+        assertTrue(authentication.hasPermission("user-manager", "GET"));
+        assertTrue(!authentication.hasPermission("user-manager", "DELETE"));
+    }
+
+    /**
+     * 测试设置获取当前登录用户
+     */
+    @Test
+    public void testGetSetCurrentUser() {
+        Authentication authentication = builder.user("{\"id\":\"admin\",\"username\":\"admin\",\"name\":\"Administrator\",\"type\":\"default\"}")
+                .build();
+
+        //初始化权限管理器,用于获取用户的权限信息
+        AuthenticationManager authenticationManager = new AuthenticationManager() {
+            @Override
+            public Authentication getByUserId(String userId) {
+                if (userId.equals("admin")) {
+                    return authentication;
+                }
+                return null;
+            }
+
+            @Override
+            public Authentication sync(Authentication authentication) {
+                return authentication;
+            }
+        };
+        AuthenticationHolder.addSupplier(new UserTokenAuthenticationSupplier(authenticationManager));
+
+        //绑定用户token
+        UserTokenManager userTokenManager = new DefaultUserTokenManager();
+        UserToken token = userTokenManager.signIn("test", "token-test", "admin", -1);
+        UserTokenHolder.setCurrent(token);
+
+        //获取当前登录用户
+        Authentication current = Authentication.current().orElseThrow(UnAuthorizedException::new);
+        Assert.assertEquals(current.getUser().getId(), "admin");
+
+
+    }
+}
\ No newline at end of file
diff --git a/hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java b/hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java
new file mode 100644
index 000000000..18164db2f
--- /dev/null
+++ b/hsweb-authorization/hsweb-authorization-api/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java
@@ -0,0 +1,92 @@
+package org.hswebframework.web.authorization;
+
+import org.hswebframework.web.authorization.exception.AccessDenyException;
+import org.hswebframework.web.authorization.token.*;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class UserTokenManagerTests {
+
+
+    /**
+     * 基本功能测试
+     * @throws InterruptedException  Thread.sleep error
+     */
+    @Test
+    public void testDefaultSetting() throws InterruptedException {
+        DefaultUserTokenManager userTokenManager = new DefaultUserTokenManager();
+        userTokenManager.setAllopatricLoginMode(AllopatricLoginMode.allow); //允许异地登录
+
+        UserToken userToken = userTokenManager.signIn("test", "sessionId", "admin", 1000);
+        Assert.assertNotNull(userToken);
+
+        //可重复登录
+        userTokenManager.signIn("test2", "sessionId", "admin", 30000);
+        Assert.assertEquals(userTokenManager.totalToken(), 2); //2个token
+        Assert.assertEquals(userTokenManager.totalUser(), 1);//1个用户
+
+        //改变token状态
+        userTokenManager.changeUserState("admin", TokenState.deny);
+
+        userToken = userTokenManager.getByToken(userToken.getToken());
+
+        Assert.assertEquals(userToken.getState(), TokenState.deny);
+
+        userTokenManager.changeUserState("admin", TokenState.effective);
+
+        Thread.sleep(1200);
+
+        userToken = userTokenManager.getByToken(userToken.getToken());
+        Assert.assertTrue(userToken.isExpired());
+
+        userTokenManager.checkExpiredToken();
+
+        userToken = userTokenManager.getByToken(userToken.getToken());
+        Assert.assertTrue(userToken == null);
+        Assert.assertEquals(userTokenManager.totalToken(), 1);
+        Assert.assertEquals(userTokenManager.totalUser(), 1);
+
+    }
+
+
+    /**
+     * 测试异地登录模式之禁止登录
+     */
+    @Test
+    public void testDeny() throws InterruptedException {
+        DefaultUserTokenManager userTokenManager = new DefaultUserTokenManager();
+        userTokenManager.setAllopatricLoginMode(AllopatricLoginMode.deny);//如果在其他地方登录，本地禁止登录
+
+        userTokenManager.signIn("test", "sessionId", "admin", 10000);
+
+        try {
+            userTokenManager.signIn("test2", "sessionId", "admin", 30000);
+            Assert.assertTrue(false);
+        } catch (AccessDenyException e) {
+
+        }
+        Assert.assertTrue(userTokenManager.getByToken("test").isEffective());
+        Assert.assertTrue(userTokenManager.getByToken("test2")==null);
+
+    }
+
+    /**
+     * 测试异地登录模式之踢下线
+     */
+    @Test
+    public void testOffline()   {
+        DefaultUserTokenManager userTokenManager = new DefaultUserTokenManager();
+        userTokenManager.setAllopatricLoginMode(AllopatricLoginMode.offlineOther); //将其他地方登录的用户踢下线
+
+        userTokenManager.signIn("test", "sessionId", "admin", 1000);
+
+        userTokenManager.signIn("test2", "sessionId", "admin", 30000);
+
+        Assert.assertTrue(userTokenManager.getByToken("test2").isEffective());
+
+        Assert.assertTrue(userTokenManager.getByToken("test").isOffline());
+
+    }
+
+
+}
diff --git a/hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java b/hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java
deleted file mode 100644
index db551eaae..000000000
--- a/hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/UserTokenManagerTests.java
+++ /dev/null
@@ -1,45 +0,0 @@
-package org.hswebframework.web.authorization;
-
-import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
-import org.hswebframework.web.authorization.token.TokenState;
-import org.hswebframework.web.authorization.token.UserToken;
-import org.hswebframework.web.authorization.token.UserTokenManager;
-import org.junit.Assert;
-import org.junit.Test;
-
-public class UserTokenManagerTests {
-
-    protected UserTokenManager userTokenManager = new DefaultUserTokenManager();
-
-
-    public void setUserTokenManager(UserTokenManager userTokenManager) {
-        this.userTokenManager = userTokenManager;
-    }
-
-    @Test
-    public void simpleTest() throws InterruptedException {
-        UserToken userToken = userTokenManager.signIn("test", "sessionId", "admin", 1000);
-
-        Assert.assertNotNull(userToken);
-
-        userTokenManager.changeUserState("admin", TokenState.deny);
-
-        userToken = userTokenManager.getByToken(userToken.getToken());
-
-        Assert.assertEquals(userToken.getState(), TokenState.deny);
-
-        userTokenManager.changeUserState("admin", TokenState.effective);
-
-        Thread.sleep(1200);
-
-        userToken = userTokenManager.getByToken(userToken.getToken());
-        Assert.assertTrue(userToken.isExpired());
-
-        userTokenManager.checkExpiredToken();
-
-        userToken = userTokenManager.getByToken(userToken.getToken());
-        Assert.assertTrue(userToken == null);
-    }
-
-
-}