1.1 --- a/webidor/src/test/java/cz/xelfi/quoridor/webidor/UsersTest.java Sat Nov 07 15:23:14 2009 +0100
1.2 +++ b/webidor/src/test/java/cz/xelfi/quoridor/webidor/UsersTest.java Sat Nov 07 18:31:47 2009 +0100
1.3 @@ -27,6 +27,7 @@
1.4 package cz.xelfi.quoridor.webidor;
1.5
1.6 import com.sun.jersey.api.client.GenericType;
1.7 +import com.sun.jersey.api.client.UniformInterfaceException;
1.8 import com.sun.jersey.test.framework.JerseyTest;
1.9 import java.io.File;
1.10 import java.io.FileOutputStream;
1.11 @@ -111,6 +112,7 @@
1.12 assertEquals("Jirka", uJirka.getId());
1.13 assertNull("Cannot get email without login", uJirka.getProperty("email"));
1.14
1.15 +
1.16 uJirka = webResource.path("users/Jirka").queryParam("loginID", logJirka).accept(MediaType.TEXT_XML).get(User.class);
1.17 assertEquals("Jirka", uJirka.getId());
1.18 assertEquals("Email for ownself is OK", "jir@ka.cz", uJirka.getProperty("email"));
1.19 @@ -123,5 +125,28 @@
1.20 if (!txt.contains("<user id=\"Jirka\"><property name=\"email\">jir@ka.cz</property></user>")) {
1.21 fail(txt);
1.22 }
1.23 +
1.24 + try {
1.25 + webResource.path("users/Jarda").queryParam("loginID", logJirka).
1.26 + queryParam("name", "email").queryParam("value", "ka@jir.cz").accept(MediaType.TEXT_XML).post();
1.27 + fail("You cannot change email without priviledges");
1.28 + } catch (UniformInterfaceException e) {
1.29 + // OK, not allowed
1.30 + }
1.31 +
1.32 + webResource.path("users/Jirka").queryParam("loginID", logJirka).
1.33 + queryParam("name", "email").queryParam("value", "ka@jir.cz").accept(MediaType.TEXT_XML).post();
1.34 +
1.35 + uJirka = webResource.path("users/Jirka").queryParam("loginID", logJirka).accept(MediaType.TEXT_XML).get(User.class);
1.36 + assertEquals("Jirka", uJirka.getId());
1.37 + assertEquals("Email for ownself is OK", "ka@jir.cz", uJirka.getProperty("email"));
1.38 +
1.39 + try {
1.40 + webResource.path("users/Jirka").queryParam("loginID", logJirka).
1.41 + queryParam("name", "permission.email").queryParam("value", "true").accept(MediaType.TEXT_XML).post();
1.42 + fail("Shall not be allowed to change own permissions");
1.43 + } catch (UniformInterfaceException ex) {
1.44 + // OK, not allowed
1.45 + }
1.46 }
1.47 }