简柏林 / thingskit · Commits

Commit 1a285ff9a12d97d70e777f88b933a8330af595ee

Authored by YevhenBondarenko
1 parent 8d3a797f

added test update entity by different tenant to controllers tests

Inline Side-by-side
Showing 21 changed files with 476 additions and 442 deletions
... ... @@ -85,7 +85,7 @@ public class AlarmController extends BaseController {
85 85 try {
86 86 alarm.setTenantId(getCurrentUser().getTenantId());
87 87
88   - checkEntity(alarm.getId(), alarm);
  88 + checkEntity(alarm.getId(), alarm, Resource.ALARM);
89 89
90 90 Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
91 91 logEntityAction(savedAlarm.getId(), savedAlarm,
... ...
... ... @@ -76,7 +76,7 @@ public class AssetController extends BaseController {
76 76 try {
77 77 asset.setTenantId(getCurrentUser().getTenantId());
78 78
79   - checkEntity(asset.getId(), asset);
  79 + checkEntity(asset.getId(), asset, Resource.ASSET);
80 80
81 81 Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
82 82
... ...
... ... @@ -330,10 +330,10 @@ public abstract class BaseController {
330 330 }
331 331 }
332 332
333   - protected <I extends EntityId, T extends HasTenantId> void checkEntity(I entityId, T entity) throws ThingsboardException {
  333 + protected <I extends EntityId, T extends HasTenantId> void checkEntity(I entityId, T entity, Resource resource) throws ThingsboardException {
334 334 if (entityId == null) {
335 335 accessControlService
336   - .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, null, entity);
  336 + .checkPermission(getCurrentUser(), resource, Operation.CREATE, null, entity);
337 337 } else {
338 338 checkEntityId(entityId, Operation.WRITE);
339 339 }
... ...
... ... @@ -100,7 +100,7 @@ public class CustomerController extends BaseController {
100 100 try {
101 101 customer.setTenantId(getCurrentUser().getTenantId());
102 102
103   - checkEntity(customer.getId(), customer);
  103 + checkEntity(customer.getId(), customer, Resource.CUSTOMER);
104 104
105 105 Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
106 106
... ...
... ... @@ -92,7 +92,7 @@ public class DeviceController extends BaseController {
92 92 try {
93 93 device.setTenantId(getCurrentUser().getTenantId());
94 94
95   - checkEntity(device.getId(), device);
  95 + checkEntity(device.getId(), device, Resource.DEVICE);
96 96
97 97 Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
98 98
... ...
... ... @@ -92,7 +92,7 @@ public class EntityViewController extends BaseController {
92 92 try {
93 93 entityView.setTenantId(getCurrentUser().getTenantId());
94 94
95   - checkEntity(entityView.getId(), entityView);
  95 + checkEntity(entityView.getId(), entityView, Resource.ENTITY_VIEW);
96 96
97 97 EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
98 98 List<ListenableFuture<List<Void>>> futures = new ArrayList<>();
... ...
... ... @@ -126,7 +126,7 @@ public class RuleChainController extends BaseController {
126 126 boolean created = ruleChain.getId() == null;
127 127 ruleChain.setTenantId(getCurrentUser().getTenantId());
128 128
129   - checkEntity(ruleChain.getId(), ruleChain);
  129 + checkEntity(ruleChain.getId(), ruleChain, Resource.RULE_CHAIN);
130 130
131 131 RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
132 132
... ...
... ... @@ -72,7 +72,7 @@ public class TenantController extends BaseController {
72 72 try {
73 73 boolean newTenant = tenant.getId() == null;
74 74
75   - checkEntity(tenant.getId(), tenant);
  75 + checkEntity(tenant.getId(), tenant, Resource.TENANT);
76 76
77 77 tenant = checkNotNull(tenantService.saveTenant(tenant));
78 78 if (newTenant) {
... ...
... ... @@ -138,7 +138,7 @@ public class UserController extends BaseController {
138 138 user.setTenantId(getCurrentUser().getTenantId());
139 139 }
140 140
141   - checkEntity(user.getId(), user);
  141 + checkEntity(user.getId(), user, Resource.USER);
142 142
143 143 boolean sendEmail = user.getId() == null && sendActivationMail;
144 144 User savedUser = checkNotNull(userService.saveUser(user));
... ...
... ... @@ -66,7 +66,7 @@ public class WidgetTypeController extends BaseController {
66 66 widgetType.setTenantId(getCurrentUser().getTenantId());
67 67 }
68 68
69   - checkEntity(widgetType.getId(), widgetType);
  69 + checkEntity(widgetType.getId(), widgetType, Resource.WIDGET_TYPE);
70 70
71 71 return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
72 72 } catch (Exception e) {
... ...
... ... @@ -61,15 +61,13 @@ public class WidgetsBundleController extends BaseController {
61 61 @ResponseBody
62 62 public WidgetsBundle saveWidgetsBundle(@RequestBody WidgetsBundle widgetsBundle) throws ThingsboardException {
63 63 try {
64   - checkEntity(widgetsBundle.getId(), widgetsBundle);
65   -
66   - if (widgetsBundle.getId() == null) {
67   - accessControlService
68   - .checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, Operation.CREATE, widgetsBundle.getId(), widgetsBundle);
  64 + if (getCurrentUser().getAuthority() == Authority.SYS_ADMIN) {
  65 + widgetsBundle.setTenantId(TenantId.SYS_TENANT_ID);
69 66 } else {
70   - checkWidgetsBundleId(widgetsBundle.getId(), Operation.WRITE);
  67 + widgetsBundle.setTenantId(getCurrentUser().getTenantId());
71 68 }
72 69
  70 + checkEntity(widgetsBundle.getId(), widgetsBundle, Resource.WIDGETS_BUNDLE);
73 71 return checkNotNull(widgetsBundleService.saveWidgetsBundle(widgetsBundle));
74 72 } catch (Exception e) {
75 73 throw handleException(e);
... ...
... ... @@ -46,4 +46,13 @@ public enum Resource {
46 46 public Optional<EntityType> getEntityType() {
47 47 return Optional.ofNullable(entityType);
48 48 }
  49 +
  50 + public static Resource of(EntityType entityType) {
  51 + for (Resource resource : Resource.values()) {
  52 + if (resource.getEntityType().get() == entityType) {
  53 + return resource;
  54 + }
  55 + }
  56 + throw new IllegalArgumentException("Unknown EntityType: " + entityType.name());
  57 + }
49 58 }
... ...
... ... @@ -223,6 +223,27 @@ public abstract class AbstractControllerTest {
223 223 login(CUSTOMER_USER_EMAIL, CUSTOMER_USER_PASSWORD);
224 224 }
225 225
  226 + private Tenant savedDifferentTenant;
  227 + protected void loginDifferentTenant() throws Exception {
  228 + loginSysAdmin();
  229 + Tenant tenant = new Tenant();
  230 + tenant.setTitle("Different tenant");
  231 + savedDifferentTenant = doPost("/api/tenant", tenant, Tenant.class);
  232 + Assert.assertNotNull(savedDifferentTenant);
  233 + User differentTenantAdmin = new User();
  234 + differentTenantAdmin.setAuthority(Authority.TENANT_ADMIN);
  235 + differentTenantAdmin.setTenantId(savedDifferentTenant.getId());
  236 + differentTenantAdmin.setEmail("different_tenant@thingsboard.org");
  237 +
  238 + createUserAndLogin(differentTenantAdmin, "testPassword");
  239 + }
  240 +
  241 + protected void deleteDifferentTenant() throws Exception {
  242 + loginSysAdmin();
  243 + doDelete("/api/tenant/" + savedDifferentTenant.getId().getId().toString())
  244 + .andExpect(status().isOk());
  245 + }
  246 +
226 247 protected User createUserAndLogin(User user, String password) throws Exception {
227 248 User savedUser = doPost("/api/user", user, User.class);
228 249 logout();
... ...
... ... @@ -99,6 +99,18 @@ public abstract class BaseAssetControllerTest extends AbstractControllerTest {
99 99 }
100 100
101 101 @Test
  102 + public void testUpdateAssetFromDifferentTenant() throws Exception {
  103 + Asset asset = new Asset();
  104 + asset.setName("My asset");
  105 + asset.setType("default");
  106 + Asset savedAsset = doPost("/api/asset", asset, Asset.class);
  107 +
  108 + loginDifferentTenant();
  109 + doPost("/api/asset", savedAsset, Asset.class, status().isForbidden());
  110 + deleteDifferentTenant();
  111 + }
  112 +
  113 + @Test
102 114 public void testFindAssetById() throws Exception {
103 115 Asset asset = new Asset();
104 116 asset.setName("My asset");
... ...
... ... @@ -23,6 +23,8 @@ import java.util.Collections;
23 23 import java.util.List;
24 24
25 25 import org.apache.commons.lang3.RandomStringUtils;
  26 +import org.junit.After;
  27 +import org.junit.Before;
26 28 import org.thingsboard.server.common.data.Customer;
27 29 import org.thingsboard.server.common.data.Tenant;
28 30 import org.thingsboard.server.common.data.User;
... ... @@ -38,25 +40,39 @@ import com.fasterxml.jackson.core.type.TypeReference;
38 40 public abstract class BaseCustomerControllerTest extends AbstractControllerTest {
39 41
40 42 private IdComparator<Customer> idComparator = new IdComparator<>();
41   -
42   - @Test
43   - public void testSaveCustomer() throws Exception {
  43 +
  44 + private Tenant savedTenant;
  45 + private User tenantAdmin;
  46 +
  47 + @Before
  48 + public void beforeTest() throws Exception {
44 49 loginSysAdmin();
45 50
46 51 Tenant tenant = new Tenant();
47 52 tenant.setTitle("My tenant");
48   - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
  53 + savedTenant = doPost("/api/tenant", tenant, Tenant.class);
49 54 Assert.assertNotNull(savedTenant);
50   -
51   - User tenantAdmin = new User();
  55 +
  56 + tenantAdmin = new User();
52 57 tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
53 58 tenantAdmin.setTenantId(savedTenant.getId());
54 59 tenantAdmin.setEmail("tenant2@thingsboard.org");
55 60 tenantAdmin.setFirstName("Joe");
56 61 tenantAdmin.setLastName("Downs");
57   -
  62 +
58 63 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
59   -
  64 + }
  65 +
  66 + @After
  67 + public void afterTest() throws Exception {
  68 + loginSysAdmin();
  69 +
  70 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  71 + .andExpect(status().isOk());
  72 + }
  73 +
  74 + @Test
  75 + public void testSaveCustomer() throws Exception {
60 76 Customer customer = new Customer();
61 77 customer.setTitle("My customer");
62 78 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
... ... @@ -66,266 +82,159 @@ public abstract class BaseCustomerControllerTest extends AbstractControllerTest
66 82 Assert.assertEquals(customer.getTitle(), savedCustomer.getTitle());
67 83 savedCustomer.setTitle("My new customer");
68 84 doPost("/api/customer", savedCustomer, Customer.class);
69   -
70   - Customer foundCustomer = doGet("/api/customer/"+savedCustomer.getId().getId().toString(), Customer.class);
  85 +
  86 + Customer foundCustomer = doGet("/api/customer/"+savedCustomer.getId().getId().toString(), Customer.class);
71 87 Assert.assertEquals(foundCustomer.getTitle(), savedCustomer.getTitle());
72   -
  88 +
73 89 doDelete("/api/customer/"+savedCustomer.getId().getId().toString())
74 90 .andExpect(status().isOk());
75   -
76   - loginSysAdmin();
77   -
78   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
79   - .andExpect(status().isOk());
80 91 }
81   -
  92 +
82 93 @Test
83   - public void testFindCustomerById() throws Exception {
84   -
85   - loginSysAdmin();
  94 + public void testUpdateCustomerFromDifferentTenant() throws Exception {
  95 + Customer customer = new Customer();
  96 + customer.setTitle("My customer");
  97 + Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
  98 + doPost("/api/customer", savedCustomer, Customer.class);
86 99
87   - Tenant tenant = new Tenant();
88   - tenant.setTitle("My tenant");
89   - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
90   - Assert.assertNotNull(savedTenant);
91   -
92   - User tenantAdmin = new User();
93   - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
94   - tenantAdmin.setTenantId(savedTenant.getId());
95   - tenantAdmin.setEmail("tenant2@thingsboard.org");
96   - tenantAdmin.setFirstName("Joe");
97   - tenantAdmin.setLastName("Downs");
98   -
99   - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
100   -
  100 + loginDifferentTenant();
  101 + doPost("/api/customer", savedCustomer, Customer.class, status().isForbidden());
  102 + deleteDifferentTenant();
  103 +
  104 + login(tenantAdmin.getName(), "testPassword1");
  105 + doDelete("/api/customer/" + savedCustomer.getId().getId().toString())
  106 + .andExpect(status().isOk());
  107 + }
  108 +
  109 + @Test
  110 + public void testFindCustomerById() throws Exception {
101 111 Customer customer = new Customer();
102 112 customer.setTitle("My customer");
103 113 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
104   -
105   - Customer foundCustomer = doGet("/api/customer/"+savedCustomer.getId().getId().toString(), Customer.class);
  114 +
  115 + Customer foundCustomer = doGet("/api/customer/" + savedCustomer.getId().getId().toString(), Customer.class);
106 116 Assert.assertNotNull(foundCustomer);
107 117 Assert.assertEquals(savedCustomer, foundCustomer);
108   -
109   - doDelete("/api/customer/"+savedCustomer.getId().getId().toString())
110   - .andExpect(status().isOk());
111   -
112   - loginSysAdmin();
113   -
114   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
115   - .andExpect(status().isOk());
  118 +
  119 + doDelete("/api/customer/" + savedCustomer.getId().getId().toString())
  120 + .andExpect(status().isOk());
116 121 }
117   -
  122 +
118 123 @Test
119 124 public void testDeleteCustomer() throws Exception {
120   -
121   - loginSysAdmin();
122   -
123   - Tenant tenant = new Tenant();
124   - tenant.setTitle("My tenant");
125   - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
126   - Assert.assertNotNull(savedTenant);
127   -
128   - User tenantAdmin = new User();
129   - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
130   - tenantAdmin.setTenantId(savedTenant.getId());
131   - tenantAdmin.setEmail("tenant2@thingsboard.org");
132   - tenantAdmin.setFirstName("Joe");
133   - tenantAdmin.setLastName("Downs");
134   -
135   - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
136   -
137 125 Customer customer = new Customer();
138 126 customer.setTitle("My customer");
139 127 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
140   -
141   - doDelete("/api/customer/"+savedCustomer.getId().getId().toString())
142   - .andExpect(status().isOk());
143 128
144   - doGet("/api/customer/"+savedCustomer.getId().getId().toString())
145   - .andExpect(status().isNotFound());
146   -
147   - loginSysAdmin();
148   -
149   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
150   - .andExpect(status().isOk());
  129 + doDelete("/api/customer/" + savedCustomer.getId().getId().toString())
  130 + .andExpect(status().isOk());
  131 +
  132 + doGet("/api/customer/" + savedCustomer.getId().getId().toString())
  133 + .andExpect(status().isNotFound());
151 134 }
152   -
  135 +
153 136 @Test
154 137 public void testSaveCustomerWithEmptyTitle() throws Exception {
155   -
156   - loginSysAdmin();
157   -
158   - Tenant tenant = new Tenant();
159   - tenant.setTitle("My tenant");
160   - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
161   - Assert.assertNotNull(savedTenant);
162   -
163   - User tenantAdmin = new User();
164   - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
165   - tenantAdmin.setTenantId(savedTenant.getId());
166   - tenantAdmin.setEmail("tenant2@thingsboard.org");
167   - tenantAdmin.setFirstName("Joe");
168   - tenantAdmin.setLastName("Downs");
169   -
170   - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
171   -
172 138 Customer customer = new Customer();
173 139 doPost("/api/customer", customer)
174   - .andExpect(status().isBadRequest())
175   - .andExpect(statusReason(containsString("Customer title should be specified")));
176   -
177   - loginSysAdmin();
178   -
179   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
180   - .andExpect(status().isOk());
  140 + .andExpect(status().isBadRequest())
  141 + .andExpect(statusReason(containsString("Customer title should be specified")));
181 142 }
182   -
  143 +
183 144 @Test
184 145 public void testSaveCustomerWithInvalidEmail() throws Exception {
185   -
186   - loginSysAdmin();
187   -
188   - Tenant tenant = new Tenant();
189   - tenant.setTitle("My tenant");
190   - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
191   - Assert.assertNotNull(savedTenant);
192   -
193   - User tenantAdmin = new User();
194   - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
195   - tenantAdmin.setTenantId(savedTenant.getId());
196   - tenantAdmin.setEmail("tenant2@thingsboard.org");
197   - tenantAdmin.setFirstName("Joe");
198   - tenantAdmin.setLastName("Downs");
199   -
200   - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
201   -
202 146 Customer customer = new Customer();
203 147 customer.setTitle("My customer");
204 148 customer.setEmail("invalid@mail");
205 149 doPost("/api/customer", customer)
206   - .andExpect(status().isBadRequest())
207   - .andExpect(statusReason(containsString("Invalid email address format 'invalid@mail'")));
208   -
209   - loginSysAdmin();
210   -
211   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
212   - .andExpect(status().isOk());
  150 + .andExpect(status().isBadRequest())
  151 + .andExpect(statusReason(containsString("Invalid email address format 'invalid@mail'")));
  152 +
  153 +// loginSysAdmin();
  154 +//
  155 +// doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
  156 +// .andExpect(status().isOk());
213 157 }
214   -
  158 +
215 159 @Test
216 160 public void testFindCustomers() throws Exception {
217   - loginSysAdmin();
218   -
219   - Tenant tenant = new Tenant();
220   - tenant.setTitle("My tenant");
221   - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
222   - Assert.assertNotNull(savedTenant);
223   -
224 161 TenantId tenantId = savedTenant.getId();
225   -
226   - User tenantAdmin = new User();
227   - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
228   - tenantAdmin.setTenantId(tenantId);
229   - tenantAdmin.setEmail("tenant2@thingsboard.org");
230   - tenantAdmin.setFirstName("Joe");
231   - tenantAdmin.setLastName("Downs");
232   -
233   - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
234   -
  162 +
235 163 List<Customer> customers = new ArrayList<>();
236   - for (int i=0;i<135;i++) {
  164 + for (int i = 0; i < 135; i++) {
237 165 Customer customer = new Customer();
238 166 customer.setTenantId(tenantId);
239   - customer.setTitle("Customer"+i);
  167 + customer.setTitle("Customer" + i);
240 168 customers.add(doPost("/api/customer", customer, Customer.class));
241 169 }
242   -
  170 +
243 171 List<Customer> loadedCustomers = new ArrayList<>();
244 172 TextPageLink pageLink = new TextPageLink(23);
245 173 TextPageData<Customer> pageData = null;
246 174 do {
247   - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink);
  175 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  176 + }, pageLink);
248 177 loadedCustomers.addAll(pageData.getData());
249 178 if (pageData.hasNext()) {
250 179 pageLink = pageData.getNextPageLink();
251 180 }
252 181 } while (pageData.hasNext());
253   -
  182 +
254 183 Collections.sort(customers, idComparator);
255 184 Collections.sort(loadedCustomers, idComparator);
256   -
  185 +
257 186 Assert.assertEquals(customers, loadedCustomers);
258   -
259   - loginSysAdmin();
260   -
261   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
262   - .andExpect(status().isOk());
263 187 }
264   -
  188 +
265 189 @Test
266 190 public void testFindCustomersByTitle() throws Exception {
267   -
268   - loginSysAdmin();
269   -
270   - Tenant tenant = new Tenant();
271   - tenant.setTitle("My tenant");
272   - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
273   - Assert.assertNotNull(savedTenant);
274   -
275 191 TenantId tenantId = savedTenant.getId();
276   -
277   - User tenantAdmin = new User();
278   - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
279   - tenantAdmin.setTenantId(tenantId);
280   - tenantAdmin.setEmail("tenant2@thingsboard.org");
281   - tenantAdmin.setFirstName("Joe");
282   - tenantAdmin.setLastName("Downs");
283   -
284   - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
285   -
  192 +
286 193 String title1 = "Customer title 1";
287 194 List<Customer> customersTitle1 = new ArrayList<>();
288   - for (int i=0;i<143;i++) {
  195 + for (int i = 0; i < 143; i++) {
289 196 Customer customer = new Customer();
290 197 customer.setTenantId(tenantId);
291   - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));
292   - String title = title1+suffix;
  198 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  199 + String title = title1 + suffix;
293 200 title = i % 2 == 0 ? title.toLowerCase() : title.toUpperCase();
294 201 customer.setTitle(title);
295 202 customersTitle1.add(doPost("/api/customer", customer, Customer.class));
296 203 }
297 204 String title2 = "Customer title 2";
298 205 List<Customer> customersTitle2 = new ArrayList<>();
299   - for (int i=0;i<175;i++) {
  206 + for (int i = 0; i < 175; i++) {
300 207 Customer customer = new Customer();
301 208 customer.setTenantId(tenantId);
302   - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));
303   - String title = title2+suffix;
  209 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  210 + String title = title2 + suffix;
304 211 title = i % 2 == 0 ? title.toLowerCase() : title.toUpperCase();
305 212 customer.setTitle(title);
306 213 customersTitle2.add(doPost("/api/customer", customer, Customer.class));
307 214 }
308   -
  215 +
309 216 List<Customer> loadedCustomersTitle1 = new ArrayList<>();
310 217 TextPageLink pageLink = new TextPageLink(15, title1);
311 218 TextPageData<Customer> pageData = null;
312 219 do {
313   - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink);
  220 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  221 + }, pageLink);
314 222 loadedCustomersTitle1.addAll(pageData.getData());
315 223 if (pageData.hasNext()) {
316 224 pageLink = pageData.getNextPageLink();
317 225 }
318 226 } while (pageData.hasNext());
319   -
  227 +
320 228 Collections.sort(customersTitle1, idComparator);
321 229 Collections.sort(loadedCustomersTitle1, idComparator);
322   -
  230 +
323 231 Assert.assertEquals(customersTitle1, loadedCustomersTitle1);
324   -
  232 +
325 233 List<Customer> loadedCustomersTitle2 = new ArrayList<>();
326 234 pageLink = new TextPageLink(4, title2);
327 235 do {
328   - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink);
  236 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  237 + }, pageLink);
329 238 loadedCustomersTitle2.addAll(pageData.getData());
330 239 if (pageData.hasNext()) {
331 240 pageLink = pageData.getNextPageLink();
... ... @@ -334,33 +243,30 @@ public abstract class BaseCustomerControllerTest extends AbstractControllerTest
334 243
335 244 Collections.sort(customersTitle2, idComparator);
336 245 Collections.sort(loadedCustomersTitle2, idComparator);
337   -
  246 +
338 247 Assert.assertEquals(customersTitle2, loadedCustomersTitle2);
339   -
  248 +
340 249 for (Customer customer : loadedCustomersTitle1) {
341   - doDelete("/api/customer/"+customer.getId().getId().toString())
342   - .andExpect(status().isOk());
  250 + doDelete("/api/customer/" + customer.getId().getId().toString())
  251 + .andExpect(status().isOk());
343 252 }
344   -
  253 +
345 254 pageLink = new TextPageLink(4, title1);
346   - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink);
  255 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  256 + }, pageLink);
347 257 Assert.assertFalse(pageData.hasNext());
348 258 Assert.assertEquals(0, pageData.getData().size());
349   -
  259 +
350 260 for (Customer customer : loadedCustomersTitle2) {
351   - doDelete("/api/customer/"+customer.getId().getId().toString())
352   - .andExpect(status().isOk());
  261 + doDelete("/api/customer/" + customer.getId().getId().toString())
  262 + .andExpect(status().isOk());
353 263 }
354   -
  264 +
355 265 pageLink = new TextPageLink(4, title2);
356   - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink);
  266 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  267 + }, pageLink);
357 268 Assert.assertFalse(pageData.hasNext());
358 269 Assert.assertEquals(0, pageData.getData().size());
359   -
360   - loginSysAdmin();
361   -
362   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
363   - .andExpect(status().isOk());
364 270 }
365   -
  271 +
366 272 }
... ...
... ... @@ -16,10 +16,8 @@
16 16 package org.thingsboard.server.controller;
17 17
18 18 import static org.hamcrest.Matchers.containsString;
19   -import static org.thingsboard.server.dao.model.ModelConstants.NULL_UUID;
20 19 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
21 20
22   -import java.sql.Time;
23 21 import java.util.ArrayList;
24 22 import java.util.Collections;
25 23 import java.util.List;
... ... @@ -33,7 +31,6 @@ import org.thingsboard.server.common.data.page.TextPageLink;
33 31 import org.thingsboard.server.common.data.page.TimePageData;
34 32 import org.thingsboard.server.common.data.page.TimePageLink;
35 33 import org.thingsboard.server.common.data.security.Authority;
36   -import org.thingsboard.server.dao.model.ModelConstants;
37 34 import org.junit.After;
38 35 import org.junit.Assert;
39 36 import org.junit.Before;
... ... @@ -93,6 +90,17 @@ public abstract class BaseDashboardControllerTest extends AbstractControllerTest
93 90 Dashboard foundDashboard = doGet("/api/dashboard/" + savedDashboard.getId().getId().toString(), Dashboard.class);
94 91 Assert.assertEquals(foundDashboard.getTitle(), savedDashboard.getTitle());
95 92 }
  93 +
  94 + @Test
  95 + public void testUpdateDashboardFromDifferentTenant() throws Exception {
  96 + Dashboard dashboard = new Dashboard();
  97 + dashboard.setTitle("My dashboard");
  98 + Dashboard savedDashboard = doPost("/api/dashboard", dashboard, Dashboard.class);
  99 +
  100 + loginDifferentTenant();
  101 + doPost("/api/dashboard", savedDashboard, Dashboard.class, status().isForbidden());
  102 + deleteDifferentTenant();
  103 + }
96 104
97 105 @Test
98 106 public void testFindDashboardById() throws Exception {
... ...
... ... @@ -107,6 +107,17 @@ public abstract class BaseDeviceControllerTest extends AbstractControllerTest {
107 107 Device foundDevice = doGet("/api/device/" + savedDevice.getId().getId().toString(), Device.class);
108 108 Assert.assertEquals(foundDevice.getName(), savedDevice.getName());
109 109 }
  110 +
  111 + @Test
  112 + public void testUpdateDeviceFromDifferentTenant() throws Exception {
  113 + Device device = new Device();
  114 + device.setName("My device");
  115 + device.setType("default");
  116 + Device savedDevice = doPost("/api/device", device, Device.class);
  117 + loginDifferentTenant();
  118 + doPost("/api/device", savedDevice, Device.class, status().isForbidden());
  119 + deleteDifferentTenant();
  120 + }
110 121
111 122 @Test
112 123 public void testFindDeviceById() throws Exception {
... ...
... ... @@ -25,7 +25,6 @@ import org.eclipse.paho.client.mqttv3.MqttMessage;
25 25 import org.junit.After;
26 26 import org.junit.Assert;
27 27 import org.junit.Before;
28   -import org.junit.Ignore;
29 28 import org.junit.Test;
30 29 import org.thingsboard.server.common.data.Customer;
31 30 import org.thingsboard.server.common.data.Device;
... ... @@ -132,6 +131,15 @@ public abstract class BaseEntityViewControllerTest extends AbstractControllerTes
132 131 assertEquals(foundEntityView.getKeys(), telemetry);
133 132 }
134 133
  134 +
  135 + @Test
  136 + public void testUpdateEntityViewFromDifferentTenant() throws Exception {
  137 + EntityView savedView = getNewSavedEntityView("Test entity view");
  138 + loginDifferentTenant();
  139 + doPost("/api/entityView", savedView, EntityView.class, status().isForbidden());
  140 + deleteDifferentTenant();
  141 + }
  142 +
135 143 @Test
136 144 public void testDeleteEntityView() throws Exception {
137 145 EntityView view = getNewSavedEntityView("Test entity view");
... ...
... ... @@ -38,21 +38,23 @@ import java.util.List;
38 38
39 39 import static org.hamcrest.Matchers.containsString;
40 40 import static org.hamcrest.Matchers.is;
41   -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
  41 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
  42 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
  43 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
42 44
43 45 public abstract class BaseUserControllerTest extends AbstractControllerTest {
44   -
  46 +
45 47 private IdComparator<User> idComparator = new IdComparator<>();
46 48
47 49 @Test
48 50 public void testSaveUser() throws Exception {
49 51 loginSysAdmin();
50   -
  52 +
51 53 Tenant tenant = new Tenant();
52 54 tenant.setTitle("My tenant");
53 55 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
54 56 Assert.assertNotNull(savedTenant);
55   -
  57 +
56 58 String email = "tenant2@thingsboard.org";
57 59 User user = new User();
58 60 user.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -66,13 +68,13 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
66 68 Assert.assertTrue(savedUser.getCreatedTime() > 0);
67 69 Assert.assertEquals(user.getEmail(), savedUser.getEmail());
68 70
69   - User foundUser = doGet("/api/user/"+savedUser.getId().getId().toString(), User.class);
  71 + User foundUser = doGet("/api/user/" + savedUser.getId().getId().toString(), User.class);
70 72 Assert.assertEquals(foundUser, savedUser);
71   -
  73 +
72 74 logout();
73 75 doGet("/api/noauth/activate?activateToken={activateToken}", TestMailService.currentActivateToken)
74   - .andExpect(status().isSeeOther())
75   - .andExpect(header().string(HttpHeaders.LOCATION, "/login/createPassword?activateToken=" + TestMailService.currentActivateToken));
  76 + .andExpect(status().isSeeOther())
  77 + .andExpect(header().string(HttpHeaders.LOCATION, "/login/createPassword?activateToken=" + TestMailService.currentActivateToken));
76 78
77 79 JsonNode activateRequest = new ObjectMapper().createObjectNode()
78 80 .put("activateToken", TestMailService.currentActivateToken)
... ... @@ -82,36 +84,61 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
82 84 validateAndSetJwtToken(tokenInfo, email);
83 85
84 86 doGet("/api/auth/user")
85   - .andExpect(status().isOk())
86   - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))
87   - .andExpect(jsonPath("$.email",is(email)));
88   -
  87 + .andExpect(status().isOk())
  88 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  89 + .andExpect(jsonPath("$.email", is(email)));
  90 +
89 91 logout();
90   -
  92 +
91 93 login(email, "testPassword");
92   -
  94 +
93 95 doGet("/api/auth/user")
94   - .andExpect(status().isOk())
95   - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))
96   - .andExpect(jsonPath("$.email",is(email)));
97   -
  96 + .andExpect(status().isOk())
  97 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  98 + .andExpect(jsonPath("$.email", is(email)));
  99 +
98 100 loginSysAdmin();
99   - doDelete("/api/user/"+savedUser.getId().getId().toString())
100   - .andExpect(status().isOk());
101   -
102   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
103   - .andExpect(status().isOk());
  101 + doDelete("/api/user/" + savedUser.getId().getId().toString())
  102 + .andExpect(status().isOk());
  103 +
  104 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  105 + .andExpect(status().isOk());
104 106 }
105   -
  107 +
  108 + @Test
  109 + public void testUpdateUserFromDifferentTenant() throws Exception {
  110 + loginSysAdmin();
  111 + Tenant tenant = new Tenant();
  112 + tenant.setTitle("My tenant");
  113 + Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
  114 + Assert.assertNotNull(savedTenant);
  115 +
  116 + User tenantAdmin = new User();
  117 + tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
  118 + tenantAdmin.setTenantId(savedTenant.getId());
  119 + tenantAdmin.setEmail("tenant2@thingsboard.org");
  120 + tenantAdmin.setFirstName("Joe");
  121 + tenantAdmin.setLastName("Downs");
  122 + tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
  123 +
  124 + loginDifferentTenant();
  125 + doPost("/api/user", tenantAdmin, User.class, status().isForbidden());
  126 + deleteDifferentTenant();
  127 +
  128 + loginSysAdmin();
  129 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  130 + .andExpect(status().isOk());
  131 + }
  132 +
106 133 @Test
107 134 public void testResetPassword() throws Exception {
108 135 loginSysAdmin();
109   -
  136 +
110 137 Tenant tenant = new Tenant();
111 138 tenant.setTitle("My tenant");
112 139 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
113 140 Assert.assertNotNull(savedTenant);
114   -
  141 +
115 142 String email = "tenant2@thingsboard.org";
116 143 User user = new User();
117 144 user.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -119,7 +146,7 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
119 146 user.setEmail(email);
120 147 user.setFirstName("Joe");
121 148 user.setLastName("Downs");
122   -
  149 +
123 150 User savedUser = createUserAndLogin(user, "testPassword1");
124 151 logout();
125 152
... ... @@ -127,10 +154,10 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
127 154 .put("email", email);
128 155
129 156 doPost("/api/noauth/resetPasswordByEmail", resetPasswordByEmailRequest)
130   - .andExpect(status().isOk());
  157 + .andExpect(status().isOk());
131 158 doGet("/api/noauth/resetPassword?resetToken={resetToken}", TestMailService.currentResetPasswordToken)
132   - .andExpect(status().isSeeOther())
133   - .andExpect(header().string(HttpHeaders.LOCATION, "/login/resetPassword?resetToken=" + TestMailService.currentResetPasswordToken));
  159 + .andExpect(status().isSeeOther())
  160 + .andExpect(header().string(HttpHeaders.LOCATION, "/login/resetPassword?resetToken=" + TestMailService.currentResetPasswordToken));
134 161
135 162 JsonNode resetPasswordRequest = new ObjectMapper().createObjectNode()
136 163 .put("resetToken", TestMailService.currentResetPasswordToken)
... ... @@ -140,35 +167,35 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
140 167 validateAndSetJwtToken(tokenInfo, email);
141 168
142 169 doGet("/api/auth/user")
143   - .andExpect(status().isOk())
144   - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))
145   - .andExpect(jsonPath("$.email",is(email)));
146   -
  170 + .andExpect(status().isOk())
  171 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  172 + .andExpect(jsonPath("$.email", is(email)));
  173 +
147 174 logout();
148   -
  175 +
149 176 login(email, "testPassword2");
150 177 doGet("/api/auth/user")
151   - .andExpect(status().isOk())
152   - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))
153   - .andExpect(jsonPath("$.email",is(email)));
154   -
  178 + .andExpect(status().isOk())
  179 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  180 + .andExpect(jsonPath("$.email", is(email)));
  181 +
155 182 loginSysAdmin();
156   - doDelete("/api/user/"+savedUser.getId().getId().toString())
157   - .andExpect(status().isOk());
158   -
159   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
160   - .andExpect(status().isOk());
  183 + doDelete("/api/user/" + savedUser.getId().getId().toString())
  184 + .andExpect(status().isOk());
  185 +
  186 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  187 + .andExpect(status().isOk());
161 188 }
162   -
  189 +
163 190 @Test
164 191 public void testFindUserById() throws Exception {
165 192 loginSysAdmin();
166   -
  193 +
167 194 Tenant tenant = new Tenant();
168 195 tenant.setTitle("My tenant");
169 196 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
170 197 Assert.assertNotNull(savedTenant);
171   -
  198 +
172 199 String email = "tenant2@thingsboard.org";
173 200 User user = new User();
174 201 user.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -176,25 +203,25 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
176 203 user.setEmail(email);
177 204 user.setFirstName("Joe");
178 205 user.setLastName("Downs");
179   -
  206 +
180 207 User savedUser = doPost("/api/user", user, User.class);
181   - User foundUser = doGet("/api/user/"+savedUser.getId().getId().toString(), User.class);
  208 + User foundUser = doGet("/api/user/" + savedUser.getId().getId().toString(), User.class);
182 209 Assert.assertNotNull(foundUser);
183 210 Assert.assertEquals(savedUser, foundUser);
184   -
185   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
186   - .andExpect(status().isOk());
  211 +
  212 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  213 + .andExpect(status().isOk());
187 214 }
188   -
  215 +
189 216 @Test
190 217 public void testSaveUserWithSameEmail() throws Exception {
191 218 loginSysAdmin();
192   -
  219 +
193 220 Tenant tenant = new Tenant();
194 221 tenant.setTitle("My tenant");
195 222 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
196 223 Assert.assertNotNull(savedTenant);
197   -
  224 +
198 225 String email = TENANT_ADMIN_EMAIL;
199 226 User user = new User();
200 227 user.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -202,24 +229,24 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
202 229 user.setEmail(email);
203 230 user.setFirstName("Joe");
204 231 user.setLastName("Downs");
205   -
  232 +
206 233 doPost("/api/user", user)
207   - .andExpect(status().isBadRequest())
208   - .andExpect(statusReason(containsString("User with email '" + email + "' already present in database")));
209   -
210   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
211   - .andExpect(status().isOk());
  234 + .andExpect(status().isBadRequest())
  235 + .andExpect(statusReason(containsString("User with email '" + email + "' already present in database")));
  236 +
  237 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  238 + .andExpect(status().isOk());
212 239 }
213   -
  240 +
214 241 @Test
215 242 public void testSaveUserWithInvalidEmail() throws Exception {
216 243 loginSysAdmin();
217   -
  244 +
218 245 Tenant tenant = new Tenant();
219 246 tenant.setTitle("My tenant");
220 247 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
221 248 Assert.assertNotNull(savedTenant);
222   -
  249 +
223 250 String email = "tenant_thingsboard.org";
224 251 User user = new User();
225 252 user.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -227,62 +254,62 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
227 254 user.setEmail(email);
228 255 user.setFirstName("Joe");
229 256 user.setLastName("Downs");
230   -
  257 +
231 258 doPost("/api/user", user)
232   - .andExpect(status().isBadRequest())
233   - .andExpect(statusReason(containsString("Invalid email address format '" + email + "'")));
234   -
235   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
236   - .andExpect(status().isOk());
  259 + .andExpect(status().isBadRequest())
  260 + .andExpect(statusReason(containsString("Invalid email address format '" + email + "'")));
  261 +
  262 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  263 + .andExpect(status().isOk());
237 264 }
238   -
  265 +
239 266 @Test
240 267 public void testSaveUserWithEmptyEmail() throws Exception {
241 268 loginSysAdmin();
242   -
  269 +
243 270 Tenant tenant = new Tenant();
244 271 tenant.setTitle("My tenant");
245 272 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
246 273 Assert.assertNotNull(savedTenant);
247   -
  274 +
248 275 User user = new User();
249 276 user.setAuthority(Authority.TENANT_ADMIN);
250 277 user.setTenantId(savedTenant.getId());
251 278 user.setFirstName("Joe");
252 279 user.setLastName("Downs");
253   -
  280 +
254 281 doPost("/api/user", user)
255   - .andExpect(status().isBadRequest())
256   - .andExpect(statusReason(containsString("User email should be specified")));
257   -
258   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
259   - .andExpect(status().isOk());
  282 + .andExpect(status().isBadRequest())
  283 + .andExpect(statusReason(containsString("User email should be specified")));
  284 +
  285 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  286 + .andExpect(status().isOk());
260 287 }
261   -
  288 +
262 289 @Test
263 290 public void testSaveUserWithoutTenant() throws Exception {
264 291 loginSysAdmin();
265   -
  292 +
266 293 User user = new User();
267 294 user.setAuthority(Authority.TENANT_ADMIN);
268 295 user.setEmail("tenant2@thingsboard.org");
269 296 user.setFirstName("Joe");
270 297 user.setLastName("Downs");
271   -
  298 +
272 299 doPost("/api/user", user)
273   - .andExpect(status().isBadRequest())
274   - .andExpect(statusReason(containsString("Tenant administrator should be assigned to tenant")));
  300 + .andExpect(status().isBadRequest())
  301 + .andExpect(statusReason(containsString("Tenant administrator should be assigned to tenant")));
275 302 }
276   -
  303 +
277 304 @Test
278 305 public void testDeleteUser() throws Exception {
279 306 loginSysAdmin();
280   -
  307 +
281 308 Tenant tenant = new Tenant();
282 309 tenant.setTitle("My tenant");
283 310 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
284 311 Assert.assertNotNull(savedTenant);
285   -
  312 +
286 313 String email = "tenant2@thingsboard.org";
287 314 User user = new User();
288 315 user.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -290,176 +317,182 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
290 317 user.setEmail(email);
291 318 user.setFirstName("Joe");
292 319 user.setLastName("Downs");
293   -
  320 +
294 321 User savedUser = doPost("/api/user", user, User.class);
295   - User foundUser = doGet("/api/user/"+savedUser.getId().getId().toString(), User.class);
  322 + User foundUser = doGet("/api/user/" + savedUser.getId().getId().toString(), User.class);
296 323 Assert.assertNotNull(foundUser);
297   -
298   - doDelete("/api/user/"+savedUser.getId().getId().toString())
299   - .andExpect(status().isOk());
300   -
301   - doGet("/api/user/"+savedUser.getId().getId().toString())
302   - .andExpect(status().isNotFound());
303   -
304   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
305   - .andExpect(status().isOk());
  324 +
  325 + doDelete("/api/user/" + savedUser.getId().getId().toString())
  326 + .andExpect(status().isOk());
  327 +
  328 + doGet("/api/user/" + savedUser.getId().getId().toString())
  329 + .andExpect(status().isNotFound());
  330 +
  331 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  332 + .andExpect(status().isOk());
306 333 }
307   -
  334 +
308 335 @Test
309 336 public void testFindTenantAdmins() throws Exception {
310 337 loginSysAdmin();
311   -
  338 +
312 339 Tenant tenant = new Tenant();
313 340 tenant.setTitle("My tenant");
314 341 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
315 342 Assert.assertNotNull(savedTenant);
316   -
  343 +
317 344 TenantId tenantId = savedTenant.getId();
318   -
  345 +
319 346 List<User> tenantAdmins = new ArrayList<>();
320   - for (int i=0;i<64;i++) {
  347 + for (int i = 0; i < 64; i++) {
321 348 User user = new User();
322 349 user.setAuthority(Authority.TENANT_ADMIN);
323 350 user.setTenantId(tenantId);
324 351 user.setEmail("testTenant" + i + "@thingsboard.org");
325 352 tenantAdmins.add(doPost("/api/user", user, User.class));
326 353 }
327   -
  354 +
328 355 List<User> loadedTenantAdmins = new ArrayList<>();
329 356 TextPageLink pageLink = new TextPageLink(33);
330 357 TextPageData<User> pageData = null;
331 358 do {
332   - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
333   - new TypeReference<TextPageData<User>>(){}, pageLink);
  359 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  360 + new TypeReference<TextPageData<User>>() {
  361 + }, pageLink);
334 362 loadedTenantAdmins.addAll(pageData.getData());
335 363 if (pageData.hasNext()) {
336 364 pageLink = pageData.getNextPageLink();
337 365 }
338 366 } while (pageData.hasNext());
339   -
  367 +
340 368 Collections.sort(tenantAdmins, idComparator);
341 369 Collections.sort(loadedTenantAdmins, idComparator);
342   -
  370 +
343 371 Assert.assertEquals(tenantAdmins, loadedTenantAdmins);
344   -
345   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
346   - .andExpect(status().isOk());
347   -
  372 +
  373 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  374 + .andExpect(status().isOk());
  375 +
348 376 pageLink = new TextPageLink(33);
349   - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
350   - new TypeReference<TextPageData<User>>(){}, pageLink);
  377 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  378 + new TypeReference<TextPageData<User>>() {
  379 + }, pageLink);
351 380 Assert.assertFalse(pageData.hasNext());
352 381 Assert.assertTrue(pageData.getData().isEmpty());
353 382 }
354   -
  383 +
355 384 @Test
356 385 public void testFindTenantAdminsByEmail() throws Exception {
357   -
  386 +
358 387 loginSysAdmin();
359   -
  388 +
360 389 Tenant tenant = new Tenant();
361 390 tenant.setTitle("My tenant");
362 391 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
363 392 Assert.assertNotNull(savedTenant);
364   -
  393 +
365 394 TenantId tenantId = savedTenant.getId();
366   -
367   - String email1 = "testEmail1";
  395 +
  396 + String email1 = "testEmail1";
368 397 List<User> tenantAdminsEmail1 = new ArrayList<>();
369   -
370   - for (int i=0;i<124;i++) {
  398 +
  399 + for (int i = 0; i < 124; i++) {
371 400 User user = new User();
372 401 user.setAuthority(Authority.TENANT_ADMIN);
373 402 user.setTenantId(tenantId);
374   - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));
375   - String email = email1+suffix+ "@thingsboard.org";
  403 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  404 + String email = email1 + suffix + "@thingsboard.org";
376 405 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
377 406 user.setEmail(email);
378 407 tenantAdminsEmail1.add(doPost("/api/user", user, User.class));
379 408 }
380   -
381   - String email2 = "testEmail2";
  409 +
  410 + String email2 = "testEmail2";
382 411 List<User> tenantAdminsEmail2 = new ArrayList<>();
383   -
384   - for (int i=0;i<112;i++) {
  412 +
  413 + for (int i = 0; i < 112; i++) {
385 414 User user = new User();
386 415 user.setAuthority(Authority.TENANT_ADMIN);
387 416 user.setTenantId(tenantId);
388   - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));
389   - String email = email2+suffix+ "@thingsboard.org";
  417 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  418 + String email = email2 + suffix + "@thingsboard.org";
390 419 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
391 420 user.setEmail(email);
392 421 tenantAdminsEmail2.add(doPost("/api/user", user, User.class));
393 422 }
394   -
  423 +
395 424 List<User> loadedTenantAdminsEmail1 = new ArrayList<>();
396 425 TextPageLink pageLink = new TextPageLink(33, email1);
397 426 TextPageData<User> pageData = null;
398 427 do {
399   - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
400   - new TypeReference<TextPageData<User>>(){}, pageLink);
  428 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  429 + new TypeReference<TextPageData<User>>() {
  430 + }, pageLink);
401 431 loadedTenantAdminsEmail1.addAll(pageData.getData());
402 432 if (pageData.hasNext()) {
403 433 pageLink = pageData.getNextPageLink();
404 434 }
405 435 } while (pageData.hasNext());
406   -
  436 +
407 437 Collections.sort(tenantAdminsEmail1, idComparator);
408 438 Collections.sort(loadedTenantAdminsEmail1, idComparator);
409   -
  439 +
410 440 Assert.assertEquals(tenantAdminsEmail1, loadedTenantAdminsEmail1);
411   -
  441 +
412 442 List<User> loadedTenantAdminsEmail2 = new ArrayList<>();
413 443 pageLink = new TextPageLink(16, email2);
414 444 do {
415   - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
416   - new TypeReference<TextPageData<User>>(){}, pageLink);
  445 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  446 + new TypeReference<TextPageData<User>>() {
  447 + }, pageLink);
417 448 loadedTenantAdminsEmail2.addAll(pageData.getData());
418 449 if (pageData.hasNext()) {
419 450 pageLink = pageData.getNextPageLink();
420 451 }
421 452 } while (pageData.hasNext());
422   -
  453 +
423 454 Collections.sort(tenantAdminsEmail2, idComparator);
424 455 Collections.sort(loadedTenantAdminsEmail2, idComparator);
425   -
  456 +
426 457 Assert.assertEquals(tenantAdminsEmail2, loadedTenantAdminsEmail2);
427   -
  458 +
428 459 for (User user : loadedTenantAdminsEmail1) {
429   - doDelete("/api/user/"+user.getId().getId().toString())
430   - .andExpect(status().isOk());
  460 + doDelete("/api/user/" + user.getId().getId().toString())
  461 + .andExpect(status().isOk());
431 462 }
432   -
  463 +
433 464 pageLink = new TextPageLink(4, email1);
434   - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
435   - new TypeReference<TextPageData<User>>(){}, pageLink);
  465 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  466 + new TypeReference<TextPageData<User>>() {
  467 + }, pageLink);
436 468 Assert.assertFalse(pageData.hasNext());
437 469 Assert.assertEquals(0, pageData.getData().size());
438   -
  470 +
439 471 for (User user : loadedTenantAdminsEmail2) {
440   - doDelete("/api/user/"+user.getId().getId().toString())
441   - .andExpect(status().isOk());
  472 + doDelete("/api/user/" + user.getId().getId().toString())
  473 + .andExpect(status().isOk());
442 474 }
443   -
  475 +
444 476 pageLink = new TextPageLink(4, email2);
445   - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
446   - new TypeReference<TextPageData<User>>(){}, pageLink);
  477 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  478 + new TypeReference<TextPageData<User>>() {
  479 + }, pageLink);
447 480 Assert.assertFalse(pageData.hasNext());
448 481 Assert.assertEquals(0, pageData.getData().size());
449   -
450   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
451   - .andExpect(status().isOk());
  482 +
  483 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  484 + .andExpect(status().isOk());
452 485 }
453   -
  486 +
454 487 @Test
455 488 public void testFindCustomerUsers() throws Exception {
456   -
  489 +
457 490 loginSysAdmin();
458 491 Tenant tenant = new Tenant();
459 492 tenant.setTitle("My tenant");
460 493 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
461 494 Assert.assertNotNull(savedTenant);
462   -
  495 +
463 496 TenantId tenantId = savedTenant.getId();
464 497 User tenantAdmin = new User();
465 498 tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -467,59 +500,60 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
467 500 tenantAdmin.setEmail("tenant2@thingsboard.org");
468 501 tenantAdmin.setFirstName("Joe");
469 502 tenantAdmin.setLastName("Downs");
470   -
  503 +
471 504 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
472   -
  505 +
473 506 Customer customer = new Customer();
474 507 customer.setTitle("My customer");
475 508 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
476 509
477 510 CustomerId customerId = savedCustomer.getId();
478   -
  511 +
479 512 List<User> customerUsers = new ArrayList<>();
480   - for (int i=0;i<56;i++) {
  513 + for (int i = 0; i < 56; i++) {
481 514 User user = new User();
482 515 user.setAuthority(Authority.CUSTOMER_USER);
483 516 user.setCustomerId(customerId);
484 517 user.setEmail("testCustomer" + i + "@thingsboard.org");
485 518 customerUsers.add(doPost("/api/user", user, User.class));
486 519 }
487   -
  520 +
488 521 List<User> loadedCustomerUsers = new ArrayList<>();
489 522 TextPageLink pageLink = new TextPageLink(33);
490 523 TextPageData<User> pageData = null;
491 524 do {
492   - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
493   - new TypeReference<TextPageData<User>>(){}, pageLink);
  525 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  526 + new TypeReference<TextPageData<User>>() {
  527 + }, pageLink);
494 528 loadedCustomerUsers.addAll(pageData.getData());
495 529 if (pageData.hasNext()) {
496 530 pageLink = pageData.getNextPageLink();
497 531 }
498 532 } while (pageData.hasNext());
499   -
  533 +
500 534 Collections.sort(customerUsers, idComparator);
501 535 Collections.sort(loadedCustomerUsers, idComparator);
502   -
  536 +
503 537 Assert.assertEquals(customerUsers, loadedCustomerUsers);
504   -
505   - doDelete("/api/customer/"+customerId.getId().toString())
506   - .andExpect(status().isOk());
507   -
  538 +
  539 + doDelete("/api/customer/" + customerId.getId().toString())
  540 + .andExpect(status().isOk());
  541 +
508 542 loginSysAdmin();
509   -
510   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
511   - .andExpect(status().isOk());
  543 +
  544 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  545 + .andExpect(status().isOk());
512 546 }
513   -
  547 +
514 548 @Test
515 549 public void testFindCustomerUsersByEmail() throws Exception {
516   -
  550 +
517 551 loginSysAdmin();
518 552 Tenant tenant = new Tenant();
519 553 tenant.setTitle("My tenant");
520 554 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
521 555 Assert.assertNotNull(savedTenant);
522   -
  556 +
523 557 TenantId tenantId = savedTenant.getId();
524 558 User tenantAdmin = new User();
525 559 tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
... ... @@ -527,105 +561,109 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
527 561 tenantAdmin.setEmail("tenant2@thingsboard.org");
528 562 tenantAdmin.setFirstName("Joe");
529 563 tenantAdmin.setLastName("Downs");
530   -
  564 +
531 565 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
532   -
  566 +
533 567 Customer customer = new Customer();
534 568 customer.setTitle("My customer");
535 569 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
536 570
537 571 CustomerId customerId = savedCustomer.getId();
538   -
539   - String email1 = "testEmail1";
  572 +
  573 + String email1 = "testEmail1";
540 574 List<User> customerUsersEmail1 = new ArrayList<>();
541   -
542   - for (int i=0;i<74;i++) {
  575 +
  576 + for (int i = 0; i < 74; i++) {
543 577 User user = new User();
544 578 user.setAuthority(Authority.CUSTOMER_USER);
545 579 user.setCustomerId(customerId);
546   - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));
547   - String email = email1+suffix+ "@thingsboard.org";
  580 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  581 + String email = email1 + suffix + "@thingsboard.org";
548 582 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
549 583 user.setEmail(email);
550 584 customerUsersEmail1.add(doPost("/api/user", user, User.class));
551 585 }
552   -
553   - String email2 = "testEmail2";
  586 +
  587 + String email2 = "testEmail2";
554 588 List<User> customerUsersEmail2 = new ArrayList<>();
555   -
556   - for (int i=0;i<92;i++) {
  589 +
  590 + for (int i = 0; i < 92; i++) {
557 591 User user = new User();
558 592 user.setAuthority(Authority.CUSTOMER_USER);
559 593 user.setCustomerId(customerId);
560   - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));
561   - String email = email2+suffix+ "@thingsboard.org";
  594 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  595 + String email = email2 + suffix + "@thingsboard.org";
562 596 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
563 597 user.setEmail(email);
564 598 customerUsersEmail2.add(doPost("/api/user", user, User.class));
565 599 }
566   -
  600 +
567 601 List<User> loadedCustomerUsersEmail1 = new ArrayList<>();
568 602 TextPageLink pageLink = new TextPageLink(33, email1);
569 603 TextPageData<User> pageData = null;
570 604 do {
571   - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
572   - new TypeReference<TextPageData<User>>(){}, pageLink);
  605 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  606 + new TypeReference<TextPageData<User>>() {
  607 + }, pageLink);
573 608 loadedCustomerUsersEmail1.addAll(pageData.getData());
574 609 if (pageData.hasNext()) {
575 610 pageLink = pageData.getNextPageLink();
576 611 }
577 612 } while (pageData.hasNext());
578   -
  613 +
579 614 Collections.sort(customerUsersEmail1, idComparator);
580 615 Collections.sort(loadedCustomerUsersEmail1, idComparator);
581   -
  616 +
582 617 Assert.assertEquals(customerUsersEmail1, loadedCustomerUsersEmail1);
583   -
  618 +
584 619 List<User> loadedCustomerUsersEmail2 = new ArrayList<>();
585 620 pageLink = new TextPageLink(16, email2);
586 621 do {
587   - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
588   - new TypeReference<TextPageData<User>>(){}, pageLink);
  622 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  623 + new TypeReference<TextPageData<User>>() {
  624 + }, pageLink);
589 625 loadedCustomerUsersEmail2.addAll(pageData.getData());
590 626 if (pageData.hasNext()) {
591 627 pageLink = pageData.getNextPageLink();
592 628 }
593 629 } while (pageData.hasNext());
594   -
  630 +
595 631 Collections.sort(customerUsersEmail2, idComparator);
596 632 Collections.sort(loadedCustomerUsersEmail2, idComparator);
597   -
  633 +
598 634 Assert.assertEquals(customerUsersEmail2, loadedCustomerUsersEmail2);
599   -
  635 +
600 636 for (User user : loadedCustomerUsersEmail1) {
601   - doDelete("/api/user/"+user.getId().getId().toString())
602   - .andExpect(status().isOk());
  637 + doDelete("/api/user/" + user.getId().getId().toString())
  638 + .andExpect(status().isOk());
603 639 }
604   -
  640 +
605 641 pageLink = new TextPageLink(4, email1);
606   - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
607   - new TypeReference<TextPageData<User>>(){}, pageLink);
  642 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  643 + new TypeReference<TextPageData<User>>() {
  644 + }, pageLink);
608 645 Assert.assertFalse(pageData.hasNext());
609 646 Assert.assertEquals(0, pageData.getData().size());
610   -
  647 +
611 648 for (User user : loadedCustomerUsersEmail2) {
612   - doDelete("/api/user/"+user.getId().getId().toString())
613   - .andExpect(status().isOk());
  649 + doDelete("/api/user/" + user.getId().getId().toString())
  650 + .andExpect(status().isOk());
614 651 }
615   -
  652 +
616 653 pageLink = new TextPageLink(4, email2);
617   - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
618   - new TypeReference<TextPageData<User>>(){}, pageLink);
  654 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  655 + new TypeReference<TextPageData<User>>() {
  656 + }, pageLink);
619 657 Assert.assertFalse(pageData.hasNext());
620 658 Assert.assertEquals(0, pageData.getData().size());
621   -
622   - doDelete("/api/customer/"+customerId.getId().toString())
623   - .andExpect(status().isOk());
624   -
  659 +
  660 + doDelete("/api/customer/" + customerId.getId().toString())
  661 + .andExpect(status().isOk());
  662 +
625 663 loginSysAdmin();
626   -
627   - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
628   - .andExpect(status().isOk());
  664 +
  665 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  666 + .andExpect(status().isOk());
629 667 }
630   -
  668 +
631 669 }
... ...
... ... @@ -64,7 +64,6 @@ public abstract class BaseWidgetTypeControllerTest extends AbstractControllerTes
64 64 WidgetsBundle widgetsBundle = new WidgetsBundle();
65 65 widgetsBundle.setTitle("My widgets bundle");
66 66 savedWidgetsBundle = doPost("/api/widgetsBundle", widgetsBundle, WidgetsBundle.class);
67   -
68 67 }
69 68
70 69 @After
... ... @@ -101,6 +100,19 @@ public abstract class BaseWidgetTypeControllerTest extends AbstractControllerTes
101 100 }
102 101
103 102 @Test
  103 + public void testUpdateWidgetTypeFromDifferentTenant() throws Exception {
  104 + WidgetType widgetType = new WidgetType();
  105 + widgetType.setBundleAlias(savedWidgetsBundle.getAlias());
  106 + widgetType.setName("Widget Type");
  107 + widgetType.setDescriptor(new ObjectMapper().readValue("{ \"someKey\": \"someValue\" }", JsonNode.class));
  108 + WidgetType savedWidgetType = doPost("/api/widgetType", widgetType, WidgetType.class);
  109 +
  110 + loginDifferentTenant();
  111 + doPost("/api/widgetType", savedWidgetType, WidgetType.class, status().isForbidden());
  112 + deleteDifferentTenant();
  113 + }
  114 +
  115 + @Test
104 116 public void testFindWidgetTypeById() throws Exception {
105 117 WidgetType widgetType = new WidgetType();
106 118 widgetType.setBundleAlias(savedWidgetsBundle.getAlias());
... ...
... ... @@ -89,6 +89,17 @@ public abstract class BaseWidgetsBundleControllerTest extends AbstractController
89 89 }
90 90
91 91 @Test
  92 + public void testUpdateWidgetsBundleFromDifferentTenant() throws Exception {
  93 + WidgetsBundle widgetsBundle = new WidgetsBundle();
  94 + widgetsBundle.setTitle("My widgets bundle");
  95 + WidgetsBundle savedWidgetsBundle = doPost("/api/widgetsBundle", widgetsBundle, WidgetsBundle.class);
  96 +
  97 + loginDifferentTenant();
  98 + doPost("/api/widgetsBundle", savedWidgetsBundle, WidgetsBundle.class, status().isForbidden());
  99 + deleteDifferentTenant();
  100 + }
  101 +
  102 + @Test
92 103 public void testFindWidgetsBundleById() throws Exception {
93 104 WidgetsBundle widgetsBundle = new WidgetsBundle();
94 105 widgetsBundle.setTitle("My widgets bundle");
... ...