简柏林 / thingskit · Commits

Commit 1a285ff9a12d97d70e777f88b933a8330af595ee

Authored by YevhenBondarenko
1 parent 8d3a797f

added test update entity by different tenant to controllers tests

Inline Side-by-side
Showing 21 changed files with 476 additions and 442 deletions
@@ -85,7 +85,7 @@ public class AlarmController extends BaseController { @@ -85,7 +85,7 @@ public class AlarmController extends BaseController {
85 try { 85 try {
86 alarm.setTenantId(getCurrentUser().getTenantId()); 86 alarm.setTenantId(getCurrentUser().getTenantId());
87 87
88 - checkEntity(alarm.getId(), alarm); 88 + checkEntity(alarm.getId(), alarm, Resource.ALARM);
89 89
90 Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm)); 90 Alarm savedAlarm = checkNotNull(alarmService.createOrUpdateAlarm(alarm));
91 logEntityAction(savedAlarm.getId(), savedAlarm, 91 logEntityAction(savedAlarm.getId(), savedAlarm,
@@ -76,7 +76,7 @@ public class AssetController extends BaseController { @@ -76,7 +76,7 @@ public class AssetController extends BaseController {
76 try { 76 try {
77 asset.setTenantId(getCurrentUser().getTenantId()); 77 asset.setTenantId(getCurrentUser().getTenantId());
78 78
79 - checkEntity(asset.getId(), asset); 79 + checkEntity(asset.getId(), asset, Resource.ASSET);
80 80
81 Asset savedAsset = checkNotNull(assetService.saveAsset(asset)); 81 Asset savedAsset = checkNotNull(assetService.saveAsset(asset));
82 82
@@ -330,10 +330,10 @@ public abstract class BaseController { @@ -330,10 +330,10 @@ public abstract class BaseController {
330 } 330 }
331 } 331 }
332 332
333 - protected <I extends EntityId, T extends HasTenantId> void checkEntity(I entityId, T entity) throws ThingsboardException { 333 + protected <I extends EntityId, T extends HasTenantId> void checkEntity(I entityId, T entity, Resource resource) throws ThingsboardException {
334 if (entityId == null) { 334 if (entityId == null) {
335 accessControlService 335 accessControlService
336 - .checkPermission(getCurrentUser(), Resource.ALARM, Operation.CREATE, null, entity); 336 + .checkPermission(getCurrentUser(), resource, Operation.CREATE, null, entity);
337 } else { 337 } else {
338 checkEntityId(entityId, Operation.WRITE); 338 checkEntityId(entityId, Operation.WRITE);
339 } 339 }
@@ -100,7 +100,7 @@ public class CustomerController extends BaseController { @@ -100,7 +100,7 @@ public class CustomerController extends BaseController {
100 try { 100 try {
101 customer.setTenantId(getCurrentUser().getTenantId()); 101 customer.setTenantId(getCurrentUser().getTenantId());
102 102
103 - checkEntity(customer.getId(), customer); 103 + checkEntity(customer.getId(), customer, Resource.CUSTOMER);
104 104
105 Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer)); 105 Customer savedCustomer = checkNotNull(customerService.saveCustomer(customer));
106 106
@@ -92,7 +92,7 @@ public class DeviceController extends BaseController { @@ -92,7 +92,7 @@ public class DeviceController extends BaseController {
92 try { 92 try {
93 device.setTenantId(getCurrentUser().getTenantId()); 93 device.setTenantId(getCurrentUser().getTenantId());
94 94
95 - checkEntity(device.getId(), device); 95 + checkEntity(device.getId(), device, Resource.DEVICE);
96 96
97 Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken)); 97 Device savedDevice = checkNotNull(deviceService.saveDeviceWithAccessToken(device, accessToken));
98 98
@@ -92,7 +92,7 @@ public class EntityViewController extends BaseController { @@ -92,7 +92,7 @@ public class EntityViewController extends BaseController {
92 try { 92 try {
93 entityView.setTenantId(getCurrentUser().getTenantId()); 93 entityView.setTenantId(getCurrentUser().getTenantId());
94 94
95 - checkEntity(entityView.getId(), entityView); 95 + checkEntity(entityView.getId(), entityView, Resource.ENTITY_VIEW);
96 96
97 EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView)); 97 EntityView savedEntityView = checkNotNull(entityViewService.saveEntityView(entityView));
98 List<ListenableFuture<List<Void>>> futures = new ArrayList<>(); 98 List<ListenableFuture<List<Void>>> futures = new ArrayList<>();
@@ -126,7 +126,7 @@ public class RuleChainController extends BaseController { @@ -126,7 +126,7 @@ public class RuleChainController extends BaseController {
126 boolean created = ruleChain.getId() == null; 126 boolean created = ruleChain.getId() == null;
127 ruleChain.setTenantId(getCurrentUser().getTenantId()); 127 ruleChain.setTenantId(getCurrentUser().getTenantId());
128 128
129 - checkEntity(ruleChain.getId(), ruleChain); 129 + checkEntity(ruleChain.getId(), ruleChain, Resource.RULE_CHAIN);
130 130
131 RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain)); 131 RuleChain savedRuleChain = checkNotNull(ruleChainService.saveRuleChain(ruleChain));
132 132
@@ -72,7 +72,7 @@ public class TenantController extends BaseController { @@ -72,7 +72,7 @@ public class TenantController extends BaseController {
72 try { 72 try {
73 boolean newTenant = tenant.getId() == null; 73 boolean newTenant = tenant.getId() == null;
74 74
75 - checkEntity(tenant.getId(), tenant); 75 + checkEntity(tenant.getId(), tenant, Resource.TENANT);
76 76
77 tenant = checkNotNull(tenantService.saveTenant(tenant)); 77 tenant = checkNotNull(tenantService.saveTenant(tenant));
78 if (newTenant) { 78 if (newTenant) {
@@ -138,7 +138,7 @@ public class UserController extends BaseController { @@ -138,7 +138,7 @@ public class UserController extends BaseController {
138 user.setTenantId(getCurrentUser().getTenantId()); 138 user.setTenantId(getCurrentUser().getTenantId());
139 } 139 }
140 140
141 - checkEntity(user.getId(), user); 141 + checkEntity(user.getId(), user, Resource.USER);
142 142
143 boolean sendEmail = user.getId() == null && sendActivationMail; 143 boolean sendEmail = user.getId() == null && sendActivationMail;
144 User savedUser = checkNotNull(userService.saveUser(user)); 144 User savedUser = checkNotNull(userService.saveUser(user));
@@ -66,7 +66,7 @@ public class WidgetTypeController extends BaseController { @@ -66,7 +66,7 @@ public class WidgetTypeController extends BaseController {
66 widgetType.setTenantId(getCurrentUser().getTenantId()); 66 widgetType.setTenantId(getCurrentUser().getTenantId());
67 } 67 }
68 68
69 - checkEntity(widgetType.getId(), widgetType); 69 + checkEntity(widgetType.getId(), widgetType, Resource.WIDGET_TYPE);
70 70
71 return checkNotNull(widgetTypeService.saveWidgetType(widgetType)); 71 return checkNotNull(widgetTypeService.saveWidgetType(widgetType));
72 } catch (Exception e) { 72 } catch (Exception e) {
@@ -61,15 +61,13 @@ public class WidgetsBundleController extends BaseController { @@ -61,15 +61,13 @@ public class WidgetsBundleController extends BaseController {
61 @ResponseBody 61 @ResponseBody
62 public WidgetsBundle saveWidgetsBundle(@RequestBody WidgetsBundle widgetsBundle) throws ThingsboardException { 62 public WidgetsBundle saveWidgetsBundle(@RequestBody WidgetsBundle widgetsBundle) throws ThingsboardException {
63 try { 63 try {
64 - checkEntity(widgetsBundle.getId(), widgetsBundle);  
65 -  
66 - if (widgetsBundle.getId() == null) {  
67 - accessControlService  
68 - .checkPermission(getCurrentUser(), Resource.WIDGETS_BUNDLE, Operation.CREATE, widgetsBundle.getId(), widgetsBundle); 64 + if (getCurrentUser().getAuthority() == Authority.SYS_ADMIN) {
  65 + widgetsBundle.setTenantId(TenantId.SYS_TENANT_ID);
69 } else { 66 } else {
70 - checkWidgetsBundleId(widgetsBundle.getId(), Operation.WRITE); 67 + widgetsBundle.setTenantId(getCurrentUser().getTenantId());
71 } 68 }
72 69
  70 + checkEntity(widgetsBundle.getId(), widgetsBundle, Resource.WIDGETS_BUNDLE);
73 return checkNotNull(widgetsBundleService.saveWidgetsBundle(widgetsBundle)); 71 return checkNotNull(widgetsBundleService.saveWidgetsBundle(widgetsBundle));
74 } catch (Exception e) { 72 } catch (Exception e) {
75 throw handleException(e); 73 throw handleException(e);
@@ -46,4 +46,13 @@ public enum Resource { @@ -46,4 +46,13 @@ public enum Resource {
46 public Optional<EntityType> getEntityType() { 46 public Optional<EntityType> getEntityType() {
47 return Optional.ofNullable(entityType); 47 return Optional.ofNullable(entityType);
48 } 48 }
  49 +
  50 + public static Resource of(EntityType entityType) {
  51 + for (Resource resource : Resource.values()) {
  52 + if (resource.getEntityType().get() == entityType) {
  53 + return resource;
  54 + }
  55 + }
  56 + throw new IllegalArgumentException("Unknown EntityType: " + entityType.name());
  57 + }
49 } 58 }
@@ -223,6 +223,27 @@ public abstract class AbstractControllerTest { @@ -223,6 +223,27 @@ public abstract class AbstractControllerTest {
223 login(CUSTOMER_USER_EMAIL, CUSTOMER_USER_PASSWORD); 223 login(CUSTOMER_USER_EMAIL, CUSTOMER_USER_PASSWORD);
224 } 224 }
225 225
  226 + private Tenant savedDifferentTenant;
  227 + protected void loginDifferentTenant() throws Exception {
  228 + loginSysAdmin();
  229 + Tenant tenant = new Tenant();
  230 + tenant.setTitle("Different tenant");
  231 + savedDifferentTenant = doPost("/api/tenant", tenant, Tenant.class);
  232 + Assert.assertNotNull(savedDifferentTenant);
  233 + User differentTenantAdmin = new User();
  234 + differentTenantAdmin.setAuthority(Authority.TENANT_ADMIN);
  235 + differentTenantAdmin.setTenantId(savedDifferentTenant.getId());
  236 + differentTenantAdmin.setEmail("different_tenant@thingsboard.org");
  237 +
  238 + createUserAndLogin(differentTenantAdmin, "testPassword");
  239 + }
  240 +
  241 + protected void deleteDifferentTenant() throws Exception {
  242 + loginSysAdmin();
  243 + doDelete("/api/tenant/" + savedDifferentTenant.getId().getId().toString())
  244 + .andExpect(status().isOk());
  245 + }
  246 +
226 protected User createUserAndLogin(User user, String password) throws Exception { 247 protected User createUserAndLogin(User user, String password) throws Exception {
227 User savedUser = doPost("/api/user", user, User.class); 248 User savedUser = doPost("/api/user", user, User.class);
228 logout(); 249 logout();
@@ -99,6 +99,18 @@ public abstract class BaseAssetControllerTest extends AbstractControllerTest { @@ -99,6 +99,18 @@ public abstract class BaseAssetControllerTest extends AbstractControllerTest {
99 } 99 }
100 100
101 @Test 101 @Test
  102 + public void testUpdateAssetFromDifferentTenant() throws Exception {
  103 + Asset asset = new Asset();
  104 + asset.setName("My asset");
  105 + asset.setType("default");
  106 + Asset savedAsset = doPost("/api/asset", asset, Asset.class);
  107 +
  108 + loginDifferentTenant();
  109 + doPost("/api/asset", savedAsset, Asset.class, status().isForbidden());
  110 + deleteDifferentTenant();
  111 + }
  112 +
  113 + @Test
102 public void testFindAssetById() throws Exception { 114 public void testFindAssetById() throws Exception {
103 Asset asset = new Asset(); 115 Asset asset = new Asset();
104 asset.setName("My asset"); 116 asset.setName("My asset");
@@ -23,6 +23,8 @@ import java.util.Collections; @@ -23,6 +23,8 @@ import java.util.Collections;
23 import java.util.List; 23 import java.util.List;
24 24
25 import org.apache.commons.lang3.RandomStringUtils; 25 import org.apache.commons.lang3.RandomStringUtils;
  26 +import org.junit.After;
  27 +import org.junit.Before;
26 import org.thingsboard.server.common.data.Customer; 28 import org.thingsboard.server.common.data.Customer;
27 import org.thingsboard.server.common.data.Tenant; 29 import org.thingsboard.server.common.data.Tenant;
28 import org.thingsboard.server.common.data.User; 30 import org.thingsboard.server.common.data.User;
@@ -38,25 +40,39 @@ import com.fasterxml.jackson.core.type.TypeReference; @@ -38,25 +40,39 @@ import com.fasterxml.jackson.core.type.TypeReference;
38 public abstract class BaseCustomerControllerTest extends AbstractControllerTest { 40 public abstract class BaseCustomerControllerTest extends AbstractControllerTest {
39 41
40 private IdComparator<Customer> idComparator = new IdComparator<>(); 42 private IdComparator<Customer> idComparator = new IdComparator<>();
41 -  
42 - @Test  
43 - public void testSaveCustomer() throws Exception { 43 +
  44 + private Tenant savedTenant;
  45 + private User tenantAdmin;
  46 +
  47 + @Before
  48 + public void beforeTest() throws Exception {
44 loginSysAdmin(); 49 loginSysAdmin();
45 50
46 Tenant tenant = new Tenant(); 51 Tenant tenant = new Tenant();
47 tenant.setTitle("My tenant"); 52 tenant.setTitle("My tenant");
48 - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 53 + savedTenant = doPost("/api/tenant", tenant, Tenant.class);
49 Assert.assertNotNull(savedTenant); 54 Assert.assertNotNull(savedTenant);
50 -  
51 - User tenantAdmin = new User(); 55 +
  56 + tenantAdmin = new User();
52 tenantAdmin.setAuthority(Authority.TENANT_ADMIN); 57 tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
53 tenantAdmin.setTenantId(savedTenant.getId()); 58 tenantAdmin.setTenantId(savedTenant.getId());
54 tenantAdmin.setEmail("tenant2@thingsboard.org"); 59 tenantAdmin.setEmail("tenant2@thingsboard.org");
55 tenantAdmin.setFirstName("Joe"); 60 tenantAdmin.setFirstName("Joe");
56 tenantAdmin.setLastName("Downs"); 61 tenantAdmin.setLastName("Downs");
57 - 62 +
58 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1"); 63 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
59 - 64 + }
  65 +
  66 + @After
  67 + public void afterTest() throws Exception {
  68 + loginSysAdmin();
  69 +
  70 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  71 + .andExpect(status().isOk());
  72 + }
  73 +
  74 + @Test
  75 + public void testSaveCustomer() throws Exception {
60 Customer customer = new Customer(); 76 Customer customer = new Customer();
61 customer.setTitle("My customer"); 77 customer.setTitle("My customer");
62 Customer savedCustomer = doPost("/api/customer", customer, Customer.class); 78 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
@@ -66,266 +82,159 @@ public abstract class BaseCustomerControllerTest extends AbstractControllerTest @@ -66,266 +82,159 @@ public abstract class BaseCustomerControllerTest extends AbstractControllerTest
66 Assert.assertEquals(customer.getTitle(), savedCustomer.getTitle()); 82 Assert.assertEquals(customer.getTitle(), savedCustomer.getTitle());
67 savedCustomer.setTitle("My new customer"); 83 savedCustomer.setTitle("My new customer");
68 doPost("/api/customer", savedCustomer, Customer.class); 84 doPost("/api/customer", savedCustomer, Customer.class);
69 -  
70 - Customer foundCustomer = doGet("/api/customer/"+savedCustomer.getId().getId().toString(), Customer.class); 85 +
  86 + Customer foundCustomer = doGet("/api/customer/"+savedCustomer.getId().getId().toString(), Customer.class);
71 Assert.assertEquals(foundCustomer.getTitle(), savedCustomer.getTitle()); 87 Assert.assertEquals(foundCustomer.getTitle(), savedCustomer.getTitle());
72 - 88 +
73 doDelete("/api/customer/"+savedCustomer.getId().getId().toString()) 89 doDelete("/api/customer/"+savedCustomer.getId().getId().toString())
74 .andExpect(status().isOk()); 90 .andExpect(status().isOk());
75 -  
76 - loginSysAdmin();  
77 -  
78 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
79 - .andExpect(status().isOk());  
80 } 91 }
81 - 92 +
82 @Test 93 @Test
83 - public void testFindCustomerById() throws Exception {  
84 -  
85 - loginSysAdmin(); 94 + public void testUpdateCustomerFromDifferentTenant() throws Exception {
  95 + Customer customer = new Customer();
  96 + customer.setTitle("My customer");
  97 + Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
  98 + doPost("/api/customer", savedCustomer, Customer.class);
86 99
87 - Tenant tenant = new Tenant();  
88 - tenant.setTitle("My tenant");  
89 - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);  
90 - Assert.assertNotNull(savedTenant);  
91 -  
92 - User tenantAdmin = new User();  
93 - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);  
94 - tenantAdmin.setTenantId(savedTenant.getId());  
95 - tenantAdmin.setEmail("tenant2@thingsboard.org");  
96 - tenantAdmin.setFirstName("Joe");  
97 - tenantAdmin.setLastName("Downs");  
98 -  
99 - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");  
100 - 100 + loginDifferentTenant();
  101 + doPost("/api/customer", savedCustomer, Customer.class, status().isForbidden());
  102 + deleteDifferentTenant();
  103 +
  104 + login(tenantAdmin.getName(), "testPassword1");
  105 + doDelete("/api/customer/" + savedCustomer.getId().getId().toString())
  106 + .andExpect(status().isOk());
  107 + }
  108 +
  109 + @Test
  110 + public void testFindCustomerById() throws Exception {
101 Customer customer = new Customer(); 111 Customer customer = new Customer();
102 customer.setTitle("My customer"); 112 customer.setTitle("My customer");
103 Customer savedCustomer = doPost("/api/customer", customer, Customer.class); 113 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
104 -  
105 - Customer foundCustomer = doGet("/api/customer/"+savedCustomer.getId().getId().toString(), Customer.class); 114 +
  115 + Customer foundCustomer = doGet("/api/customer/" + savedCustomer.getId().getId().toString(), Customer.class);
106 Assert.assertNotNull(foundCustomer); 116 Assert.assertNotNull(foundCustomer);
107 Assert.assertEquals(savedCustomer, foundCustomer); 117 Assert.assertEquals(savedCustomer, foundCustomer);
108 -  
109 - doDelete("/api/customer/"+savedCustomer.getId().getId().toString())  
110 - .andExpect(status().isOk());  
111 -  
112 - loginSysAdmin();  
113 -  
114 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
115 - .andExpect(status().isOk()); 118 +
  119 + doDelete("/api/customer/" + savedCustomer.getId().getId().toString())
  120 + .andExpect(status().isOk());
116 } 121 }
117 - 122 +
118 @Test 123 @Test
119 public void testDeleteCustomer() throws Exception { 124 public void testDeleteCustomer() throws Exception {
120 -  
121 - loginSysAdmin();  
122 -  
123 - Tenant tenant = new Tenant();  
124 - tenant.setTitle("My tenant");  
125 - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);  
126 - Assert.assertNotNull(savedTenant);  
127 -  
128 - User tenantAdmin = new User();  
129 - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);  
130 - tenantAdmin.setTenantId(savedTenant.getId());  
131 - tenantAdmin.setEmail("tenant2@thingsboard.org");  
132 - tenantAdmin.setFirstName("Joe");  
133 - tenantAdmin.setLastName("Downs");  
134 -  
135 - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");  
136 -  
137 Customer customer = new Customer(); 125 Customer customer = new Customer();
138 customer.setTitle("My customer"); 126 customer.setTitle("My customer");
139 Customer savedCustomer = doPost("/api/customer", customer, Customer.class); 127 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
140 -  
141 - doDelete("/api/customer/"+savedCustomer.getId().getId().toString())  
142 - .andExpect(status().isOk());  
143 128
144 - doGet("/api/customer/"+savedCustomer.getId().getId().toString())  
145 - .andExpect(status().isNotFound());  
146 -  
147 - loginSysAdmin();  
148 -  
149 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
150 - .andExpect(status().isOk()); 129 + doDelete("/api/customer/" + savedCustomer.getId().getId().toString())
  130 + .andExpect(status().isOk());
  131 +
  132 + doGet("/api/customer/" + savedCustomer.getId().getId().toString())
  133 + .andExpect(status().isNotFound());
151 } 134 }
152 - 135 +
153 @Test 136 @Test
154 public void testSaveCustomerWithEmptyTitle() throws Exception { 137 public void testSaveCustomerWithEmptyTitle() throws Exception {
155 -  
156 - loginSysAdmin();  
157 -  
158 - Tenant tenant = new Tenant();  
159 - tenant.setTitle("My tenant");  
160 - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);  
161 - Assert.assertNotNull(savedTenant);  
162 -  
163 - User tenantAdmin = new User();  
164 - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);  
165 - tenantAdmin.setTenantId(savedTenant.getId());  
166 - tenantAdmin.setEmail("tenant2@thingsboard.org");  
167 - tenantAdmin.setFirstName("Joe");  
168 - tenantAdmin.setLastName("Downs");  
169 -  
170 - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");  
171 -  
172 Customer customer = new Customer(); 138 Customer customer = new Customer();
173 doPost("/api/customer", customer) 139 doPost("/api/customer", customer)
174 - .andExpect(status().isBadRequest())  
175 - .andExpect(statusReason(containsString("Customer title should be specified")));  
176 -  
177 - loginSysAdmin();  
178 -  
179 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
180 - .andExpect(status().isOk()); 140 + .andExpect(status().isBadRequest())
  141 + .andExpect(statusReason(containsString("Customer title should be specified")));
181 } 142 }
182 - 143 +
183 @Test 144 @Test
184 public void testSaveCustomerWithInvalidEmail() throws Exception { 145 public void testSaveCustomerWithInvalidEmail() throws Exception {
185 -  
186 - loginSysAdmin();  
187 -  
188 - Tenant tenant = new Tenant();  
189 - tenant.setTitle("My tenant");  
190 - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);  
191 - Assert.assertNotNull(savedTenant);  
192 -  
193 - User tenantAdmin = new User();  
194 - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);  
195 - tenantAdmin.setTenantId(savedTenant.getId());  
196 - tenantAdmin.setEmail("tenant2@thingsboard.org");  
197 - tenantAdmin.setFirstName("Joe");  
198 - tenantAdmin.setLastName("Downs");  
199 -  
200 - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");  
201 -  
202 Customer customer = new Customer(); 146 Customer customer = new Customer();
203 customer.setTitle("My customer"); 147 customer.setTitle("My customer");
204 customer.setEmail("invalid@mail"); 148 customer.setEmail("invalid@mail");
205 doPost("/api/customer", customer) 149 doPost("/api/customer", customer)
206 - .andExpect(status().isBadRequest())  
207 - .andExpect(statusReason(containsString("Invalid email address format 'invalid@mail'")));  
208 -  
209 - loginSysAdmin();  
210 -  
211 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
212 - .andExpect(status().isOk()); 150 + .andExpect(status().isBadRequest())
  151 + .andExpect(statusReason(containsString("Invalid email address format 'invalid@mail'")));
  152 +
  153 +// loginSysAdmin();
  154 +//
  155 +// doDelete("/api/tenant/"+savedTenant.getId().getId().toString())
  156 +// .andExpect(status().isOk());
213 } 157 }
214 - 158 +
215 @Test 159 @Test
216 public void testFindCustomers() throws Exception { 160 public void testFindCustomers() throws Exception {
217 - loginSysAdmin();  
218 -  
219 - Tenant tenant = new Tenant();  
220 - tenant.setTitle("My tenant");  
221 - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);  
222 - Assert.assertNotNull(savedTenant);  
223 -  
224 TenantId tenantId = savedTenant.getId(); 161 TenantId tenantId = savedTenant.getId();
225 -  
226 - User tenantAdmin = new User();  
227 - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);  
228 - tenantAdmin.setTenantId(tenantId);  
229 - tenantAdmin.setEmail("tenant2@thingsboard.org");  
230 - tenantAdmin.setFirstName("Joe");  
231 - tenantAdmin.setLastName("Downs");  
232 -  
233 - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");  
234 - 162 +
235 List<Customer> customers = new ArrayList<>(); 163 List<Customer> customers = new ArrayList<>();
236 - for (int i=0;i<135;i++) { 164 + for (int i = 0; i < 135; i++) {
237 Customer customer = new Customer(); 165 Customer customer = new Customer();
238 customer.setTenantId(tenantId); 166 customer.setTenantId(tenantId);
239 - customer.setTitle("Customer"+i); 167 + customer.setTitle("Customer" + i);
240 customers.add(doPost("/api/customer", customer, Customer.class)); 168 customers.add(doPost("/api/customer", customer, Customer.class));
241 } 169 }
242 - 170 +
243 List<Customer> loadedCustomers = new ArrayList<>(); 171 List<Customer> loadedCustomers = new ArrayList<>();
244 TextPageLink pageLink = new TextPageLink(23); 172 TextPageLink pageLink = new TextPageLink(23);
245 TextPageData<Customer> pageData = null; 173 TextPageData<Customer> pageData = null;
246 do { 174 do {
247 - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink); 175 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  176 + }, pageLink);
248 loadedCustomers.addAll(pageData.getData()); 177 loadedCustomers.addAll(pageData.getData());
249 if (pageData.hasNext()) { 178 if (pageData.hasNext()) {
250 pageLink = pageData.getNextPageLink(); 179 pageLink = pageData.getNextPageLink();
251 } 180 }
252 } while (pageData.hasNext()); 181 } while (pageData.hasNext());
253 - 182 +
254 Collections.sort(customers, idComparator); 183 Collections.sort(customers, idComparator);
255 Collections.sort(loadedCustomers, idComparator); 184 Collections.sort(loadedCustomers, idComparator);
256 - 185 +
257 Assert.assertEquals(customers, loadedCustomers); 186 Assert.assertEquals(customers, loadedCustomers);
258 -  
259 - loginSysAdmin();  
260 -  
261 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
262 - .andExpect(status().isOk());  
263 } 187 }
264 - 188 +
265 @Test 189 @Test
266 public void testFindCustomersByTitle() throws Exception { 190 public void testFindCustomersByTitle() throws Exception {
267 -  
268 - loginSysAdmin();  
269 -  
270 - Tenant tenant = new Tenant();  
271 - tenant.setTitle("My tenant");  
272 - Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);  
273 - Assert.assertNotNull(savedTenant);  
274 -  
275 TenantId tenantId = savedTenant.getId(); 191 TenantId tenantId = savedTenant.getId();
276 -  
277 - User tenantAdmin = new User();  
278 - tenantAdmin.setAuthority(Authority.TENANT_ADMIN);  
279 - tenantAdmin.setTenantId(tenantId);  
280 - tenantAdmin.setEmail("tenant2@thingsboard.org");  
281 - tenantAdmin.setFirstName("Joe");  
282 - tenantAdmin.setLastName("Downs");  
283 -  
284 - tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");  
285 - 192 +
286 String title1 = "Customer title 1"; 193 String title1 = "Customer title 1";
287 List<Customer> customersTitle1 = new ArrayList<>(); 194 List<Customer> customersTitle1 = new ArrayList<>();
288 - for (int i=0;i<143;i++) { 195 + for (int i = 0; i < 143; i++) {
289 Customer customer = new Customer(); 196 Customer customer = new Customer();
290 customer.setTenantId(tenantId); 197 customer.setTenantId(tenantId);
291 - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));  
292 - String title = title1+suffix; 198 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  199 + String title = title1 + suffix;
293 title = i % 2 == 0 ? title.toLowerCase() : title.toUpperCase(); 200 title = i % 2 == 0 ? title.toLowerCase() : title.toUpperCase();
294 customer.setTitle(title); 201 customer.setTitle(title);
295 customersTitle1.add(doPost("/api/customer", customer, Customer.class)); 202 customersTitle1.add(doPost("/api/customer", customer, Customer.class));
296 } 203 }
297 String title2 = "Customer title 2"; 204 String title2 = "Customer title 2";
298 List<Customer> customersTitle2 = new ArrayList<>(); 205 List<Customer> customersTitle2 = new ArrayList<>();
299 - for (int i=0;i<175;i++) { 206 + for (int i = 0; i < 175; i++) {
300 Customer customer = new Customer(); 207 Customer customer = new Customer();
301 customer.setTenantId(tenantId); 208 customer.setTenantId(tenantId);
302 - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));  
303 - String title = title2+suffix; 209 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  210 + String title = title2 + suffix;
304 title = i % 2 == 0 ? title.toLowerCase() : title.toUpperCase(); 211 title = i % 2 == 0 ? title.toLowerCase() : title.toUpperCase();
305 customer.setTitle(title); 212 customer.setTitle(title);
306 customersTitle2.add(doPost("/api/customer", customer, Customer.class)); 213 customersTitle2.add(doPost("/api/customer", customer, Customer.class));
307 } 214 }
308 - 215 +
309 List<Customer> loadedCustomersTitle1 = new ArrayList<>(); 216 List<Customer> loadedCustomersTitle1 = new ArrayList<>();
310 TextPageLink pageLink = new TextPageLink(15, title1); 217 TextPageLink pageLink = new TextPageLink(15, title1);
311 TextPageData<Customer> pageData = null; 218 TextPageData<Customer> pageData = null;
312 do { 219 do {
313 - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink); 220 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  221 + }, pageLink);
314 loadedCustomersTitle1.addAll(pageData.getData()); 222 loadedCustomersTitle1.addAll(pageData.getData());
315 if (pageData.hasNext()) { 223 if (pageData.hasNext()) {
316 pageLink = pageData.getNextPageLink(); 224 pageLink = pageData.getNextPageLink();
317 } 225 }
318 } while (pageData.hasNext()); 226 } while (pageData.hasNext());
319 - 227 +
320 Collections.sort(customersTitle1, idComparator); 228 Collections.sort(customersTitle1, idComparator);
321 Collections.sort(loadedCustomersTitle1, idComparator); 229 Collections.sort(loadedCustomersTitle1, idComparator);
322 - 230 +
323 Assert.assertEquals(customersTitle1, loadedCustomersTitle1); 231 Assert.assertEquals(customersTitle1, loadedCustomersTitle1);
324 - 232 +
325 List<Customer> loadedCustomersTitle2 = new ArrayList<>(); 233 List<Customer> loadedCustomersTitle2 = new ArrayList<>();
326 pageLink = new TextPageLink(4, title2); 234 pageLink = new TextPageLink(4, title2);
327 do { 235 do {
328 - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink); 236 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  237 + }, pageLink);
329 loadedCustomersTitle2.addAll(pageData.getData()); 238 loadedCustomersTitle2.addAll(pageData.getData());
330 if (pageData.hasNext()) { 239 if (pageData.hasNext()) {
331 pageLink = pageData.getNextPageLink(); 240 pageLink = pageData.getNextPageLink();
@@ -334,33 +243,30 @@ public abstract class BaseCustomerControllerTest extends AbstractControllerTest @@ -334,33 +243,30 @@ public abstract class BaseCustomerControllerTest extends AbstractControllerTest
334 243
335 Collections.sort(customersTitle2, idComparator); 244 Collections.sort(customersTitle2, idComparator);
336 Collections.sort(loadedCustomersTitle2, idComparator); 245 Collections.sort(loadedCustomersTitle2, idComparator);
337 - 246 +
338 Assert.assertEquals(customersTitle2, loadedCustomersTitle2); 247 Assert.assertEquals(customersTitle2, loadedCustomersTitle2);
339 - 248 +
340 for (Customer customer : loadedCustomersTitle1) { 249 for (Customer customer : loadedCustomersTitle1) {
341 - doDelete("/api/customer/"+customer.getId().getId().toString())  
342 - .andExpect(status().isOk()); 250 + doDelete("/api/customer/" + customer.getId().getId().toString())
  251 + .andExpect(status().isOk());
343 } 252 }
344 - 253 +
345 pageLink = new TextPageLink(4, title1); 254 pageLink = new TextPageLink(4, title1);
346 - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink); 255 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  256 + }, pageLink);
347 Assert.assertFalse(pageData.hasNext()); 257 Assert.assertFalse(pageData.hasNext());
348 Assert.assertEquals(0, pageData.getData().size()); 258 Assert.assertEquals(0, pageData.getData().size());
349 - 259 +
350 for (Customer customer : loadedCustomersTitle2) { 260 for (Customer customer : loadedCustomersTitle2) {
351 - doDelete("/api/customer/"+customer.getId().getId().toString())  
352 - .andExpect(status().isOk()); 261 + doDelete("/api/customer/" + customer.getId().getId().toString())
  262 + .andExpect(status().isOk());
353 } 263 }
354 - 264 +
355 pageLink = new TextPageLink(4, title2); 265 pageLink = new TextPageLink(4, title2);
356 - pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>(){}, pageLink); 266 + pageData = doGetTypedWithPageLink("/api/customers?", new TypeReference<TextPageData<Customer>>() {
  267 + }, pageLink);
357 Assert.assertFalse(pageData.hasNext()); 268 Assert.assertFalse(pageData.hasNext());
358 Assert.assertEquals(0, pageData.getData().size()); 269 Assert.assertEquals(0, pageData.getData().size());
359 -  
360 - loginSysAdmin();  
361 -  
362 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
363 - .andExpect(status().isOk());  
364 } 270 }
365 - 271 +
366 } 272 }
@@ -16,10 +16,8 @@ @@ -16,10 +16,8 @@
16 package org.thingsboard.server.controller; 16 package org.thingsboard.server.controller;
17 17
18 import static org.hamcrest.Matchers.containsString; 18 import static org.hamcrest.Matchers.containsString;
19 -import static org.thingsboard.server.dao.model.ModelConstants.NULL_UUID;  
20 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; 19 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
21 20
22 -import java.sql.Time;  
23 import java.util.ArrayList; 21 import java.util.ArrayList;
24 import java.util.Collections; 22 import java.util.Collections;
25 import java.util.List; 23 import java.util.List;
@@ -33,7 +31,6 @@ import org.thingsboard.server.common.data.page.TextPageLink; @@ -33,7 +31,6 @@ import org.thingsboard.server.common.data.page.TextPageLink;
33 import org.thingsboard.server.common.data.page.TimePageData; 31 import org.thingsboard.server.common.data.page.TimePageData;
34 import org.thingsboard.server.common.data.page.TimePageLink; 32 import org.thingsboard.server.common.data.page.TimePageLink;
35 import org.thingsboard.server.common.data.security.Authority; 33 import org.thingsboard.server.common.data.security.Authority;
36 -import org.thingsboard.server.dao.model.ModelConstants;  
37 import org.junit.After; 34 import org.junit.After;
38 import org.junit.Assert; 35 import org.junit.Assert;
39 import org.junit.Before; 36 import org.junit.Before;
@@ -93,6 +90,17 @@ public abstract class BaseDashboardControllerTest extends AbstractControllerTest @@ -93,6 +90,17 @@ public abstract class BaseDashboardControllerTest extends AbstractControllerTest
93 Dashboard foundDashboard = doGet("/api/dashboard/" + savedDashboard.getId().getId().toString(), Dashboard.class); 90 Dashboard foundDashboard = doGet("/api/dashboard/" + savedDashboard.getId().getId().toString(), Dashboard.class);
94 Assert.assertEquals(foundDashboard.getTitle(), savedDashboard.getTitle()); 91 Assert.assertEquals(foundDashboard.getTitle(), savedDashboard.getTitle());
95 } 92 }
  93 +
  94 + @Test
  95 + public void testUpdateDashboardFromDifferentTenant() throws Exception {
  96 + Dashboard dashboard = new Dashboard();
  97 + dashboard.setTitle("My dashboard");
  98 + Dashboard savedDashboard = doPost("/api/dashboard", dashboard, Dashboard.class);
  99 +
  100 + loginDifferentTenant();
  101 + doPost("/api/dashboard", savedDashboard, Dashboard.class, status().isForbidden());
  102 + deleteDifferentTenant();
  103 + }
96 104
97 @Test 105 @Test
98 public void testFindDashboardById() throws Exception { 106 public void testFindDashboardById() throws Exception {
@@ -107,6 +107,17 @@ public abstract class BaseDeviceControllerTest extends AbstractControllerTest { @@ -107,6 +107,17 @@ public abstract class BaseDeviceControllerTest extends AbstractControllerTest {
107 Device foundDevice = doGet("/api/device/" + savedDevice.getId().getId().toString(), Device.class); 107 Device foundDevice = doGet("/api/device/" + savedDevice.getId().getId().toString(), Device.class);
108 Assert.assertEquals(foundDevice.getName(), savedDevice.getName()); 108 Assert.assertEquals(foundDevice.getName(), savedDevice.getName());
109 } 109 }
  110 +
  111 + @Test
  112 + public void testUpdateDeviceFromDifferentTenant() throws Exception {
  113 + Device device = new Device();
  114 + device.setName("My device");
  115 + device.setType("default");
  116 + Device savedDevice = doPost("/api/device", device, Device.class);
  117 + loginDifferentTenant();
  118 + doPost("/api/device", savedDevice, Device.class, status().isForbidden());
  119 + deleteDifferentTenant();
  120 + }
110 121
111 @Test 122 @Test
112 public void testFindDeviceById() throws Exception { 123 public void testFindDeviceById() throws Exception {
@@ -25,7 +25,6 @@ import org.eclipse.paho.client.mqttv3.MqttMessage; @@ -25,7 +25,6 @@ import org.eclipse.paho.client.mqttv3.MqttMessage;
25 import org.junit.After; 25 import org.junit.After;
26 import org.junit.Assert; 26 import org.junit.Assert;
27 import org.junit.Before; 27 import org.junit.Before;
28 -import org.junit.Ignore;  
29 import org.junit.Test; 28 import org.junit.Test;
30 import org.thingsboard.server.common.data.Customer; 29 import org.thingsboard.server.common.data.Customer;
31 import org.thingsboard.server.common.data.Device; 30 import org.thingsboard.server.common.data.Device;
@@ -132,6 +131,15 @@ public abstract class BaseEntityViewControllerTest extends AbstractControllerTes @@ -132,6 +131,15 @@ public abstract class BaseEntityViewControllerTest extends AbstractControllerTes
132 assertEquals(foundEntityView.getKeys(), telemetry); 131 assertEquals(foundEntityView.getKeys(), telemetry);
133 } 132 }
134 133
  134 +
  135 + @Test
  136 + public void testUpdateEntityViewFromDifferentTenant() throws Exception {
  137 + EntityView savedView = getNewSavedEntityView("Test entity view");
  138 + loginDifferentTenant();
  139 + doPost("/api/entityView", savedView, EntityView.class, status().isForbidden());
  140 + deleteDifferentTenant();
  141 + }
  142 +
135 @Test 143 @Test
136 public void testDeleteEntityView() throws Exception { 144 public void testDeleteEntityView() throws Exception {
137 EntityView view = getNewSavedEntityView("Test entity view"); 145 EntityView view = getNewSavedEntityView("Test entity view");
@@ -38,21 +38,23 @@ import java.util.List; @@ -38,21 +38,23 @@ import java.util.List;
38 38
39 import static org.hamcrest.Matchers.containsString; 39 import static org.hamcrest.Matchers.containsString;
40 import static org.hamcrest.Matchers.is; 40 import static org.hamcrest.Matchers.is;
41 -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; 41 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
  42 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
  43 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
42 44
43 public abstract class BaseUserControllerTest extends AbstractControllerTest { 45 public abstract class BaseUserControllerTest extends AbstractControllerTest {
44 - 46 +
45 private IdComparator<User> idComparator = new IdComparator<>(); 47 private IdComparator<User> idComparator = new IdComparator<>();
46 48
47 @Test 49 @Test
48 public void testSaveUser() throws Exception { 50 public void testSaveUser() throws Exception {
49 loginSysAdmin(); 51 loginSysAdmin();
50 - 52 +
51 Tenant tenant = new Tenant(); 53 Tenant tenant = new Tenant();
52 tenant.setTitle("My tenant"); 54 tenant.setTitle("My tenant");
53 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 55 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
54 Assert.assertNotNull(savedTenant); 56 Assert.assertNotNull(savedTenant);
55 - 57 +
56 String email = "tenant2@thingsboard.org"; 58 String email = "tenant2@thingsboard.org";
57 User user = new User(); 59 User user = new User();
58 user.setAuthority(Authority.TENANT_ADMIN); 60 user.setAuthority(Authority.TENANT_ADMIN);
@@ -66,13 +68,13 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -66,13 +68,13 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
66 Assert.assertTrue(savedUser.getCreatedTime() > 0); 68 Assert.assertTrue(savedUser.getCreatedTime() > 0);
67 Assert.assertEquals(user.getEmail(), savedUser.getEmail()); 69 Assert.assertEquals(user.getEmail(), savedUser.getEmail());
68 70
69 - User foundUser = doGet("/api/user/"+savedUser.getId().getId().toString(), User.class); 71 + User foundUser = doGet("/api/user/" + savedUser.getId().getId().toString(), User.class);
70 Assert.assertEquals(foundUser, savedUser); 72 Assert.assertEquals(foundUser, savedUser);
71 - 73 +
72 logout(); 74 logout();
73 doGet("/api/noauth/activate?activateToken={activateToken}", TestMailService.currentActivateToken) 75 doGet("/api/noauth/activate?activateToken={activateToken}", TestMailService.currentActivateToken)
74 - .andExpect(status().isSeeOther())  
75 - .andExpect(header().string(HttpHeaders.LOCATION, "/login/createPassword?activateToken=" + TestMailService.currentActivateToken)); 76 + .andExpect(status().isSeeOther())
  77 + .andExpect(header().string(HttpHeaders.LOCATION, "/login/createPassword?activateToken=" + TestMailService.currentActivateToken));
76 78
77 JsonNode activateRequest = new ObjectMapper().createObjectNode() 79 JsonNode activateRequest = new ObjectMapper().createObjectNode()
78 .put("activateToken", TestMailService.currentActivateToken) 80 .put("activateToken", TestMailService.currentActivateToken)
@@ -82,36 +84,61 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -82,36 +84,61 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
82 validateAndSetJwtToken(tokenInfo, email); 84 validateAndSetJwtToken(tokenInfo, email);
83 85
84 doGet("/api/auth/user") 86 doGet("/api/auth/user")
85 - .andExpect(status().isOk())  
86 - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))  
87 - .andExpect(jsonPath("$.email",is(email)));  
88 - 87 + .andExpect(status().isOk())
  88 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  89 + .andExpect(jsonPath("$.email", is(email)));
  90 +
89 logout(); 91 logout();
90 - 92 +
91 login(email, "testPassword"); 93 login(email, "testPassword");
92 - 94 +
93 doGet("/api/auth/user") 95 doGet("/api/auth/user")
94 - .andExpect(status().isOk())  
95 - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))  
96 - .andExpect(jsonPath("$.email",is(email)));  
97 - 96 + .andExpect(status().isOk())
  97 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  98 + .andExpect(jsonPath("$.email", is(email)));
  99 +
98 loginSysAdmin(); 100 loginSysAdmin();
99 - doDelete("/api/user/"+savedUser.getId().getId().toString())  
100 - .andExpect(status().isOk());  
101 -  
102 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
103 - .andExpect(status().isOk()); 101 + doDelete("/api/user/" + savedUser.getId().getId().toString())
  102 + .andExpect(status().isOk());
  103 +
  104 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  105 + .andExpect(status().isOk());
104 } 106 }
105 - 107 +
  108 + @Test
  109 + public void testUpdateUserFromDifferentTenant() throws Exception {
  110 + loginSysAdmin();
  111 + Tenant tenant = new Tenant();
  112 + tenant.setTitle("My tenant");
  113 + Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
  114 + Assert.assertNotNull(savedTenant);
  115 +
  116 + User tenantAdmin = new User();
  117 + tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
  118 + tenantAdmin.setTenantId(savedTenant.getId());
  119 + tenantAdmin.setEmail("tenant2@thingsboard.org");
  120 + tenantAdmin.setFirstName("Joe");
  121 + tenantAdmin.setLastName("Downs");
  122 + tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
  123 +
  124 + loginDifferentTenant();
  125 + doPost("/api/user", tenantAdmin, User.class, status().isForbidden());
  126 + deleteDifferentTenant();
  127 +
  128 + loginSysAdmin();
  129 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  130 + .andExpect(status().isOk());
  131 + }
  132 +
106 @Test 133 @Test
107 public void testResetPassword() throws Exception { 134 public void testResetPassword() throws Exception {
108 loginSysAdmin(); 135 loginSysAdmin();
109 - 136 +
110 Tenant tenant = new Tenant(); 137 Tenant tenant = new Tenant();
111 tenant.setTitle("My tenant"); 138 tenant.setTitle("My tenant");
112 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 139 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
113 Assert.assertNotNull(savedTenant); 140 Assert.assertNotNull(savedTenant);
114 - 141 +
115 String email = "tenant2@thingsboard.org"; 142 String email = "tenant2@thingsboard.org";
116 User user = new User(); 143 User user = new User();
117 user.setAuthority(Authority.TENANT_ADMIN); 144 user.setAuthority(Authority.TENANT_ADMIN);
@@ -119,7 +146,7 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -119,7 +146,7 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
119 user.setEmail(email); 146 user.setEmail(email);
120 user.setFirstName("Joe"); 147 user.setFirstName("Joe");
121 user.setLastName("Downs"); 148 user.setLastName("Downs");
122 - 149 +
123 User savedUser = createUserAndLogin(user, "testPassword1"); 150 User savedUser = createUserAndLogin(user, "testPassword1");
124 logout(); 151 logout();
125 152
@@ -127,10 +154,10 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -127,10 +154,10 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
127 .put("email", email); 154 .put("email", email);
128 155
129 doPost("/api/noauth/resetPasswordByEmail", resetPasswordByEmailRequest) 156 doPost("/api/noauth/resetPasswordByEmail", resetPasswordByEmailRequest)
130 - .andExpect(status().isOk()); 157 + .andExpect(status().isOk());
131 doGet("/api/noauth/resetPassword?resetToken={resetToken}", TestMailService.currentResetPasswordToken) 158 doGet("/api/noauth/resetPassword?resetToken={resetToken}", TestMailService.currentResetPasswordToken)
132 - .andExpect(status().isSeeOther())  
133 - .andExpect(header().string(HttpHeaders.LOCATION, "/login/resetPassword?resetToken=" + TestMailService.currentResetPasswordToken)); 159 + .andExpect(status().isSeeOther())
  160 + .andExpect(header().string(HttpHeaders.LOCATION, "/login/resetPassword?resetToken=" + TestMailService.currentResetPasswordToken));
134 161
135 JsonNode resetPasswordRequest = new ObjectMapper().createObjectNode() 162 JsonNode resetPasswordRequest = new ObjectMapper().createObjectNode()
136 .put("resetToken", TestMailService.currentResetPasswordToken) 163 .put("resetToken", TestMailService.currentResetPasswordToken)
@@ -140,35 +167,35 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -140,35 +167,35 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
140 validateAndSetJwtToken(tokenInfo, email); 167 validateAndSetJwtToken(tokenInfo, email);
141 168
142 doGet("/api/auth/user") 169 doGet("/api/auth/user")
143 - .andExpect(status().isOk())  
144 - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))  
145 - .andExpect(jsonPath("$.email",is(email)));  
146 - 170 + .andExpect(status().isOk())
  171 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  172 + .andExpect(jsonPath("$.email", is(email)));
  173 +
147 logout(); 174 logout();
148 - 175 +
149 login(email, "testPassword2"); 176 login(email, "testPassword2");
150 doGet("/api/auth/user") 177 doGet("/api/auth/user")
151 - .andExpect(status().isOk())  
152 - .andExpect(jsonPath("$.authority",is(Authority.TENANT_ADMIN.name())))  
153 - .andExpect(jsonPath("$.email",is(email)));  
154 - 178 + .andExpect(status().isOk())
  179 + .andExpect(jsonPath("$.authority", is(Authority.TENANT_ADMIN.name())))
  180 + .andExpect(jsonPath("$.email", is(email)));
  181 +
155 loginSysAdmin(); 182 loginSysAdmin();
156 - doDelete("/api/user/"+savedUser.getId().getId().toString())  
157 - .andExpect(status().isOk());  
158 -  
159 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
160 - .andExpect(status().isOk()); 183 + doDelete("/api/user/" + savedUser.getId().getId().toString())
  184 + .andExpect(status().isOk());
  185 +
  186 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  187 + .andExpect(status().isOk());
161 } 188 }
162 - 189 +
163 @Test 190 @Test
164 public void testFindUserById() throws Exception { 191 public void testFindUserById() throws Exception {
165 loginSysAdmin(); 192 loginSysAdmin();
166 - 193 +
167 Tenant tenant = new Tenant(); 194 Tenant tenant = new Tenant();
168 tenant.setTitle("My tenant"); 195 tenant.setTitle("My tenant");
169 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 196 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
170 Assert.assertNotNull(savedTenant); 197 Assert.assertNotNull(savedTenant);
171 - 198 +
172 String email = "tenant2@thingsboard.org"; 199 String email = "tenant2@thingsboard.org";
173 User user = new User(); 200 User user = new User();
174 user.setAuthority(Authority.TENANT_ADMIN); 201 user.setAuthority(Authority.TENANT_ADMIN);
@@ -176,25 +203,25 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -176,25 +203,25 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
176 user.setEmail(email); 203 user.setEmail(email);
177 user.setFirstName("Joe"); 204 user.setFirstName("Joe");
178 user.setLastName("Downs"); 205 user.setLastName("Downs");
179 - 206 +
180 User savedUser = doPost("/api/user", user, User.class); 207 User savedUser = doPost("/api/user", user, User.class);
181 - User foundUser = doGet("/api/user/"+savedUser.getId().getId().toString(), User.class); 208 + User foundUser = doGet("/api/user/" + savedUser.getId().getId().toString(), User.class);
182 Assert.assertNotNull(foundUser); 209 Assert.assertNotNull(foundUser);
183 Assert.assertEquals(savedUser, foundUser); 210 Assert.assertEquals(savedUser, foundUser);
184 -  
185 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
186 - .andExpect(status().isOk()); 211 +
  212 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  213 + .andExpect(status().isOk());
187 } 214 }
188 - 215 +
189 @Test 216 @Test
190 public void testSaveUserWithSameEmail() throws Exception { 217 public void testSaveUserWithSameEmail() throws Exception {
191 loginSysAdmin(); 218 loginSysAdmin();
192 - 219 +
193 Tenant tenant = new Tenant(); 220 Tenant tenant = new Tenant();
194 tenant.setTitle("My tenant"); 221 tenant.setTitle("My tenant");
195 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 222 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
196 Assert.assertNotNull(savedTenant); 223 Assert.assertNotNull(savedTenant);
197 - 224 +
198 String email = TENANT_ADMIN_EMAIL; 225 String email = TENANT_ADMIN_EMAIL;
199 User user = new User(); 226 User user = new User();
200 user.setAuthority(Authority.TENANT_ADMIN); 227 user.setAuthority(Authority.TENANT_ADMIN);
@@ -202,24 +229,24 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -202,24 +229,24 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
202 user.setEmail(email); 229 user.setEmail(email);
203 user.setFirstName("Joe"); 230 user.setFirstName("Joe");
204 user.setLastName("Downs"); 231 user.setLastName("Downs");
205 - 232 +
206 doPost("/api/user", user) 233 doPost("/api/user", user)
207 - .andExpect(status().isBadRequest())  
208 - .andExpect(statusReason(containsString("User with email '" + email + "' already present in database")));  
209 -  
210 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
211 - .andExpect(status().isOk()); 234 + .andExpect(status().isBadRequest())
  235 + .andExpect(statusReason(containsString("User with email '" + email + "' already present in database")));
  236 +
  237 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  238 + .andExpect(status().isOk());
212 } 239 }
213 - 240 +
214 @Test 241 @Test
215 public void testSaveUserWithInvalidEmail() throws Exception { 242 public void testSaveUserWithInvalidEmail() throws Exception {
216 loginSysAdmin(); 243 loginSysAdmin();
217 - 244 +
218 Tenant tenant = new Tenant(); 245 Tenant tenant = new Tenant();
219 tenant.setTitle("My tenant"); 246 tenant.setTitle("My tenant");
220 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 247 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
221 Assert.assertNotNull(savedTenant); 248 Assert.assertNotNull(savedTenant);
222 - 249 +
223 String email = "tenant_thingsboard.org"; 250 String email = "tenant_thingsboard.org";
224 User user = new User(); 251 User user = new User();
225 user.setAuthority(Authority.TENANT_ADMIN); 252 user.setAuthority(Authority.TENANT_ADMIN);
@@ -227,62 +254,62 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -227,62 +254,62 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
227 user.setEmail(email); 254 user.setEmail(email);
228 user.setFirstName("Joe"); 255 user.setFirstName("Joe");
229 user.setLastName("Downs"); 256 user.setLastName("Downs");
230 - 257 +
231 doPost("/api/user", user) 258 doPost("/api/user", user)
232 - .andExpect(status().isBadRequest())  
233 - .andExpect(statusReason(containsString("Invalid email address format '" + email + "'")));  
234 -  
235 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
236 - .andExpect(status().isOk()); 259 + .andExpect(status().isBadRequest())
  260 + .andExpect(statusReason(containsString("Invalid email address format '" + email + "'")));
  261 +
  262 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  263 + .andExpect(status().isOk());
237 } 264 }
238 - 265 +
239 @Test 266 @Test
240 public void testSaveUserWithEmptyEmail() throws Exception { 267 public void testSaveUserWithEmptyEmail() throws Exception {
241 loginSysAdmin(); 268 loginSysAdmin();
242 - 269 +
243 Tenant tenant = new Tenant(); 270 Tenant tenant = new Tenant();
244 tenant.setTitle("My tenant"); 271 tenant.setTitle("My tenant");
245 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 272 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
246 Assert.assertNotNull(savedTenant); 273 Assert.assertNotNull(savedTenant);
247 - 274 +
248 User user = new User(); 275 User user = new User();
249 user.setAuthority(Authority.TENANT_ADMIN); 276 user.setAuthority(Authority.TENANT_ADMIN);
250 user.setTenantId(savedTenant.getId()); 277 user.setTenantId(savedTenant.getId());
251 user.setFirstName("Joe"); 278 user.setFirstName("Joe");
252 user.setLastName("Downs"); 279 user.setLastName("Downs");
253 - 280 +
254 doPost("/api/user", user) 281 doPost("/api/user", user)
255 - .andExpect(status().isBadRequest())  
256 - .andExpect(statusReason(containsString("User email should be specified")));  
257 -  
258 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
259 - .andExpect(status().isOk()); 282 + .andExpect(status().isBadRequest())
  283 + .andExpect(statusReason(containsString("User email should be specified")));
  284 +
  285 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  286 + .andExpect(status().isOk());
260 } 287 }
261 - 288 +
262 @Test 289 @Test
263 public void testSaveUserWithoutTenant() throws Exception { 290 public void testSaveUserWithoutTenant() throws Exception {
264 loginSysAdmin(); 291 loginSysAdmin();
265 - 292 +
266 User user = new User(); 293 User user = new User();
267 user.setAuthority(Authority.TENANT_ADMIN); 294 user.setAuthority(Authority.TENANT_ADMIN);
268 user.setEmail("tenant2@thingsboard.org"); 295 user.setEmail("tenant2@thingsboard.org");
269 user.setFirstName("Joe"); 296 user.setFirstName("Joe");
270 user.setLastName("Downs"); 297 user.setLastName("Downs");
271 - 298 +
272 doPost("/api/user", user) 299 doPost("/api/user", user)
273 - .andExpect(status().isBadRequest())  
274 - .andExpect(statusReason(containsString("Tenant administrator should be assigned to tenant"))); 300 + .andExpect(status().isBadRequest())
  301 + .andExpect(statusReason(containsString("Tenant administrator should be assigned to tenant")));
275 } 302 }
276 - 303 +
277 @Test 304 @Test
278 public void testDeleteUser() throws Exception { 305 public void testDeleteUser() throws Exception {
279 loginSysAdmin(); 306 loginSysAdmin();
280 - 307 +
281 Tenant tenant = new Tenant(); 308 Tenant tenant = new Tenant();
282 tenant.setTitle("My tenant"); 309 tenant.setTitle("My tenant");
283 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 310 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
284 Assert.assertNotNull(savedTenant); 311 Assert.assertNotNull(savedTenant);
285 - 312 +
286 String email = "tenant2@thingsboard.org"; 313 String email = "tenant2@thingsboard.org";
287 User user = new User(); 314 User user = new User();
288 user.setAuthority(Authority.TENANT_ADMIN); 315 user.setAuthority(Authority.TENANT_ADMIN);
@@ -290,176 +317,182 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -290,176 +317,182 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
290 user.setEmail(email); 317 user.setEmail(email);
291 user.setFirstName("Joe"); 318 user.setFirstName("Joe");
292 user.setLastName("Downs"); 319 user.setLastName("Downs");
293 - 320 +
294 User savedUser = doPost("/api/user", user, User.class); 321 User savedUser = doPost("/api/user", user, User.class);
295 - User foundUser = doGet("/api/user/"+savedUser.getId().getId().toString(), User.class); 322 + User foundUser = doGet("/api/user/" + savedUser.getId().getId().toString(), User.class);
296 Assert.assertNotNull(foundUser); 323 Assert.assertNotNull(foundUser);
297 -  
298 - doDelete("/api/user/"+savedUser.getId().getId().toString())  
299 - .andExpect(status().isOk());  
300 -  
301 - doGet("/api/user/"+savedUser.getId().getId().toString())  
302 - .andExpect(status().isNotFound());  
303 -  
304 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
305 - .andExpect(status().isOk()); 324 +
  325 + doDelete("/api/user/" + savedUser.getId().getId().toString())
  326 + .andExpect(status().isOk());
  327 +
  328 + doGet("/api/user/" + savedUser.getId().getId().toString())
  329 + .andExpect(status().isNotFound());
  330 +
  331 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  332 + .andExpect(status().isOk());
306 } 333 }
307 - 334 +
308 @Test 335 @Test
309 public void testFindTenantAdmins() throws Exception { 336 public void testFindTenantAdmins() throws Exception {
310 loginSysAdmin(); 337 loginSysAdmin();
311 - 338 +
312 Tenant tenant = new Tenant(); 339 Tenant tenant = new Tenant();
313 tenant.setTitle("My tenant"); 340 tenant.setTitle("My tenant");
314 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 341 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
315 Assert.assertNotNull(savedTenant); 342 Assert.assertNotNull(savedTenant);
316 - 343 +
317 TenantId tenantId = savedTenant.getId(); 344 TenantId tenantId = savedTenant.getId();
318 - 345 +
319 List<User> tenantAdmins = new ArrayList<>(); 346 List<User> tenantAdmins = new ArrayList<>();
320 - for (int i=0;i<64;i++) { 347 + for (int i = 0; i < 64; i++) {
321 User user = new User(); 348 User user = new User();
322 user.setAuthority(Authority.TENANT_ADMIN); 349 user.setAuthority(Authority.TENANT_ADMIN);
323 user.setTenantId(tenantId); 350 user.setTenantId(tenantId);
324 user.setEmail("testTenant" + i + "@thingsboard.org"); 351 user.setEmail("testTenant" + i + "@thingsboard.org");
325 tenantAdmins.add(doPost("/api/user", user, User.class)); 352 tenantAdmins.add(doPost("/api/user", user, User.class));
326 } 353 }
327 - 354 +
328 List<User> loadedTenantAdmins = new ArrayList<>(); 355 List<User> loadedTenantAdmins = new ArrayList<>();
329 TextPageLink pageLink = new TextPageLink(33); 356 TextPageLink pageLink = new TextPageLink(33);
330 TextPageData<User> pageData = null; 357 TextPageData<User> pageData = null;
331 do { 358 do {
332 - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",  
333 - new TypeReference<TextPageData<User>>(){}, pageLink); 359 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  360 + new TypeReference<TextPageData<User>>() {
  361 + }, pageLink);
334 loadedTenantAdmins.addAll(pageData.getData()); 362 loadedTenantAdmins.addAll(pageData.getData());
335 if (pageData.hasNext()) { 363 if (pageData.hasNext()) {
336 pageLink = pageData.getNextPageLink(); 364 pageLink = pageData.getNextPageLink();
337 } 365 }
338 } while (pageData.hasNext()); 366 } while (pageData.hasNext());
339 - 367 +
340 Collections.sort(tenantAdmins, idComparator); 368 Collections.sort(tenantAdmins, idComparator);
341 Collections.sort(loadedTenantAdmins, idComparator); 369 Collections.sort(loadedTenantAdmins, idComparator);
342 - 370 +
343 Assert.assertEquals(tenantAdmins, loadedTenantAdmins); 371 Assert.assertEquals(tenantAdmins, loadedTenantAdmins);
344 -  
345 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
346 - .andExpect(status().isOk());  
347 - 372 +
  373 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  374 + .andExpect(status().isOk());
  375 +
348 pageLink = new TextPageLink(33); 376 pageLink = new TextPageLink(33);
349 - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",  
350 - new TypeReference<TextPageData<User>>(){}, pageLink); 377 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  378 + new TypeReference<TextPageData<User>>() {
  379 + }, pageLink);
351 Assert.assertFalse(pageData.hasNext()); 380 Assert.assertFalse(pageData.hasNext());
352 Assert.assertTrue(pageData.getData().isEmpty()); 381 Assert.assertTrue(pageData.getData().isEmpty());
353 } 382 }
354 - 383 +
355 @Test 384 @Test
356 public void testFindTenantAdminsByEmail() throws Exception { 385 public void testFindTenantAdminsByEmail() throws Exception {
357 - 386 +
358 loginSysAdmin(); 387 loginSysAdmin();
359 - 388 +
360 Tenant tenant = new Tenant(); 389 Tenant tenant = new Tenant();
361 tenant.setTitle("My tenant"); 390 tenant.setTitle("My tenant");
362 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 391 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
363 Assert.assertNotNull(savedTenant); 392 Assert.assertNotNull(savedTenant);
364 - 393 +
365 TenantId tenantId = savedTenant.getId(); 394 TenantId tenantId = savedTenant.getId();
366 -  
367 - String email1 = "testEmail1"; 395 +
  396 + String email1 = "testEmail1";
368 List<User> tenantAdminsEmail1 = new ArrayList<>(); 397 List<User> tenantAdminsEmail1 = new ArrayList<>();
369 -  
370 - for (int i=0;i<124;i++) { 398 +
  399 + for (int i = 0; i < 124; i++) {
371 User user = new User(); 400 User user = new User();
372 user.setAuthority(Authority.TENANT_ADMIN); 401 user.setAuthority(Authority.TENANT_ADMIN);
373 user.setTenantId(tenantId); 402 user.setTenantId(tenantId);
374 - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));  
375 - String email = email1+suffix+ "@thingsboard.org"; 403 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  404 + String email = email1 + suffix + "@thingsboard.org";
376 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase(); 405 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
377 user.setEmail(email); 406 user.setEmail(email);
378 tenantAdminsEmail1.add(doPost("/api/user", user, User.class)); 407 tenantAdminsEmail1.add(doPost("/api/user", user, User.class));
379 } 408 }
380 -  
381 - String email2 = "testEmail2"; 409 +
  410 + String email2 = "testEmail2";
382 List<User> tenantAdminsEmail2 = new ArrayList<>(); 411 List<User> tenantAdminsEmail2 = new ArrayList<>();
383 -  
384 - for (int i=0;i<112;i++) { 412 +
  413 + for (int i = 0; i < 112; i++) {
385 User user = new User(); 414 User user = new User();
386 user.setAuthority(Authority.TENANT_ADMIN); 415 user.setAuthority(Authority.TENANT_ADMIN);
387 user.setTenantId(tenantId); 416 user.setTenantId(tenantId);
388 - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));  
389 - String email = email2+suffix+ "@thingsboard.org"; 417 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  418 + String email = email2 + suffix + "@thingsboard.org";
390 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase(); 419 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
391 user.setEmail(email); 420 user.setEmail(email);
392 tenantAdminsEmail2.add(doPost("/api/user", user, User.class)); 421 tenantAdminsEmail2.add(doPost("/api/user", user, User.class));
393 } 422 }
394 - 423 +
395 List<User> loadedTenantAdminsEmail1 = new ArrayList<>(); 424 List<User> loadedTenantAdminsEmail1 = new ArrayList<>();
396 TextPageLink pageLink = new TextPageLink(33, email1); 425 TextPageLink pageLink = new TextPageLink(33, email1);
397 TextPageData<User> pageData = null; 426 TextPageData<User> pageData = null;
398 do { 427 do {
399 - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",  
400 - new TypeReference<TextPageData<User>>(){}, pageLink); 428 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  429 + new TypeReference<TextPageData<User>>() {
  430 + }, pageLink);
401 loadedTenantAdminsEmail1.addAll(pageData.getData()); 431 loadedTenantAdminsEmail1.addAll(pageData.getData());
402 if (pageData.hasNext()) { 432 if (pageData.hasNext()) {
403 pageLink = pageData.getNextPageLink(); 433 pageLink = pageData.getNextPageLink();
404 } 434 }
405 } while (pageData.hasNext()); 435 } while (pageData.hasNext());
406 - 436 +
407 Collections.sort(tenantAdminsEmail1, idComparator); 437 Collections.sort(tenantAdminsEmail1, idComparator);
408 Collections.sort(loadedTenantAdminsEmail1, idComparator); 438 Collections.sort(loadedTenantAdminsEmail1, idComparator);
409 - 439 +
410 Assert.assertEquals(tenantAdminsEmail1, loadedTenantAdminsEmail1); 440 Assert.assertEquals(tenantAdminsEmail1, loadedTenantAdminsEmail1);
411 - 441 +
412 List<User> loadedTenantAdminsEmail2 = new ArrayList<>(); 442 List<User> loadedTenantAdminsEmail2 = new ArrayList<>();
413 pageLink = new TextPageLink(16, email2); 443 pageLink = new TextPageLink(16, email2);
414 do { 444 do {
415 - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",  
416 - new TypeReference<TextPageData<User>>(){}, pageLink); 445 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  446 + new TypeReference<TextPageData<User>>() {
  447 + }, pageLink);
417 loadedTenantAdminsEmail2.addAll(pageData.getData()); 448 loadedTenantAdminsEmail2.addAll(pageData.getData());
418 if (pageData.hasNext()) { 449 if (pageData.hasNext()) {
419 pageLink = pageData.getNextPageLink(); 450 pageLink = pageData.getNextPageLink();
420 } 451 }
421 } while (pageData.hasNext()); 452 } while (pageData.hasNext());
422 - 453 +
423 Collections.sort(tenantAdminsEmail2, idComparator); 454 Collections.sort(tenantAdminsEmail2, idComparator);
424 Collections.sort(loadedTenantAdminsEmail2, idComparator); 455 Collections.sort(loadedTenantAdminsEmail2, idComparator);
425 - 456 +
426 Assert.assertEquals(tenantAdminsEmail2, loadedTenantAdminsEmail2); 457 Assert.assertEquals(tenantAdminsEmail2, loadedTenantAdminsEmail2);
427 - 458 +
428 for (User user : loadedTenantAdminsEmail1) { 459 for (User user : loadedTenantAdminsEmail1) {
429 - doDelete("/api/user/"+user.getId().getId().toString())  
430 - .andExpect(status().isOk()); 460 + doDelete("/api/user/" + user.getId().getId().toString())
  461 + .andExpect(status().isOk());
431 } 462 }
432 - 463 +
433 pageLink = new TextPageLink(4, email1); 464 pageLink = new TextPageLink(4, email1);
434 - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",  
435 - new TypeReference<TextPageData<User>>(){}, pageLink); 465 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  466 + new TypeReference<TextPageData<User>>() {
  467 + }, pageLink);
436 Assert.assertFalse(pageData.hasNext()); 468 Assert.assertFalse(pageData.hasNext());
437 Assert.assertEquals(0, pageData.getData().size()); 469 Assert.assertEquals(0, pageData.getData().size());
438 - 470 +
439 for (User user : loadedTenantAdminsEmail2) { 471 for (User user : loadedTenantAdminsEmail2) {
440 - doDelete("/api/user/"+user.getId().getId().toString())  
441 - .andExpect(status().isOk()); 472 + doDelete("/api/user/" + user.getId().getId().toString())
  473 + .andExpect(status().isOk());
442 } 474 }
443 - 475 +
444 pageLink = new TextPageLink(4, email2); 476 pageLink = new TextPageLink(4, email2);
445 - pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",  
446 - new TypeReference<TextPageData<User>>(){}, pageLink); 477 + pageData = doGetTypedWithPageLink("/api/tenant/" + tenantId.getId().toString() + "/users?",
  478 + new TypeReference<TextPageData<User>>() {
  479 + }, pageLink);
447 Assert.assertFalse(pageData.hasNext()); 480 Assert.assertFalse(pageData.hasNext());
448 Assert.assertEquals(0, pageData.getData().size()); 481 Assert.assertEquals(0, pageData.getData().size());
449 -  
450 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
451 - .andExpect(status().isOk()); 482 +
  483 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  484 + .andExpect(status().isOk());
452 } 485 }
453 - 486 +
454 @Test 487 @Test
455 public void testFindCustomerUsers() throws Exception { 488 public void testFindCustomerUsers() throws Exception {
456 - 489 +
457 loginSysAdmin(); 490 loginSysAdmin();
458 Tenant tenant = new Tenant(); 491 Tenant tenant = new Tenant();
459 tenant.setTitle("My tenant"); 492 tenant.setTitle("My tenant");
460 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 493 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
461 Assert.assertNotNull(savedTenant); 494 Assert.assertNotNull(savedTenant);
462 - 495 +
463 TenantId tenantId = savedTenant.getId(); 496 TenantId tenantId = savedTenant.getId();
464 User tenantAdmin = new User(); 497 User tenantAdmin = new User();
465 tenantAdmin.setAuthority(Authority.TENANT_ADMIN); 498 tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
@@ -467,59 +500,60 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -467,59 +500,60 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
467 tenantAdmin.setEmail("tenant2@thingsboard.org"); 500 tenantAdmin.setEmail("tenant2@thingsboard.org");
468 tenantAdmin.setFirstName("Joe"); 501 tenantAdmin.setFirstName("Joe");
469 tenantAdmin.setLastName("Downs"); 502 tenantAdmin.setLastName("Downs");
470 - 503 +
471 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1"); 504 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
472 - 505 +
473 Customer customer = new Customer(); 506 Customer customer = new Customer();
474 customer.setTitle("My customer"); 507 customer.setTitle("My customer");
475 Customer savedCustomer = doPost("/api/customer", customer, Customer.class); 508 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
476 509
477 CustomerId customerId = savedCustomer.getId(); 510 CustomerId customerId = savedCustomer.getId();
478 - 511 +
479 List<User> customerUsers = new ArrayList<>(); 512 List<User> customerUsers = new ArrayList<>();
480 - for (int i=0;i<56;i++) { 513 + for (int i = 0; i < 56; i++) {
481 User user = new User(); 514 User user = new User();
482 user.setAuthority(Authority.CUSTOMER_USER); 515 user.setAuthority(Authority.CUSTOMER_USER);
483 user.setCustomerId(customerId); 516 user.setCustomerId(customerId);
484 user.setEmail("testCustomer" + i + "@thingsboard.org"); 517 user.setEmail("testCustomer" + i + "@thingsboard.org");
485 customerUsers.add(doPost("/api/user", user, User.class)); 518 customerUsers.add(doPost("/api/user", user, User.class));
486 } 519 }
487 - 520 +
488 List<User> loadedCustomerUsers = new ArrayList<>(); 521 List<User> loadedCustomerUsers = new ArrayList<>();
489 TextPageLink pageLink = new TextPageLink(33); 522 TextPageLink pageLink = new TextPageLink(33);
490 TextPageData<User> pageData = null; 523 TextPageData<User> pageData = null;
491 do { 524 do {
492 - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",  
493 - new TypeReference<TextPageData<User>>(){}, pageLink); 525 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  526 + new TypeReference<TextPageData<User>>() {
  527 + }, pageLink);
494 loadedCustomerUsers.addAll(pageData.getData()); 528 loadedCustomerUsers.addAll(pageData.getData());
495 if (pageData.hasNext()) { 529 if (pageData.hasNext()) {
496 pageLink = pageData.getNextPageLink(); 530 pageLink = pageData.getNextPageLink();
497 } 531 }
498 } while (pageData.hasNext()); 532 } while (pageData.hasNext());
499 - 533 +
500 Collections.sort(customerUsers, idComparator); 534 Collections.sort(customerUsers, idComparator);
501 Collections.sort(loadedCustomerUsers, idComparator); 535 Collections.sort(loadedCustomerUsers, idComparator);
502 - 536 +
503 Assert.assertEquals(customerUsers, loadedCustomerUsers); 537 Assert.assertEquals(customerUsers, loadedCustomerUsers);
504 -  
505 - doDelete("/api/customer/"+customerId.getId().toString())  
506 - .andExpect(status().isOk());  
507 - 538 +
  539 + doDelete("/api/customer/" + customerId.getId().toString())
  540 + .andExpect(status().isOk());
  541 +
508 loginSysAdmin(); 542 loginSysAdmin();
509 -  
510 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
511 - .andExpect(status().isOk()); 543 +
  544 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  545 + .andExpect(status().isOk());
512 } 546 }
513 - 547 +
514 @Test 548 @Test
515 public void testFindCustomerUsersByEmail() throws Exception { 549 public void testFindCustomerUsersByEmail() throws Exception {
516 - 550 +
517 loginSysAdmin(); 551 loginSysAdmin();
518 Tenant tenant = new Tenant(); 552 Tenant tenant = new Tenant();
519 tenant.setTitle("My tenant"); 553 tenant.setTitle("My tenant");
520 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class); 554 Tenant savedTenant = doPost("/api/tenant", tenant, Tenant.class);
521 Assert.assertNotNull(savedTenant); 555 Assert.assertNotNull(savedTenant);
522 - 556 +
523 TenantId tenantId = savedTenant.getId(); 557 TenantId tenantId = savedTenant.getId();
524 User tenantAdmin = new User(); 558 User tenantAdmin = new User();
525 tenantAdmin.setAuthority(Authority.TENANT_ADMIN); 559 tenantAdmin.setAuthority(Authority.TENANT_ADMIN);
@@ -527,105 +561,109 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest { @@ -527,105 +561,109 @@ public abstract class BaseUserControllerTest extends AbstractControllerTest {
527 tenantAdmin.setEmail("tenant2@thingsboard.org"); 561 tenantAdmin.setEmail("tenant2@thingsboard.org");
528 tenantAdmin.setFirstName("Joe"); 562 tenantAdmin.setFirstName("Joe");
529 tenantAdmin.setLastName("Downs"); 563 tenantAdmin.setLastName("Downs");
530 - 564 +
531 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1"); 565 tenantAdmin = createUserAndLogin(tenantAdmin, "testPassword1");
532 - 566 +
533 Customer customer = new Customer(); 567 Customer customer = new Customer();
534 customer.setTitle("My customer"); 568 customer.setTitle("My customer");
535 Customer savedCustomer = doPost("/api/customer", customer, Customer.class); 569 Customer savedCustomer = doPost("/api/customer", customer, Customer.class);
536 570
537 CustomerId customerId = savedCustomer.getId(); 571 CustomerId customerId = savedCustomer.getId();
538 -  
539 - String email1 = "testEmail1"; 572 +
  573 + String email1 = "testEmail1";
540 List<User> customerUsersEmail1 = new ArrayList<>(); 574 List<User> customerUsersEmail1 = new ArrayList<>();
541 -  
542 - for (int i=0;i<74;i++) { 575 +
  576 + for (int i = 0; i < 74; i++) {
543 User user = new User(); 577 User user = new User();
544 user.setAuthority(Authority.CUSTOMER_USER); 578 user.setAuthority(Authority.CUSTOMER_USER);
545 user.setCustomerId(customerId); 579 user.setCustomerId(customerId);
546 - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));  
547 - String email = email1+suffix+ "@thingsboard.org"; 580 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  581 + String email = email1 + suffix + "@thingsboard.org";
548 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase(); 582 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
549 user.setEmail(email); 583 user.setEmail(email);
550 customerUsersEmail1.add(doPost("/api/user", user, User.class)); 584 customerUsersEmail1.add(doPost("/api/user", user, User.class));
551 } 585 }
552 -  
553 - String email2 = "testEmail2"; 586 +
  587 + String email2 = "testEmail2";
554 List<User> customerUsersEmail2 = new ArrayList<>(); 588 List<User> customerUsersEmail2 = new ArrayList<>();
555 -  
556 - for (int i=0;i<92;i++) { 589 +
  590 + for (int i = 0; i < 92; i++) {
557 User user = new User(); 591 User user = new User();
558 user.setAuthority(Authority.CUSTOMER_USER); 592 user.setAuthority(Authority.CUSTOMER_USER);
559 user.setCustomerId(customerId); 593 user.setCustomerId(customerId);
560 - String suffix = RandomStringUtils.randomAlphanumeric((int)(5 + Math.random()*10));  
561 - String email = email2+suffix+ "@thingsboard.org"; 594 + String suffix = RandomStringUtils.randomAlphanumeric((int) (5 + Math.random() * 10));
  595 + String email = email2 + suffix + "@thingsboard.org";
562 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase(); 596 email = i % 2 == 0 ? email.toLowerCase() : email.toUpperCase();
563 user.setEmail(email); 597 user.setEmail(email);
564 customerUsersEmail2.add(doPost("/api/user", user, User.class)); 598 customerUsersEmail2.add(doPost("/api/user", user, User.class));
565 } 599 }
566 - 600 +
567 List<User> loadedCustomerUsersEmail1 = new ArrayList<>(); 601 List<User> loadedCustomerUsersEmail1 = new ArrayList<>();
568 TextPageLink pageLink = new TextPageLink(33, email1); 602 TextPageLink pageLink = new TextPageLink(33, email1);
569 TextPageData<User> pageData = null; 603 TextPageData<User> pageData = null;
570 do { 604 do {
571 - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",  
572 - new TypeReference<TextPageData<User>>(){}, pageLink); 605 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  606 + new TypeReference<TextPageData<User>>() {
  607 + }, pageLink);
573 loadedCustomerUsersEmail1.addAll(pageData.getData()); 608 loadedCustomerUsersEmail1.addAll(pageData.getData());
574 if (pageData.hasNext()) { 609 if (pageData.hasNext()) {
575 pageLink = pageData.getNextPageLink(); 610 pageLink = pageData.getNextPageLink();
576 } 611 }
577 } while (pageData.hasNext()); 612 } while (pageData.hasNext());
578 - 613 +
579 Collections.sort(customerUsersEmail1, idComparator); 614 Collections.sort(customerUsersEmail1, idComparator);
580 Collections.sort(loadedCustomerUsersEmail1, idComparator); 615 Collections.sort(loadedCustomerUsersEmail1, idComparator);
581 - 616 +
582 Assert.assertEquals(customerUsersEmail1, loadedCustomerUsersEmail1); 617 Assert.assertEquals(customerUsersEmail1, loadedCustomerUsersEmail1);
583 - 618 +
584 List<User> loadedCustomerUsersEmail2 = new ArrayList<>(); 619 List<User> loadedCustomerUsersEmail2 = new ArrayList<>();
585 pageLink = new TextPageLink(16, email2); 620 pageLink = new TextPageLink(16, email2);
586 do { 621 do {
587 - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",  
588 - new TypeReference<TextPageData<User>>(){}, pageLink); 622 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  623 + new TypeReference<TextPageData<User>>() {
  624 + }, pageLink);
589 loadedCustomerUsersEmail2.addAll(pageData.getData()); 625 loadedCustomerUsersEmail2.addAll(pageData.getData());
590 if (pageData.hasNext()) { 626 if (pageData.hasNext()) {
591 pageLink = pageData.getNextPageLink(); 627 pageLink = pageData.getNextPageLink();
592 } 628 }
593 } while (pageData.hasNext()); 629 } while (pageData.hasNext());
594 - 630 +
595 Collections.sort(customerUsersEmail2, idComparator); 631 Collections.sort(customerUsersEmail2, idComparator);
596 Collections.sort(loadedCustomerUsersEmail2, idComparator); 632 Collections.sort(loadedCustomerUsersEmail2, idComparator);
597 - 633 +
598 Assert.assertEquals(customerUsersEmail2, loadedCustomerUsersEmail2); 634 Assert.assertEquals(customerUsersEmail2, loadedCustomerUsersEmail2);
599 - 635 +
600 for (User user : loadedCustomerUsersEmail1) { 636 for (User user : loadedCustomerUsersEmail1) {
601 - doDelete("/api/user/"+user.getId().getId().toString())  
602 - .andExpect(status().isOk()); 637 + doDelete("/api/user/" + user.getId().getId().toString())
  638 + .andExpect(status().isOk());
603 } 639 }
604 - 640 +
605 pageLink = new TextPageLink(4, email1); 641 pageLink = new TextPageLink(4, email1);
606 - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",  
607 - new TypeReference<TextPageData<User>>(){}, pageLink); 642 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  643 + new TypeReference<TextPageData<User>>() {
  644 + }, pageLink);
608 Assert.assertFalse(pageData.hasNext()); 645 Assert.assertFalse(pageData.hasNext());
609 Assert.assertEquals(0, pageData.getData().size()); 646 Assert.assertEquals(0, pageData.getData().size());
610 - 647 +
611 for (User user : loadedCustomerUsersEmail2) { 648 for (User user : loadedCustomerUsersEmail2) {
612 - doDelete("/api/user/"+user.getId().getId().toString())  
613 - .andExpect(status().isOk()); 649 + doDelete("/api/user/" + user.getId().getId().toString())
  650 + .andExpect(status().isOk());
614 } 651 }
615 - 652 +
616 pageLink = new TextPageLink(4, email2); 653 pageLink = new TextPageLink(4, email2);
617 - pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",  
618 - new TypeReference<TextPageData<User>>(){}, pageLink); 654 + pageData = doGetTypedWithPageLink("/api/customer/" + customerId.getId().toString() + "/users?",
  655 + new TypeReference<TextPageData<User>>() {
  656 + }, pageLink);
619 Assert.assertFalse(pageData.hasNext()); 657 Assert.assertFalse(pageData.hasNext());
620 Assert.assertEquals(0, pageData.getData().size()); 658 Assert.assertEquals(0, pageData.getData().size());
621 -  
622 - doDelete("/api/customer/"+customerId.getId().toString())  
623 - .andExpect(status().isOk());  
624 - 659 +
  660 + doDelete("/api/customer/" + customerId.getId().toString())
  661 + .andExpect(status().isOk());
  662 +
625 loginSysAdmin(); 663 loginSysAdmin();
626 -  
627 - doDelete("/api/tenant/"+savedTenant.getId().getId().toString())  
628 - .andExpect(status().isOk()); 664 +
  665 + doDelete("/api/tenant/" + savedTenant.getId().getId().toString())
  666 + .andExpect(status().isOk());
629 } 667 }
630 - 668 +
631 } 669 }
@@ -64,7 +64,6 @@ public abstract class BaseWidgetTypeControllerTest extends AbstractControllerTes @@ -64,7 +64,6 @@ public abstract class BaseWidgetTypeControllerTest extends AbstractControllerTes
64 WidgetsBundle widgetsBundle = new WidgetsBundle(); 64 WidgetsBundle widgetsBundle = new WidgetsBundle();
65 widgetsBundle.setTitle("My widgets bundle"); 65 widgetsBundle.setTitle("My widgets bundle");
66 savedWidgetsBundle = doPost("/api/widgetsBundle", widgetsBundle, WidgetsBundle.class); 66 savedWidgetsBundle = doPost("/api/widgetsBundle", widgetsBundle, WidgetsBundle.class);
67 -  
68 } 67 }
69 68
70 @After 69 @After
@@ -101,6 +100,19 @@ public abstract class BaseWidgetTypeControllerTest extends AbstractControllerTes @@ -101,6 +100,19 @@ public abstract class BaseWidgetTypeControllerTest extends AbstractControllerTes
101 } 100 }
102 101
103 @Test 102 @Test
  103 + public void testUpdateWidgetTypeFromDifferentTenant() throws Exception {
  104 + WidgetType widgetType = new WidgetType();
  105 + widgetType.setBundleAlias(savedWidgetsBundle.getAlias());
  106 + widgetType.setName("Widget Type");
  107 + widgetType.setDescriptor(new ObjectMapper().readValue("{ \"someKey\": \"someValue\" }", JsonNode.class));
  108 + WidgetType savedWidgetType = doPost("/api/widgetType", widgetType, WidgetType.class);
  109 +
  110 + loginDifferentTenant();
  111 + doPost("/api/widgetType", savedWidgetType, WidgetType.class, status().isForbidden());
  112 + deleteDifferentTenant();
  113 + }
  114 +
  115 + @Test
104 public void testFindWidgetTypeById() throws Exception { 116 public void testFindWidgetTypeById() throws Exception {
105 WidgetType widgetType = new WidgetType(); 117 WidgetType widgetType = new WidgetType();
106 widgetType.setBundleAlias(savedWidgetsBundle.getAlias()); 118 widgetType.setBundleAlias(savedWidgetsBundle.getAlias());
@@ -89,6 +89,17 @@ public abstract class BaseWidgetsBundleControllerTest extends AbstractController @@ -89,6 +89,17 @@ public abstract class BaseWidgetsBundleControllerTest extends AbstractController
89 } 89 }
90 90
91 @Test 91 @Test
  92 + public void testUpdateWidgetsBundleFromDifferentTenant() throws Exception {
  93 + WidgetsBundle widgetsBundle = new WidgetsBundle();
  94 + widgetsBundle.setTitle("My widgets bundle");
  95 + WidgetsBundle savedWidgetsBundle = doPost("/api/widgetsBundle", widgetsBundle, WidgetsBundle.class);
  96 +
  97 + loginDifferentTenant();
  98 + doPost("/api/widgetsBundle", savedWidgetsBundle, WidgetsBundle.class, status().isForbidden());
  99 + deleteDifferentTenant();
  100 + }
  101 +
  102 + @Test
92 public void testFindWidgetsBundleById() throws Exception { 103 public void testFindWidgetsBundleById() throws Exception {
93 WidgetsBundle widgetsBundle = new WidgetsBundle(); 104 WidgetsBundle widgetsBundle = new WidgetsBundle();
94 widgetsBundle.setTitle("My widgets bundle"); 105 widgetsBundle.setTitle("My widgets bundle");