104. EPMO Open Source Coordination Office Redaction File Detail Report

Produced by Araxis Merge on 6/18/2018 3:37:03 PM Eastern Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.

104.1 Files compared

#	Location	File	Last Modified
1	CTT_DM2_v7.zip\CTT_ntrt-jira-ssoi-authenticator\authenticator\src\test\java\gov\vha\ctt\ntrt	SsoiAuthenticatorTest.java	Tue Jun 12 16:41:56 2018 UTC
2	CTT_DM2_v7.zip\CTT_ntrt-jira-ssoi-authenticator\authenticator\src\test\java\gov\vha\ctt\ntrt	SsoiAuthenticatorTest.java	Tue Jun 12 21:08:13 2018 UTC

104.2 Comparison summary

Description	Between Files 1 and 2
Description	Text Blocks	Lines
Unchanged	6	1358
Changed	5	10
Inserted	0	0
Removed	0	0

104.3 Comparison options

Whitespace
Character case	Differences in character case are significant
Line endings	Differences in line endings (`CR` and `LF` characters) are ignored
CR/LF characters	Not shown in the comparison detail

104.4 Active regular expressions

No regular expressions were active.

104.5 Comparison detail

	1	package go v.vha.ctt. ntrt;
	2
	3	import com .atlassian .crowd.emb edded.api. Group;
	4	import com .atlassian .crowd.exc eption.Ope rationFail edExceptio n;
	5	import com .atlassian .jira.bc.p rojectrole s.ProjectR oleService ;
	6	import com .atlassian .jira.exce ption.Crea teExceptio n;
	7	import com .atlassian .jira.juni t.rules.Av ailableInC ontainer;
	8	import com .atlassian .jira.juni t.rules.Mo ckitoConta iner;
	9	import com .atlassian .jira.juni t.rules.Mo ckitoMocks InContaine r;
	10	import com .atlassian .jira.mock .MockProje ctRoleMana ger;
	11	import com .atlassian .jira.mock .component .MockCompo nentWorker ;
	12	import com .atlassian .jira.mock .ofbiz.Moc kGenericVa lue;
	13	import com .atlassian .jira.proj ect.Projec t;
	14	import com .atlassian .jira.proj ect.Projec tImpl;
	15	import com .atlassian .jira.proj ect.Projec tManager;
	16	import com .atlassian .jira.secu rity.group s.GroupMan ager;
	17	import com .atlassian .jira.secu rity.login .LoginMana ger;
	18	import com .atlassian .jira.secu rity.roles .ProjectRo le;
	19	import com .atlassian .jira.secu rity.roles .ProjectRo leImpl;
	20	import com .atlassian .jira.secu rity.roles .ProjectRo leManager;
	21	import com .atlassian .jira.user .Applicati onUser;
	22	import com .atlassian .jira.user .MockAppli cationUser ;
	23	import com .atlassian .jira.user .MockGroup ;
	24	import com .atlassian .jira.user .UserDetai ls;
	25	import com .atlassian .jira.user .util.User Manager;
	26	import com .atlassian .jira.util .ErrorColl ection;
	27	import com .atlassian .seraph.co nfig.Secur ityConfig;
	28	import com .atlassian .seraph.el evatedsecu rity.Eleva tedSecurit yGuard;
	29	import com .atlassian .seraph.se rvice.reme mberme.Rem emberMeSer vice;
	30	import com .google.co mmon.colle ct.Immutab leMap;
	31	import org .apache.lo g4j.Append er;
	32	import org .apache.lo g4j.Level;
	33	import org .apache.lo g4j.LogMan ager;
	34	import org .apache.lo g4j.Logger ;
	35	import org .apache.lo g4j.spi.Lo ggingEvent ;
	36	import org .junit.Bef ore;
	37	import org .junit.Rul e;
	38	import org .junit.Tes t;
	39	import org .mockito.A rgumentCap tor;
	40	import org .mockito.C aptor;
	41	import org .mockito.M ock;
	42	import org .springfra mework.moc k.web.Mock HttpServle tRequest;
	43	import org .springfra mework.moc k.web.Mock HttpServle tResponse;
	44	import org .springfra mework.moc k.web.Mock HttpSessio n;
	45
	46	import jav ax.servlet .http.Http ServletReq uest;
	47	import jav ax.servlet .http.Http ServletRes ponse;
	48	import jav a.security .Principal ;
	49	import jav a.util.*;
	50
	51	import sta tic com.at lassian.ji ra.securit y.roles.Pr ojectRoleA ctor.USER_ ROLE_ACTOR _TYPE;
	52	import sta tic com.go ogle.commo n.collect. ImmutableM ap.of;
	53	import sta tic gov.vh a.ctt.ntrt .SsoiAuthe nticator.* ;
	54	import sta tic gov.vh a.ctt.ntrt .SsoiAuthe nticator.R ole.*;
	55	import sta tic java.l ang.String .format;
	56	import sta tic java.u til.Collec tions.empt yList;
	57	import sta tic org.as sertj.core .api.Asser tions.asse rtThat;
	58	import sta tic org.mo ckito.Argu mentMatche rs.isA;
	59	import sta tic org.mo ckito.Argu mentMatche rs.matches ;
	60	import sta tic org.mo ckito.BDDM ockito.giv en;
	61	import sta tic org.mo ckito.Mock ito.*;
	62	import sta tic org.sp ringframew ork.test.u til.Reflec tionTestUt ils.setFie ld;
	63
	64	public cla ss SsoiAut henticator Test {
	65
	66	privat e SsoiAuth enticator authentica tor;
	67
	68	privat e static f inal Strin g ADMIN_RO LE = NTRT_ ADMIN.toSt ring().toL owerCase() ;
	69	privat e static f inal Strin g STAFF_RO LE = NTRT_ STAFF.toSt ring().toL owerCase() ;
	70	privat e static f inal Strin g USER_ROL E = NTRT_U SER.toStri ng().toLow erCase();
	71	privat e static f inal Strin g TEST_USE R_NAME = " testuser";
	72
	73	@Rule
	74	public MockitoCo ntainer mo ckitoConta iner = Moc kitoMocksI nContainer .rule(this );
	75
	76	@Mock
	77	@Avail ableInCont ainer
	78	privat e Remember MeService rememberMe Service;
	79
	80	@Mock
	81	@Avail ableInCont ainer
	82	privat e Security Config sec urityConfi g;
	83
	84	@Mock
	85	@Avail ableInCont ainer
	86	privat e UserMana ger userMa nager;
	87
	88	@Mock
	89	@Avail ableInCont ainer
	90	privat e Elevated SecurityGu ard elevat edSecurity Guard;
	91
	92	@Mock
	93	@Avail ableInCont ainer
	94	privat e LoginMan ager login Manager;
	95
	96	@Mock
	97	@Avail ableInCont ainer
	98	privat e GroupMan ager group Manager;
	99
	100	@Mock
	101	@Avail ableInCont ainer
	102	privat e ProjectR oleService projectRo leService;
	103
	104	@Mock
	105	@Avail ableInCont ainer
	106	privat e ProjectM anager pro jectManage r;
	107
	108	@Mock
	109	@Avail ableInCont ainer
	110	privat e ProjectR oleManager projectRo leManager;
	111
	112	@Mock
	113	privat e Appender appender;
	114
	115	@Capto r
	116	privat e Argument Captor<Log gingEvent> captor;
	117
	118	privat e final Pr oject ntrt Project = new Projec tImpl(new MockGeneri cValue("NT RT", Immut ableMap.of ("key", "N TRT")));
	119	privat e final Gr oup jiraSe rviceDeskU sersGroup = new Mock Group(JIRA _GROUP_SER VICEDESK_U SERS);
	120
	121	@Befor e
	122	public void setU p() throws Exception {
	123	au thenticato r = new Ss oiAuthenti cator();
	124	ne w MockComp onentWorke r()
	125	.add Mock(UserM anager.cla ss, userMa nager)
	126	.add Mock(Remem berMeServi ce.class, rememberMe Service)
	127	.add Mock(Secur ityConfig. class, sec urityConfi g)
	128	.add Mock(Eleva tedSecurit yGuard.cla ss, elevat edSecurity Guard)
	129	.add Mock(Login Manager.cl ass, login Manager)
	130	.add Mock(Group Manager.cl ass, group Manager)
	131	.add Mock(Proje ctRoleServ ice.class, projectRo leService)
	132	.add Mock(Proje ctManager. class, pro jectManage r)
	133	.add Mock(Proje ctRoleMana ger.class, projectRo leManager)
	134	.ini t();
	135
	136	Lo gger rootL ogger = Lo gManager.g etRootLogg er();
	137	ro otLogger.a ddAppender (appender) ;
	138	ro otLogger.s etLevel(Le vel.DEBUG) ;
	139	}
	140
	141	@Test
	142	public void find NtrtRolesS houldFindA llRoles() throws Exc eption {
	143	En umSet<Role > roles = authentica tor.findNt rtRoles(mo ckRequest( of(
	144	HEAD ER_PRISME_ ROLES, for mat("foo,% s,%s,%s,ba r", ADMIN_ ROLE, STAF F_ROLE, US ER_ROLE))) );
	145	as sertThat(r oles).cont ainsExactl yInAnyOrde r(NTRT_ADM IN, NTRT_S TAFF, NTRT _USER);
	146	}
	147
	148	@Test
	149	public void find NtrtRolesS houldFindO neRole() t hrows Exce ption {
	150	En umSet<Role > roles = authentica tor.findNt rtRoles(mo ckRequest( of(
	151	HEAD ER_PRISME_ ROLES, for mat("foo,% s,bar", AD MIN_ROLE)) ));
	152	as sertThat(r oles).cont ainsExactl y(NTRT_ADM IN);
	153	}
	154
	155	@Test
	156	public void find NtrtRolesS houldFindN oRoles() t hrows Exce ption {
	157	En umSet<Role > roles = authentica tor.findNt rtRoles(mo ckRequest( of(
	158	HEAD ER_PRISME_ ROLES, "fo o,bar")));
	159	as sertThat(r oles).isEm pty();
	160	}
	161
	162	@Test
	163	public void getD isplayName ShouldPref erHeadersT oEmailAddr ess() {
	164	Ht tpServletR equest req uest = moc kRequest(o f(
	165	HEAD ER_FIRSTNA ME, "HOMER ",
	166	HEAD ER_LASTNAM E, "SIMPSO N",
	167	HEADER_ADE MAIL, " PII "));
	168	as sertThat(a uthenticat or.getDisp layName(re quest)).is EqualTo("H omer Simps on");
	169	}
	170
	171	@Test
	172	public void getD isplayName ShouldUseA ccountName IfEmailInW rongFormat () {
	173	Ht tpServletR equest req uest = moc kRequest(o f(
	174	HEAD ER_ADSAMAC COUNTNAME, "homersim pson",
	175	HEADER_ADE MAIL, " PII "));
	176	as sertThat(a uthenticat or.getDisp layName(re quest)).is EqualTo("h omersimpso n");
	177	}
	178
	179	@Test
	180	public void getD isplayName ShouldUseE mailWhenNa mesAbsent( ) {
	181	HttpServle tRequest r equest = m ockRequest (of(HEADER _ADEMAIL, " PII "));
	182	as sertThat(a uthenticat or.getDisp layName(re quest)).is EqualTo("H omer Simps on");
	183	}
	184
	185	@Test
	186	public void getD isplayName ShouldUseE mailWhenFi rstNameAbs ent() {
	187	Ht tpServletR equest req uest = moc kRequest(o f(
	188	HEAD ER_LASTNAM E, "SIMPSO N",
	189	HEADER_ADE MAIL, " PII "));
	190	as sertThat(a uthenticat or.getDisp layName(re quest)).is EqualTo("H omer Simps on");
	191	}
	192
	193	@Test
	194	public void getD isplayName ShouldUseE mailWhenLa stNameAbse nt() {
	195	Ht tpServletR equest req uest = moc kRequest(o f(
	196	HEAD ER_FIRSTNA ME, "HOMER ",
	197	HEADER_ADE MAIL, " PII "));
	198	as sertThat(a uthenticat or.getDisp layName(re quest)).is EqualTo("H omer Simps on");
	199	}
	200
	201	@Test
	202	public void getU serReturns NullWhenNt rtRoleAbse nt() {
	203	gi ven(userMa nager.getU serByName( TEST_USER_ NAME)).wil lReturn(nu ll);
	204
	205	Ht tpServletR equest req uest = moc kRequest(o f(
	206	HEAD ER_ADSAMAC COUNTNAME, TEST_USER _NAME,
	207	HEAD ER_PRISME_ ROLES, "fo o,bar"));
	208	as sertThat(a uthenticat or.getUser (request, null)).isN ull();
	209	}
	210
	211	@Test
	212	public void getU serUsesCac hedRoles() {
	213
	214	Mo ckHttpSess ion sessio n = mockSe ssionWithC achedRoles (NTRT_USER , NTRT_STA FF, NTRT_A DMIN);
	215
	216	Mo ckHttpServ letRequest request = mockReque st(of(
	217	HEAD ER_ADSAMAC COUNTNAME, TEST_USER _NAME,
	218	HEAD ER_PRISME_ ROLES, for mat("%s,%s ,%s", USER _ROLE, STA FF_ROLE, A DMIN_ROLE) ));
	219	re quest.setS ession(ses sion);
	220
	221	gi venUserMan agerWillRe turnTestUs er();
	222
	223	Pr incipal us er = authe nticator.g etUser(req uest, new MockHttpSe rvletRespo nse());
	224	as sertThat(u ser).isNot Null();
	225	as sertThat(u ser.getNam e()).isEqu alTo(TEST_ USER_NAME) ;
	226
	227	// if the ca ched roles were used , we won't look for roles in t he databas e
	228	ve rify(proje ctRoleMana ger, never ()).getPro jectRoles( isA(Applic ationUser. class), is A(Project. class));
	229	}
	230
	231	@Test
	232	@Suppr essWarning s("depreca tion")
	233	public void getU serAssigns RolesToUse rWhenCache dRolesNotF ound() {
	234	st ubTestAndA dminUsersA ndUsersGro upAndProje ct();
	235	gi venProject RoleServic eWillRetur nProjectRo le(JIRA_RO LE_CUSTOME R);
	236	gi venProject RoleServic eWillRetur nProjectRo le(JIRA_RO LE_TEAM);
	237	gi venProject RoleServic eWillRetur nProjectRo le(JIRA_RO LE_ADMIN);
	238	gi venProject RoleManage rWillRetur nProjectRo les(
	239	proj ectRole(JI RA_ROLE_CU STOMER), p rojectRole (JIRA_ROLE _TEAM), pr ojectRole( JIRA_ROLE_ ADMIN));
	240
	241	Mo ckHttpServ letRequest request = mockReque st(of(
	242	HEAD ER_ADSAMAC COUNTNAME, TEST_USER _NAME,
	243	HEAD ER_PRISME_ ROLES, for mat("%s,%s ,%s", USER _ROLE, STA FF_ROLE, A DMIN_ROLE) ));
	244
	245	Pr incipal us er = authe nticator.g etUser(req uest, new MockHttpSe rvletRespo nse());
	246	as sertThat(u ser).isNot Null();
	247	as sertThat(u ser.getNam e()).isEqu alTo(TEST_ USER_NAME) ;
	248
	249	// verify th e roles we re cached in the ses sion
	250	Se t<String> cachedRole s = authen ticator.ge tCachedRol es(request .getSessio n());
	251	as sertThat(c achedRoles ).isNotNul l();
	252	as sertThat(c achedRoles .size()).i sEqualTo(3 );
	253	as sertThat(c achedRoles ).contains ExactlyInA nyOrder(JI RA_ROLE_CU STOMER, JI RA_ROLE_TE AM, JIRA_R OLE_ADMIN) ;
	254
	255	Se t<String> userKeys = Collectio ns.singlet on(TEST_US ER_NAME);
	256	Ap plicationU ser adminU ser = auth enticator. getAdminUs er();
	257
	258	// user shou ld have be en added t o three ro les on the back end
	259	ve rify(proje ctRoleServ ice, times (3)).addAc torsToProj ectRole(
	260	eq(a dminUser),
	261	eq(u serKeys),
	262	isA( ProjectRol e.class),
	263	isA( Project.cl ass),
	264	eq(U SER_ROLE_A CTOR_TYPE) ,
	265	isA( ErrorColle ction.clas s)
	266	);
	267	}
	268
	269	@Test
	270	public void getU serReturns NullWhenNo RolesAreCa chedAndUse rCantBeAss ignedToPro jectRole() {
	271	st ubTestAndA dminUsersA ndUsersGro upAndProje ct();
	272	gi venProject RoleServic eWillRetur nProjectRo le(JIRA_RO LE_ADMIN);
	273
	274	Mo ckHttpServ letRequest request = mockReque st(of(
	275	HEAD ER_ADSAMAC COUNTNAME, TEST_USER _NAME,
	276	HEAD ER_PRISME_ ROLES, for mat("%s,%s ,%s", USER _ROLE, STA FF_ROLE, A DMIN_ROLE) ));
	277
	278	do FailAddAct orsToProje ctRole();
	279
	280	Pr incipal us er = authe nticator.g etUser(req uest, new MockHttpSe rvletRespo nse());
	281	as sertThat(u ser).isNul l();
	282	}
	283
	284	@Test
	285	public void getU serReturns NullWhenCa chedRolesA reInvalidA ndUserCant BeAssigned ToProjectR ole() {
	286	st ubTestAndA dminUsersA ndUsersGro upAndProje ct();
	287	gi venProject RoleServic eWillRetur nProjectRo le(JIRA_RO LE_CUSTOME R);
	288
	289	Mo ckHttpServ letRequest request = mockReque st(of(
	290	HEAD ER_ADSAMAC COUNTNAME, TEST_USER _NAME,
	291	HEAD ER_PRISME_ ROLES, USE R_ROLE));
	292	Mo ckHttpSess ion sessio n = mockSe ssionWithC achedRoles (NTRT_ADMI N);
	293	re quest.setS ession(ses sion);
	294
	295	do FailAddAct orsToProje ctRole();
	296
	297	Pr incipal us er = authe nticator.g etUser(req uest, new MockHttpSe rvletRespo nse());
	298	as sertThat(u ser).isNul l();
	299	}
	300
	301	@Test
	302	public void getU serDelegat esToParent WhenAccoun tHeaderNot Present() {
	303	Ht tpServletR equest req uest = moc kRequest(o f(HEADER_P RISME_ROLE S, "ntrt_u ser"));
	304	fi nal String username = "nonNtrt User";
	305
	306	se tField(aut henticator , "config" , security Config);
	307	gi ven(securi tyConfig.g etRemember MeService( )).willRet urn(rememb erMeServic e);
	308	gi ven(securi tyConfig.g etElevated SecurityGu ard()).wil lReturn(el evatedSecu rityGuard) ;
	309	gi ven(rememb erMeServic e.getRemem berMeCooki eAuthentic atedUserna me(
	310	isA( HttpServle tRequest.c lass), isA (HttpServl etResponse .class))). willReturn (username) ;
	311	gi ven(userMa nager.getU serByName( username)) .willRetur n(new Mock Applicatio nUser(user name));
	312	gi ven(elevat edSecurity Guard.perf ormElevate dSecurityC heck(
	313	isA( HttpServle tRequest.c lass), mat ches(usern ame))).wil lReturn(tr ue);
	314	gi ven(loginM anager.aut horiseForL ogin(
	315	isA( Applicatio nUser.clas s), isA(Ht tpServletR equest.cla ss))).will Return(tru e);
	316	as sertThat(a uthenticat or.getUser (request, mockRespon se()).getN ame()).isE qualTo(use rname);
	317	}
	318
	319	@Test
	320	public void crea teNewUserR eturnsNull WhenAccoun tNameIsPre sentButEma ilAddressI sAbsent() {
	321	fi nal String accountNa me = TEST_ USER_NAME;
	322	Ht tpServletR equest req uest = moc kRequest(o f(HEADER_A DSAMACCOUN TNAME, acc ountName, HEADER_PRI SME_ROLES, "ntrt_use r"));
	323	as sertThat(a uthenticat or.createN ewUser(req uest, acco untName)). isNull();
	324	}
	325
	326	@Test
	327	@Suppr essWarning s("depreca tion")
	328	public void getU serReturns PrincipalO nHappyPath () throws Exception {
	329
	330	gi venGroupMa nagerWillR eturnServi ceDeskUser sGroup();
	331
	332	Pr ojectRole teamRole = projectRo le(JIRA_RO LE_TEAM);
	333	gi ven(projec tRoleServi ce.getProj ectRoleByN ame(isA(St ring.class ), isA(Err orCollecti on.class)) ).willRetu rn(teamRol e);
	334
	335	Pr oject proj ect = mock (Project.c lass);
	336	gi ven(projec tManager.g etProjectB yCurrentKe y(JIRA_PRO JECT_NAME_ NTRT)).wil lReturn(pr oject);
	337	gi venProject RoleManage rWillRetur nProjectRo les(teamRo le);
	338
	339	Ap plicationU ser testUs er = new M ockApplica tionUser(T EST_USER_N AME);
	340	gi ven(userMa nager.crea teUser(isA (UserDetai ls.class)) ).willRetu rn(testUse r);
	341	gi ven(userMa nager.getU serByName( TEST_USER_ NAME)).wil lReturn(te stUser);
	342
	343	Ap plicationU ser adminU ser = new MockApplic ationUser( "admin");
	344	gi ven(userMa nager.getU serObject( JIRA_USER_ NAME_ADMIN )).willRet urn(adminU ser);
	345
	346	Ht tpServletR equest req uest = moc kRequest(o f(
	347	HEAD ER_ADSAMAC COUNTNAME, TEST_USER _NAME,
	348	HEAD ER_ADEMAIL , "test@us er.com",
	349	HEAD ER_PRISME_ ROLES, "nt rt_user")) ;
	350
	351	Pr incipal ex pected = t his.authen ticator.ge tUser(requ est, null) ;
	352	as sertThat(e xpected).i sInstanceO f(Principa l.class);
	353	as sertThat(e xpected.ge tName()).i sEqualTo(T EST_USER_N AME);
	354	}
	355
	356	@Test
	357	public void getU serReturns NullOnCrea teUserFail ure() thro ws Excepti on {
	358	gi ven(userMa nager.crea teUser(isA (UserDetai ls.class)) ).willThro w(CreateEx ception.cl ass);
	359
	360	Ht tpServletR equest req uest = moc kRequest(o f(
	361	HEAD ER_ADSAMAC COUNTNAME, TEST_USER _NAME,
	362	HEAD ER_ADEMAIL , "test@us er.com",
	363	HEAD ER_PRISME_ ROLES, "nt rt_user")) ;
	364
	365	as sertThat(a uthenticat or.getUser (request, null)).isN ull();
	366	}
	367
	368	@Test
	369	public void getH eaderHandl esIncorrec tCase() th rows Excep tion {
	370	fi nal String expected = "bar";
	371
	372	Ht tpServletR equest req uest = moc kRequest(o f("foo", e xpected));
	373	as sertThat(a uthenticat or.getHead er(request , "FOO")). isEqualTo( expected);
	374
	375	re quest = mo ckRequest( of("FOO", expected)) ;
	376	as sertThat(a uthenticat or.getHead er(request , "foo")). isEqualTo( expected);
	377
	378	re quest = mo ckRequest( of("FoO", expected)) ;
	379	as sertThat(a uthenticat or.getHead er(request , "foo")). isEqualTo( expected);
	380	as sertThat(a uthenticat or.getHead er(request , "FOO")). isEqualTo( expected);
	381	}
	382
	383	@Test
	384	public void getH eaderLogsM issingHead er() throw s Exceptio n {
	385
	386	Mo ckHttpSess ion sessio n = new Mo ckHttpSess ion();
	387	Mo ckHttpServ letRequest request = mockReque st(of("baz ", "quux", "doodle", "dee"));
	388	re quest.setS ession(ses sion);
	389
	390	au thenticato r.getHeade r(request, "foo");
	391	au thenticato r.getHeade r(request, "bar");
	392
	393	ve rify(appen der, times (2)).doApp end(captor .capture() );
	394
	395	@S uppressWar nings("unc hecked")
	396	Li st<String> actualMis sedHeaders = (List<S tring>) se ssion.getA ttribute(N TRT_AUTHEN TICATOR_MI SSING_HEAD ERS_LOGGED _KEY);
	397	as sertThat(a ctualMisse dHeaders). containsEx actly("foo ", "bar");
	398
	399	St ring messa geTemplate = LOG_MES SAGE_MISSI NG_HEADER. replace("{ }", "%s");
	400	St ring expec tedFoundHe aders = Ar rays.asLis t("baz", " doodle").t oString();
	401	St ring bazMe ssage = fo rmat(messa geTemplate , "foo", s ession.get Id(), expe ctedFoundH eaders);
	402	St ring doodl eMessage = format(me ssageTempl ate, "bar" , session. getId(), e xpectedFou ndHeaders) ;
	403
	404	Li st<Logging Event> log s = captor .getAllVal ues();
	405	as sertThat(l ogs.get(0) .getMessag e()).isEqu alTo(bazMe ssage);
	406	as sertThat(l ogs.get(1) .getMessag e()).isEqu alTo(doodl eMessage);
	407	}
	408
	409	@Test
	410	public void vali dateCached RolesIdent ifiesMatch es() {
	411	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER), proj ectRolesFo r(NTRT_USE R), true);
	412	as sertValida teCachedRo les(ntrtRo les(NTRT_S TAFF), pro jectRolesF or(NTRT_ST AFF), true );
	413	as sertValida teCachedRo les(ntrtRo les(NTRT_A DMIN), pro jectRolesF or(NTRT_AD MIN), true );
	414	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ STAFF), pr ojectRoles For(NTRT_U SER, NTRT_ STAFF), tr ue);
	415	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ ADMIN), pr ojectRoles For(NTRT_U SER, NTRT_ ADMIN), tr ue);
	416	as sertValida teCachedRo les(ntrtRo les(NTRT_S TAFF, NTRT _ADMIN), p rojectRole sFor(NTRT_ STAFF, NTR T_ADMIN), true);
	417	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ STAFF, NTR T_ADMIN), projectRol esFor(NTRT _USER, NTR T_STAFF, N TRT_ADMIN) , true);
	418	}
	419
	420	@Test
	421	public void vali dateCached RolesIdent ifiesMisma tches() {
	422
	423	// user has wrong proj ect role
	424	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER), proj ectRolesFo r(NTRT_STA FF), false );
	425	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER), proj ectRolesFo r(NTRT_ADM IN), false );
	426	as sertValida teCachedRo les(ntrtRo les(NTRT_S TAFF), pro jectRolesF or(NTRT_US ER), false );
	427	as sertValida teCachedRo les(ntrtRo les(NTRT_S TAFF), pro jectRolesF or(NTRT_AD MIN), fals e);
	428	as sertValida teCachedRo les(ntrtRo les(NTRT_A DMIN), pro jectRolesF or(NTRT_US ER), false );
	429	as sertValida teCachedRo les(ntrtRo les(NTRT_A DMIN), pro jectRolesF or(NTRT_ST AFF), fals e);
	430
	431	// user has one too ma ny project roles
	432	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER), proj ectRolesFo r(NTRT_USE R, NTRT_ST AFF), fals e);
	433	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER), proj ectRolesFo r(NTRT_USE R, NTRT_AD MIN), fals e);
	434	as sertValida teCachedRo les(ntrtRo les(NTRT_S TAFF), pro jectRolesF or(NTRT_ST AFF, NTRT_ USER), fal se);
	435	as sertValida teCachedRo les(ntrtRo les(NTRT_S TAFF), pro jectRolesF or(NTRT_ST AFF, NTRT_ USER), fal se);
	436	as sertValida teCachedRo les(ntrtRo les(NTRT_A DMIN), pro jectRolesF or(NTRT_AD MIN, NTRT_ USER), fal se);
	437	as sertValida teCachedRo les(ntrtRo les(NTRT_A DMIN), pro jectRolesF or(NTRT_AD MIN, NTRT_ STAFF), fa lse);
	438
	439	// user has two too ma ny project roles
	440	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER), proj ectRolesFo r(NTRT_USE R, NTRT_ST AFF, NTRT_ ADMIN), fa lse);
	441	as sertValida teCachedRo les(ntrtRo les(NTRT_S TAFF), pro jectRolesF or(NTRT_ST AFF, NTRT_ USER, NTRT _ADMIN), f alse);
	442	as sertValida teCachedRo les(ntrtRo les(NTRT_A DMIN), pro jectRolesF or(NTRT_AD MIN, NTRT_ STAFF, NTR T_USER), f alse);
	443
	444	// user has one too fe w project roles
	445	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ STAFF), pr ojectRoles For(NTRT_U SER), fals e);
	446	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ STAFF), pr ojectRoles For(NTRT_S TAFF), fal se);
	447	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ ADMIN), pr ojectRoles For(NTRT_U SER), fals e);
	448	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ ADMIN), pr ojectRoles For(NTRT_A DMIN), fal se);
	449
	450	// user has two too fe w project roles
	451	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ STAFF, NTR T_ADMIN), projectRol esFor(NTRT _USER), fa lse);
	452	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ STAFF, NTR T_ADMIN), projectRol esFor(NTRT _STAFF), f alse);
	453	as sertValida teCachedRo les(ntrtRo les(NTRT_U SER, NTRT_ STAFF, NTR T_ADMIN), projectRol esFor(NTRT _ADMIN), f alse);
	454	}
	455
	456	@Test
	457	public void cach eProjectRo lesCachesP rojectRole s() {
	458	Mo ckApplicat ionUser us er = new M ockApplica tionUser(T EST_USER_N AME, "Test User", "t est@user.c om");
	459	Mo ckHttpSess ion sessio n = new Mo ckHttpSess ion();
	460
	461	gi venProject ManagerWil lReturnNtr tProject() ;
	462	gi ven(projec tRoleManag er.getProj ectRoles(e q(user), i sA(Project .class))). willReturn (Arrays.as List(
	463	new ProjectRol eImpl(JIRA _ROLE_CUST OMER, ""),
	464	new ProjectRol eImpl(JIRA _ROLE_TEAM , ""),
	465	new ProjectRol eImpl(JIRA _ROLE_ADMI N, "")
	466	)) ;
	467
	468	au thenticato r.cachePro jectRoles( user, sess ion);
	469	Se t<String> cachedRole s = authen ticator.ge tCachedRol es(session );
	470
	471	as sertThat(c achedRoles ).isNotNul l();
	472	as sertThat(c achedRoles .size()).i sEqualTo(3 );
	473	as sertThat(c achedRoles ).contains ExactlyInA nyOrder(JI RA_ROLE_CU STOMER, JI RA_ROLE_TE AM, JIRA_R OLE_ADMIN) ;
	474	}
	475
	476	@Test
	477	public void cach eProjectRo lesDoesNot CacheZeroR oles() {
	478	Mo ckApplicat ionUser us er = new M ockApplica tionUser(T EST_USER_N AME, "Test User", "t est@user.c om");
	479	Mo ckHttpSess ion sessio n = new Mo ckHttpSess ion();
	480
	481	gi venProject ManagerWil lReturnNtr tProject() ;
	482	gi ven(projec tRoleManag er.getProj ectRoles(e q(user), i sA(Project .class))). willReturn (emptyList ());
	483
	484	au thenticato r.cachePro jectRoles( user, sess ion);
	485	Se t<String> cachedRole s = authen ticator.ge tCachedRol es(session );
	486
	487	as sertThat(c achedRoles ).isNull() ;
	488	}
	489
	490	@Test( expected = IllegalAr gumentExce ption.clas s)
	491	@Suppr essWarning s("depreca tion")
	492	public void getA dminUserTh rowsWhenUs erNotFound () {
	493	gi ven(userMa nager.getU serObject( JIRA_USER_ NAME_ADMIN )).willRet urn(null);
	494	au thenticato r.getAdmin User();
	495	}
	496
	497	@Test
	498	public void addU serToGroup ReturnsFal seWhenAddO perationFa ils() thro ws Excepti on {
	499	gi venGroupMa nagerWillR eturnServi ceDeskUser sGroup();
	500	do Throw(Oper ationFaile dException .class).wh en(groupMa nager).add UserToGrou p(isA(Appl icationUse r.class), isA(Group. class));
	501	as sertThat(a uthenticat or.addUser ToGroup(te stUser(), JIRA_GROUP _SERVICEDE SK_USERS)) .isFalse() ;
	502	}
	503
	504	@Test
	505	public void assi gnUserToPr ojectRoles ReturnsFal seIfUserCa nnotBeAdde dToService DeskUsersG roup() thr ows Except ion {
	506	gi venGroupMa nagerWillR eturnServi ceDeskUser sGroup();
	507	do Throw(Oper ationFaile dException .class).wh en(groupMa nager).add UserToGrou p(isA(Appl icationUse r.class), isA(Group. class));
	508	as sertThat(a uthenticat or.assignU serToProje ctRoles(te stUser(), null)).isF alse();
	509	}
	510
	511	@Test
	512	public void assi gnUserToPr ojectRoles ReturnsFal seIfUserCa nnotBeAssi gnedToProj ectRole() {
	513	st ubTestAndA dminUsersA ndUsersGro upAndProje ct();
	514	gi venProject RoleServic eWillRetur nProjectRo le(JIRA_RO LE_TEAM);
	515	do FailAddAct orsToProje ctRole();
	516
	517	as sertThat(a uthenticat or.assignU serToProje ctRoles(te stUser(), EnumSet.of (NTRT_STAF F))).isFal se();
	518	}
	519
	520	@Test
	521	public void remo veUserFrom ProjectRol eTrapsErro r() {
	522	st ubTestAndA dminUsersA ndUsersGro upAndProje ct();
	523	gi venProject RoleManage rWillRetur nProjectRo les(projec tRole(JIRA _ROLE_CUST OMER));
	524	do FailRemove ActorsFrom ProjectRol e();
	525
	526	St ring messa geTemplate = LOG_MES SAGE_COULD _NOT_REMOV E_PROJECT_ ROLE.repla ce("{}", " %s");
	527	St ring expec tedMessage = format( messageTem plate,
	528	form at("%s(%s) ", TEST_US ER_NAME, T EST_USER_N AME),
	529	form at("Projec t Role: %s (%d)", JIR A_ROLE_CUS TOMER, 100 0),
	530	"Pro ject: NTRT ", "[]", " []");
	531
	532	au thenticato r.removeUs erFromProj ectRole(te stUser(), projectRol e(JIRA_ROL E_CUSTOMER ));
	533
	534	ve rify(appen der, times (1)).doApp end(captor .capture() );
	535	Li st<Logging Event> log s = captor .getAllVal ues();
	536	as sertThat(l ogs.size() ).isEqualT o(1);
	537	as sertThat(l ogs.get(0) .getMessag e()).isEqu alTo(expec tedMessage );
	538	}
	539
	540	@Test
	541	public void getP rojectRole TrapsError () throws Exception {
	542	st ubTestAndA dminUsersA ndUsersGro upAndProje ct();
	543	gi venProject RoleServic eWillRetur nProjectRo le(JIRA_RO LE_CUSTOME R);
	544
	545	St ring messa geTemplate = LOG_MES SAGE_GET_P ROJECT_ROL E_ERROR.re place("{}" , "%s");
	546	St ring expec tedMessage = format( messageTem plate, JIR A_ROLE_CUS TOMER, "[] ", "[]");
	547
	548	ad dErrorToEr rorCollect ionWhen(pr ojectRoleS ervice, 1) .getProjec tRoleByNam e(
	549	isA( String.cla ss),
	550	isA( ErrorColle ction.clas s));
	551
	552	au thenticato r.getProje ctRole(JIR A_ROLE_CUS TOMER);
	553
	554	ve rify(appen der, times (1)).doApp end(captor .capture() );
	555	Li st<Logging Event> log s = captor .getAllVal ues();
	556	as sertThat(l ogs.size() ).isEqualT o(1);
	557	as sertThat(l ogs.get(0) .getMessag e()).isEqu alTo(expec tedMessage );
	558	}
	559
	560	/*
	561	Ut ilities
	562	*/
	563
	564	privat e ProjectR ole projec tRole(Stri ng project Role) {
	565	re turn new M ockProject RoleManage r.MockProj ectRole(10 00, projec tRole, pro jectRole);
	566	}
	567
	568	privat e void giv enProjectR oleManager WillReturn ProjectRol es(Project Role... pr ojectRoles ) {
	569	gi ven(projec tRoleManag er.getProj ectRoles(i sA(Applica tionUser.c lass), isA (Project.c lass)))
	570	.wil lReturn(Ar rays.asLis t(projectR oles));
	571	}
	572
	573	privat e void stu bTestAndAd minUsersAn dUsersGrou pAndProjec t() {
	574	gi venUserMan agerWillRe turnAdminU ser();
	575	gi venUserMan agerWillRe turnTestUs er();
	576	gi venGroupMa nagerWillR eturnServi ceDeskUser sGroup();
	577	gi venProject ManagerWil lReturnNtr tProject() ;
	578	}
	579
	580	@Suppr essWarning s("depreca tion")
	581	privat e void doF ailAddActo rsToProjec tRole() {
	582	Se t<String> userKeys = Collectio ns.singlet on(TEST_US ER_NAME);
	583	Ap plicationU ser adminU ser = auth enticator. getAdminUs er();
	584
	585	ad dErrorToEr rorCollect ionWhen(pr ojectRoleS ervice, 5) .addActors ToProjectR ole(
	586	eq(a dminUser),
	587	eq(u serKeys),
	588	isA( ProjectRol e.class),
	589	isA( Project.cl ass),
	590	eq(U SER_ROLE_A CTOR_TYPE) ,
	591	isA( ErrorColle ction.clas s));
	592	}
	593
	594	@Suppr essWarning s("depreca tion")
	595	privat e void doF ailRemoveA ctorsFromP rojectRole () {
	596	Se t<String> userKeys = Collectio ns.singlet on(TEST_US ER_NAME);
	597	Ap plicationU ser adminU ser = auth enticator. getAdminUs er();
	598
	599	ad dErrorToEr rorCollect ionWhen(pr ojectRoleS ervice, 5) .removeAct orsFromPro jectRole(
	600	eq(a dminUser),
	601	eq(u serKeys),
	602	isA( ProjectRol e.class),
	603	isA( Project.cl ass),
	604	eq(U SER_ROLE_A CTOR_TYPE) ,
	605	isA( ErrorColle ction.clas s));
	606	}
	607
	608	privat e <T> T ad dErrorToEr rorCollect ionWhen(T t, int err orCollecti onArgument Index) {
	609	re turn doAns wer(invoca tion -> {
	610	// popul ating the errors col lection wi ll cause a ddUserToPr ojectRole( ) to retur n false
	611	ErrorCol lection er rors1 = in vocation.g etArgument (errorColl ectionArgu mentIndex) ;
	612	errors1. addError(" Induced er ror", "");
	613	return n ull;
	614	}) .when(t);
	615	}
	616
	617	privat e MockHttp Session mo ckSessionW ithCachedR oles(Role. .. ntrtRol es) {
	618	Mo ckHttpSess ion sessio n = new Mo ckHttpSess ion();
	619	Se t<String> cachedRole s = projec tRolesFor( ntrtRoles) ;
	620	se ssion.setA ttribute(N TRT_SSOI_A UTH_ROLES_ KEY, cache dRoles);
	621	re turn sessi on;
	622	}
	623
	624	privat e void giv enProjectR oleService WillReturn ProjectRol e(String p rojectRole Name) {
	625	Pr ojectRole projectRol e = new Mo ckProjectR oleManager .MockProje ctRole(0, projectRol eName, "") ;
	626	gi ven(projec tRoleServi ce.getProj ectRoleByN ame(eq(pro jectRoleNa me), isA(E rrorCollec tion.class ))).willRe turn(proje ctRole);
	627	}
	628
	629	privat e void giv enProjectM anagerWill ReturnNtrt Project() {
	630	gi ven(projec tManager.g etProjectB yCurrentKe y(eq(JIRA_ PROJECT_NA ME_NTRT))) .willRetur n(ntrtProj ect);
	631	}
	632
	633	privat e void giv enGroupMan agerWillRe turnServic eDeskUsers Group() {
	634	gi ven(groupM anager.get Group(JIRA _GROUP_SER VICEDESK_U SERS)).wil lReturn(ji raServiceD eskUsersGr oup);
	635	}
	636
	637	@Suppr essWarning s("depreca tion")
	638	privat e void giv enUserMana gerWillRet urnTestUse r() {
	639	gi ven(userMa nager.getU serObject( TEST_USER_ NAME)).wil lReturn(te stUser());
	640	}
	641
	642	privat e MockAppl icationUse r testUser () {
	643	re turn new M ockApplica tionUser(T EST_USER_N AME, TEST_ USER_NAME) ;
	644	}
	645
	646	@Suppr essWarning s("depreca tion")
	647	privat e void giv enUserMana gerWillRet urnAdminUs er() {
	648	gi ven(userMa nager.getU serObject( JIRA_USER_ NAME_ADMIN )).willRet urn(new Mo ckApplicat ionUser(JI RA_USER_NA ME_ADMIN, JIRA_USER_ NAME_ADMIN ));
	649	}
	650
	651	privat e void ass ertValidat eCachedRol es(EnumSet <Role> ntr tRoles, Se t<String> projectRol es, boolea n expected ) {
	652	as sertThat(a uthenticat or.validat eCachedRol es(ntrtRol es, projec tRoles)).i sEqualTo(e xpected);
	653	}
	654
	655	privat e Set<Stri ng> projec tRolesFor( Role... nt rtRoles) {
	656	Ha shSet<Stri ng> projec tRoles = n ew HashSet <>(3);
	657	fo r (Role nt rtRole : n trtRoles) {
	658	projectR oles.add(p rojectRole For(ntrtRo le));
	659	}
	660	re turn proje ctRoles;
	661	}
	662
	663	privat e EnumSet< Role> ntrt Roles(Role ... ntrtRo les) {
	664	En umSet<Role > roles = EnumSet.no neOf(Role. class);
	665	ro les.addAll (Arrays.as List(ntrtR oles));
	666	re turn roles ;
	667	}
	668
	669
	670	privat e String p rojectRole For(Role n trtRole) {
	671	re turn PROJE CT_ROLES.g et(ntrtRol e);
	672	}
	673
	674	privat e MockHttp ServletReq uest mockR equest(Map <String, S tring> val ues) {
	675	Mo ckHttpServ letRequest request = new MockH ttpServlet Request();
	676	va lues.forEa ch(request ::addHeade r);
	677	re turn reque st;
	678	}
	679
	680	privat e MockHttp ServletRes ponse mock Response() {
	681	re turn new M ockHttpSer vletRespon se();
	682	}
	683
	684	}