org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException Java Examples

@Test
public void testFailuresToUpdateRoleOfUserWhenRemoteServiceCallFailed() throws UserStoreException, RemoteException,
        UserAdminUserAdminException {
    Mockito.when(userAdminStub.getRolesOfUser(username, "*", -1)).thenReturn(flaggedNames);
    Mockito.when(userStoreManager.isExistingRole(role)).thenReturn(true);

    //Test failure to update the user role when
    Mockito.doThrow(new RemoteException("Exception occurred while updating the roles of user")).when(userAdminStub)
            .updateRolesOfUser(Mockito.anyString(), new
                    String[]{Mockito.anyString()});
    try {
        UserSignUpWorkflowExecutor.updateRolesOfUser(serverURL, adminUsername, adminPassword, username, role);
        Assert.fail("Expected exception has been not thrown while updating the roles of user failed");
    } catch (Exception e) {
        Assert.assertEquals(e.getMessage(), "Exception occurred while updating the roles of user");
    }
}
 

/**
 * Get User Store Domains
 *
 * @return
 * @throws AxisFault
 */
public String[] getUserStoreDomains() throws AxisFault {
    try {
        List<String> readWriteDomainNames = new ArrayList<String>();
        UserStoreInfo[] storesInfo = userAdminStub.getUserRealmInfo().getUserStoresInfo();
        for (UserStoreInfo storeInfo : storesInfo) {
            if (!storeInfo.getReadOnly()) {
                readWriteDomainNames.add(storeInfo.getDomainName());
            }
        }
        return readWriteDomainNames.toArray(new String[readWriteDomainNames.size()]);
    } catch (RemoteException | UserAdminUserAdminException e) {
        throw new AxisFault("Error occurred while retrieving Read-Write User Store Domain IDs for logged-in" +
                            " user's tenant realm");
    }
}
 

/**
 * User1 and User2 exists in the same role where create topic permission is assigned.
 * Admin(UI) creates a topic and then publishes and consumes messages.
 * Add publish and consume permissions to the role in which User1 and User2 exists.
 * User1 and User2 tries to publish and consume messages. User2 succeeds.
 *
 * @throws AndesClientConfigurationException
 * @throws NamingException
 * @throws IOException
 * @throws XPathExpressionException
 * @throws AndesClientException
 * @throws JMSException
 * @throws UserAdminUserAdminException
 * @throws LoginAuthenticationExceptionException
 * @throws AndesEventAdminServiceEventAdminException
 * @throws XMLStreamException
 * @throws LogoutAuthenticationExceptionException
 * @throws URISyntaxException
 * @throws SAXException
 * @throws AndesAdminServiceBrokerManagerAdminException
 */
@Test(groups = {"wso2.mb", "topic"})
public void performTopicPermissionSameRoleUsersWithAdminCreated()
        throws AndesClientConfigurationException, NamingException, IOException,
        XPathExpressionException, AndesClientException, JMSException,
        UserAdminUserAdminException, LoginAuthenticationExceptionException,
        AndesEventAdminServiceEventAdminException, XMLStreamException,
        LogoutAuthenticationExceptionException, URISyntaxException, SAXException,
        AndesAdminServiceBrokerManagerAdminException, AutomationUtilException {
    // "superAdmin" refers to the admin
    this.createPublishAndSubscribeFromUser("superAdmin", "authTopic8");

    // Adding publish subscribe permissions of 'authTopic8' to 'create_pub_sub_topic_role' role.
    TopicRolePermission topicRolePermission = new TopicRolePermission();
    topicRolePermission.setRoleName(CREATE_PUB_SUB_TOPIC_ROLE);
    topicRolePermission.setAllowedToSubscribe(true);
    topicRolePermission.setAllowedToPublish(true);
    this.updateTopicRoleConsumePublishPermission("authTopic8", topicRolePermission);
    log.info("Consumer and publish permissions updated for " + CREATE_PUB_SUB_TOPIC_ROLE);

    this.createPublishAndSubscribeFromUser("authUser1", "authTopic8");
    this.createPublishAndSubscribeFromUser("authUser2", "authTopic8");
}
 

/**
 * Cleans up the test case effects. Created roles and internal role related roles are created.
 *
 * @throws RemoteException
 * @throws UserAdminUserAdminException
 */
@AfterMethod(alwaysRun = true)
public void cleanUp() throws RemoteException, UserAdminUserAdminException {
    // Deleting roles of the users used in the test case
    userManagementClient.deleteRole(CREATE_PUB_SUB_TOPIC_ROLE);
    userManagementClient.deleteRole(PUB_SUB_TOPIC_ROLE);
    userManagementClient.deleteRole(NO_PERMISSION_TOPIC_ROLE);

    // Deleting internal roles specific to topics
    FlaggedName[] allRoles = userManagementClient.getAllRolesNames("*", 10);
    for (FlaggedName allRole : allRoles) {
        if (allRole.getItemName().contains(TOPIC_PREFIX)) {
            userManagementClient.deleteRole(allRole.getItemName());
        }
    }
}
 

protected String[] handleException(Exception e) throws AxisFault  {

        String errorMessage = "Unknown";

        if(e instanceof UserAdminUserAdminException){
            UserAdminUserAdminException adminException = (UserAdminUserAdminException) e;
            if (adminException.getFaultMessage().getUserAdminException()!=null) {
                errorMessage = adminException.getFaultMessage().getUserAdminException().getMessage();
            }
        } else {
            errorMessage = e.getMessage();
        }

        log.error(errorMessage, e);
        throw new AxisFault(errorMessage, e);

    }
 

/**
 * User1 exists in a role where create topic  permission is assigned.
 * User1 creates a topic  and then publishes and consumes messages.
 * User1 is removed from the role.
 * User1 tries to publish and consume messages. User1 fails.
 *
 * @throws AndesClientConfigurationException
 * @throws NamingException
 * @throws IOException
 * @throws XPathExpressionException
 * @throws AndesClientException
 * @throws JMSException
 * @throws UserAdminUserAdminException
 */
@Test(groups = {"wso2.mb", "topic"}, expectedExceptions = JMSException.class,
        expectedExceptionsMessageRegExp = ".*Permission denied.*")
public void performTopicPermissionSameUserRemovedFromRole()
        throws AndesClientConfigurationException, NamingException, IOException,
               XPathExpressionException, AndesClientException, JMSException,
               UserAdminUserAdminException {
    this.createPublishAndSubscribeFromUser("authUser1", "authTopic5");

    // Removing authUser1 from create_pub_sub_topic_role and Internal/T_authTopic5
    userManagementClient.addRemoveRolesOfUser("authUser1", new String[]{NO_PERMISSION_TOPIC_ROLE},
                                  new String[]{CREATE_PUB_SUB_TOPIC_ROLE, "Internal/T_authtopic5"});
    log.info("Removing authUser1 from " + CREATE_PUB_SUB_TOPIC_ROLE + " and Internal/T_authtopic5");

    this.createPublishAndSubscribeFromUser("authUser1", "authTopic5");
}
 

/**
 * Assigning consuming publishing permissions of a topic to a role.
 *
 * @param topicName   The topic name
 * @param permissions New permissions for the role. can be publish, consume.
 * @throws XPathExpressionException
 * @throws IOException
 * @throws URISyntaxException
 * @throws SAXException
 * @throws XMLStreamException
 * @throws LoginAuthenticationExceptionException
 * @throws AndesAdminServiceBrokerManagerAdminException
 * @throws LogoutAuthenticationExceptionException
 * @throws UserAdminUserAdminException
 */
public void updateTopicRoleConsumePublishPermission(String topicName,
                                                    TopicRolePermission permissions)
        throws XPathExpressionException, IOException, URISyntaxException, SAXException,
        XMLStreamException, LoginAuthenticationExceptionException,
        AndesAdminServiceBrokerManagerAdminException,
        LogoutAuthenticationExceptionException,
        UserAdminUserAdminException,
        AndesEventAdminServiceEventAdminException, AutomationUtilException {

    LoginLogoutClient loginLogoutClientForUser = new LoginLogoutClient(automationContext);
    String sessionCookie = loginLogoutClientForUser.login();
    TopicAdminClient topicAdminClient =
            new TopicAdminClient(backendURL, sessionCookie);
    topicAdminClient.updatePermissionForTopic(topicName, permissions);
    loginLogoutClientForUser.logout();
}
 

/**
 * Cleans up the test case effects. Created roles and internal role related roles are deleted.
 *
 * @throws RemoteException
 * @throws UserAdminUserAdminException
 */
@AfterMethod(alwaysRun = true)
public void cleanUp() throws RemoteException, UserAdminUserAdminException {
    // Deleting roles of the users used in the test case
    userManagementClient.deleteRole(CREATE_PUB_SUB_TOPIC_ROLE);
    userManagementClient.deleteRole(PUB_SUB_TOPIC_ROLE);
    userManagementClient.deleteRole(NO_PERMISSION_TOPIC_ROLE);

    // Deleting internal roles specific to topics
    FlaggedName[] allRoles = userManagementClient.getAllRolesNames("*", 10);
    for (FlaggedName allRole : allRoles) {
        if (allRole.getItemName().contains(TOPIC_PREFIX)) {
            userManagementClient.deleteRole(allRole.getItemName());
        }
    }
}
 

/**
 * Cleans up the test case effects. Created roles and internal queue related roles are created.
 *
 * @throws java.rmi.RemoteException
 * @throws UserAdminUserAdminException
 */
@AfterMethod(alwaysRun = true)
public void cleanUpAfterScenario() throws RemoteException, UserAdminUserAdminException {
    // Deleting roles of the users used in the test case
    userManagementClient.deleteRole(CREATE_PUB_SUB_QUEUE_ROLE);
    userManagementClient.deleteRole(PUB_SUB_QUEUE_ROLE);
    userManagementClient.deleteRole(NO_PERMISSION_QUEUE_ROLE);

    // Deleting internal roles specific to queues
    FlaggedName[] allRoles = userManagementClient.getAllRolesNames("*", 10);
    for (FlaggedName allRole : allRoles) {
        if (QUEUE_PREFIX.contains(allRole.getItemName())) {
            userManagementClient.deleteRole(allRole.getItemName());
        }
    }
}
 

/**
 * User1 and User2 exists in the same role where create queue permission is assigned.
 * Admin(UI) creates a queue and then publishes and consumes messages.
 * Add publish and consume permissions to the role in which User1 and User2 exists.
 * User1 and User2 tries to publish and consume messages. User2 succeeds.
 *
 * @throws AndesClientConfigurationException
 * @throws NamingException
 * @throws IOException
 * @throws XPathExpressionException
 * @throws AndesClientException
 * @throws JMSException
 * @throws UserAdminUserAdminException
 * @throws LoginAuthenticationExceptionException
 * @throws XMLStreamException
 * @throws LogoutAuthenticationExceptionException
 * @throws URISyntaxException
 * @throws SAXException
 * @throws AndesAdminServiceBrokerManagerAdminException
 */
@Test(groups = {"wso2.mb", "queue"})
public void performQueuePermissionSameRoleUsersWithAdminCreated()
        throws AndesClientConfigurationException, NamingException, IOException,
        XPathExpressionException, AndesClientException, JMSException,
        UserAdminUserAdminException, LoginAuthenticationExceptionException,
        XMLStreamException, LogoutAuthenticationExceptionException, URISyntaxException,
        SAXException, AndesAdminServiceBrokerManagerAdminException, AutomationUtilException {
    // "superAdmin" refers to the admin
    this.createPublishAndSubscribeFromUser("superAdmin", "authQueue8");

    // Adding publish subscribe permissions of 'authQueue8' to 'create_pub_sub_queue_role' role.
    QueueRolePermission queueRolePermission = new QueueRolePermission();
    queueRolePermission.setRoleName(CREATE_PUB_SUB_QUEUE_ROLE);
    queueRolePermission.setAllowedToConsume(true);
    queueRolePermission.setAllowedToPublish(true);
    this.updateQueueRoleConsumePublishPermission("authQueue8", queueRolePermission);
    log.info("Consumer and publish permissions updated for " + CREATE_PUB_SUB_QUEUE_ROLE);

    this.createPublishAndSubscribeFromUser("authUser1", "authQueue8");
    this.createPublishAndSubscribeFromUser("authUser2", "authQueue8");
}
 

/**
 * User1 exists in a role where create queue permission is assigned.
 * User1 creates a queue and then publishes and consumes messages.
 * User1 is removed from the role.
 * User1 tries to publish and consume messages. User1 fails.
 *
 * @throws RemoteException
 * @throws UserAdminUserAdminException
 */
@Test(groups = {"wso2.mb", "queue"}, expectedExceptions = JMSException.class, expectedExceptionsMessageRegExp = ".*Permission denied.*")
public void performQueuePermissionSameUserRemovedFromRole()
        throws IOException, UserAdminUserAdminException, JMSException, NamingException,
               AndesClientConfigurationException, AndesClientException,
               XPathExpressionException {
    this.createPublishAndSubscribeFromUser("authUser1", "authQueue5");

    // Removing authUser1 from create_pub_sub_queue_role and Internal/Q_authQueue5
    userManagementClient
            .addRemoveRolesOfUser("authUser1", new String[]{NO_PERMISSION_QUEUE_ROLE},
                                  new String[]{CREATE_PUB_SUB_QUEUE_ROLE, "Internal/Q_authqueue5"});
    log.info("Removing authUser1 from " + CREATE_PUB_SUB_QUEUE_ROLE + " and Internal/Q_authqueue5");

    this.createPublishAndSubscribeFromUser("authUser1", "authQueue5");
}
 

/**
 * User1 and User2 exists in the same role where create queue permission is assigned.
 * User1 creates a queue and then publishes and consumes messages.
 * Admin assigns publishing and consuming  permissions to the role in which User1 and User2 are
 * in.
 * User1 is removed from the role.
 * User2 tries to publish and consume messages. User2 succeeds.
 *
 * @throws IOException
 * @throws LoginAuthenticationExceptionException
 * @throws URISyntaxException
 * @throws LogoutAuthenticationExceptionException
 * @throws XMLStreamException
 * @throws AndesAdminServiceBrokerManagerAdminException
 * @throws SAXException
 * @throws XPathExpressionException
 * @throws UserAdminUserAdminException
 * @throws JMSException
 * @throws AndesClientConfigurationException
 * @throws AndesClientException
 * @throws NamingException
 */
@Test(groups = {"wso2.mb", "queue"})
public void performQueuePermissionSameRoleAssignedPermissions()
        throws IOException, LoginAuthenticationExceptionException, URISyntaxException,
        LogoutAuthenticationExceptionException, XMLStreamException,
        AndesAdminServiceBrokerManagerAdminException, SAXException,
        XPathExpressionException, UserAdminUserAdminException, JMSException,
        AndesClientConfigurationException, AndesClientException, NamingException, AutomationUtilException {
    this.createPublishAndSubscribeFromUser("authUser1", "authQueue6");

    // Adding publish subscribe permissions of 'authQueue6' to 'create_pub_sub_queue_role' role.
    QueueRolePermission queueRolePermission = new QueueRolePermission();
    queueRolePermission.setRoleName(CREATE_PUB_SUB_QUEUE_ROLE);
    queueRolePermission.setAllowedToConsume(true);
    queueRolePermission.setAllowedToPublish(true);
    this.updateQueueRoleConsumePublishPermission("authQueue6", queueRolePermission);
    log.info("Consumer and publish permissions updated for " + CREATE_PUB_SUB_QUEUE_ROLE);

    // Removing authUser1 from create_pub_sub_queue_role and Internal/Q_authQueue6
    userManagementClient
            .addRemoveRolesOfUser("authUser1", new String[]{NO_PERMISSION_QUEUE_ROLE},
                                  new String[]{CREATE_PUB_SUB_QUEUE_ROLE, "Internal/Q_authqueue6"});
    log.info("Removing authUser1 from " + CREATE_PUB_SUB_QUEUE_ROLE + " and Internal/Q_authqueue6");

    this.createPublishAndSubscribeFromUser("authUser2", "authQueue6");
}
 

/**
 * User3 is in Role2 where there are no create queue permissions.
 * Admin creates a queue and then publishes and consumes messages.
 * Admin assigns publishing and consuming permissions to Role2.
 * User3 tries to publish and consume messages. User3 succeeds.
 *
 * @throws IOException
 * @throws XPathExpressionException
 * @throws AndesAdminServiceBrokerManagerAdminException
 * @throws URISyntaxException
 * @throws SAXException
 * @throws XMLStreamException
 * @throws UserAdminUserAdminException
 * @throws LoginAuthenticationExceptionException
 * @throws LogoutAuthenticationExceptionException
 * @throws JMSException
 * @throws AndesClientConfigurationException
 * @throws AndesClientException
 * @throws NamingException
 */
@Test(groups = {"wso2.mb", "queue"})
public void performQueuePermissionDifferentRolesAssignedPermissions()
        throws IOException, XPathExpressionException,
        AndesAdminServiceBrokerManagerAdminException, URISyntaxException, SAXException,
        XMLStreamException, UserAdminUserAdminException,
        LoginAuthenticationExceptionException, LogoutAuthenticationExceptionException,
        JMSException, AndesClientConfigurationException, AndesClientException,
        NamingException, AutomationUtilException {
    // "superAdmin" refers to the admin
    this.createPublishAndSubscribeFromUser("superAdmin", "authQueue7");

    // Adding publish subscribe permissions of 'authQueue7' to 'pub_sub_queue_role' role.
    QueueRolePermission queueRolePermission = new QueueRolePermission();
    queueRolePermission.setRoleName(PUB_SUB_QUEUE_ROLE);
    queueRolePermission.setAllowedToConsume(true);
    queueRolePermission.setAllowedToPublish(true);
    this.updateQueueRoleConsumePublishPermission("authQueue7", queueRolePermission);
    log.info("Consumer and publish permissions updated for " + PUB_SUB_QUEUE_ROLE);

    this.createPublishAndSubscribeFromUser("authUser3", "authQueue7");
}
 

/**
 * User1 is in Role1 where there are create queue permissions.
 * User3 is in Role2 where there are no create queue permissions.
 * Admin creates a queue and then publishes and consumes messages.
 * Admin assigns publishing and consuming permissions to Role2.
 * User1 tries to publish and consume messages. User1 fails.
 *
 * @throws IOException
 * @throws XPathExpressionException
 * @throws AndesAdminServiceBrokerManagerAdminException
 * @throws URISyntaxException
 * @throws SAXException
 * @throws XMLStreamException
 * @throws UserAdminUserAdminException
 * @throws LoginAuthenticationExceptionException
 * @throws LogoutAuthenticationExceptionException
 * @throws JMSException
 * @throws AndesClientConfigurationException
 * @throws AndesClientException
 * @throws NamingException
 */
@Test(groups = {"wso2.mb", "queue"}, expectedExceptions = JMSException.class, expectedExceptionsMessageRegExp = ".*Permission denied.*")
public void performQueuePermissionDifferentRolesNoPermissions()
        throws IOException, XPathExpressionException,
        AndesAdminServiceBrokerManagerAdminException, URISyntaxException, SAXException,
        XMLStreamException, UserAdminUserAdminException,
        LoginAuthenticationExceptionException, LogoutAuthenticationExceptionException,
        JMSException, AndesClientConfigurationException, AndesClientException,
        NamingException, AutomationUtilException {
    // "superAdmin" refers to the admin
    this.createPublishAndSubscribeFromUser("superAdmin", "authQueue9");

    // Adding publish subscribe permissions of 'authQueue9' to 'pub_sub_queue_role' role.
    QueueRolePermission queueRolePermission = new QueueRolePermission();
    queueRolePermission.setRoleName(PUB_SUB_QUEUE_ROLE);
    queueRolePermission.setAllowedToConsume(true);
    queueRolePermission.setAllowedToPublish(true);
    this.updateQueueRoleConsumePublishPermission("authQueue9", queueRolePermission);
    log.info("Consumer and publish permissions updated for " + PUB_SUB_QUEUE_ROLE);

    this.createPublishAndSubscribeFromUser("authUser1", "authQueue9");
}
 

/**
 * Assigning consuming publishing permissions of a queue to a role.
 *
 * @param queueName   The queue name
 * @param permissions New permissions for the role. can be publish, consume.
 * @throws XPathExpressionException
 * @throws IOException
 * @throws URISyntaxException
 * @throws SAXException
 * @throws XMLStreamException
 * @throws LoginAuthenticationExceptionException
 * @throws AndesAdminServiceBrokerManagerAdminException
 * @throws LogoutAuthenticationExceptionException
 * @throws UserAdminUserAdminException
 */
public void updateQueueRoleConsumePublishPermission(String queueName,
                                                    QueueRolePermission permissions)
        throws XPathExpressionException, IOException, URISyntaxException, SAXException,
        XMLStreamException, LoginAuthenticationExceptionException,
        AndesAdminServiceBrokerManagerAdminException,
        LogoutAuthenticationExceptionException,
        UserAdminUserAdminException, AutomationUtilException {

    LoginLogoutClient loginLogoutClientForAdmin = new LoginLogoutClient(super.automationContext);
    String sessionCookie = loginLogoutClientForAdmin.login();
    AndesAdminClient andesAdminClient =
            new AndesAdminClient(super.backendURL, sessionCookie);
    andesAdminClient.updatePermissionForQueue(queueName, permissions);
    loginLogoutClientForAdmin.logout();
}
 

/**
 * Get User Store Domains
 *
 * @return
 * @throws AxisFault
 */
public String[] getUserStoreDomains() throws AxisFault {
    try {
        List<String> readWriteDomainNames = new ArrayList<String>();
        UserStoreInfo[] storesInfo = userAdminStub.getUserRealmInfo().getUserStoresInfo();
        for (UserStoreInfo storeInfo : storesInfo) {
            if (!storeInfo.getReadOnly()) {
                readWriteDomainNames.add(storeInfo.getDomainName());
            }
        }
        return readWriteDomainNames.toArray(new String[readWriteDomainNames.size()]);
    } catch (RemoteException | UserAdminUserAdminException e) {
        throw new AxisFault("Error occurred while retrieving Read-Write User Store Domain IDs for logged-in" +
                            " user's tenant realm");
    }
}
 

protected String[] handleException(Exception e) throws AxisFault  {

        String errorMessage = "Unknown";

        if(e instanceof UserAdminUserAdminException){
            UserAdminUserAdminException adminException = (UserAdminUserAdminException) e;
            if (adminException.getFaultMessage().getUserAdminException()!=null) {
                errorMessage = adminException.getFaultMessage().getUserAdminException().getMessage();
            }
        } else {
            errorMessage = e.getMessage();
        }

        log.error(errorMessage, e);
        throw new AxisFault(errorMessage, e);

    }
 

/**
 * Initializes the test case.
 *
 * @throws XPathExpressionException
 * @throws RemoteException
 * @throws UserAdminUserAdminException
 */
@BeforeClass(alwaysRun = true)
public void init() throws XPathExpressionException, RemoteException, UserAdminUserAdminException {
    super.init(TestUserMode.SUPER_TENANT_USER);


    // Logging into user management as admin and adding a new role to give permission for publishing/subscribe
    userManagementClient = new UserManagementClient(backendURL, "[email protected]",
            "admin");
    String[] publishers = {"topictenantuser1"};
    userManagementClient.addRole(PUBLISHER_ROLE, publishers, new String[]{});
}
 

/**
 * Initializes the test case.
 *
 * @throws XPathExpressionException
 * @throws java.rmi.RemoteException
 * @throws org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException
 */
@BeforeClass(alwaysRun = true)
public void init() throws XPathExpressionException, RemoteException,
                          UserAdminUserAdminException {
    super.init(TestUserMode.SUPER_TENANT_USER);

    // Get current "AndesAckWaitTimeOut" system property.
    defaultAndesAckWaitTimeOut = System.getProperty(AndesClientConstants.
                                                            ANDES_ACK_WAIT_TIMEOUT_PROPERTY);


    // Setting system property "AndesAckWaitTimeOut" for andes
    System.setProperty(AndesClientConstants.ANDES_ACK_WAIT_TIMEOUT_PROPERTY, "0");

}
 

/**
 * Creates a topic by giving topic creation rights to the user.
 * 1. User is in a role with no permissions.
 * 2. Admin gives permissions to the role to create topics and for logging in.
 * 3. User creates a topic.
 * 4. Validates whether topic is created.
 *
 * @throws XPathExpressionException
 * @throws IOException
 * @throws UserAdminUserAdminException
 */
@Test(groups = {"wso2.mb", "topic"})
public void createTopicPermissionTestCase() throws XPathExpressionException, IOException, UserAdminUserAdminException {
    String topicName = "topicCreationPermission";

    AutomationContext authAutomationContext =
            new AutomationContext("MB", "mb001", FrameworkConstants.SUPER_TENANT_KEY,
                                                                                "topicAuthUser");
    User contextUser = authAutomationContext.getContextTenant().getContextUser();

    String[] createPermissionUser = new String[]{contextUser.getUserNameWithoutDomain()};

    // Logging into user management as admin
    UserManagementClient userManagementClient =
            new UserManagementClient(super.backendURL, "admin", "admin");

    // Removing admin permission for user
    userManagementClient.updateUserListOfRole(FrameworkConstants.ADMIN_ROLE, null, createPermissionUser);

    // Adding roles along with users
    userManagementClient
            .addRole(CREATE_TOPIC_PERMISSION_ROLE, createPermissionUser, new String[]{ADD_TOPIC_PERMISSION, LOGIN_PERMISSION});

    driver.get(getLoginURL());
    LoginPage loginPage = new LoginPage(driver);
    // Logging in to the the management console
    HomePage homePage = loginPage.loginAs(contextUser.getUserNameWithoutDomain(), contextUser.getPassword());

    TopicAddPage topicAddPage =
            homePage.getTopicAddPage("home.mb.topics.add.without.queue.xpath");

    // Creating a topic by the user and check whether valid dialog pop up is shown
    Assert.assertEquals(topicAddPage.addTopic(topicName), true);

    TopicsBrowsePage topicsBrowsePage = homePage.getTopicsBrowsePage("home.mb.topics.browse.without.queue.xpath");

    // Checks whether topic is created in the browsing page
    Assert.assertEquals(topicsBrowsePage.isTopicPresent(topicName), true);
}
 

private void addRoles() {
    try {
        userManagementClient.addRole(SUBSTTUTER_ROLE, null, new String[]{SUBSTITUTION_PERMISSION_PATH, LOGIN_PERMISSION_PATH});
        userManagementClient.addRole(NON_SUB_ROLE, null, new String[]{LOGIN_PERMISSION_PATH});
    } catch (RemoteException | UserAdminUserAdminException e) {
        log.error("Error adding a new role.", e);
    }
}
 

/**
 * Initializing test
 *
 * @throws XPathExpressionException
 * @throws RemoteException
 * @throws UserAdminUserAdminException
 */
@BeforeClass(alwaysRun = true)
public void init() throws XPathExpressionException, RemoteException, UserAdminUserAdminException {
    super.init(TestUserMode.SUPER_TENANT_USER);

    // Logging into user management as admin and adding a new role to give permission for publishing/subscribe
    userManagementClient = new UserManagementClient(backendURL, "[email protected]",
            "admin");

    String[] publishers = {"topictenantuser1"};
    userManagementClient.addRole(PUBLISHER_ROLE, publishers, new String[]{});
}
 

private void addUser(String user, String[] role) {
    try {
        userManagementClient.addUser(user, user, role, "test");
    } catch (RemoteException | UserAdminUserAdminException e) {
        log.error("Error adding new user for testing", e);
    }
}
 

@Test
public void testUpdatingRoleOfUser() throws UserStoreException, RemoteException, UserAdminUserAdminException {
    Mockito.when(userAdminStub.getRolesOfUser(username, "*", -1)).thenReturn(flaggedNames);
    Mockito.when(userStoreManager.isExistingRole(role)).thenReturn(true);
    try {
        UserSignUpWorkflowExecutor.updateRolesOfUser(serverURL, adminUsername, adminPassword, username, role);
        Assert.assertTrue(true);
    } catch (Exception e) {
        Assert.fail("Unexpected exception occurred while updating role of the given user");
    }
}
 

@Test
public void testFailuresToUpdateRoleOfUserWhenRoleIsNotExisting() throws UserStoreException, RemoteException,
        UserAdminUserAdminException {
    Mockito.when(userAdminStub.getRolesOfUser(username, "*", -1)).thenReturn(flaggedNames);
    Mockito.when(userStoreManager.isExistingRole(role)).thenReturn(false);

    //Test failure to update the user role when role is not existing
    try {
        UserSignUpWorkflowExecutor.updateRolesOfUser(serverURL, adminUsername, adminPassword, username, role);
        Assert.fail("Expected exception has been not thrown while failed to update the roles of user");
    } catch (Exception e) {
        Assert.assertEquals(e.getMessage(), "Could not find role " + role + " in the user store");
    }
}
 

@Test
public void testAddingUsersToUserStore() throws UserStoreException, RemoteException, UserAdminUserAdminException {
    try {
        UserSignUpWorkflowExecutor userSignUpWorkflowExecutor = new UserSignUpWSWorkflowExecutor();
        userSignUpWorkflowExecutor.addUserToUserStore(serverURL, new UserDTO());
        Assert.assertTrue(true);
    } catch (Exception e) {
        Assert.fail("Unexpected exception occurred while adding users to user store");
    }
}
 

@Test
public void testFailureToAddUsersToUserStoreWhenRemoteServiceCallFailed() throws UserStoreException,
        RemoteException, UserAdminUserAdminException, UserRegistrationAdminServiceException {
    PowerMockito.doThrow(new RemoteException("Exception occurred while adding user to user store")).when
            (userRegistrationAdminServiceStub).addUser((UserDTO) Mockito
            .anyObject());
    try {
        UserSignUpWorkflowExecutor userSignUpWorkflowExecutor = new UserSignUpWSWorkflowExecutor();
        userSignUpWorkflowExecutor.addUserToUserStore(serverURL, new UserDTO());
        Assert.fail("Expected exception has been not thrown while adding user to user store");
    } catch (Exception e) {
        Assert.assertEquals(e.getMessage(), "Exception occurred while adding user to user store");
    }
}
 

@Test
public void testExecutingUserSignUpSimpleWorkflow() throws APIManagementException, org
        .wso2.carbon.user.core.UserStoreException, RemoteException, UserAdminUserAdminException {
    Map<String, Boolean> roleMap = new HashMap<String, Boolean>();
    roleMap.put(signUpRole, false);

    UserRegistrationConfigDTO userRegistrationConfigDTO = new UserRegistrationConfigDTO();
    userRegistrationConfigDTO.setAdminUserName("admin");
    userRegistrationConfigDTO.setAdminPassword("admin");
    userRegistrationConfigDTO.setRoles(roleMap);

    PowerMockito.when(SelfSignUpUtil.getSignupConfiguration(tenantDomain)).thenReturn(userRegistrationConfigDTO);
    PowerMockito.when(SelfSignUpUtil.getRoleNames(userRegistrationConfigDTO)).thenCallRealMethod();
    PowerMockito.when(apiManagerConfiguration.getFirstProperty(APIConstants.AUTH_MANAGER_URL)).thenReturn
            ("https://localhost:9443/services/");
    Mockito.when(userStoreManager.isExistingUser(username)).thenReturn(true);
    Mockito.when(userStoreManager.isExistingRole("Internal/" + signUpRole)).thenReturn(true);
    FlaggedName flaggedName = new FlaggedName();
    flaggedName.setSelected(true);
    flaggedName.setItemName(signUpRole);
    FlaggedName[] flaggedNames = {flaggedName};
    Mockito.when(userAdminStub.getRolesOfUser(username, "*", -1)).thenReturn(flaggedNames);

    try {
        Assert.assertNotNull(userSignUpSimpleWorkflowExecutor.execute(workflowDTO));
    } catch (WorkflowException e) {
        Assert.fail("Unexpected WorkflowException has thrown while executing the user signup simple workflow");
    }
}
 

public void addUser(String adminUserKey, String userName, String userPassword, String roleName)
        throws Exception {
    setInfoRolesAndUsers(adminUserKey);
    try {
        String roles[] = {roleName};
        userAdminStub.addUser(userName, userPassword, roles, null);
    } catch (UserAdminUserAdminException e) {
        log.error("Add user fail" + e);
        throw new UserAdminException("Add user fail" + e);
    }
}
 

/**
 * User1 and User2 exists in the same role where create topic  permission is assigned.
 * User1 creates a topic  and then publishes and consumes messages.
 * Admin assigns publishing and consuming  permissions to the role in which User1 and User2 are in.
 * User1 is removed from the role.
 * User2 tries to publish and consume messages. User2 succeeds.
 *
 * @throws AndesClientConfigurationException
 * @throws NamingException
 * @throws IOException
 * @throws XPathExpressionException
 * @throws AndesClientException
 * @throws JMSException
 * @throws UserAdminUserAdminException
 * @throws LoginAuthenticationExceptionException
 * @throws AndesEventAdminServiceEventAdminException
 * @throws XMLStreamException
 * @throws LogoutAuthenticationExceptionException
 * @throws URISyntaxException
 * @throws SAXException
 * @throws AndesAdminServiceBrokerManagerAdminException
 */
@Test(groups = {"wso2.mb", "topic"})
public void performTopicPermissionSameRoleAssignedPermissions()
        throws AndesClientConfigurationException, NamingException, IOException,
        XPathExpressionException, AndesClientException, JMSException,
        UserAdminUserAdminException, LoginAuthenticationExceptionException,
        AndesEventAdminServiceEventAdminException, XMLStreamException,
        LogoutAuthenticationExceptionException, URISyntaxException, SAXException,
        AndesAdminServiceBrokerManagerAdminException, AutomationUtilException {
    this.createPublishAndSubscribeFromUser("authUser1", "authTopic6");

    // Adding publish subscribe permissions of 'authTopic6' to 'create_pub_sub_topic_role' role.
    TopicRolePermission topicRolePermission = new TopicRolePermission();
    topicRolePermission.setRoleName(CREATE_PUB_SUB_TOPIC_ROLE);
    topicRolePermission.setAllowedToSubscribe(true);
    topicRolePermission.setAllowedToPublish(true);
    updateTopicRoleConsumePublishPermission("authTopic6", topicRolePermission);
    log.info("Consumer and publish permissions updated for " + CREATE_PUB_SUB_TOPIC_ROLE);

    // Removing authUser1 from create_pub_sub_topic_role and Internal/T_authTopic6
    userManagementClient
            .addRemoveRolesOfUser("authUser1", new String[]{NO_PERMISSION_TOPIC_ROLE},
                              new String[]{CREATE_PUB_SUB_TOPIC_ROLE, "Internal/T_authtopic6"});

    this.createPublishAndSubscribeFromUser("authUser2", "authTopic6");

}