Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pivotal ID # 184014414: Permissions For Resubmission To Collection #660

Merged
merged 1 commit into from
Jan 10, 2023
Merged

Pivotal ID # 184014414: Permissions For Resubmission To Collection #660

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions ...sion-webapp/src/itest/kotlin/ac/uk/ebi/biostd/itest/test/security/SubmitPermissionTest.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ class SubmitPermissionTest(
fun init() {
securityTestService.ensureUserRegistration(SuperUser)
securityTestService.ensureUserRegistration(ExistingUser)
securityTestService.ensureUserRegistration(ImpersonatedUser)

superUserWebClient = getWebClient(serverPort, SuperUser)
regularUserWebClient = getWebClient(serverPort, ExistingUser)
Expand Down Expand Up @@ -184,6 +185,36 @@ class SubmitPermissionTest(
assertThat(regularUserWebClient.submitSingle(resubmission, SubmissionFormat.TSV)).isSuccessful()
}

@Test
fun `4-8 owner resubmits without attach permission`() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This test is not clear for me, if what we want to test is that "owner resubmits without attach permission" why we are using belhalf client and a imporsonated user in the test. test structure should be something like

  1. submit with user A in project B
  2. Remove Attach permission from user A
  3. Re submit and validate success.

Do am I missing something?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, you're not, the test case you're describing is correct. The reason why I added the onbehalf step was to recreate the scenario most used by Ahmed for AE submissions

val project = tsv {
line("Submission", "TestCollection6")
line("AccNoTemplate", "!{T-CLLC}")
line()

line("Project")
}.toString()

val submission = tsv {
line("Submission")
line("AttachTo", "TestCollection6")
line("Title", "Test Submission")
}.toString()

val impersonatedUserClient = getWebClient(serverPort, ImpersonatedUser)
val onBehalfClient = getWebClient(serverPort, SuperUser, ImpersonatedUser)

assertThat(superUserWebClient.submitSingle(project, SubmissionFormat.TSV)).isSuccessful()
assertThat(onBehalfClient.submitSingle(submission, SubmissionFormat.TSV)).isSuccessful()

val resubmission = tsv {
line("Submission", "T-CLLC1")
line("AttachTo", "TestCollection6")
line("Title", "Test Resubmission")
}.toString()
assertThat(impersonatedUserClient.submitSingle(resubmission, SubmissionFormat.TSV)).isSuccessful()
}

private fun setAttachPermission(testUser: TestUser, collection: String) =
superUserWebClient.givePermissionToUser(testUser.email, collection, ATTACH.name)

Expand All @@ -200,4 +231,11 @@ class SubmitPermissionTest(
override val password = "1234"
override val superUser = false
}

object ImpersonatedUser : TestUser {
override val username = "Impersonated User"
override val email = "impersonated_user@ebi.ac.uk"
override val password = "1234"
override val superUser = false
}
}
4 changes: 2 additions & 2 deletions submission/submitter/src/main/kotlin/ac/uk/ebi/biostd/submission/service/AccNoService.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,14 @@ class AccNoService(
@Suppress("ThrowsCount")
fun calculateAccNo(request: AccNoServiceRequest): AccNumber {
val (submitter, accNo, isNew, project, projectPattern) = request
checkCanSubmitToProject(project, submitter)
checkCanProvideAcc(accNo, isNew, submitter)

if (accNo != null && isNew.not()) {
checkCanReSubmit(accNo, submitter)
return patternUtil.toAccNumber(accNo)
}

checkCanSubmitToProject(project, submitter)
checkCanProvideAcc(accNo, isNew, submitter)
return accNo?.let { patternUtil.toAccNumber(it) } ?: calculateAccNo(getPattern(projectPattern))
}

Expand Down
11 changes: 5 additions & 6 deletions submission/submitter/src/test/kotlin/ac/uk/ebi/biostd/submission/service/AccNoServiceTest.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -139,21 +139,20 @@ class AccNoServiceTest(
every { privilegesService.canProvideAccNo(SUBMITTER) } returns true
every { privilegesService.canSubmitToCollection(SUBMITTER, PROJECT) } returns false

val request = AccNoServiceRequest(submitter = SUBMITTER, accNo = ACC_NO, project = PROJECT, isNew = false)
val request = AccNoServiceRequest(submitter = SUBMITTER, accNo = ACC_NO, project = PROJECT, isNew = true)
val error = assertThrows<UserCanNotSubmitToProjectException> { testInstance.calculateAccNo(request) }

assertThat(error.message).isEqualTo("The user submiter@email.com is not allowed to submit to CC123 project")
}

@Test
fun whenUserCanNotReSubmit() {
every { privilegesService.canProvideAccNo(SUBMITTER) } returns true
every { privilegesService.canSubmitToCollection(SUBMITTER, PROJECT) } returns false
every { privilegesService.canResubmit(SUBMITTER, ACC_NO) } returns false

val request = AccNoServiceRequest(submitter = SUBMITTER, accNo = ACC_NO, project = PROJECT, isNew = false)
val error = assertThrows<UserCanNotSubmitToProjectException> { testInstance.calculateAccNo(request) }
val error = assertThrows<UserCanNotUpdateSubmit> { testInstance.calculateAccNo(request) }

assertThat(error.message).isEqualTo("The user submiter@email.com is not allowed to submit to CC123 project")
assertThat(error.message).isEqualTo("The user {$SUBMITTER} is not allowed to update the submission $ACC_NO")
}

@Test
Expand All @@ -170,7 +169,7 @@ class AccNoServiceTest(
fun `owner regular user resubmit`() {
every { privilegesService.canProvideAccNo(SUBMITTER) } returns false
every { privilegesService.canResubmit(SUBMITTER, ACC_NO) } returns true
every { privilegesService.canSubmitToCollection(SUBMITTER, PROJECT) } returns true
every { privilegesService.canSubmitToCollection(SUBMITTER, PROJECT) } returns false

val request = AccNoServiceRequest(submitter = SUBMITTER, accNo = ACC_NO, project = PROJECT, isNew = false)
assertThat(testInstance.calculateAccNo(request)).isEqualTo(AccNumber("AAB", "12"))
Expand Down