scm-it/src/test/java/sonia/scm/it/PermissionsITCase.java

/*
 * MIT License
 *
 * Copyright (c) 2020-present Cloudogu GmbH and Contributors
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to deal
 * in the Software without restriction, including without limitation the rights
 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 * copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in all
 * copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 * SOFTWARE.
 */
    
package sonia.scm.it;

import org.apache.http.HttpStatus;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.junit.runners.Parameterized.Parameters;
import sonia.scm.it.utils.RepositoryUtil;
import sonia.scm.it.utils.TestData;
import sonia.scm.repository.client.api.RepositoryClient;
import sonia.scm.repository.client.api.RepositoryClientException;
import sonia.scm.web.VndMediaType;

import java.io.IOException;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.Objects;

import static java.util.Arrays.asList;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
import static sonia.scm.it.utils.RepositoryUtil.addAndCommitRandomFile;
import static sonia.scm.it.utils.RestUtil.given;
import static sonia.scm.it.utils.ScmTypes.availableScmTypes;
import static sonia.scm.it.utils.TestData.OWNER;
import static sonia.scm.it.utils.TestData.READ;
import static sonia.scm.it.utils.TestData.USER_SCM_ADMIN;
import static sonia.scm.it.utils.TestData.WRITE;
import static sonia.scm.it.utils.TestData.callRepository;

@RunWith(Parameterized.class)
public class PermissionsITCase {

  public static final String USER_READ = "user_read";
  public static final String USER_PASS = "pass";
  private static final String USER_WRITE = "user_write";
  private static final String USER_OWNER = "user_owner";
  private static final String USER_OTHER = "user_other";

  @Rule
  public TemporaryFolder temporaryFolder = new TemporaryFolder();

  private final String repositoryType;
  private Collection<String> createdPermissions;


  public PermissionsITCase(String repositoryType) {
    this.repositoryType = repositoryType;
  }

  @Parameters(name = "{0}")
  public static Collection<String> createParameters() {
    return availableScmTypes();
  }

  @Before
  public void prepareEnvironment() {
    TestData.createDefault();
    TestData.createNotAdminUser(USER_READ, USER_PASS);
    TestData.createUserPermission(USER_READ, READ, repositoryType);
    TestData.createNotAdminUser(USER_WRITE, USER_PASS);
    TestData.createUserPermission(USER_WRITE, WRITE, repositoryType);
    TestData.createNotAdminUser(USER_OWNER, USER_PASS);
    TestData.createUserPermission(USER_OWNER, OWNER, repositoryType);
    TestData.createNotAdminUser(USER_OTHER, USER_PASS);
    createdPermissions = asList(USER_READ, USER_WRITE, USER_OWNER);
  }

  @Test
  public void readUserShouldNotSeePermissions() {
    assertNull(callRepository(USER_READ, USER_PASS, repositoryType, HttpStatus.SC_OK)
      .extract()
      .body().jsonPath().getString("_links.permissions.href"));
  }

  @Test
  public void readUserShouldNotSeeBruteForcePermissions() {
    given(VndMediaType.REPOSITORY_PERMISSION, USER_READ, USER_PASS)
      .when()
      .get(TestData.getDefaultPermissionUrl(USER_SCM_ADMIN, USER_SCM_ADMIN, repositoryType))
      .then()
      .statusCode(HttpStatus.SC_FORBIDDEN);
  }

  @Test
  public void writeUserShouldNotSeePermissions() {
    assertNull(callRepository(USER_WRITE, USER_PASS, repositoryType, HttpStatus.SC_OK)
      .extract()
      .body().jsonPath().getString("_links.permissions.href"));
  }

  @Test
  public void writeUserShouldNotSeeBruteForcePermissions() {
    given(VndMediaType.REPOSITORY_PERMISSION, USER_WRITE, USER_PASS)
      .when()
      .get(TestData.getDefaultPermissionUrl(USER_SCM_ADMIN, USER_SCM_ADMIN, repositoryType))
      .then()
      .statusCode(HttpStatus.SC_FORBIDDEN);
  }

  @Test
  public void ownerShouldSeePermissions() {
    List<Map> userPermissions = TestData.getUserPermissions(USER_OWNER, USER_PASS, repositoryType);
    Assertions.assertThat(userPermissions).extracting(e -> e.get("name")).containsAll(createdPermissions);
  }

  @Test
  public void otherUserShouldNotSeeRepository() {
    callRepository(USER_OTHER, USER_PASS, repositoryType, HttpStatus.SC_FORBIDDEN);
  }

  @Test
  public void otherUserShouldNotSeeBruteForcePermissions() {
    given(VndMediaType.REPOSITORY_PERMISSION, USER_OTHER, USER_PASS)
      .when()
      .get(TestData.getDefaultPermissionUrl(USER_SCM_ADMIN, USER_SCM_ADMIN, repositoryType))
      .then()
      .statusCode(HttpStatus.SC_FORBIDDEN);
  }

  @Test
  public void readUserShouldCloneRepository() throws IOException {
    RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), USER_READ, USER_PASS);
    assertEquals(1, Objects.requireNonNull(client.getWorkingCopy().list()).length);
  }

  @Test
  public void writeUserShouldCloneRepository() throws IOException {
    RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), USER_WRITE, USER_PASS);
    assertEquals(1, Objects.requireNonNull(client.getWorkingCopy().list()).length);
  }

  @Test
  public void ownerShouldCloneRepository() throws IOException {
    RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), USER_OWNER, USER_PASS);
    assertEquals(1, Objects.requireNonNull(client.getWorkingCopy().list()).length);
  }

  @Test
  public void otherUserShouldNotCloneRepository() {
    TestData.callRepository(USER_OTHER, USER_PASS, repositoryType, HttpStatus.SC_FORBIDDEN);
  }

  @Test(expected = RepositoryClientException.class)
  public void userWithReadPermissionShouldBeNotAuthorizedToCommit() throws IOException {
    createAndCommit(USER_READ);
  }

  @Test
  public void userWithOwnerPermissionShouldBeAuthorizedToCommit() throws IOException {
    createAndCommit(USER_OWNER);
  }

  @Test
  public void userWithWritePermissionShouldBeAuthorizedToCommit() throws IOException {
    createAndCommit(USER_WRITE);
  }

  private void createAndCommit(String username) throws IOException {
    RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), username, PermissionsITCase.USER_PASS);
    addAndCommitRandomFile(client, username);
  }

  @Test
  public void userWithOwnerPermissionShouldBeAuthorizedToDeleteRepository(){
    assertDeleteRepositoryOperation(HttpStatus.SC_NO_CONTENT, HttpStatus.SC_NOT_FOUND, USER_OWNER, repositoryType);
  }

  @Test
  public void userWithReadPermissionShouldNotBeAuthorizedToDeleteRepository(){
    assertDeleteRepositoryOperation(HttpStatus.SC_FORBIDDEN, HttpStatus.SC_OK, USER_READ, repositoryType);
  }

  @Test
  public void userWithWritePermissionShouldNotBeAuthorizedToDeleteRepository(){
    assertDeleteRepositoryOperation(HttpStatus.SC_FORBIDDEN, HttpStatus.SC_OK, USER_WRITE, repositoryType);
  }

  private void assertDeleteRepositoryOperation(int expectedDeleteStatus, int expectedGetStatus, String user, String repositoryType) {
    given(VndMediaType.REPOSITORY, user, PermissionsITCase.USER_PASS)

      .when()
      .delete(TestData.getDefaultRepositoryUrl(repositoryType))

      .then()
      .statusCode(expectedDeleteStatus);

    given(VndMediaType.REPOSITORY, user, PermissionsITCase.USER_PASS)

      .when()
      .get(TestData.getDefaultRepositoryUrl(repositoryType))

      .then()
      .statusCode(expectedGetStatus);
  }
}
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`/*`
Changeover to MIT license (#1066) * prepare license-maven-plugin for license migration * added license mapping for tsx files and added some more excludes * Changeover to MIT license * Fix build problems * Delete old remaining licenses * Add more exclude path for license checker * Rename included netbeans license, add exclude .m2/repository/ * Specify .m2 exclude because not only repository/, also wrapper/ must match * Add .cache/ exclude for license check * Modify formatting of license in java classes to comply with convention and IDE * Add IntelliJ documentation for license configuration * Update CHANGELOG.md * Exclude tmp/workspace/ dir for license check * Edit README.md Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com> 2020-03-23 15:35:58 +01:00			`* MIT License`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`*`
Changeover to MIT license (#1066) * prepare license-maven-plugin for license migration * added license mapping for tsx files and added some more excludes * Changeover to MIT license * Fix build problems * Delete old remaining licenses * Add more exclude path for license checker * Rename included netbeans license, add exclude .m2/repository/ * Specify .m2 exclude because not only repository/, also wrapper/ must match * Add .cache/ exclude for license check * Modify formatting of license in java classes to comply with convention and IDE * Add IntelliJ documentation for license configuration * Update CHANGELOG.md * Exclude tmp/workspace/ dir for license check * Edit README.md Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com> 2020-03-23 15:35:58 +01:00			`* Copyright (c) 2020-present Cloudogu GmbH and Contributors`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`*`
Changeover to MIT license (#1066) * prepare license-maven-plugin for license migration * added license mapping for tsx files and added some more excludes * Changeover to MIT license * Fix build problems * Delete old remaining licenses * Add more exclude path for license checker * Rename included netbeans license, add exclude .m2/repository/ * Specify .m2 exclude because not only repository/, also wrapper/ must match * Add .cache/ exclude for license check * Modify formatting of license in java classes to comply with convention and IDE * Add IntelliJ documentation for license configuration * Update CHANGELOG.md * Exclude tmp/workspace/ dir for license check * Edit README.md Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com> 2020-03-23 15:35:58 +01:00			`* Permission is hereby granted, free of charge, to any person obtaining a copy`
			`* of this software and associated documentation files (the "Software"), to deal`
			`* in the Software without restriction, including without limitation the rights`
			`* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell`
			`* copies of the Software, and to permit persons to whom the Software is`
			`* furnished to do so, subject to the following conditions:`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`*`
Changeover to MIT license (#1066) * prepare license-maven-plugin for license migration * added license mapping for tsx files and added some more excludes * Changeover to MIT license * Fix build problems * Delete old remaining licenses * Add more exclude path for license checker * Rename included netbeans license, add exclude .m2/repository/ * Specify .m2 exclude because not only repository/, also wrapper/ must match * Add .cache/ exclude for license check * Modify formatting of license in java classes to comply with convention and IDE * Add IntelliJ documentation for license configuration * Update CHANGELOG.md * Exclude tmp/workspace/ dir for license check * Edit README.md Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com> 2020-03-23 15:35:58 +01:00			`* The above copyright notice and this permission notice shall be included in all`
			`* copies or substantial portions of the Software.`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`*`
Changeover to MIT license (#1066) * prepare license-maven-plugin for license migration * added license mapping for tsx files and added some more excludes * Changeover to MIT license * Fix build problems * Delete old remaining licenses * Add more exclude path for license checker * Rename included netbeans license, add exclude .m2/repository/ * Specify .m2 exclude because not only repository/, also wrapper/ must match * Add .cache/ exclude for license check * Modify formatting of license in java classes to comply with convention and IDE * Add IntelliJ documentation for license configuration * Update CHANGELOG.md * Exclude tmp/workspace/ dir for license check * Edit README.md Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com> 2020-03-23 15:35:58 +01:00			`* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR`
			`* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,`
			`* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE`
			`* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER`
			`* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,`
			`* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE`
			`* SOFTWARE.`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`*/`
Changeover to MIT license (#1066) * prepare license-maven-plugin for license migration * added license mapping for tsx files and added some more excludes * Changeover to MIT license * Fix build problems * Delete old remaining licenses * Add more exclude path for license checker * Rename included netbeans license, add exclude .m2/repository/ * Specify .m2 exclude because not only repository/, also wrapper/ must match * Add .cache/ exclude for license check * Modify formatting of license in java classes to comply with convention and IDE * Add IntelliJ documentation for license configuration * Update CHANGELOG.md * Exclude tmp/workspace/ dir for license check * Edit README.md Co-authored-by: Sebastian Sdorra <sebastian.sdorra@cloudogu.com> 2020-03-23 15:35:58 +01:00
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`package sonia.scm.it;`

			`import org.apache.http.HttpStatus;`
Fix tests for default owner permission Therefore add explicit methods to change the permission collection of a repository. 2018-11-09 10:13:36 +01:00			`import org.assertj.core.api.Assertions;`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`import org.junit.Before;`
			`import org.junit.Rule;`
			`import org.junit.Test;`
			`import org.junit.rules.TemporaryFolder;`
			`import org.junit.runner.RunWith;`
			`import org.junit.runners.Parameterized;`
			`import org.junit.runners.Parameterized.Parameters;`
Add tests for the Change Password Endpoints 2018-09-19 15:54:24 +02:00			`import sonia.scm.it.utils.RepositoryUtil;`
			`import sonia.scm.it.utils.TestData;`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`import sonia.scm.repository.client.api.RepositoryClient;`
Move tests to test classes 2018-08-22 10:59:46 +02:00			`import sonia.scm.repository.client.api.RepositoryClientException;`
			`import sonia.scm.web.VndMediaType;`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00
			`import java.io.IOException;`
			`import java.util.Collection;`
			`import java.util.List;`
Fix tests for default owner permission Therefore add explicit methods to change the permission collection of a repository. 2018-11-09 10:13:36 +01:00			`import java.util.Map;`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`import java.util.Objects;`

Fix tests for default owner permission Therefore add explicit methods to change the permission collection of a repository. 2018-11-09 10:13:36 +01:00			`import static java.util.Arrays.asList;`
Move tests to test classes 2018-08-22 10:59:46 +02:00			`import static org.junit.Assert.assertEquals;`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`import static org.junit.Assert.assertNull;`
Add tests for the Change Password Endpoints 2018-09-19 15:54:24 +02:00			`import static sonia.scm.it.utils.RepositoryUtil.addAndCommitRandomFile;`
			`import static sonia.scm.it.utils.RestUtil.given;`
			`import static sonia.scm.it.utils.ScmTypes.availableScmTypes;`
Fix repository permission rest interface 2019-01-23 09:47:38 +01:00			`import static sonia.scm.it.utils.TestData.OWNER;`
			`import static sonia.scm.it.utils.TestData.READ;`
Add tests for the Change Password Endpoints 2018-09-19 15:54:24 +02:00			`import static sonia.scm.it.utils.TestData.USER_SCM_ADMIN;`
Fix repository permission rest interface 2019-01-23 09:47:38 +01:00			`import static sonia.scm.it.utils.TestData.WRITE;`
Add tests for the Change Password Endpoints 2018-09-19 15:54:24 +02:00			`import static sonia.scm.it.utils.TestData.callRepository;`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00
			`@RunWith(Parameterized.class)`
			`public class PermissionsITCase {`

			`public static final String USER_READ = "user_read";`
			`public static final String USER_PASS = "pass";`
			`private static final String USER_WRITE = "user_write";`
			`private static final String USER_OWNER = "user_owner";`
Split up test methods for each user 2018-08-22 11:19:19 +02:00			`private static final String USER_OTHER = "user_other";`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00
			`@Rule`
			`public TemporaryFolder temporaryFolder = new TemporaryFolder();`

			`private final String repositoryType;`
Fix tests for default owner permission Therefore add explicit methods to change the permission collection of a repository. 2018-11-09 10:13:36 +01:00			`private Collection<String> createdPermissions;`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00

			`public PermissionsITCase(String repositoryType) {`
			`this.repositoryType = repositoryType;`
			`}`

			`@Parameters(name = "{0}")`
			`public static Collection<String> createParameters() {`
			`return availableScmTypes();`
			`}`

			`@Before`
			`public void prepareEnvironment() {`
			`TestData.createDefault();`
fix autocomplete for user without admin permission + integration tests 2018-10-12 11:06:53 +02:00			`TestData.createNotAdminUser(USER_READ, USER_PASS);`
Fix repository permission rest interface 2019-01-23 09:47:38 +01:00			`TestData.createUserPermission(USER_READ, READ, repositoryType);`
			`TestData.createNotAdminUser(USER_WRITE, USER_PASS);`
			`TestData.createUserPermission(USER_WRITE, WRITE, repositoryType);`
			`TestData.createNotAdminUser(USER_OWNER, USER_PASS);`
			`TestData.createUserPermission(USER_OWNER, OWNER, repositoryType);`
			`TestData.createNotAdminUser(USER_OTHER, USER_PASS);`
Fix tests for default owner permission Therefore add explicit methods to change the permission collection of a repository. 2018-11-09 10:13:36 +01:00			`createdPermissions = asList(USER_READ, USER_WRITE, USER_OWNER);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

			`@Test`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`public void readUserShouldNotSeePermissions() {`
Correct test case 2018-08-27 13:04:05 +02:00			`assertNull(callRepository(USER_READ, USER_PASS, repositoryType, HttpStatus.SC_OK)`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`.extract()`
			`.body().jsonPath().getString("_links.permissions.href"));`
Split up test methods for each user 2018-08-22 11:19:19 +02:00			`}`

			`@Test`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`public void readUserShouldNotSeeBruteForcePermissions() {`
Rename media type 2019-01-23 11:19:55 +01:00			`given(VndMediaType.REPOSITORY_PERMISSION, USER_READ, USER_PASS)`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`.when()`
			`.get(TestData.getDefaultPermissionUrl(USER_SCM_ADMIN, USER_SCM_ADMIN, repositoryType))`
			`.then()`
			`.statusCode(HttpStatus.SC_FORBIDDEN);`
			`}`

			`@Test`
			`public void writeUserShouldNotSeePermissions() {`
			`assertNull(callRepository(USER_WRITE, USER_PASS, repositoryType, HttpStatus.SC_OK)`
			`.extract()`
			`.body().jsonPath().getString("_links.permissions.href"));`
			`}`

			`@Test`
			`public void writeUserShouldNotSeeBruteForcePermissions() {`
Rename media type 2019-01-23 11:19:55 +01:00			`given(VndMediaType.REPOSITORY_PERMISSION, USER_WRITE, USER_PASS)`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`.when()`
			`.get(TestData.getDefaultPermissionUrl(USER_SCM_ADMIN, USER_SCM_ADMIN, repositoryType))`
			`.then()`
			`.statusCode(HttpStatus.SC_FORBIDDEN);`
Split up test methods for each user 2018-08-22 11:19:19 +02:00			`}`

			`@Test`
			`public void ownerShouldSeePermissions() {`
Fix tests for default owner permission Therefore add explicit methods to change the permission collection of a repository. 2018-11-09 10:13:36 +01:00			`List<Map> userPermissions = TestData.getUserPermissions(USER_OWNER, USER_PASS, repositoryType);`
			`Assertions.assertThat(userPermissions).extracting(e -> e.get("name")).containsAll(createdPermissions);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

			`@Test`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`public void otherUserShouldNotSeeRepository() {`
			`callRepository(USER_OTHER, USER_PASS, repositoryType, HttpStatus.SC_FORBIDDEN);`
			`}`

			`@Test`
			`public void otherUserShouldNotSeeBruteForcePermissions() {`
Rename media type 2019-01-23 11:19:55 +01:00			`given(VndMediaType.REPOSITORY_PERMISSION, USER_OTHER, USER_PASS)`
Let integration tests use links from HAL and test brute force links 2018-08-22 12:20:09 +02:00			`.when()`
			`.get(TestData.getDefaultPermissionUrl(USER_SCM_ADMIN, USER_SCM_ADMIN, repositoryType))`
			`.then()`
			`.statusCode(HttpStatus.SC_FORBIDDEN);`
Split up test methods for each user 2018-08-22 11:19:19 +02:00			`}`

			`@Test`
			`public void readUserShouldCloneRepository() throws IOException {`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), USER_READ, USER_PASS);`
			`assertEquals(1, Objects.requireNonNull(client.getWorkingCopy().list()).length);`
Split up test methods for each user 2018-08-22 11:19:19 +02:00			`}`

			`@Test`
			`public void writeUserShouldCloneRepository() throws IOException {`
			`RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), USER_WRITE, USER_PASS);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`assertEquals(1, Objects.requireNonNull(client.getWorkingCopy().list()).length);`
Split up test methods for each user 2018-08-22 11:19:19 +02:00			`}`

			`@Test`
			`public void ownerShouldCloneRepository() throws IOException {`
			`RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), USER_OWNER, USER_PASS);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`assertEquals(1, Objects.requireNonNull(client.getWorkingCopy().list()).length);`
			`}`

Split up test methods for each user 2018-08-22 11:19:19 +02:00			`@Test`
			`public void otherUserShouldNotCloneRepository() {`
			`TestData.callRepository(USER_OTHER, USER_PASS, repositoryType, HttpStatus.SC_FORBIDDEN);`
			`}`

Move tests to test classes 2018-08-22 10:59:46 +02:00			`@Test(expected = RepositoryClientException.class)`
			`public void userWithReadPermissionShouldBeNotAuthorizedToCommit() throws IOException {`
			`createAndCommit(USER_READ);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

			`@Test`
			`public void userWithOwnerPermissionShouldBeAuthorizedToCommit() throws IOException {`
Move tests to test classes 2018-08-22 10:59:46 +02:00			`createAndCommit(USER_OWNER);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

			`@Test`
			`public void userWithWritePermissionShouldBeAuthorizedToCommit() throws IOException {`
Move tests to test classes 2018-08-22 10:59:46 +02:00			`createAndCommit(USER_WRITE);`
			`}`

			`private void createAndCommit(String username) throws IOException {`
			`RepositoryClient client = RepositoryUtil.createRepositoryClient(repositoryType, temporaryFolder.newFolder(), username, PermissionsITCase.USER_PASS);`
			`addAndCommitRandomFile(client, username);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

			`@Test`
Move tests to test classes 2018-08-22 10:59:46 +02:00			`public void userWithOwnerPermissionShouldBeAuthorizedToDeleteRepository(){`
			`assertDeleteRepositoryOperation(HttpStatus.SC_NO_CONTENT, HttpStatus.SC_NOT_FOUND, USER_OWNER, repositoryType);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

			`@Test`
Move tests to test classes 2018-08-22 10:59:46 +02:00			`public void userWithReadPermissionShouldNotBeAuthorizedToDeleteRepository(){`
			`assertDeleteRepositoryOperation(HttpStatus.SC_FORBIDDEN, HttpStatus.SC_OK, USER_READ, repositoryType);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

			`@Test`
Move tests to test classes 2018-08-22 10:59:46 +02:00			`public void userWithWritePermissionShouldNotBeAuthorizedToDeleteRepository(){`
			`assertDeleteRepositoryOperation(HttpStatus.SC_FORBIDDEN, HttpStatus.SC_OK, USER_WRITE, repositoryType);`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`

Move tests to test classes 2018-08-22 10:59:46 +02:00			`private void assertDeleteRepositoryOperation(int expectedDeleteStatus, int expectedGetStatus, String user, String repositoryType) {`
			`given(VndMediaType.REPOSITORY, user, PermissionsITCase.USER_PASS)`

			`.when()`
			`.delete(TestData.getDefaultRepositoryUrl(repositoryType))`

			`.then()`
			`.statusCode(expectedDeleteStatus);`

			`given(VndMediaType.REPOSITORY, user, PermissionsITCase.USER_PASS)`

			`.when()`
			`.get(TestData.getDefaultRepositoryUrl(repositoryType))`

			`.then()`
			`.statusCode(expectedGetStatus);`
			`}`
#8771 implement integration tests 2018-08-22 09:18:17 +02:00			`}`