Issue with tests of LBAC module

Development
1

I was making tests for UserSearchAdviser (LBAC module) where I was finding difficultly to test the class.

There are a total of 7 tests that are failing. All of them are nonAdminUserWithOutLocationPropertyShouldNotGetUserInformation() type.

Example of one such test:-

@Test

public void getUserByUuid_nonAdminUserWithOutLocationPropertyShouldNotGetUserInformation(){

    User normalUser = userService.getUser(DEMO_USER1_ID);
    Context.authenticate(normalUser.getUsername(), "userServiceTest");
    assertFalse(normalUser.isSuperUser());

    assertEquals(normalUser.getUserProperties().size(), 0);
    
    User user1 = userService.getUserByUuid("0bc18050-e132-11de-babe-001e378eb67f");
    assertNull(user1);
    
    User user2 = userService.getUserByUuid("0bc28050-e132-11de-babe-001e378eb67f");
    assertNull(user2);
}

Expected: null , but was : username1

@suthagar23 I don’t think non Admin User without Location Property should be able to access any user.

Am I making any mistake ?

Thank you in advance :smiley:

PS: The tests that are of nonAdminUserWithLocationPropertyShouldGetOnlyAccessibleUserInformation() type are working fine though.

Example:-

@Test

public void getUserByUuid_nonAdminUserWithLocationPropertyShouldGetOnlyAccessibleUserInformation(){

    User normalUser = userService.getUser(DEMO_USER2_ID);
    Context.authenticate(normalUser.getUsername(), "userServiceTest");
    assertFalse(normalUser.isSuperUser());

    Location location = locationService.getLocation(DEMO_LOCATION_ID);

    assertEquals(normalUser.getUserProperties().size(), 1);
    String locationUserProperty = normalUser.getUserProperty("locationUuid");
    assertNotNull(locationUserProperty);
    assertEquals(locationUserProperty, location.getUuid());
    
    User user1 = userService.getUserByUuid("0bc18050-e132-11de-babe-001e378eb67f");
    assertNull(user1);
    
    User user2 = userService.getUserByUuid("0bc28050-e132-11de-babe-001e378eb67f");
    assertNotNull(user2);
    assertEquals(user2.getUserProperty(DEMO_USER_PROPERTY),location.getUuid());
}
2

I had also made changes in the PatientTestData.xml file to give privileges. I hope the problem isn’t due to that.

Changes made in .xml file:

<privilege privilege=“Get Users” description=“This is a test privilege” uuid=“d979d066-15e6-467c-9d4b-cb575ef97f25”/

<role_privilege role=“userRole” privilege=“Get Users”/

<privilege privilege=“Get People” description=“This is a test privilege” uuid=“d979d066-15e6-467c-9d4b-cb575ef97f75”/

<role_privilege role=“userRole” privilege=“Get People”/>

I deliberately did not close the privilege syntax with > as OpenMRS Talk is removing the line of code if i do that.

3

Kindly paste bin the output

4

@jwnasambu Here is the output of UserSearchAdviserTest.

5

To my understanding locationbasedaccess-api:jar:0.2.0-SNAPSHOT is not released yet try a lower version and see the output.
cc @dkayiwa, @k.joseph

6

Actually this is a GCI task which I’m working on currently:- Issue

7

@dkayiwa , would you be able to help @bisht13 out with his issue?

1 Like
8

@bisht13 did you see the comment on the ticket?

9

Hi @bisht13

Can you update your PR with your changes? It would be easy for tracking the changes and reviews.

Here, If you authenticated with user-1, then user-1 can only access his object by referring the UUID if he haven’t location user property. So you should try to get another user information from authenticated user-1.

1 Like
10

@dkayiwa oh yes that one was about not being able to assign the issue to myself. @suthagar23 alright updating it right now :smile:

11

@suthagar23 Updated PR . :smiley:

12

Thanks @suthagar23 :blush: there is not error in the module, it was my ignorance :sweat_smile:. Changing the title of topic.