sharedUserIds = new ArrayList<>();
+ await().atMost(20, TimeUnit.SECONDS)
+ .pollInterval(2, TimeUnit.SECONDS)
+ .ignoreExceptions()
+ .until(() -> {
+ try {
+ for (String userId : userIds) {
+ validateUserHasBeenSharedToExpectedOrgsWithExpectedRoles(userId, expectedSharedResults);
+ }
+ lastException[0] = null;
+ return true;
+ } catch (AssertionError | Exception e) {
+ lastException[0] = e;
+ return false;
+ }
+ });
+
+ if (lastException[0] != null) {
+ throw (Exception) lastException[0];
+ }
+
+ // Once assertions pass, extract shared user IDs
+ for (String userId : userIds) {
+ Response sharedOrgsResponseOfUserId =
+ getResponseOfGet(USER_SHARING_API_BASE_PATH + "/" + userId + SHARED_ORGANIZATIONS_PATH);
+ String sharedUserId = extractSharedUserId(sharedOrgsResponseOfUserId,
+ reSharingSubOrgDetails.get(MAP_ORG_DETAILS_KEY_ORG_NAME).toString());
+ sharedUserIds.add(sharedUserId);
+ }
+ return sharedUserIds;
+ }
+
+ /**
+ * Validate that the user has been shared to the expected organizations with the expected roles.
+ *
+ * @param userId The ID of the user to validate.
+ * @param expectedResults A map containing the expected results, including the expected organization count,
+ * expected organization IDs, expected organization names, and expected roles per
+ * organization.
+ *
+ *
+ * The `@SuppressWarnings("unchecked")` annotation is used in this method because the values being cast are
+ * predefined in the test data providers.
+ *
+ */
+ @SuppressWarnings("unchecked")
+ protected void validateUserHasBeenSharedToExpectedOrgsWithExpectedRoles(String userId,
+ Map expectedResults) {
+
+ testGetSharedOrganizations(userId, (int) expectedResults.get(MAP_KEY_EXPECTED_ORG_COUNT),
+ (List) expectedResults.get(MAP_KEY_EXPECTED_ORG_IDS),
+ (List) expectedResults.get(MAP_KEY_EXPECTED_ORG_NAMES));
+
+ Map> expectedRolesPerExpectedOrg =
+ (Map>) expectedResults.get(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG);
+ for (Map.Entry> entry : expectedRolesPerExpectedOrg.entrySet()) {
+ testGetSharedRolesForOrg(userId, entry.getKey(), entry.getValue());
+ }
+ }
+
+ /**
+ * Test method for GET /user-sharing/{userId}/shared-organizations.
+ *
+ * @param userId The ID of the user to get shared organizations for.
+ * @param expectedOrgCount The expected number of shared organizations.
+ * @param expectedOrgIds The expected IDs of the shared organizations.
+ * @param expectedOrgNames The expected names of the shared organizations.
+ */
+ protected void testGetSharedOrganizations(String userId, int expectedOrgCount, List expectedOrgIds,
+ List expectedOrgNames) {
+
+ Response response =
+ getResponseOfGet(USER_SHARING_API_BASE_PATH + "/" + userId + SHARED_ORGANIZATIONS_PATH);
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK)
+ .body(RESPONSE_LINKS_SIZE, equalTo(1))
+ .body(RESPONSE_LINKS_EMPTY, equalTo(true))
+ .body(RESPONSE_LINKS_SHARED_ORGS, notNullValue())
+ .body(RESPONSE_LINKS_SHARED_ORGS_SIZE, equalTo(expectedOrgCount))
+ .body(RESPONSE_LINKS_SHARED_ORGS_ID, hasItems(expectedOrgIds.toArray(new String[0])))
+ .body(RESPONSE_LINKS_SHARED_ORGS_NAME, hasItems(expectedOrgNames.toArray(new String[0])))
+ .body(RESPONSE_LINKS_SHARED_ORGS_SHARED_TYPE, everyItem(equalTo(SHARED_TYPE_SHARED)))
+ .body(RESPONSE_LINKS_SHARED_ORGS_ROLES_REF, hasItems(
+ expectedOrgIds.stream()
+ .map(orgId -> getSharedOrgsRolesRef(userId, orgId))
+ .toArray(String[]::new)));
+ }
+
+ /**
+ * Test method for GET /user-sharing/{userId}/shared-roles?orgId={orgId}.
+ *
+ * @param userId The ID of the user to get shared roles for.
+ * @param orgId The ID of the organization to get shared roles for.
+ * @param expectedRoles The expected roles for the user in the specified organization.
+ */
+ protected void testGetSharedRolesForOrg(String userId, String orgId, List expectedRoles) {
+
+ Response response = getResponseOfGet(USER_SHARING_API_BASE_PATH + "/" + userId + SHARED_ROLES_PATH,
+ Collections.singletonMap(QUERY_PARAM_ORG_ID, orgId));
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_OK)
+ .body(RESPONSE_LINKS_SIZE, equalTo(1))
+ .body(RESPONSE_LINKS_EMPTY, equalTo(true))
+ .body(RESPONSE_LINKS_SHARED_ORGS_ROLES, notNullValue())
+ .body(RESPONSE_LINKS_SHARED_ORGS_ROLES_SIZE, equalTo(expectedRoles.size()));
+
+ if (!expectedRoles.isEmpty()) {
+ response.then()
+ .body(RESPONSE_LINKS_SHARED_ORGS_ROLES_NAME, hasItems(
+ expectedRoles.stream()
+ .map(RoleWithAudience::getDisplayName)
+ .toArray(String[]::new)))
+ .body(RESPONSE_LINKS_SHARED_ORGS_ROLES_AUDIENCE_NAME, hasItems(
+ expectedRoles.stream()
+ .map(role -> role.getAudience().getDisplay())
+ .toArray(String[]::new)))
+ .body(RESPONSE_LINKS_SHARED_ORGS_ROLES_AUDIENCE_TYPE, hasItems(
+ expectedRoles.stream()
+ .map(role -> role.getAudience().getType())
+ .toArray(String[]::new)));
+ }
+ }
+
+ // Methods to create request bodies for user sharing and unsharing.
+
+ /**
+ * Creates a `UserShareRequestBodyUserCriteria` object with the given user IDs.
+ *
+ * @param userIds The list of user IDs to be included in the criteria.
+ * @return A `UserShareRequestBodyUserCriteria` object containing the specified user IDs.
+ */
+ protected UserShareRequestBodyUserCriteria getUserCriteriaForBaseUserSharing(List userIds) {
+
+ UserShareRequestBodyUserCriteria criteria = new UserShareRequestBodyUserCriteria();
+ criteria.setUserIds(userIds);
+ return criteria;
+ }
+
+ /**
+ * Creates a `UserUnshareRequestBodyUserCriteria` object with the given user IDs.
+ *
+ * @param userIds The list of user IDs to be included in the criteria.
+ * @return A `UserUnshareRequestBodyUserCriteria` object containing the specified user IDs.
+ */
+ protected UserUnshareRequestBodyUserCriteria getUserCriteriaForBaseUserUnsharing(List userIds) {
+
+ UserUnshareRequestBodyUserCriteria criteria = new UserUnshareRequestBodyUserCriteria();
+ criteria.setUserIds(userIds);
+ return criteria;
+ }
+
+ /**
+ * Converts a map of organization details into a list of `UserShareRequestBodyOrganizations` objects.
+ *
+ * @param organizations A map where the key is the organization name and the value is a map of organization details.
+ * @return A list of `UserShareRequestBodyOrganizations` objects.
+ *
+ *
+ * The `@SuppressWarnings("unchecked")` annotation is used in this method because the values being cast are
+ * predefined in the test data providers.
+ *
+ */
+ @SuppressWarnings("unchecked")
+ protected List getOrganizationsForSelectiveUserSharing(
+ Map> organizations) {
+
+ List orgs = new ArrayList<>();
+
+ for (Map.Entry> entry : organizations.entrySet()) {
+
+ Map orgDetail = entry.getValue();
+
+ UserShareRequestBodyOrganizations org = new UserShareRequestBodyOrganizations();
+ org.setOrgId((String) orgDetail.get(MAP_KEY_SELECTIVE_ORG_ID));
+ org.setPolicy((UserShareRequestBodyOrganizations.PolicyEnum) orgDetail.get(MAP_KEY_SELECTIVE_POLICY));
+ org.setRoles((List) orgDetail.get(MAP_KEY_SELECTIVE_ROLES));
+
+ orgs.add(org);
+ }
+ return orgs;
+ }
+
+ /**
+ * Retrieves the policy enum for general user sharing from the provided map.
+ *
+ * @param policyWithRoles A map containing the policy and roles for general user sharing.
+ * @return The policy enum for general user sharing.
+ */
+ protected UserShareWithAllRequestBody.PolicyEnum getPolicyEnumForGeneralUserSharing(
+ Map policyWithRoles) {
+
+ return (UserShareWithAllRequestBody.PolicyEnum) policyWithRoles.get(MAP_KEY_GENERAL_POLICY);
+ }
+
+ /**
+ * Retrieves the roles for general user sharing from the provided map.
+ *
+ * @param policyWithRoles A map containing the policy and roles for general user sharing.
+ * @return A list of `RoleWithAudience` objects representing the roles for general user sharing.
+ *
+ *
+ * The `@SuppressWarnings("unchecked")` annotation is used in this method because the values being cast are
+ * predefined in the test data providers.
+ *
+ */
+ @SuppressWarnings("unchecked")
+ protected List getRolesForGeneralUserSharing(Map policyWithRoles) {
+
+ return (List) policyWithRoles.get(MAP_KEY_GENERAL_ROLES);
+ }
+
+ /**
+ * Retrieves the list of organization IDs from which the users are being selectively unshared.
+ *
+ * @param removingOrgIds The list of organization IDs to be removed.
+ * @return A list of organization IDs as strings.
+ */
+ protected List getOrganizationsForSelectiveUserUnsharing(List removingOrgIds) {
+
+ return removingOrgIds;
+ }
+
+ // Methods to clean up the resources created for testing purposes.
+
+ /**
+ * Clean up users by deleting them if they exist.
+ *
+ * @throws Exception If an error occurs while deleting the users.
+ */
+ protected void cleanUpUsers() throws Exception {
+
+ for (Map.Entry> entry : userDetails.entrySet()) {
+ String userId = (String) entry.getValue().get(MAP_USER_DETAILS_KEY_USER_ID);
+ String orgName = (String) entry.getValue().get(MAP_USER_DETAILS_KEY_USER_ORG_NAME);
+ int orgLevel = (int) entry.getValue().get(MAP_USER_DETAILS_KEY_USER_ORG_LEVEL);
+
+ if (orgLevel == 0) {
+ deleteUserIfExists(userId);
+ } else {
+ deleteSubOrgUserIfExists(userId,
+ (String) orgDetails.get(orgName).get(MAP_ORG_DETAILS_KEY_ORG_SWITCH_TOKEN));
+ }
+ }
+ }
+
+ /**
+ * Cleans up roles for the specified audiences if exists.
+ * Audiences will always be either ORGANIZATION_AUDIENCE or APPLICATION_AUDIENCE or both.
+ *
+ * @param audiences The audiences for which roles need to be cleaned up.
+ * @throws Exception If an error occurs during the cleanup process.
+ *
+ *
+ * The `@SuppressWarnings("unchecked")` annotation is used in this method because the values being cast are
+ * predefined in the test data providers.
+ *
+ */
+ @SuppressWarnings("unchecked")
+ protected void cleanUpRoles(String... audiences) throws Exception {
+
+ for (String audience : audiences) {
+ Map orgWiseRolesOfAudience = roleDetails.get(audience);
+ for (Map.Entry entry : orgWiseRolesOfAudience.entrySet()) {
+ String audienceName = entry.getKey();
+ Map roles = (Map) entry.getValue();
+ for (Map.Entry role : roles.entrySet()) {
+ String roleId = role.getValue();
+ if (audienceName.contains(ROOT_ORG_NAME)) {
+ deleteRoleIfExists(roleId);
+ }
+ }
+ }
+ }
+ }
+
+ /**
+ * Cleans up applications by deleting them if they exist.
+ *
+ * @throws Exception If an error occurs while deleting the applications.
+ */
+ protected void cleanUpApplications() throws Exception {
+
+ for (Map.Entry> entry : appDetails.entrySet()) {
+ Map details = entry.getValue();
+ deleteApplicationIfExists(details.get(MAP_APP_DETAILS_KEY_APP_ID).toString());
+ }
+ }
+
+ /**
+ * Cleans up organizations by deleting them from the deepest level to the root level.
+ *
+ * @throws Exception If an error occurs while deleting the organizations.
+ */
+ protected void cleanUpOrganizations() throws Exception {
+
+ // Determine the deepest organization level in the hierarchy.
+ int maxDepth = orgDetails.values().stream()
+ .mapToInt(details -> (int) details.get(MAP_ORG_DETAILS_KEY_ORG_LEVEL))
+ .max()
+ .orElse(1);
+
+ // Delete organizations starting from the deepest level down to the root level.
+ for (int level = maxDepth; level >= 1; level--) {
+ for (Map.Entry> entry : orgDetails.entrySet()) {
+ if ((int) entry.getValue().get(MAP_ORG_DETAILS_KEY_ORG_LEVEL) == level) {
+ deleteOrganization(entry.getKey(), entry.getValue());
+ }
+ }
+ }
+ }
+
+ /**
+ * Cleans up the detail maps by clearing all entries.
+ */
+ protected void cleanUpDetailMaps() {
+
+ userDetails.clear();
+ orgDetails.clear();
+ appDetails.clear();
+ roleDetails.clear();
+ }
+
+ /**
+ * Close the HTTP clients for OAuth2, SCIM2, and Organization Management.
+ *
+ * @throws IOException If an error occurred while closing the HTTP clients.
+ */
+ protected void closeRestClients() throws IOException {
+
+ oAuth2RestClient.closeHttpClient();
+ scim2RestClient.closeHttpClient();
+ orgMgtRestClient.closeHttpClient();
+ }
+
+ private void deleteOrganization(String orgName, Map orgDetail) throws Exception {
+
+ String orgId = getOrgId(orgName);
+ String parentOrgId = (String) orgDetail.get(MAP_ORG_DETAILS_KEY_PARENT_ORG_ID);
+
+ if ((int) orgDetail.get(MAP_ORG_DETAILS_KEY_ORG_LEVEL) > 1) {
+ deleteSubOrganizationIfExists(orgId, parentOrgId);
+ } else {
+ deleteOrganizationIfExists(orgId);
+ }
+ }
+
+ private void deleteUserIfExists(String userId) throws Exception {
+
+ if (userId != null) {
+ scim2RestClient.deleteUser(userId);
+ }
+ }
+
+ private void deleteSubOrgUserIfExists(String userId, String organizationSwitchToken) throws Exception {
+
+ if (userId != null) {
+ scim2RestClient.deleteSubOrgUser(userId, organizationSwitchToken);
+ }
+ }
+
+ private void deleteRoleIfExists(String roleId) throws Exception {
+
+ if (roleId != null) {
+ scim2RestClient.deleteV2Role(roleId);
+ }
+ }
+
+ private void deleteApplicationIfExists(String appId) throws Exception {
+
+ if (appId != null) {
+ oAuth2RestClient.deleteApplication(appId);
+ }
+ }
+
+ private void deleteSubOrganizationIfExists(String orgId, String parentId) throws Exception {
+
+ if (orgId != null) {
+ orgMgtRestClient.deleteSubOrganization(orgId, parentId);
+ }
+ }
+
+ private void deleteOrganizationIfExists(String orgId) throws Exception {
+
+ if (orgId != null) {
+ orgMgtRestClient.deleteOrganization(orgId);
+ }
+ }
+
+ // Helper methods.
+
+ protected String extractSharedUserId(Response response, String orgName) {
+
+ JsonPath jsonPath = response.jsonPath();
+ return jsonPath.getString(String.format(SHARED_USER_ID_JSON_PATH, orgName));
+ }
+
+ protected String toJSONString(java.lang.Object object) {
Gson gson = new GsonBuilder().setPrettyPrinting().create();
return gson.toJson(object);
}
+
+ private Header[] getHeaders(String token) {
+
+ return new Header[]{
+ new BasicHeader(HEADER_AUTHORIZATION, HEADER_AUTHORIZATION_VALUE_BEARER + token),
+ new BasicHeader(HEADER_CONTENT_TYPE, String.valueOf(ContentType.JSON))
+ };
+ }
}
diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/user/sharing/management/v1/UserSharingFailureTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/user/sharing/management/v1/UserSharingFailureTest.java
new file mode 100644
index 00000000000..1110b4d675b
--- /dev/null
+++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/user/sharing/management/v1/UserSharingFailureTest.java
@@ -0,0 +1,1233 @@
+/*
+ * Copyright (c) 2025, WSO2 LLC. (http://www.wso2.com).
+ *
+ * WSO2 LLC. licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except
+ * in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1;
+
+import io.restassured.response.Response;
+import org.apache.http.HttpResponse;
+import org.apache.http.HttpStatus;
+import org.apache.http.impl.client.HttpClientBuilder;
+import org.json.JSONObject;
+import org.testng.Assert;
+import org.testng.annotations.AfterClass;
+import org.testng.annotations.BeforeClass;
+import org.testng.annotations.DataProvider;
+import org.testng.annotations.Factory;
+import org.testng.annotations.Test;
+import org.wso2.carbon.automation.engine.context.TestUserMode;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.RoleWithAudience;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBody;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserUnshareRequestBody;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserUnshareWithAllRequestBody;
+import org.wso2.identity.integration.test.restclients.OAuth2RestClient;
+import org.wso2.identity.integration.test.restclients.OrgMgtRestClient;
+import org.wso2.identity.integration.test.restclients.SCIM2RestClient;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.API_VERSION;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APPLICATION_AUDIENCE;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_2_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_ROLE_1;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_ROLE_2;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_ROLE_3;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.AUTHORIZED_APIS_JSON;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_USER_1_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_USER_2_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_USER_3_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_2_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_3_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L2_ORG_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L2_ORG_2_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L2_ORG_3_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L3_ORG_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ORG_COUNT;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ORG_IDS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ORG_NAMES;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_GENERAL_POLICY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_GENERAL_ROLES;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_ORG_ID;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_ORG_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_POLICY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_ROLES;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_ORG_DETAILS_KEY_ORG_SWITCH_TOKEN;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORGANIZATION_AUDIENCE;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORG_ROLE_1;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORG_ROLE_2;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORG_ROLE_3;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_DETAILS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_DETAIL_VALUE_SHARING;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_DETAIL_VALUE_UNSHARING;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_STATUS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_STATUS_VALUE;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_USER_1_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_USER_2_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_USER_3_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_USER_DUPLICATED_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.SHARE_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.SHARE_WITH_ALL_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.UNSHARE_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.UNSHARE_WITH_ALL_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.USER_DOMAIN_PRIMARY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.USER_SHARING_API_BASE_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_ONLY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_WITH_ALL_EXISTING_AND_FUTURE_CHILDREN;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_WITH_ALL_EXISTING_CHILDREN_ONLY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_WITH_EXISTING_IMMEDIATE_CHILDREN_ONLY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody.PolicyEnum.ALL_EXISTING_ORGS_ONLY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody.PolicyEnum.IMMEDIATE_EXISTING_AND_FUTURE_ORGS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody.PolicyEnum.IMMEDIATE_EXISTING_ORGS_ONLY;
+
+/**
+ * Tests for failure cases of the User Sharing REST APIs.
+ */
+public class UserSharingFailureTest extends UserSharingBaseTest {
+
+ private static final String INVALID_ORG_1_NAME = "invalid-org-1-name";
+ private static final String INVALID_ORG_1_ID = "invalid-org-1-id";
+
+ private static final String INVALID_APP_1_NAME = "invalid-app-1";
+ private static final String INVALID_APP_2_NAME = "invalid-app-2";
+
+ private static final String INVALID_APP_ROLE_1 = "invalid-app-role-1";
+ private static final String INVALID_APP_ROLE_2 = "invalid-app-role-2";
+ private static final String INVALID_ORG_ROLE_1 = "invalid-org-role-1";
+ private static final String INVALID_ORG_ROLE_2 = "invalid-org-role-2";
+
+ private static final String INVALID_USER_1_ID = "invalid-user-id-1";
+ private static final String INVALID_USER_2_ID = "invalid-user-id-2";
+
+ @Factory(dataProvider = "restAPIUserConfigProvider")
+ public UserSharingFailureTest(TestUserMode userMode) throws Exception {
+
+ super.init(userMode);
+ this.context = isServer;
+ this.authenticatingUserName = context.getContextTenant().getTenantAdmin().getUserName();
+ this.authenticatingCredential = context.getContextTenant().getTenantAdmin().getPassword();
+ this.tenant = context.getContextTenant().getDomain();
+ }
+
+ @Override
+ @BeforeClass(alwaysRun = true)
+ public void init() throws Exception {
+
+ super.testInit(API_VERSION, swaggerDefinition, tenant);
+ setupDetailMaps();
+ setupRestClients();
+ setupOrganizations();
+ setupApplicationsAndRoles();
+ setupUsers();
+ }
+
+ @Override
+ @AfterClass(alwaysRun = true)
+ public void testConclude() throws Exception {
+
+ cleanUpUsers();
+ cleanUpRoles(APPLICATION_AUDIENCE, ORGANIZATION_AUDIENCE);
+ cleanUpApplications();
+ cleanUpOrganizations();
+ cleanUpDetailMaps();
+ closeRestClients();
+ }
+
+ @DataProvider(name = "restAPIUserConfigProvider")
+ public static Object[][] restAPIUserConfigProvider() {
+
+ return new Object[][]{
+ {TestUserMode.SUPER_TENANT_ADMIN},
+ {TestUserMode.TENANT_ADMIN}
+ };
+ }
+
+ // Invalid Selective User Sharing.
+
+ @DataProvider(name = "selectiveUserSharingWithInvalidDetailsDataProvider")
+ public Object[][] selectiveUserSharingWithInvalidDetailsDataProvider() {
+
+ // Test case 1: User sharing with invalid roles.
+ List userIdsForTestCase1 =
+ Arrays.asList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_2_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_3_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map> organizationsForTestCase1 =
+ setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase1();
+ Map expectedResultsForTestCase1 =
+ setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase1();
+
+ // Test case 2: User sharing with invalid organizations.
+ List userIdsForTestCase2 =
+ Arrays.asList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_2_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_3_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map> organizationsForTestCase2 =
+ setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase2();
+ Map expectedResultsForTestCase2 =
+ setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase2();
+
+ // Test case 3: User sharing with invalid users.
+ List userIdsForTestCase3 = Arrays.asList(INVALID_USER_1_ID, INVALID_USER_2_ID);
+ Map> organizationsForTestCase3 =
+ setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase3();
+ Map expectedResultsForTestCase3 =
+ setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase3();
+
+ // Test case 4: User sharing with conflicting users.
+ List userIdsForTestCase4 = Collections.singletonList(
+ getUserId(ROOT_ORG_USER_DUPLICATED_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map> organizationsForTestCase4 =
+ setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase4();
+ Map expectedResultsForTestCase4 =
+ setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase4();
+
+ // Test case 5: User sharing with non-immediate child organizations.
+ List userIdsForTestCase5 =
+ Arrays.asList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_2_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map> organizationsForTestCase5 =
+ setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase5();
+ Map expectedResultsForTestCase5 =
+ setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase5();
+
+ return new Object[][]{
+ {userIdsForTestCase1, organizationsForTestCase1, expectedResultsForTestCase1},
+ {userIdsForTestCase2, organizationsForTestCase2, expectedResultsForTestCase2},
+ {userIdsForTestCase3, organizationsForTestCase3, expectedResultsForTestCase3},
+ {userIdsForTestCase4, organizationsForTestCase4, expectedResultsForTestCase4},
+ {userIdsForTestCase5, organizationsForTestCase5, expectedResultsForTestCase5}
+ };
+ }
+
+ @Test(dataProvider = "selectiveUserSharingWithInvalidDetailsDataProvider")
+ public void testSelectiveUserSharing(List userIds, Map> organizations,
+ Map expectedResults) throws Exception {
+
+ UserShareRequestBody requestBody = new UserShareRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserSharing(userIds))
+ .organizations(getOrganizationsForSelectiveUserSharing(organizations));
+
+ Response response = getResponseOfPost(USER_SHARING_API_BASE_PATH + SHARE_PATH, toJSONString(requestBody));
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_ACCEPTED)
+ .body(RESPONSE_STATUS, equalTo(RESPONSE_STATUS_VALUE))
+ .body(RESPONSE_DETAILS, equalTo(RESPONSE_DETAIL_VALUE_SHARING));
+
+ validateUserSharingResults(userIds, expectedResults);
+ }
+
+ // Invalid General User Sharing.
+
+ @DataProvider(name = "generalUserSharingWithInvalidDetailsDataProvider")
+ public Object[][] generalUserSharingWithInvalidDetailsDataProvider() {
+
+ // Test case 1: User sharing with invalid roles.
+ List userIdsForTestCase1 =
+ Collections.singletonList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map policyWithRolesForTestCase1 =
+ setPolicyWithRolesForGeneralUserSharingWithInvalidDetailsTestCase1();
+ Map expectedResultsForTestCase1 =
+ setExpectedResultsForGeneralUserSharingWithInvalidDetailsTestCase1();
+
+ // Test case 2: User sharing with invalid users.
+ List userIdsForTestCase2 = Arrays.asList(INVALID_USER_1_ID, INVALID_USER_2_ID);
+ Map policyWithRolesForTestCase2 =
+ setPolicyWithRolesForGeneralUserSharingWithInvalidDetailsTestCase2();
+ Map expectedResultsForTestCase2 =
+ setExpectedResultsForGeneralUserSharingWithInvalidDetailsTestCase2();
+
+ // Test case 3: User sharing with conflicting users.
+ List userIdsForTestCase3 = Collections.singletonList(
+ getUserId(ROOT_ORG_USER_DUPLICATED_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map policyWithRolesForTestCase3 =
+ setPolicyWithRolesForGeneralUserSharingWithInvalidDetailsTestCase3();
+ Map expectedResultsForTestCase3 =
+ setExpectedResultsForGeneralUserSharingWithInvalidDetailsTestCase3();
+
+ return new Object[][]{
+ {userIdsForTestCase1, policyWithRolesForTestCase1, expectedResultsForTestCase1},
+ {userIdsForTestCase2, policyWithRolesForTestCase2, expectedResultsForTestCase2},
+ {userIdsForTestCase3, policyWithRolesForTestCase3, expectedResultsForTestCase3}
+ };
+ }
+
+ @Test(dataProvider = "generalUserSharingWithInvalidDetailsDataProvider")
+ public void testGeneralUserSharing(List userIds, Map policyWithRoles,
+ Map expectedResults) throws Exception {
+
+ UserShareWithAllRequestBody requestBody = new UserShareWithAllRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserSharing(userIds))
+ .policy(getPolicyEnumForGeneralUserSharing(policyWithRoles))
+ .roles(getRolesForGeneralUserSharing(policyWithRoles));
+
+ Response response =
+ getResponseOfPost(USER_SHARING_API_BASE_PATH + SHARE_WITH_ALL_PATH, toJSONString(requestBody));
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_ACCEPTED)
+ .body(RESPONSE_STATUS, equalTo(RESPONSE_STATUS_VALUE))
+ .body(RESPONSE_DETAILS, equalTo(RESPONSE_DETAIL_VALUE_SHARING));
+
+ validateUserSharingResults(userIds, expectedResults);
+ }
+
+ // Invalid General User Unsharing.
+
+ @DataProvider(name = "generalUserUnsharingWithInvalidDetailsDataProvider")
+ public Object[][] generalUserUnsharingWithInvalidDetailsDataProvider() {
+
+ List sharingUserIdsForTestCase1 =
+ Collections.singletonList(getUserId(ROOT_ORG_USER_2_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map policyWithRolesForTestCase1 =
+ setPolicyWithRolesForGeneralUserSharingWithValidDetailsTestCase1();
+ Map expectedSharedResultsForTestCase1 =
+ setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase1();
+ List userIdsForTestCase1 = Collections.singletonList(INVALID_USER_1_ID);
+ Map expectedResultsForTestCase1 =
+ setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase1();
+
+ List sharingUserIdsForTestCase2 =
+ Collections.singletonList(getUserId(ROOT_ORG_USER_3_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map policyWithRolesForTestCase2 =
+ setPolicyWithRolesForGeneralUserSharingWithValidDetailsTestCase2();
+ Map expectedSharedResultsForTestCase2 =
+ setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase2();
+ List userIdsForTestCase2 = Arrays.asList(INVALID_USER_1_ID, INVALID_USER_2_ID);
+ Map expectedResultsForTestCase2 =
+ setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase2();
+
+ return new Object[][]{
+ {sharingUserIdsForTestCase1, policyWithRolesForTestCase1, expectedSharedResultsForTestCase1,
+ userIdsForTestCase1, expectedResultsForTestCase1},
+ {sharingUserIdsForTestCase2, policyWithRolesForTestCase2, expectedSharedResultsForTestCase2,
+ userIdsForTestCase2, expectedResultsForTestCase2},
+ };
+ }
+
+ @Test(dataProvider = "generalUserUnsharingWithInvalidDetailsDataProvider")
+ public void testGeneralUserUnsharing(List userIds, Map policyWithRoles,
+ Map expectedSharedResults, List removingUserIds,
+ Map expectedResults) throws Exception {
+
+ // Sharing valid users.
+ testGeneralUserSharing(userIds, policyWithRoles, expectedSharedResults);
+
+ // Unsharing invalid users.
+ UserUnshareWithAllRequestBody requestBody = new UserUnshareWithAllRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserUnsharing(removingUserIds));
+
+ Response response =
+ getResponseOfPost(USER_SHARING_API_BASE_PATH + UNSHARE_WITH_ALL_PATH, toJSONString(requestBody));
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_ACCEPTED)
+ .body(RESPONSE_STATUS, equalTo(RESPONSE_STATUS_VALUE))
+ .body(RESPONSE_DETAILS, equalTo(RESPONSE_DETAIL_VALUE_UNSHARING));
+
+ validateUserSharingResults(userIds, expectedResults);
+ }
+
+ // Invalid Selective User Unsharing.
+
+ @DataProvider(name = "selectiveUserUnsharingDataProvider")
+ public Object[][] selectiveUserUnsharingDataProvider() {
+
+ // ALL EXISTING
+ List userIdsForTestCase1 =
+ Collections.singletonList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map policyWithRolesForTestCase1 =
+ setPolicyWithRolesForGeneralUserSharingWithValidDetailsTestCase1();
+ Map expectedSharedResultsForTestCase1 =
+ setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase1();
+ List removingUserIdsForTestCase1 =
+ Arrays.asList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ INVALID_USER_1_ID, INVALID_USER_2_ID);
+ List removingOrgIdsForTestCase1 = Arrays.asList(getOrgId(L1_ORG_1_NAME), getOrgId(L1_ORG_2_NAME));
+ Map expectedResultsForTestCase1 =
+ setExpectedResultsForSelectiveUserUnsharingWithInvalidDetailsTestCase1();
+
+ // IMMEDIATE EXISTING AND FUTURE
+ List userIdsForTestCase2 =
+ Arrays.asList(getUserId(ROOT_ORG_USER_3_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_2_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map policyWithRolesForTestCase2 =
+ setPolicyWithRolesForGeneralUserSharingWithValidDetailsTestCase2();
+ Map expectedSharedResultsForTestCase2 =
+ setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase2();
+ List removingUserIdsForTestCase2 =
+ Arrays.asList(getUserId(ROOT_ORG_USER_3_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_2_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME), INVALID_USER_1_ID);
+ List removingOrgIdsForTestCase2 = Arrays.asList(getOrgId(L1_ORG_1_NAME), INVALID_ORG_1_ID);
+ Map expectedResultsForTestCase2 =
+ setExpectedResultsForSelectiveUserUnsharingWithInvalidDetailsTestCase2();
+
+ return new Object[][]{
+ {userIdsForTestCase1, policyWithRolesForTestCase1, expectedSharedResultsForTestCase1,
+ removingUserIdsForTestCase1, removingOrgIdsForTestCase1, expectedResultsForTestCase1},
+ {userIdsForTestCase2, policyWithRolesForTestCase2, expectedSharedResultsForTestCase2,
+ removingUserIdsForTestCase2, removingOrgIdsForTestCase2, expectedResultsForTestCase2}
+ };
+ }
+
+ @Test(dataProvider = "selectiveUserUnsharingDataProvider")
+ public void testSelectiveUserUnsharing(List userIds, Map policyWithRoles,
+ Map expectedSharedResults, List removingUserIds,
+ List removingOrgIds, Map expectedResults)
+ throws Exception {
+
+ testGeneralUserSharing(userIds, policyWithRoles, expectedSharedResults);
+
+ UserUnshareRequestBody requestBody = new UserUnshareRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserUnsharing(removingUserIds))
+ .organizations(getOrganizationsForSelectiveUserUnsharing(removingOrgIds));
+
+ Response response = getResponseOfPost(USER_SHARING_API_BASE_PATH + UNSHARE_PATH, toJSONString(requestBody));
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_ACCEPTED)
+ .body(RESPONSE_STATUS, equalTo(RESPONSE_STATUS_VALUE))
+ .body(RESPONSE_DETAILS, equalTo(RESPONSE_DETAIL_VALUE_UNSHARING));
+
+ validateUserSharingResults(userIds, expectedResults);
+ }
+
+ // Invalid Selective User Sharing for re-sharing.
+
+ @DataProvider(name = "selectiveUserSharingWithReSharingDataProvider")
+ public Object[][] selectiveUserSharingWithReSharingDataProvider() {
+
+ // Test case 1: User re-sharing.
+ List userIdsForTestCase1 =
+ Collections.singletonList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map> organizationsForTestCase1 =
+ setOrganizationsForSelectiveUserSharingWithValidDetailsTestCase1();
+ Map expectedSharedResultsForTestCase1 =
+ setExpectedResultsForSelectiveUserSharingWithValidDetailsTestCase1();
+ Map> organizationsForReSharingTestCase1 =
+ setOrganizationsForSelectiveUserSharingWithReSharingTestCase1();
+ Map reSharingSubOrgDetailsForTestCase1 = orgDetails.get(L1_ORG_1_NAME);
+ Map expectedResultsForTestCase1 =
+ setExpectedResultsForSelectiveUserSharingWithReSharingTestCase1();
+
+ return new Object[][]{
+ {userIdsForTestCase1, organizationsForTestCase1, expectedSharedResultsForTestCase1,
+ organizationsForReSharingTestCase1, reSharingSubOrgDetailsForTestCase1,
+ expectedResultsForTestCase1}
+ };
+ }
+
+ @Test(dataProvider = "selectiveUserSharingWithReSharingDataProvider")
+ public void testSelectiveUserSharingWithReSharing(List userIds,
+ Map> organizations,
+ Map expectedSharedResults,
+ Map> organizationsForReSharing,
+ Map reSharingSubOrgDetails,
+ Map expectedResults) throws Exception {
+
+ UserShareRequestBody requestBody = new UserShareRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserSharing(userIds))
+ .organizations(getOrganizationsForSelectiveUserSharing(organizations));
+
+ Response response = getResponseOfPost(USER_SHARING_API_BASE_PATH + SHARE_PATH, toJSONString(requestBody));
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_ACCEPTED)
+ .body(RESPONSE_STATUS, equalTo(RESPONSE_STATUS_VALUE))
+ .body(RESPONSE_DETAILS, equalTo(RESPONSE_DETAIL_VALUE_SHARING));
+
+ List sharedUserIds =
+ validateUserSharingResultsAndGetSharedUsersList(userIds, reSharingSubOrgDetails, expectedSharedResults);
+
+ UserShareRequestBody requestBodyForReSharing = new UserShareRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserSharing(sharedUserIds))
+ .organizations(getOrganizationsForSelectiveUserSharing(organizationsForReSharing));
+
+ HttpResponse responseOfReSharing = getResponseOfPostToSubOrg(USER_SHARING_API_BASE_PATH + SHARE_PATH,
+ toJSONString(requestBodyForReSharing),
+ reSharingSubOrgDetails.get(MAP_ORG_DETAILS_KEY_ORG_SWITCH_TOKEN).toString());
+
+ Assert.assertEquals(responseOfReSharing.getStatusLine().getStatusCode(), HttpStatus.SC_ACCEPTED);
+
+ validateUserSharingResults(sharedUserIds, expectedResults);
+ }
+
+ // Invalid General User Sharing for re-sharing.
+
+ @DataProvider(name = "generalUserSharingWithReSharingDataProvider")
+ public Object[][] generalUserSharingWithReSharingDataProvider() {
+
+ // Test case 1: User re-sharing.
+ List userIdsForTestCase1 =
+ Collections.singletonList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map policyWithRolesForTestCase1 =
+ setPolicyWithRolesForGeneralUserSharingWithValidDetailsTestCase1();
+ Map expectedSharedResultsForTestCase1 =
+ setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase1();
+ Map reSharingSubOrgDetailsForTestCase1 = orgDetails.get(L1_ORG_1_NAME);
+ Map expectedResultsForTestCase1 =
+ setExpectedResultsForGeneralUserSharingWithReSharingTestCase1();
+
+ return new Object[][]{
+ {userIdsForTestCase1, policyWithRolesForTestCase1, expectedSharedResultsForTestCase1,
+ reSharingSubOrgDetailsForTestCase1, expectedResultsForTestCase1}
+ };
+ }
+
+ @Test(dataProvider = "generalUserSharingWithReSharingDataProvider")
+ public void testGeneralUserSharingWithReSharing(List userIds, Map policyWithRoles,
+ Map expectedSharedResults,
+ Map reSharingSubOrgDetails,
+ Map expectedResults) throws Exception {
+
+ UserShareWithAllRequestBody requestBody = new UserShareWithAllRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserSharing(userIds))
+ .policy(getPolicyEnumForGeneralUserSharing(policyWithRoles))
+ .roles(getRolesForGeneralUserSharing(policyWithRoles));
+
+ Response response =
+ getResponseOfPost(USER_SHARING_API_BASE_PATH + SHARE_WITH_ALL_PATH, toJSONString(requestBody));
+
+ response.then()
+ .log().ifValidationFails()
+ .assertThat()
+ .statusCode(HttpStatus.SC_ACCEPTED)
+ .body(RESPONSE_STATUS, equalTo(RESPONSE_STATUS_VALUE))
+ .body(RESPONSE_DETAILS, equalTo(RESPONSE_DETAIL_VALUE_SHARING));
+
+ List sharedUserIds =
+ validateUserSharingResultsAndGetSharedUsersList(userIds, reSharingSubOrgDetails, expectedSharedResults);
+
+ UserShareWithAllRequestBody requestBodyForReSharing = new UserShareWithAllRequestBody()
+ .userCriteria(getUserCriteriaForBaseUserSharing(userIds))
+ .policy(getPolicyEnumForGeneralUserSharing(policyWithRoles))
+ .roles(getRolesForGeneralUserSharing(policyWithRoles));
+
+ HttpResponse responseOfReSharing = getResponseOfPostToSubOrg(USER_SHARING_API_BASE_PATH + SHARE_WITH_ALL_PATH,
+ toJSONString(requestBodyForReSharing),
+ reSharingSubOrgDetails.get(MAP_ORG_DETAILS_KEY_ORG_SWITCH_TOKEN).toString());
+
+ Assert.assertEquals(responseOfReSharing.getStatusLine().getStatusCode(), HttpStatus.SC_ACCEPTED);
+
+ validateUserSharingResults(sharedUserIds, expectedResults);
+ }
+
+ // Test cases builders.
+
+ private Map> setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase1() {
+
+ Map> organizations = new HashMap<>();
+
+ // Organization 1
+ Map org1 = new HashMap<>();
+ org1.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_1_NAME));
+ org1.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_1_NAME);
+ org1.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_ALL_EXISTING_CHILDREN_ONLY);
+ org1.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(INVALID_APP_ROLE_1, INVALID_APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_1_NAME, org1);
+
+ // Organization 2
+ Map org2 = new HashMap<>();
+ org2.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_2_NAME));
+ org2.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_2_NAME);
+ org2.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN);
+ org2.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(APP_ROLE_1, INVALID_APP_2_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_2_NAME, org2);
+
+ // Organization 3
+ Map org3 = new HashMap<>();
+ org3.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_3_NAME));
+ org3.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_3_NAME);
+ org3.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_ONLY);
+ org3.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(INVALID_APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(INVALID_ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE),
+ createRoleWithAudience(INVALID_ORG_ROLE_2, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_3_NAME, org3);
+
+ return organizations;
+ }
+
+ private Map setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase1() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 7);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS,
+ Arrays.asList(getOrgId(L1_ORG_1_NAME), getOrgId(L2_ORG_1_NAME), getOrgId(L2_ORG_2_NAME),
+ getOrgId(L3_ORG_1_NAME), getOrgId(L1_ORG_2_NAME), getOrgId(L2_ORG_3_NAME),
+ getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES,
+ Arrays.asList(L1_ORG_1_NAME, L2_ORG_1_NAME, L2_ORG_2_NAME, L3_ORG_1_NAME, L1_ORG_2_NAME, L2_ORG_3_NAME,
+ L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L3_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, L1_ORG_2_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_3_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, L2_ORG_3_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME), Collections.emptyList());
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map> setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase2() {
+
+ Map> organizations = new HashMap<>();
+
+ // Organization 1
+ Map org1 = new HashMap<>();
+ org1.put(MAP_KEY_SELECTIVE_ORG_ID, INVALID_ORG_1_ID);
+ org1.put(MAP_KEY_SELECTIVE_ORG_NAME, INVALID_ORG_1_NAME);
+ org1.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_ALL_EXISTING_CHILDREN_ONLY);
+ org1.put(MAP_KEY_SELECTIVE_ROLES, Collections.singletonList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(INVALID_ORG_1_NAME, org1);
+
+ // Organization 2
+ Map org2 = new HashMap<>();
+ org2.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_2_NAME));
+ org2.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_2_NAME);
+ org2.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN);
+ org2.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_2_NAME, org2);
+
+ return organizations;
+ }
+
+ private Map setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase2() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 2);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS, Arrays.asList(getOrgId(L1_ORG_2_NAME), getOrgId(L2_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES, Arrays.asList(L1_ORG_2_NAME, L2_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, L1_ORG_2_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_3_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, L2_ORG_3_NAME, ORGANIZATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map> setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase3() {
+
+ Map> organizations = new HashMap<>();
+
+ // Organization 1
+ Map org1 = new HashMap<>();
+ org1.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_1_NAME));
+ org1.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_1_NAME);
+ org1.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_ALL_EXISTING_CHILDREN_ONLY);
+ org1.put(MAP_KEY_SELECTIVE_ROLES, Collections.singletonList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_1_NAME, org1);
+
+ // Organization 2
+ Map org2 = new HashMap<>();
+ org2.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_2_NAME));
+ org2.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_2_NAME);
+ org2.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN);
+ org2.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_2_NAME, org2);
+
+ // Organization 3
+ Map org3 = new HashMap<>();
+ org3.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_3_NAME));
+ org3.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_3_NAME);
+ org3.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_ONLY);
+ org3.put(MAP_KEY_SELECTIVE_ROLES, Collections.emptyList());
+
+ organizations.put(L1_ORG_3_NAME, org3);
+
+ return organizations;
+ }
+
+ private Map setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase3() {
+
+ return setExpectedResultsForEmptySharedResult();
+ }
+
+ private Map> setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase4() {
+
+ Map> organizations = new HashMap<>();
+
+ // Organization 1
+ Map org1 = new HashMap<>();
+ org1.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_1_NAME));
+ org1.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_1_NAME);
+ org1.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_EXISTING_IMMEDIATE_CHILDREN_ONLY);
+ org1.put(MAP_KEY_SELECTIVE_ROLES, Collections.singletonList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_1_NAME, org1);
+
+ // Organization 2
+ Map org2 = new HashMap<>();
+ org2.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_2_NAME));
+ org2.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_2_NAME);
+ org2.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_ONLY);
+ org2.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_2_NAME, org2);
+
+ return organizations;
+ }
+
+ private Map setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase4() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 3);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS,
+ Arrays.asList(getOrgId(L1_ORG_2_NAME), getOrgId(L2_ORG_1_NAME), getOrgId(L2_ORG_2_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES, Arrays.asList(L1_ORG_2_NAME, L2_ORG_1_NAME, L2_ORG_2_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, L1_ORG_2_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map> setOrganizationsForSelectiveUserSharingWithInvalidDetailsTestCase5() {
+
+ Map> organizations = new HashMap<>();
+
+ // Organization 1
+ Map org1 = new HashMap<>();
+ org1.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L3_ORG_1_NAME));
+ org1.put(MAP_KEY_SELECTIVE_ORG_NAME, L3_ORG_1_NAME);
+ org1.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_ONLY);
+ org1.put(MAP_KEY_SELECTIVE_ROLES, Collections.singletonList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(INVALID_ORG_1_NAME, org1);
+
+ // Organization 2
+ Map org2 = new HashMap<>();
+ org2.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_2_NAME));
+ org2.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_2_NAME);
+ org2.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN);
+ org2.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_2, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_2_NAME, org2);
+
+ return organizations;
+ }
+
+ private Map setExpectedResultsForSelectiveUserSharingWithInvalidDetailsTestCase5() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 2);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS, Arrays.asList(getOrgId(L1_ORG_2_NAME), getOrgId(L2_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES, Arrays.asList(L1_ORG_2_NAME, L2_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_2, L1_ORG_2_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_3_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_2, L2_ORG_3_NAME, ORGANIZATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map setPolicyWithRolesForGeneralUserSharingWithInvalidDetailsTestCase1() {
+
+ Map policyWithRoles = new HashMap<>();
+
+ policyWithRoles.put(MAP_KEY_GENERAL_POLICY, ALL_EXISTING_ORGS_ONLY);
+ policyWithRoles.put(MAP_KEY_GENERAL_ROLES, Arrays.asList(
+ createRoleWithAudience(INVALID_APP_ROLE_1, INVALID_APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(APP_ROLE_1, INVALID_APP_2_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(INVALID_APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(INVALID_ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE),
+ createRoleWithAudience(INVALID_ORG_ROLE_2, INVALID_ORG_1_NAME, ORGANIZATION_AUDIENCE),
+ createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ return policyWithRoles;
+ }
+
+ private Map setExpectedResultsForGeneralUserSharingWithInvalidDetailsTestCase1() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 7);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS,
+ Arrays.asList(getOrgId(L1_ORG_1_NAME), getOrgId(L2_ORG_1_NAME), getOrgId(L2_ORG_2_NAME),
+ getOrgId(L3_ORG_1_NAME), getOrgId(L1_ORG_2_NAME), getOrgId(L2_ORG_3_NAME),
+ getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES,
+ Arrays.asList(L1_ORG_1_NAME, L2_ORG_1_NAME, L2_ORG_2_NAME, L3_ORG_1_NAME, L1_ORG_2_NAME, L2_ORG_3_NAME,
+ L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L3_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map setPolicyWithRolesForGeneralUserSharingWithInvalidDetailsTestCase2() {
+
+ Map policyWithRoles = new HashMap<>();
+
+ policyWithRoles.put(MAP_KEY_GENERAL_POLICY, IMMEDIATE_EXISTING_AND_FUTURE_ORGS);
+ policyWithRoles.put(MAP_KEY_GENERAL_ROLES,
+ Arrays.asList(createRoleWithAudience(APP_ROLE_3, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_3, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ return policyWithRoles;
+ }
+
+ private Map setExpectedResultsForGeneralUserSharingWithInvalidDetailsTestCase2() {
+
+ return setExpectedResultsForEmptySharedResult();
+ }
+
+ private Map setPolicyWithRolesForGeneralUserSharingWithInvalidDetailsTestCase3() {
+
+ Map policyWithRoles = new HashMap<>();
+
+ policyWithRoles.put(MAP_KEY_GENERAL_POLICY, IMMEDIATE_EXISTING_ORGS_ONLY);
+ policyWithRoles.put(MAP_KEY_GENERAL_ROLES,
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ return policyWithRoles;
+ }
+
+ private Map setExpectedResultsForGeneralUserSharingWithInvalidDetailsTestCase3() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 2);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS, Arrays.asList(getOrgId(L1_ORG_2_NAME), getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES, Arrays.asList(L1_ORG_2_NAME, L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map> setOrganizationsForSelectiveUserSharingWithValidDetailsTestCase1() {
+
+ Map> organizations = new HashMap<>();
+
+ // Organization 1
+ Map org1 = new HashMap<>();
+ org1.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_1_NAME));
+ org1.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_1_NAME);
+ org1.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_ALL_EXISTING_AND_FUTURE_CHILDREN);
+ org1.put(MAP_KEY_SELECTIVE_ROLES,
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_1_NAME, org1);
+
+ // Organization 2
+ Map org2 = new HashMap<>();
+ org2.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_2_NAME));
+ org2.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_2_NAME);
+ org2.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN);
+ org2.put(MAP_KEY_SELECTIVE_ROLES,
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_2_NAME, org2);
+
+ // Organization 3
+ Map org3 = new HashMap<>();
+ org3.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L1_ORG_3_NAME));
+ org3.put(MAP_KEY_SELECTIVE_ORG_NAME, L1_ORG_3_NAME);
+ org3.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_ONLY);
+ org3.put(MAP_KEY_SELECTIVE_ROLES,
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(L1_ORG_3_NAME, org3);
+
+ return organizations;
+ }
+
+ private Map setExpectedResultsForSelectiveUserSharingWithValidDetailsTestCase1() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 7);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS,
+ Arrays.asList(getOrgId(L1_ORG_1_NAME), getOrgId(L2_ORG_1_NAME), getOrgId(L2_ORG_2_NAME),
+ getOrgId(L3_ORG_1_NAME), getOrgId(L1_ORG_2_NAME), getOrgId(L2_ORG_3_NAME),
+ getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES,
+ Arrays.asList(L1_ORG_1_NAME, L2_ORG_1_NAME, L2_ORG_2_NAME, L3_ORG_1_NAME, L1_ORG_2_NAME, L2_ORG_3_NAME,
+ L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L3_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, L1_ORG_2_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_3_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, L2_ORG_3_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_2, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map setPolicyWithRolesForGeneralUserSharingWithValidDetailsTestCase1() {
+
+ Map policyWithRoles = new HashMap<>();
+
+ policyWithRoles.put(MAP_KEY_GENERAL_POLICY, ALL_EXISTING_ORGS_ONLY);
+ policyWithRoles.put(MAP_KEY_GENERAL_ROLES, Collections.singletonList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ return policyWithRoles;
+ }
+
+ private Map setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase1() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 7);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS,
+ Arrays.asList(getOrgId(L1_ORG_1_NAME), getOrgId(L2_ORG_1_NAME), getOrgId(L2_ORG_2_NAME),
+ getOrgId(L3_ORG_1_NAME), getOrgId(L1_ORG_2_NAME), getOrgId(L2_ORG_3_NAME),
+ getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES,
+ Arrays.asList(L1_ORG_1_NAME, L2_ORG_1_NAME, L2_ORG_2_NAME, L3_ORG_1_NAME, L1_ORG_2_NAME, L2_ORG_3_NAME,
+ L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L3_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map setPolicyWithRolesForGeneralUserSharingWithValidDetailsTestCase2() {
+
+ Map policyWithRoles = new HashMap<>();
+
+ policyWithRoles.put(MAP_KEY_GENERAL_POLICY, IMMEDIATE_EXISTING_ORGS_ONLY);
+ policyWithRoles.put(MAP_KEY_GENERAL_ROLES,
+ Arrays.asList(createRoleWithAudience(APP_ROLE_3, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_3, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ return policyWithRoles;
+ }
+
+ private Map setExpectedResultsForGeneralUserSharingWithValidDetailsTestCase2() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 3);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS,
+ Arrays.asList(getOrgId(L1_ORG_1_NAME), getOrgId(L1_ORG_2_NAME), getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES, Arrays.asList(L1_ORG_1_NAME, L1_ORG_2_NAME, L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_1_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_3, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_3, L1_ORG_1_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_3, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_3, L1_ORG_2_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_3, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_3, L1_ORG_3_NAME, ORGANIZATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map setExpectedResultsForSelectiveUserUnsharingWithInvalidDetailsTestCase1() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 5);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS,
+ Arrays.asList(getOrgId(L2_ORG_1_NAME), getOrgId(L2_ORG_2_NAME), getOrgId(L3_ORG_1_NAME),
+ getOrgId(L2_ORG_3_NAME), getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES,
+ Arrays.asList(L2_ORG_1_NAME, L2_ORG_2_NAME, L3_ORG_1_NAME, L2_ORG_3_NAME, L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_2_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L3_ORG_1_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L2_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME),
+ Collections.singletonList(createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map setExpectedResultsForSelectiveUserUnsharingWithInvalidDetailsTestCase2() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 2);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS, Arrays.asList(getOrgId(L1_ORG_2_NAME), getOrgId(L1_ORG_3_NAME)));
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES, Arrays.asList(L1_ORG_2_NAME, L1_ORG_3_NAME));
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_2_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_3, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_3, L1_ORG_2_NAME, ORGANIZATION_AUDIENCE)));
+ expectedRolesPerExpectedOrg.put(getOrgId(L1_ORG_3_NAME),
+ Arrays.asList(createRoleWithAudience(APP_ROLE_3, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_3, L1_ORG_3_NAME, ORGANIZATION_AUDIENCE)));
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ private Map> setOrganizationsForSelectiveUserSharingWithReSharingTestCase1() {
+
+ Map> organizations = new HashMap<>();
+
+ // Organization 1
+ Map org1 = new HashMap<>();
+ org1.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L2_ORG_1_NAME));
+ org1.put(MAP_KEY_SELECTIVE_ORG_NAME, L2_ORG_1_NAME);
+ org1.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_ALL_EXISTING_CHILDREN_ONLY);
+ org1.put(MAP_KEY_SELECTIVE_ROLES, Collections.singletonList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE)));
+
+ organizations.put(L2_ORG_1_NAME, org1);
+
+ // Organization 2
+ Map org2 = new HashMap<>();
+ org2.put(MAP_KEY_SELECTIVE_ORG_ID, getOrgId(L2_ORG_2_NAME));
+ org2.put(MAP_KEY_SELECTIVE_ORG_NAME, L2_ORG_2_NAME);
+ org2.put(MAP_KEY_SELECTIVE_POLICY, SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN);
+ org2.put(MAP_KEY_SELECTIVE_ROLES, Arrays.asList(
+ createRoleWithAudience(APP_ROLE_1, APP_1_NAME, APPLICATION_AUDIENCE),
+ createRoleWithAudience(ORG_ROLE_1, ROOT_ORG_NAME, ORGANIZATION_AUDIENCE)));
+
+ organizations.put(L2_ORG_2_NAME, org2);
+
+ return organizations;
+ }
+
+ private Map setExpectedResultsForSelectiveUserSharingWithReSharingTestCase1() {
+
+ return setExpectedResultsForEmptySharedResult();
+ }
+
+ private Map setExpectedResultsForGeneralUserSharingWithReSharingTestCase1() {
+
+ return setExpectedResultsForEmptySharedResult();
+ }
+
+ private Map setExpectedResultsForEmptySharedResult() {
+
+ Map expectedResults = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_COUNT, 0);
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_IDS, Collections.emptyList());
+ expectedResults.put(MAP_KEY_EXPECTED_ORG_NAMES, Collections.emptyList());
+
+ Map> expectedRolesPerExpectedOrg = new HashMap<>();
+
+ expectedResults.put(MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG, expectedRolesPerExpectedOrg);
+
+ return expectedResults;
+ }
+
+ // Setup methods.
+
+ private void setupDetailMaps() {
+
+ userDetails = new HashMap<>();
+ orgDetails = new HashMap<>();
+ appDetails = new HashMap<>();
+ roleDetails = new HashMap<>();
+ }
+
+ private void setupRestClients() throws Exception {
+
+ oAuth2RestClient = new OAuth2RestClient(serverURL, tenantInfo);
+ scim2RestClient = new SCIM2RestClient(serverURL, tenantInfo);
+ orgMgtRestClient = new OrgMgtRestClient(context, tenantInfo, serverURL,
+ new JSONObject(readResource(AUTHORIZED_APIS_JSON)));
+ httpClient = HttpClientBuilder.create().build();
+ }
+
+ private void setupOrganizations() throws Exception {
+
+ // Create Level 1 Organizations
+ addOrganization(L1_ORG_1_NAME);
+ addOrganization(L1_ORG_2_NAME);
+ addOrganization(L1_ORG_3_NAME);
+
+ // Create Level 2 Organizations
+ addSubOrganization(L2_ORG_1_NAME, getOrgId(L1_ORG_1_NAME), 2);
+ addSubOrganization(L2_ORG_2_NAME, getOrgId(L1_ORG_1_NAME), 2);
+ addSubOrganization(L2_ORG_3_NAME, getOrgId(L1_ORG_2_NAME), 2);
+
+ // Create Level 3 Organization
+ addSubOrganization(L3_ORG_1_NAME, getOrgId(L2_ORG_1_NAME), 3);
+ }
+
+ protected void setupApplicationsAndRoles() throws Exception {
+
+ Map rootOrgOrganizationRoles =
+ setUpOrganizationRoles(ROOT_ORG_NAME, Arrays.asList(ORG_ROLE_1, ORG_ROLE_2, ORG_ROLE_3));
+
+ createApplication(APP_1_NAME, APPLICATION_AUDIENCE, Arrays.asList(APP_ROLE_1, APP_ROLE_2, APP_ROLE_3));
+ createApplication(APP_2_NAME, ORGANIZATION_AUDIENCE, new ArrayList<>(rootOrgOrganizationRoles.keySet()));
+ }
+
+ private void setupUsers() throws Exception {
+
+ createUser(createUserObject(USER_DOMAIN_PRIMARY, ROOT_ORG_USER_1_USERNAME, ROOT_ORG_NAME));
+ createUser(createUserObject(USER_DOMAIN_PRIMARY, ROOT_ORG_USER_2_USERNAME, ROOT_ORG_NAME));
+ createUser(createUserObject(USER_DOMAIN_PRIMARY, ROOT_ORG_USER_3_USERNAME, ROOT_ORG_NAME));
+ createUser(createUserObject(USER_DOMAIN_PRIMARY, ROOT_ORG_USER_DUPLICATED_USERNAME, ROOT_ORG_NAME));
+
+ createSuborgUser(createUserObject(USER_DOMAIN_PRIMARY, L1_ORG_1_USER_1_USERNAME, L1_ORG_1_NAME), L1_ORG_1_NAME);
+ createSuborgUser(createUserObject(USER_DOMAIN_PRIMARY, L1_ORG_1_USER_2_USERNAME, L1_ORG_1_NAME), L1_ORG_1_NAME);
+ createSuborgUser(createUserObject(USER_DOMAIN_PRIMARY, L1_ORG_1_USER_3_USERNAME, L1_ORG_1_NAME), L1_ORG_1_NAME);
+ createSuborgUser(createUserObject(USER_DOMAIN_PRIMARY, ROOT_ORG_USER_DUPLICATED_USERNAME, ROOT_ORG_NAME),
+ L1_ORG_1_NAME);
+ }
+}
diff --git a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/user/sharing/management/v1/UserSharingSuccessTest.java b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/user/sharing/management/v1/UserSharingSuccessTest.java
index dac0e488bb8..50d6ee8c84b 100644
--- a/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/user/sharing/management/v1/UserSharingSuccessTest.java
+++ b/modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/user/sharing/management/v1/UserSharingSuccessTest.java
@@ -20,6 +20,7 @@
import io.restassured.response.Response;
import org.apache.http.HttpStatus;
+import org.apache.http.impl.client.HttpClientBuilder;
import org.json.JSONObject;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
@@ -27,68 +28,84 @@
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.carbon.automation.engine.context.TestUserMode;
-import org.wso2.identity.integration.test.rest.api.server.application.management.v1.model.ApplicationResponseModel;
-import org.wso2.identity.integration.test.rest.api.server.application.management.v1.model.AssociatedRolesConfig;
-import org.wso2.identity.integration.test.rest.api.server.application.management.v1.model.OpenIDConnectConfiguration;
-import org.wso2.identity.integration.test.rest.api.server.roles.v2.model.Audience;
-import org.wso2.identity.integration.test.rest.api.server.roles.v2.model.RoleV2;
import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.RoleWithAudience;
-import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.RoleWithAudienceAudience;
import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBody;
-import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations;
-import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyUserCriteria;
-import org.wso2.identity.integration.test.rest.api.user.common.model.UserObject;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserUnshareRequestBody;
+import org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserUnshareWithAllRequestBody;
import org.wso2.identity.integration.test.restclients.OAuth2RestClient;
import org.wso2.identity.integration.test.restclients.OrgMgtRestClient;
import org.wso2.identity.integration.test.restclients.SCIM2RestClient;
-import java.io.IOException;
+import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
+import java.util.HashMap;
import java.util.List;
+import java.util.Map;
import static org.hamcrest.CoreMatchers.equalTo;
-import static org.hamcrest.CoreMatchers.everyItem;
-import static org.hamcrest.CoreMatchers.hasItems;
-import static org.hamcrest.CoreMatchers.notNullValue;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.API_VERSION;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APPLICATION_AUDIENCE;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_2_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_ROLE_1;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_ROLE_2;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.APP_ROLE_3;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.AUTHORIZED_APIS_JSON;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_USER_1_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_USER_2_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_1_USER_3_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_2_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L1_ORG_3_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L2_ORG_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L2_ORG_2_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L2_ORG_3_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.L3_ORG_1_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ORG_COUNT;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ORG_IDS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ORG_NAMES;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_EXPECTED_ROLES_PER_EXPECTED_ORG;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_GENERAL_POLICY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_GENERAL_ROLES;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_ORG_ID;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_ORG_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_POLICY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.MAP_KEY_SELECTIVE_ROLES;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORGANIZATION_AUDIENCE;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORG_ROLE_1;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORG_ROLE_2;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ORG_ROLE_3;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_DETAILS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_DETAIL_VALUE_SHARING;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_DETAIL_VALUE_UNSHARING;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_STATUS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.RESPONSE_STATUS_VALUE;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_NAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_USER_1_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_USER_2_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.ROOT_ORG_USER_3_USERNAME;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.SHARE_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.SHARE_WITH_ALL_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.UNSHARE_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.UNSHARE_WITH_ALL_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.USER_DOMAIN_PRIMARY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.constant.UserSharingConstants.USER_SHARING_API_BASE_PATH;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_ONLY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_WITH_ALL_EXISTING_AND_FUTURE_CHILDREN;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_WITH_ALL_EXISTING_CHILDREN_ONLY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareRequestBodyOrganizations.PolicyEnum.SELECTED_ORG_WITH_EXISTING_IMMEDIATE_AND_FUTURE_CHILDREN;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody.PolicyEnum.ALL_EXISTING_AND_FUTURE_ORGS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody.PolicyEnum.ALL_EXISTING_ORGS_ONLY;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody.PolicyEnum.IMMEDIATE_EXISTING_AND_FUTURE_ORGS;
+import static org.wso2.identity.integration.test.rest.api.server.user.sharing.management.v1.model.UserShareWithAllRequestBody.PolicyEnum.IMMEDIATE_EXISTING_ORGS_ONLY;
/**
* Tests for successful cases of the User Sharing REST APIs.
*/
public class UserSharingSuccessTest extends UserSharingBaseTest {
- private String rootOrgUserId;
- private String l1Org1UserId;
-
- private String l1Org1Id;
- private String l1Org2Id;
- private String l2Org1Id;
- private String l2Org2Id;
- private String l2Org3Id;
- private String l3Org1Id;
-
- private String l1Org1SwitchToken;
- private String l2Org1SwitchToken;
-
- private String appId1;
- private String appId2;
- private String sharedApp1IdInLevel1Org;
- private String sharedApp2IdInLevel1Org;
-
- private ApplicationResponseModel application1WithAppAudienceRoles;
- private ApplicationResponseModel application2WithOrgAudienceRoles;
- private String clientIdApp1;
- private String clientSecretApp1;
- private String clientIdApp2;
- private String clientSecretApp2;
-
- private String appRole1Id;
- private String appRole2Id;
- private String appRole3Id;
- private String orgRole1Id;
- private String orgRole2Id;
- private String orgRole3Id;
-
@Factory(dataProvider = "restAPIUserConfigProvider")
public UserSharingSuccessTest(TestUserMode userMode) throws Exception {
@@ -104,14 +121,9 @@ public UserSharingSuccessTest(TestUserMode userMode) throws Exception {
public void init() throws Exception {
super.testInit(API_VERSION, swaggerDefinition, tenant);
-
- oAuth2RestClient = new OAuth2RestClient(serverURL, tenantInfo);
- scim2RestClient = new SCIM2RestClient(serverURL, tenantInfo);
- orgMgtRestClient = new OrgMgtRestClient(context, tenantInfo, serverURL,
- new JSONObject(readResource(AUTHORIZED_APIS_JSON)));
-
+ setupDetailMaps();
+ setupRestClients();
setupOrganizations();
- setupTokens();
setupApplicationsAndRoles();
setupUsers();
}
@@ -120,31 +132,11 @@ public void init() throws Exception {
@AfterClass(alwaysRun = true)
public void testConclude() throws Exception {
- // Cleanup users
- deleteUserIfExists(rootOrgUserId);
- deleteSubOrgUserIfExists(l1Org1UserId, l1Org1SwitchToken);
-
- // Cleanup roles
- deleteRoleIfExists(appRole1Id);
- deleteRoleIfExists(appRole2Id);
- deleteRoleIfExists(appRole3Id);
- deleteRoleIfExists(orgRole1Id);
- deleteRoleIfExists(orgRole2Id);
- deleteRoleIfExists(orgRole3Id);
-
- // Cleanup applications
- deleteApplicationIfExists(application1WithAppAudienceRoles.getId());
- deleteApplicationIfExists(application2WithOrgAudienceRoles.getId());
-
- // Cleanup organizations
- deleteSubOrganizationIfExists(l3Org1Id, l2Org1Id);
- deleteSubOrganizationIfExists(l2Org3Id, l1Org2Id);
- deleteSubOrganizationIfExists(l2Org2Id, l1Org1Id);
- deleteSubOrganizationIfExists(l2Org1Id, l1Org1Id);
- deleteOrganizationIfExists(l1Org2Id);
- deleteOrganizationIfExists(l1Org1Id);
-
- // Close REST clients
+ cleanUpUsers();
+ cleanUpRoles(APPLICATION_AUDIENCE, ORGANIZATION_AUDIENCE);
+ cleanUpApplications();
+ cleanUpOrganizations();
+ cleanUpDetailMaps();
closeRestClients();
}
@@ -157,12 +149,36 @@ public static Object[][] restAPIUserConfigProvider() {
};
}
- @Test
- public void testShareUsersWithOrganizations() {
+ // Selective User Sharing.
+
+ @DataProvider(name = "selectiveUserSharingDataProvider")
+ public Object[][] selectiveUserSharingDataProvider() {
+
+ List userIdsForTestCase1 =
+ Collections.singletonList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map> organizationsForTestCase1 = setOrganizationsForSelectiveUserSharingTestCase1();
+ Map expectedResultsForTestCase1 = setExpectedResultsForSelectiveUserSharingTestCase1();
+
+ List userIdsForTestCase2 =
+ Arrays.asList(getUserId(ROOT_ORG_USER_1_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_2_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME),
+ getUserId(ROOT_ORG_USER_3_USERNAME, USER_DOMAIN_PRIMARY, ROOT_ORG_NAME));
+ Map> organizationsForTestCase2 = setOrganizationsForSelectiveUserSharingTestCase2();
+ Map