From e5b923aad073a7ced4ced59405d8ec98036a2f19 Mon Sep 17 00:00:00 2001 From: Enrico Vianello Date: Mon, 23 Dec 2024 16:40:29 +0100 Subject: [PATCH] Fix sonar issues --- .../infn/mw/iam/api/account/AccountUtils.java | 3 +- .../AccountAttributesController.java | 8 +- .../AccountGroupManagerController.java | 3 +- .../iam/api/group/GroupLabelsController.java | 3 - .../IamSecurityExpressionMethods.java | 6 +- .../cern/CernHrLifecycleHandler.java | 4 - .../lifecycle/cern/CernHrLifecycleUtils.java | 1 - .../iam/core/lifecycle/cern/CernStatus.java | 5 + .../oauth/IamOAuthConfirmationController.java | 157 ++++++++++-------- .../RegistrationApiController.java | 3 - .../CernAccountLifecycleDisableUserTests.java | 5 +- .../cern/CernAccountLifecycleTests.java | 8 +- 12 files changed, 104 insertions(+), 102 deletions(-) create mode 100644 iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernStatus.java diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/account/AccountUtils.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/account/AccountUtils.java index bd2c5a9e7..91188459d 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/api/account/AccountUtils.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/account/AccountUtils.java @@ -71,8 +71,7 @@ public Optional getAuthenticatedUserAccount(Authentication authn) { Authentication userAuthn = authn; - if (authn instanceof OAuth2Authentication) { - OAuth2Authentication oauth = (OAuth2Authentication) authn; + if (authn instanceof OAuth2Authentication oauth) { if (oauth.getUserAuthentication() == null) { return Optional.empty(); } diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/account/attributes/AccountAttributesController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/account/attributes/AccountAttributesController.java index 0c9efae12..f663ec9d2 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/api/account/attributes/AccountAttributesController.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/account/attributes/AccountAttributesController.java @@ -18,7 +18,6 @@ import static it.infn.mw.iam.api.utils.ValidationErrorUtils.stringifyValidationError; import static java.lang.String.format; import static org.springframework.http.HttpStatus.NO_CONTENT; -import static org.springframework.web.bind.annotation.RequestMethod.DELETE; import java.util.List; @@ -26,13 +25,12 @@ import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.BindingResult; import org.springframework.validation.annotation.Validated; +import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestController; @@ -96,7 +94,7 @@ public void setAttribute(@PathVariable String id, @RequestBody @Validated Attrib accountService.setAttribute(account, attr); } - @RequestMapping(value = "/iam/account/{id}/attributes", method = DELETE) + @DeleteMapping(value = "/iam/account/{id}/attributes") @PreAuthorize("#iam.hasScope('iam:admin.write') or #iam.hasDashboardRole('ROLE_ADMIN')") @ResponseStatus(value = NO_CONTENT) public void deleteAttribute(@PathVariable String id, @Validated AttributeDTO attribute, @@ -112,14 +110,12 @@ public void deleteAttribute(@PathVariable String id, @Validated AttributeDTO att @ResponseStatus(code = HttpStatus.BAD_REQUEST) @ExceptionHandler(InvalidAttributeError.class) - @ResponseBody public ErrorDTO handleValidationError(InvalidAttributeError e) { return ErrorDTO.fromString(e.getMessage()); } @ResponseStatus(code = HttpStatus.NOT_FOUND) @ExceptionHandler(NoSuchAccountError.class) - @ResponseBody public ErrorDTO handleNoSuchAccountError(NoSuchAccountError e) { return ErrorDTO.fromString(e.getMessage()); } diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/account/group_manager/AccountGroupManagerController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/account/group_manager/AccountGroupManagerController.java index e9a42e973..e63578b13 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/api/account/group_manager/AccountGroupManagerController.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/account/group_manager/AccountGroupManagerController.java @@ -16,7 +16,6 @@ package it.infn.mw.iam.api.account.group_manager; import java.util.List; -import java.util.stream.Collectors; import javax.servlet.http.HttpServletRequest; @@ -108,7 +107,7 @@ public List getGroupManagersForGroup(@PathVariable String groupId) { return service.getGroupManagersForGroup(group) .stream() .map(userConverter::dtoFromEntity) - .collect(Collectors.toList()); + .toList(); } diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/api/group/GroupLabelsController.java b/iam-login-service/src/main/java/it/infn/mw/iam/api/group/GroupLabelsController.java index 8eee09033..a2324c821 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/api/group/GroupLabelsController.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/api/group/GroupLabelsController.java @@ -32,7 +32,6 @@ import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestController; @@ -101,14 +100,12 @@ public void deleteLabel(@PathVariable String id, @Validated LabelDTO label, @ResponseStatus(code = HttpStatus.BAD_REQUEST) @ExceptionHandler(InvalidLabelError.class) - @ResponseBody public ErrorDTO handleValidationError(InvalidLabelError e) { return ErrorDTO.fromString(e.getMessage()); } @ResponseStatus(code = HttpStatus.NOT_FOUND) @ExceptionHandler(NoSuchGroupError.class) - @ResponseBody public ErrorDTO handleNotFoundError(NoSuchGroupError e) { return ErrorDTO.fromString(e.getMessage()); } diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/expression/IamSecurityExpressionMethods.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/expression/IamSecurityExpressionMethods.java index 4f53e1f97..062bba70a 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/core/expression/IamSecurityExpressionMethods.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/expression/IamSecurityExpressionMethods.java @@ -67,10 +67,9 @@ public enum Role { } public boolean isGroupManager(String groupUuid) { - boolean groupManager = authentication.getAuthorities() + return authentication.getAuthorities() .stream() .anyMatch(a -> a.getAuthority().equals(ROLE_GM + groupUuid)); - return groupManager; } public boolean isUser(String userUuid) { @@ -104,8 +103,7 @@ public boolean userCanDeleteGroupRequest(String requestId) { public boolean hasScope(String scope) { - if (authentication instanceof OAuth2Authentication) { - OAuth2Authentication oauth = (OAuth2Authentication) authentication; + if (authentication instanceof OAuth2Authentication oauth) { return scopeResolver.resolveScope(oauth).stream().anyMatch(s -> s.equals(scope)); } return false; diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleHandler.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleHandler.java index e5e77a954..5f6b940e7 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleHandler.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleHandler.java @@ -75,10 +75,6 @@ public class CernHrLifecycleHandler implements Runnable, SchedulingConfigurer { public static final Logger LOG = LoggerFactory.getLogger(CernHrLifecycleHandler.class); - public enum CernStatus { - IGNORED, ERROR, EXPIRED, VO_MEMBER - } - private final CernProperties cernProperties; private final IamAccountRepository accountRepo; private final IamAccountService accountService; diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleUtils.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleUtils.java index 98028a80f..aded51bea 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleUtils.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernHrLifecycleUtils.java @@ -30,7 +30,6 @@ import it.infn.mw.iam.api.registration.cern.dto.ParticipationDTO; import it.infn.mw.iam.core.lifecycle.ExpiredAccountsHandler; import it.infn.mw.iam.core.lifecycle.ExpiredAccountsHandler.AccountLifecycleStatus; -import it.infn.mw.iam.core.lifecycle.cern.CernHrLifecycleHandler.CernStatus; import it.infn.mw.iam.persistence.model.IamAccount; import it.infn.mw.iam.persistence.model.IamLabel; diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernStatus.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernStatus.java new file mode 100644 index 000000000..0b7731f8b --- /dev/null +++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/lifecycle/cern/CernStatus.java @@ -0,0 +1,5 @@ +package it.infn.mw.iam.core.lifecycle.cern; + +public enum CernStatus { + IGNORED, ERROR, EXPIRED, VO_MEMBER +} \ No newline at end of file diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/IamOAuthConfirmationController.java b/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/IamOAuthConfirmationController.java index 86e00e166..72e6fbbc7 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/IamOAuthConfirmationController.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/core/oauth/IamOAuthConfirmationController.java @@ -46,10 +46,9 @@ import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; import org.springframework.security.oauth2.provider.AuthorizationRequest; import org.springframework.security.oauth2.provider.endpoint.RedirectResolver; -import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.SessionAttributes; import org.springframework.web.bind.support.SessionStatus; @@ -64,16 +63,11 @@ import it.infn.mw.iam.core.oauth.scope.pdp.ScopePolicyPDP; import it.infn.mw.iam.persistence.model.IamAccount; -/** - * @author jricher - * - */ @SuppressWarnings("deprecation") -@Controller +@RestController @SessionAttributes("authorizationRequest") public class IamOAuthConfirmationController { - @Autowired private ClientDetailsEntityService clientService; @@ -116,7 +110,7 @@ public IamOAuthConfirmationController(ClientDetailsEntityService clientService) } @PreAuthorize("hasRole('ROLE_USER')") - @RequestMapping(path = "/oauth/confirm_access", method = RequestMethod.GET) + @GetMapping(path = "/oauth/confirm_access") public String confimAccess(Map model, @ModelAttribute("authorizationRequest") AuthorizationRequest authRequest, Authentication authUser, SessionStatus status) { @@ -148,26 +142,7 @@ public String confimAccess(Map model, if (prompts.contains("none")) { // if we've got a redirect URI then we'll send it - - String url = redirectResolver.resolveRedirect(authRequest.getRedirectUri(), client); - - try { - URIBuilder uriBuilder = new URIBuilder(url); - - uriBuilder.addParameter("error", "interaction_required"); - if (!Strings.isNullOrEmpty(authRequest.getState())) { - uriBuilder.addParameter("state", authRequest.getState()); // copy the state parameter if - // one was given - } - - status.setComplete(); - return "redirect:" + uriBuilder.toString(); - - } catch (URISyntaxException e) { - logger.error("Can't build redirect URI for prompt=none, sending error instead", e); - model.put("code", HttpStatus.FORBIDDEN); - return HttpCodeView.VIEWNAME; - } + return handleRedirectOrFail(model, authRequest, status, client); } model.put("auth_request", authRequest); @@ -181,22 +156,43 @@ public String confimAccess(Map model, // pre-process the scopes Set scopes = scopeService.fromStrings(authRequest.getScope()); - Set sortedScopes = new LinkedHashSet<>(scopes.size()); Set systemScopes = scopeService.getAll(); - // filter requested scopes according to the scope policy - IamAccount account = accountUtils.getAuthenticatedUserAccount(authUser) - .orElseThrow(() -> NoSuchAccountError.forUsername(authUser.getName())); + Set filteredScopes = getFilteredScopes(scopes, authUser); - Set filteredScopes = pdp.filterScopes(scopeService.toStrings(scopes), account); + Set sortedScopes = getSortedScopes(systemScopes, filteredScopes); - // admin scopes are not allowed to clients approved by regular users - if (!accountUtils.isAdmin(authUser)) { - filteredScopes = - filteredScopes.stream().filter(s -> !adminScopes.contains(s)).collect(Collectors.toSet()); + model.put("scopes", sortedScopes); + + authRequest.setScope(scopeService.toStrings(sortedScopes)); + + model.put("claims", getClaimsForScopes(sortedScopes, authUser.getName())); + + // client stats + Integer count = statsService.getCountForClientId(client.getClientId()).getApprovedSiteCount(); + model.put("count", count); + + // contacts + if (!client.getContacts().isEmpty()) { + String contacts = Joiner.on(", ").join(client.getContacts()); + model.put("contacts", contacts); } - // sort scopes for display based on the inherent order of system scopes + // if the client is over a week old and has more than one registration, don't give such a big + // warning instead, tag as "Generally Recognized As Safe" (gras) + Date lastWeek = new Date(System.currentTimeMillis() - (60 * 60 * 24 * 7 * 1000)); + Boolean expression = + count > 1 && client.getCreatedAt() != null && client.getCreatedAt().before(lastWeek); + model.put("gras", expression); + + return "iam/approveClient"; + } + + private Set getSortedScopes(Set systemScopes, + Set filteredScopes) { + + Set sortedScopes = new LinkedHashSet<>(systemScopes.size()); + for (SystemScope s : systemScopes) { if (scopeService.fromStrings(filteredScopes).contains(s)) { sortedScopes.add(s); @@ -206,51 +202,70 @@ public String confimAccess(Map model, // add in any scopes that aren't system scopes to the end of the list sortedScopes.addAll(Sets.difference(scopeService.fromStrings(filteredScopes), systemScopes)); - model.put("scopes", sortedScopes); + return sortedScopes; + } - authRequest.setScope(scopeService.toStrings(sortedScopes)); + private Set getFilteredScopes(Set scopes, Authentication authUser) + throws NoSuchAccountError { + + IamAccount account = accountUtils.getAuthenticatedUserAccount(authUser) + .orElseThrow(() -> NoSuchAccountError.forUsername(authUser.getName())); + + Set filteredScopes = pdp.filterScopes(scopeService.toStrings(scopes), account); + + if (!accountUtils.isAdmin(authUser)) { + filteredScopes = + filteredScopes.stream().filter(s -> !adminScopes.contains(s)).collect(Collectors.toSet()); + } + return filteredScopes; + } + + private Map> getClaimsForScopes(Set sortedScopes, + String username) { + + UserInfo user = userInfoService.getByUsername(username); - // get the userinfo claims for each scope - UserInfo user = userInfoService.getByUsername(authUser.getName()); Map> claimsForScopes = new HashMap<>(); - if (user != null) { - JsonObject userJson = user.toJson(); + if (user == null) { + return claimsForScopes; + } - for (SystemScope systemScope : sortedScopes) { - Map claimValues = new HashMap<>(); + JsonObject userJson = user.toJson(); + for (SystemScope systemScope : sortedScopes) { + Map claimValues = new HashMap<>(); - Set claims = scopeClaimTranslationService.getClaimsForScope(systemScope.getValue()); - for (String claim : claims) { - if (userJson.has(claim) && userJson.get(claim).isJsonPrimitive()) { - claimValues.put(claim, userJson.get(claim).getAsString()); - } + Set claims = scopeClaimTranslationService.getClaimsForScope(systemScope.getValue()); + for (String claim : claims) { + if (userJson.has(claim) && userJson.get(claim).isJsonPrimitive()) { + claimValues.put(claim, userJson.get(claim).getAsString()); } - - claimsForScopes.put(systemScope.getValue(), claimValues); } + claimsForScopes.put(systemScope.getValue(), claimValues); } + return claimsForScopes; + } - model.put("claims", claimsForScopes); + private String handleRedirectOrFail(Map model, AuthorizationRequest authRequest, + SessionStatus status, ClientDetailsEntity client) { - // client stats - Integer count = statsService.getCountForClientId(client.getClientId()).getApprovedSiteCount(); - model.put("count", count); + String url = redirectResolver.resolveRedirect(authRequest.getRedirectUri(), client); + try { + URIBuilder uriBuilder = new URIBuilder(url); - // contacts - if (!client.getContacts().isEmpty()) { - String contacts = Joiner.on(", ").join(client.getContacts()); - model.put("contacts", contacts); - } + uriBuilder.addParameter("error", "interaction_required"); + if (!Strings.isNullOrEmpty(authRequest.getState())) { + uriBuilder.addParameter("state", authRequest.getState()); + } - // if the client is over a week old and has more than one registration, don't give such a big - // warning - // instead, tag as "Generally Recognized As Safe" (gras) - Date lastWeek = new Date(System.currentTimeMillis() - (60 * 60 * 24 * 7 * 1000)); - Boolean expression = count > 1 && client.getCreatedAt() != null && client.getCreatedAt().before(lastWeek); - model.put("gras", expression); + status.setComplete(); + return "redirect:" + uriBuilder.toString(); - return "iam/approveClient"; + } catch (URISyntaxException e) { + logger.error("Can't build redirect URI for prompt=none, sending error instead", e); + model.put("code", HttpStatus.FORBIDDEN); + return HttpCodeView.VIEWNAME; + } } /** diff --git a/iam-login-service/src/main/java/it/infn/mw/iam/registration/RegistrationApiController.java b/iam-login-service/src/main/java/it/infn/mw/iam/registration/RegistrationApiController.java index 6c609e17e..53dfb4410 100644 --- a/iam-login-service/src/main/java/it/infn/mw/iam/registration/RegistrationApiController.java +++ b/iam-login-service/src/main/java/it/infn/mw/iam/registration/RegistrationApiController.java @@ -42,7 +42,6 @@ import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.servlet.ModelAndView; @@ -97,7 +96,6 @@ private Optional getExternalAuthenticati @PreAuthorize("#iam.hasScope('registration:read') or hasRole('ADMIN')") @GetMapping(value = "/registration/list") - @ResponseBody public List listRequests( @RequestParam(value = "status", required = false) IamRegistrationRequestStatus status) { @@ -106,7 +104,6 @@ public List listRequests( @PreAuthorize("#iam.hasScope('registration:read') or hasRole('ADMIN')") @GetMapping(value = "/registration/list/pending") - @ResponseBody public List listPendingRequests() { return service.listPendingRequests(); diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleDisableUserTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleDisableUserTests.java index 60fcc0acb..ea79c2aee 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleDisableUserTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleDisableUserTests.java @@ -58,6 +58,7 @@ import it.infn.mw.iam.core.lifecycle.ExpiredAccountsHandler; import it.infn.mw.iam.core.lifecycle.ExpiredAccountsHandler.AccountLifecycleStatus; import it.infn.mw.iam.core.lifecycle.cern.CernHrLifecycleHandler; +import it.infn.mw.iam.core.lifecycle.cern.CernStatus; import it.infn.mw.iam.core.user.IamAccountService; import it.infn.mw.iam.persistence.model.IamAccount; import it.infn.mw.iam.persistence.model.IamLabel; @@ -162,7 +163,7 @@ public void testCernPersonIdNotFoundMeansUserEndTimeIsResetToCurrentDate() { testAccount.getLabelByPrefixAndName(LABEL_CERN_PREFIX, LABEL_MESSAGE); assertThat(statusLabel.isPresent(), is(true)); - assertThat(statusLabel.get().getValue(), is(CernHrLifecycleHandler.CernStatus.EXPIRED.name())); + assertThat(statusLabel.get().getValue(), is(CernStatus.EXPIRED.name())); assertThat(timestampLabel.isPresent(), is(false)); @@ -208,7 +209,7 @@ public void testNoParticipationIsFoundMeansUserEndTimeIsResetToCurrentDate() { assertThat(statusLabel.isPresent(), is(true)); assertThat(statusLabel.get().getValue(), - is(CernHrLifecycleHandler.CernStatus.EXPIRED.name())); + is(CernStatus.EXPIRED.name())); assertThat(timestampLabel.isPresent(), is(false)); diff --git a/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleTests.java b/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleTests.java index 31cf9d915..63c18560e 100644 --- a/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleTests.java +++ b/iam-login-service/src/test/java/it/infn/mw/iam/test/lifecycle/cern/CernAccountLifecycleTests.java @@ -72,7 +72,7 @@ import it.infn.mw.iam.api.registration.cern.dto.VOPersonDTO; import it.infn.mw.iam.core.lifecycle.ExpiredAccountsHandler; import it.infn.mw.iam.core.lifecycle.cern.CernHrLifecycleHandler; -import it.infn.mw.iam.core.lifecycle.cern.CernHrLifecycleHandler.CernStatus; +import it.infn.mw.iam.core.lifecycle.cern.CernStatus; import it.infn.mw.iam.core.user.IamAccountService; import it.infn.mw.iam.persistence.model.IamAccount; import it.infn.mw.iam.persistence.model.IamLabel; @@ -452,7 +452,7 @@ public void testApiErrorIsHandled() { testAccount.getLabelByPrefixAndName(LABEL_CERN_PREFIX, LABEL_MESSAGE); assertThat(statusLabel.isPresent(), is(true)); - assertThat(statusLabel.get().getValue(), is(CernHrLifecycleHandler.CernStatus.ERROR.name())); + assertThat(statusLabel.get().getValue(), is(CernStatus.ERROR.name())); assertThat(timestampLabel.isPresent(), is(false)); @@ -480,7 +480,7 @@ public void testApiReturnsNullVoPersonIsHandled() { assertThat(statusLabel.isPresent(), is(true)); assertThat(statusLabel.get().getValue(), - is(CernHrLifecycleHandler.CernStatus.EXPIRED.name())); + is(CernStatus.EXPIRED.name())); assertThat(timestampLabel.isPresent(), is(false)); @@ -509,7 +509,7 @@ public void testApiReturnsVoPersonWithNoParticipationsIsHandled() { assertThat(statusLabel.isPresent(), is(true)); assertThat(statusLabel.get().getValue(), - is(CernHrLifecycleHandler.CernStatus.EXPIRED.name())); + is(CernStatus.EXPIRED.name())); assertThat(timestampLabel.isPresent(), is(false));