EPA-81: Test for unauthorized record

oviva-ag · Mar 30, 2024 · c9c2264 · c9c2264
1 parent 5392abf
commit c9c2264
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/diga-epa-client/src/test/java/com/oviva/epa/client/KonnektorServiceAcceptanceTest.java b/diga-epa-client/src/test/java/com/oviva/epa/client/KonnektorServiceAcceptanceTest.java
@@ -44,6 +44,8 @@ class KonnektorServiceAcceptanceTest {
   // adapt according to what is authorized for your SMC-B testcard,
   // when in doubt ask your provider (e.g. RISE)
   private static final String KVNR = "X110467329";
+
+  private static final String FAKE_KVNR = "A123456780";
   private static final String TI_KONNEKTOR_URI = "https://10.156.145.103:443";
   private static final String PROXY_ADDRESS = "127.0.0.1";
   private static final String KEYSTORE_FILE = "keys/vKon_Client_172.026.002.035.p12";
@@ -100,6 +102,22 @@ void getAuthorizationState() {
     assertTrue(authorizedApplications.stream().anyMatch(a -> "ePA".equals(a.name())));
   }
 
+  @Test
+  void getAuthorizationState_notAuthorized() {
+
+    // 1) get some valid home community
+    var hcid = konnektorService.getHomeCommunityID(KVNR);
+
+    // 2) create a record identifier we don't have access to
+    var recordIdentifier = new RecordIdentifier(FAKE_KVNR, hcid);
+
+    // 3) get the authorization state
+    var authorizedApplications = konnektorService.getAuthorizationState(recordIdentifier);
+
+    // 4) check whether we're authorized for the ePA
+    assertTrue(authorizedApplications.isEmpty());
+  }
+
   @Test
   void writeDocument() {