diff --git a/docs-core/pom.xml b/docs-core/pom.xml index cd58f6b9..69acf4c0 100644 --- a/docs-core/pom.xml +++ b/docs-core/pom.xml @@ -26,6 +26,11 @@ hibernate-entitymanager + + org.hibernate + hibernate-validator + + joda-time diff --git a/docs-core/src/main/java/com/sismics/docs/core/dao/file/theme/ThemeDao.java b/docs-core/src/main/java/com/sismics/docs/core/dao/file/theme/ThemeDao.java deleted file mode 100644 index c82989d6..00000000 --- a/docs-core/src/main/java/com/sismics/docs/core/dao/file/theme/ThemeDao.java +++ /dev/null @@ -1,38 +0,0 @@ -package com.sismics.docs.core.dao.file.theme; - -import com.google.common.collect.Lists; -import com.sismics.docs.core.util.DirectoryUtil; - -import java.io.File; -import java.io.FilenameFilter; -import java.util.ArrayList; -import java.util.List; - -/** - * Theme DAO. - * - * @author jtremeaux - */ -public class ThemeDao { - private final static FilenameFilter CSS_FILTER = new FilenameFilter() { - @Override - public boolean accept(File dir, String name) { - return name.endsWith(".css") || name.endsWith(".less"); - } - }; - - /** - * Return the list of all themes. - * - * @return List of themes - */ - public List findAll() { - final File themeDirectory = DirectoryUtil.getThemeDirectory(); - if (themeDirectory != null) { - return Lists.newArrayList(themeDirectory.list(CSS_FILTER)); - } else { - return new ArrayList(); - } - } - -} diff --git a/docs-core/src/main/java/com/sismics/docs/core/util/DirectoryUtil.java b/docs-core/src/main/java/com/sismics/docs/core/util/DirectoryUtil.java index 38b410da..dfbab290 100644 --- a/docs-core/src/main/java/com/sismics/docs/core/util/DirectoryUtil.java +++ b/docs-core/src/main/java/com/sismics/docs/core/util/DirectoryUtil.java @@ -1,9 +1,10 @@ package com.sismics.docs.core.util; -import com.sismics.util.EnvironmentUtil; +import java.io.File; + import org.apache.commons.lang.StringUtils; -import java.io.File; +import com.sismics.util.EnvironmentUtil; /** * Utilities to gain access to the storage directories used by the application. @@ -18,27 +19,27 @@ public class DirectoryUtil { */ public static File getBaseDataDirectory() { File baseDataDir = null; - if (EnvironmentUtil.getWebappRoot() != null) { - // We are in a webapp environment - if (StringUtils.isNotBlank(EnvironmentUtil.getDocsHome())) { - // If the docs.home property is set then use it - baseDataDir = new File(EnvironmentUtil.getDocsHome()); - if (!baseDataDir.isDirectory()) { - baseDataDir.mkdirs(); - } - } else { - // Use the base of the Webapp directory - baseDataDir = new File(EnvironmentUtil.getWebappRoot() + File.separator + "sismicsdocs"); - if (!baseDataDir.isDirectory()) { - baseDataDir.mkdirs(); - } + if (StringUtils.isNotBlank(EnvironmentUtil.getDocsHome())) { + // If the docs.home property is set then use it + baseDataDir = new File(EnvironmentUtil.getDocsHome()); + } else if (EnvironmentUtil.isUnitTest()) { + // For unit testing, use a temporary directory + baseDataDir = new File(System.getProperty("java.io.tmpdir")); + } else { + // We are in a webapp environment and nothing is specified, use the default directory for this OS + if (EnvironmentUtil.isUnix()) { + baseDataDir = new File("/var/docs"); + } if (EnvironmentUtil.isWindows()) { + baseDataDir = new File(EnvironmentUtil.getWindowsAppData() + "\\Sismics\\Docs"); + } else if (EnvironmentUtil.isMacOs()) { + baseDataDir = new File(EnvironmentUtil.getMacOsUserHome() + "/Library/Sismics/Docs"); } } - if (baseDataDir == null) { - // Or else (for unit testing), use a temporary directory - baseDataDir = new File(System.getProperty("java.io.tmpdir")); + + if (baseDataDir != null && !baseDataDir.isDirectory()) { + baseDataDir.mkdirs(); } - + return baseDataDir; } @@ -78,25 +79,6 @@ public class DirectoryUtil { return getDataSubDirectory("log"); } - /** - * Returns the themes directory. - * - * @return Theme directory. - */ - public static File getThemeDirectory() { - String webappRoot = EnvironmentUtil.getWebappRoot(); - File themeDir = null; - if (webappRoot != null) { - themeDir = new File(webappRoot + File.separator + "style" + File.separator + "theme"); - } else { - themeDir = new File(DirectoryUtil.class.getResource("/style/theme").getFile()); - } - if (themeDir != null && themeDir.isDirectory()) { - return themeDir; - } - return null; - } - /** * Returns a subdirectory of the base data directory * diff --git a/docs-core/src/main/java/com/sismics/util/EnvironmentUtil.java b/docs-core/src/main/java/com/sismics/util/EnvironmentUtil.java index 8fbff574..791956da 100644 --- a/docs-core/src/main/java/com/sismics/util/EnvironmentUtil.java +++ b/docs-core/src/main/java/com/sismics/util/EnvironmentUtil.java @@ -9,7 +9,7 @@ public class EnvironmentUtil { private static String OS = System.getProperty("os.name").toLowerCase(); - private static String TEST_ENV = System.getProperty("test"); + private static String APPLICATION_MODE = System.getProperty("application.mode"); private static String WINDOWS_APPDATA = System.getenv("APPDATA"); @@ -18,9 +18,9 @@ public class EnvironmentUtil { private static String DOCS_HOME = System.getProperty("docs.home"); /** - * Web application root. + * In a web application context. */ - private static String webappRoot; + private static boolean webappContext; /** * Returns true if running under Microsoft Windows. @@ -55,10 +55,18 @@ public class EnvironmentUtil { * @return Unit testing environment */ public static boolean isUnitTest() { - return webappRoot == null || - TEST_ENV != null && "true".equals(TEST_ENV); + return !webappContext || isDevMode(); } + /** + * Return true if we are in dev mode. + * + * @return Dev mode + */ + public static boolean isDevMode() { + return "dev".equalsIgnoreCase(APPLICATION_MODE); + } + /** * Returns the MS Windows AppData directory of this user. * @@ -87,20 +95,20 @@ public class EnvironmentUtil { } /** - * Getter of webappRoot. + * Getter of webappContext. * - * @return webappRoot + * @return webappContext */ - public static String getWebappRoot() { - return webappRoot; + public static boolean isWebappContext() { + return webappContext; } /** - * Setter of webappRoot. + * Setter of webappContext. * - * @param webappRoot webappRoot + * @param webappContext webappContext */ - public static void setWebappRoot(String webappRoot) { - EnvironmentUtil.webappRoot = webappRoot; + public static void setWebappContext(boolean webappContext) { + EnvironmentUtil.webappContext = webappContext; } } diff --git a/docs-parent/pom.xml b/docs-parent/pom.xml index 3b06b0b7..44d9d50a 100644 --- a/docs-parent/pom.xml +++ b/docs-parent/pom.xml @@ -26,7 +26,7 @@ 1.6.6 4.7 1.4.188 - 1.17 + 2.21 0.3m 4.2.0 4.2 @@ -34,12 +34,11 @@ 1.49 2.8.2 4.1.0.Final - 1.9.64 + 3.1.0 9.2.13.v20150730 9.2.13.v20150730 9.2.13.v20150730 - 3.0.20100224 1.8 @@ -163,9 +162,9 @@ - org.mortbay.jetty - servlet-api - ${org.mortbay.jetty.servlet-api.version} + javax.servlet + javax.servlet-api + ${javax.servlet.javax.servlet-api.version} @@ -229,47 +228,54 @@ - com.sun.jersey - jersey-server - ${com.sun.jersey.version} - - - - com.sun.jersey - jersey-bundle - ${com.sun.jersey.version} - - - - com.sun.jersey - jersey-json - ${com.sun.jersey.version} - - - - com.sun.jersey.contribs - jersey-multipart - ${com.sun.jersey.version} - - - - com.sun.jersey - jersey-client - ${com.sun.jersey.version} + org.glassfish.jersey.containers + jersey-container-servlet + ${org.glassfish.jersey.version} - com.sun.grizzly - grizzly-servlet-webserver - ${com.sun.grizzly.version} + org.glassfish.jersey.media + jersey-media-json-processing + ${org.glassfish.jersey.version} - com.sun.jersey.jersey-test-framework - jersey-test-framework-grizzly2 - ${com.sun.jersey.version} + org.glassfish.jersey.media + jersey-media-multipart + ${org.glassfish.jersey.version} + + + + org.glassfish.jersey.core + jersey-client + ${org.glassfish.jersey.version} + + + + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-bundle + pom + ${org.glassfish.jersey.version} + + + + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-external + ${org.glassfish.jersey.version} + + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-grizzly2 + ${org.glassfish.jersey.version} + + + + org.glassfish.jersey.containers + jersey-container-grizzly2-servlet + ${org.glassfish.jersey.version} + + com.h2database h2 @@ -288,6 +294,12 @@ ${org.hibernate.hibernate.version} + + org.hibernate + hibernate-validator + ${org.hibernate.hibernate.version} + + commons-dbcp commons-dbcp diff --git a/docs-stress/pom.xml b/docs-stress/pom.xml index 6b7c1efe..6d369769 100644 --- a/docs-stress/pom.xml +++ b/docs-stress/pom.xml @@ -17,10 +17,15 @@ - com.sun.jersey + org.glassfish.jersey.core jersey-client - + + + org.glassfish.jersey.media + jersey-media-multipart + + com.sismics.docs diff --git a/docs-stress/src/main/java/com/sismics/docs/stress/Main.java b/docs-stress/src/main/java/com/sismics/docs/stress/Main.java index fa349ed2..788af740 100644 --- a/docs-stress/src/main/java/com/sismics/docs/stress/Main.java +++ b/docs-stress/src/main/java/com/sismics/docs/stress/Main.java @@ -1,6 +1,5 @@ package com.sismics.docs.stress; -import java.io.BufferedInputStream; import java.io.InputStream; import java.util.Date; import java.util.List; @@ -8,25 +7,30 @@ import java.util.Set; import java.util.UUID; import java.util.concurrent.ThreadLocalRandom; +import javax.json.JsonObject; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.ClientBuilder; +import javax.ws.rs.client.Entity; +import javax.ws.rs.client.Invocation; +import javax.ws.rs.client.WebTarget; +import javax.ws.rs.core.Form; import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response.Status; import junit.framework.Assert; -import org.codehaus.jettison.json.JSONObject; +import org.glassfish.jersey.client.ClientResponse; +import org.glassfish.jersey.media.multipart.FormDataMultiPart; +import org.glassfish.jersey.media.multipart.MultiPartFeature; +import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.collect.Lists; import com.google.common.collect.Sets; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; +import com.google.common.io.Resources; import com.sismics.docs.rest.util.ClientUtil; -import com.sun.jersey.api.client.Client; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; -import com.sun.jersey.multipart.FormDataBodyPart; -import com.sun.jersey.multipart.FormDataMultiPart; +import com.sismics.util.filter.TokenBasedSecurityFilter; /** * Stress app for Sismics Docs. @@ -45,7 +49,7 @@ public class Main { private static final int TAG_PER_USER_COUNT = 20; private static final int FILE_PER_DOCUMENT_COUNT = 0; - private static Client client = Client.create(); + private static Client client = ClientBuilder.newClient(); private static ClientUtil clientUtil; private static Set userSet = Sets.newHashSet(); @@ -54,11 +58,12 @@ public class Main { * Entry point. * * @param args Args + * @throws Exception */ - public static void main(String[] args) { + public static void main(String[] args) throws Exception { log.info("Starting stress test..."); - WebResource resource = client.resource(API_URL); + WebTarget resource = client.target(API_URL); clientUtil = new ClientUtil(resource); // Create users @@ -72,17 +77,16 @@ public class Main { // Create tags for each user int tagCreatedCount = 1; for (User user : userSet) { - WebResource tagResource = resource.path("/tag"); - tagResource.addFilter(new CookieAuthenticationFilter(user.authToken)); + Invocation.Builder tagResource = resource.path("/tag").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, user.authToken); for (int j = 0; j < TAG_PER_USER_COUNT; j++) { - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); + Form form = new Form(); String name = generateString(); - postParams.add("name", name); - postParams.add("color", "#ff0000"); - ClientResponse response = tagResource.put(ClientResponse.class, postParams); - JSONObject json = response.getEntity(JSONObject.class); - user.tagList.add(json.optString("id")); + form.param("name", name); + form.param("color", "#ff0000"); + JsonObject json = tagResource.put(Entity.form(form), JsonObject.class); + user.tagList.add(json.getString("id")); log.info("Created tag " + (tagCreatedCount++) + "/" + TAG_PER_USER_COUNT * USER_COUNT); } } @@ -91,33 +95,32 @@ public class Main { int documentCreatedCount = 1; for (User user : userSet) { for (int i = 0; i < DOCUMENT_PER_USER_COUNT; i++) { - WebResource documentResource = resource.path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(user.authToken)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("title", generateString()); - postParams.add("description", generateString()); - postParams.add("tags", user.tagList.get(ThreadLocalRandom.current().nextInt(user.tagList.size()))); // Random tag - postParams.add("language", "eng"); long createDate = new Date().getTime(); - postParams.add("create_date", createDate); - ClientResponse response = documentResource.put(ClientResponse.class, postParams); - JSONObject json = response.getEntity(JSONObject.class); - String documentId = json.optString("id"); + Form form = new Form() + .param("title", generateString()) + .param("description", generateString()) + .param("tags", user.tagList.get(ThreadLocalRandom.current().nextInt(user.tagList.size()))) // Random tag + .param("language", "eng") + .param("create_date", Long.toString(createDate)); + JsonObject json = resource.path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, user.authToken) + .put(Entity.form(form), JsonObject.class); + String documentId = json.getString("id"); log.info("Created document " + (documentCreatedCount++) + "/" + DOCUMENT_PER_USER_COUNT * USER_COUNT + " for user: " + user.username); // Add files for each document for (int j = 0; j < FILE_PER_DOCUMENT_COUNT; j++) { - WebResource fileResource = resource.path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(user.authToken)); - FormDataMultiPart form = new FormDataMultiPart(); - InputStream file = Main.class.getResourceAsStream("/empty.png"); - FormDataBodyPart fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - form.field("id", documentId); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + try (InputStream is = Resources.getResource("empty.png").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "empty.png"); + @SuppressWarnings("resource") + ClientResponse response = resource + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, user.authToken) + .put(Entity.entity(new FormDataMultiPart().field("id", documentId).bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), ClientResponse.class); + Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + } } } } diff --git a/docs-web-common/pom.xml b/docs-web-common/pom.xml index 77072436..38df767c 100644 --- a/docs-web-common/pom.xml +++ b/docs-web-common/pom.xml @@ -22,23 +22,13 @@ - com.sun.jersey - jersey-server + org.glassfish.jersey.containers + jersey-container-servlet - + - com.sun.jersey - jersey-bundle - - - - com.sun.jersey - jersey-json - - - - com.sun.jersey.contribs - jersey-multipart + org.glassfish.jersey.media + jersey-media-json-processing @@ -68,8 +58,8 @@ - org.mortbay.jetty - servlet-api + javax.servlet + javax.servlet-api provided @@ -86,14 +76,20 @@ - com.sun.grizzly - grizzly-servlet-webserver + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-external test - + - com.sun.jersey.jersey-test-framework - jersey-test-framework-grizzly2 + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-grizzly2 + test + + + + org.glassfish.jersey.containers + jersey-container-grizzly2-servlet test diff --git a/docs-web-common/src/main/java/com/sismics/rest/exception/ClientException.java b/docs-web-common/src/main/java/com/sismics/rest/exception/ClientException.java index 23f75ec8..9a1a233d 100644 --- a/docs-web-common/src/main/java/com/sismics/rest/exception/ClientException.java +++ b/docs-web-common/src/main/java/com/sismics/rest/exception/ClientException.java @@ -1,11 +1,9 @@ package com.sismics.rest.exception; - -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import javax.json.Json; import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; @@ -32,9 +30,8 @@ public class ClientException extends WebApplicationException { * @param type Error type (e.g. AlreadyExistingEmail, ValidationError) * @param message Human readable error message * @param e Readable error message - * @throws JSONException */ - public ClientException(String type, String message, Exception e) throws JSONException { + public ClientException(String type, String message, Exception e) { this(type, message); log.error(type + ": " + message, e); } @@ -44,11 +41,10 @@ public class ClientException extends WebApplicationException { * * @param type Error type (e.g. AlreadyExistingEmail, ValidationError) * @param message Human readable error message - * @throws JSONException */ - public ClientException(String type, String message) throws JSONException { - super(Response.status(Status.BAD_REQUEST).entity(new JSONObject() - .put("type", type) - .put("message", message)).build()); + public ClientException(String type, String message) { + super(Response.status(Status.BAD_REQUEST).entity(Json.createObjectBuilder() + .add("type", type) + .add("message", message).build()).build()); } } diff --git a/docs-web-common/src/main/java/com/sismics/rest/exception/ForbiddenClientException.java b/docs-web-common/src/main/java/com/sismics/rest/exception/ForbiddenClientException.java index 86786d38..7f92b32b 100644 --- a/docs-web-common/src/main/java/com/sismics/rest/exception/ForbiddenClientException.java +++ b/docs-web-common/src/main/java/com/sismics/rest/exception/ForbiddenClientException.java @@ -1,8 +1,6 @@ package com.sismics.rest.exception; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - +import javax.json.Json; import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; @@ -20,12 +18,10 @@ public class ForbiddenClientException extends WebApplicationException { /** * Constructor of ForbiddenClientException. - * - * @throws JSONException */ - public ForbiddenClientException() throws JSONException { - super(Response.status(Status.FORBIDDEN).entity(new JSONObject() - .put("type", "ForbiddenError") - .put("message", "You don't have access to this resource")).build()); + public ForbiddenClientException() { + super(Response.status(Status.FORBIDDEN).entity(Json.createObjectBuilder() + .add("type", "ForbiddenError") + .add("message", "You don't have access to this resource").build()).build()); } } diff --git a/docs-web-common/src/main/java/com/sismics/rest/exception/ServerException.java b/docs-web-common/src/main/java/com/sismics/rest/exception/ServerException.java index a2947260..76b80d47 100644 --- a/docs-web-common/src/main/java/com/sismics/rest/exception/ServerException.java +++ b/docs-web-common/src/main/java/com/sismics/rest/exception/ServerException.java @@ -1,14 +1,13 @@ package com.sismics.rest.exception; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - +import javax.json.Json; import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + /** * Jersey exception encapsulating an error from the client (INTERNAL_SERVER_ERROR). * @@ -31,9 +30,8 @@ public class ServerException extends WebApplicationException { * @param type Error type (e.g. DatabaseError) * @param message Human readable error message * @param e Inner exception - * @throws JSONException */ - public ServerException(String type, String message, Exception e) throws JSONException { + public ServerException(String type, String message, Exception e) { this(type, message); log.error(type + ": " + message, e); } @@ -43,11 +41,10 @@ public class ServerException extends WebApplicationException { * * @param type Error type (e.g. DatabaseError) * @param message Human readable error message - * @throws JSONException */ - public ServerException(String type, String message) throws JSONException { - super(Response.status(Status.INTERNAL_SERVER_ERROR).entity(new JSONObject() - .put("type", type) - .put("message", message)).build()); + public ServerException(String type, String message) { + super(Response.status(Status.INTERNAL_SERVER_ERROR).entity(Json.createObjectBuilder() + .add("type", type) + .add("message", message).build()).build()); } } diff --git a/docs-web-common/src/main/java/com/sismics/rest/resource/GenericExceptionMapper.java b/docs-web-common/src/main/java/com/sismics/rest/resource/GenericExceptionMapper.java deleted file mode 100644 index 922368d2..00000000 --- a/docs-web-common/src/main/java/com/sismics/rest/resource/GenericExceptionMapper.java +++ /dev/null @@ -1,45 +0,0 @@ -package com.sismics.rest.resource; - -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.Response; -import javax.ws.rs.ext.ExceptionMapper; -import javax.ws.rs.ext.Provider; - -/** - * Generic exception mapper that transforms all unknown exception into ServerError. - * - * @author jtremeaux - */ -@Provider -public class GenericExceptionMapper implements ExceptionMapper { - /** - * Logger. - */ - private static final Logger log = LoggerFactory.getLogger(GenericExceptionMapper.class); - - @Override - public Response toResponse(Exception e) { - if (e instanceof WebApplicationException) { - return ((WebApplicationException) e).getResponse(); - } - - log.error("Unknown error", e); - - JSONObject entity = new JSONObject(); - try { - entity.put("type", "UnknownError"); - entity.put("message", "Unknown server error"); - } catch (JSONException e2) { - log.error("Error building response", e2); - } - - return Response.status(Response.Status.INTERNAL_SERVER_ERROR) - .entity(entity) - .build(); - } -} diff --git a/docs-web-common/src/main/java/com/sismics/rest/util/JsonUtil.java b/docs-web-common/src/main/java/com/sismics/rest/util/JsonUtil.java index 7ba3b5da..a244ef1a 100644 --- a/docs-web-common/src/main/java/com/sismics/rest/util/JsonUtil.java +++ b/docs-web-common/src/main/java/com/sismics/rest/util/JsonUtil.java @@ -1,40 +1,38 @@ package com.sismics.rest.util; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import javax.json.Json; +import javax.json.JsonValue; /** * JSON utilities. * - * @author jtremeaux + * @author bgamard */ public class JsonUtil { + + /** + * Returns a JsonValue from a String. + * + * @param value Value + * @return JsonValue + */ + public static JsonValue nullable(String value) { + if (value == null) { + return JsonValue.NULL; + } + return Json.createObjectBuilder().add("_", value).build().get("_"); + } /** - * Fix of {@see JsonObject.append()}, which seems to create nested arrays. + * Returns a JsonValue from an Integer. * - * @param o JSON Object - * @param key Key containing the array of null - * @param value Value to append - * @return Updated object - * @throws JSONException + * @param value Value + * @return JsonValue */ - public static JSONObject append(JSONObject o, String key, JSONObject value) throws JSONException { - Object prevValue = o.opt(key); - if (prevValue == null) { - o.put(key, new JSONArray().put(value)); - } else if (!(prevValue instanceof JSONArray)){ - throw new JSONException("JSONObject[" + key + "] is not a JSONArray."); - } else { - JSONArray newArray = new JSONArray(); - JSONArray oldArray = ((JSONArray) prevValue); - for (int i = 0; i < oldArray.length(); i++) { - newArray.put(oldArray.get(i)); - } - newArray.put(value); - o.put(key, newArray); + public static JsonValue nullable(Integer value) { + if (value == null) { + return JsonValue.NULL; } - return o; + return Json.createObjectBuilder().add("_", value).build().get("_"); } } diff --git a/docs-web-common/src/main/java/com/sismics/rest/util/ValidationUtil.java b/docs-web-common/src/main/java/com/sismics/rest/util/ValidationUtil.java index f0f8f960..8bcea9ff 100644 --- a/docs-web-common/src/main/java/com/sismics/rest/util/ValidationUtil.java +++ b/docs-web-common/src/main/java/com/sismics/rest/util/ValidationUtil.java @@ -1,26 +1,22 @@ package com.sismics.rest.util; -import com.google.common.base.Strings; -import com.sismics.docs.core.dao.file.theme.ThemeDao; -import com.sismics.docs.core.dao.jpa.LocaleDao; -import com.sismics.docs.core.model.jpa.Locale; -import com.sismics.rest.exception.ClientException; -import org.apache.commons.lang.StringUtils; -import org.codehaus.jettison.json.JSONException; -import org.joda.time.DateTime; - import java.text.MessageFormat; import java.util.Date; -import java.util.List; import java.util.regex.Pattern; +import org.apache.commons.lang.StringUtils; +import org.joda.time.DateTime; + +import com.google.common.base.Strings; +import com.sismics.rest.exception.ClientException; + /** * Utility class to validate parameters. * * @author jtremeaux */ public class ValidationUtil { - private static Pattern EMAIL_PATTERN = Pattern.compile(".+@.+\\..+"); + private static Pattern EMAIL_PATTERN = Pattern.compile(".+@.+"); private static Pattern HTTP_URL_PATTERN = Pattern.compile("https?://.+"); @@ -31,9 +27,9 @@ public class ValidationUtil { * * @param s Object tu validate * @param name Name of the parameter - * @throws JSONException + * @throws ClientException */ - public static void validateRequired(Object s, String name) throws JSONException { + public static void validateRequired(Object s, String name) throws ClientException { if (s == null) { throw new ClientException("ValidationError", MessageFormat.format("{0} must be set", name)); } @@ -50,7 +46,7 @@ public class ValidationUtil { * @return String without white spaces * @throws ClientException */ - public static String validateLength(String s, String name, Integer lengthMin, Integer lengthMax, boolean nullable) throws JSONException { + public static String validateLength(String s, String name, Integer lengthMin, Integer lengthMax, boolean nullable) throws ClientException { s = StringUtils.strip(s); if (nullable && StringUtils.isEmpty(s)) { return s; @@ -62,7 +58,7 @@ public class ValidationUtil { throw new ClientException("ValidationError", MessageFormat.format("{0} must be more than {1} characters", name, lengthMin)); } if (lengthMax != null && s.length() > lengthMax) { - throw new ClientException("ValidationError", MessageFormat.format("{0} must be less than {1} characters", name, lengthMax)); + throw new ClientException("ValidationError", MessageFormat.format("{0} must be more than {1} characters", name, lengthMax)); } return s; } @@ -77,7 +73,7 @@ public class ValidationUtil { * @return String without white spaces * @throws ClientException */ - public static String validateLength(String s, String name, Integer lengthMin, Integer lengthMax) throws JSONException { + public static String validateLength(String s, String name, Integer lengthMin, Integer lengthMax) throws ClientException { return validateLength(s, name, lengthMin, lengthMax, false); } @@ -87,12 +83,25 @@ public class ValidationUtil { * @param s String to validate * @param name Name of the parameter * @return String without white spaces - * @throws JSONException + * @throws ClientException */ - public static String validateStringNotBlank(String s, String name) throws JSONException { + public static String validateStringNotBlank(String s, String name) throws ClientException { return validateLength(s, name, 1, null, false); } + /** + * Checks if the string is an email. + * + * @param s String to validate + * @param name Name of the parameter + * @throws ClientException + */ + public static void validateEmail(String s, String name) throws ClientException { + if (!EMAIL_PATTERN.matcher(s).matches()) { + throw new ClientException("ValidationError", MessageFormat.format("{0} must be an email", name)); + } + } + /** * Checks if the string is a hexadecimal color. * @@ -101,32 +110,19 @@ public class ValidationUtil { * @param nullable True if the string can be empty or null * @throws JSONException */ - public static void validateHexColor(String s, String name, boolean nullable) throws JSONException { + public static void validateHexColor(String s, String name, boolean nullable) throws ClientException { ValidationUtil.validateLength(s, "name", 7, 7, nullable); } - /** - * Checks if the string is an email. - * - * @param s String to validate - * @param name Name of the parameter - * @throws JSONException - */ - public static void validateEmail(String s, String name) throws JSONException { - if (!EMAIL_PATTERN.matcher(s).matches()) { - throw new ClientException("ValidationError", MessageFormat.format("{0} must be an email", name)); - } - } - /** * Validates that the provided string matches an URL with HTTP or HTTPS scheme. * * @param s String to validate * @param name Name of the parameter * @return Stripped URL - * @throws JSONException + * @throws ClientException */ - public static String validateHttpUrl(String s, String name) throws JSONException { + public static String validateHttpUrl(String s, String name) throws ClientException { s = StringUtils.strip(s); if (!HTTP_URL_PATTERN.matcher(s).matches()) { throw new ClientException("ValidationError", MessageFormat.format("{0} must be an HTTP(s) URL", name)); @@ -139,14 +135,30 @@ public class ValidationUtil { * * @param s String to validate * @param name Name of the parameter - * @throws JSONException + * @throws ClientException */ - public static void validateAlphanumeric(String s, String name) throws JSONException { + public static void validateAlphanumeric(String s, String name) throws ClientException { if (!ALPHANUMERIC_PATTERN.matcher(s).matches()) { throw new ClientException("ValidationError", MessageFormat.format("{0} must have only alphanumeric or underscore characters", name)); } } + /** + * Checks if the string is a number. + * + * @param s String to validate + * @param name Name of the parameter + * @return Parsed number + * @throws ClientException + */ + public static Integer validateInteger(String s, String name) throws ClientException { + try { + return Integer.valueOf(s); + } catch (NumberFormatException e) { + throw new ClientException("Validation Error", MessageFormat.format("{0} is not a number", name)); + } + } + /** * Validates and parses a date. * @@ -154,9 +166,9 @@ public class ValidationUtil { * @param name Name of the parameter * @param nullable True if the string can be empty or null * @return Parsed date - * @throws JSONException + * @throws ClientException */ - public static Date validateDate(String s, String name, boolean nullable) throws JSONException { + public static Date validateDate(String s, String name, boolean nullable) throws ClientException { if (Strings.isNullOrEmpty(s)) { if (!nullable) { throw new ClientException("ValidationError", MessageFormat.format("{0} must be set", name)); @@ -170,56 +182,4 @@ public class ValidationUtil { throw new ClientException("ValidationError", MessageFormat.format("{0} must be a date", name)); } } - - /** - * Validates a locale. - * - * @param localeId String to validate - * @param name Name of the parameter - * @return String without white spaces - * @param nullable True if the string can be empty or null - * @throws ClientException - */ - public static String validateLocale(String localeId, String name, boolean nullable) throws JSONException { - localeId = StringUtils.strip(localeId); - if (StringUtils.isEmpty(localeId)) { - if (!nullable) { - throw new ClientException("ValidationError", MessageFormat.format("{0} is required", name)); - } else { - return null; - } - } - LocaleDao localeDao = new LocaleDao(); - Locale locale = localeDao.getById(localeId); - if (locale == null) { - throw new ClientException("ValidationError", "Locale not found: " + localeId); - } - return localeId; - } - - /** - * Validates a theme. - * - * @param themeId ID of the theme to validate - * @param name Name of the parameter - * @return String without white spaces - * @param nullable True if the string can be empty or null - * @throws ClientException - */ - public static String validateTheme(String themeId, String name, boolean nullable) throws JSONException { - themeId = StringUtils.strip(themeId); - if (StringUtils.isEmpty(themeId)) { - if (!nullable) { - throw new ClientException("ValidationError", MessageFormat.format("{0} is required", name)); - } else { - return null; - } - } - ThemeDao themeDao = new ThemeDao(); - List themeList = themeDao.findAll(); - if (!themeList.contains(themeId)) { - throw new ClientException("ValidationError", "Theme not found: " + themeId); - } - return themeId; - } } diff --git a/docs-web-common/src/main/java/com/sismics/util/filter/RequestContextFilter.java b/docs-web-common/src/main/java/com/sismics/util/filter/RequestContextFilter.java index c10ab7fb..145c4c8b 100644 --- a/docs-web-common/src/main/java/com/sismics/util/filter/RequestContextFilter.java +++ b/docs-web-common/src/main/java/com/sismics/util/filter/RequestContextFilter.java @@ -38,11 +38,10 @@ public class RequestContextFilter implements Filter { // Force the locale in order to not depend on the execution environment Locale.setDefault(new Locale(Constants.DEFAULT_LOCALE_ID)); - // Injects the webapp root - String webappRoot = filterConfig.getServletContext().getRealPath("/"); - EnvironmentUtil.setWebappRoot(webappRoot); - // Initialize the app directory + if (!filterConfig.getServletContext().getServerInfo().startsWith("Grizzly")) { + EnvironmentUtil.setWebappContext(true); + } File baseDataDirectory = null; try { baseDataDirectory = DirectoryUtil.getBaseDataDirectory(); diff --git a/docs-web-common/src/test/java/com/sismics/docs/rest/BaseJerseyTest.java b/docs-web-common/src/test/java/com/sismics/docs/rest/BaseJerseyTest.java index 2a526577..80fc4fb9 100644 --- a/docs-web-common/src/test/java/com/sismics/docs/rest/BaseJerseyTest.java +++ b/docs-web-common/src/test/java/com/sismics/docs/rest/BaseJerseyTest.java @@ -1,16 +1,27 @@ package com.sismics.docs.rest; import java.io.File; +import java.net.URI; import java.net.URLDecoder; +import javax.ws.rs.core.Application; +import javax.ws.rs.core.UriBuilder; + import org.glassfish.grizzly.http.server.HttpServer; -import org.glassfish.grizzly.http.server.StaticHttpHandler; +import org.glassfish.grizzly.servlet.ServletRegistration; +import org.glassfish.grizzly.servlet.WebappContext; +import org.glassfish.jersey.servlet.ServletContainer; +import org.glassfish.jersey.test.JerseyTest; +import org.glassfish.jersey.test.TestProperties; +import org.glassfish.jersey.test.external.ExternalTestContainerFactory; +import org.glassfish.jersey.test.spi.TestContainerException; +import org.glassfish.jersey.test.spi.TestContainerFactory; import org.junit.After; import org.junit.Before; -import com.sismics.docs.rest.descriptor.JerseyTestWebAppDescriptorFactory; import com.sismics.docs.rest.util.ClientUtil; -import com.sun.jersey.test.framework.JerseyTest; +import com.sismics.util.filter.RequestContextFilter; +import com.sismics.util.filter.TokenBasedSecurityFilter; /** * Base class of integration tests with Jersey. @@ -28,12 +39,21 @@ public abstract class BaseJerseyTest extends JerseyTest { */ protected ClientUtil clientUtil; - /** - * Constructor of BaseJerseyTest. - */ - public BaseJerseyTest() { - super(JerseyTestWebAppDescriptorFactory.build()); - this.clientUtil = new ClientUtil(resource()); + @Override + protected TestContainerFactory getTestContainerFactory() throws TestContainerException { + return new ExternalTestContainerFactory(); + } + + @Override + protected Application configure() { + enable(TestProperties.LOG_TRAFFIC); + enable(TestProperties.DUMP_ENTITY); + return new Application(); + } + + @Override + protected URI getBaseUri() { + return UriBuilder.fromUri(super.getBaseUri()).path("docs").build(); } @Override @@ -41,10 +61,23 @@ public abstract class BaseJerseyTest extends JerseyTest { public void setUp() throws Exception { super.setUp(); + clientUtil = new ClientUtil(target()); + String httpRoot = URLDecoder.decode(new File(getClass().getResource("/").getFile()).getAbsolutePath(), "utf-8"); - httpServer = HttpServer.createSimpleServer(httpRoot, "localhost", 9997); - // Disable file cache to fix https://java.net/jira/browse/GRIZZLY-1350 - ((StaticHttpHandler) httpServer.getServerConfiguration().getHttpHandlers().keySet().iterator().next()).setFileCacheEnabled(false); + httpServer = HttpServer.createSimpleServer(httpRoot, "localhost", getPort()); + WebappContext context = new WebappContext("GrizzlyContext", "/docs"); + context.addFilter("requestContextFilter", RequestContextFilter.class) + .addMappingForUrlPatterns(null, "/*"); + context.addFilter("tokenBasedSecurityFilter", TokenBasedSecurityFilter.class) + .addMappingForUrlPatterns(null, "/*"); + ServletRegistration reg = context.addServlet("jerseyServlet", ServletContainer.class); + reg.setInitParameter("jersey.config.server.provider.packages", "com.sismics.docs.rest.resource"); + reg.setInitParameter("jersey.config.server.provider.classnames", "org.glassfish.jersey.media.multipart.MultiPartFeature"); + reg.setInitParameter("jersey.config.server.response.setStatusOverSendError", "true"); + reg.setLoadOnStartup(1); + reg.addMapping("/*"); + reg.setAsyncSupported(true); + context.deploy(httpServer); httpServer.start(); } @@ -52,6 +85,8 @@ public abstract class BaseJerseyTest extends JerseyTest { @After public void tearDown() throws Exception { super.tearDown(); - httpServer.stop(); + if (httpServer != null) { + httpServer.shutdownNow(); + } } } diff --git a/docs-web-common/src/test/java/com/sismics/docs/rest/descriptor/JerseyTestWebAppDescriptorFactory.java b/docs-web-common/src/test/java/com/sismics/docs/rest/descriptor/JerseyTestWebAppDescriptorFactory.java deleted file mode 100644 index eac35dcd..00000000 --- a/docs-web-common/src/test/java/com/sismics/docs/rest/descriptor/JerseyTestWebAppDescriptorFactory.java +++ /dev/null @@ -1,36 +0,0 @@ -package com.sismics.docs.rest.descriptor; - -import com.sismics.util.filter.RequestContextFilter; -import com.sismics.util.filter.TokenBasedSecurityFilter; -import com.sun.jersey.test.framework.WebAppDescriptor; - -import java.io.File; - -/** - * Jersey tests Webapp descriptor. - * - * @author jtremeaux - */ -public class JerseyTestWebAppDescriptorFactory { - private static String basePath = new File("src/main/webapp").getAbsolutePath(); - - /** - * Constructs a new descriptor. - * - * @return Descriptor - */ - public static WebAppDescriptor build() { - // Target the base path to the Webapp resources - System.setProperty("user.dir", basePath); - System.setProperty("test", "true"); - - return new WebAppDescriptor.Builder("com.sismics.docs.rest.resource") - .contextPath("docs") - .addFilter(RequestContextFilter.class, "requestContextFilter") - .addFilter(TokenBasedSecurityFilter.class, "tokenBasedSecurityFilter") - .initParam("com.sun.jersey.spi.container.ContainerRequestFilters", "com.sun.jersey.api.container.filter.LoggingFilter") - .initParam("com.sun.jersey.spi.container.ContainerResponseFilters", "com.sun.jersey.api.container.filter.LoggingFilter") - .initParam("com.sun.jersey.config.feature.logging.DisableEntitylogging", "true") - .build(); - } -} diff --git a/docs-web-common/src/test/java/com/sismics/docs/rest/filter/CookieAuthenticationFilter.java b/docs-web-common/src/test/java/com/sismics/docs/rest/filter/CookieAuthenticationFilter.java deleted file mode 100644 index 699829a4..00000000 --- a/docs-web-common/src/test/java/com/sismics/docs/rest/filter/CookieAuthenticationFilter.java +++ /dev/null @@ -1,40 +0,0 @@ -package com.sismics.docs.rest.filter; - -import com.sismics.util.filter.TokenBasedSecurityFilter; -import com.sun.jersey.api.client.ClientHandlerException; -import com.sun.jersey.api.client.ClientRequest; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.filter.ClientFilter; - -import javax.ws.rs.core.Cookie; -import java.util.ArrayList; -import java.util.List; - -/** - * Filter to add the authentication token into a cookie. - * - * @author jtremeaux - */ -public class CookieAuthenticationFilter extends ClientFilter { - private String authToken; - - public CookieAuthenticationFilter(String authToken) { - this.authToken = authToken; - } - - @Override - public ClientResponse handle(ClientRequest request) throws ClientHandlerException { - Cookie cookie = new Cookie(TokenBasedSecurityFilter.COOKIE_NAME, authToken); - List cookieList = new ArrayList(); - cookieList.add(cookie); - if (authToken != null) { - request.getHeaders().put("Cookie", cookieList); - } - ClientResponse response = getNext().handle(request); - if (response.getCookies() != null) { - cookieList.addAll(response.getCookies()); - } - return response; - } - -} diff --git a/docs-web-common/src/test/java/com/sismics/docs/rest/util/ClientUtil.java b/docs-web-common/src/test/java/com/sismics/docs/rest/util/ClientUtil.java index 96e06545..92276494 100644 --- a/docs-web-common/src/test/java/com/sismics/docs/rest/util/ClientUtil.java +++ b/docs-web-common/src/test/java/com/sismics/docs/rest/util/ClientUtil.java @@ -1,15 +1,13 @@ package com.sismics.docs.rest.util; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sismics.util.filter.TokenBasedSecurityFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; -import junit.framework.Assert; - -import javax.ws.rs.core.MultivaluedMap; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.client.WebTarget; +import javax.ws.rs.core.Form; import javax.ws.rs.core.NewCookie; +import javax.ws.rs.core.Response; + +import com.sismics.util.filter.TokenBasedSecurityFilter; /** * REST client utilities. @@ -17,14 +15,14 @@ import javax.ws.rs.core.NewCookie; * @author jtremeaux */ public class ClientUtil { - private WebResource resource; + private WebTarget resource; /** * Constructor of ClientUtil. * - * @param webResource Resource corresponding to the base URI of REST resources. + * @param resource Resource corresponding to the base URI of REST resources. */ - public ClientUtil(WebResource resource) { + public ClientUtil(WebTarget resource) { this.resource = resource; } @@ -38,15 +36,14 @@ public class ClientUtil { String adminAuthenticationToken = login("admin", "admin", false); // Create the user - WebResource userResource = resource.path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - MultivaluedMap postParams = new MultivaluedMapImpl(); - postParams.putSingle("username", username); - postParams.putSingle("email", username + "@docs.com"); - postParams.putSingle("password", "12345678"); - postParams.putSingle("time_zone", "Asia/Tokyo"); - ClientResponse response = userResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + Form form = new Form(); + form.param("username", username); + form.param("email", username + "@docs.com"); + form.param("password", "12345678"); + form.param("time_zone", "Asia/Tokyo"); + resource.path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .put(Entity.form(form), JsonObject.class); // Logout admin logout(adminAuthenticationToken); @@ -61,13 +58,12 @@ public class ClientUtil { * @return Authentication token */ public String login(String username, String password, Boolean remember) { - WebResource userResource = resource.path("/user/login"); - MultivaluedMap postParams = new MultivaluedMapImpl(); - postParams.putSingle("username", username); - postParams.putSingle("password", password); - postParams.putSingle("remember", remember.toString()); - ClientResponse response = userResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + Form form = new Form(); + form.param("username", username); + form.param("password", password); + form.param("remember", remember.toString()); + Response response = resource.path("/user/login").request() + .post(Entity.form(form)); return getAuthenticationCookie(response); } @@ -88,10 +84,9 @@ public class ClientUtil { * @param authenticationToken Authentication token */ public void logout(String authenticationToken) { - WebResource userResource = resource.path("/user/logout"); - userResource.addFilter(new CookieAuthenticationFilter(authenticationToken)); - ClientResponse response = userResource.post(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + resource.path("/user/logout").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, authenticationToken) + .post(null); } /** @@ -100,9 +95,9 @@ public class ClientUtil { * @param response Response * @return Authentication token */ - public String getAuthenticationCookie(ClientResponse response) { + public String getAuthenticationCookie(Response response) { String authToken = null; - for (NewCookie cookie : response.getCookies()) { + for (NewCookie cookie : response.getCookies().values()) { if (TokenBasedSecurityFilter.COOKIE_NAME.equals(cookie.getName())) { authToken = cookie.getValue(); } diff --git a/docs-web/pom.xml b/docs-web/pom.xml index 5089e7ce..5fee5f2a 100644 --- a/docs-web/pom.xml +++ b/docs-web/pom.xml @@ -28,23 +28,18 @@ - com.sun.jersey - jersey-server + org.glassfish.jersey.containers + jersey-container-servlet - com.sun.jersey - jersey-bundle + org.glassfish.jersey.media + jersey-media-json-processing - com.sun.jersey - jersey-json - - - - com.sun.jersey.contribs - jersey-multipart + org.glassfish.jersey.media + jersey-media-multipart @@ -74,8 +69,8 @@ - org.mortbay.jetty - servlet-api + javax.servlet + javax.servlet-api provided @@ -102,16 +97,23 @@ junit test - - - com.sun.grizzly - grizzly-servlet-webserver - test - - com.sun.jersey.jersey-test-framework - jersey-test-framework-grizzly2 + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-bundle + pom + test + + + + org.glassfish.jersey.test-framework.providers + jersey-test-framework-provider-grizzly2 + test + + + + org.glassfish.jersey.containers + jersey-container-grizzly2-servlet test @@ -123,29 +125,6 @@ src/main/resources - - - org.eclipse.jetty - jetty-maven-plugin - - - - webapp.root - ${basedir}/src/main/webapp - - - 0 - - /docs-web - target/classes;../docs-core/target/classes - src/dev/main/webapp/web-override.xml - - STOPKEY - 1099 - - - - @@ -183,14 +162,16 @@ org.eclipse.jetty jetty-maven-plugin - 0 - + + + application.mode + dev + + + /docs-web - target/classes;../docs-core/target/classes src/dev/main/webapp/web-override.xml - - STOPKEY - 1099 + @@ -230,14 +211,16 @@ org.eclipse.jetty jetty-maven-plugin - 0 - + + + application.mode + dev + + + /docs-web - target/classes;../docs-core/target/classes - src/stress/main/webapp/web-override.xml - - STOPKEY - 1099 + src/dev/main/webapp/web-override.xml + @@ -247,12 +230,6 @@ prod - - - env - prod - - @@ -318,25 +295,5 @@ - - - - hosted - - - env - hosted - - - - - - - src/hosted/resources - false - - - - diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java index 59bb904e..58ef4f02 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java @@ -1,23 +1,19 @@ package com.sismics.docs.rest.resource; import java.text.MessageFormat; -import java.util.ArrayList; -import java.util.List; +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; import javax.ws.rs.DELETE; import javax.ws.rs.FormParam; import javax.ws.rs.GET; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; -import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - import com.sismics.docs.core.constant.AclTargetType; import com.sismics.docs.core.constant.PermType; import com.sismics.docs.core.dao.jpa.AclDao; @@ -46,13 +42,11 @@ public class AclResource extends BaseResource { * Add an ACL. * * @return Response - * @throws JSONException */ @PUT - @Produces(MediaType.APPLICATION_JSON) public Response add(@FormParam("source") String sourceId, @FormParam("perm") String permStr, - @FormParam("username") String username) throws JSONException { + @FormParam("username") String username) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -86,15 +80,15 @@ public class AclResource extends BaseResource { aclDao.create(acl); // Returns the ACL - JSONObject response = new JSONObject(); - response.put("perm", acl.getPerm().name()); - response.put("id", acl.getTargetId()); - response.put("name", user.getUsername()); - response.put("type", AclTargetType.USER.name()); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("perm", acl.getPerm().name()) + .add("id", acl.getTargetId()) + .add("name", user.getUsername()) + .add("type", AclTargetType.USER.name()); + return Response.ok().entity(response.build()).build(); } - return Response.ok().entity(new JSONObject()).build(); + return Response.ok().entity(Json.createObjectBuilder().build()).build(); } /** @@ -102,15 +96,13 @@ public class AclResource extends BaseResource { * * @param id ACL ID * @return Response - * @throws JSONException */ @DELETE @Path("{sourceId: [a-z0-9\\-]+}/{perm: [A-Z]+}/{targetId: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response delete( @PathParam("sourceId") String sourceId, @PathParam("perm") String permStr, - @PathParam("targetId") String targetId) throws JSONException { + @PathParam("targetId") String targetId) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -136,16 +128,21 @@ public class AclResource extends BaseResource { // Delete the ACL aclDao.delete(sourceId, perm, targetId); - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } + /** + * Search possible ACL target. + * + * @param search Search query + * @return Response + */ @GET @Path("target/search") - @Produces(MediaType.APPLICATION_JSON) - public Response targetList(@QueryParam("search") String search) throws JSONException { + public Response targetList(@QueryParam("search") String search) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -155,20 +152,19 @@ public class AclResource extends BaseResource { // Search users UserDao userDao = new UserDao(); - JSONObject response = new JSONObject(); - List users = new ArrayList<>(); + JsonArrayBuilder users = Json.createArrayBuilder(); PaginatedList paginatedList = PaginatedLists.create(); SortCriteria sortCriteria = new SortCriteria(1, true); userDao.findByCriteria(paginatedList, new UserCriteria().setSearch(search), sortCriteria); for (UserDto userDto : paginatedList.getResultList()) { - JSONObject user = new JSONObject(); - user.put("username", userDto.getUsername()); - users.add(user); + users.add(Json.createObjectBuilder() + .add("username", userDto.getUsername())); } - response.put("users", users); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("users", users); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/AppResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/AppResource.java index 9243e718..b8992d37 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/AppResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/AppResource.java @@ -1,24 +1,22 @@ package com.sismics.docs.rest.resource; -import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.ResourceBundle; +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; import javax.ws.rs.GET; import javax.ws.rs.POST; import javax.ws.rs.Path; -import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Appender; import org.apache.log4j.Logger; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; import com.sismics.docs.core.dao.jpa.FileDao; import com.sismics.docs.core.model.context.AppContext; @@ -45,11 +43,9 @@ public class AppResource extends BaseResource { * Return the information about the application. * * @return Response - * @throws JSONException */ @GET - @Produces(MediaType.APPLICATION_JSON) - public Response info() throws JSONException { + public Response info() { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -58,14 +54,13 @@ public class AppResource extends BaseResource { String currentVersion = configBundle.getString("api.current_version"); String minVersion = configBundle.getString("api.min_version"); - JSONObject response = new JSONObject(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("current_version", currentVersion.replace("-SNAPSHOT", "")) + .add("min_version", minVersion) + .add("total_memory", Runtime.getRuntime().totalMemory()) + .add("free_memory", Runtime.getRuntime().freeMemory()); - response.put("current_version", currentVersion.replace("-SNAPSHOT", "")); - response.put("min_version", minVersion); - response.put("total_memory", Runtime.getRuntime().totalMemory()); - response.put("free_memory", Runtime.getRuntime().freeMemory()); - - return Response.ok().entity(response).build(); + return Response.ok().entity(response.build()).build(); } /** @@ -77,17 +72,15 @@ public class AppResource extends BaseResource { * @param limit Page limit * @param offset Page offset * @return Response - * @throws JSONException */ @GET @Path("log") - @Produces(MediaType.APPLICATION_JSON) public Response log( @QueryParam("level") String level, @QueryParam("tag") String tag, @QueryParam("message") String message, @QueryParam("limit") Integer limit, - @QueryParam("offset") Integer offset) throws JSONException { + @QueryParam("offset") Integer offset) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -109,32 +102,30 @@ public class AppResource extends BaseResource { PaginatedList paginatedList = PaginatedLists.create(limit, offset); memoryAppender.find(logCriteria, paginatedList); - JSONObject response = new JSONObject(); - List logs = new ArrayList<>(); + JsonArrayBuilder logs = Json.createArrayBuilder(); for (LogEntry logEntry : paginatedList.getResultList()) { - JSONObject log = new JSONObject(); - log.put("date", logEntry.getTimestamp()); - log.put("level", logEntry.getLevel()); - log.put("tag", logEntry.getTag()); - log.put("message", logEntry.getMessage()); - logs.add(log); + logs.add(Json.createObjectBuilder() + .add("date", logEntry.getTimestamp()) + .add("level", logEntry.getLevel()) + .add("tag", logEntry.getTag()) + .add("message", logEntry.getMessage())); } - response.put("total", paginatedList.getResultCount()); - response.put("logs", logs); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("total", paginatedList.getResultCount()) + .add("logs", logs); + + return Response.ok().entity(response.build()).build(); } /** * Destroy and rebuild Lucene index. * * @return Response - * @throws JSONException */ @POST @Path("batch/reindex") - @Produces(MediaType.APPLICATION_JSON) - public Response batchReindex() throws JSONException { + public Response batchReindex() { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -146,21 +137,20 @@ public class AppResource extends BaseResource { throw new ServerException("IndexingError", "Error rebuilding index", e); } - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** * Clean storage. * * @return Response - * @throws JSONException */ @POST @Path("batch/clean_storage") - @Produces(MediaType.APPLICATION_JSON) - public Response batchCleanStorage() throws JSONException { + public Response batchCleanStorage() { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -184,8 +174,9 @@ public class AppResource extends BaseResource { } } - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java index 2081eb2a..8c128e06 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java @@ -1,19 +1,14 @@ package com.sismics.docs.rest.resource; -import java.util.ArrayList; -import java.util.List; - +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; import javax.ws.rs.GET; import javax.ws.rs.Path; -import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - import com.sismics.docs.core.constant.PermType; import com.sismics.docs.core.dao.jpa.AclDao; import com.sismics.docs.core.dao.jpa.AuditLogDao; @@ -36,11 +31,9 @@ public class AuditLogResource extends BaseResource { * Returns the list of all logs for a document or user. * * @return Response - * @throws JSONException */ @GET - @Produces(MediaType.APPLICATION_JSON) - public Response list(@QueryParam("document") String documentId) throws JSONException { + public Response list(@QueryParam("document") String documentId) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -70,22 +63,21 @@ public class AuditLogResource extends BaseResource { } // Assemble the results - List logs = new ArrayList<>(); - JSONObject response = new JSONObject(); + JsonArrayBuilder logs = Json.createArrayBuilder(); for (AuditLogDto auditLogDto : paginatedList.getResultList()) { - JSONObject log = new JSONObject(); - log.put("id", auditLogDto.getId()); - log.put("target", auditLogDto.getEntityId()); - log.put("class", auditLogDto.getEntityClass()); - log.put("type", auditLogDto.getType().name()); - log.put("message", auditLogDto.getMessage()); - log.put("create_date", auditLogDto.getCreateTimestamp()); - logs.add(log); + logs.add(Json.createObjectBuilder() + .add("id", auditLogDto.getId()) + .add("target", auditLogDto.getEntityId()) + .add("class", auditLogDto.getEntityClass()) + .add("type", auditLogDto.getType().name()) + .add("message", auditLogDto.getMessage()) + .add("create_date", auditLogDto.getCreateTimestamp())); } // Send the response - response.put("logs", logs); - response.put("total", paginatedList.getResultCount()); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("logs", logs) + .add("total", paginatedList.getResultCount()); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/BaseResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/BaseResource.java index cac09fa9..f6230bb8 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/BaseResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/BaseResource.java @@ -1,17 +1,17 @@ package com.sismics.docs.rest.resource; +import java.security.Principal; +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.Context; + import com.sismics.docs.rest.constant.BaseFunction; import com.sismics.rest.exception.ForbiddenClientException; import com.sismics.security.IPrincipal; import com.sismics.security.UserPrincipal; import com.sismics.util.filter.TokenBasedSecurityFilter; -import org.codehaus.jettison.json.JSONException; - -import javax.servlet.http.HttpServletRequest; -import javax.ws.rs.QueryParam; -import javax.ws.rs.core.Context; -import java.security.Principal; -import java.util.Set; /** * Base class of REST resources. @@ -57,7 +57,7 @@ public abstract class BaseResource { * @param baseFunction Base function to check * @throws JSONException */ - protected void checkBaseFunction(BaseFunction baseFunction) throws JSONException { + protected void checkBaseFunction(BaseFunction baseFunction) { if (!hasBaseFunction(baseFunction)) { throw new ForbiddenClientException(); } @@ -70,7 +70,7 @@ public abstract class BaseResource { * @return True if the user has the base function * @throws JSONException */ - protected boolean hasBaseFunction(BaseFunction baseFunction) throws JSONException { + protected boolean hasBaseFunction(BaseFunction baseFunction) { if (principal == null || !(principal instanceof UserPrincipal)) { return false; } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java index a0c8ba44..73e983a8 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java @@ -8,6 +8,9 @@ import java.util.List; import java.util.Set; import java.util.UUID; +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; import javax.persistence.NoResultException; import javax.ws.rs.DELETE; import javax.ws.rs.FormParam; @@ -16,15 +19,11 @@ import javax.ws.rs.POST; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; -import javax.ws.rs.Produces; import javax.ws.rs.QueryParam; -import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; import org.apache.commons.lang.StringUtils; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; import org.joda.time.DateTime; import org.joda.time.format.DateTimeFormat; import org.joda.time.format.DateTimeFormatter; @@ -58,6 +57,7 @@ import com.sismics.docs.core.util.jpa.SortCriteria; import com.sismics.rest.exception.ClientException; import com.sismics.rest.exception.ForbiddenClientException; import com.sismics.rest.exception.ServerException; +import com.sismics.rest.util.JsonUtil; import com.sismics.rest.util.ValidationUtil; /** @@ -72,14 +72,12 @@ public class DocumentResource extends BaseResource { * * @param documentId Document ID * @return Response - * @throws JSONException */ @GET @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response get( @PathParam("id") String documentId, - @QueryParam("share") String shareId) throws JSONException { + @QueryParam("share") String shareId) { authenticate(); DocumentDao documentDao = new DocumentDao(); @@ -96,48 +94,46 @@ public class DocumentResource extends BaseResource { return Response.status(Status.NOT_FOUND).build(); } - JSONObject document = new JSONObject(); - document.put("id", documentDto.getId()); - document.put("title", documentDto.getTitle()); - document.put("description", documentDto.getDescription()); - document.put("create_date", documentDto.getCreateTimestamp()); - document.put("language", documentDto.getLanguage()); - document.put("shared", documentDto.getShared()); - document.put("file_count", documentDto.getFileCount()); + JsonObjectBuilder document = Json.createObjectBuilder() + .add("id", documentDto.getId()) + .add("title", documentDto.getTitle()) + .add("description", JsonUtil.nullable(documentDto.getDescription())) + .add("create_date", documentDto.getCreateTimestamp()) + .add("language", documentDto.getLanguage()) + .add("shared", documentDto.getShared()) + .add("file_count", documentDto.getFileCount()); if (principal.isAnonymous()) { // No tags in anonymous mode (sharing) - document.put("tags", new ArrayList()); + document.add("tags", Json.createArrayBuilder()); } else { // Add tags added by the current user on this document TagDao tagDao = new TagDao(); List tagDtoList = tagDao.getByDocumentId(documentId, principal.getId()); - List tags = new ArrayList<>(); + JsonArrayBuilder tags = Json.createArrayBuilder(); for (TagDto tagDto : tagDtoList) { - JSONObject tag = new JSONObject(); - tag.put("id", tagDto.getId()); - tag.put("name", tagDto.getName()); - tag.put("color", tagDto.getColor()); - tags.add(tag); + tags.add(Json.createObjectBuilder() + .add("id", tagDto.getId()) + .add("name", tagDto.getName()) + .add("color", tagDto.getColor())); } - document.put("tags", tags); + document.add("tags", tags); } // Below is specific to GET /document/id - document.put("creator", documentDto.getCreator()); + document.add("creator", documentDto.getCreator()); // Add ACL List aclDtoList = aclDao.getBySourceId(documentId); - List aclList = new ArrayList<>(); + JsonArrayBuilder aclList = Json.createArrayBuilder(); boolean writable = false; for (AclDto aclDto : aclDtoList) { - JSONObject acl = new JSONObject(); - acl.put("perm", aclDto.getPerm().name()); - acl.put("id", aclDto.getTargetId()); - acl.put("name", aclDto.getTargetName()); - acl.put("type", aclDto.getTargetType()); - aclList.add(acl); + aclList.add(Json.createObjectBuilder() + .add("perm", aclDto.getPerm().name()) + .add("id", aclDto.getTargetId()) + .add("name", JsonUtil.nullable(aclDto.getTargetName())) + .add("type", aclDto.getTargetType())); if (!principal.isAnonymous() && aclDto.getTargetId().equals(principal.getId()) @@ -146,10 +142,10 @@ public class DocumentResource extends BaseResource { writable = true; } } - document.put("acls", aclList); - document.put("writable", writable); + document.add("acls", aclList) + .add("writable", writable); - return Response.ok().entity(document).build(); + return Response.ok().entity(document.build()).build(); } /** @@ -158,23 +154,21 @@ public class DocumentResource extends BaseResource { * @param limit Page limit * @param offset Page offset * @return Response - * @throws JSONException */ @GET @Path("list") - @Produces(MediaType.APPLICATION_JSON) public Response list( @QueryParam("limit") Integer limit, @QueryParam("offset") Integer offset, @QueryParam("sort_column") Integer sortColumn, @QueryParam("asc") Boolean asc, - @QueryParam("search") String search) throws JSONException { + @QueryParam("search") String search) { if (!authenticate()) { throw new ForbiddenClientException(); } - JSONObject response = new JSONObject(); - List documents = new ArrayList<>(); + JsonObjectBuilder response = Json.createObjectBuilder(); + JsonArrayBuilder documents = Json.createArrayBuilder(); DocumentDao documentDao = new DocumentDao(); TagDao tagDao = new TagDao(); @@ -189,33 +183,30 @@ public class DocumentResource extends BaseResource { } for (DocumentDto documentDto : paginatedList.getResultList()) { - JSONObject document = new JSONObject(); - document.put("id", documentDto.getId()); - document.put("title", documentDto.getTitle()); - document.put("description", documentDto.getDescription()); - document.put("create_date", documentDto.getCreateTimestamp()); - document.put("language", documentDto.getLanguage()); - document.put("shared", documentDto.getShared()); - document.put("file_count", documentDto.getFileCount()); - // Get tags added by the current user on this document List tagDtoList = tagDao.getByDocumentId(documentDto.getId(), principal.getId()); - List tags = new ArrayList<>(); + JsonArrayBuilder tags = Json.createArrayBuilder(); for (TagDto tagDto : tagDtoList) { - JSONObject tag = new JSONObject(); - tag.put("id", tagDto.getId()); - tag.put("name", tagDto.getName()); - tag.put("color", tagDto.getColor()); - tags.add(tag); + tags.add(Json.createObjectBuilder() + .add("id", tagDto.getId()) + .add("name", tagDto.getName()) + .add("color", tagDto.getColor())); } - document.put("tags", tags); - documents.add(document); + documents.add(Json.createObjectBuilder() + .add("id", documentDto.getId()) + .add("title", documentDto.getTitle()) + .add("description", JsonUtil.nullable(documentDto.getDescription())) + .add("create_date", documentDto.getCreateTimestamp()) + .add("language", documentDto.getLanguage()) + .add("shared", documentDto.getShared()) + .add("file_count", documentDto.getFileCount()) + .add("tags", tags)); } - response.put("total", paginatedList.getResultCount()); - response.put("documents", documents); + response.add("total", paginatedList.getResultCount()) + .add("documents", documents); - return Response.ok().entity(response).build(); + return Response.ok().entity(response.build()).build(); } /** @@ -329,16 +320,14 @@ public class DocumentResource extends BaseResource { * @param language Language * @param createDateStr Creation date * @return Response - * @throws JSONException */ @PUT - @Produces(MediaType.APPLICATION_JSON) public Response add( @FormParam("title") String title, @FormParam("description") String description, @FormParam("tags") List tagList, @FormParam("language") String language, - @FormParam("create_date") String createDateStr) throws JSONException { + @FormParam("create_date") String createDateStr) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -389,9 +378,9 @@ public class DocumentResource extends BaseResource { documentCreatedAsyncEvent.setDocument(document); AppContext.getInstance().getAsyncEventBus().post(documentCreatedAsyncEvent); - JSONObject response = new JSONObject(); - response.put("id", documentId); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("id", documentId); + return Response.ok().entity(response.build()).build(); } /** @@ -400,18 +389,16 @@ public class DocumentResource extends BaseResource { * @param title Title * @param description Description * @return Response - * @throws JSONException */ @POST @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response update( @PathParam("id") String id, @FormParam("title") String title, @FormParam("description") String description, @FormParam("tags") List tagList, @FormParam("language") String language, - @FormParam("create_date") String createDateStr) throws JSONException { + @FormParam("create_date") String createDateStr) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -458,10 +445,9 @@ public class DocumentResource extends BaseResource { documentUpdatedAsyncEvent.setDocument(document); AppContext.getInstance().getAsyncEventBus().post(documentUpdatedAsyncEvent); - // Always return ok - JSONObject response = new JSONObject(); - response.put("id", id); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("id", id); + return Response.ok().entity(response.build()).build(); } /** @@ -469,9 +455,8 @@ public class DocumentResource extends BaseResource { * * @param documentId Document ID * @param tagList Tag ID list - * @throws JSONException */ - private void updateTagList(String documentId, List tagList) throws JSONException { + private void updateTagList(String documentId, List tagList) { if (tagList != null) { TagDao tagDao = new TagDao(); Set tagSet = new HashSet<>(); @@ -495,13 +480,11 @@ public class DocumentResource extends BaseResource { * * @param id Document ID * @return Response - * @throws JSONException */ @DELETE @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response delete( - @PathParam("id") String id) throws JSONException { + @PathParam("id") String id) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -533,9 +516,9 @@ public class DocumentResource extends BaseResource { documentDeletedAsyncEvent.setDocument(document); AppContext.getInstance().getAsyncEventBus().post(documentDeletedAsyncEvent); - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java index 5e1a65f8..d4075cfd 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java @@ -8,12 +8,14 @@ import java.io.OutputStream; import java.nio.file.Paths; import java.text.MessageFormat; import java.text.SimpleDateFormat; -import java.util.ArrayList; import java.util.Date; import java.util.List; import java.util.zip.ZipEntry; import java.util.zip.ZipOutputStream; +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; import javax.persistence.NoResultException; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; @@ -28,10 +30,11 @@ import javax.ws.rs.QueryParam; import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.StreamingOutput; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import org.glassfish.jersey.media.multipart.FormDataBodyPart; +import org.glassfish.jersey.media.multipart.FormDataParam; import com.google.common.base.Strings; import com.google.common.collect.Lists; @@ -54,12 +57,10 @@ import com.sismics.docs.core.util.FileUtil; import com.sismics.rest.exception.ClientException; import com.sismics.rest.exception.ForbiddenClientException; import com.sismics.rest.exception.ServerException; +import com.sismics.rest.util.JsonUtil; import com.sismics.rest.util.ValidationUtil; import com.sismics.util.mime.MimeType; import com.sismics.util.mime.MimeTypeUtil; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.multipart.FormDataBodyPart; -import com.sun.jersey.multipart.FormDataParam; /** * File REST resources. @@ -74,14 +75,12 @@ public class FileResource extends BaseResource { * @param documentId Document ID * @param fileBodyPart File to add * @return Response - * @throws JSONException */ @PUT @Consumes("multipart/form-data") - @Produces(MediaType.APPLICATION_JSON) public Response add( @FormDataParam("id") String documentId, - @FormDataParam("file") FormDataBodyPart fileBodyPart) throws JSONException { + @FormDataParam("file") FormDataBodyPart fileBodyPart) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -156,11 +155,11 @@ public class FileResource extends BaseResource { AppContext.getInstance().getAsyncEventBus().post(fileCreatedAsyncEvent); } - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - response.put("id", fileId); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok") + .add("id", fileId); + return Response.ok().entity(response.build()).build(); } catch (Exception e) { throw new ServerException("FileError", "Error adding a file", e); } @@ -171,14 +170,12 @@ public class FileResource extends BaseResource { * * @param id File ID * @return Response - * @throws JSONException */ @POST @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response attach( @PathParam("id") String id, - @FormParam("id") String documentId) throws JSONException { + @FormParam("id") String documentId) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -226,10 +223,10 @@ public class FileResource extends BaseResource { throw new ClientException("AttachError", "Error attaching file to document", e); } - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** @@ -238,14 +235,12 @@ public class FileResource extends BaseResource { * @param documentId Document ID * @param idList List of files ID in the new order * @return Response - * @throws JSONException */ @POST @Path("reorder") - @Produces(MediaType.APPLICATION_JSON) public Response reorder( @FormParam("id") String documentId, - @FormParam("order") List idList) throws JSONException { + @FormParam("order") List idList) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -271,10 +266,10 @@ public class FileResource extends BaseResource { } } - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** @@ -283,14 +278,12 @@ public class FileResource extends BaseResource { * @param documentId Document ID * @param shareId Sharing ID * @return Response - * @throws JSONException */ @GET @Path("list") - @Produces(MediaType.APPLICATION_JSON) public Response list( @QueryParam("id") String documentId, - @QueryParam("share") String shareId) throws JSONException { + @QueryParam("share") String shareId) { boolean authenticated = authenticate(); // Check document visibility @@ -306,20 +299,18 @@ public class FileResource extends BaseResource { FileDao fileDao = new FileDao(); List fileList = fileDao.getByDocumentId(principal.getId(), documentId); - JSONObject response = new JSONObject(); - List files = new ArrayList<>(); - + JsonArrayBuilder files = Json.createArrayBuilder(); for (File fileDb : fileList) { - JSONObject file = new JSONObject(); - file.put("id", fileDb.getId()); - file.put("mimetype", fileDb.getMimeType()); - file.put("document_id", fileDb.getDocumentId()); - file.put("create_date", fileDb.getCreateDate().getTime()); - files.add(file); + files.add(Json.createObjectBuilder() + .add("id", fileDb.getId()) + .add("mimetype", fileDb.getMimeType()) + .add("document_id", JsonUtil.nullable(fileDb.getDocumentId())) + .add("create_date", fileDb.getCreateDate().getTime())); } - response.put("files", files); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("files", files); + return Response.ok().entity(response.build()).build(); } /** @@ -327,13 +318,11 @@ public class FileResource extends BaseResource { * * @param id File ID * @return Response - * @throws JSONException */ @DELETE @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response delete( - @PathParam("id") String id) throws JSONException { + @PathParam("id") String id) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -365,10 +354,10 @@ public class FileResource extends BaseResource { fileDeletedAsyncEvent.setFile(file); AppContext.getInstance().getAsyncEventBus().post(fileDeletedAsyncEvent); - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** @@ -376,15 +365,13 @@ public class FileResource extends BaseResource { * * @param fileId File ID * @return Response - * @throws JSONException */ @GET @Path("{id: [a-z0-9\\-]+}/data") - @Produces(MediaType.APPLICATION_OCTET_STREAM) public Response data( @PathParam("id") final String fileId, @QueryParam("share") String shareId, - @QueryParam("size") String size) throws JSONException { + @QueryParam("size") String size) { authenticate(); if (size != null) { @@ -472,14 +459,13 @@ public class FileResource extends BaseResource { * * @param documentId Document ID * @return Response - * @throws JSONException */ @GET @Path("zip") @Produces(MediaType.APPLICATION_OCTET_STREAM) public Response zip( @QueryParam("id") String documentId, - @QueryParam("share") String shareId) throws JSONException { + @QueryParam("share") String shareId) { authenticate(); // Get the document diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/LocaleResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/LocaleResource.java index ac2a1db7..54d43aea 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/LocaleResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/LocaleResource.java @@ -1,17 +1,16 @@ package com.sismics.docs.rest.resource; +import java.util.List; + +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.core.Response; + import com.sismics.docs.core.dao.jpa.LocaleDao; import com.sismics.docs.core.model.jpa.Locale; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import java.util.ArrayList; -import java.util.List; /** * Locale REST resources. @@ -24,21 +23,19 @@ public class LocaleResource extends BaseResource { * Returns the list of all locales. * * @return Response - * @throws JSONException */ @GET - @Produces(MediaType.APPLICATION_JSON) - public Response list() throws JSONException { + public Response list() { LocaleDao localeDao = new LocaleDao(); List localeList = localeDao.findAll(); - JSONObject response = new JSONObject(); - List items = new ArrayList<>(); + JsonArrayBuilder items = Json.createArrayBuilder(); for (Locale locale : localeList) { - JSONObject item = new JSONObject(); - item.put("id", locale.getId()); - items.add(item); + items.add(Json.createObjectBuilder() + .add("id", locale.getId())); } - response.put("locales", items); - return Response.ok().entity(response).build(); + + JsonObjectBuilder response = Json.createObjectBuilder() + .add("locales", items); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java index 9d0e3d03..80c58fbb 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java @@ -4,19 +4,16 @@ package com.sismics.docs.rest.resource; import java.text.MessageFormat; import java.util.List; +import javax.json.Json; +import javax.json.JsonObjectBuilder; import javax.persistence.NoResultException; import javax.ws.rs.DELETE; import javax.ws.rs.FormParam; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; -import javax.ws.rs.Produces; -import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - import com.sismics.docs.core.constant.AclTargetType; import com.sismics.docs.core.constant.PermType; import com.sismics.docs.core.dao.jpa.AclDao; @@ -26,6 +23,7 @@ import com.sismics.docs.core.model.jpa.Acl; import com.sismics.docs.core.model.jpa.Share; import com.sismics.rest.exception.ClientException; import com.sismics.rest.exception.ForbiddenClientException; +import com.sismics.rest.util.JsonUtil; import com.sismics.rest.util.ValidationUtil; /** @@ -40,13 +38,11 @@ public class ShareResource extends BaseResource { * * @param documentId Document ID * @return Response - * @throws JSONException */ @PUT - @Produces(MediaType.APPLICATION_JSON) public Response add( @FormParam("id") String documentId, - @FormParam("name") String name) throws JSONException { + @FormParam("name") String name) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -78,12 +74,12 @@ public class ShareResource extends BaseResource { aclDao.create(acl); // Returns the created ACL - JSONObject response = new JSONObject(); - response.put("perm", acl.getPerm().name()); - response.put("id", acl.getTargetId()); - response.put("name", name); - response.put("type", AclTargetType.SHARE); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("perm", acl.getPerm().name()) + .add("id", acl.getTargetId()) + .add("name", JsonUtil.nullable(name)) + .add("type", AclTargetType.SHARE.toString()); + return Response.ok().entity(response.build()).build(); } /** @@ -91,13 +87,11 @@ public class ShareResource extends BaseResource { * * @param id Share ID * @return Response - * @throws JSONException */ @DELETE @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response delete( - @PathParam("id") String id) throws JSONException { + @PathParam("id") String id) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -118,9 +112,9 @@ public class ShareResource extends BaseResource { ShareDao shareDao = new ShareDao(); shareDao.delete(id); - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java index 8e09de5d..05b8cc4b 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java @@ -1,21 +1,28 @@ package com.sismics.docs.rest.resource; +import java.text.MessageFormat; +import java.util.List; + +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; +import javax.ws.rs.DELETE; +import javax.ws.rs.FormParam; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.PUT; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.core.Response; + +import org.apache.commons.lang.StringUtils; + import com.sismics.docs.core.dao.jpa.TagDao; import com.sismics.docs.core.dao.jpa.dto.TagStatDto; import com.sismics.docs.core.model.jpa.Tag; import com.sismics.rest.exception.ClientException; import com.sismics.rest.exception.ForbiddenClientException; import com.sismics.rest.util.ValidationUtil; -import org.apache.commons.lang.StringUtils; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - -import javax.ws.rs.*; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import java.text.MessageFormat; -import java.util.ArrayList; -import java.util.List; /** * Tag REST resources. @@ -28,29 +35,27 @@ public class TagResource extends BaseResource { * Returns the list of all tags. * * @return Response - * @throws JSONException */ @GET @Path("/list") - @Produces(MediaType.APPLICATION_JSON) - public Response list() throws JSONException { + public Response list() { if (!authenticate()) { throw new ForbiddenClientException(); } TagDao tagDao = new TagDao(); List tagList = tagDao.getByUserId(principal.getId()); - JSONObject response = new JSONObject(); - List items = new ArrayList<>(); + JsonArrayBuilder items = Json.createArrayBuilder(); for (Tag tag : tagList) { - JSONObject item = new JSONObject(); - item.put("id", tag.getId()); - item.put("name", tag.getName()); - item.put("color", tag.getColor()); - items.add(item); + items.add(Json.createObjectBuilder() + .add("id", tag.getId()) + .add("name", tag.getName()) + .add("color", tag.getColor())); } - response.put("tags", items); - return Response.ok().entity(response).build(); + + JsonObjectBuilder response = Json.createObjectBuilder() + .add("tags", items); + return Response.ok().entity(response.build()).build(); } /** @@ -61,26 +66,25 @@ public class TagResource extends BaseResource { */ @GET @Path("/stats") - @Produces(MediaType.APPLICATION_JSON) - public Response stats() throws JSONException { + public Response stats() { if (!authenticate()) { throw new ForbiddenClientException(); } TagDao tagDao = new TagDao(); List tagStatDtoList = tagDao.getStats(principal.getId()); - JSONObject response = new JSONObject(); - List items = new ArrayList<>(); + JsonArrayBuilder items = Json.createArrayBuilder(); for (TagStatDto tagStatDto : tagStatDtoList) { - JSONObject item = new JSONObject(); - item.put("id", tagStatDto.getId()); - item.put("name", tagStatDto.getName()); - item.put("color", tagStatDto.getColor()); - item.put("count", tagStatDto.getCount()); - items.add(item); + items.add(Json.createObjectBuilder() + .add("id", tagStatDto.getId()) + .add("name", tagStatDto.getName()) + .add("color", tagStatDto.getColor()) + .add("count", tagStatDto.getCount())); } - response.put("stats", items); - return Response.ok().entity(response).build(); + + JsonObjectBuilder response = Json.createObjectBuilder() + .add("stats", items); + return Response.ok().entity(response.build()).build(); } /** @@ -88,13 +92,11 @@ public class TagResource extends BaseResource { * * @param name Name * @return Response - * @throws JSONException */ @PUT - @Produces(MediaType.APPLICATION_JSON) public Response add( @FormParam("name") String name, - @FormParam("color") String color) throws JSONException { + @FormParam("color") String color) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -120,11 +122,11 @@ public class TagResource extends BaseResource { tag.setName(name); tag.setColor(color); tag.setUserId(principal.getId()); - String tagId = tagDao.create(tag); + String id = tagDao.create(tag); - JSONObject response = new JSONObject(); - response.put("id", tagId); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("id", id); + return Response.ok().entity(response.build()).build(); } /** @@ -132,15 +134,13 @@ public class TagResource extends BaseResource { * * @param name Name * @return Response - * @throws JSONException */ @POST @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response update( @PathParam("id") String id, @FormParam("name") String name, - @FormParam("color") String color) throws JSONException { + @FormParam("color") String color) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -177,9 +177,9 @@ public class TagResource extends BaseResource { tagDao.update(tag); - JSONObject response = new JSONObject(); - response.put("id", id); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("id", id); + return Response.ok().entity(response.build()).build(); } /** @@ -187,13 +187,11 @@ public class TagResource extends BaseResource { * * @param tagId Tag ID * @return Response - * @throws JSONException */ @DELETE @Path("{id: [a-z0-9\\-]+}") - @Produces(MediaType.APPLICATION_JSON) public Response delete( - @PathParam("id") String tagId) throws JSONException { + @PathParam("id") String tagId) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -208,8 +206,9 @@ public class TagResource extends BaseResource { // Delete the tag tagDao.delete(tagId); - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/TextPlainMessageBodyWriter.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/TextPlainMessageBodyWriter.java deleted file mode 100644 index 92a3589b..00000000 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/TextPlainMessageBodyWriter.java +++ /dev/null @@ -1,55 +0,0 @@ -package com.sismics.docs.rest.resource; - -import com.sun.jersey.core.util.ReaderWriter; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - -import javax.ws.rs.Produces; -import javax.ws.rs.WebApplicationException; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.MultivaluedMap; -import javax.ws.rs.ext.MessageBodyWriter; -import javax.ws.rs.ext.Provider; -import java.io.IOException; -import java.io.OutputStream; -import java.io.OutputStreamWriter; -import java.lang.annotation.Annotation; -import java.lang.reflect.Type; - -/** - * MessageBodyWriter personalized to write JSON despite the text/plain MIME type. - * Used in particuler in return of a posted form, since IE doesn't knw how to read the application/json MIME type. - * - * @author bgamard - */ -@Provider -@Produces(MediaType.TEXT_PLAIN) -public class TextPlainMessageBodyWriter implements - MessageBodyWriter { - @Override - public boolean isWriteable(Class type, Type genericType, - Annotation[] annotations, MediaType mediaType) { - return true; - } - - @Override - public long getSize(JSONObject array, Class type, Type genericType, - Annotation[] annotations, MediaType mediaType) { - return -1; - } - - @Override - public void writeTo(JSONObject jsonObject, Class type, Type genericType, - Annotation[] annotations, MediaType mediaType, - MultivaluedMap httpHeaders, - OutputStream entityStream) throws IOException, - WebApplicationException { - try { - OutputStreamWriter writer = new OutputStreamWriter(entityStream, ReaderWriter.getCharset(mediaType)); - jsonObject.write(writer); - writer.flush(); - } catch (JSONException e) { - throw new WebApplicationException(e); - } - } -} diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/ThemeResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/ThemeResource.java deleted file mode 100644 index f52c7f17..00000000 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/ThemeResource.java +++ /dev/null @@ -1,43 +0,0 @@ -package com.sismics.docs.rest.resource; - -import com.sismics.docs.core.dao.file.theme.ThemeDao; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - -import javax.ws.rs.GET; -import javax.ws.rs.Path; -import javax.ws.rs.Produces; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.Response; -import java.util.ArrayList; -import java.util.List; - -/** - * Theme REST resources. - * - * @author jtremeaux - */ -@Path("/theme") -public class ThemeResource extends BaseResource { - /** - * Returns the list of all themes. - * - * @return Response - * @throws JSONException - */ - @GET - @Produces(MediaType.APPLICATION_JSON) - public Response list() throws JSONException { - ThemeDao themeDao = new ThemeDao(); - List themeList = themeDao.findAll(); - JSONObject response = new JSONObject(); - List items = new ArrayList<>(); - for (String theme : themeList) { - JSONObject item = new JSONObject(); - item.put("id", theme); - items.add(item); - } - response.put("themes", items); - return Response.ok().entity(response).build(); - } -} diff --git a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java index 78ebe922..63fedfb5 100644 --- a/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java +++ b/docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java @@ -1,5 +1,28 @@ package com.sismics.docs.rest.resource; +import java.security.NoSuchAlgorithmException; +import java.util.Date; +import java.util.Set; + +import javax.json.Json; +import javax.json.JsonArrayBuilder; +import javax.json.JsonObjectBuilder; +import javax.servlet.http.Cookie; +import javax.ws.rs.DELETE; +import javax.ws.rs.FormParam; +import javax.ws.rs.GET; +import javax.ws.rs.POST; +import javax.ws.rs.PUT; +import javax.ws.rs.Path; +import javax.ws.rs.PathParam; +import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.NewCookie; +import javax.ws.rs.core.Response; + +import org.apache.commons.lang.StringUtils; + import com.google.common.base.Strings; import com.sismics.docs.core.constant.Constants; import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao; @@ -22,23 +45,6 @@ import com.sismics.security.UserPrincipal; import com.sismics.util.LocaleUtil; import com.sismics.util.filter.TokenBasedSecurityFilter; -import org.apache.commons.lang.StringUtils; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; - -import javax.servlet.http.Cookie; -import javax.ws.rs.*; -import javax.ws.rs.core.MediaType; -import javax.ws.rs.core.NewCookie; -import javax.ws.rs.core.Response; - -import java.security.NoSuchAlgorithmException; -import java.util.ArrayList; -import java.util.Date; -import java.util.List; -import java.util.Set; - /** * User REST resources. * @@ -52,17 +58,13 @@ public class UserResource extends BaseResource { * @param username User's username * @param password Password * @param email E-Mail - * @param localeId Locale ID * @return Response - * @throws JSONException */ @PUT - @Produces(MediaType.APPLICATION_JSON) public Response register( @FormParam("username") String username, @FormParam("password") String password, - @FormParam("locale") String localeId, - @FormParam("email") String email) throws JSONException { + @FormParam("email") String email) { if (!authenticate()) { throw new ForbiddenClientException(); @@ -89,11 +91,7 @@ public class UserResource extends BaseResource { } user.setCreateDate(new Date()); - if (localeId == null) { - // Set the locale from the HTTP headers - localeId = LocaleUtil.getLocaleIdFromAcceptLanguage(request.getHeader("Accept-Language")); - } - user.setLocaleId(localeId); + user.setLocaleId(LocaleUtil.getLocaleIdFromAcceptLanguage(request.getHeader("Accept-Language"))); // Create the user UserDao userDao = new UserDao(); @@ -108,9 +106,9 @@ public class UserResource extends BaseResource { } // Always return OK - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** @@ -118,20 +116,14 @@ public class UserResource extends BaseResource { * * @param password Password * @param email E-Mail - * @param themeId Theme - * @param localeId Locale ID * @param firstConnection True if the user hasn't acknowledged the first connection wizard yet. * @return Response - * @throws JSONException */ @POST - @Produces(MediaType.APPLICATION_JSON) public Response update( @FormParam("password") String password, @FormParam("email") String email, - @FormParam("theme") String themeId, - @FormParam("locale") String localeId, - @FormParam("first_connection") Boolean firstConnection) throws JSONException { + @FormParam("first_connection") Boolean firstConnection) { if (!authenticate()) { throw new ForbiddenClientException(); @@ -140,8 +132,6 @@ public class UserResource extends BaseResource { // Validate the input data password = ValidationUtil.validateLength(password, "password", 8, 50, true); email = ValidationUtil.validateLength(email, "email", null, 100, true); - localeId = ValidationUtil.validateLocale(localeId, "locale", true); - themeId = ValidationUtil.validateTheme(themeId, "theme", true); // Update the user UserDao userDao = new UserDao(); @@ -149,12 +139,6 @@ public class UserResource extends BaseResource { if (email != null) { user.setEmail(email); } - if (themeId != null) { - user.setTheme(themeId); - } - if (localeId != null) { - user.setLocaleId(localeId); - } if (firstConnection != null && hasBaseFunction(BaseFunction.ADMIN)) { user.setFirstConnection(firstConnection); } @@ -166,10 +150,10 @@ public class UserResource extends BaseResource { userDao.updatePassword(user); } - // Always return "ok" - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** @@ -178,20 +162,14 @@ public class UserResource extends BaseResource { * @param username Username * @param password Password * @param email E-Mail - * @param themeId Theme - * @param localeId Locale ID * @return Response - * @throws JSONException */ @POST @Path("{username: [a-zA-Z0-9_]+}") - @Produces(MediaType.APPLICATION_JSON) public Response update( @PathParam("username") String username, @FormParam("password") String password, - @FormParam("email") String email, - @FormParam("theme") String themeId, - @FormParam("locale") String localeId) throws JSONException { + @FormParam("email") String email) { if (!authenticate()) { throw new ForbiddenClientException(); @@ -201,8 +179,6 @@ public class UserResource extends BaseResource { // Validate the input data password = ValidationUtil.validateLength(password, "password", 8, 50, true); email = ValidationUtil.validateLength(email, "email", null, 100, true); - localeId = ValidationUtil.validateLocale(localeId, "locale", true); - themeId = ValidationUtil.validateTheme(themeId, "theme", true); // Check if the user exists UserDao userDao = new UserDao(); @@ -215,12 +191,6 @@ public class UserResource extends BaseResource { if (email != null) { user.setEmail(email); } - if (themeId != null) { - user.setTheme(themeId); - } - if (localeId != null) { - user.setLocaleId(localeId); - } user = userDao.update(user); @@ -230,10 +200,10 @@ public class UserResource extends BaseResource { userDao.updatePassword(user); } - // Always return "ok" - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** @@ -244,22 +214,21 @@ public class UserResource extends BaseResource { */ @GET @Path("check_username") - @Produces(MediaType.APPLICATION_JSON) public Response checkUsername( - @QueryParam("username") String username) throws JSONException { + @QueryParam("username") String username) { UserDao userDao = new UserDao(); User user = userDao.getActiveByUsername(username); - JSONObject response = new JSONObject(); + JsonObjectBuilder response = Json.createObjectBuilder(); if (user != null) { - response.put("status", "ko"); - response.put("message", "Username already registered"); + response.add("status", "ko") + .add("message", "Username already registered"); } else { - response.put("status", "ok"); + response.add("status", "ok"); } - return Response.ok().entity(response).build(); + return Response.ok().entity(response.build()).build(); } /** @@ -273,11 +242,10 @@ public class UserResource extends BaseResource { */ @POST @Path("login") - @Produces(MediaType.APPLICATION_JSON) public Response login( @FormParam("username") String username, @FormParam("password") String password, - @FormParam("remember") boolean longLasted) throws JSONException { + @FormParam("remember") boolean longLasted) { // Validate the input data username = StringUtils.strip(username); @@ -308,10 +276,10 @@ public class UserResource extends BaseResource { // Cleanup old session tokens authenticationTokenDao.deleteOldSessionToken(userId); - JSONObject response = new JSONObject(); + JsonObjectBuilder response = Json.createObjectBuilder(); int maxAge = longLasted ? TokenBasedSecurityFilter.TOKEN_LONG_LIFETIME : -1; NewCookie cookie = new NewCookie(TokenBasedSecurityFilter.COOKIE_NAME, token, "/", null, null, maxAge, false); - return Response.ok().entity(response).cookie(cookie).build(); + return Response.ok().entity(response.build()).cookie(cookie).build(); } /** @@ -321,8 +289,7 @@ public class UserResource extends BaseResource { */ @POST @Path("logout") - @Produces(MediaType.APPLICATION_JSON) - public Response logout() throws JSONException { + public Response logout() { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -356,9 +323,9 @@ public class UserResource extends BaseResource { } // Deletes the client token in the HTTP response - JSONObject response = new JSONObject(); + JsonObjectBuilder response = Json.createObjectBuilder(); NewCookie cookie = new NewCookie(TokenBasedSecurityFilter.COOKIE_NAME, null); - return Response.ok().entity(response).cookie(cookie).build(); + return Response.ok().entity(response.build()).cookie(cookie).build(); } /** @@ -367,8 +334,7 @@ public class UserResource extends BaseResource { * @return Response */ @DELETE - @Produces(MediaType.APPLICATION_JSON) - public Response delete() throws JSONException { + public Response delete() { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -382,10 +348,10 @@ public class UserResource extends BaseResource { UserDao userDao = new UserDao(); userDao.delete(principal.getName()); - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** @@ -393,12 +359,10 @@ public class UserResource extends BaseResource { * * @param username Username * @return Response - * @throws JSONException */ @DELETE @Path("{username: [a-zA-Z0-9_]+}") - @Produces(MediaType.APPLICATION_JSON) - public Response delete(@PathParam("username") String username) throws JSONException { + public Response delete(@PathParam("username") String username) { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -421,49 +385,49 @@ public class UserResource extends BaseResource { // Delete the user userDao.delete(user.getUsername()); - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } /** * Returns the information about the connected user. * * @return Response - * @throws JSONException */ @GET - @Produces(MediaType.APPLICATION_JSON) - public Response info() throws JSONException { - JSONObject response = new JSONObject(); + public Response info() { + JsonObjectBuilder response = Json.createObjectBuilder(); if (!authenticate()) { - response.put("anonymous", true); + response.add("anonymous", true); String localeId = LocaleUtil.getLocaleIdFromAcceptLanguage(request.getHeader("Accept-Language")); - response.put("locale", localeId); + response.add("locale", localeId); // Check if admin has the default password UserDao userDao = new UserDao(); User adminUser = userDao.getById("admin"); if (adminUser != null && adminUser.getDeleteDate() == null) { - response.put("is_default_password", Constants.DEFAULT_ADMIN_PASSWORD.equals(adminUser.getPassword())); + response.add("is_default_password", Constants.DEFAULT_ADMIN_PASSWORD.equals(adminUser.getPassword())); } } else { - response.put("anonymous", false); + response.add("anonymous", false); UserDao userDao = new UserDao(); User user = userDao.getById(principal.getId()); - response.put("username", user.getUsername()); - response.put("email", user.getEmail()); - response.put("theme", user.getTheme()); - response.put("locale", user.getLocaleId()); - response.put("first_connection", user.isFirstConnection()); - JSONArray baseFunctions = new JSONArray(((UserPrincipal) principal).getBaseFunctionSet()); - response.put("base_functions", baseFunctions); - response.put("is_default_password", hasBaseFunction(BaseFunction.ADMIN) && Constants.DEFAULT_ADMIN_PASSWORD.equals(user.getPassword())); + response.add("username", user.getUsername()) + .add("email", user.getEmail()) + .add("locale", user.getLocaleId()) + .add("first_connection", user.isFirstConnection()); + JsonArrayBuilder baseFunctions = Json.createArrayBuilder(); + for (String baseFunction : ((UserPrincipal) principal).getBaseFunctionSet()) { + baseFunctions.add(baseFunction); + } + response.add("base_functions", baseFunctions) + .add("is_default_password", hasBaseFunction(BaseFunction.ADMIN) && Constants.DEFAULT_ADMIN_PASSWORD.equals(user.getPassword())); } - return Response.ok().entity(response).build(); + return Response.ok().entity(response.build()).build(); } /** @@ -471,31 +435,27 @@ public class UserResource extends BaseResource { * * @param username Username * @return Response - * @throws JSONException */ @GET @Path("{username: [a-zA-Z0-9_]+}") @Produces(MediaType.APPLICATION_JSON) - public Response view(@PathParam("username") String username) throws JSONException { + public Response view(@PathParam("username") String username) { if (!authenticate()) { throw new ForbiddenClientException(); } checkBaseFunction(BaseFunction.ADMIN); - JSONObject response = new JSONObject(); - UserDao userDao = new UserDao(); User user = userDao.getActiveByUsername(username); if (user == null) { throw new ClientException("UserNotFound", "The user doesn't exist"); } - response.put("username", user.getUsername()); - response.put("email", user.getEmail()); - response.put("theme", user.getTheme()); - response.put("locale", user.getLocaleId()); - - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("username", user.getUsername()) + .add("email", user.getEmail()) + .add("locale", user.getLocaleId()); + return Response.ok().entity(response.build()).build(); } /** @@ -506,53 +466,47 @@ public class UserResource extends BaseResource { * @param sortColumn Sort index * @param asc If true, ascending sorting, else descending * @return Response - * @throws JSONException */ @GET @Path("list") - @Produces(MediaType.APPLICATION_JSON) public Response list( @QueryParam("limit") Integer limit, @QueryParam("offset") Integer offset, @QueryParam("sort_column") Integer sortColumn, - @QueryParam("asc") Boolean asc) throws JSONException { + @QueryParam("asc") Boolean asc) { if (!authenticate()) { throw new ForbiddenClientException(); } checkBaseFunction(BaseFunction.ADMIN); - JSONObject response = new JSONObject(); - List users = new ArrayList<>(); - + JsonArrayBuilder users = Json.createArrayBuilder(); PaginatedList paginatedList = PaginatedLists.create(limit, offset); SortCriteria sortCriteria = new SortCriteria(sortColumn, asc); UserDao userDao = new UserDao(); userDao.findByCriteria(paginatedList, new UserCriteria(), sortCriteria); for (UserDto userDto : paginatedList.getResultList()) { - JSONObject user = new JSONObject(); - user.put("id", userDto.getId()); - user.put("username", userDto.getUsername()); - user.put("email", userDto.getEmail()); - user.put("create_date", userDto.getCreateTimestamp()); - users.add(user); + users.add(Json.createObjectBuilder() + .add("id", userDto.getId()) + .add("username", userDto.getUsername()) + .add("email", userDto.getEmail()) + .add("create_date", userDto.getCreateTimestamp())); } - response.put("total", paginatedList.getResultCount()); - response.put("users", users); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("total", paginatedList.getResultCount()) + .add("users", users); + return Response.ok().entity(response.build()).build(); } /** * Returns all active sessions. * * @return Response - * @throws JSONException */ @GET @Path("session") - @Produces(MediaType.APPLICATION_JSON) - public Response session() throws JSONException { + public Response session() { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -567,37 +521,34 @@ public class UserResource extends BaseResource { } } - JSONObject response = new JSONObject(); - List sessions = new ArrayList<>(); - + JsonArrayBuilder sessions = Json.createArrayBuilder(); AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao(); for (AuthenticationToken authenticationToken : authenticationTokenDao.getByUserId(principal.getId())) { - JSONObject session = new JSONObject(); - session.put("create_date", authenticationToken.getCreationDate().getTime()); - session.put("ip", authenticationToken.getIp()); - session.put("user_agent", authenticationToken.getUserAgent()); + JsonObjectBuilder session = Json.createObjectBuilder() + .add("create_date", authenticationToken.getCreationDate().getTime()) + .add("ip", authenticationToken.getIp()) + .add("user_agent", authenticationToken.getUserAgent()); if (authenticationToken.getLastConnectionDate() != null) { - session.put("last_connection_date", authenticationToken.getLastConnectionDate().getTime()); + session.add("last_connection_date", authenticationToken.getLastConnectionDate().getTime()); } - session.put("current", authenticationToken.getId().equals(authToken)); + session.add("current", authenticationToken.getId().equals(authToken)); sessions.add(session); } - response.put("sessions", sessions); - return Response.ok().entity(response).build(); + JsonObjectBuilder response = Json.createObjectBuilder() + .add("sessions", sessions); + return Response.ok().entity(response.build()).build(); } /** * Deletes all active sessions except the one used for this request. * * @return Response - * @throws JSONException */ @DELETE @Path("session") - @Produces(MediaType.APPLICATION_JSON) - public Response deleteSession() throws JSONException { + public Response deleteSession() { if (!authenticate()) { throw new ForbiddenClientException(); } @@ -616,9 +567,9 @@ public class UserResource extends BaseResource { AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao(); authenticationTokenDao.deleteByUserId(principal.getId(), authToken); - // Always return ok - JSONObject response = new JSONObject(); - response.put("status", "ok"); - return Response.ok().entity(response).build(); + // Always return OK + JsonObjectBuilder response = Json.createObjectBuilder() + .add("status", "ok"); + return Response.ok().entity(response.build()).build(); } } diff --git a/docs-web/src/main/webapp/WEB-INF/web.xml b/docs-web/src/main/webapp/WEB-INF/web.xml index aa08e9d8..de15dab3 100644 --- a/docs-web/src/main/webapp/WEB-INF/web.xml +++ b/docs-web/src/main/webapp/WEB-INF/web.xml @@ -6,10 +6,11 @@ version="3.0"> Docs - + requestContextFilter com.sismics.util.filter.RequestContextFilter + true @@ -22,6 +23,7 @@ tokenBasedSecurityFilter com.sismics.util.filter.TokenBasedSecurityFilter + true @@ -29,23 +31,28 @@ /api/* - - - index.html - - - Jersey REST Service - com.sun.jersey.spi.container.servlet.ServletContainer + JerseyServlet + org.glassfish.jersey.servlet.ServletContainer - com.sun.jersey.config.property.packages + jersey.config.server.provider.packages com.sismics.docs.rest.resource + + jersey.config.server.provider.classnames + org.glassfish.jersey.media.multipart.MultiPartFeature + + + jersey.config.server.response.setStatusOverSendError + true + 1 + true + - Jersey REST Service + JerseyServlet /api/* diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java index 38618790..2f5fa478 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java @@ -2,18 +2,18 @@ package com.sismics.docs.rest; import java.util.Date; -import junit.framework.Assert; +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import org.junit.Assert; import org.junit.Test; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; +import com.sismics.util.filter.TokenBasedSecurityFilter; + /** * Test the ACL resource. @@ -27,7 +27,7 @@ public class TestAclResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testAclResource() throws JSONException { + public void testAclResource() { // Login acl1 clientUtil.createUser("acl1"); String acl1Token = clientUtil.login("acl1"); @@ -37,141 +37,118 @@ public class TestAclResource extends BaseJerseyTest { String acl2Token = clientUtil.login("acl2"); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("title", "My super title document 1"); - postParams.add("language", "eng"); - postParams.add("create_date", new Date().getTime()); - ClientResponse response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String document1Id = json.optString("id"); + JsonObject json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .put(Entity.form(new Form() + .param("title", "My super title document 1") + .param("language", "eng") + .param("create_date", Long.toString(new Date().getTime()))), JsonObject.class); + String document1Id = json.getString("id"); // Get the document as acl1 - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .get(JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); - JSONArray acls = json.getJSONArray("acls"); - Assert.assertEquals(2, acls.length()); + JsonArray acls = json.getJsonArray("acls"); + Assert.assertEquals(2, acls.size()); // Get the document as acl2 - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(acl2Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); + Response response = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) + .get(); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); // Add an ACL READ for acl2 with acl1 - WebResource aclResource = resource().path("/acl"); - aclResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("source", document1Id); - postParams.add("perm", "READ"); - postParams.add("username", "acl2"); - response = aclResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/acl").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .put(Entity.form(new Form() + .param("source", document1Id) + .param("perm", "READ") + .param("username", "acl2")), JsonObject.class); String acl2Id = json.getString("id"); // Add an ACL WRITE for acl2 with acl1 - aclResource = resource().path("/acl"); - aclResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("source", document1Id); - postParams.add("perm", "WRITE"); - postParams.add("username", "acl2"); - response = aclResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/acl").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .put(Entity.form(new Form() + .param("source", document1Id) + .param("perm", "WRITE") + .param("username", "acl2")), JsonObject.class); // Add an ACL WRITE for acl2 with acl1 (again) - aclResource = resource().path("/acl"); - aclResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("source", document1Id); - postParams.add("perm", "WRITE"); - postParams.add("username", "acl2"); - response = aclResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/acl").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .put(Entity.form(new Form() + .param("source", document1Id) + .param("perm", "WRITE") + .param("username", "acl2")), JsonObject.class); // Get the document as acl1 - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .get(JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); - acls = json.getJSONArray("acls"); - Assert.assertEquals(4, acls.length()); + acls = json.getJsonArray("acls"); + Assert.assertEquals(4, acls.size()); // Get the document as acl2 - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(acl2Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) + .get(JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); - acls = json.getJSONArray("acls"); - Assert.assertEquals(4, acls.length()); + acls = json.getJsonArray("acls"); + Assert.assertEquals(4, acls.size()); // Delete the ACL WRITE for acl2 with acl2 - aclResource = resource().path("/acl/" + document1Id + "/WRITE/" + acl2Id); - aclResource.addFilter(new CookieAuthenticationFilter(acl2Token)); - response = aclResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + target().path("/acl/" + document1Id + "/WRITE/" + acl2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) + .delete(); // Delete the ACL READ for acl2 with acl2 - aclResource = resource().path("/acl/" + document1Id + "/READ/" + acl2Id); - aclResource.addFilter(new CookieAuthenticationFilter(acl2Token)); - response = aclResource.delete(ClientResponse.class); - Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); + target().path("/acl/" + document1Id + "/READ/" + acl2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) + .delete(); // Delete the ACL READ for acl2 with acl1 - aclResource = resource().path("/acl/" + document1Id + "/READ/" + acl2Id); - aclResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - response = aclResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + target().path("/acl/" + document1Id + "/READ/" + acl2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .delete(); // Get the document as acl1 - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .get(JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); - acls = json.getJSONArray("acls"); - Assert.assertEquals(2, acls.length()); - String acl1Id = acls.getJSONObject(0).getString("id"); + acls = json.getJsonArray("acls"); + Assert.assertEquals(2, acls.size()); + String acl1Id = acls.getJsonObject(0).getString("id"); // Get the document as acl2 - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(acl2Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); + response = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) + .get(); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); // Delete the ACL READ for acl1 with acl1 - aclResource = resource().path("/acl/" + document1Id + "/READ/" + acl1Id); - aclResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - response = aclResource.delete(ClientResponse.class); + response = target().path("/acl/" + document1Id + "/READ/" + acl1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); // Delete the ACL WRITE for acl1 with acl1 - aclResource = resource().path("/acl/" + document1Id + "/WRITE/" + acl1Id); - aclResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - response = aclResource.delete(ClientResponse.class); + response = target().path("/acl/" + document1Id + "/WRITE/" + acl1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); // Search target list - aclResource = resource().path("/acl/target/search"); - aclResource.addFilter(new CookieAuthenticationFilter(acl1Token)); - response = aclResource.queryParam("search", "acl").get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONArray users = json.getJSONArray("users"); - Assert.assertEquals(2, users.length()); + json = target().path("/acl/target/search") + .queryParam("search", "acl") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .get(JsonObject.class); + JsonArray users = json.getJsonArray("users"); + Assert.assertEquals(2, users.size()); } } \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestAppResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestAppResource.java index 64e2e7fb..bda989e9 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestAppResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestAppResource.java @@ -1,15 +1,18 @@ package com.sismics.docs.rest; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import junit.framework.Assert; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; + +import org.junit.Assert; import org.junit.Test; +import com.sismics.util.filter.TokenBasedSecurityFilter; + + /** * Test the app resource. * @@ -22,36 +25,33 @@ public class TestAppResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testAppResource() throws JSONException { + public void testAppResource() { // Login admin String adminAuthenticationToken = clientUtil.login("admin", "admin", false); // Check the application info - WebResource appResource = resource().path("/app"); - appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - ClientResponse response = appResource.get(ClientResponse.class); - response = appResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); + JsonObject json = target().path("/app").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .get(JsonObject.class); String currentVersion = json.getString("current_version"); Assert.assertNotNull(currentVersion); String minVersion = json.getString("min_version"); Assert.assertNotNull(minVersion); - Long freeMemory = json.getLong("free_memory"); + Long freeMemory = json.getJsonNumber("free_memory").longValue(); Assert.assertTrue(freeMemory > 0); - Long totalMemory = json.getLong("total_memory"); + Long totalMemory = json.getJsonNumber("total_memory").longValue(); Assert.assertTrue(totalMemory > 0 && totalMemory > freeMemory); // Rebuild Lucene index - appResource = resource().path("/app/batch/reindex"); - appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = appResource.post(ClientResponse.class); + Response response = target().path("/app/batch/reindex").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .post(Entity.form(new Form())); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); // Clean storage - appResource = resource().path("/app/batch/clean_storage"); - appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = appResource.post(ClientResponse.class); + response = target().path("/app/batch/clean_storage").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .post(Entity.form(new Form())); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); } @@ -61,39 +61,33 @@ public class TestAppResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testLogResource() throws JSONException { + public void testLogResource() { // Login admin String adminAuthenticationToken = clientUtil.login("admin", "admin", false); // Check the logs (page 1) - WebResource appResource = resource() - .path("/app/log") - .queryParam("level", "DEBUG"); - ClientResponse response = appResource.get(ClientResponse.class); - appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = appResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - JSONArray logs = json.getJSONArray("logs"); - Assert.assertTrue(logs.length() > 0); - Long date1 = logs.optJSONObject(0).optLong("date"); - Long date2 = logs.optJSONObject(9).optLong("date"); - Assert.assertTrue(date1 > date2); + JsonObject json = target().path("/app/log") + .queryParam("level", "DEBUG") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .get(JsonObject.class); + JsonArray logs = json.getJsonArray("logs"); + Assert.assertTrue(logs.size() > 0); + Long date1 = logs.getJsonObject(0).getJsonNumber("date").longValue(); + Long date2 = logs.getJsonObject(9).getJsonNumber("date").longValue(); + Assert.assertTrue(date1 >= date2); // Check the logs (page 2) - appResource = resource() - .path("/app/log") + json = target().path("/app/log") .queryParam("offset", "10") - .queryParam("level", "DEBUG"); - response = appResource.get(ClientResponse.class); - appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = appResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - logs = json.getJSONArray("logs"); - Assert.assertTrue(logs.length() > 0); - Long date3 = logs.optJSONObject(0).optLong("date"); - Long date4 = logs.optJSONObject(9).optLong("date"); - Assert.assertTrue(date3 > date4); + .queryParam("level", "DEBUG") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .get(JsonObject.class); + logs = json.getJsonArray("logs"); + Assert.assertTrue(logs.size() > 0); + Long date3 = logs.getJsonObject(0).getJsonNumber("date").longValue(); + Long date4 = logs.getJsonObject(9).getJsonNumber("date").longValue(); + Assert.assertTrue(date3 >= date4); } } \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java index c94ad714..8efd2c71 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java @@ -2,19 +2,17 @@ package com.sismics.docs.rest; import java.util.Date; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; -import junit.framework.Assert; - -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import org.junit.Assert; import org.junit.Test; +import com.sismics.util.filter.TokenBasedSecurityFilter; + + /** * Test the audit log resource. * @@ -27,72 +25,60 @@ public class TestAuditLogResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testAuditLogResource() throws JSONException { + public void testAuditLogResource() { // Login auditlog1 clientUtil.createUser("auditlog1"); String auditlog1Token = clientUtil.login("auditlog1"); // Create a tag - WebResource tagResource = resource().path("/tag"); - tagResource.addFilter(new CookieAuthenticationFilter(auditlog1Token)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("name", "SuperTag"); - postParams.add("color", "#ffff00"); - ClientResponse response = tagResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String tag1Id = json.optString("id"); + JsonObject json = target().path("/tag").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) + .put(Entity.form(new Form() + .param("name", "SuperTag") + .param("color", "#ffff00")), JsonObject.class); + String tag1Id = json.getString("id"); Assert.assertNotNull(tag1Id); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(auditlog1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("title", "My super title document 1"); - postParams.add("description", "My super description for document 1"); - postParams.add("tags", tag1Id); - postParams.add("language", "eng"); long create1Date = new Date().getTime(); - postParams.add("create_date", create1Date); - response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String document1Id = json.optString("id"); + json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) + .put(Entity.form(new Form() + .param("title", "My super title document 1") + .param("description", "My super description for document 1") + .param("tags", tag1Id) + .param("language", "eng") + .param("create_date", Long.toString(create1Date))), JsonObject.class); + String document1Id = json.getString("id"); Assert.assertNotNull(document1Id); // Get all logs for the document - WebResource auditLogResource = resource().path("/auditlog"); - auditLogResource.addFilter(new CookieAuthenticationFilter(auditlog1Token)); - response = auditLogResource.queryParam("document", document1Id).get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - JSONArray logs = json.getJSONArray("logs"); - Assert.assertTrue(logs.length() == 3); + json = target().path("/auditlog") + .queryParam("document", document1Id) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) + .get(JsonObject.class); + JsonArray logs = json.getJsonArray("logs"); + Assert.assertTrue(logs.size() == 3); // Get all logs for the current user - auditLogResource = resource().path("/auditlog"); - auditLogResource.addFilter(new CookieAuthenticationFilter(auditlog1Token)); - response = auditLogResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - logs = json.getJSONArray("logs"); - Assert.assertTrue(logs.length() == 3); + json = target().path("/auditlog").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) + .get(JsonObject.class); + logs = json.getJsonArray("logs"); + Assert.assertTrue(logs.size() == 3); // Deletes a tag - tagResource = resource().path("/tag/" + tag1Id); - tagResource.addFilter(new CookieAuthenticationFilter(auditlog1Token)); - response = tagResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/tag/" + tag1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) + .delete(JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // Get all logs for the current user - auditLogResource = resource().path("/auditlog"); - auditLogResource.addFilter(new CookieAuthenticationFilter(auditlog1Token)); - response = auditLogResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - logs = json.getJSONArray("logs"); - Assert.assertTrue(logs.length() == 4); + json = target().path("/auditlog").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token) + .get(JsonObject.class); + logs = json.getJsonArray("logs"); + Assert.assertTrue(logs.size() == 4); } } \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestDocumentResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestDocumentResource.java index 3e818114..46872241 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestDocumentResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestDocumentResource.java @@ -1,31 +1,32 @@ package com.sismics.docs.rest; - -import java.io.BufferedInputStream; import java.io.InputStream; import java.nio.file.Paths; import java.util.Date; +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; -import junit.framework.Assert; - -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONObject; +import org.glassfish.jersey.media.multipart.FormDataMultiPart; +import org.glassfish.jersey.media.multipart.MultiPartFeature; +import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart; import org.joda.time.format.DateTimeFormat; +import org.junit.Assert; import org.junit.Test; import com.google.common.io.ByteStreams; +import com.google.common.io.Resources; import com.sismics.docs.core.util.DirectoryUtil; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; +import com.sismics.util.filter.TokenBasedSecurityFilter; import com.sismics.util.mime.MimeType; import com.sismics.util.mime.MimeTypeUtil; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; -import com.sun.jersey.multipart.FormDataBodyPart; -import com.sun.jersey.multipart.FormDataMultiPart; + + /** * Exhaustive test of the document resource. @@ -35,6 +36,7 @@ import com.sun.jersey.multipart.FormDataMultiPart; public class TestDocumentResource extends BaseJerseyTest { /** * Test the document resource. + * * @throws Exception */ @Test @@ -48,131 +50,113 @@ public class TestDocumentResource extends BaseJerseyTest { String document3Token = clientUtil.login("document3"); // Create a tag - WebResource tagResource = resource().path("/tag"); - tagResource.addFilter(new CookieAuthenticationFilter(document1Token)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("name", "SuperTag"); - postParams.add("color", "#ffff00"); - ClientResponse response = tagResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String tag1Id = json.optString("id"); + JsonObject json = target().path("/tag").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .put(Entity.form(new Form() + .param("name", "SuperTag") + .param("color", "#ffff00")), JsonObject.class); + String tag1Id = json.getString("id"); Assert.assertNotNull(tag1Id); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("title", "My super title document 1"); - postParams.add("description", "My super description for document 1"); - postParams.add("tags", tag1Id); - postParams.add("language", "eng"); long create1Date = new Date().getTime(); - postParams.add("create_date", create1Date); - response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String document1Id = json.optString("id"); + json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .put(Entity.form(new Form() + .param("title", "My super title document 1") + .param("description", "My super description for document 1") + .param("tags", tag1Id) + .param("language", "eng") + .param("create_date", Long.toString(create1Date))), JsonObject.class); + String document1Id = json.getString("id"); Assert.assertNotNull(document1Id); // Add a file - WebResource fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(document1Token)); - FormDataMultiPart form = new FormDataMultiPart(); - InputStream file = this.getClass().getResourceAsStream("/file/Einstein-Roosevelt-letter.png"); - FormDataBodyPart fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - form.field("id", document1Id); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String file1Id = json.getString("id"); + String file1Id = null; + try (InputStream is = Resources.getResource("file/Einstein-Roosevelt-letter.png").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "Einstein-Roosevelt-letter.png"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file1Id = json.getString("id"); + Assert.assertNotNull(file1Id); + } + } // Share this document - WebResource fileShareResource = resource().path("/share"); - fileShareResource.addFilter(new CookieAuthenticationFilter(document1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("id", document1Id); - response = fileShareResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/share").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .put(Entity.form(new Form().param("id", document1Id)), JsonObject.class); // List all documents - documentResource = resource().path("/document/list"); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - MultivaluedMapImpl getParams = new MultivaluedMapImpl(); - getParams.putSingle("sort_column", 3); - getParams.putSingle("asc", false); - response = documentResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONArray documents = json.getJSONArray("documents"); - JSONArray tags = documents.getJSONObject(0).getJSONArray("tags"); - Assert.assertTrue(documents.length() == 1); - Assert.assertEquals(document1Id, documents.getJSONObject(0).getString("id")); - Assert.assertEquals("eng", documents.getJSONObject(0).getString("language")); - Assert.assertEquals(1, documents.getJSONObject(0).getInt("file_count")); - Assert.assertEquals(1, tags.length()); - Assert.assertEquals(tag1Id, tags.getJSONObject(0).getString("id")); - Assert.assertEquals("SuperTag", tags.getJSONObject(0).getString("name")); - Assert.assertEquals("#ffff00", tags.getJSONObject(0).getString("color")); + json = target().path("/document/list") + .queryParam("sort_column", 3) + .queryParam("asc", false) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .get(JsonObject.class); + JsonArray documents = json.getJsonArray("documents"); + JsonArray tags = documents.getJsonObject(0).getJsonArray("tags"); + Assert.assertTrue(documents.size() == 1); + Assert.assertEquals(document1Id, documents.getJsonObject(0).getString("id")); + Assert.assertEquals("eng", documents.getJsonObject(0).getString("language")); + Assert.assertEquals(1, documents.getJsonObject(0).getInt("file_count")); + Assert.assertEquals(1, tags.size()); + Assert.assertEquals(tag1Id, tags.getJsonObject(0).getString("id")); + Assert.assertEquals("SuperTag", tags.getJsonObject(0).getString("name")); + Assert.assertEquals("#ffff00", tags.getJsonObject(0).getString("color")); // List all documents from document3 - documentResource = resource().path("/document/list"); - documentResource.addFilter(new CookieAuthenticationFilter(document3Token)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("sort_column", 3); - getParams.putSingle("asc", false); - response = documentResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - documents = json.getJSONArray("documents"); - Assert.assertTrue(documents.length() == 0); + json = target().path("/document/list") + .queryParam("sort_column", 3) + .queryParam("asc", false) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token) + .get(JsonObject.class); + documents = json.getJsonArray("documents"); + Assert.assertTrue(documents.size() == 0); // Create a document with document3 - documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(document3Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("title", "My super title document 1"); - postParams.add("description", "My super description for document 1"); - postParams.add("language", "eng"); long create3Date = new Date().getTime(); - postParams.add("create_date", create3Date); - response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String document3Id = json.optString("id"); + json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token) + .put(Entity.form(new Form() + .param("title", "My super title document 1") + .param("description", "My super description for document 1") + .param("language", "eng") + .param("create_date", Long.toString(create3Date))), JsonObject.class); + String document3Id = json.getString("id"); Assert.assertNotNull(document3Id); // Add a file - fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(document3Token)); - form = new FormDataMultiPart(); - file = this.getClass().getResourceAsStream("/file/Einstein-Roosevelt-letter.png"); - fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - form.field("id", document3Id); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String file3Id = json.getString("id"); - Assert.assertNotNull(file3Id); + String file3Id = null; + try (InputStream is = Resources.getResource("file/Einstein-Roosevelt-letter.png").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "Einstein-Roosevelt-letter.png"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token) + .put(Entity.entity(multiPart.field("id", document3Id).bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file3Id = json.getString("id"); + Assert.assertNotNull(file3Id); + } + } // List all documents from document3 - documentResource = resource().path("/document/list"); - documentResource.addFilter(new CookieAuthenticationFilter(document3Token)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("sort_column", 3); - getParams.putSingle("asc", false); - response = documentResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - documents = json.getJSONArray("documents"); - Assert.assertTrue(documents.length() == 1); + json = target().path("/document/list") + .queryParam("sort_column", 3) + .queryParam("asc", false) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token) + .get(JsonObject.class); + documents = json.getJsonArray("documents"); + Assert.assertTrue(documents.size() == 1); // Search documents Assert.assertEquals(1, searchDocuments("full:uranium full:einstein", document1Token)); @@ -200,11 +184,9 @@ public class TestDocumentResource extends BaseJerseyTest { Assert.assertEquals(0, searchDocuments("lang:fra", document1Token)); // Get a document - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .get(JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); Assert.assertEquals("document1", json.getString("creator")); Assert.assertEquals(1, json.getInt("file_count")); @@ -212,62 +194,48 @@ public class TestDocumentResource extends BaseJerseyTest { Assert.assertEquals("My super title document 1", json.getString("title")); Assert.assertEquals("My super description for document 1", json.getString("description")); Assert.assertEquals("eng", json.getString("language")); - Assert.assertEquals(create1Date, json.getLong("create_date")); - tags = json.getJSONArray("tags"); - Assert.assertEquals(1, tags.length()); - Assert.assertEquals(tag1Id, tags.getJSONObject(0).getString("id")); + Assert.assertEquals(create1Date, json.getJsonNumber("create_date").longValue()); + tags = json.getJsonArray("tags"); + Assert.assertEquals(1, tags.size()); + Assert.assertEquals(tag1Id, tags.getJsonObject(0).getString("id")); // Create a tag - tagResource = resource().path("/tag"); - tagResource.addFilter(new CookieAuthenticationFilter(document1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("name", "SuperTag2"); - postParams.add("color", "#00ffff"); - response = tagResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String tag2Id = json.optString("id"); + json = target().path("/tag").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .put(Entity.form(new Form().param("name", "SuperTag2").param("color", "#00ffff")), JsonObject.class); + String tag2Id = json.getString("id"); Assert.assertNotNull(tag1Id); // Update a document - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("title", "My new super document 1"); - postParams.add("description", "My new super description for document 1"); - postParams.add("tags", tag2Id); - response = documentResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .post(Entity.form(new Form() + .param("title", "My new super document 1") + .param("description", "My new super description for document 1") + .param("tags", tag2Id)), JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); // Search documents by query - documentResource = resource().path("/document/list"); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("search", "super"); - response = documentResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/list") + .queryParam("search", "super") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .get(JsonObject.class); // Get a document - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .get(JsonObject.class); Assert.assertTrue(json.getString("title").contains("new")); Assert.assertTrue(json.getString("description").contains("new")); - tags = json.getJSONArray("tags"); - Assert.assertEquals(1, tags.length()); - Assert.assertEquals(tag2Id, tags.getJSONObject(0).getString("id")); + tags = json.getJsonArray("tags"); + Assert.assertEquals(1, tags.size()); + Assert.assertEquals(tag2Id, tags.getJsonObject(0).getString("id")); // Deletes a document - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - response = documentResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .delete(JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // Check that the associated files are deleted from FS @@ -279,9 +247,9 @@ public class TestDocumentResource extends BaseJerseyTest { Assert.assertFalse(thumbnailFile.exists()); // Get a document (KO) - documentResource = resource().path("/document/" + document1Id); - documentResource.addFilter(new CookieAuthenticationFilter(document1Token)); - response = documentResource.get(ClientResponse.class); + Response response = target().path("/document/" + document1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token) + .get(); Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus())); } @@ -294,14 +262,12 @@ public class TestDocumentResource extends BaseJerseyTest { * @throws Exception */ private int searchDocuments(String query, String token) throws Exception { - WebResource documentResource = resource().path("/document/list"); - documentResource.addFilter(new CookieAuthenticationFilter(token)); - MultivaluedMapImpl getParams = new MultivaluedMapImpl(); - getParams.putSingle("search", query); - ClientResponse response = documentResource.queryParams(getParams).get(ClientResponse.class); - JSONObject json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - return json.getJSONArray("documents").length(); + JsonObject json = target().path("/document/list") + .queryParam("search", query) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, token) + .get(JsonObject.class); + return json.getJsonArray("documents").size(); } /** @@ -316,53 +282,48 @@ public class TestDocumentResource extends BaseJerseyTest { String document2Token = clientUtil.login("document2"); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(document2Token)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("title", "My super title document 1"); - postParams.add("description", "My super description for document 1"); - postParams.add("language", "eng"); long create1Date = new Date().getTime(); - postParams.add("create_date", create1Date); - ClientResponse response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String document1Id = json.optString("id"); + JsonObject json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token) + .put(Entity.form(new Form() + .param("title", "My super title document 1") + .param("description", "My super description for document 1") + .param("language", "eng") + .param("create_date", Long.toString(create1Date))), JsonObject.class); + String document1Id = json.getString("id"); Assert.assertNotNull(document1Id); // Add a PDF file - WebResource fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(document2Token)); - FormDataMultiPart form = new FormDataMultiPart(); - InputStream file = this.getClass().getResourceAsStream("/file/wikipedia.pdf"); - FormDataBodyPart fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - form.field("id", document1Id); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String file1Id = json.getString("id"); + String file1Id = null; + try (InputStream is = Resources.getResource("file/wikipedia.pdf").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "wikipedia.pdf"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token) + .put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file1Id = json.getString("id"); + Assert.assertNotNull(file1Id); + } + } // Search documents by query in full content - documentResource = resource().path("/document/list"); - documentResource.addFilter(new CookieAuthenticationFilter(document2Token)); - MultivaluedMapImpl getParams = new MultivaluedMapImpl(); - getParams.putSingle("search", "full:vrandecic"); - response = documentResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - Assert.assertTrue(json.getJSONArray("documents").length() == 1); + json = target().path("/document/list") + .queryParam("search", "full:vrandecic") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token) + .get(JsonObject.class); + Assert.assertTrue(json.getJsonArray("documents").size() == 1); // Get the file thumbnail data - fileResource = resource().path("/file/" + file1Id + "/data"); - fileResource.addFilter(new CookieAuthenticationFilter(document2Token)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("size", "thumb"); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - InputStream is = response.getEntityInputStream(); + Response response = target().path("/file/" + file1Id + "/data") + .queryParam("size", "thumb") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token) + .get(); + InputStream is = (InputStream) response.getEntity(); byte[] fileBytes = ByteStreams.toByteArray(is); Assert.assertTrue(fileBytes.length > 0); // Images rendered from PDF differ in size from OS to OS due to font issues Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes)); diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestFileResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestFileResource.java index dc66674d..af203d65 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestFileResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestFileResource.java @@ -4,26 +4,29 @@ import java.io.BufferedInputStream; import java.io.FileInputStream; import java.io.InputStream; import java.nio.file.Paths; +import java.util.Date; +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; -import junit.framework.Assert; - -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONObject; +import org.glassfish.jersey.media.multipart.FormDataMultiPart; +import org.glassfish.jersey.media.multipart.MultiPartFeature; +import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart; +import org.junit.Assert; import org.junit.Test; import com.google.common.io.ByteStreams; +import com.google.common.io.Resources; import com.sismics.docs.core.util.DirectoryUtil; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; +import com.sismics.util.filter.TokenBasedSecurityFilter; import com.sismics.util.mime.MimeType; import com.sismics.util.mime.MimeTypeUtil; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; -import com.sun.jersey.multipart.FormDataBodyPart; -import com.sun.jersey.multipart.FormDataMultiPart; + /** * Exhaustive test of the file resource. @@ -43,145 +46,137 @@ public class TestFileResource extends BaseJerseyTest { String file1AuthenticationToken = clientUtil.login("file1"); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("title", "File test document 1"); - postParams.add("language", "eng"); - ClientResponse response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String document1Id = json.optString("id"); + long create1Date = new Date().getTime(); + JsonObject json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .put(Entity.form(new Form() + .param("title", "File test document 1") + .param("language", "eng") + .param("create_date", Long.toString(create1Date))), JsonObject.class); + String document1Id = json.getString("id"); Assert.assertNotNull(document1Id); // Add a file - WebResource fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - FormDataMultiPart form = new FormDataMultiPart(); - InputStream file = this.getClass().getResourceAsStream("/file/PIA00452.jpg"); - FormDataBodyPart fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - form.field("id", document1Id); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String file1Id = json.getString("id"); + String file1Id = null; + try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file1Id = json.getString("id"); + Assert.assertNotNull(file1Id); + } + } // Add a file - fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - form = new FormDataMultiPart(); - file = this.getClass().getResourceAsStream("/file/PIA00452.jpg"); - fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - form.field("id", document1Id); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String file2Id = json.getString("id"); + String file2Id = null; + try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file2Id = json.getString("id"); + Assert.assertNotNull(file2Id); + } + } // Get the file data - fileResource = resource().path("/file/" + file1Id + "/data"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - response = fileResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - InputStream is = response.getEntityInputStream(); + Response response = target().path("/file/" + file1Id + "/data").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(); + InputStream is = (InputStream) response.getEntity(); byte[] fileBytes = ByteStreams.toByteArray(is); Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes)); Assert.assertTrue(fileBytes.length > 0); // Get the thumbnail data - fileResource = resource().path("/file/" + file1Id + "/data"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - MultivaluedMapImpl getParams = new MultivaluedMapImpl(); - getParams.putSingle("size", "thumb"); - response = fileResource.queryParams(getParams).get(ClientResponse.class); + response = target().path("/file/" + file1Id + "/data") + .queryParam("size", "thumb") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - is = response.getEntityInputStream(); + is = (InputStream) response.getEntity(); fileBytes = ByteStreams.toByteArray(is); Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes)); Assert.assertTrue(fileBytes.length > 0); // Get the web data - fileResource = resource().path("/file/" + file1Id + "/data"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("size", "web"); - response = fileResource.queryParams(getParams).get(ClientResponse.class); + response = target().path("/file/" + file1Id + "/data") + .queryParam("size", "web") + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - is = response.getEntityInputStream(); + is = (InputStream) response.getEntity(); fileBytes = ByteStreams.toByteArray(is); Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes)); Assert.assertTrue(fileBytes.length > 0); // Check that the files are not readable directly from FS java.io.File storedFile = Paths.get(DirectoryUtil.getStorageDirectory().getPath(), file1Id).toFile(); - InputStream storedFileInputStream = new BufferedInputStream(new FileInputStream(storedFile)); - Assert.assertNull(MimeTypeUtil.guessMimeType(storedFileInputStream)); - storedFileInputStream.close(); + try (InputStream storedFileInputStream = new BufferedInputStream(new FileInputStream(storedFile))) { + Assert.assertNull(MimeTypeUtil.guessMimeType(storedFileInputStream)); + } // Get all files from a document - fileResource = resource().path("/file/list"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("id", document1Id); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONArray files = json.getJSONArray("files"); - Assert.assertEquals(2, files.length()); - Assert.assertEquals(file1Id, files.getJSONObject(0).getString("id")); - Assert.assertEquals(file2Id, files.getJSONObject(1).getString("id")); + json = target().path("/file/list") + .queryParam("id", document1Id) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(JsonObject.class); + JsonArray files = json.getJsonArray("files"); + Assert.assertEquals(2, files.size()); + Assert.assertEquals(file1Id, files.getJsonObject(0).getString("id")); + Assert.assertEquals(file2Id, files.getJsonObject(1).getString("id")); // Reorder files - fileResource = resource().path("/file/reorder"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.add("id", document1Id); - postParams.add("order", file2Id); - postParams.add("order", file1Id); - response = fileResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/file/reorder").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .post(Entity.form(new Form() + .param("id", document1Id) + .param("order", file2Id) + .param("order", file1Id)), JsonObject.class); // Get all files from a document - fileResource = resource().path("/file/list"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("id", document1Id); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - files = json.getJSONArray("files"); - Assert.assertEquals(2, files.length()); - Assert.assertEquals(file2Id, files.getJSONObject(0).getString("id")); - Assert.assertEquals(file1Id, files.getJSONObject(1).getString("id")); + json = target().path("/file/list") + .queryParam("id", document1Id) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(JsonObject.class); + files = json.getJsonArray("files"); + Assert.assertEquals(2, files.size()); + Assert.assertEquals(file2Id, files.getJsonObject(0).getString("id")); + Assert.assertEquals(file1Id, files.getJsonObject(1).getString("id")); // Get a ZIP from all files - fileResource = resource().path("/file/zip"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("id", document1Id); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - is = response.getEntityInputStream(); + response = target().path("/file/zip") + .queryParam("id", document1Id) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(); + is = (InputStream) response.getEntity(); fileBytes = ByteStreams.toByteArray(is); Assert.assertEquals(MimeType.APPLICATION_ZIP, MimeTypeUtil.guessMimeType(fileBytes)); // Deletes a file - fileResource = resource().path("/file/" + file1Id); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - response = fileResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/file/" + file1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .delete(JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // Get the file data (not found) - fileResource = resource().path("/file/" + file1Id + "/data"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - response = fileResource.get(ClientResponse.class); + response = target().path("/file/" + file1Id + "/data").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(); Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus())); // Check that files are deleted from FS @@ -193,15 +188,13 @@ public class TestFileResource extends BaseJerseyTest { Assert.assertFalse(thumbnailFile.exists()); // Get all files from a document - fileResource = resource().path("/file/list"); - fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("id", document1Id); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - files = json.getJSONArray("files"); - Assert.assertEquals(1, files.length()); + json = target().path("/file/list") + .queryParam("id", document1Id) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken) + .get(JsonObject.class); + files = json.getJsonArray("files"); + Assert.assertEquals(1, files.size()); } @Test @@ -211,91 +204,81 @@ public class TestFileResource extends BaseJerseyTest { String file2AuthenticationToken = clientUtil.login("file2"); // Add a file - WebResource fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - FormDataMultiPart form = new FormDataMultiPart(); - InputStream file = this.getClass().getResourceAsStream("/file/PIA00452.jpg"); - FormDataBodyPart fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - ClientResponse response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String file1Id = json.getString("id"); + String file1Id = null; + try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + JsonObject json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .put(Entity.entity(multiPart.bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file1Id = json.getString("id"); + Assert.assertNotNull(file1Id); + } + } // Get all orphan files - fileResource = resource().path("/file/list"); - fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - MultivaluedMapImpl getParams = new MultivaluedMapImpl(); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONArray files = json.getJSONArray("files"); - Assert.assertEquals(1, files.length()); + JsonObject json = target().path("/file/list").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .get(JsonObject.class); + JsonArray files = json.getJsonArray("files"); + Assert.assertEquals(1, files.size()); // Get the file data - fileResource = resource().path("/file/" + file1Id + "/data"); - fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - response = fileResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - InputStream is = response.getEntityInputStream(); + Response response = target().path("/file/" + file1Id + "/data").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .get(); + InputStream is = (InputStream) response.getEntity(); byte[] fileBytes = ByteStreams.toByteArray(is); Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes)); Assert.assertEquals(163510, fileBytes.length); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("title", "File test document 1"); - postParams.add("language", "eng"); - response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String document1Id = json.optString("id"); + json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .put(Entity.form(new Form() + .param("title", "File test document 1") + .param("language", "eng")), JsonObject.class); + String document1Id = json.getString("id"); Assert.assertNotNull(document1Id); // Attach a file to a document - documentResource = resource().path("/file/" + file1Id); - documentResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.add("id", document1Id); - response = documentResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/file/" + file1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .post(Entity.form(new Form() + .param("id", document1Id)), JsonObject.class); // Get all files from a document - fileResource = resource().path("/file/list"); - fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("id", document1Id); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - files = json.getJSONArray("files"); - Assert.assertEquals(1, files.length()); + json = target().path("/file/list") + .queryParam("id", document1Id) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .get(JsonObject.class); + files = json.getJsonArray("files"); + Assert.assertEquals(1, files.size()); // Add a file - fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - form = new FormDataMultiPart(); - file = this.getClass().getResourceAsStream("/file/PIA00452.jpg"); - fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String file2Id = json.getString("id"); + String file2Id = null; + try (InputStream is0 = Resources.getResource("file/PIA00452.jpg").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is0, "PIA00452.jpg"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .put(Entity.entity(multiPart.bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file2Id = json.getString("id"); + Assert.assertNotNull(file2Id); + } + } // Deletes a file - fileResource = resource().path("/file/" + file2Id); - fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken)); - response = fileResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/file/" + file2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken) + .delete(JsonObject.class); Assert.assertEquals("ok", json.getString("status")); } } \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestLocaleResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestLocaleResource.java index cbc24a5b..0dea6bde 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestLocaleResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestLocaleResource.java @@ -1,14 +1,12 @@ package com.sismics.docs.rest; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import junit.framework.Assert; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import javax.json.JsonArray; +import javax.json.JsonObject; + +import org.junit.Assert; import org.junit.Test; + /** * Test the locale resource. * @@ -21,12 +19,9 @@ public class TestLocaleResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testLocaleResource() throws JSONException { - WebResource localeResource = resource().path("/locale"); - ClientResponse response = localeResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - JSONArray locale = json.getJSONArray("locales"); - Assert.assertTrue(locale.length() > 0); + public void testLocaleResource() { + JsonObject json = target().path("/locale").request().get(JsonObject.class); + JsonArray locale = json.getJsonArray("locales"); + Assert.assertTrue(locale.size() > 0); } } \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestSecurity.java b/docs-web/src/test/java/com/sismics/docs/rest/TestSecurity.java index f3bb70b1..6c1c3976 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestSecurity.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestSecurity.java @@ -1,16 +1,18 @@ package com.sismics.docs.rest; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; + import junit.framework.Assert; + import org.apache.commons.lang.StringUtils; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; import org.junit.Test; +import com.sismics.util.filter.TokenBasedSecurityFilter; + /** * Test of the security layer. * @@ -23,50 +25,50 @@ public class TestSecurity extends BaseJerseyTest { * @throws JSONException */ @Test - public void testSecurity() throws JSONException { + public void testSecurity() { // Create a user clientUtil.createUser("testsecurity"); // Changes a user's email KO : the user is not connected - WebResource userResource = resource().path("/user/update"); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("email", "testsecurity2@docs.com"); - ClientResponse response = userResource.post(ClientResponse.class, postParams); + Response response = target().path("/user/update").request() + .post(Entity.form(new Form().param("email", "testsecurity2@docs.com"))); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); + JsonObject json = response.readEntity(JsonObject.class); Assert.assertEquals("ForbiddenError", json.getString("type")); Assert.assertEquals("You don't have access to this resource", json.getString("message")); // User testsecurity logs in String testSecurityAuthenticationToken = clientUtil.login("testsecurity"); - + + // User testsecurity creates a new user KO : no permission + response = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken) + .put(Entity.form(new Form())); + Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); + Assert.assertEquals("ForbiddenError", json.getString("type")); + Assert.assertEquals("You don't have access to this resource", json.getString("message")); + // User testsecurity changes his email OK - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(testSecurityAuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.add("email", "testsecurity2@docs.com"); - postParams.add("locale", "en"); - response = userResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken) + .post(Entity.form( + new Form() + .param("email", "testsecurity2@docs.com") + .param("locale", "en")), JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // User testsecurity logs out - userResource = resource().path("/user/logout"); - userResource.addFilter(new CookieAuthenticationFilter(testSecurityAuthenticationToken)); - postParams = new MultivaluedMapImpl(); - response = userResource.post(ClientResponse.class, postParams); - json = response.getEntity(JSONObject.class); + response = target().path("/user/logout").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken) + .post(Entity.form(new Form())); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); testSecurityAuthenticationToken = clientUtil.getAuthenticationCookie(response); Assert.assertTrue(StringUtils.isEmpty(testSecurityAuthenticationToken)); // User testsecurity logs out KO : he is not connected anymore - userResource = resource().path("/user/logout"); - userResource.addFilter(new CookieAuthenticationFilter(testSecurityAuthenticationToken)); - postParams = new MultivaluedMapImpl(); - response = userResource.post(ClientResponse.class, postParams); - json = response.getEntity(JSONObject.class); + response = target().path("/user/logout").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken) + .post(Entity.form(new Form())); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); // User testsecurity logs in with a long lived session diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestShareResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestShareResource.java index 2333d4e1..fc8c2b28 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestShareResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestShareResource.java @@ -1,24 +1,25 @@ package com.sismics.docs.rest; -import java.io.BufferedInputStream; import java.io.InputStream; +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; -import junit.framework.Assert; - -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONObject; +import org.glassfish.jersey.media.multipart.FormDataMultiPart; +import org.glassfish.jersey.media.multipart.MultiPartFeature; +import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart; +import org.junit.Assert; import org.junit.Test; import com.google.common.io.ByteStreams; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; -import com.sun.jersey.multipart.FormDataBodyPart; -import com.sun.jersey.multipart.FormDataMultiPart; +import com.google.common.io.Resources; +import com.sismics.util.filter.TokenBasedSecurityFilter; + /** * Exhaustive test of the share resource. @@ -28,6 +29,7 @@ import com.sun.jersey.multipart.FormDataMultiPart; public class TestShareResource extends BaseJerseyTest { /** * Test the share resource. + * @throws Exception * * @throws Exception */ @@ -38,99 +40,86 @@ public class TestShareResource extends BaseJerseyTest { String share1AuthenticationToken = clientUtil.login("share1"); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("title", "File test document 1"); - postParams.add("language", "eng"); - ClientResponse response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String document1Id = json.optString("id"); + JsonObject json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken) + .put(Entity.form(new Form() + .param("title", "File test document 1") + .param("language", "eng")), JsonObject.class); + String document1Id = json.getString("id"); Assert.assertNotNull(document1Id); // Add a file - WebResource fileResource = resource().path("/file"); - fileResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken)); - FormDataMultiPart form = new FormDataMultiPart(); - InputStream file = this.getClass().getResourceAsStream("/file/PIA00452.jpg"); - FormDataBodyPart fdp = new FormDataBodyPart("file", - new BufferedInputStream(file), - MediaType.APPLICATION_OCTET_STREAM_TYPE); - form.bodyPart(fdp); - form.field("id", document1Id); - response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String file1Id = json.getString("id"); + String file1Id = null; + try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) { + StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg"); + try (FormDataMultiPart multiPart = new FormDataMultiPart()) { + json = target() + .register(MultiPartFeature.class) + .path("/file").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken) + .put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart), + MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class); + file1Id = json.getString("id"); + } + } // Share this document - WebResource shareResource = resource().path("/share"); - shareResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.add("id", document1Id); - postParams.add("name", "4 All"); - response = shareResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/share").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken) + .put(Entity.form(new Form() + .param("id", document1Id) + .param("name", "4 All")), JsonObject.class); String share1Id = json.getString("id"); // Get the document anonymously - documentResource = resource().path("/document/" + document1Id); - MultivaluedMapImpl getParams = new MultivaluedMapImpl(); - getParams.putSingle("share", share1Id); - response = documentResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + json = target().path("/document/" + document1Id) + .queryParam("share", share1Id) + .request() + .get(JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); - Assert.assertEquals(3, json.getJSONArray("acls").length()); // 2 for the creator, 1 for the share + Assert.assertEquals(3, json.getJsonArray("acls").size()); // 2 for the creator, 1 for the share // Get all files from this document anonymously - fileResource = resource().path("/file/list"); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("id", document1Id); - getParams.putSingle("share", share1Id); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONArray files = json.getJSONArray("files"); - Assert.assertEquals(1, files.length()); + json = target().path("/file/list") + .queryParam("id", document1Id) + .queryParam("share", share1Id) + .request() + .get(JsonObject.class); + JsonArray files = json.getJsonArray("files"); + Assert.assertEquals(1, files.size()); // Get the file data anonymously - fileResource = resource().path("/file/" + file1Id + "/data"); - getParams = new MultivaluedMapImpl(); - getParams.putSingle("thumbnail", false); - getParams.putSingle("share", share1Id); - response = fileResource.queryParams(getParams).get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - InputStream is = response.getEntityInputStream(); + Response response = target().path("/file/" + file1Id + "/data") + .queryParam("thumbnail", false) + .queryParam("share", share1Id) + .request() + .get(); + InputStream is = (InputStream) response.getEntity(); byte[] fileBytes = ByteStreams.toByteArray(is); Assert.assertEquals(163510, fileBytes.length); // Deletes the share (not allowed) clientUtil.createUser("share2"); String share2AuthenticationToken = clientUtil.login("share2"); - shareResource = resource().path("/share/" + share1Id); - shareResource.addFilter(new CookieAuthenticationFilter(share2AuthenticationToken)); - response = shareResource.delete(ClientResponse.class); + response = target().path("/share/" + share1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, share2AuthenticationToken) + .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("DocumentNotFound", json.getString("type")); // Deletes the share - shareResource = resource().path("/share/" + share1Id); - shareResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken)); - response = shareResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/share/" + share1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken) + .delete(JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // Deletes the share again - shareResource = resource().path("/share/" + share1Id); - shareResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken)); - response = shareResource.delete(ClientResponse.class); + response = target().path("/share/" + share1Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken) + .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("ShareNotFound", json.getString("type")); } } \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestTagResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestTagResource.java index bacedd6e..b9fa0532 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestTagResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestTagResource.java @@ -1,16 +1,18 @@ package com.sismics.docs.rest; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; -import junit.framework.Assert; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; + +import org.junit.Assert; import org.junit.Test; +import com.sismics.util.filter.TokenBasedSecurityFilter; + + /** * Test the tag resource. * @@ -23,173 +25,138 @@ public class TestTagResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testTagResource() throws JSONException { + public void testTagResource() { // Login tag1 clientUtil.createUser("tag1"); String tag1Token = clientUtil.login("tag1"); // Create a tag - WebResource tagResource = resource().path("/tag"); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("name", "Tag3"); - postParams.add("color", "#ff0000"); - ClientResponse response = tagResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - String tag3Id = json.optString("id"); + JsonObject json = target().path("/tag").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .put(Entity.form(new Form() + .param("name", "Tag3") + .param("color", "#ff0000")), JsonObject.class); + String tag3Id = json.getString("id"); Assert.assertNotNull(tag3Id); // Create a tag - tagResource = resource().path("/tag"); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("name", "Tag4"); - postParams.add("color", "#00ff00"); - response = tagResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - String tag4Id = json.optString("id"); + json = target().path("/tag").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .put(Entity.form(new Form() + .param("name", "Tag4") + .param("color", "#00ff00")), JsonObject.class); + String tag4Id = json.getString("id"); Assert.assertNotNull(tag4Id); // Create a tag with space (not allowed) - tagResource = resource().path("/tag"); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("name", "Tag 4"); - response = tagResource.put(ClientResponse.class, postParams); + Response response = target().path("/tag").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .put(Entity.form(new Form() + .param("name", "Tag 4"))); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); // Create a document - WebResource documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("title", "My super document 1"); - postParams.add("tags", tag3Id); - postParams.add("language", "eng"); - response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .put(Entity.form(new Form() + .param("title", "My super document 1") + .param("tags", tag3Id) + .param("language", "eng")), JsonObject.class); // Create a document - documentResource = resource().path("/document"); - documentResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("title", "My super document 2"); - postParams.add("tags", tag4Id); - postParams.add("language", "eng"); - response = documentResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/document").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .put(Entity.form(new Form() + .param("title", "My super document 2") + .param("tags", tag4Id) + .param("language", "eng")), JsonObject.class); String document2Id = json.getString("id"); // Check tags on a document - documentResource = resource().path("/document/" + document2Id); - documentResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONArray tags = json.getJSONArray("tags"); - Assert.assertEquals(1, tags.length()); - Assert.assertEquals(tag4Id, tags.getJSONObject(0).getString("id")); + json = target().path("/document/" + document2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .get(JsonObject.class); + JsonArray tags = json.getJsonArray("tags"); + Assert.assertEquals(1, tags.size()); + Assert.assertEquals(tag4Id, tags.getJsonObject(0).getString("id")); // Update tags on a document - documentResource = resource().path("/document/" + document2Id); - documentResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("tags", tag3Id); - postParams.add("tags", tag4Id); - response = documentResource.post(ClientResponse.class, postParams); + response = target().path("/document/" + document2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .post(Entity.form(new Form() + .param("tags", tag3Id) + .param("tags", tag4Id))); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); // Check tags on a document - documentResource = resource().path("/document/" + document2Id); - documentResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - tags = json.getJSONArray("tags"); - Assert.assertEquals(2, tags.length()); - Assert.assertEquals(tag3Id, tags.getJSONObject(0).getString("id")); - Assert.assertEquals(tag4Id, tags.getJSONObject(1).getString("id")); + json = target().path("/document/" + document2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .get(JsonObject.class); + tags = json.getJsonArray("tags"); + Assert.assertEquals(2, tags.size()); + Assert.assertEquals(tag3Id, tags.getJsonObject(0).getString("id")); + Assert.assertEquals(tag4Id, tags.getJsonObject(1).getString("id")); // Update tags on a document - documentResource = resource().path("/document/" + document2Id); - documentResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("tags", tag4Id); - response = documentResource.post(ClientResponse.class, postParams); + response = target().path("/document/" + document2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .post(Entity.form(new Form() + .param("tags", tag4Id))); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); // Check tags on a document - documentResource = resource().path("/document/" + document2Id); - documentResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = documentResource.get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - tags = json.getJSONArray("tags"); - Assert.assertEquals(1, tags.length()); - Assert.assertEquals(tag4Id, tags.getJSONObject(0).getString("id")); + json = target().path("/document/" + document2Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .get(JsonObject.class); + tags = json.getJsonArray("tags"); + Assert.assertEquals(1, tags.size()); + Assert.assertEquals(tag4Id, tags.getJsonObject(0).getString("id")); // Get tag stats - tagResource = resource().path("/tag/stats"); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = tagResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - JSONArray stats = json.getJSONArray("stats"); - Assert.assertTrue(stats.length() == 2); - Assert.assertEquals(1, stats.getJSONObject(0).getInt("count")); - Assert.assertEquals(1, stats.getJSONObject(1).getInt("count")); + json = target().path("/tag/stats").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .get(JsonObject.class); + JsonArray stats = json.getJsonArray("stats"); + Assert.assertTrue(stats.size() == 2); + Assert.assertEquals(1, stats.getJsonObject(0).getInt("count")); + Assert.assertEquals(1, stats.getJsonObject(1).getInt("count")); // Get all tags - tagResource = resource().path("/tag/list"); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = tagResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - tags = json.getJSONArray("tags"); - Assert.assertTrue(tags.length() > 0); - Assert.assertEquals("Tag4", tags.getJSONObject(1).getString("name")); - Assert.assertEquals("#00ff00", tags.getJSONObject(1).getString("color")); + json = target().path("/tag/list").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .get(JsonObject.class); + tags = json.getJsonArray("tags"); + Assert.assertTrue(tags.size() > 0); + Assert.assertEquals("Tag4", tags.getJsonObject(1).getString("name")); + Assert.assertEquals("#00ff00", tags.getJsonObject(1).getString("color")); // Update a tag - tagResource = resource().path("/tag/" + tag4Id); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - postParams = new MultivaluedMapImpl(); - postParams.add("name", "UpdatedName"); - postParams.add("color", "#0000ff"); - response = tagResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/tag/" + tag4Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .post(Entity.form(new Form() + .param("name", "UpdatedName") + .param("color", "#0000ff")), JsonObject.class); Assert.assertEquals(tag4Id, json.getString("id")); // Get all tags - tagResource = resource().path("/tag/list"); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = tagResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - tags = json.getJSONArray("tags"); - Assert.assertTrue(tags.length() > 0); - Assert.assertEquals("UpdatedName", tags.getJSONObject(1).getString("name")); - Assert.assertEquals("#0000ff", tags.getJSONObject(1).getString("color")); + json = target().path("/tag/list").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .get(JsonObject.class); + tags = json.getJsonArray("tags"); + Assert.assertTrue(tags.size() > 0); + Assert.assertEquals("UpdatedName", tags.getJsonObject(1).getString("name")); + Assert.assertEquals("#0000ff", tags.getJsonObject(1).getString("color")); // Deletes a tag - tagResource = resource().path("/tag/" + tag4Id); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = tagResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - Assert.assertEquals("ok", json.getString("status")); + target().path("/tag/" + tag4Id).request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .delete(); // Get all tags - tagResource = resource().path("/tag/list"); - tagResource.addFilter(new CookieAuthenticationFilter(tag1Token)); - response = tagResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - tags = json.getJSONArray("tags"); - Assert.assertTrue(tags.length() == 1); + json = target().path("/tag/list").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token) + .get(JsonObject.class); + tags = json.getJsonArray("tags"); + Assert.assertTrue(tags.size() == 1); } } \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestThemeResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestThemeResource.java deleted file mode 100644 index b396c4b1..00000000 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestThemeResource.java +++ /dev/null @@ -1,33 +0,0 @@ -package com.sismics.docs.rest; - -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import junit.framework.Assert; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; -import org.junit.Test; - -/** - * Test the theme resource. - * - * @author jtremeaux - */ -public class TestThemeResource extends BaseJerseyTest { - /** - * Test the theme resource. - * - * @throws JSONException - */ - @Test - public void testThemeResource() throws JSONException { - WebResource themeResource = resource().path("/theme"); - ClientResponse response = themeResource.get(ClientResponse.class); - response = themeResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); - JSONArray theme = json.getJSONArray("themes"); - Assert.assertTrue(theme.length() > 0); - } -} \ No newline at end of file diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestUserResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestUserResource.java index 022f4b3f..ca3a91ee 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestUserResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestUserResource.java @@ -1,18 +1,19 @@ package com.sismics.docs.rest; -import com.sismics.docs.rest.filter.CookieAuthenticationFilter; -import com.sun.jersey.api.client.ClientResponse; -import com.sun.jersey.api.client.ClientResponse.Status; -import com.sun.jersey.api.client.WebResource; -import com.sun.jersey.core.util.MultivaluedMapImpl; -import junit.framework.Assert; -import org.codehaus.jettison.json.JSONArray; -import org.codehaus.jettison.json.JSONException; -import org.codehaus.jettison.json.JSONObject; +import java.util.Locale; + +import javax.json.JsonArray; +import javax.json.JsonObject; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.Form; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; + +import org.junit.Assert; import org.junit.Test; -import javax.ws.rs.core.MultivaluedMap; -import java.util.Locale; +import com.sismics.util.filter.TokenBasedSecurityFilter; + /** * Exhaustive test of the user resource. @@ -26,12 +27,11 @@ public class TestUserResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testUserResource() throws JSONException { + public void testUserResource() { // Check anonymous user information - WebResource userResource = resource().path("/user"); - ClientResponse response = userResource.acceptLanguage(Locale.US).get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); + JsonObject json = target().path("/user").request() + .acceptLanguage(Locale.US) + .get(JsonObject.class); Assert.assertTrue(json.getBoolean("is_default_password")); // Create alice user @@ -41,95 +41,82 @@ public class TestUserResource extends BaseJerseyTest { String adminAuthenticationToken = clientUtil.login("admin", "admin", false); // List all users - userResource = resource().path("/user/list"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - MultivaluedMapImpl getParams = new MultivaluedMapImpl(); - getParams.putSingle("sort_column", 2); - getParams.putSingle("asc", false); - response = userResource.queryParams(getParams).get(ClientResponse.class); - json = response.getEntity(JSONObject.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONArray users = json.getJSONArray("users"); - Assert.assertTrue(users.length() > 0); + json = target().path("/user/list") + .queryParam("sort_column", 2) + .queryParam("asc", false) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .get(JsonObject.class); + JsonArray users = json.getJsonArray("users"); + Assert.assertTrue(users.size() > 0); // Create a user KO (login length validation) - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.putSingle("username", " bb "); - postParams.putSingle("email", "bob@docs.com"); - postParams.putSingle("password", "12345678"); - response = userResource.put(ClientResponse.class, postParams); + Response response = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .put(Entity.form(new Form() + .param("username", " bb ") + .param("email", "bob@docs.com") + .param("password", "12345678"))); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("ValidationError", json.getString("type")); Assert.assertTrue(json.getString("message"), json.getString("message").contains("more than 3")); // Create a user KO (login format validation) - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.putSingle("username", "bob-"); - postParams.putSingle("email", " bob@docs.com "); - postParams.putSingle("password", "12345678"); - response = userResource.put(ClientResponse.class, postParams); + response = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .put(Entity.form(new Form() + .param("username", "bob-") + .param("email", "bob@docs.com") + .param("password", "12345678"))); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("ValidationError", json.getString("type")); Assert.assertTrue(json.getString("message"), json.getString("message").contains("alphanumeric")); // Create a user KO (email format validation) - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.putSingle("username", "bob"); - postParams.putSingle("email", " bobdocs.com "); - postParams.putSingle("password", "12345678"); - response = userResource.put(ClientResponse.class, postParams); + response = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .put(Entity.form(new Form() + .param("username", "bob") + .param("email", "bobdocs.com") + .param("password", "12345678"))); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("ValidationError", json.getString("type")); Assert.assertTrue(json.getString("message"), json.getString("message").contains("must be an email")); // Create a user bob OK - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.putSingle("username", " bob "); - postParams.putSingle("email", " bob@docs.com "); - postParams.putSingle("password", " 12345678 "); - postParams.putSingle("locale", "fr"); - response = userResource.put(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + Form form = new Form() + .param("username", " bob ") + .param("email", " bob@docs.com ") + .param("password", " 12345678 "); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .put(Entity.form(form), JsonObject.class); // Create a user bob KO : duplicate username - response = userResource.put(ClientResponse.class, postParams); + response = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .put(Entity.form(form)); Assert.assertNotSame(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("AlreadyExistingUsername", json.getString("type")); // Check if a username is free : OK - userResource = resource().path("/user/check_username"); - MultivaluedMap queryParams = new MultivaluedMapImpl(); - queryParams.add("username", "carol"); - response = userResource.queryParams(queryParams).get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + target().path("/user/check_username").queryParam("username", "carol").request().get(JsonObject.class); // Check if a username is free : KO - userResource = resource().path("/user/check_username"); - queryParams = new MultivaluedMapImpl(); - queryParams.add("username", "alice"); - response = userResource.queryParams(queryParams).get(ClientResponse.class); + response = target().path("/user/check_username").queryParam("username", "alice").request().get(); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("ko", json.getString("status")); // Login alice with extra whitespaces - userResource = resource().path("/user/login"); - postParams = new MultivaluedMapImpl(); - postParams.putSingle("username", " alice "); - postParams.putSingle("password", " 12345678 "); - response = userResource.post(ClientResponse.class, postParams); + response = target().path("/user/login").request() + .post(Entity.form(new Form() + .param("username", " alice ") + .param("password", " 12345678 "))); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); String aliceAuthToken = clientUtil.getAuthenticationCookie(response); @@ -138,95 +125,81 @@ public class TestUserResource extends BaseJerseyTest { String bobAuthToken2 = clientUtil.login("bob"); // List sessions - userResource = resource().path("/user/session"); - userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken)); - response = userResource.get(ClientResponse.class); + response = target().path("/user/session").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken) + .get(); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - Assert.assertTrue(json.getJSONArray("sessions").length() > 0); - JSONObject session = json.getJSONArray("sessions").getJSONObject(0); + json = response.readEntity(JsonObject.class); + Assert.assertTrue(json.getJsonArray("sessions").size() > 0); + JsonObject session = json.getJsonArray("sessions").getJsonObject(0); Assert.assertEquals("127.0.0.1", session.getString("ip")); - Assert.assertTrue(session.getString("user_agent").startsWith("Java")); + Assert.assertTrue(session.getString("user_agent").startsWith("Jersey")); // Delete all sessions - userResource = resource().path("/user/session"); - userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken)); - response = userResource.delete(ClientResponse.class); + response = target().path("/user/session").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken) + .delete(); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); // Check bob user information with token 2 (just deleted) - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken2)); - response = userResource.get(ClientResponse.class); + response = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken2) + .get(); Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals(true, json.getBoolean("anonymous")); // Check alice user information - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken)); - response = userResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken) + .get(JsonObject.class); Assert.assertEquals("alice@docs.com", json.getString("email")); - Assert.assertEquals("default.less", json.getString("theme")); Assert.assertFalse(json.getBoolean("first_connection")); Assert.assertFalse(json.getBoolean("is_default_password")); // Check bob user information - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken)); - response = userResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken) + .get(JsonObject.class); Assert.assertEquals("bob@docs.com", json.getString("email")); - Assert.assertEquals("fr", json.getString("locale")); // Test login KO (user not found) - userResource = resource().path("/user/login"); - postParams.putSingle("username", "intruder"); - postParams.putSingle("password", "12345678"); - response = userResource.post(ClientResponse.class, postParams); + response = target().path("/user/login").request() + .post(Entity.form(new Form() + .param("username", "intruder") + .param("password", "12345678"))); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); // Test login KO (wrong password) - userResource = resource().path("/user/login"); - postParams.putSingle("username", "alice"); - postParams.putSingle("password", "error"); - response = userResource.post(ClientResponse.class, postParams); + response = target().path("/user/login").request() + .post(Entity.form(new Form() + .param("username", "alice") + .param("password", "error"))); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); // User alice updates her information + changes her email - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken)); - postParams = new MultivaluedMapImpl(); - postParams.add("email", " alice2@docs.com "); - postParams.add("theme", " default.less "); - postParams.add("locale", " en "); - response = userResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken) + .post(Entity.form(new Form() + .param("email", " alice2@docs.com ")), JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // Check the update - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken)); - response = userResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken) + .get(JsonObject.class); Assert.assertEquals("alice2@docs.com", json.getString("email")); // Delete user alice - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken)); - response = userResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); + target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken) + .delete(); // Check the deletion - userResource = resource().path("/user/login"); - postParams.putSingle("username", "alice"); - postParams.putSingle("password", "12345678"); - response = userResource.post(ClientResponse.class, postParams); + response = target().path("/user/login").request() + .post(Entity.form(new Form() + .param("username", "alice") + .param("password", "12345678"))); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); } @@ -236,86 +209,60 @@ public class TestUserResource extends BaseJerseyTest { * @throws JSONException */ @Test - public void testUserResourceAdmin() throws JSONException { - // Create admin_user1 user + public void testUserResourceAdmin() { + // Create admin_user1 user clientUtil.createUser("admin_user1"); // Login admin String adminAuthenticationToken = clientUtil.login("admin", "admin", false); // Check admin information - WebResource userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - ClientResponse response = userResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - JSONObject json = response.getEntity(JSONObject.class); + JsonObject json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .get(JsonObject.class); Assert.assertTrue(json.getBoolean("first_connection")); Assert.assertTrue(json.getBoolean("is_default_password")); // User admin updates his information - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - MultivaluedMapImpl postParams = new MultivaluedMapImpl(); - postParams.add("first_connection", false); - response = userResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .post(Entity.form(new Form() + .param("first_connection", "false")), JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // Check admin information update - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = userResource.get(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .get(JsonObject.class); Assert.assertFalse(json.getBoolean("first_connection")); // User admin update admin_user1 information - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - postParams = new MultivaluedMapImpl(); - postParams.add("email", " alice2@reader.com "); - postParams.add("theme", " default.less"); - postParams.add("locale", " en "); - postParams.add("display_title_web", true); - postParams.add("display_title_mobile", false); - postParams.add("display_unread_web", false); - postParams.add("display_unread_mobile", false); - response = userResource.post(ClientResponse.class, postParams); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .post(Entity.form(new Form() + .param("email", " alice2@docs.com ")), JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // User admin deletes himself: forbidden - userResource = resource().path("/user"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = userResource.delete(ClientResponse.class); + Response response = target().path("/user").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); - Assert.assertEquals("ForbiddenError", json.getString("type")); - - // User admin deletes himself: forbidden - userResource = resource().path("/user/admin"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = userResource.delete(ClientResponse.class); - Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("ForbiddenError", json.getString("type")); // User admin deletes user admin_user1 - userResource = resource().path("/user/admin_user1"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = userResource.delete(ClientResponse.class); - Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = target().path("/user/admin_user1").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .delete(JsonObject.class); Assert.assertEquals("ok", json.getString("status")); // User admin deletes user admin_user1 : KO (user doesn't exist) - userResource = resource().path("/user/admin_user1"); - userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken)); - response = userResource.delete(ClientResponse.class); + response = target().path("/user/admin_user1").request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken) + .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - json = response.getEntity(JSONObject.class); + json = response.readEntity(JsonObject.class); Assert.assertEquals("UserNotFound", json.getString("type")); } } \ No newline at end of file