vmario/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2024-06-18 07:51:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

#18: PUT /group

Browse Source
This commit is contained in:
jendib 2016-03-17 01:43:10 +01:00
parent eb5f207cc1
commit 43a1575187
10 changed files with 204 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs-core/src/main/java/com/sismics/docs/core/dao/jpa/GroupDao.java
View File

@ -20,15 +20,17 @@ import com.sismics.util.context.ThreadLocalContext;
*/
public class GroupDao {
/**
* Gets a group by its ID.
* Returns a group by name.
*
* @param id Group ID
* @return Group
* @param name Name
* @return Tag
*/
public Group getById(String id) {
public Group getByName(String name) {
EntityManager em = ThreadLocalContext.get().getEntityManager();
Query q = em.createQuery("select g from Group g where g.name = :name and g.deleteDate is null");
q.setParameter("name", name);
try {
return em.find(Group.class, id);
return (Group) q.getSingleResult();
} catch (NoResultException e) {
return null;
}

12
docs-core/src/main/java/com/sismics/docs/core/model/jpa/Group.java
View File

@ -46,24 +46,27 @@ public class Group implements Loggable {
return id;
}
public void setId(String id) {
public Group setId(String id) {
this.id = id;
return this;
}
public String getParentId() {
return parentId;
}
public void setParentId(String parentId) {
public Group setParentId(String parentId) {
this.parentId = parentId;
return this;
}
public String getName() {
return name;
}
public void setName(String name) {
public Group setName(String name) {
this.name = name;
return this;
}
@Override
@ -71,8 +74,9 @@ public class Group implements Loggable {
return deleteDate;
}
public void setDeleteDate(Date deleteDate) {
public Group setDeleteDate(Date deleteDate) {
this.deleteDate = deleteDate;
return this;
}
@Override

70
docs-web/src/main/java/com/sismics/docs/rest/resource/GroupResource.java Normal file
View File

@ -0,0 +1,70 @@
package com.sismics.docs.rest.resource;
import java.text.MessageFormat;
import javax.json.Json;
import javax.json.JsonObjectBuilder;
import javax.ws.rs.FormParam;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.core.Response;
import com.google.common.base.Strings;
import com.sismics.docs.core.dao.jpa.GroupDao;
import com.sismics.docs.core.model.jpa.Group;
import com.sismics.docs.rest.constant.BaseFunction;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.util.ValidationUtil;
/**
* Group REST resources.
*
* @author bgamard
*/
@Path("/group")
public class GroupResource extends BaseResource {
/**
* Add a group.
*
* @return Response
*/
@PUT
public Response add(@FormParam("parent") String parentName,
@FormParam("name") String name) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
checkBaseFunction(BaseFunction.ADMIN);
// Validate input
name = ValidationUtil.validateLength(name, "name", 1, 50, false);
// Avoid duplicates
GroupDao groupDao = new GroupDao();
Group existingGroup = groupDao.getByName(name);
if (existingGroup != null) {
throw new ClientException("GroupAlreadyExists", MessageFormat.format("This group already exists: {0}", name));
}
// Validate parent
String parentId = null;
if (!Strings.isNullOrEmpty(parentName)) {
Group parentGroup = groupDao.getByName(parentName);
if (parentGroup == null) {
throw new ClientException("ParentGroupNotFound", MessageFormat.format("This group doest not exists: {0}", parentName));
}
parentId = parentGroup.getId();
}
// Create the group
groupDao.create(new Group()
.setName(name)
.setParentId(parentId), principal.getId());
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
}

16
docs-web/src/test/java/com/sismics/docs/rest/TestAppResource.java
View File

@ -27,11 +27,11 @@ public class TestAppResource extends BaseJerseyTest {
@Test
public void testAppResource() {
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
String adminToken = clientUtil.login("admin", "admin", false);
// Check the application info
JsonObject json = target().path("/app").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
String currentVersion = json.getString("current_version");
Assert.assertNotNull(currentVersion);
@ -44,19 +44,19 @@ public class TestAppResource extends BaseJerseyTest {
// Rebuild Lucene index
Response response = target().path("/app/batch/reindex").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
// Clean storage
response = target().path("/app/batch/clean_storage").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
// Recompute quota
response = target().path("/app/batch/recompute_quota").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
}
@ -69,13 +69,13 @@ public class TestAppResource extends BaseJerseyTest {
@Test
public void testLogResource() {
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
String adminToken = clientUtil.login("admin", "admin", false);
// Check the logs (page 1)
JsonObject json = target().path("/app/log")
.queryParam("level", "DEBUG")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
JsonArray logs = json.getJsonArray("logs");
Assert.assertTrue(logs.size() > 0);
@ -88,7 +88,7 @@ public class TestAppResource extends BaseJerseyTest {
.queryParam("offset", "10")
.queryParam("level", "DEBUG")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
logs = json.getJsonArray("logs");
Assert.assertTrue(logs.size() > 0);

66
docs-web/src/test/java/com/sismics/docs/rest/TestFileResource.java
View File

@ -42,12 +42,12 @@ public class TestFileResource extends BaseJerseyTest {
public void testFileResource() throws Exception {
// Login file1
clientUtil.createUser("file1");
String file1AuthenticationToken = clientUtil.login("file1");
String file1Token = clientUtil.login("file1");
// Create a document
long create1Date = new Date().getTime();
JsonObject json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.put(Entity.form(new Form()
.param("title", "File test document 1")
.param("language", "eng")
@ -63,7 +63,7 @@ public class TestFileResource extends BaseJerseyTest {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
@ -80,7 +80,7 @@ public class TestFileResource extends BaseJerseyTest {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file2Id = json.getString("id");
@ -90,7 +90,7 @@ public class TestFileResource extends BaseJerseyTest {
// Get the file data
Response response = target().path("/file/" + file1Id + "/data").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get();
InputStream is = (InputStream) response.getEntity();
byte[] fileBytes = ByteStreams.toByteArray(is);
@ -101,7 +101,7 @@ public class TestFileResource extends BaseJerseyTest {
response = target().path("/file/" + file1Id + "/data")
.queryParam("size", "thumb")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
is = (InputStream) response.getEntity();
@ -113,7 +113,7 @@ public class TestFileResource extends BaseJerseyTest {
response = target().path("/file/" + file1Id + "/data")
.queryParam("size", "web")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
is = (InputStream) response.getEntity();
@ -131,7 +131,7 @@ public class TestFileResource extends BaseJerseyTest {
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get(JsonObject.class);
JsonArray files = json.getJsonArray("files");
Assert.assertEquals(2, files.size());
@ -141,7 +141,7 @@ public class TestFileResource extends BaseJerseyTest {
// Reorder files
json = target().path("/file/reorder").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.post(Entity.form(new Form()
.param("id", document1Id)
.param("order", file2Id)
@ -151,7 +151,7 @@ public class TestFileResource extends BaseJerseyTest {
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get(JsonObject.class);
files = json.getJsonArray("files");
Assert.assertEquals(2, files.size());
@ -162,7 +162,7 @@ public class TestFileResource extends BaseJerseyTest {
response = target().path("/file/zip")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get();
is = (InputStream) response.getEntity();
fileBytes = ByteStreams.toByteArray(is);
@ -170,13 +170,13 @@ public class TestFileResource extends BaseJerseyTest {
// Deletes a file
json = target().path("/file/" + file1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Get the file data (not found)
response = target().path("/file/" + file1Id + "/data").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get();
Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus()));
@ -192,7 +192,7 @@ public class TestFileResource extends BaseJerseyTest {
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1Token)
.get(JsonObject.class);
files = json.getJsonArray("files");
Assert.assertEquals(1, files.size());
@ -202,7 +202,7 @@ public class TestFileResource extends BaseJerseyTest {
public void testOrphanFile() throws Exception {
// Login file2
clientUtil.createUser("file2");
String file2AuthenticationToken = clientUtil.login("file2");
String file2Token = clientUtil.login("file2");
// Add a file
String file1Id = null;
@ -212,7 +212,7 @@ public class TestFileResource extends BaseJerseyTest {
JsonObject json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
@ -222,14 +222,14 @@ public class TestFileResource extends BaseJerseyTest {
// Get all orphan files
JsonObject json = target().path("/file/list").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.get(JsonObject.class);
JsonArray files = json.getJsonArray("files");
Assert.assertEquals(1, files.size());
// Get the file data
Response response = target().path("/file/" + file1Id + "/data").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.get();
InputStream is = (InputStream) response.getEntity();
byte[] fileBytes = ByteStreams.toByteArray(is);
@ -238,7 +238,7 @@ public class TestFileResource extends BaseJerseyTest {
// Create a document
json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.put(Entity.form(new Form()
.param("title", "File test document 1")
.param("language", "eng")), JsonObject.class);
@ -247,7 +247,7 @@ public class TestFileResource extends BaseJerseyTest {
// Attach a file to a document
json = target().path("/file/" + file1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.post(Entity.form(new Form()
.param("id", document1Id)), JsonObject.class);
@ -255,7 +255,7 @@ public class TestFileResource extends BaseJerseyTest {
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.get(JsonObject.class);
files = json.getJsonArray("files");
Assert.assertEquals(1, files.size());
@ -268,7 +268,7 @@ public class TestFileResource extends BaseJerseyTest {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file2Id = json.getString("id");
@ -278,7 +278,7 @@ public class TestFileResource extends BaseJerseyTest {
// Deletes a file
json = target().path("/file/" + file2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2Token)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
}
@ -287,7 +287,7 @@ public class TestFileResource extends BaseJerseyTest {
public void testQuota() throws Exception {
// Login file_quota
clientUtil.createUser("file_quota");
String fileQuotaAuthenticationToken = clientUtil.login("file_quota");
String fileQuotaToken = clientUtil.login("file_quota");
// Add a file (292641 bytes large)
String file1Id = null;
@ -297,7 +297,7 @@ public class TestFileResource extends BaseJerseyTest {
JsonObject json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
@ -307,7 +307,7 @@ public class TestFileResource extends BaseJerseyTest {
// Check current quota
JsonObject json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.get(JsonObject.class);
Assert.assertEquals(292641l, json.getJsonNumber("storage_current").longValue());
@ -318,7 +318,7 @@ public class TestFileResource extends BaseJerseyTest {
target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
}
@ -326,7 +326,7 @@ public class TestFileResource extends BaseJerseyTest {
// Check current quota
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.get(JsonObject.class);
Assert.assertEquals(585282l, json.getJsonNumber("storage_current").longValue());
@ -337,7 +337,7 @@ public class TestFileResource extends BaseJerseyTest {
target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
}
@ -345,7 +345,7 @@ public class TestFileResource extends BaseJerseyTest {
// Check current quota
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.get(JsonObject.class);
Assert.assertEquals(877923l, json.getJsonNumber("storage_current").longValue());
@ -356,7 +356,7 @@ public class TestFileResource extends BaseJerseyTest {
Response response = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE));
Assert.assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
@ -365,13 +365,13 @@ public class TestFileResource extends BaseJerseyTest {
// Deletes a file
json = target().path("/file/" + file1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Check current quota
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, fileQuotaToken)
.get(JsonObject.class);
Assert.assertEquals(585282l, json.getJsonNumber("storage_current").longValue());
}

34
docs-web/src/test/java/com/sismics/docs/rest/TestGroupResource.java Normal file
View File

@ -0,0 +1,34 @@
package com.sismics.docs.rest;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import org.junit.Test;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Test the group resource.
*
* @author bgamard
*/
public class TestGroupResource extends BaseJerseyTest {
/**
* Test the group resource.
*
* @throws JSONException
*/
@Test
public void testGroupResource() {
// Login admin
String adminToken = clientUtil.login("admin", "admin", false);
// Create a group
target().path("/group").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("name", "Group 1")), JsonObject.class);
}
}

18
docs-web/src/test/java/com/sismics/docs/rest/TestSecurity.java
View File

@ -38,11 +38,11 @@ public class TestSecurity extends BaseJerseyTest {
Assert.assertEquals("You don't have access to this resource", json.getString("message"));
// User testsecurity logs in
String testSecurityAuthenticationToken = clientUtil.login("testsecurity");
String testSecurityToken = clientUtil.login("testsecurity");
// User testsecurity creates a new user KO : no permission
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityToken)
.put(Entity.form(new Form()));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
Assert.assertEquals("ForbiddenError", json.getString("type"));
@ -50,29 +50,29 @@ public class TestSecurity extends BaseJerseyTest {
// User testsecurity changes his email OK
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityToken)
.post(Entity.form(new Form()
.param("email", "testsecurity2@docs.com")), JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// User testsecurity logs out
response = target().path("/user/logout").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
testSecurityAuthenticationToken = clientUtil.getAuthenticationCookie(response);
Assert.assertTrue(StringUtils.isEmpty(testSecurityAuthenticationToken));
testSecurityToken = clientUtil.getAuthenticationCookie(response);
Assert.assertTrue(StringUtils.isEmpty(testSecurityToken));
// User testsecurity logs out KO : he is not connected anymore
response = target().path("/user/logout").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
// User testsecurity logs in with a long lived session
testSecurityAuthenticationToken = clientUtil.login("testsecurity", "12345678", true);
testSecurityToken = clientUtil.login("testsecurity", "12345678", true);
// User testsecurity logs out
clientUtil.logout(testSecurityAuthenticationToken);
clientUtil.logout(testSecurityToken);
}
}

16
docs-web/src/test/java/com/sismics/docs/rest/TestShareResource.java
View File

@ -36,11 +36,11 @@ public class TestShareResource extends BaseJerseyTest {
public void testShareResource() throws Exception {
// Login share1
clientUtil.createUser("share1");
String share1AuthenticationToken = clientUtil.login("share1");
String share1Token = clientUtil.login("share1");
// Create a document
JsonObject json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1Token)
.put(Entity.form(new Form()
.param("title", "File test document 1")
.param("language", "eng")), JsonObject.class);
@ -55,7 +55,7 @@ public class TestShareResource extends BaseJerseyTest {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1Token)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
@ -64,7 +64,7 @@ public class TestShareResource extends BaseJerseyTest {
// Share this document
json = target().path("/share").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1Token)
.put(Entity.form(new Form()
.param("id", document1Id)
.param("name", "4 All")), JsonObject.class);
@ -107,9 +107,9 @@ public class TestShareResource extends BaseJerseyTest {
// Deletes the share (not allowed)
clientUtil.createUser("share2");
String share2AuthenticationToken = clientUtil.login("share2");
String share2Token = clientUtil.login("share2");
response = target().path("/share/" + share1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share2AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share2Token)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.readEntity(JsonObject.class);
@ -117,13 +117,13 @@ public class TestShareResource extends BaseJerseyTest {
// Deletes the share
json = target().path("/share/" + share1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1Token)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Deletes the share again
response = target().path("/share/" + share1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1Token)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.readEntity(JsonObject.class);

44
docs-web/src/test/java/com/sismics/docs/rest/TestUserResource.java
View File

@ -37,14 +37,14 @@ public class TestUserResource extends BaseJerseyTest {
clientUtil.createUser("alice");
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
String adminToken = clientUtil.login("admin", "admin", false);
// List all users
json = target().path("/user/list")
.queryParam("sort_column", 2)
.queryParam("asc", false)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
JsonArray users = json.getJsonArray("users");
Assert.assertTrue(users.size() > 0);
@ -58,7 +58,7 @@ public class TestUserResource extends BaseJerseyTest {
// Create a user KO (login length validation)
Response response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("username", " bb ")
.param("email", "bob@docs.com")
@ -71,7 +71,7 @@ public class TestUserResource extends BaseJerseyTest {
// Create a user KO (login format validation)
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("username", "bob-")
.param("email", "bob@docs.com")
@ -84,7 +84,7 @@ public class TestUserResource extends BaseJerseyTest {
// Create a user KO (invalid quota)
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("username", "bob")
.param("email", "bob@docs.com")
@ -97,7 +97,7 @@ public class TestUserResource extends BaseJerseyTest {
// Create a user KO (email format validation)
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("username", "bob")
.param("email", "bobdocs.com")
@ -115,12 +115,12 @@ public class TestUserResource extends BaseJerseyTest {
.param("password", " 12345678 ")
.param("storage_quota", "10");
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(form), JsonObject.class);
// Create a user bob KO : duplicate username
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(form));
Assert.assertNotSame(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.readEntity(JsonObject.class);
@ -144,12 +144,12 @@ public class TestUserResource extends BaseJerseyTest {
String aliceAuthToken = clientUtil.getAuthenticationCookie(response);
// Login user bob twice
String bobAuthToken = clientUtil.login("bob");
String bobAuthToken2 = clientUtil.login("bob");
String bobToken = clientUtil.login("bob");
String bobToken2 = clientUtil.login("bob");
// List sessions
response = target().path("/user/session").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobToken)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.readEntity(JsonObject.class);
@ -160,13 +160,13 @@ public class TestUserResource extends BaseJerseyTest {
// Delete all sessions
response = target().path("/user/session").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobToken)
.delete();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
// Check bob user information with token 2 (just deleted)
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken2)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobToken2)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.readEntity(JsonObject.class);
@ -183,7 +183,7 @@ public class TestUserResource extends BaseJerseyTest {
// Check bob user information
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobToken)
.get(JsonObject.class);
Assert.assertEquals("bob@docs.com", json.getString("email"));
@ -238,11 +238,11 @@ public class TestUserResource extends BaseJerseyTest {
clientUtil.createUser("admin_user1");
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
String adminToken = clientUtil.login("admin", "admin", false);
// Check admin information
JsonObject json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
Assert.assertTrue(json.getBoolean("is_default_password"));
Assert.assertEquals(0l, json.getJsonNumber("storage_current").longValue());
@ -250,27 +250,27 @@ public class TestUserResource extends BaseJerseyTest {
// User admin updates his information
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()
.param("email", "newadminemail@docs.com")), JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Check admin information update
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.get(JsonObject.class);
Assert.assertEquals("newadminemail@docs.com", json.getString("email"));
// User admin update admin_user1 information
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()
.param("email", " alice2@docs.com ")), JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// User admin deletes himself: forbidden
Response response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.readEntity(JsonObject.class);
@ -278,13 +278,13 @@ public class TestUserResource extends BaseJerseyTest {
// User admin deletes user admin_user1
json = target().path("/user/admin_user1").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// User admin deletes user admin_user1 : KO (user doesn't exist)
response = target().path("/user/admin_user1").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.readEntity(JsonObject.class);

10
docs-web/src/test/java/com/sismics/docs/rest/TestVocabularyResource.java
View File

@ -29,7 +29,7 @@ public class TestVocabularyResource extends BaseJerseyTest {
String vocabulary1Token = clientUtil.login("vocabulary1");
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
String adminToken = clientUtil.login("admin", "admin", false);
// Get coverage vocabularies entries
JsonObject json = target().path("/vocabulary/coverage").request()
@ -49,7 +49,7 @@ public class TestVocabularyResource extends BaseJerseyTest {
// Create a vocabulary entry with admin
json = target().path("/vocabulary").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("name", "test-voc-1")
.param("value", "First value")
@ -62,7 +62,7 @@ public class TestVocabularyResource extends BaseJerseyTest {
// Create a vocabulary entry with admin
Response response = target().path("/vocabulary").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.put(Entity.form(new Form()
.param("name", "NOT_VALID")
.param("value", "First value")
@ -81,7 +81,7 @@ public class TestVocabularyResource extends BaseJerseyTest {
// Update a vocabulary entry with admin
json = target().path("/vocabulary/" + vocabulary1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.post(Entity.form(new Form()
.param("name", "test-voc-1-updated")
.param("value", "First value updated")
@ -103,7 +103,7 @@ public class TestVocabularyResource extends BaseJerseyTest {
// Delete a vocabulary entry with admin
json = target().path("/vocabulary/" + vocabulary1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminToken)
.delete(JsonObject.class);
// Get test-voc-1-updated vocabularies entries