#65: Vocabulary modification for admin only

This commit is contained in:
jendib 2016-02-14 21:06:39 +01:00
parent 98497f2a37
commit 47082ceee9
3 changed files with 15 additions and 13 deletions

View File

@ -74,7 +74,6 @@ public class UserResource extends BaseResource {
@FormParam("password") String password, @FormParam("password") String password,
@FormParam("email") String email, @FormParam("email") String email,
@FormParam("storage_quota") String storageQuotaStr) { @FormParam("storage_quota") String storageQuotaStr) {
if (!authenticate()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
@ -132,7 +131,6 @@ public class UserResource extends BaseResource {
public Response update( public Response update(
@FormParam("password") String password, @FormParam("password") String password,
@FormParam("email") String email) { @FormParam("email") String email) {
if (!authenticate()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
@ -176,7 +174,6 @@ public class UserResource extends BaseResource {
@FormParam("password") String password, @FormParam("password") String password,
@FormParam("email") String email, @FormParam("email") String email,
@FormParam("storage_quota") String storageQuotaStr) { @FormParam("storage_quota") String storageQuotaStr) {
if (!authenticate()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
@ -225,7 +222,6 @@ public class UserResource extends BaseResource {
@Path("check_username") @Path("check_username")
public Response checkUsername( public Response checkUsername(
@QueryParam("username") String username) { @QueryParam("username") String username) {
UserDao userDao = new UserDao(); UserDao userDao = new UserDao();
User user = userDao.getActiveByUsername(username); User user = userDao.getActiveByUsername(username);
@ -255,7 +251,6 @@ public class UserResource extends BaseResource {
@FormParam("username") String username, @FormParam("username") String username,
@FormParam("password") String password, @FormParam("password") String password,
@FormParam("remember") boolean longLasted) { @FormParam("remember") boolean longLasted) {
// Validate the input data // Validate the input data
username = StringUtils.strip(username); username = StringUtils.strip(username);
password = StringUtils.strip(password); password = StringUtils.strip(password);

View File

@ -17,6 +17,7 @@ import javax.ws.rs.core.Response.Status;
import com.sismics.docs.core.dao.jpa.VocabularyDao; import com.sismics.docs.core.dao.jpa.VocabularyDao;
import com.sismics.docs.core.model.jpa.Vocabulary; import com.sismics.docs.core.model.jpa.Vocabulary;
import com.sismics.docs.rest.constant.BaseFunction;
import com.sismics.rest.exception.ForbiddenClientException; import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.util.ValidationUtil; import com.sismics.rest.util.ValidationUtil;
@ -66,6 +67,7 @@ public class VocabularyResource extends BaseResource {
if (!authenticate()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
checkBaseFunction(BaseFunction.ADMIN);
// Validate input data // Validate input data
name = ValidationUtil.validateLength(name, "name", 1, 50, false); name = ValidationUtil.validateLength(name, "name", 1, 50, false);
@ -107,6 +109,7 @@ public class VocabularyResource extends BaseResource {
if (!authenticate()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
checkBaseFunction(BaseFunction.ADMIN);
// Validate input data // Validate input data
name = ValidationUtil.validateLength(name, "name", 1, 50, true); name = ValidationUtil.validateLength(name, "name", 1, 50, true);
@ -157,6 +160,7 @@ public class VocabularyResource extends BaseResource {
if (!authenticate()) { if (!authenticate()) {
throw new ForbiddenClientException(); throw new ForbiddenClientException();
} }
checkBaseFunction(BaseFunction.ADMIN);
// Get the vocabulary // Get the vocabulary
VocabularyDao vocabularyDao = new VocabularyDao(); VocabularyDao vocabularyDao = new VocabularyDao();

View File

@ -28,6 +28,9 @@ public class TestVocabularyResource extends BaseJerseyTest {
clientUtil.createUser("vocabulary1"); clientUtil.createUser("vocabulary1");
String vocabulary1Token = clientUtil.login("vocabulary1"); String vocabulary1Token = clientUtil.login("vocabulary1");
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
// Get coverage vocabularies entries // Get coverage vocabularies entries
JsonObject json = target().path("/vocabulary/coverage").request() JsonObject json = target().path("/vocabulary/coverage").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, vocabulary1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, vocabulary1Token)
@ -42,9 +45,9 @@ public class TestVocabularyResource extends BaseJerseyTest {
Assert.assertEquals("Zimbabwe", entry.getString("value")); Assert.assertEquals("Zimbabwe", entry.getString("value"));
Assert.assertEquals(248, entry.getJsonNumber("order").intValue()); Assert.assertEquals(248, entry.getJsonNumber("order").intValue());
// Create a vocabulary entry with vocabulary1 // Create a vocabulary entry with admin
json = target().path("/vocabulary").request() json = target().path("/vocabulary").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, vocabulary1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.put(Entity.form(new Form() .put(Entity.form(new Form()
.param("name", "test-voc-1") .param("name", "test-voc-1")
.param("value", "First value") .param("value", "First value")
@ -55,9 +58,9 @@ public class TestVocabularyResource extends BaseJerseyTest {
Assert.assertEquals("First value", json.getString("value")); Assert.assertEquals("First value", json.getString("value"));
Assert.assertEquals(0, json.getJsonNumber("order").intValue()); Assert.assertEquals(0, json.getJsonNumber("order").intValue());
// Create a vocabulary entry with vocabulary1 // Create a vocabulary entry with admin
Response response = target().path("/vocabulary").request() Response response = target().path("/vocabulary").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, vocabulary1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.put(Entity.form(new Form() .put(Entity.form(new Form()
.param("name", "NOT_VALID") .param("name", "NOT_VALID")
.param("value", "First value") .param("value", "First value")
@ -74,9 +77,9 @@ public class TestVocabularyResource extends BaseJerseyTest {
Assert.assertEquals("First value", entry.getString("value")); Assert.assertEquals("First value", entry.getString("value"));
Assert.assertEquals(0, entry.getJsonNumber("order").intValue()); Assert.assertEquals(0, entry.getJsonNumber("order").intValue());
// Update a vocabulary entry with vocabulary1 // Update a vocabulary entry with admin
json = target().path("/vocabulary/" + vocabulary1Id).request() json = target().path("/vocabulary/" + vocabulary1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, vocabulary1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.post(Entity.form(new Form() .post(Entity.form(new Form()
.param("name", "test-voc-1-updated") .param("name", "test-voc-1-updated")
.param("value", "First value updated") .param("value", "First value updated")
@ -96,9 +99,9 @@ public class TestVocabularyResource extends BaseJerseyTest {
Assert.assertEquals("First value updated", entry.getString("value")); Assert.assertEquals("First value updated", entry.getString("value"));
Assert.assertEquals(1, entry.getJsonNumber("order").intValue()); Assert.assertEquals(1, entry.getJsonNumber("order").intValue());
// Delete a vocabulary entry with vocabulary1 // Delete a vocabulary entry with admin
json = target().path("/vocabulary/" + vocabulary1Id).request() json = target().path("/vocabulary/" + vocabulary1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, vocabulary1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.delete(JsonObject.class); .delete(JsonObject.class);
// Get test-voc-1-updated vocabularies entries // Get test-voc-1-updated vocabularies entries