diff --git a/README.md b/README.md index 44bb3514..abec9cc2 100644 --- a/README.md +++ b/README.md @@ -51,7 +51,7 @@ Features - RESTful Web API - Fully featured Android client - [Bulk files importer](https://github.com/sismics/docs/tree/master/docs-importer) (single or scan mode) ![New!](https://www.sismics.com/public/img/new.png) -- Tested to 100k documents +- Tested to one million documents Install with Docker ------------------- diff --git a/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java b/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java index 79d2106a..d3402d6f 100644 --- a/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java +++ b/docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java @@ -1,6 +1,8 @@ package com.sismics.docs.rest; -import java.util.Date; +import com.sismics.util.filter.TokenBasedSecurityFilter; +import org.junit.Assert; +import org.junit.Test; import javax.json.JsonArray; import javax.json.JsonObject; @@ -8,16 +10,12 @@ import javax.ws.rs.client.Entity; import javax.ws.rs.core.Form; import javax.ws.rs.core.Response; import javax.ws.rs.core.Response.Status; - -import org.junit.Assert; -import org.junit.Test; - -import com.sismics.util.filter.TokenBasedSecurityFilter; +import java.util.Date; /** * Test the ACL resource. - * + * * @author bgamard */ public class TestAclResource extends BaseJerseyTest { @@ -28,15 +26,15 @@ public class TestAclResource extends BaseJerseyTest { public void testAclResource() { // Create aclGroup2 clientUtil.createGroup("aclGroup2"); - + // Login acl1 clientUtil.createUser("acl1"); String acl1Token = clientUtil.login("acl1"); - + // Login acl2 clientUtil.createUser("acl2", "aclGroup2"); String acl2Token = clientUtil.login("acl2"); - + // Create a document with acl1 JsonObject json = target().path("/document").request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -45,7 +43,7 @@ public class TestAclResource extends BaseJerseyTest { .param("language", "eng") .param("create_date", Long.toString(new Date().getTime()))), JsonObject.class); String document1Id = json.getString("id"); - + // Get the document as acl1 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -53,13 +51,23 @@ public class TestAclResource extends BaseJerseyTest { Assert.assertEquals(document1Id, json.getString("id")); JsonArray acls = json.getJsonArray("acls"); Assert.assertEquals(2, acls.size()); - + // Get the document as acl2 Response response = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .get(); Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus())); - + + // List all documents with acl2 + json = target().path("/document/list") + .queryParam("sort_column", 3) + .queryParam("asc", true) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) + .get(JsonObject.class); + JsonArray documents = json.getJsonArray("documents"); + Assert.assertEquals(0, documents.size()); + // Add an ACL READ for acl2 with acl1 json = target().path("/acl").request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -69,7 +77,7 @@ public class TestAclResource extends BaseJerseyTest { .param("target", "acl2") .param("type", "USER")), JsonObject.class); String acl2Id = json.getString("id"); - + // Add an ACL WRITE for acl2 with acl1 target().path("/acl").request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -78,7 +86,17 @@ public class TestAclResource extends BaseJerseyTest { .param("perm", "WRITE") .param("target", "acl2") .param("type", "USER")), JsonObject.class); - + + // List all documents with acl2 + json = target().path("/document/list") + .queryParam("sort_column", 3) + .queryParam("asc", true) + .request() + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) + .get(JsonObject.class); + documents = json.getJsonArray("documents"); + Assert.assertEquals(1, documents.size()); + // Add an ACL WRITE for acl2 with acl1 (again) target().path("/acl").request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -87,7 +105,7 @@ public class TestAclResource extends BaseJerseyTest { .param("perm", "WRITE") .param("target", "acl2") .param("type", "USER")), JsonObject.class); - + // Add an ACL READ for aclGroup2 with acl1 json = target().path("/acl").request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -97,7 +115,7 @@ public class TestAclResource extends BaseJerseyTest { .param("target", "aclGroup2") .param("type", "GROUP")), JsonObject.class); String aclGroup2Id = json.getString("id"); - + // Add an ACL WRITE for aclGroup2 with acl1 target().path("/acl").request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -106,7 +124,7 @@ public class TestAclResource extends BaseJerseyTest { .param("perm", "WRITE") .param("target", "aclGroup2") .param("type", "GROUP")), JsonObject.class); - + // List all documents with acl2 json = target().path("/document/list") .queryParam("sort_column", 3) @@ -114,9 +132,9 @@ public class TestAclResource extends BaseJerseyTest { .request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .get(JsonObject.class); - JsonArray documents = json.getJsonArray("documents"); + documents = json.getJsonArray("documents"); Assert.assertEquals(1, documents.size()); - + // Get the document as acl1 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -125,7 +143,7 @@ public class TestAclResource extends BaseJerseyTest { acls = json.getJsonArray("acls"); Assert.assertEquals(6, acls.size()); Assert.assertTrue(json.getBoolean("writable")); - + // Get the document as acl2 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) @@ -134,7 +152,7 @@ public class TestAclResource extends BaseJerseyTest { acls = json.getJsonArray("acls"); Assert.assertEquals(6, acls.size()); Assert.assertTrue(json.getBoolean("writable")); - + // Update the document as acl2 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) @@ -142,7 +160,7 @@ public class TestAclResource extends BaseJerseyTest { .param("title", "My new super document 1") .param("language", "eng")), JsonObject.class); Assert.assertEquals(document1Id, json.getString("id")); - + // Get the document as acl2 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) @@ -150,12 +168,12 @@ public class TestAclResource extends BaseJerseyTest { Assert.assertEquals(document1Id, json.getString("id")); JsonArray contributors = json.getJsonArray("contributors"); Assert.assertEquals(2, contributors.size()); - + // Delete the ACL WRITE for acl2 with acl2 target().path("/acl/" + document1Id + "/WRITE/" + acl2Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .delete(JsonObject.class); - + // Get the document as acl2 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) @@ -164,12 +182,12 @@ public class TestAclResource extends BaseJerseyTest { acls = json.getJsonArray("acls"); Assert.assertEquals(5, acls.size()); Assert.assertTrue(json.getBoolean("writable")); // Writable by aclGroup2 - + // Delete the ACL WRITE for aclGroup2 with acl2 target().path("/acl/" + document1Id + "/WRITE/" + aclGroup2Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .delete(JsonObject.class); - + // Get the document as acl2 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) @@ -178,28 +196,28 @@ public class TestAclResource extends BaseJerseyTest { acls = json.getJsonArray("acls"); Assert.assertEquals(4, acls.size()); Assert.assertFalse(json.getBoolean("writable")); - + // Delete the ACL READ for acl2 with acl2 (not authorized) response = target().path("/acl/" + document1Id + "/READ/" + acl2Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .delete(); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); - + // Delete the ACL READ for acl2 with acl1 target().path("/acl/" + document1Id + "/READ/" + acl2Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .delete(JsonObject.class); - + // Get the document as acl2 (visible by group) target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .get(JsonObject.class); - + // Delete the ACL READ for aclGroup2 with acl1 target().path("/acl/" + document1Id + "/READ/" + aclGroup2Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .delete(JsonObject.class); - + // Get the document as acl1 json = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) @@ -208,25 +226,25 @@ public class TestAclResource extends BaseJerseyTest { acls = json.getJsonArray("acls"); Assert.assertEquals(2, acls.size()); String acl1Id = acls.getJsonObject(0).getString("id"); - + // Get the document as acl2 response = target().path("/document/" + document1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .get(); Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus())); - + // Delete the ACL READ for acl1 with acl1 response = target().path("/acl/" + document1Id + "/READ/" + acl1Id).request() - .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) - .delete(); + .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) + .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - + // Delete the ACL WRITE for acl1 with acl1 response = target().path("/acl/" + document1Id + "/WRITE/" + acl1Id).request() .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .delete(); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); - + // Search target list (acl) json = target().path("/acl/target/search") .queryParam("search", "acl") @@ -237,7 +255,7 @@ public class TestAclResource extends BaseJerseyTest { Assert.assertTrue(users.size() > 0); JsonArray groups = json.getJsonArray("groups"); Assert.assertTrue(groups.size() > 0); - + // Search target list (admin) json = target().path("/acl/target/search") .queryParam("search", "admin")