vmario/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2024-11-25 15:17:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

more tests + 1M tested

Browse Source
This commit is contained in:
Benjamin Gamard 2018-04-01 21:00:26 +02:00
parent 90a3d7aa68
commit 68729e3b54
2 changed files with 58 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -51,7 +51,7 @@ Features
- RESTful Web API - RESTful Web API
- Fully featured Android client - Fully featured Android client
- [Bulk files importer](https://github.com/sismics/docs/tree/master/docs-importer) (single or scan mode) ![New!](https://www.sismics.com/public/img/new.png) - [Bulk files importer](https://github.com/sismics/docs/tree/master/docs-importer) (single or scan mode) ![New!](https://www.sismics.com/public/img/new.png)
- Tested to 100k documents - Tested to one million documents
Install with Docker Install with Docker
------------------- -------------------

96
docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java
View File

@ -1,6 +1,8 @@
package com.sismics.docs.rest; package com.sismics.docs.rest;
import java.util.Date; import com.sismics.util.filter.TokenBasedSecurityFilter;
import org.junit.Assert;
import org.junit.Test;
import javax.json.JsonArray; import javax.json.JsonArray;
import javax.json.JsonObject; import javax.json.JsonObject;
@ -8,16 +10,12 @@ import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form; import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import java.util.Date;
import org.junit.Assert;
import org.junit.Test;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/** /**
* Test the ACL resource. * Test the ACL resource.
* *
* @author bgamard * @author bgamard
*/ */
public class TestAclResource extends BaseJerseyTest { public class TestAclResource extends BaseJerseyTest {
@ -28,15 +26,15 @@ public class TestAclResource extends BaseJerseyTest {
public void testAclResource() { public void testAclResource() {
// Create aclGroup2 // Create aclGroup2
clientUtil.createGroup("aclGroup2"); clientUtil.createGroup("aclGroup2");
// Login acl1 // Login acl1
clientUtil.createUser("acl1"); clientUtil.createUser("acl1");
String acl1Token = clientUtil.login("acl1"); String acl1Token = clientUtil.login("acl1");
// Login acl2 // Login acl2
clientUtil.createUser("acl2", "aclGroup2"); clientUtil.createUser("acl2", "aclGroup2");
String acl2Token = clientUtil.login("acl2"); String acl2Token = clientUtil.login("acl2");
// Create a document with acl1 // Create a document with acl1
JsonObject json = target().path("/document").request() JsonObject json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -45,7 +43,7 @@ public class TestAclResource extends BaseJerseyTest {
.param("language", "eng") .param("language", "eng")
.param("create_date", Long.toString(new Date().getTime()))), JsonObject.class); .param("create_date", Long.toString(new Date().getTime()))), JsonObject.class);
String document1Id = json.getString("id"); String document1Id = json.getString("id");
// Get the document as acl1 // Get the document as acl1
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -53,13 +51,23 @@ public class TestAclResource extends BaseJerseyTest {
Assert.assertEquals(document1Id, json.getString("id")); Assert.assertEquals(document1Id, json.getString("id"));
JsonArray acls = json.getJsonArray("acls"); JsonArray acls = json.getJsonArray("acls");
Assert.assertEquals(2, acls.size()); Assert.assertEquals(2, acls.size());
// Get the document as acl2 // Get the document as acl2
Response response = target().path("/document/" + document1Id).request() Response response = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get(); .get();
Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus())); Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus()));
// List all documents with acl2
json = target().path("/document/list")
.queryParam("sort_column", 3)
.queryParam("asc", true)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get(JsonObject.class);
JsonArray documents = json.getJsonArray("documents");
Assert.assertEquals(0, documents.size());
// Add an ACL READ for acl2 with acl1 // Add an ACL READ for acl2 with acl1
json = target().path("/acl").request() json = target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -69,7 +77,7 @@ public class TestAclResource extends BaseJerseyTest {
.param("target", "acl2") .param("target", "acl2")
.param("type", "USER")), JsonObject.class); .param("type", "USER")), JsonObject.class);
String acl2Id = json.getString("id"); String acl2Id = json.getString("id");
// Add an ACL WRITE for acl2 with acl1 // Add an ACL WRITE for acl2 with acl1
target().path("/acl").request() target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -78,7 +86,17 @@ public class TestAclResource extends BaseJerseyTest {
.param("perm", "WRITE") .param("perm", "WRITE")
.param("target", "acl2") .param("target", "acl2")
.param("type", "USER")), JsonObject.class); .param("type", "USER")), JsonObject.class);
// List all documents with acl2
json = target().path("/document/list")
.queryParam("sort_column", 3)
.queryParam("asc", true)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get(JsonObject.class);
documents = json.getJsonArray("documents");
Assert.assertEquals(1, documents.size());
// Add an ACL WRITE for acl2 with acl1 (again) // Add an ACL WRITE for acl2 with acl1 (again)
target().path("/acl").request() target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -87,7 +105,7 @@ public class TestAclResource extends BaseJerseyTest {
.param("perm", "WRITE") .param("perm", "WRITE")
.param("target", "acl2") .param("target", "acl2")
.param("type", "USER")), JsonObject.class); .param("type", "USER")), JsonObject.class);
// Add an ACL READ for aclGroup2 with acl1 // Add an ACL READ for aclGroup2 with acl1
json = target().path("/acl").request() json = target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -97,7 +115,7 @@ public class TestAclResource extends BaseJerseyTest {
.param("target", "aclGroup2") .param("target", "aclGroup2")
.param("type", "GROUP")), JsonObject.class); .param("type", "GROUP")), JsonObject.class);
String aclGroup2Id = json.getString("id"); String aclGroup2Id = json.getString("id");
// Add an ACL WRITE for aclGroup2 with acl1 // Add an ACL WRITE for aclGroup2 with acl1
target().path("/acl").request() target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -106,7 +124,7 @@ public class TestAclResource extends BaseJerseyTest {
.param("perm", "WRITE") .param("perm", "WRITE")
.param("target", "aclGroup2") .param("target", "aclGroup2")
.param("type", "GROUP")), JsonObject.class); .param("type", "GROUP")), JsonObject.class);
// List all documents with acl2 // List all documents with acl2
json = target().path("/document/list") json = target().path("/document/list")
.queryParam("sort_column", 3) .queryParam("sort_column", 3)
@ -114,9 +132,9 @@ public class TestAclResource extends BaseJerseyTest {
.request() .request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get(JsonObject.class); .get(JsonObject.class);
JsonArray documents = json.getJsonArray("documents"); documents = json.getJsonArray("documents");
Assert.assertEquals(1, documents.size()); Assert.assertEquals(1, documents.size());
// Get the document as acl1 // Get the document as acl1
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -125,7 +143,7 @@ public class TestAclResource extends BaseJerseyTest {
acls = json.getJsonArray("acls"); acls = json.getJsonArray("acls");
Assert.assertEquals(6, acls.size()); Assert.assertEquals(6, acls.size());
Assert.assertTrue(json.getBoolean("writable")); Assert.assertTrue(json.getBoolean("writable"));
// Get the document as acl2 // Get the document as acl2
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
@ -134,7 +152,7 @@ public class TestAclResource extends BaseJerseyTest {
acls = json.getJsonArray("acls"); acls = json.getJsonArray("acls");
Assert.assertEquals(6, acls.size()); Assert.assertEquals(6, acls.size());
Assert.assertTrue(json.getBoolean("writable")); Assert.assertTrue(json.getBoolean("writable"));
// Update the document as acl2 // Update the document as acl2
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
@ -142,7 +160,7 @@ public class TestAclResource extends BaseJerseyTest {
.param("title", "My new super document 1") .param("title", "My new super document 1")
.param("language", "eng")), JsonObject.class); .param("language", "eng")), JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id")); Assert.assertEquals(document1Id, json.getString("id"));
// Get the document as acl2 // Get the document as acl2
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
@ -150,12 +168,12 @@ public class TestAclResource extends BaseJerseyTest {
Assert.assertEquals(document1Id, json.getString("id")); Assert.assertEquals(document1Id, json.getString("id"));
JsonArray contributors = json.getJsonArray("contributors"); JsonArray contributors = json.getJsonArray("contributors");
Assert.assertEquals(2, contributors.size()); Assert.assertEquals(2, contributors.size());
// Delete the ACL WRITE for acl2 with acl2 // Delete the ACL WRITE for acl2 with acl2
target().path("/acl/" + document1Id + "/WRITE/" + acl2Id).request() target().path("/acl/" + document1Id + "/WRITE/" + acl2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.delete(JsonObject.class); .delete(JsonObject.class);
// Get the document as acl2 // Get the document as acl2
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
@ -164,12 +182,12 @@ public class TestAclResource extends BaseJerseyTest {
acls = json.getJsonArray("acls"); acls = json.getJsonArray("acls");
Assert.assertEquals(5, acls.size()); Assert.assertEquals(5, acls.size());
Assert.assertTrue(json.getBoolean("writable")); // Writable by aclGroup2 Assert.assertTrue(json.getBoolean("writable")); // Writable by aclGroup2
// Delete the ACL WRITE for aclGroup2 with acl2 // Delete the ACL WRITE for aclGroup2 with acl2
target().path("/acl/" + document1Id + "/WRITE/" + aclGroup2Id).request() target().path("/acl/" + document1Id + "/WRITE/" + aclGroup2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.delete(JsonObject.class); .delete(JsonObject.class);
// Get the document as acl2 // Get the document as acl2
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
@ -178,28 +196,28 @@ public class TestAclResource extends BaseJerseyTest {
acls = json.getJsonArray("acls"); acls = json.getJsonArray("acls");
Assert.assertEquals(4, acls.size()); Assert.assertEquals(4, acls.size());
Assert.assertFalse(json.getBoolean("writable")); Assert.assertFalse(json.getBoolean("writable"));
// Delete the ACL READ for acl2 with acl2 (not authorized) // Delete the ACL READ for acl2 with acl2 (not authorized)
response = target().path("/acl/" + document1Id + "/READ/" + acl2Id).request() response = target().path("/acl/" + document1Id + "/READ/" + acl2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.delete(); .delete();
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus())); Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
// Delete the ACL READ for acl2 with acl1 // Delete the ACL READ for acl2 with acl1
target().path("/acl/" + document1Id + "/READ/" + acl2Id).request() target().path("/acl/" + document1Id + "/READ/" + acl2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.delete(JsonObject.class); .delete(JsonObject.class);
// Get the document as acl2 (visible by group) // Get the document as acl2 (visible by group)
target().path("/document/" + document1Id).request() target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get(JsonObject.class); .get(JsonObject.class);
// Delete the ACL READ for aclGroup2 with acl1 // Delete the ACL READ for aclGroup2 with acl1
target().path("/acl/" + document1Id + "/READ/" + aclGroup2Id).request() target().path("/acl/" + document1Id + "/READ/" + aclGroup2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.delete(JsonObject.class); .delete(JsonObject.class);
// Get the document as acl1 // Get the document as acl1
json = target().path("/document/" + document1Id).request() json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
@ -208,25 +226,25 @@ public class TestAclResource extends BaseJerseyTest {
acls = json.getJsonArray("acls"); acls = json.getJsonArray("acls");
Assert.assertEquals(2, acls.size()); Assert.assertEquals(2, acls.size());
String acl1Id = acls.getJsonObject(0).getString("id"); String acl1Id = acls.getJsonObject(0).getString("id");
// Get the document as acl2 // Get the document as acl2
response = target().path("/document/" + document1Id).request() response = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get(); .get();
Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus())); Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus()));
// Delete the ACL READ for acl1 with acl1 // Delete the ACL READ for acl1 with acl1
response = target().path("/acl/" + document1Id + "/READ/" + acl1Id).request() response = target().path("/acl/" + document1Id + "/READ/" + acl1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.delete(); .delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
// Delete the ACL WRITE for acl1 with acl1 // Delete the ACL WRITE for acl1 with acl1
response = target().path("/acl/" + document1Id + "/WRITE/" + acl1Id).request() response = target().path("/acl/" + document1Id + "/WRITE/" + acl1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token) .cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.delete(); .delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus())); Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
// Search target list (acl) // Search target list (acl)
json = target().path("/acl/target/search") json = target().path("/acl/target/search")
.queryParam("search", "acl") .queryParam("search", "acl")
@ -237,7 +255,7 @@ public class TestAclResource extends BaseJerseyTest {
Assert.assertTrue(users.size() > 0); Assert.assertTrue(users.size() > 0);
JsonArray groups = json.getJsonArray("groups"); JsonArray groups = json.getJsonArray("groups");
Assert.assertTrue(groups.size() > 0); Assert.assertTrue(groups.size() > 0);
// Search target list (admin) // Search target list (admin)
json = target().path("/acl/target/search") json = target().path("/acl/target/search")
.queryParam("search", "admin") .queryParam("search", "admin")