Added delete VC and get user group web-services.
Change-Id: Iaef203d73070d63e1a8a16f4228bd7281ca76d55
diff --git a/full/src/test/java/de/ids_mannheim/korap/dao/RolePrivilegeDaoTest.java b/full/src/test/java/de/ids_mannheim/korap/dao/RolePrivilegeDaoTest.java
index 4c956ae..d7317a6 100644
--- a/full/src/test/java/de/ids_mannheim/korap/dao/RolePrivilegeDaoTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/dao/RolePrivilegeDaoTest.java
@@ -27,7 +27,7 @@
@Test
public void retrievePredefinedRole () {
- Role r = roleDao.retrieveRoleById(PredefinedRole.GROUP_ADMIN.getId());
+ Role r = roleDao.retrieveRoleById(PredefinedRole.USER_GROUP_ADMIN.getId());
assertEquals(1, r.getId());
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java b/full/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java
index e978e49..66e2b79 100644
--- a/full/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/dao/UserGroupDaoTest.java
@@ -66,8 +66,8 @@
// member roles
List<Role> roles = roleDao.retrieveRoleByGroupMemberId(m.getId());
assertEquals(2, roles.size());
- assertEquals(PredefinedRole.GROUP_ADMIN.getId(), roles.get(0).getId());
- assertEquals(PredefinedRole.VC_ADMIN.getId(), roles.get(1).getId());
+ assertEquals(PredefinedRole.USER_GROUP_ADMIN.getId(), roles.get(0).getId());
+ assertEquals(PredefinedRole.VC_ACCESS_ADMIN.getId(), roles.get(1).getId());
//retrieve VC by group
List<VirtualCorpus> vc = virtualCorpusDao.retrieveVCByGroup(groupId);
@@ -93,8 +93,8 @@
UserGroupMember m = members.get(1);
List<Role> roles = m.getRoles();
assertEquals(2, roles.size());
- assertEquals(PredefinedRole.GROUP_MEMBER.getId(), roles.get(0).getId());
- assertEquals(PredefinedRole.VC_MEMBER.getId(), roles.get(1).getId());
+ assertEquals(PredefinedRole.USER_GROUP_MEMBER.getId(), roles.get(0).getId());
+ assertEquals(PredefinedRole.VC_ACCESS_MEMBER.getId(), roles.get(1).getId());
}
@Test
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/UserGroupServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/UserGroupServiceTest.java
new file mode 100644
index 0000000..1fde8bd
--- /dev/null
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/UserGroupServiceTest.java
@@ -0,0 +1,84 @@
+package de.ids_mannheim.korap.web.service.full;
+
+import static org.junit.Assert.assertEquals;
+
+import org.eclipse.jetty.http.HttpHeaders;
+import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.sun.jersey.api.client.ClientHandlerException;
+import com.sun.jersey.api.client.ClientResponse;
+import com.sun.jersey.api.client.UniformInterfaceException;
+import com.sun.jersey.api.client.ClientResponse.Status;
+
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.SpringJerseyTest;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.utils.JsonUtils;
+
+public class UserGroupServiceTest extends SpringJerseyTest {
+
+ @Autowired
+ private HttpAuthorizationHandler handler;
+
+ // dory is a group admin in dory group
+ @Test
+ public void testRetrieveDoryGroups () throws KustvaktException {
+ ClientResponse response = resource().path("group").path("user")
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue("dory",
+ "pass"))
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .get(ClientResponse.class);
+ String entity = response.getEntity(String.class);
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+// System.out.println(entity);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ assertEquals(1, node.at("/0/id").asInt());
+ assertEquals("dory group", node.at("/0/name").asText());
+ assertEquals("dory", node.at("/0/owner").asText());
+ assertEquals(3, node.at("/0/members").size());
+ }
+
+ // nemo is a group member in dory group
+ @Test
+ public void testRetrieveNemoGroups () throws KustvaktException {
+ ClientResponse response = resource().path("group").path("user")
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue("nemo",
+ "pass"))
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .get(ClientResponse.class);
+ String entity = response.getEntity(String.class);
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+// System.out.println(entity);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ assertEquals(1, node.at("/0/id").asInt());
+ assertEquals("dory group", node.at("/0/name").asText());
+ assertEquals("dory", node.at("/0/owner").asText());
+ // group members are not allowed to see other members
+ assertEquals(0, node.at("/0/members").size());
+ }
+
+ @Test
+ public void testRetrieveUserGroupUnauthorized () throws KustvaktException {
+ ClientResponse response = resource().path("group").path("user")
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .get(ClientResponse.class);
+ String entity = response.getEntity(String.class);
+// System.out.println(entity);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+ assertEquals(StatusCodes.AUTHORIZATION_FAILED,
+ node.at("/errors/0/0").asInt());
+ assertEquals("Operation is not permitted for user: guest",
+ node.at("/errors/0/1").asText());
+
+ }
+}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java
index 5f9a551..6c5cd74 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java
@@ -34,6 +34,24 @@
@Autowired
private HttpAuthorizationHandler handler;
+
+ private void checkWWWAuthenticateHeader (ClientResponse response) {
+ Set<Entry<String, List<String>>> headers =
+ response.getHeaders().entrySet();
+
+ for (Entry<String, List<String>> header : headers) {
+ if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
+ assertEquals("Api realm=\"Kustvakt\"",
+ header.getValue().get(0));
+ assertEquals("Session realm=\"Kustvakt\"",
+ header.getValue().get(1));
+ assertEquals("Bearer realm=\"Kustvakt\"",
+ header.getValue().get(2));
+ assertEquals("Basic realm=\"Kustvakt\"",
+ header.getValue().get(3));
+ }
+ }
+ }
@Test
public void testRetrieveUserVC () throws UniformInterfaceException,
@@ -43,43 +61,91 @@
handler.createBasicAuthorizationHeaderValue("dory",
"pass"))
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
-
+
.get(ClientResponse.class);
String entity = response.getEntity(String.class);
assertEquals(Status.OK.getStatusCode(), response.getStatus());
-// System.out.println(entity);
+ // System.out.println(entity);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(3, node.size());
}
+
@Test
- public void testStoreVC () throws KustvaktException {
+ public void testRetrieveUserVCUnauthorized ()
+ throws UniformInterfaceException, ClientHandlerException,
+ KustvaktException {
+ ClientResponse response = resource().path("vc").path("user")
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+
+ .get(ClientResponse.class);
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+ assertEquals(StatusCodes.AUTHORIZATION_FAILED,
+ node.at("/errors/0/0").asInt());
+ assertEquals("Operation is not permitted for user: guest",
+ node.at("/errors/0/1").asText());
+
+ checkWWWAuthenticateHeader(response);
+ }
+
+ @Test
+ public void testStoreDeleteVC () throws KustvaktException {
String json =
"{\"name\": \"new vc\",\"type\": \"PRIVATE\",\"createdBy\": "
+ "\"test class\",\"collectionQuery\": \"corpusSigle=GOE\"}";
ClientResponse response = resource().path("vc").path("store")
.header(Attributes.AUTHORIZATION,
- handler.createBasicAuthorizationHeaderValue("test class",
- "pass"))
+ handler.createBasicAuthorizationHeaderValue(
+ "test class", "pass"))
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").entity(json)
.post(ClientResponse.class);
String entity = response.getEntity(String.class);
assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ // retrieve user VC
response = resource().path("vc").path("user")
- .queryParam("username", "test class")
.header(Attributes.AUTHORIZATION,
- handler.createBasicAuthorizationHeaderValue("test class",
- "pass"))
+ handler.createBasicAuthorizationHeaderValue(
+ "test class", "pass"))
.header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
-
+
.get(ClientResponse.class);
entity = response.getEntity(String.class);
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
-// System.out.println(entity);
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ // System.out.println(entity);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(2, node.size());
assertEquals("new vc", node.get(1).get("name").asText());
+
+ String vcId = node.get(1).get("id").asText();
+
+ // delete new VC
+ resource().path("vc").path("delete").queryParam("vcId", vcId)
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue(
+ "test class", "pass"))
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+
+ .delete(ClientResponse.class);
+ // entity = response.getEntity(String.class);
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+
+ // retrieve user VC
+ response = resource().path("vc").path("user")
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue(
+ "test class", "pass"))
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+
+ .get(ClientResponse.class);
+ entity = response.getEntity(String.class);
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ // System.out.println(entity);
+ node = JsonUtils.readTree(entity);
+ assertEquals(1, node.size());
}
@Test
@@ -109,6 +175,8 @@
assertEquals(StatusCodes.EXPIRED, node.at("/errors/0/0").asInt());
assertEquals("Authentication token is expired",
node.at("/errors/0/1").asText());
+
+ checkWWWAuthenticateHeader(response);
}
@Test
@@ -122,28 +190,14 @@
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
- Set<Entry<String, List<String>>> headers =
- response.getHeaders().entrySet();
-
- for (Entry<String, List<String>> header : headers) {
- if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
- assertEquals("Api realm=\"Kustvakt\"",
- header.getValue().get(0));
- assertEquals("Session realm=\"Kustvakt\"",
- header.getValue().get(1));
- assertEquals("Bearer realm=\"Kustvakt\"",
- header.getValue().get(2));
- assertEquals("Basic realm=\"Kustvakt\"",
- header.getValue().get(3));
- }
- }
-
String entity = response.getEntity(String.class);
JsonNode node = JsonUtils.readTree(entity);
assertEquals(StatusCodes.AUTHORIZATION_FAILED,
node.at("/errors/0/0").asInt());
assertEquals("Operation is not permitted for user: guest",
node.at("/errors/0/1").asText());
+
+ checkWWWAuthenticateHeader(response);
}
@Test
@@ -155,7 +209,7 @@
ClientResponse response = resource().path("vc").path("store")
.entity(json).post(ClientResponse.class);
String entity = response.getEntity(String.class);
- System.out.println(entity);
+ // System.out.println(entity);
assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
@@ -166,4 +220,27 @@
+ "VirtualCorpusType` from String \"PRIVAT\": value not one of "
+ "declared Enum instance names"));
}
+
+ @Test
+ public void testDeleteVCUnauthorized () throws KustvaktException {
+ ClientResponse response =
+ resource().path("vc").path("delete").queryParam("vcId", "1")
+ .header(Attributes.AUTHORIZATION,
+ handler.createBasicAuthorizationHeaderValue(
+ "test class", "pass"))
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+
+ .delete(ClientResponse.class);
+
+ String entity = response.getEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+ assertEquals(StatusCodes.AUTHORIZATION_FAILED,
+ node.at("/errors/0/0").asInt());
+ assertEquals("Unauthorized operation for user: test class",
+ node.at("/errors/0/1").asText());
+
+ checkWWWAuthenticateHeader(response);
+ }
}