Update user group list web-service and role-list in Dtos (#763).
Change-Id: I8efd9226c61deead54a1b6953c10041758e90830
diff --git a/src/main/java/de/ids_mannheim/korap/dto/UserGroupDto.java b/src/main/java/de/ids_mannheim/korap/dto/UserGroupDto.java
index 273d52e..c43ddc4 100644
--- a/src/main/java/de/ids_mannheim/korap/dto/UserGroupDto.java
+++ b/src/main/java/de/ids_mannheim/korap/dto/UserGroupDto.java
@@ -5,6 +5,7 @@
import com.fasterxml.jackson.annotation.JsonInclude;
import de.ids_mannheim.korap.constant.GroupMemberStatus;
+import de.ids_mannheim.korap.constant.PredefinedRole;
import de.ids_mannheim.korap.constant.UserGroupStatus;
import lombok.Getter;
import lombok.Setter;
@@ -30,5 +31,5 @@
private List<UserGroupMemberDto> members;
private GroupMemberStatus userMemberStatus;
- private List<String> userRoles;
+ private List<PredefinedRole> userRoles;
}
diff --git a/src/main/java/de/ids_mannheim/korap/dto/UserGroupMemberDto.java b/src/main/java/de/ids_mannheim/korap/dto/UserGroupMemberDto.java
index 23cfa3d..0081a9a 100644
--- a/src/main/java/de/ids_mannheim/korap/dto/UserGroupMemberDto.java
+++ b/src/main/java/de/ids_mannheim/korap/dto/UserGroupMemberDto.java
@@ -3,6 +3,7 @@
import java.util.List;
import de.ids_mannheim.korap.constant.GroupMemberStatus;
+import de.ids_mannheim.korap.constant.PredefinedRole;
import lombok.Getter;
import lombok.Setter;
@@ -18,5 +19,5 @@
public class UserGroupMemberDto {
private String userId;
private GroupMemberStatus status;
- private List<String> roles;
+ private List<PredefinedRole> roles;
}
diff --git a/src/main/java/de/ids_mannheim/korap/dto/converter/UserGroupConverter.java b/src/main/java/de/ids_mannheim/korap/dto/converter/UserGroupConverter.java
index 706cc21..e2e0a3d 100644
--- a/src/main/java/de/ids_mannheim/korap/dto/converter/UserGroupConverter.java
+++ b/src/main/java/de/ids_mannheim/korap/dto/converter/UserGroupConverter.java
@@ -8,6 +8,7 @@
import org.springframework.stereotype.Component;
import de.ids_mannheim.korap.constant.GroupMemberStatus;
+import de.ids_mannheim.korap.constant.PredefinedRole;
import de.ids_mannheim.korap.dto.UserGroupDto;
import de.ids_mannheim.korap.dto.UserGroupMemberDto;
import de.ids_mannheim.korap.entity.Role;
@@ -39,7 +40,7 @@
dto.setUserMemberStatus(userMemberStatus);
if (roleSet != null) {
- dto.setUserRoles(convertRoleSetToStringList(roleSet));
+ dto.setUserRoles(convertRoleToPredefinedRoles(roleSet));
}
if (members != null) {
@@ -51,7 +52,7 @@
memberDto.setUserId(member.getUserId());
memberDto.setStatus(member.getStatus());
memberDto.setRoles(
- convertRoleSetToStringList(member.getRoles()));
+ convertRoleToPredefinedRoles(member.getRoles()));
memberDtos.add(memberDto);
}
dto.setMembers(memberDtos);
@@ -63,8 +64,8 @@
return dto;
}
- private List<String> convertRoleSetToStringList (Set<Role> roleSet) {
- List<String> roles = new ArrayList<>(roleSet.size());
+ private List<PredefinedRole> convertRoleToPredefinedRoles (Set<Role> roleSet) {
+ List<PredefinedRole> roles = new ArrayList<>(roleSet.size());
for (Role r : roleSet) {
roles.add(r.getName());
}
diff --git a/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java b/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
index 00cbf9a..eb6f046 100644
--- a/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
+++ b/src/main/java/de/ids_mannheim/korap/web/controller/UserGroupController.java
@@ -7,6 +7,7 @@
import org.springframework.stereotype.Controller;
import de.ids_mannheim.korap.constant.OAuth2Scope;
+import de.ids_mannheim.korap.constant.PredefinedRole;
import de.ids_mannheim.korap.dto.UserGroupDto;
import de.ids_mannheim.korap.exceptions.KustvaktException;
import de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService;
@@ -240,7 +241,7 @@
public Response editMemberRoles (@Context SecurityContext securityContext,
@PathParam("groupName") String groupName,
@FormParam("memberUsername") String memberUsername,
- @FormParam("roleId") List<Integer> roleIds) {
+ @FormParam("roleId") List<PredefinedRole> roleIds) {
TokenContext context = (TokenContext) securityContext
.getUserPrincipal();
try {
@@ -274,14 +275,14 @@
public Response addMemberRoles (@Context SecurityContext securityContext,
@PathParam("groupName") String groupName,
@FormParam("memberUsername") String memberUsername,
- @FormParam("roleId") List<Integer> roleIds) {
+ @FormParam("roleId") List<PredefinedRole> roles) {
TokenContext context = (TokenContext) securityContext
.getUserPrincipal();
try {
scopeService.verifyScope(context,
OAuth2Scope.ADD_USER_GROUP_MEMBER_ROLE);
service.addMemberRoles(context.getUsername(), groupName,
- memberUsername, roleIds);
+ memberUsername, roles);
return Response.ok("SUCCESS").build();
}
catch (KustvaktException e) {
diff --git a/src/main/resources/db/test/V3.1__insert_virtual_corpus.sql b/src/main/resources/db/test/V3.1__insert_virtual_corpus.sql
index 3673798..8be3e86 100644
--- a/src/main/resources/db/test/V3.1__insert_virtual_corpus.sql
+++ b/src/main/resources/db/test/V3.1__insert_virtual_corpus.sql
@@ -1,8 +1,8 @@
-- dummy data only for testing
-- user groups
-INSERT INTO user_group(name,status,created_by,created_date)
- VALUES ("marlin-group","ACTIVE","marlin",CURRENT_TIMESTAMP);
+--INSERT INTO user_group(name,status,created_by,created_date)
+-- VALUES ("marlin-group","ACTIVE","marlin",CURRENT_TIMESTAMP);
--INSERT INTO user_group(name,status,created_by,created_date)
-- VALUES ("dory-group","ACTIVE","dory",CURRENT_TIMESTAMP);
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java
index 5495c85..61c2a2a 100644
--- a/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerTest.java
@@ -31,7 +31,7 @@
/**
* @author margaretha
*/
-public class UserGroupControllerTest extends SpringJerseyTest {
+public class UserGroupControllerTest extends UserGroupTestBase {
@Autowired
private UserGroupMemberDao memberDao;
@@ -60,73 +60,11 @@
assertEquals(Status.OK.getStatusCode(), response.getStatus());
}
- // dory is a group admin in dory-group
- @Test
- public void testListDoryGroups () throws KustvaktException {
- Response response = target().path(API_VERSION).path("group").request()
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue("dory", "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
- String entity = response.readEntity(String.class);
- // System.out.println(entity);
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
- JsonNode node = JsonUtils.readTree(entity);
- JsonNode group = node.get(1);
- assertEquals(2, group.at("/id").asInt());
- assertEquals(group.at("/name").asText(), "dory-group");
- assertEquals(group.at("/owner").asText(), "dory");
- assertEquals(3, group.at("/members").size());
- }
-
- // nemo is a group member in dory-group
- @Test
- public void testListNemoGroups () throws KustvaktException {
- Response response = target().path(API_VERSION).path("group").request()
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue("nemo", "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
- String entity = response.readEntity(String.class);
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
- // System.out.println(entity);
- JsonNode node = JsonUtils.readTree(entity);
- assertEquals(2, node.at("/0/id").asInt());
- assertEquals(node.at("/0/name").asText(), "dory-group");
- assertEquals(node.at("/0/owner").asText(), "dory");
- // group members are not allowed to see other members
- assertEquals(0, node.at("/0/members").size());
- }
-
- // marlin has 2 groups
- @Test
- public void testListMarlinGroups () throws KustvaktException {
- Response response = target().path(API_VERSION).path("group").request()
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue("marlin", "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
- String entity = response.readEntity(String.class);
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
- JsonNode node = JsonUtils.readTree(entity);
- assertEquals(2, node.size());
- }
-
- @Test
- public void testListGroupGuest () throws KustvaktException {
- Response response = target().path(API_VERSION).path("group").request()
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
- String entity = response.readEntity(String.class);
- JsonNode node = JsonUtils.readTree(entity);
- assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
- assertEquals(StatusCodes.AUTHORIZATION_FAILED,
- node.at("/errors/0/0").asInt());
- assertEquals(node.at("/errors/0/1").asText(),
- "Unauthorized operation for user: guest");
- }
-
@Test
public void testCreateGroupEmptyDescription ()
throws ProcessingException, KustvaktException {
String groupName = "empty_group";
- Response response = testCreateUserGroup(groupName, "");
+ Response response = createUserGroup(groupName, "", username);
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
deleteGroupByName(groupName);
}
@@ -140,19 +78,6 @@
deleteGroupByName(groupName);
}
- private Response testCreateUserGroup (String groupName, String description)
- throws ProcessingException, KustvaktException {
- Form form = new Form();
- form.param("description", description);
- Response response = target().path(API_VERSION).path("group")
- .path("@" + groupName).request()
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue(username, "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .put(Entity.form(form));
- return response;
- }
-
private Response testCreateGroupWithoutDescription (String groupName)
throws ProcessingException, KustvaktException {
Response response = target().path(API_VERSION).path("group")
@@ -196,7 +121,7 @@
public void testUserGroup () throws ProcessingException, KustvaktException {
String groupName = "new-user-group";
String description = "This is new-user-group.";
- Response response = testCreateUserGroup(groupName, description);
+ Response response = createUserGroup(groupName, description, username);
assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
// same name
response = testCreateGroupWithoutDescription(groupName);
@@ -212,12 +137,10 @@
assertEquals(username, node.at("/members/0/userId").asText());
assertEquals(GroupMemberStatus.ACTIVE.name(),
node.at("/members/0/status").asText());
- assertEquals(PredefinedRole.VC_ACCESS_ADMIN.name(),
- node.at("/members/0/roles/1").asText());
- assertEquals(PredefinedRole.USER_GROUP_ADMIN.name(),
- node.at("/members/0/roles/0").asText());
+ assertEquals(6, node.at("/members/0/roles").size());
+
testUpdateUserGroup(groupName);
- testInviteMember(groupName);
+ testInviteMember(groupName, username, "darla");
testDeleteMemberUnauthorized(groupName);
testDeleteMember(groupName);
testDeleteGroup(groupName);
@@ -228,7 +151,7 @@
private void testUpdateUserGroup (String groupName)
throws ProcessingException, KustvaktException {
String description = "Description is updated.";
- Response response = testCreateUserGroup(groupName, description);
+ Response response = createUserGroup(groupName, description, username);
assertEquals(Status.NO_CONTENT.getStatusCode(), response.getStatus());
JsonNode node = retrieveUserGroups(username);
assertEquals(1, node.size());
@@ -396,27 +319,15 @@
"Operation 'delete group owner'is not allowed.");
}
- private void testInviteMember (String groupName)
+ private void testInviteMember (String groupName, String invitor,
+ String invitee)
throws ProcessingException, KustvaktException {
- Form form = new Form();
- form.param("members", "darla");
- Response response = target().path(API_VERSION).path("group")
- .path("@" + groupName).path("invite").request()
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue(username, "pass"))
- .post(Entity.form(form));
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ inviteMember(groupName, invitor, invitee);
// list group
- response = target().path(API_VERSION).path("group").request()
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue(username, "pass"))
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
- String entity = response.readEntity(String.class);
- JsonNode node = JsonUtils.readTree(entity);
+ JsonNode node = listUserGroup(invitor);
node = node.get(0);
assertEquals(2, node.get("members").size());
- assertEquals(node.at("/members/1/userId").asText(), "darla");
+ assertEquals(node.at("/members/1/userId").asText(), invitee);
assertEquals(GroupMemberStatus.PENDING.name(),
node.at("/members/1/status").asText());
assertEquals(0, node.at("/members/1/roles").size());
@@ -435,8 +346,8 @@
assertEquals(Status.OK.getStatusCode(), response.getStatus());
// check member
JsonNode node = retrieveUserGroups("marlin");
- assertEquals(2, node.size());
- JsonNode group = node.get(1);
+ assertEquals(1, node.size());
+ JsonNode group = node.get(0);
assertEquals(GroupMemberStatus.PENDING.name(),
group.at("/userMemberStatus").asText());
}
@@ -537,29 +448,23 @@
// marlin has GroupMemberStatus.PENDING in dory-group
@Test
public void testSubscribePendingMember () throws KustvaktException {
- Response response = target().path(API_VERSION).path("group")
- .path("@dory-group").path("subscribe").request()
- .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
- .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
- .createBasicAuthorizationHeaderValue("marlin", "pass"))
- .post(Entity.form(new Form()));
- assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ createDoryGroup();
+ testInviteMember(doryGroupName, "dory", "marlin");
+ subscribe("@"+doryGroupName, "marlin");
+
// retrieve marlin group
JsonNode node = retrieveUserGroups("marlin");
- // System.out.println(node);
- assertEquals(2, node.size());
- JsonNode group = node.get(1);
- assertEquals(2, group.at("/id").asInt());
+ assertEquals(1, node.size());
+ JsonNode group = node.get(0);
assertEquals(group.at("/name").asText(), "dory-group");
assertEquals(group.at("/owner").asText(), "dory");
// group members are not allowed to see other members
assertEquals(0, group.at("/members").size());
assertEquals(GroupMemberStatus.ACTIVE.name(),
group.at("/userMemberStatus").asText());
- assertEquals(PredefinedRole.VC_ACCESS_MEMBER.name(),
- group.at("/userRoles/1").asText());
- assertEquals(PredefinedRole.USER_GROUP_MEMBER.name(),
- group.at("/userRoles/0").asText());
+
+ System.out.println(node.toPrettyString());
+ assertEquals(2, group.at("/userRoles").size());
// unsubscribe marlin from dory-group
testUnsubscribeActiveMember("dory-group");
checkGroupMemberRole("dory-group", "marlin");
@@ -658,7 +563,7 @@
.delete();
assertEquals(Status.OK.getStatusCode(), response.getStatus());
JsonNode node = retrieveUserGroups("marlin");
- assertEquals(1, node.size());
+ assertEquals(0, node.size());
}
private void checkGroupMemberRole (String groupName,
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupListTest.java b/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupListTest.java
new file mode 100644
index 0000000..6a3100d
--- /dev/null
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupListTest.java
@@ -0,0 +1,66 @@
+package de.ids_mannheim.korap.web.controller;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import org.junit.jupiter.api.Test;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.net.HttpHeaders;
+
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.utils.JsonUtils;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
+
+public class UserGroupListTest extends UserGroupTestBase{
+
+ @Test
+ public void testListDoryGroups () throws KustvaktException {
+ createDoryGroup();
+ inviteMember(doryGroupName, "dory", "marlin");
+ inviteMember(doryGroupName, "dory", "nemo");
+
+ JsonNode node = listUserGroup("dory");
+ JsonNode group = node.get(0);
+ assertEquals(group.at("/name").asText(), "dory-group");
+ assertEquals(group.at("/owner").asText(), "dory");
+ assertEquals(3, group.at("/members").size());
+
+ testListNemoGroups();
+ testListMarlinGroups();
+ }
+
+ public void testListNemoGroups () throws KustvaktException {
+ subscribe("@"+doryGroupName, "nemo");
+
+ JsonNode node = listUserGroup("nemo");
+ assertEquals(node.at("/0/name").asText(), "dory-group");
+ assertEquals(node.at("/0/owner").asText(), "dory");
+ // group members are not allowed to see other members
+ assertEquals(0, node.at("/0/members").size());
+ }
+
+ // marlin has 2 groups
+ public void testListMarlinGroups () throws KustvaktException {
+ createMarlinGroup();
+ subscribe("@"+doryGroupName, "marlin");
+
+ JsonNode node = listUserGroup("marlin");
+ assertEquals(2, node.size());
+ }
+
+ @Test
+ public void testListGroupGuest () throws KustvaktException {
+ Response response = target().path(API_VERSION).path("group").request()
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").get();
+ String entity = response.readEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+ assertEquals(StatusCodes.AUTHORIZATION_FAILED,
+ node.at("/errors/0/0").asInt());
+ assertEquals(node.at("/errors/0/1").asText(),
+ "Unauthorized operation for user: guest");
+ }
+
+}
diff --git a/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupTestBase.java b/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupTestBase.java
new file mode 100644
index 0000000..889f913
--- /dev/null
+++ b/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupTestBase.java
@@ -0,0 +1,91 @@
+package de.ids_mannheim.korap.web.controller;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.net.HttpHeaders;
+
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.SpringJerseyTest;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.utils.JsonUtils;
+import jakarta.ws.rs.ProcessingException;
+import jakarta.ws.rs.client.Entity;
+import jakarta.ws.rs.core.Form;
+import jakarta.ws.rs.core.Response;
+import jakarta.ws.rs.core.Response.Status;
+
+public class UserGroupTestBase extends SpringJerseyTest {
+
+ protected String doryGroupName = "dory-group";
+ protected String marlinGroupName = "marlin-group";
+
+ protected Response createUserGroup (String groupName, String description,
+ String username) throws ProcessingException, KustvaktException {
+ Form form = new Form();
+ form.param("description", description);
+ Response response = target().path(API_VERSION).path("group")
+ .path("@" + groupName).request()
+ .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
+ .createBasicAuthorizationHeaderValue(username, "pass"))
+ .put(Entity.form(form));
+ return response;
+ }
+
+ protected JsonNode listUserGroup (String username)
+ throws KustvaktException {
+ Response response = target().path(API_VERSION).path("group").request()
+ .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
+ .createBasicAuthorizationHeaderValue(username, "pass"))
+ .get();
+ String entity = response.readEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ return node;
+ }
+
+ protected void inviteMember (String groupName, String invitor,
+ String invitee) throws KustvaktException {
+ Form form = new Form();
+ form.param("members", invitee);
+ Response response = target().path(API_VERSION).path("group")
+ .path("@" + groupName).path("invite").request()
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
+ .createBasicAuthorizationHeaderValue(invitor, "pass"))
+ .post(Entity.form(form));
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+
+ }
+
+ protected void subscribe (String groupName, String username)
+ throws KustvaktException {
+ Response response = target().path(API_VERSION).path("group")
+ .path(groupName).path("subscribe").request()
+ .header(Attributes.AUTHORIZATION, HttpAuthorizationHandler
+ .createBasicAuthorizationHeaderValue(username, "pass"))
+ .post(Entity.form(new Form()));
+ assertEquals(Status.OK.getStatusCode(), response.getStatus());
+ }
+
+ protected JsonNode createDoryGroup ()
+ throws ProcessingException, KustvaktException {
+ Response response = createUserGroup(doryGroupName,
+ "This is dory-group.", "dory");
+ assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
+ String entity = response.readEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ return node;
+ }
+
+ protected JsonNode createMarlinGroup ()
+ throws ProcessingException, KustvaktException {
+ Response response = createUserGroup(marlinGroupName,
+ "This is marlin-group.", "marlin");
+ assertEquals(Status.CREATED.getStatusCode(), response.getStatus());
+ String entity = response.readEntity(String.class);
+ JsonNode node = JsonUtils.readTree(entity);
+ return node;
+ }
+
+}