Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kustvakt / 845335c7d750c94e3382a1eb3294dde83ac64ae3 / . / full / src / test / java / de / ids_mannheim / korap / web / controller / VirtualCorpusAccessTest.java
blob: f86b01aaeef62b3072560941a0357a9e16a13035 [file] [log] [blame]
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]1package de.ids_mannheim.korap.web.controller;
2
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]3import static org.junit.jupiter.api.Assertions.assertEquals;
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]4
5import javax.ws.rs.ProcessingException;
6import javax.ws.rs.core.Response;
7import javax.ws.rs.core.Response.Status;
8
9import org.apache.http.HttpStatus;
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]10import org.junit.jupiter.api.Test;
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]11import com.fasterxml.jackson.databind.JsonNode;
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]12import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
13import de.ids_mannheim.korap.config.Attributes;
14import de.ids_mannheim.korap.constant.ResourceType;
15import de.ids_mannheim.korap.exceptions.KustvaktException;
16import de.ids_mannheim.korap.exceptions.StatusCodes;
17import de.ids_mannheim.korap.utils.JsonUtils;
18
19public class VirtualCorpusAccessTest extends VirtualCorpusTestBase {
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]20
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]21 private String testUser = "VirtualCorpusAccessTest";
22
23 @Test
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]24 public void testlistAccessByNonVCAAdmin() throws KustvaktException {
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]25 JsonNode node = listAccessByGroup("nemo", "dory-group");
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]26 assertEquals(StatusCodes.AUTHORIZATION_FAILED, node.at("/errors/0/0").asInt());
27 assertEquals(node.at("/errors/0/1").asText(), "Unauthorized operation for user: nemo");
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]28 }
29
30 // @Test
31 // public void testlistAccessMissingId () throws KustvaktException
32 // {
33 // Response response =
34 // target().path(API_VERSION).path("vc")
35 // .path("access")
36 // .request().header(Attributes.AUTHORIZATION,
37 // HttpAuthorizationHandler
38 // .createBasicAuthorizationHeaderValue(
39 // testUser, "pass"))
40 // .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
41 // .get();
42 // String entity = response.readEntity(String.class);
43 // JsonNode node = JsonUtils.readTree(entity);
44 // assertEquals(Status.BAD_REQUEST.getStatusCode(),
45 // response.getStatus());
46 // assertEquals(StatusCodes.MISSING_PARAMETER,
47 // node.at("/errors/0/0").asInt());
48 // assertEquals("vcId", node.at("/errors/0/1").asText());
49 // }
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]50 @Test
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]51 public void testlistAccessByGroup() throws KustvaktException {
52 Response response = target().path(API_VERSION).path("vc").path("access").queryParam("groupName", "dory-group").request().header(Attributes.AUTHORIZATION, HttpAuthorizationHandler.createBasicAuthorizationHeaderValue("dory", "pass")).get();
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]53 String entity = response.readEntity(String.class);
54 // System.out.println(entity);
55 JsonNode node = JsonUtils.readTree(entity);
56 assertEquals(1, node.at("/0/accessId").asInt());
57 assertEquals(2, node.at("/0/queryId").asInt());
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]58 assertEquals(node.at("/0/queryName").asText(), "group-vc");
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]59 assertEquals(2, node.at("/0/userGroupId").asInt());
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]60 assertEquals(node.at("/0/userGroupName").asText(), "dory-group");
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]61 }
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]62
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]63 @Test
64 public void testDeleteSharedVC() throws KustvaktException {
65 String json = "{\"type\": \"PROJECT\"" + ",\"queryType\": \"VIRTUAL_CORPUS\"" + ",\"corpusQuery\": \"corpusSigle=GOE\"}";
66 String vcName = "new_project_vc";
67 String username = "dory";
68 String authHeader = HttpAuthorizationHandler.createBasicAuthorizationHeaderValue(username, "pass");
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]69 createVC(authHeader, username, vcName, json);
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]70 String groupName = "dory-group";
71 testShareVCByCreator(username, vcName, groupName);
72 JsonNode node = listAccessByGroup(username, groupName);
73 assertEquals(2, node.size());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]74 // delete project VC
75 deleteVC(vcName, username, username);
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]76 node = listAccessByGroup(username, groupName);
77 assertEquals(1, node.size());
78 }
79
80 @Test
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]81 public void testCreateDeleteAccess() throws ProcessingException, KustvaktException {
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]82 String vcName = "marlin-vc";
83 String groupName = "marlin-group";
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]84 // check the vc type
85 JsonNode node = retrieveVCInfo("marlin", "marlin", vcName);
86 assertEquals(vcName, node.at("/name").asText());
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]87 assertEquals(node.at("/type").asText(), "private");
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]88 // share vc to group
89 Response response = testShareVCByCreator("marlin", vcName, groupName);
90 assertEquals(Status.OK.getStatusCode(), response.getStatus());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]91 // check the vc type
92 node = retrieveVCInfo("marlin", "marlin", vcName);
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]93 assertEquals(node.at("/type").asText(), "project");
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]94 // list vc access by marlin
95 node = listAccessByGroup("marlin", groupName);
96 assertEquals(2, node.size());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]97 // get access id
98 node = node.get(1);
99 assertEquals(5, node.at("/queryId").asInt());
100 assertEquals(vcName, node.at("/queryName").asText());
101 assertEquals(1, node.at("/userGroupId").asInt());
102 assertEquals(groupName, node.at("/userGroupName").asText());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]103 String accessId = node.at("/accessId").asText();
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]104 testShareVC_nonUniqueAccess("marlin", vcName, groupName);
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]105 // delete unauthorized
106 response = testDeleteAccess(testUser, accessId);
107 testResponseUnauthorized(response, testUser);
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]108 // delete access by vc-admin
109 // dory is a vc-admin in marlin group
110 response = testDeleteAccess("dory", accessId);
111 assertEquals(Status.OK.getStatusCode(), response.getStatus());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]112 // list vc access by dory
113 node = listAccessByGroup("dory", groupName);
114 assertEquals(1, node.size());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]115 // edit VC back to private
116 String json = "{\"type\": \"" + ResourceType.PRIVATE + "\"}";
117 editVC("marlin", "marlin", vcName, json);
118 node = retrieveVCInfo("marlin", "marlin", vcName);
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]119 assertEquals(ResourceType.PRIVATE.displayName(), node.at("/type").asText());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]120 }
121
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]122 private void testShareVC_nonUniqueAccess(String vcCreator, String vcName, String groupName) throws ProcessingException, KustvaktException {
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]123 Response response = testShareVCByCreator(vcCreator, vcName, groupName);
124 JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
125 assertEquals(HttpStatus.SC_BAD_REQUEST, response.getStatus());
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]126 assertEquals(StatusCodes.DB_INSERT_FAILED, node.at("/errors/0/0").asInt());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]127 // EM: message differs depending on the database used
128 // for testing. The message below is from sqlite.
129 // assertTrue(node.at("/errors/0/1").asText()
130 // .startsWith("[SQLITE_CONSTRAINT_UNIQUE]"));
131 }
132
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]133 private Response testDeleteAccess(String username, String accessId) throws ProcessingException, KustvaktException {
134 Response response = target().path(API_VERSION).path("vc").path("access").path(accessId).request().header(Attributes.AUTHORIZATION, HttpAuthorizationHandler.createBasicAuthorizationHeaderValue(username, "pass")).delete();
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]135 return response;
136 }
137
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]138 @Test
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]139 public void testDeleteNonExistingAccess() throws ProcessingException, KustvaktException {
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]140 Response response = testDeleteAccess("dory", "100");
141 assertEquals(Status.NOT_FOUND.getStatusCode(), response.getStatus());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]142 JsonNode node = JsonUtils.readTree(response.readEntity(String.class));
Marc Kupietzd43a98d2023-09-22 17:11:46 +0200[diff] [blame]143 assertEquals(StatusCodes.NO_RESOURCE_FOUND, node.at("/errors/0/0").asInt());
margaretha1c9ab942023-05-05 14:29:25 +0200[diff] [blame]144 }
145}