public/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2025-12-13 17:56:20 +00:00
Code Issues Releases Wiki Activity

Closes #29: Upgrade to Jersey 2

Browse Source
This commit is contained in:
jendib
2015-09-07 21:51:13 +02:00
parent 97694d5d59
commit 0fe51d355c
44 changed files with 1643 additions and 2292 deletions
Download Patch File Download Diff File Expand all files Collapse all files

123
docs-web/pom.xml
View File

@@ -28,23 +28,18 @@
<!-- Dependencies to Jersey -->
<dependency>
<groupId>com.sun.jersey</groupId>
<artifactId>jersey-server</artifactId>
<groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-servlet</artifactId>
</dependency>
<dependency>
<groupId>com.sun.jersey</groupId>
<artifactId>jersey-bundle</artifactId>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-json-processing</artifactId>
</dependency>
<dependency>
<groupId>com.sun.jersey</groupId>
<artifactId>jersey-json</artifactId>
</dependency>
<dependency>
<groupId>com.sun.jersey.contribs</groupId>
<artifactId>jersey-multipart</artifactId>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-multipart</artifactId>
</dependency>
<!-- Other external dependencies -->
@@ -74,8 +69,8 @@
</dependency>
<dependency>
<groupId>org.mortbay.jetty</groupId>
<artifactId>servlet-api</artifactId>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<scope>provided</scope>
</dependency>
@@ -102,16 +97,23 @@
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.sun.grizzly</groupId>
<artifactId>grizzly-servlet-webserver</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.sun.jersey.jersey-test-framework</groupId>
<artifactId>jersey-test-framework-grizzly2</artifactId>
<groupId>org.glassfish.jersey.test-framework.providers</groupId>
<artifactId>jersey-test-framework-provider-bundle</artifactId>
<type>pom</type>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.test-framework.providers</groupId>
<artifactId>jersey-test-framework-provider-grizzly2</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-grizzly2-servlet</artifactId>
<scope>test</scope>
</dependency>
@@ -123,29 +125,6 @@
<directory>src/main/resources</directory>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<configuration>
<systemProperties>
<systemProperty>
<name>webapp.root</name>
<value>${basedir}/src/main/webapp</value>
</systemProperty>
</systemProperties>
<scanIntervalSeconds>0</scanIntervalSeconds>
<webAppConfig>
<contextPath>/docs-web</contextPath>
<extraClasspath>target/classes;../docs-core/target/classes</extraClasspath>
<overrideDescriptor>src/dev/main/webapp/web-override.xml</overrideDescriptor>
</webAppConfig>
<stopKey>STOPKEY</stopKey>
<stopPort>1099</stopPort>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
@@ -183,14 +162,16 @@
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<configuration>
<scanIntervalSeconds>0</scanIntervalSeconds>
<webAppConfig>
<systemProperties>
<systemProperty>
<name>application.mode</name>
<value>dev</value>
</systemProperty>
</systemProperties>
<webApp>
<contextPath>/docs-web</contextPath>
<extraClasspath>target/classes;../docs-core/target/classes</extraClasspath>
<overrideDescriptor>src/dev/main/webapp/web-override.xml</overrideDescriptor>
</webAppConfig>
<stopKey>STOPKEY</stopKey>
<stopPort>1099</stopPort>
</webApp>
</configuration>
</plugin>
</plugins>
@@ -230,14 +211,16 @@
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-maven-plugin</artifactId>
<configuration>
<scanIntervalSeconds>0</scanIntervalSeconds>
<webAppConfig>
<systemProperties>
<systemProperty>
<name>application.mode</name>
<value>dev</value>
</systemProperty>
</systemProperties>
<webApp>
<contextPath>/docs-web</contextPath>
<extraClasspath>target/classes;../docs-core/target/classes</extraClasspath>
<overrideDescriptor>src/stress/main/webapp/web-override.xml</overrideDescriptor>
</webAppConfig>
<stopKey>STOPKEY</stopKey>
<stopPort>1099</stopPort>
<overrideDescriptor>src/dev/main/webapp/web-override.xml</overrideDescriptor>
</webApp>
</configuration>
</plugin>
</plugins>
@@ -247,12 +230,6 @@
<!-- Production profile -->
<profile>
<id>prod</id>
<activation>
<property>
<name>env</name>
<value>prod</value>
</property>
</activation>
<build>
<resources>
@@ -318,25 +295,5 @@
</plugins>
</build>
</profile>
<!-- Hosted version profile -->
<profile>
<id>hosted</id>
<activation>
<property>
<name>env</name>
<value>hosted</value>
</property>
</activation>
<build>
<resources>
<resource>
<directory>src/hosted/resources</directory>
<filtering>false</filtering>
</resource>
</resources>
</build>
</profile>
</profiles>
</project>

62
docs-web/src/main/java/com/sismics/docs/rest/resource/AclResource.java
View File

@@ -1,23 +1,19 @@
package com.sismics.docs.rest.resource;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.List;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import com.sismics.docs.core.constant.AclTargetType;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
@@ -46,13 +42,11 @@ public class AclResource extends BaseResource {
* Add an ACL.
*
* @return Response
* @throws JSONException
*/
@PUT
@Produces(MediaType.APPLICATION_JSON)
public Response add(@FormParam("source") String sourceId,
@FormParam("perm") String permStr,
@FormParam("username") String username) throws JSONException {
@FormParam("username") String username) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -86,15 +80,15 @@ public class AclResource extends BaseResource {
aclDao.create(acl);
// Returns the ACL
JSONObject response = new JSONObject();
response.put("perm", acl.getPerm().name());
response.put("id", acl.getTargetId());
response.put("name", user.getUsername());
response.put("type", AclTargetType.USER.name());
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("perm", acl.getPerm().name())
.add("id", acl.getTargetId())
.add("name", user.getUsername())
.add("type", AclTargetType.USER.name());
return Response.ok().entity(response.build()).build();
}
return Response.ok().entity(new JSONObject()).build();
return Response.ok().entity(Json.createObjectBuilder().build()).build();
}
/**
@@ -102,15 +96,13 @@ public class AclResource extends BaseResource {
*
* @param id ACL ID
* @return Response
* @throws JSONException
*/
@DELETE
@Path("{sourceId: [a-z0-9\\-]+}/{perm: [A-Z]+}/{targetId: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response delete(
@PathParam("sourceId") String sourceId,
@PathParam("perm") String permStr,
@PathParam("targetId") String targetId) throws JSONException {
@PathParam("targetId") String targetId) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -136,16 +128,21 @@ public class AclResource extends BaseResource {
// Delete the ACL
aclDao.delete(sourceId, perm, targetId);
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
* Search possible ACL target.
*
* @param search Search query
* @return Response
*/
@GET
@Path("target/search")
@Produces(MediaType.APPLICATION_JSON)
public Response targetList(@QueryParam("search") String search) throws JSONException {
public Response targetList(@QueryParam("search") String search) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -155,20 +152,19 @@ public class AclResource extends BaseResource {
// Search users
UserDao userDao = new UserDao();
JSONObject response = new JSONObject();
List<JSONObject> users = new ArrayList<>();
JsonArrayBuilder users = Json.createArrayBuilder();
PaginatedList<UserDto> paginatedList = PaginatedLists.create();
SortCriteria sortCriteria = new SortCriteria(1, true);
userDao.findByCriteria(paginatedList, new UserCriteria().setSearch(search), sortCriteria);
for (UserDto userDto : paginatedList.getResultList()) {
JSONObject user = new JSONObject();
user.put("username", userDto.getUsername());
users.add(user);
users.add(Json.createObjectBuilder()
.add("username", userDto.getUsername()));
}
response.put("users", users);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("users", users);
return Response.ok().entity(response.build()).build();
}
}

73
docs-web/src/main/java/com/sismics/docs/rest/resource/AppResource.java
View File

@@ -1,24 +1,22 @@
package com.sismics.docs.rest.resource;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.ResourceBundle;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Appender;
import org.apache.log4j.Logger;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import com.sismics.docs.core.dao.jpa.FileDao;
import com.sismics.docs.core.model.context.AppContext;
@@ -45,11 +43,9 @@ public class AppResource extends BaseResource {
* Return the information about the application.
*
* @return Response
* @throws JSONException
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response info() throws JSONException {
public Response info() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -58,14 +54,13 @@ public class AppResource extends BaseResource {
String currentVersion = configBundle.getString("api.current_version");
String minVersion = configBundle.getString("api.min_version");
JSONObject response = new JSONObject();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("current_version", currentVersion.replace("-SNAPSHOT", ""))
.add("min_version", minVersion)
.add("total_memory", Runtime.getRuntime().totalMemory())
.add("free_memory", Runtime.getRuntime().freeMemory());
response.put("current_version", currentVersion.replace("-SNAPSHOT", ""));
response.put("min_version", minVersion);
response.put("total_memory", Runtime.getRuntime().totalMemory());
response.put("free_memory", Runtime.getRuntime().freeMemory());
return Response.ok().entity(response).build();
return Response.ok().entity(response.build()).build();
}
/**
@@ -77,17 +72,15 @@ public class AppResource extends BaseResource {
* @param limit Page limit
* @param offset Page offset
* @return Response
* @throws JSONException
*/
@GET
@Path("log")
@Produces(MediaType.APPLICATION_JSON)
public Response log(
@QueryParam("level") String level,
@QueryParam("tag") String tag,
@QueryParam("message") String message,
@QueryParam("limit") Integer limit,
@QueryParam("offset") Integer offset) throws JSONException {
@QueryParam("offset") Integer offset) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -109,32 +102,30 @@ public class AppResource extends BaseResource {
PaginatedList<LogEntry> paginatedList = PaginatedLists.create(limit, offset);
memoryAppender.find(logCriteria, paginatedList);
JSONObject response = new JSONObject();
List<JSONObject> logs = new ArrayList<>();
JsonArrayBuilder logs = Json.createArrayBuilder();
for (LogEntry logEntry : paginatedList.getResultList()) {
JSONObject log = new JSONObject();
log.put("date", logEntry.getTimestamp());
log.put("level", logEntry.getLevel());
log.put("tag", logEntry.getTag());
log.put("message", logEntry.getMessage());
logs.add(log);
logs.add(Json.createObjectBuilder()
.add("date", logEntry.getTimestamp())
.add("level", logEntry.getLevel())
.add("tag", logEntry.getTag())
.add("message", logEntry.getMessage()));
}
response.put("total", paginatedList.getResultCount());
response.put("logs", logs);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("total", paginatedList.getResultCount())
.add("logs", logs);
return Response.ok().entity(response.build()).build();
}
/**
* Destroy and rebuild Lucene index.
*
* @return Response
* @throws JSONException
*/
@POST
@Path("batch/reindex")
@Produces(MediaType.APPLICATION_JSON)
public Response batchReindex() throws JSONException {
public Response batchReindex() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -146,21 +137,20 @@ public class AppResource extends BaseResource {
throw new ServerException("IndexingError", "Error rebuilding index", e);
}
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
* Clean storage.
*
* @return Response
* @throws JSONException
*/
@POST
@Path("batch/clean_storage")
@Produces(MediaType.APPLICATION_JSON)
public Response batchCleanStorage() throws JSONException {
public Response batchCleanStorage() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -184,8 +174,9 @@ public class AppResource extends BaseResource {
}
}
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
}

40
docs-web/src/main/java/com/sismics/docs/rest/resource/AuditLogResource.java
View File

@@ -1,19 +1,14 @@
package com.sismics.docs.rest.resource;
import java.util.ArrayList;
import java.util.List;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
import com.sismics.docs.core.dao.jpa.AuditLogDao;
@@ -36,11 +31,9 @@ public class AuditLogResource extends BaseResource {
* Returns the list of all logs for a document or user.
*
* @return Response
* @throws JSONException
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response list(@QueryParam("document") String documentId) throws JSONException {
public Response list(@QueryParam("document") String documentId) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -70,22 +63,21 @@ public class AuditLogResource extends BaseResource {
}
// Assemble the results
List<JSONObject> logs = new ArrayList<>();
JSONObject response = new JSONObject();
JsonArrayBuilder logs = Json.createArrayBuilder();
for (AuditLogDto auditLogDto : paginatedList.getResultList()) {
JSONObject log = new JSONObject();
log.put("id", auditLogDto.getId());
log.put("target", auditLogDto.getEntityId());
log.put("class", auditLogDto.getEntityClass());
log.put("type", auditLogDto.getType().name());
log.put("message", auditLogDto.getMessage());
log.put("create_date", auditLogDto.getCreateTimestamp());
logs.add(log);
logs.add(Json.createObjectBuilder()
.add("id", auditLogDto.getId())
.add("target", auditLogDto.getEntityId())
.add("class", auditLogDto.getEntityClass())
.add("type", auditLogDto.getType().name())
.add("message", auditLogDto.getMessage())
.add("create_date", auditLogDto.getCreateTimestamp()));
}
// Send the response
response.put("logs", logs);
response.put("total", paginatedList.getResultCount());
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("logs", logs)
.add("total", paginatedList.getResultCount());
return Response.ok().entity(response.build()).build();
}
}

18
docs-web/src/main/java/com/sismics/docs/rest/resource/BaseResource.java
View File

@@ -1,17 +1,17 @@
package com.sismics.docs.rest.resource;
import java.security.Principal;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import com.sismics.docs.rest.constant.BaseFunction;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.security.IPrincipal;
import com.sismics.security.UserPrincipal;
import com.sismics.util.filter.TokenBasedSecurityFilter;
import org.codehaus.jettison.json.JSONException;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Context;
import java.security.Principal;
import java.util.Set;
/**
* Base class of REST resources.
@@ -57,7 +57,7 @@ public abstract class BaseResource {
* @param baseFunction Base function to check
* @throws JSONException
*/
protected void checkBaseFunction(BaseFunction baseFunction) throws JSONException {
protected void checkBaseFunction(BaseFunction baseFunction) {
if (!hasBaseFunction(baseFunction)) {
throw new ForbiddenClientException();
}
@@ -70,7 +70,7 @@ public abstract class BaseResource {
* @return True if the user has the base function
* @throws JSONException
*/
protected boolean hasBaseFunction(BaseFunction baseFunction) throws JSONException {
protected boolean hasBaseFunction(BaseFunction baseFunction) {
if (principal == null || !(principal instanceof UserPrincipal)) {
return false;
}

145
docs-web/src/main/java/com/sismics/docs/rest/resource/DocumentResource.java
View File

@@ -8,6 +8,9 @@ import java.util.List;
import java.util.Set;
import java.util.UUID;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.persistence.NoResultException;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
@@ -16,15 +19,11 @@ import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.joda.time.DateTime;
import org.joda.time.format.DateTimeFormat;
import org.joda.time.format.DateTimeFormatter;
@@ -58,6 +57,7 @@ import com.sismics.docs.core.util.jpa.SortCriteria;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.exception.ServerException;
import com.sismics.rest.util.JsonUtil;
import com.sismics.rest.util.ValidationUtil;
/**
@@ -72,14 +72,12 @@ public class DocumentResource extends BaseResource {
*
* @param documentId Document ID
* @return Response
* @throws JSONException
*/
@GET
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response get(
@PathParam("id") String documentId,
@QueryParam("share") String shareId) throws JSONException {
@QueryParam("share") String shareId) {
authenticate();
DocumentDao documentDao = new DocumentDao();
@@ -96,48 +94,46 @@ public class DocumentResource extends BaseResource {
return Response.status(Status.NOT_FOUND).build();
}
JSONObject document = new JSONObject();
document.put("id", documentDto.getId());
document.put("title", documentDto.getTitle());
document.put("description", documentDto.getDescription());
document.put("create_date", documentDto.getCreateTimestamp());
document.put("language", documentDto.getLanguage());
document.put("shared", documentDto.getShared());
document.put("file_count", documentDto.getFileCount());
JsonObjectBuilder document = Json.createObjectBuilder()
.add("id", documentDto.getId())
.add("title", documentDto.getTitle())
.add("description", JsonUtil.nullable(documentDto.getDescription()))
.add("create_date", documentDto.getCreateTimestamp())
.add("language", documentDto.getLanguage())
.add("shared", documentDto.getShared())
.add("file_count", documentDto.getFileCount());
if (principal.isAnonymous()) {
// No tags in anonymous mode (sharing)
document.put("tags", new ArrayList<JSONObject>());
document.add("tags", Json.createArrayBuilder());
} else {
// Add tags added by the current user on this document
TagDao tagDao = new TagDao();
List<TagDto> tagDtoList = tagDao.getByDocumentId(documentId, principal.getId());
List<JSONObject> tags = new ArrayList<>();
JsonArrayBuilder tags = Json.createArrayBuilder();
for (TagDto tagDto : tagDtoList) {
JSONObject tag = new JSONObject();
tag.put("id", tagDto.getId());
tag.put("name", tagDto.getName());
tag.put("color", tagDto.getColor());
tags.add(tag);
tags.add(Json.createObjectBuilder()
.add("id", tagDto.getId())
.add("name", tagDto.getName())
.add("color", tagDto.getColor()));
}
document.put("tags", tags);
document.add("tags", tags);
}
// Below is specific to GET /document/id
document.put("creator", documentDto.getCreator());
document.add("creator", documentDto.getCreator());
// Add ACL
List<AclDto> aclDtoList = aclDao.getBySourceId(documentId);
List<JSONObject> aclList = new ArrayList<>();
JsonArrayBuilder aclList = Json.createArrayBuilder();
boolean writable = false;
for (AclDto aclDto : aclDtoList) {
JSONObject acl = new JSONObject();
acl.put("perm", aclDto.getPerm().name());
acl.put("id", aclDto.getTargetId());
acl.put("name", aclDto.getTargetName());
acl.put("type", aclDto.getTargetType());
aclList.add(acl);
aclList.add(Json.createObjectBuilder()
.add("perm", aclDto.getPerm().name())
.add("id", aclDto.getTargetId())
.add("name", JsonUtil.nullable(aclDto.getTargetName()))
.add("type", aclDto.getTargetType()));
if (!principal.isAnonymous()
&& aclDto.getTargetId().equals(principal.getId())
@@ -146,10 +142,10 @@ public class DocumentResource extends BaseResource {
writable = true;
}
}
document.put("acls", aclList);
document.put("writable", writable);
document.add("acls", aclList)
.add("writable", writable);
return Response.ok().entity(document).build();
return Response.ok().entity(document.build()).build();
}
/**
@@ -158,23 +154,21 @@ public class DocumentResource extends BaseResource {
* @param limit Page limit
* @param offset Page offset
* @return Response
* @throws JSONException
*/
@GET
@Path("list")
@Produces(MediaType.APPLICATION_JSON)
public Response list(
@QueryParam("limit") Integer limit,
@QueryParam("offset") Integer offset,
@QueryParam("sort_column") Integer sortColumn,
@QueryParam("asc") Boolean asc,
@QueryParam("search") String search) throws JSONException {
@QueryParam("search") String search) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
JSONObject response = new JSONObject();
List<JSONObject> documents = new ArrayList<>();
JsonObjectBuilder response = Json.createObjectBuilder();
JsonArrayBuilder documents = Json.createArrayBuilder();
DocumentDao documentDao = new DocumentDao();
TagDao tagDao = new TagDao();
@@ -189,33 +183,30 @@ public class DocumentResource extends BaseResource {
}
for (DocumentDto documentDto : paginatedList.getResultList()) {
JSONObject document = new JSONObject();
document.put("id", documentDto.getId());
document.put("title", documentDto.getTitle());
document.put("description", documentDto.getDescription());
document.put("create_date", documentDto.getCreateTimestamp());
document.put("language", documentDto.getLanguage());
document.put("shared", documentDto.getShared());
document.put("file_count", documentDto.getFileCount());
// Get tags added by the current user on this document
List<TagDto> tagDtoList = tagDao.getByDocumentId(documentDto.getId(), principal.getId());
List<JSONObject> tags = new ArrayList<>();
JsonArrayBuilder tags = Json.createArrayBuilder();
for (TagDto tagDto : tagDtoList) {
JSONObject tag = new JSONObject();
tag.put("id", tagDto.getId());
tag.put("name", tagDto.getName());
tag.put("color", tagDto.getColor());
tags.add(tag);
tags.add(Json.createObjectBuilder()
.add("id", tagDto.getId())
.add("name", tagDto.getName())
.add("color", tagDto.getColor()));
}
document.put("tags", tags);
documents.add(document);
documents.add(Json.createObjectBuilder()
.add("id", documentDto.getId())
.add("title", documentDto.getTitle())
.add("description", JsonUtil.nullable(documentDto.getDescription()))
.add("create_date", documentDto.getCreateTimestamp())
.add("language", documentDto.getLanguage())
.add("shared", documentDto.getShared())
.add("file_count", documentDto.getFileCount())
.add("tags", tags));
}
response.put("total", paginatedList.getResultCount());
response.put("documents", documents);
response.add("total", paginatedList.getResultCount())
.add("documents", documents);
return Response.ok().entity(response).build();
return Response.ok().entity(response.build()).build();
}
/**
@@ -329,16 +320,14 @@ public class DocumentResource extends BaseResource {
* @param language Language
* @param createDateStr Creation date
* @return Response
* @throws JSONException
*/
@PUT
@Produces(MediaType.APPLICATION_JSON)
public Response add(
@FormParam("title") String title,
@FormParam("description") String description,
@FormParam("tags") List<String> tagList,
@FormParam("language") String language,
@FormParam("create_date") String createDateStr) throws JSONException {
@FormParam("create_date") String createDateStr) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -389,9 +378,9 @@ public class DocumentResource extends BaseResource {
documentCreatedAsyncEvent.setDocument(document);
AppContext.getInstance().getAsyncEventBus().post(documentCreatedAsyncEvent);
JSONObject response = new JSONObject();
response.put("id", documentId);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("id", documentId);
return Response.ok().entity(response.build()).build();
}
/**
@@ -400,18 +389,16 @@ public class DocumentResource extends BaseResource {
* @param title Title
* @param description Description
* @return Response
* @throws JSONException
*/
@POST
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response update(
@PathParam("id") String id,
@FormParam("title") String title,
@FormParam("description") String description,
@FormParam("tags") List<String> tagList,
@FormParam("language") String language,
@FormParam("create_date") String createDateStr) throws JSONException {
@FormParam("create_date") String createDateStr) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -458,10 +445,9 @@ public class DocumentResource extends BaseResource {
documentUpdatedAsyncEvent.setDocument(document);
AppContext.getInstance().getAsyncEventBus().post(documentUpdatedAsyncEvent);
// Always return ok
JSONObject response = new JSONObject();
response.put("id", id);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("id", id);
return Response.ok().entity(response.build()).build();
}
/**
@@ -469,9 +455,8 @@ public class DocumentResource extends BaseResource {
*
* @param documentId Document ID
* @param tagList Tag ID list
* @throws JSONException
*/
private void updateTagList(String documentId, List<String> tagList) throws JSONException {
private void updateTagList(String documentId, List<String> tagList) {
if (tagList != null) {
TagDao tagDao = new TagDao();
Set<String> tagSet = new HashSet<>();
@@ -495,13 +480,11 @@ public class DocumentResource extends BaseResource {
*
* @param id Document ID
* @return Response
* @throws JSONException
*/
@DELETE
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response delete(
@PathParam("id") String id) throws JSONException {
@PathParam("id") String id) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -533,9 +516,9 @@ public class DocumentResource extends BaseResource {
documentDeletedAsyncEvent.setDocument(document);
AppContext.getInstance().getAsyncEventBus().post(documentDeletedAsyncEvent);
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
}

94
docs-web/src/main/java/com/sismics/docs/rest/resource/FileResource.java
View File

@@ -8,12 +8,14 @@ import java.io.OutputStream;
import java.nio.file.Paths;
import java.text.MessageFormat;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.zip.ZipEntry;
import java.util.zip.ZipOutputStream;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.persistence.NoResultException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
@@ -28,10 +30,11 @@ import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.StreamingOutput;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.glassfish.jersey.media.multipart.FormDataBodyPart;
import org.glassfish.jersey.media.multipart.FormDataParam;
import com.google.common.base.Strings;
import com.google.common.collect.Lists;
@@ -54,12 +57,10 @@ import com.sismics.docs.core.util.FileUtil;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.exception.ServerException;
import com.sismics.rest.util.JsonUtil;
import com.sismics.rest.util.ValidationUtil;
import com.sismics.util.mime.MimeType;
import com.sismics.util.mime.MimeTypeUtil;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.multipart.FormDataBodyPart;
import com.sun.jersey.multipart.FormDataParam;
/**
* File REST resources.
@@ -74,14 +75,12 @@ public class FileResource extends BaseResource {
* @param documentId Document ID
* @param fileBodyPart File to add
* @return Response
* @throws JSONException
*/
@PUT
@Consumes("multipart/form-data")
@Produces(MediaType.APPLICATION_JSON)
public Response add(
@FormDataParam("id") String documentId,
@FormDataParam("file") FormDataBodyPart fileBodyPart) throws JSONException {
@FormDataParam("file") FormDataBodyPart fileBodyPart) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -156,11 +155,11 @@ public class FileResource extends BaseResource {
AppContext.getInstance().getAsyncEventBus().post(fileCreatedAsyncEvent);
}
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
response.put("id", fileId);
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok")
.add("id", fileId);
return Response.ok().entity(response.build()).build();
} catch (Exception e) {
throw new ServerException("FileError", "Error adding a file", e);
}
@@ -171,14 +170,12 @@ public class FileResource extends BaseResource {
*
* @param id File ID
* @return Response
* @throws JSONException
*/
@POST
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response attach(
@PathParam("id") String id,
@FormParam("id") String documentId) throws JSONException {
@FormParam("id") String documentId) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -226,10 +223,10 @@ public class FileResource extends BaseResource {
throw new ClientException("AttachError", "Error attaching file to document", e);
}
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
@@ -238,14 +235,12 @@ public class FileResource extends BaseResource {
* @param documentId Document ID
* @param idList List of files ID in the new order
* @return Response
* @throws JSONException
*/
@POST
@Path("reorder")
@Produces(MediaType.APPLICATION_JSON)
public Response reorder(
@FormParam("id") String documentId,
@FormParam("order") List<String> idList) throws JSONException {
@FormParam("order") List<String> idList) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -271,10 +266,10 @@ public class FileResource extends BaseResource {
}
}
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
@@ -283,14 +278,12 @@ public class FileResource extends BaseResource {
* @param documentId Document ID
* @param shareId Sharing ID
* @return Response
* @throws JSONException
*/
@GET
@Path("list")
@Produces(MediaType.APPLICATION_JSON)
public Response list(
@QueryParam("id") String documentId,
@QueryParam("share") String shareId) throws JSONException {
@QueryParam("share") String shareId) {
boolean authenticated = authenticate();
// Check document visibility
@@ -306,20 +299,18 @@ public class FileResource extends BaseResource {
FileDao fileDao = new FileDao();
List<File> fileList = fileDao.getByDocumentId(principal.getId(), documentId);
JSONObject response = new JSONObject();
List<JSONObject> files = new ArrayList<>();
JsonArrayBuilder files = Json.createArrayBuilder();
for (File fileDb : fileList) {
JSONObject file = new JSONObject();
file.put("id", fileDb.getId());
file.put("mimetype", fileDb.getMimeType());
file.put("document_id", fileDb.getDocumentId());
file.put("create_date", fileDb.getCreateDate().getTime());
files.add(file);
files.add(Json.createObjectBuilder()
.add("id", fileDb.getId())
.add("mimetype", fileDb.getMimeType())
.add("document_id", JsonUtil.nullable(fileDb.getDocumentId()))
.add("create_date", fileDb.getCreateDate().getTime()));
}
response.put("files", files);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("files", files);
return Response.ok().entity(response.build()).build();
}
/**
@@ -327,13 +318,11 @@ public class FileResource extends BaseResource {
*
* @param id File ID
* @return Response
* @throws JSONException
*/
@DELETE
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response delete(
@PathParam("id") String id) throws JSONException {
@PathParam("id") String id) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -365,10 +354,10 @@ public class FileResource extends BaseResource {
fileDeletedAsyncEvent.setFile(file);
AppContext.getInstance().getAsyncEventBus().post(fileDeletedAsyncEvent);
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
@@ -376,15 +365,13 @@ public class FileResource extends BaseResource {
*
* @param fileId File ID
* @return Response
* @throws JSONException
*/
@GET
@Path("{id: [a-z0-9\\-]+}/data")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
public Response data(
@PathParam("id") final String fileId,
@QueryParam("share") String shareId,
@QueryParam("size") String size) throws JSONException {
@QueryParam("size") String size) {
authenticate();
if (size != null) {
@@ -472,14 +459,13 @@ public class FileResource extends BaseResource {
*
* @param documentId Document ID
* @return Response
* @throws JSONException
*/
@GET
@Path("zip")
@Produces(MediaType.APPLICATION_OCTET_STREAM)
public Response zip(
@QueryParam("id") String documentId,
@QueryParam("share") String shareId) throws JSONException {
@QueryParam("share") String shareId) {
authenticate();
// Get the document

37
docs-web/src/main/java/com/sismics/docs/rest/resource/LocaleResource.java
View File

@@ -1,17 +1,16 @@
package com.sismics.docs.rest.resource;
import java.util.List;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.core.Response;
import com.sismics.docs.core.dao.jpa.LocaleDao;
import com.sismics.docs.core.model.jpa.Locale;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
import java.util.List;
/**
* Locale REST resources.
@@ -24,21 +23,19 @@ public class LocaleResource extends BaseResource {
* Returns the list of all locales.
*
* @return Response
* @throws JSONException
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response list() throws JSONException {
public Response list() {
LocaleDao localeDao = new LocaleDao();
List<Locale> localeList = localeDao.findAll();
JSONObject response = new JSONObject();
List<JSONObject> items = new ArrayList<>();
JsonArrayBuilder items = Json.createArrayBuilder();
for (Locale locale : localeList) {
JSONObject item = new JSONObject();
item.put("id", locale.getId());
items.add(item);
items.add(Json.createObjectBuilder()
.add("id", locale.getId()));
}
response.put("locales", items);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("locales", items);
return Response.ok().entity(response.build()).build();
}
}

36
docs-web/src/main/java/com/sismics/docs/rest/resource/ShareResource.java
View File

@@ -4,19 +4,16 @@ package com.sismics.docs.rest.resource;
import java.text.MessageFormat;
import java.util.List;
import javax.json.Json;
import javax.json.JsonObjectBuilder;
import javax.persistence.NoResultException;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import com.sismics.docs.core.constant.AclTargetType;
import com.sismics.docs.core.constant.PermType;
import com.sismics.docs.core.dao.jpa.AclDao;
@@ -26,6 +23,7 @@ import com.sismics.docs.core.model.jpa.Acl;
import com.sismics.docs.core.model.jpa.Share;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.util.JsonUtil;
import com.sismics.rest.util.ValidationUtil;
/**
@@ -40,13 +38,11 @@ public class ShareResource extends BaseResource {
*
* @param documentId Document ID
* @return Response
* @throws JSONException
*/
@PUT
@Produces(MediaType.APPLICATION_JSON)
public Response add(
@FormParam("id") String documentId,
@FormParam("name") String name) throws JSONException {
@FormParam("name") String name) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -78,12 +74,12 @@ public class ShareResource extends BaseResource {
aclDao.create(acl);
// Returns the created ACL
JSONObject response = new JSONObject();
response.put("perm", acl.getPerm().name());
response.put("id", acl.getTargetId());
response.put("name", name);
response.put("type", AclTargetType.SHARE);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("perm", acl.getPerm().name())
.add("id", acl.getTargetId())
.add("name", JsonUtil.nullable(name))
.add("type", AclTargetType.SHARE.toString());
return Response.ok().entity(response.build()).build();
}
/**
@@ -91,13 +87,11 @@ public class ShareResource extends BaseResource {
*
* @param id Share ID
* @return Response
* @throws JSONException
*/
@DELETE
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response delete(
@PathParam("id") String id) throws JSONException {
@PathParam("id") String id) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -118,9 +112,9 @@ public class ShareResource extends BaseResource {
ShareDao shareDao = new ShareDao();
shareDao.delete(id);
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
}

105
docs-web/src/main/java/com/sismics/docs/rest/resource/TagResource.java
View File

@@ -1,21 +1,28 @@
package com.sismics.docs.rest.resource;
import java.text.MessageFormat;
import java.util.List;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import com.sismics.docs.core.dao.jpa.TagDao;
import com.sismics.docs.core.dao.jpa.dto.TagStatDto;
import com.sismics.docs.core.model.jpa.Tag;
import com.sismics.rest.exception.ClientException;
import com.sismics.rest.exception.ForbiddenClientException;
import com.sismics.rest.util.ValidationUtil;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.List;
/**
* Tag REST resources.
@@ -28,29 +35,27 @@ public class TagResource extends BaseResource {
* Returns the list of all tags.
*
* @return Response
* @throws JSONException
*/
@GET
@Path("/list")
@Produces(MediaType.APPLICATION_JSON)
public Response list() throws JSONException {
public Response list() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
TagDao tagDao = new TagDao();
List<Tag> tagList = tagDao.getByUserId(principal.getId());
JSONObject response = new JSONObject();
List<JSONObject> items = new ArrayList<>();
JsonArrayBuilder items = Json.createArrayBuilder();
for (Tag tag : tagList) {
JSONObject item = new JSONObject();
item.put("id", tag.getId());
item.put("name", tag.getName());
item.put("color", tag.getColor());
items.add(item);
items.add(Json.createObjectBuilder()
.add("id", tag.getId())
.add("name", tag.getName())
.add("color", tag.getColor()));
}
response.put("tags", items);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("tags", items);
return Response.ok().entity(response.build()).build();
}
/**
@@ -61,26 +66,25 @@ public class TagResource extends BaseResource {
*/
@GET
@Path("/stats")
@Produces(MediaType.APPLICATION_JSON)
public Response stats() throws JSONException {
public Response stats() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
TagDao tagDao = new TagDao();
List<TagStatDto> tagStatDtoList = tagDao.getStats(principal.getId());
JSONObject response = new JSONObject();
List<JSONObject> items = new ArrayList<>();
JsonArrayBuilder items = Json.createArrayBuilder();
for (TagStatDto tagStatDto : tagStatDtoList) {
JSONObject item = new JSONObject();
item.put("id", tagStatDto.getId());
item.put("name", tagStatDto.getName());
item.put("color", tagStatDto.getColor());
item.put("count", tagStatDto.getCount());
items.add(item);
items.add(Json.createObjectBuilder()
.add("id", tagStatDto.getId())
.add("name", tagStatDto.getName())
.add("color", tagStatDto.getColor())
.add("count", tagStatDto.getCount()));
}
response.put("stats", items);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("stats", items);
return Response.ok().entity(response.build()).build();
}
/**
@@ -88,13 +92,11 @@ public class TagResource extends BaseResource {
*
* @param name Name
* @return Response
* @throws JSONException
*/
@PUT
@Produces(MediaType.APPLICATION_JSON)
public Response add(
@FormParam("name") String name,
@FormParam("color") String color) throws JSONException {
@FormParam("color") String color) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -120,11 +122,11 @@ public class TagResource extends BaseResource {
tag.setName(name);
tag.setColor(color);
tag.setUserId(principal.getId());
String tagId = tagDao.create(tag);
String id = tagDao.create(tag);
JSONObject response = new JSONObject();
response.put("id", tagId);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("id", id);
return Response.ok().entity(response.build()).build();
}
/**
@@ -132,15 +134,13 @@ public class TagResource extends BaseResource {
*
* @param name Name
* @return Response
* @throws JSONException
*/
@POST
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response update(
@PathParam("id") String id,
@FormParam("name") String name,
@FormParam("color") String color) throws JSONException {
@FormParam("color") String color) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -177,9 +177,9 @@ public class TagResource extends BaseResource {
tagDao.update(tag);
JSONObject response = new JSONObject();
response.put("id", id);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("id", id);
return Response.ok().entity(response.build()).build();
}
/**
@@ -187,13 +187,11 @@ public class TagResource extends BaseResource {
*
* @param tagId Tag ID
* @return Response
* @throws JSONException
*/
@DELETE
@Path("{id: [a-z0-9\\-]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response delete(
@PathParam("id") String tagId) throws JSONException {
@PathParam("id") String tagId) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -208,8 +206,9 @@ public class TagResource extends BaseResource {
// Delete the tag
tagDao.delete(tagId);
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
}

55
docs-web/src/main/java/com/sismics/docs/rest/resource/TextPlainMessageBodyWriter.java
View File

@@ -1,55 +0,0 @@
package com.sismics.docs.rest.resource;
import com.sun.jersey.core.util.ReaderWriter;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.ws.rs.Produces;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.ext.MessageBodyWriter;
import javax.ws.rs.ext.Provider;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.lang.annotation.Annotation;
import java.lang.reflect.Type;
/**
* MessageBodyWriter personalized to write JSON despite the text/plain MIME type.
* Used in particuler in return of a posted form, since IE doesn't knw how to read the application/json MIME type.
*
* @author bgamard
*/
@Provider
@Produces(MediaType.TEXT_PLAIN)
public class TextPlainMessageBodyWriter implements
MessageBodyWriter<JSONObject> {
@Override
public boolean isWriteable(Class<?> type, Type genericType,
Annotation[] annotations, MediaType mediaType) {
return true;
}
@Override
public long getSize(JSONObject array, Class<?> type, Type genericType,
Annotation[] annotations, MediaType mediaType) {
return -1;
}
@Override
public void writeTo(JSONObject jsonObject, Class<?> type, Type genericType,
Annotation[] annotations, MediaType mediaType,
MultivaluedMap<String, Object> httpHeaders,
OutputStream entityStream) throws IOException,
WebApplicationException {
try {
OutputStreamWriter writer = new OutputStreamWriter(entityStream, ReaderWriter.getCharset(mediaType));
jsonObject.write(writer);
writer.flush();
} catch (JSONException e) {
throw new WebApplicationException(e);
}
}
}

43
docs-web/src/main/java/com/sismics/docs/rest/resource/ThemeResource.java
View File

@@ -1,43 +0,0 @@
package com.sismics.docs.rest.resource;
import com.sismics.docs.core.dao.file.theme.ThemeDao;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import java.util.ArrayList;
import java.util.List;
/**
* Theme REST resources.
*
* @author jtremeaux
*/
@Path("/theme")
public class ThemeResource extends BaseResource {
/**
* Returns the list of all themes.
*
* @return Response
* @throws JSONException
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response list() throws JSONException {
ThemeDao themeDao = new ThemeDao();
List<String> themeList = themeDao.findAll();
JSONObject response = new JSONObject();
List<JSONObject> items = new ArrayList<>();
for (String theme : themeList) {
JSONObject item = new JSONObject();
item.put("id", theme);
items.add(item);
}
response.put("themes", items);
return Response.ok().entity(response).build();
}
}

269
docs-web/src/main/java/com/sismics/docs/rest/resource/UserResource.java
View File

@@ -1,5 +1,28 @@
package com.sismics.docs.rest.resource;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.Set;
import javax.json.Json;
import javax.json.JsonArrayBuilder;
import javax.json.JsonObjectBuilder;
import javax.servlet.http.Cookie;
import javax.ws.rs.DELETE;
import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import com.google.common.base.Strings;
import com.sismics.docs.core.constant.Constants;
import com.sismics.docs.core.dao.jpa.AuthenticationTokenDao;
@@ -22,23 +45,6 @@ import com.sismics.security.UserPrincipal;
import com.sismics.util.LocaleUtil;
import com.sismics.util.filter.TokenBasedSecurityFilter;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.servlet.http.Cookie;
import javax.ws.rs.*;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Response;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Set;
/**
* User REST resources.
*
@@ -52,17 +58,13 @@ public class UserResource extends BaseResource {
* @param username User's username
* @param password Password
* @param email E-Mail
* @param localeId Locale ID
* @return Response
* @throws JSONException
*/
@PUT
@Produces(MediaType.APPLICATION_JSON)
public Response register(
@FormParam("username") String username,
@FormParam("password") String password,
@FormParam("locale") String localeId,
@FormParam("email") String email) throws JSONException {
@FormParam("email") String email) {
if (!authenticate()) {
throw new ForbiddenClientException();
@@ -89,11 +91,7 @@ public class UserResource extends BaseResource {
}
user.setCreateDate(new Date());
if (localeId == null) {
// Set the locale from the HTTP headers
localeId = LocaleUtil.getLocaleIdFromAcceptLanguage(request.getHeader("Accept-Language"));
}
user.setLocaleId(localeId);
user.setLocaleId(LocaleUtil.getLocaleIdFromAcceptLanguage(request.getHeader("Accept-Language")));
// Create the user
UserDao userDao = new UserDao();
@@ -108,9 +106,9 @@ public class UserResource extends BaseResource {
}
// Always return OK
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
@@ -118,20 +116,14 @@ public class UserResource extends BaseResource {
*
* @param password Password
* @param email E-Mail
* @param themeId Theme
* @param localeId Locale ID
* @param firstConnection True if the user hasn't acknowledged the first connection wizard yet.
* @return Response
* @throws JSONException
*/
@POST
@Produces(MediaType.APPLICATION_JSON)
public Response update(
@FormParam("password") String password,
@FormParam("email") String email,
@FormParam("theme") String themeId,
@FormParam("locale") String localeId,
@FormParam("first_connection") Boolean firstConnection) throws JSONException {
@FormParam("first_connection") Boolean firstConnection) {
if (!authenticate()) {
throw new ForbiddenClientException();
@@ -140,8 +132,6 @@ public class UserResource extends BaseResource {
// Validate the input data
password = ValidationUtil.validateLength(password, "password", 8, 50, true);
email = ValidationUtil.validateLength(email, "email", null, 100, true);
localeId = ValidationUtil.validateLocale(localeId, "locale", true);
themeId = ValidationUtil.validateTheme(themeId, "theme", true);
// Update the user
UserDao userDao = new UserDao();
@@ -149,12 +139,6 @@ public class UserResource extends BaseResource {
if (email != null) {
user.setEmail(email);
}
if (themeId != null) {
user.setTheme(themeId);
}
if (localeId != null) {
user.setLocaleId(localeId);
}
if (firstConnection != null && hasBaseFunction(BaseFunction.ADMIN)) {
user.setFirstConnection(firstConnection);
}
@@ -166,10 +150,10 @@ public class UserResource extends BaseResource {
userDao.updatePassword(user);
}
// Always return "ok"
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
@@ -178,20 +162,14 @@ public class UserResource extends BaseResource {
* @param username Username
* @param password Password
* @param email E-Mail
* @param themeId Theme
* @param localeId Locale ID
* @return Response
* @throws JSONException
*/
@POST
@Path("{username: [a-zA-Z0-9_]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response update(
@PathParam("username") String username,
@FormParam("password") String password,
@FormParam("email") String email,
@FormParam("theme") String themeId,
@FormParam("locale") String localeId) throws JSONException {
@FormParam("email") String email) {
if (!authenticate()) {
throw new ForbiddenClientException();
@@ -201,8 +179,6 @@ public class UserResource extends BaseResource {
// Validate the input data
password = ValidationUtil.validateLength(password, "password", 8, 50, true);
email = ValidationUtil.validateLength(email, "email", null, 100, true);
localeId = ValidationUtil.validateLocale(localeId, "locale", true);
themeId = ValidationUtil.validateTheme(themeId, "theme", true);
// Check if the user exists
UserDao userDao = new UserDao();
@@ -215,12 +191,6 @@ public class UserResource extends BaseResource {
if (email != null) {
user.setEmail(email);
}
if (themeId != null) {
user.setTheme(themeId);
}
if (localeId != null) {
user.setLocaleId(localeId);
}
user = userDao.update(user);
@@ -230,10 +200,10 @@ public class UserResource extends BaseResource {
userDao.updatePassword(user);
}
// Always return "ok"
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
@@ -244,22 +214,21 @@ public class UserResource extends BaseResource {
*/
@GET
@Path("check_username")
@Produces(MediaType.APPLICATION_JSON)
public Response checkUsername(
@QueryParam("username") String username) throws JSONException {
@QueryParam("username") String username) {
UserDao userDao = new UserDao();
User user = userDao.getActiveByUsername(username);
JSONObject response = new JSONObject();
JsonObjectBuilder response = Json.createObjectBuilder();
if (user != null) {
response.put("status", "ko");
response.put("message", "Username already registered");
response.add("status", "ko")
.add("message", "Username already registered");
} else {
response.put("status", "ok");
response.add("status", "ok");
}
return Response.ok().entity(response).build();
return Response.ok().entity(response.build()).build();
}
/**
@@ -273,11 +242,10 @@ public class UserResource extends BaseResource {
*/
@POST
@Path("login")
@Produces(MediaType.APPLICATION_JSON)
public Response login(
@FormParam("username") String username,
@FormParam("password") String password,
@FormParam("remember") boolean longLasted) throws JSONException {
@FormParam("remember") boolean longLasted) {
// Validate the input data
username = StringUtils.strip(username);
@@ -308,10 +276,10 @@ public class UserResource extends BaseResource {
// Cleanup old session tokens
authenticationTokenDao.deleteOldSessionToken(userId);
JSONObject response = new JSONObject();
JsonObjectBuilder response = Json.createObjectBuilder();
int maxAge = longLasted ? TokenBasedSecurityFilter.TOKEN_LONG_LIFETIME : -1;
NewCookie cookie = new NewCookie(TokenBasedSecurityFilter.COOKIE_NAME, token, "/", null, null, maxAge, false);
return Response.ok().entity(response).cookie(cookie).build();
return Response.ok().entity(response.build()).cookie(cookie).build();
}
/**
@@ -321,8 +289,7 @@ public class UserResource extends BaseResource {
*/
@POST
@Path("logout")
@Produces(MediaType.APPLICATION_JSON)
public Response logout() throws JSONException {
public Response logout() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -356,9 +323,9 @@ public class UserResource extends BaseResource {
}
// Deletes the client token in the HTTP response
JSONObject response = new JSONObject();
JsonObjectBuilder response = Json.createObjectBuilder();
NewCookie cookie = new NewCookie(TokenBasedSecurityFilter.COOKIE_NAME, null);
return Response.ok().entity(response).cookie(cookie).build();
return Response.ok().entity(response.build()).cookie(cookie).build();
}
/**
@@ -367,8 +334,7 @@ public class UserResource extends BaseResource {
* @return Response
*/
@DELETE
@Produces(MediaType.APPLICATION_JSON)
public Response delete() throws JSONException {
public Response delete() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -382,10 +348,10 @@ public class UserResource extends BaseResource {
UserDao userDao = new UserDao();
userDao.delete(principal.getName());
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
@@ -393,12 +359,10 @@ public class UserResource extends BaseResource {
*
* @param username Username
* @return Response
* @throws JSONException
*/
@DELETE
@Path("{username: [a-zA-Z0-9_]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response delete(@PathParam("username") String username) throws JSONException {
public Response delete(@PathParam("username") String username) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -421,49 +385,49 @@ public class UserResource extends BaseResource {
// Delete the user
userDao.delete(user.getUsername());
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
/**
* Returns the information about the connected user.
*
* @return Response
* @throws JSONException
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
public Response info() throws JSONException {
JSONObject response = new JSONObject();
public Response info() {
JsonObjectBuilder response = Json.createObjectBuilder();
if (!authenticate()) {
response.put("anonymous", true);
response.add("anonymous", true);
String localeId = LocaleUtil.getLocaleIdFromAcceptLanguage(request.getHeader("Accept-Language"));
response.put("locale", localeId);
response.add("locale", localeId);
// Check if admin has the default password
UserDao userDao = new UserDao();
User adminUser = userDao.getById("admin");
if (adminUser != null && adminUser.getDeleteDate() == null) {
response.put("is_default_password", Constants.DEFAULT_ADMIN_PASSWORD.equals(adminUser.getPassword()));
response.add("is_default_password", Constants.DEFAULT_ADMIN_PASSWORD.equals(adminUser.getPassword()));
}
} else {
response.put("anonymous", false);
response.add("anonymous", false);
UserDao userDao = new UserDao();
User user = userDao.getById(principal.getId());
response.put("username", user.getUsername());
response.put("email", user.getEmail());
response.put("theme", user.getTheme());
response.put("locale", user.getLocaleId());
response.put("first_connection", user.isFirstConnection());
JSONArray baseFunctions = new JSONArray(((UserPrincipal) principal).getBaseFunctionSet());
response.put("base_functions", baseFunctions);
response.put("is_default_password", hasBaseFunction(BaseFunction.ADMIN) && Constants.DEFAULT_ADMIN_PASSWORD.equals(user.getPassword()));
response.add("username", user.getUsername())
.add("email", user.getEmail())
.add("locale", user.getLocaleId())
.add("first_connection", user.isFirstConnection());
JsonArrayBuilder baseFunctions = Json.createArrayBuilder();
for (String baseFunction : ((UserPrincipal) principal).getBaseFunctionSet()) {
baseFunctions.add(baseFunction);
}
response.add("base_functions", baseFunctions)
.add("is_default_password", hasBaseFunction(BaseFunction.ADMIN) && Constants.DEFAULT_ADMIN_PASSWORD.equals(user.getPassword()));
}
return Response.ok().entity(response).build();
return Response.ok().entity(response.build()).build();
}
/**
@@ -471,31 +435,27 @@ public class UserResource extends BaseResource {
*
* @param username Username
* @return Response
* @throws JSONException
*/
@GET
@Path("{username: [a-zA-Z0-9_]+}")
@Produces(MediaType.APPLICATION_JSON)
public Response view(@PathParam("username") String username) throws JSONException {
public Response view(@PathParam("username") String username) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
checkBaseFunction(BaseFunction.ADMIN);
JSONObject response = new JSONObject();
UserDao userDao = new UserDao();
User user = userDao.getActiveByUsername(username);
if (user == null) {
throw new ClientException("UserNotFound", "The user doesn't exist");
}
response.put("username", user.getUsername());
response.put("email", user.getEmail());
response.put("theme", user.getTheme());
response.put("locale", user.getLocaleId());
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("username", user.getUsername())
.add("email", user.getEmail())
.add("locale", user.getLocaleId());
return Response.ok().entity(response.build()).build();
}
/**
@@ -506,53 +466,47 @@ public class UserResource extends BaseResource {
* @param sortColumn Sort index
* @param asc If true, ascending sorting, else descending
* @return Response
* @throws JSONException
*/
@GET
@Path("list")
@Produces(MediaType.APPLICATION_JSON)
public Response list(
@QueryParam("limit") Integer limit,
@QueryParam("offset") Integer offset,
@QueryParam("sort_column") Integer sortColumn,
@QueryParam("asc") Boolean asc) throws JSONException {
@QueryParam("asc") Boolean asc) {
if (!authenticate()) {
throw new ForbiddenClientException();
}
checkBaseFunction(BaseFunction.ADMIN);
JSONObject response = new JSONObject();
List<JSONObject> users = new ArrayList<>();
JsonArrayBuilder users = Json.createArrayBuilder();
PaginatedList<UserDto> paginatedList = PaginatedLists.create(limit, offset);
SortCriteria sortCriteria = new SortCriteria(sortColumn, asc);
UserDao userDao = new UserDao();
userDao.findByCriteria(paginatedList, new UserCriteria(), sortCriteria);
for (UserDto userDto : paginatedList.getResultList()) {
JSONObject user = new JSONObject();
user.put("id", userDto.getId());
user.put("username", userDto.getUsername());
user.put("email", userDto.getEmail());
user.put("create_date", userDto.getCreateTimestamp());
users.add(user);
users.add(Json.createObjectBuilder()
.add("id", userDto.getId())
.add("username", userDto.getUsername())
.add("email", userDto.getEmail())
.add("create_date", userDto.getCreateTimestamp()));
}
response.put("total", paginatedList.getResultCount());
response.put("users", users);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("total", paginatedList.getResultCount())
.add("users", users);
return Response.ok().entity(response.build()).build();
}
/**
* Returns all active sessions.
*
* @return Response
* @throws JSONException
*/
@GET
@Path("session")
@Produces(MediaType.APPLICATION_JSON)
public Response session() throws JSONException {
public Response session() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -567,37 +521,34 @@ public class UserResource extends BaseResource {
}
}
JSONObject response = new JSONObject();
List<JSONObject> sessions = new ArrayList<>();
JsonArrayBuilder sessions = Json.createArrayBuilder();
AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao();
for (AuthenticationToken authenticationToken : authenticationTokenDao.getByUserId(principal.getId())) {
JSONObject session = new JSONObject();
session.put("create_date", authenticationToken.getCreationDate().getTime());
session.put("ip", authenticationToken.getIp());
session.put("user_agent", authenticationToken.getUserAgent());
JsonObjectBuilder session = Json.createObjectBuilder()
.add("create_date", authenticationToken.getCreationDate().getTime())
.add("ip", authenticationToken.getIp())
.add("user_agent", authenticationToken.getUserAgent());
if (authenticationToken.getLastConnectionDate() != null) {
session.put("last_connection_date", authenticationToken.getLastConnectionDate().getTime());
session.add("last_connection_date", authenticationToken.getLastConnectionDate().getTime());
}
session.put("current", authenticationToken.getId().equals(authToken));
session.add("current", authenticationToken.getId().equals(authToken));
sessions.add(session);
}
response.put("sessions", sessions);
return Response.ok().entity(response).build();
JsonObjectBuilder response = Json.createObjectBuilder()
.add("sessions", sessions);
return Response.ok().entity(response.build()).build();
}
/**
* Deletes all active sessions except the one used for this request.
*
* @return Response
* @throws JSONException
*/
@DELETE
@Path("session")
@Produces(MediaType.APPLICATION_JSON)
public Response deleteSession() throws JSONException {
public Response deleteSession() {
if (!authenticate()) {
throw new ForbiddenClientException();
}
@@ -616,9 +567,9 @@ public class UserResource extends BaseResource {
AuthenticationTokenDao authenticationTokenDao = new AuthenticationTokenDao();
authenticationTokenDao.deleteByUserId(principal.getId(), authToken);
// Always return ok
JSONObject response = new JSONObject();
response.put("status", "ok");
return Response.ok().entity(response).build();
// Always return OK
JsonObjectBuilder response = Json.createObjectBuilder()
.add("status", "ok");
return Response.ok().entity(response.build()).build();
}
}

27
docs-web/src/main/webapp/WEB-INF/web.xml
View File

@@ -6,10 +6,11 @@
version="3.0">
<display-name>Docs</display-name>
<!-- This filter is used to secure URLs -->
<!-- This filter is used to process a couple things in the request context -->
<filter>
<filter-name>requestContextFilter</filter-name>
<filter-class>com.sismics.util.filter.RequestContextFilter</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
@@ -22,6 +23,7 @@
<filter>
<filter-name>tokenBasedSecurityFilter</filter-name>
<filter-class>com.sismics.util.filter.TokenBasedSecurityFilter</filter-class>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
@@ -29,23 +31,28 @@
<url-pattern>/api/*</url-pattern>
</filter-mapping>
<!-- Welcome files -->
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<!-- Jersey -->
<servlet>
<servlet-name>Jersey REST Service</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<servlet-name>JerseyServlet</servlet-name>
<servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-name>jersey.config.server.provider.packages</param-name>
<param-value>com.sismics.docs.rest.resource</param-value>
</init-param>
<init-param>
<param-name>jersey.config.server.provider.classnames</param-name>
<param-value>org.glassfish.jersey.media.multipart.MultiPartFeature</param-value>
</init-param>
<init-param>
<param-name>jersey.config.server.response.setStatusOverSendError</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
<async-supported>true</async-supported>
</servlet>
<servlet-mapping>
<servlet-name>Jersey REST Service</servlet-name>
<servlet-name>JerseyServlet</servlet-name>
<url-pattern>/api/*</url-pattern>
</servlet-mapping>
</web-app>

191
docs-web/src/test/java/com/sismics/docs/rest/TestAclResource.java
View File

@@ -2,18 +2,18 @@ package com.sismics.docs.rest;
import java.util.Date;
import junit.framework.Assert;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.junit.Assert;
import org.junit.Test;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Test the ACL resource.
@@ -27,7 +27,7 @@ public class TestAclResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testAclResource() throws JSONException {
public void testAclResource() {
// Login acl1
clientUtil.createUser("acl1");
String acl1Token = clientUtil.login("acl1");
@@ -37,141 +37,118 @@ public class TestAclResource extends BaseJerseyTest {
String acl2Token = clientUtil.login("acl2");
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(acl1Token));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("title", "My super title document 1");
postParams.add("language", "eng");
postParams.add("create_date", new Date().getTime());
ClientResponse response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String document1Id = json.optString("id");
JsonObject json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.put(Entity.form(new Form()
.param("title", "My super title document 1")
.param("language", "eng")
.param("create_date", Long.toString(new Date().getTime()))), JsonObject.class);
String document1Id = json.getString("id");
// Get the document as acl1
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(acl1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.get(JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id"));
JSONArray acls = json.getJSONArray("acls");
Assert.assertEquals(2, acls.length());
JsonArray acls = json.getJsonArray("acls");
Assert.assertEquals(2, acls.size());
// Get the document as acl2
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(acl2Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Response response = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get();
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
// Add an ACL READ for acl2 with acl1
WebResource aclResource = resource().path("/acl");
aclResource.addFilter(new CookieAuthenticationFilter(acl1Token));
postParams = new MultivaluedMapImpl();
postParams.add("source", document1Id);
postParams.add("perm", "READ");
postParams.add("username", "acl2");
response = aclResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.put(Entity.form(new Form()
.param("source", document1Id)
.param("perm", "READ")
.param("username", "acl2")), JsonObject.class);
String acl2Id = json.getString("id");
// Add an ACL WRITE for acl2 with acl1
aclResource = resource().path("/acl");
aclResource.addFilter(new CookieAuthenticationFilter(acl1Token));
postParams = new MultivaluedMapImpl();
postParams.add("source", document1Id);
postParams.add("perm", "WRITE");
postParams.add("username", "acl2");
response = aclResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.put(Entity.form(new Form()
.param("source", document1Id)
.param("perm", "WRITE")
.param("username", "acl2")), JsonObject.class);
// Add an ACL WRITE for acl2 with acl1 (again)
aclResource = resource().path("/acl");
aclResource.addFilter(new CookieAuthenticationFilter(acl1Token));
postParams = new MultivaluedMapImpl();
postParams.add("source", document1Id);
postParams.add("perm", "WRITE");
postParams.add("username", "acl2");
response = aclResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/acl").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.put(Entity.form(new Form()
.param("source", document1Id)
.param("perm", "WRITE")
.param("username", "acl2")), JsonObject.class);
// Get the document as acl1
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(acl1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.get(JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id"));
acls = json.getJSONArray("acls");
Assert.assertEquals(4, acls.length());
acls = json.getJsonArray("acls");
Assert.assertEquals(4, acls.size());
// Get the document as acl2
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(acl2Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get(JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id"));
acls = json.getJSONArray("acls");
Assert.assertEquals(4, acls.length());
acls = json.getJsonArray("acls");
Assert.assertEquals(4, acls.size());
// Delete the ACL WRITE for acl2 with acl2
aclResource = resource().path("/acl/" + document1Id + "/WRITE/" + acl2Id);
aclResource.addFilter(new CookieAuthenticationFilter(acl2Token));
response = aclResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
target().path("/acl/" + document1Id + "/WRITE/" + acl2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.delete();
// Delete the ACL READ for acl2 with acl2
aclResource = resource().path("/acl/" + document1Id + "/READ/" + acl2Id);
aclResource.addFilter(new CookieAuthenticationFilter(acl2Token));
response = aclResource.delete(ClientResponse.class);
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
target().path("/acl/" + document1Id + "/READ/" + acl2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.delete();
// Delete the ACL READ for acl2 with acl1
aclResource = resource().path("/acl/" + document1Id + "/READ/" + acl2Id);
aclResource.addFilter(new CookieAuthenticationFilter(acl1Token));
response = aclResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
target().path("/acl/" + document1Id + "/READ/" + acl2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.delete();
// Get the document as acl1
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(acl1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.get(JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id"));
acls = json.getJSONArray("acls");
Assert.assertEquals(2, acls.length());
String acl1Id = acls.getJSONObject(0).getString("id");
acls = json.getJsonArray("acls");
Assert.assertEquals(2, acls.size());
String acl1Id = acls.getJsonObject(0).getString("id");
// Get the document as acl2
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(acl2Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
response = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl2Token)
.get();
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
// Delete the ACL READ for acl1 with acl1
aclResource = resource().path("/acl/" + document1Id + "/READ/" + acl1Id);
aclResource.addFilter(new CookieAuthenticationFilter(acl1Token));
response = aclResource.delete(ClientResponse.class);
response = target().path("/acl/" + document1Id + "/READ/" + acl1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
// Delete the ACL WRITE for acl1 with acl1
aclResource = resource().path("/acl/" + document1Id + "/WRITE/" + acl1Id);
aclResource.addFilter(new CookieAuthenticationFilter(acl1Token));
response = aclResource.delete(ClientResponse.class);
response = target().path("/acl/" + document1Id + "/WRITE/" + acl1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
// Search target list
aclResource = resource().path("/acl/target/search");
aclResource.addFilter(new CookieAuthenticationFilter(acl1Token));
response = aclResource.queryParam("search", "acl").get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONArray users = json.getJSONArray("users");
Assert.assertEquals(2, users.length());
json = target().path("/acl/target/search")
.queryParam("search", "acl")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, acl1Token)
.get(JsonObject.class);
JsonArray users = json.getJsonArray("users");
Assert.assertEquals(2, users.size());
}
}

94
docs-web/src/test/java/com/sismics/docs/rest/TestAppResource.java
View File

@@ -1,15 +1,18 @@
package com.sismics.docs.rest;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.junit.Assert;
import org.junit.Test;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Test the app resource.
*
@@ -22,36 +25,33 @@ public class TestAppResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testAppResource() throws JSONException {
public void testAppResource() {
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
// Check the application info
WebResource appResource = resource().path("/app");
appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
ClientResponse response = appResource.get(ClientResponse.class);
response = appResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
JsonObject json = target().path("/app").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.get(JsonObject.class);
String currentVersion = json.getString("current_version");
Assert.assertNotNull(currentVersion);
String minVersion = json.getString("min_version");
Assert.assertNotNull(minVersion);
Long freeMemory = json.getLong("free_memory");
Long freeMemory = json.getJsonNumber("free_memory").longValue();
Assert.assertTrue(freeMemory > 0);
Long totalMemory = json.getLong("total_memory");
Long totalMemory = json.getJsonNumber("total_memory").longValue();
Assert.assertTrue(totalMemory > 0 && totalMemory > freeMemory);
// Rebuild Lucene index
appResource = resource().path("/app/batch/reindex");
appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = appResource.post(ClientResponse.class);
Response response = target().path("/app/batch/reindex").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
// Clean storage
appResource = resource().path("/app/batch/clean_storage");
appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = appResource.post(ClientResponse.class);
response = target().path("/app/batch/clean_storage").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
}
@@ -61,39 +61,33 @@ public class TestAppResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testLogResource() throws JSONException {
public void testLogResource() {
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
// Check the logs (page 1)
WebResource appResource = resource()
.path("/app/log")
.queryParam("level", "DEBUG");
ClientResponse response = appResource.get(ClientResponse.class);
appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = appResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
JSONArray logs = json.getJSONArray("logs");
Assert.assertTrue(logs.length() > 0);
Long date1 = logs.optJSONObject(0).optLong("date");
Long date2 = logs.optJSONObject(9).optLong("date");
Assert.assertTrue(date1 > date2);
JsonObject json = target().path("/app/log")
.queryParam("level", "DEBUG")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.get(JsonObject.class);
JsonArray logs = json.getJsonArray("logs");
Assert.assertTrue(logs.size() > 0);
Long date1 = logs.getJsonObject(0).getJsonNumber("date").longValue();
Long date2 = logs.getJsonObject(9).getJsonNumber("date").longValue();
Assert.assertTrue(date1 >= date2);
// Check the logs (page 2)
appResource = resource()
.path("/app/log")
json = target().path("/app/log")
.queryParam("offset", "10")
.queryParam("level", "DEBUG");
response = appResource.get(ClientResponse.class);
appResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = appResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
logs = json.getJSONArray("logs");
Assert.assertTrue(logs.length() > 0);
Long date3 = logs.optJSONObject(0).optLong("date");
Long date4 = logs.optJSONObject(9).optLong("date");
Assert.assertTrue(date3 > date4);
.queryParam("level", "DEBUG")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.get(JsonObject.class);
logs = json.getJsonArray("logs");
Assert.assertTrue(logs.size() > 0);
Long date3 = logs.getJsonObject(0).getJsonNumber("date").longValue();
Long date4 = logs.getJsonObject(9).getJsonNumber("date").longValue();
Assert.assertTrue(date3 >= date4);
}
}

102
docs-web/src/test/java/com/sismics/docs/rest/TestAuditLogResource.java
View File

@@ -2,19 +2,17 @@ package com.sismics.docs.rest;
import java.util.Date;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.junit.Assert;
import org.junit.Test;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Test the audit log resource.
*
@@ -27,72 +25,60 @@ public class TestAuditLogResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testAuditLogResource() throws JSONException {
public void testAuditLogResource() {
// Login auditlog1
clientUtil.createUser("auditlog1");
String auditlog1Token = clientUtil.login("auditlog1");
// Create a tag
WebResource tagResource = resource().path("/tag");
tagResource.addFilter(new CookieAuthenticationFilter(auditlog1Token));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("name", "SuperTag");
postParams.add("color", "#ffff00");
ClientResponse response = tagResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String tag1Id = json.optString("id");
JsonObject json = target().path("/tag").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
.put(Entity.form(new Form()
.param("name", "SuperTag")
.param("color", "#ffff00")), JsonObject.class);
String tag1Id = json.getString("id");
Assert.assertNotNull(tag1Id);
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(auditlog1Token));
postParams = new MultivaluedMapImpl();
postParams.add("title", "My super title document 1");
postParams.add("description", "My super description for document 1");
postParams.add("tags", tag1Id);
postParams.add("language", "eng");
long create1Date = new Date().getTime();
postParams.add("create_date", create1Date);
response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String document1Id = json.optString("id");
json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
.put(Entity.form(new Form()
.param("title", "My super title document 1")
.param("description", "My super description for document 1")
.param("tags", tag1Id)
.param("language", "eng")
.param("create_date", Long.toString(create1Date))), JsonObject.class);
String document1Id = json.getString("id");
Assert.assertNotNull(document1Id);
// Get all logs for the document
WebResource auditLogResource = resource().path("/auditlog");
auditLogResource.addFilter(new CookieAuthenticationFilter(auditlog1Token));
response = auditLogResource.queryParam("document", document1Id).get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
JSONArray logs = json.getJSONArray("logs");
Assert.assertTrue(logs.length() == 3);
json = target().path("/auditlog")
.queryParam("document", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
.get(JsonObject.class);
JsonArray logs = json.getJsonArray("logs");
Assert.assertTrue(logs.size() == 3);
// Get all logs for the current user
auditLogResource = resource().path("/auditlog");
auditLogResource.addFilter(new CookieAuthenticationFilter(auditlog1Token));
response = auditLogResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
logs = json.getJSONArray("logs");
Assert.assertTrue(logs.length() == 3);
json = target().path("/auditlog").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
.get(JsonObject.class);
logs = json.getJsonArray("logs");
Assert.assertTrue(logs.size() == 3);
// Deletes a tag
tagResource = resource().path("/tag/" + tag1Id);
tagResource.addFilter(new CookieAuthenticationFilter(auditlog1Token));
response = tagResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/tag/" + tag1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Get all logs for the current user
auditLogResource = resource().path("/auditlog");
auditLogResource.addFilter(new CookieAuthenticationFilter(auditlog1Token));
response = auditLogResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
logs = json.getJSONArray("logs");
Assert.assertTrue(logs.length() == 4);
json = target().path("/auditlog").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, auditlog1Token)
.get(JsonObject.class);
logs = json.getJsonArray("logs");
Assert.assertTrue(logs.size() == 4);
}
}

389
docs-web/src/test/java/com/sismics/docs/rest/TestDocumentResource.java
View File

@@ -1,31 +1,32 @@
package com.sismics.docs.rest;
import java.io.BufferedInputStream;
import java.io.InputStream;
import java.nio.file.Paths;
import java.util.Date;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONObject;
import org.glassfish.jersey.media.multipart.FormDataMultiPart;
import org.glassfish.jersey.media.multipart.MultiPartFeature;
import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart;
import org.joda.time.format.DateTimeFormat;
import org.junit.Assert;
import org.junit.Test;
import com.google.common.io.ByteStreams;
import com.google.common.io.Resources;
import com.sismics.docs.core.util.DirectoryUtil;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sismics.util.filter.TokenBasedSecurityFilter;
import com.sismics.util.mime.MimeType;
import com.sismics.util.mime.MimeTypeUtil;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import com.sun.jersey.multipart.FormDataBodyPart;
import com.sun.jersey.multipart.FormDataMultiPart;
/**
* Exhaustive test of the document resource.
@@ -35,6 +36,7 @@ import com.sun.jersey.multipart.FormDataMultiPart;
public class TestDocumentResource extends BaseJerseyTest {
/**
* Test the document resource.
*
* @throws Exception
*/
@Test
@@ -48,131 +50,113 @@ public class TestDocumentResource extends BaseJerseyTest {
String document3Token = clientUtil.login("document3");
// Create a tag
WebResource tagResource = resource().path("/tag");
tagResource.addFilter(new CookieAuthenticationFilter(document1Token));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("name", "SuperTag");
postParams.add("color", "#ffff00");
ClientResponse response = tagResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String tag1Id = json.optString("id");
JsonObject json = target().path("/tag").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.put(Entity.form(new Form()
.param("name", "SuperTag")
.param("color", "#ffff00")), JsonObject.class);
String tag1Id = json.getString("id");
Assert.assertNotNull(tag1Id);
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
postParams = new MultivaluedMapImpl();
postParams.add("title", "My super title document 1");
postParams.add("description", "My super description for document 1");
postParams.add("tags", tag1Id);
postParams.add("language", "eng");
long create1Date = new Date().getTime();
postParams.add("create_date", create1Date);
response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String document1Id = json.optString("id");
json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.put(Entity.form(new Form()
.param("title", "My super title document 1")
.param("description", "My super description for document 1")
.param("tags", tag1Id)
.param("language", "eng")
.param("create_date", Long.toString(create1Date))), JsonObject.class);
String document1Id = json.getString("id");
Assert.assertNotNull(document1Id);
// Add a file
WebResource fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(document1Token));
FormDataMultiPart form = new FormDataMultiPart();
InputStream file = this.getClass().getResourceAsStream("/file/Einstein-Roosevelt-letter.png");
FormDataBodyPart fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
form.field("id", document1Id);
response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String file1Id = json.getString("id");
String file1Id = null;
try (InputStream is = Resources.getResource("file/Einstein-Roosevelt-letter.png").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "Einstein-Roosevelt-letter.png");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
Assert.assertNotNull(file1Id);
}
}
// Share this document
WebResource fileShareResource = resource().path("/share");
fileShareResource.addFilter(new CookieAuthenticationFilter(document1Token));
postParams = new MultivaluedMapImpl();
postParams.add("id", document1Id);
response = fileShareResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/share").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.put(Entity.form(new Form().param("id", document1Id)), JsonObject.class);
// List all documents
documentResource = resource().path("/document/list");
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
MultivaluedMapImpl getParams = new MultivaluedMapImpl();
getParams.putSingle("sort_column", 3);
getParams.putSingle("asc", false);
response = documentResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONArray documents = json.getJSONArray("documents");
JSONArray tags = documents.getJSONObject(0).getJSONArray("tags");
Assert.assertTrue(documents.length() == 1);
Assert.assertEquals(document1Id, documents.getJSONObject(0).getString("id"));
Assert.assertEquals("eng", documents.getJSONObject(0).getString("language"));
Assert.assertEquals(1, documents.getJSONObject(0).getInt("file_count"));
Assert.assertEquals(1, tags.length());
Assert.assertEquals(tag1Id, tags.getJSONObject(0).getString("id"));
Assert.assertEquals("SuperTag", tags.getJSONObject(0).getString("name"));
Assert.assertEquals("#ffff00", tags.getJSONObject(0).getString("color"));
json = target().path("/document/list")
.queryParam("sort_column", 3)
.queryParam("asc", false)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.get(JsonObject.class);
JsonArray documents = json.getJsonArray("documents");
JsonArray tags = documents.getJsonObject(0).getJsonArray("tags");
Assert.assertTrue(documents.size() == 1);
Assert.assertEquals(document1Id, documents.getJsonObject(0).getString("id"));
Assert.assertEquals("eng", documents.getJsonObject(0).getString("language"));
Assert.assertEquals(1, documents.getJsonObject(0).getInt("file_count"));
Assert.assertEquals(1, tags.size());
Assert.assertEquals(tag1Id, tags.getJsonObject(0).getString("id"));
Assert.assertEquals("SuperTag", tags.getJsonObject(0).getString("name"));
Assert.assertEquals("#ffff00", tags.getJsonObject(0).getString("color"));
// List all documents from document3
documentResource = resource().path("/document/list");
documentResource.addFilter(new CookieAuthenticationFilter(document3Token));
getParams = new MultivaluedMapImpl();
getParams.putSingle("sort_column", 3);
getParams.putSingle("asc", false);
response = documentResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
documents = json.getJSONArray("documents");
Assert.assertTrue(documents.length() == 0);
json = target().path("/document/list")
.queryParam("sort_column", 3)
.queryParam("asc", false)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token)
.get(JsonObject.class);
documents = json.getJsonArray("documents");
Assert.assertTrue(documents.size() == 0);
// Create a document with document3
documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(document3Token));
postParams = new MultivaluedMapImpl();
postParams.add("title", "My super title document 1");
postParams.add("description", "My super description for document 1");
postParams.add("language", "eng");
long create3Date = new Date().getTime();
postParams.add("create_date", create3Date);
response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String document3Id = json.optString("id");
json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token)
.put(Entity.form(new Form()
.param("title", "My super title document 1")
.param("description", "My super description for document 1")
.param("language", "eng")
.param("create_date", Long.toString(create3Date))), JsonObject.class);
String document3Id = json.getString("id");
Assert.assertNotNull(document3Id);
// Add a file
fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(document3Token));
form = new FormDataMultiPart();
file = this.getClass().getResourceAsStream("/file/Einstein-Roosevelt-letter.png");
fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
form.field("id", document3Id);
response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String file3Id = json.getString("id");
Assert.assertNotNull(file3Id);
String file3Id = null;
try (InputStream is = Resources.getResource("file/Einstein-Roosevelt-letter.png").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "Einstein-Roosevelt-letter.png");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token)
.put(Entity.entity(multiPart.field("id", document3Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file3Id = json.getString("id");
Assert.assertNotNull(file3Id);
}
}
// List all documents from document3
documentResource = resource().path("/document/list");
documentResource.addFilter(new CookieAuthenticationFilter(document3Token));
getParams = new MultivaluedMapImpl();
getParams.putSingle("sort_column", 3);
getParams.putSingle("asc", false);
response = documentResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
documents = json.getJSONArray("documents");
Assert.assertTrue(documents.length() == 1);
json = target().path("/document/list")
.queryParam("sort_column", 3)
.queryParam("asc", false)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document3Token)
.get(JsonObject.class);
documents = json.getJsonArray("documents");
Assert.assertTrue(documents.size() == 1);
// Search documents
Assert.assertEquals(1, searchDocuments("full:uranium full:einstein", document1Token));
@@ -200,11 +184,9 @@ public class TestDocumentResource extends BaseJerseyTest {
Assert.assertEquals(0, searchDocuments("lang:fra", document1Token));
// Get a document
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.get(JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id"));
Assert.assertEquals("document1", json.getString("creator"));
Assert.assertEquals(1, json.getInt("file_count"));
@@ -212,62 +194,48 @@ public class TestDocumentResource extends BaseJerseyTest {
Assert.assertEquals("My super title document 1", json.getString("title"));
Assert.assertEquals("My super description for document 1", json.getString("description"));
Assert.assertEquals("eng", json.getString("language"));
Assert.assertEquals(create1Date, json.getLong("create_date"));
tags = json.getJSONArray("tags");
Assert.assertEquals(1, tags.length());
Assert.assertEquals(tag1Id, tags.getJSONObject(0).getString("id"));
Assert.assertEquals(create1Date, json.getJsonNumber("create_date").longValue());
tags = json.getJsonArray("tags");
Assert.assertEquals(1, tags.size());
Assert.assertEquals(tag1Id, tags.getJsonObject(0).getString("id"));
// Create a tag
tagResource = resource().path("/tag");
tagResource.addFilter(new CookieAuthenticationFilter(document1Token));
postParams = new MultivaluedMapImpl();
postParams.add("name", "SuperTag2");
postParams.add("color", "#00ffff");
response = tagResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String tag2Id = json.optString("id");
json = target().path("/tag").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.put(Entity.form(new Form().param("name", "SuperTag2").param("color", "#00ffff")), JsonObject.class);
String tag2Id = json.getString("id");
Assert.assertNotNull(tag1Id);
// Update a document
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
postParams = new MultivaluedMapImpl();
postParams.add("title", "My new super document 1");
postParams.add("description", "My new super description for document 1");
postParams.add("tags", tag2Id);
response = documentResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.post(Entity.form(new Form()
.param("title", "My new super document 1")
.param("description", "My new super description for document 1")
.param("tags", tag2Id)), JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id"));
// Search documents by query
documentResource = resource().path("/document/list");
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
getParams = new MultivaluedMapImpl();
getParams.putSingle("search", "super");
response = documentResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/list")
.queryParam("search", "super")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.get(JsonObject.class);
// Get a document
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.get(JsonObject.class);
Assert.assertTrue(json.getString("title").contains("new"));
Assert.assertTrue(json.getString("description").contains("new"));
tags = json.getJSONArray("tags");
Assert.assertEquals(1, tags.length());
Assert.assertEquals(tag2Id, tags.getJSONObject(0).getString("id"));
tags = json.getJsonArray("tags");
Assert.assertEquals(1, tags.size());
Assert.assertEquals(tag2Id, tags.getJsonObject(0).getString("id"));
// Deletes a document
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
response = documentResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Check that the associated files are deleted from FS
@@ -279,9 +247,9 @@ public class TestDocumentResource extends BaseJerseyTest {
Assert.assertFalse(thumbnailFile.exists());
// Get a document (KO)
documentResource = resource().path("/document/" + document1Id);
documentResource.addFilter(new CookieAuthenticationFilter(document1Token));
response = documentResource.get(ClientResponse.class);
Response response = target().path("/document/" + document1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document1Token)
.get();
Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus()));
}
@@ -294,14 +262,12 @@ public class TestDocumentResource extends BaseJerseyTest {
* @throws Exception
*/
private int searchDocuments(String query, String token) throws Exception {
WebResource documentResource = resource().path("/document/list");
documentResource.addFilter(new CookieAuthenticationFilter(token));
MultivaluedMapImpl getParams = new MultivaluedMapImpl();
getParams.putSingle("search", query);
ClientResponse response = documentResource.queryParams(getParams).get(ClientResponse.class);
JSONObject json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
return json.getJSONArray("documents").length();
JsonObject json = target().path("/document/list")
.queryParam("search", query)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, token)
.get(JsonObject.class);
return json.getJsonArray("documents").size();
}
/**
@@ -316,53 +282,48 @@ public class TestDocumentResource extends BaseJerseyTest {
String document2Token = clientUtil.login("document2");
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(document2Token));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("title", "My super title document 1");
postParams.add("description", "My super description for document 1");
postParams.add("language", "eng");
long create1Date = new Date().getTime();
postParams.add("create_date", create1Date);
ClientResponse response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String document1Id = json.optString("id");
JsonObject json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token)
.put(Entity.form(new Form()
.param("title", "My super title document 1")
.param("description", "My super description for document 1")
.param("language", "eng")
.param("create_date", Long.toString(create1Date))), JsonObject.class);
String document1Id = json.getString("id");
Assert.assertNotNull(document1Id);
// Add a PDF file
WebResource fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(document2Token));
FormDataMultiPart form = new FormDataMultiPart();
InputStream file = this.getClass().getResourceAsStream("/file/wikipedia.pdf");
FormDataBodyPart fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
form.field("id", document1Id);
response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String file1Id = json.getString("id");
String file1Id = null;
try (InputStream is = Resources.getResource("file/wikipedia.pdf").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "wikipedia.pdf");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
Assert.assertNotNull(file1Id);
}
}
// Search documents by query in full content
documentResource = resource().path("/document/list");
documentResource.addFilter(new CookieAuthenticationFilter(document2Token));
MultivaluedMapImpl getParams = new MultivaluedMapImpl();
getParams.putSingle("search", "full:vrandecic");
response = documentResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
Assert.assertTrue(json.getJSONArray("documents").length() == 1);
json = target().path("/document/list")
.queryParam("search", "full:vrandecic")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token)
.get(JsonObject.class);
Assert.assertTrue(json.getJsonArray("documents").size() == 1);
// Get the file thumbnail data
fileResource = resource().path("/file/" + file1Id + "/data");
fileResource.addFilter(new CookieAuthenticationFilter(document2Token));
getParams = new MultivaluedMapImpl();
getParams.putSingle("size", "thumb");
response = fileResource.queryParams(getParams).get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
InputStream is = response.getEntityInputStream();
Response response = target().path("/file/" + file1Id + "/data")
.queryParam("size", "thumb")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, document2Token)
.get();
InputStream is = (InputStream) response.getEntity();
byte[] fileBytes = ByteStreams.toByteArray(is);
Assert.assertTrue(fileBytes.length > 0); // Images rendered from PDF differ in size from OS to OS due to font issues
Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes));

355
docs-web/src/test/java/com/sismics/docs/rest/TestFileResource.java
View File

@@ -4,26 +4,29 @@ import java.io.BufferedInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.nio.file.Paths;
import java.util.Date;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONObject;
import org.glassfish.jersey.media.multipart.FormDataMultiPart;
import org.glassfish.jersey.media.multipart.MultiPartFeature;
import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart;
import org.junit.Assert;
import org.junit.Test;
import com.google.common.io.ByteStreams;
import com.google.common.io.Resources;
import com.sismics.docs.core.util.DirectoryUtil;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sismics.util.filter.TokenBasedSecurityFilter;
import com.sismics.util.mime.MimeType;
import com.sismics.util.mime.MimeTypeUtil;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import com.sun.jersey.multipart.FormDataBodyPart;
import com.sun.jersey.multipart.FormDataMultiPart;
/**
* Exhaustive test of the file resource.
@@ -43,145 +46,137 @@ public class TestFileResource extends BaseJerseyTest {
String file1AuthenticationToken = clientUtil.login("file1");
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("title", "File test document 1");
postParams.add("language", "eng");
ClientResponse response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String document1Id = json.optString("id");
long create1Date = new Date().getTime();
JsonObject json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.put(Entity.form(new Form()
.param("title", "File test document 1")
.param("language", "eng")
.param("create_date", Long.toString(create1Date))), JsonObject.class);
String document1Id = json.getString("id");
Assert.assertNotNull(document1Id);
// Add a file
WebResource fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
FormDataMultiPart form = new FormDataMultiPart();
InputStream file = this.getClass().getResourceAsStream("/file/PIA00452.jpg");
FormDataBodyPart fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
form.field("id", document1Id);
response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String file1Id = json.getString("id");
String file1Id = null;
try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
Assert.assertNotNull(file1Id);
}
}
// Add a file
fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
form = new FormDataMultiPart();
file = this.getClass().getResourceAsStream("/file/PIA00452.jpg");
fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
form.field("id", document1Id);
response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String file2Id = json.getString("id");
String file2Id = null;
try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file2Id = json.getString("id");
Assert.assertNotNull(file2Id);
}
}
// Get the file data
fileResource = resource().path("/file/" + file1Id + "/data");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
response = fileResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
InputStream is = response.getEntityInputStream();
Response response = target().path("/file/" + file1Id + "/data").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get();
InputStream is = (InputStream) response.getEntity();
byte[] fileBytes = ByteStreams.toByteArray(is);
Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes));
Assert.assertTrue(fileBytes.length > 0);
// Get the thumbnail data
fileResource = resource().path("/file/" + file1Id + "/data");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
MultivaluedMapImpl getParams = new MultivaluedMapImpl();
getParams.putSingle("size", "thumb");
response = fileResource.queryParams(getParams).get(ClientResponse.class);
response = target().path("/file/" + file1Id + "/data")
.queryParam("size", "thumb")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
is = response.getEntityInputStream();
is = (InputStream) response.getEntity();
fileBytes = ByteStreams.toByteArray(is);
Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes));
Assert.assertTrue(fileBytes.length > 0);
// Get the web data
fileResource = resource().path("/file/" + file1Id + "/data");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
getParams = new MultivaluedMapImpl();
getParams.putSingle("size", "web");
response = fileResource.queryParams(getParams).get(ClientResponse.class);
response = target().path("/file/" + file1Id + "/data")
.queryParam("size", "web")
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
is = response.getEntityInputStream();
is = (InputStream) response.getEntity();
fileBytes = ByteStreams.toByteArray(is);
Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes));
Assert.assertTrue(fileBytes.length > 0);
// Check that the files are not readable directly from FS
java.io.File storedFile = Paths.get(DirectoryUtil.getStorageDirectory().getPath(), file1Id).toFile();
InputStream storedFileInputStream = new BufferedInputStream(new FileInputStream(storedFile));
Assert.assertNull(MimeTypeUtil.guessMimeType(storedFileInputStream));
storedFileInputStream.close();
try (InputStream storedFileInputStream = new BufferedInputStream(new FileInputStream(storedFile))) {
Assert.assertNull(MimeTypeUtil.guessMimeType(storedFileInputStream));
}
// Get all files from a document
fileResource = resource().path("/file/list");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
getParams = new MultivaluedMapImpl();
getParams.putSingle("id", document1Id);
response = fileResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONArray files = json.getJSONArray("files");
Assert.assertEquals(2, files.length());
Assert.assertEquals(file1Id, files.getJSONObject(0).getString("id"));
Assert.assertEquals(file2Id, files.getJSONObject(1).getString("id"));
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get(JsonObject.class);
JsonArray files = json.getJsonArray("files");
Assert.assertEquals(2, files.size());
Assert.assertEquals(file1Id, files.getJsonObject(0).getString("id"));
Assert.assertEquals(file2Id, files.getJsonObject(1).getString("id"));
// Reorder files
fileResource = resource().path("/file/reorder");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.add("id", document1Id);
postParams.add("order", file2Id);
postParams.add("order", file1Id);
response = fileResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/file/reorder").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.post(Entity.form(new Form()
.param("id", document1Id)
.param("order", file2Id)
.param("order", file1Id)), JsonObject.class);
// Get all files from a document
fileResource = resource().path("/file/list");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
getParams = new MultivaluedMapImpl();
getParams.putSingle("id", document1Id);
response = fileResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
files = json.getJSONArray("files");
Assert.assertEquals(2, files.length());
Assert.assertEquals(file2Id, files.getJSONObject(0).getString("id"));
Assert.assertEquals(file1Id, files.getJSONObject(1).getString("id"));
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get(JsonObject.class);
files = json.getJsonArray("files");
Assert.assertEquals(2, files.size());
Assert.assertEquals(file2Id, files.getJsonObject(0).getString("id"));
Assert.assertEquals(file1Id, files.getJsonObject(1).getString("id"));
// Get a ZIP from all files
fileResource = resource().path("/file/zip");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
getParams = new MultivaluedMapImpl();
getParams.putSingle("id", document1Id);
response = fileResource.queryParams(getParams).get(ClientResponse.class);
is = response.getEntityInputStream();
response = target().path("/file/zip")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get();
is = (InputStream) response.getEntity();
fileBytes = ByteStreams.toByteArray(is);
Assert.assertEquals(MimeType.APPLICATION_ZIP, MimeTypeUtil.guessMimeType(fileBytes));
// Deletes a file
fileResource = resource().path("/file/" + file1Id);
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
response = fileResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/file/" + file1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Get the file data (not found)
fileResource = resource().path("/file/" + file1Id + "/data");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
response = fileResource.get(ClientResponse.class);
response = target().path("/file/" + file1Id + "/data").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get();
Assert.assertEquals(Status.NOT_FOUND, Status.fromStatusCode(response.getStatus()));
// Check that files are deleted from FS
@@ -193,15 +188,13 @@ public class TestFileResource extends BaseJerseyTest {
Assert.assertFalse(thumbnailFile.exists());
// Get all files from a document
fileResource = resource().path("/file/list");
fileResource.addFilter(new CookieAuthenticationFilter(file1AuthenticationToken));
getParams = new MultivaluedMapImpl();
getParams.putSingle("id", document1Id);
response = fileResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
files = json.getJSONArray("files");
Assert.assertEquals(1, files.length());
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file1AuthenticationToken)
.get(JsonObject.class);
files = json.getJsonArray("files");
Assert.assertEquals(1, files.size());
}
@Test
@@ -211,91 +204,81 @@ public class TestFileResource extends BaseJerseyTest {
String file2AuthenticationToken = clientUtil.login("file2");
// Add a file
WebResource fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
FormDataMultiPart form = new FormDataMultiPart();
InputStream file = this.getClass().getResourceAsStream("/file/PIA00452.jpg");
FormDataBodyPart fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
ClientResponse response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String file1Id = json.getString("id");
String file1Id = null;
try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
JsonObject json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
Assert.assertNotNull(file1Id);
}
}
// Get all orphan files
fileResource = resource().path("/file/list");
fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
MultivaluedMapImpl getParams = new MultivaluedMapImpl();
response = fileResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONArray files = json.getJSONArray("files");
Assert.assertEquals(1, files.length());
JsonObject json = target().path("/file/list").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.get(JsonObject.class);
JsonArray files = json.getJsonArray("files");
Assert.assertEquals(1, files.size());
// Get the file data
fileResource = resource().path("/file/" + file1Id + "/data");
fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
response = fileResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
InputStream is = response.getEntityInputStream();
Response response = target().path("/file/" + file1Id + "/data").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.get();
InputStream is = (InputStream) response.getEntity();
byte[] fileBytes = ByteStreams.toByteArray(is);
Assert.assertEquals(MimeType.IMAGE_JPEG, MimeTypeUtil.guessMimeType(fileBytes));
Assert.assertEquals(163510, fileBytes.length);
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("title", "File test document 1");
postParams.add("language", "eng");
response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String document1Id = json.optString("id");
json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.put(Entity.form(new Form()
.param("title", "File test document 1")
.param("language", "eng")), JsonObject.class);
String document1Id = json.getString("id");
Assert.assertNotNull(document1Id);
// Attach a file to a document
documentResource = resource().path("/file/" + file1Id);
documentResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.add("id", document1Id);
response = documentResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/file/" + file1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.post(Entity.form(new Form()
.param("id", document1Id)), JsonObject.class);
// Get all files from a document
fileResource = resource().path("/file/list");
fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
getParams = new MultivaluedMapImpl();
getParams.putSingle("id", document1Id);
response = fileResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
files = json.getJSONArray("files");
Assert.assertEquals(1, files.length());
json = target().path("/file/list")
.queryParam("id", document1Id)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.get(JsonObject.class);
files = json.getJsonArray("files");
Assert.assertEquals(1, files.size());
// Add a file
fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
form = new FormDataMultiPart();
file = this.getClass().getResourceAsStream("/file/PIA00452.jpg");
fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String file2Id = json.getString("id");
String file2Id = null;
try (InputStream is0 = Resources.getResource("file/PIA00452.jpg").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is0, "PIA00452.jpg");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.put(Entity.entity(multiPart.bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file2Id = json.getString("id");
Assert.assertNotNull(file2Id);
}
}
// Deletes a file
fileResource = resource().path("/file/" + file2Id);
fileResource.addFilter(new CookieAuthenticationFilter(file2AuthenticationToken));
response = fileResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/file/" + file2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, file2AuthenticationToken)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
}
}

23
docs-web/src/test/java/com/sismics/docs/rest/TestLocaleResource.java
View File

@@ -1,14 +1,12 @@
package com.sismics.docs.rest;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.json.JsonArray;
import javax.json.JsonObject;
import org.junit.Assert;
import org.junit.Test;
/**
* Test the locale resource.
*
@@ -21,12 +19,9 @@ public class TestLocaleResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testLocaleResource() throws JSONException {
WebResource localeResource = resource().path("/locale");
ClientResponse response = localeResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
JSONArray locale = json.getJSONArray("locales");
Assert.assertTrue(locale.length() > 0);
public void testLocaleResource() {
JsonObject json = target().path("/locale").request().get(JsonObject.class);
JsonArray locale = json.getJsonArray("locales");
Assert.assertTrue(locale.size() > 0);
}
}

66
docs-web/src/test/java/com/sismics/docs/rest/TestSecurity.java
View File

@@ -1,16 +1,18 @@
package com.sismics.docs.rest;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import junit.framework.Assert;
import org.apache.commons.lang.StringUtils;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.junit.Test;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Test of the security layer.
*
@@ -23,50 +25,50 @@ public class TestSecurity extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testSecurity() throws JSONException {
public void testSecurity() {
// Create a user
clientUtil.createUser("testsecurity");
// Changes a user's email KO : the user is not connected
WebResource userResource = resource().path("/user/update");
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("email", "testsecurity2@docs.com");
ClientResponse response = userResource.post(ClientResponse.class, postParams);
Response response = target().path("/user/update").request()
.post(Entity.form(new Form().param("email", "testsecurity2@docs.com")));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
JsonObject json = response.readEntity(JsonObject.class);
Assert.assertEquals("ForbiddenError", json.getString("type"));
Assert.assertEquals("You don't have access to this resource", json.getString("message"));
// User testsecurity logs in
String testSecurityAuthenticationToken = clientUtil.login("testsecurity");
// User testsecurity creates a new user KO : no permission
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.put(Entity.form(new Form()));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
Assert.assertEquals("ForbiddenError", json.getString("type"));
Assert.assertEquals("You don't have access to this resource", json.getString("message"));
// User testsecurity changes his email OK
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(testSecurityAuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.add("email", "testsecurity2@docs.com");
postParams.add("locale", "en");
response = userResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.post(Entity.form(
new Form()
.param("email", "testsecurity2@docs.com")
.param("locale", "en")), JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// User testsecurity logs out
userResource = resource().path("/user/logout");
userResource.addFilter(new CookieAuthenticationFilter(testSecurityAuthenticationToken));
postParams = new MultivaluedMapImpl();
response = userResource.post(ClientResponse.class, postParams);
json = response.getEntity(JSONObject.class);
response = target().path("/user/logout").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
testSecurityAuthenticationToken = clientUtil.getAuthenticationCookie(response);
Assert.assertTrue(StringUtils.isEmpty(testSecurityAuthenticationToken));
// User testsecurity logs out KO : he is not connected anymore
userResource = resource().path("/user/logout");
userResource.addFilter(new CookieAuthenticationFilter(testSecurityAuthenticationToken));
postParams = new MultivaluedMapImpl();
response = userResource.post(ClientResponse.class, postParams);
json = response.getEntity(JSONObject.class);
response = target().path("/user/logout").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, testSecurityAuthenticationToken)
.post(Entity.form(new Form()));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
// User testsecurity logs in with a long lived session

145
docs-web/src/test/java/com/sismics/docs/rest/TestShareResource.java
View File

@@ -1,24 +1,25 @@
package com.sismics.docs.rest;
import java.io.BufferedInputStream;
import java.io.InputStream;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONObject;
import org.glassfish.jersey.media.multipart.FormDataMultiPart;
import org.glassfish.jersey.media.multipart.MultiPartFeature;
import org.glassfish.jersey.media.multipart.file.StreamDataBodyPart;
import org.junit.Assert;
import org.junit.Test;
import com.google.common.io.ByteStreams;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import com.sun.jersey.multipart.FormDataBodyPart;
import com.sun.jersey.multipart.FormDataMultiPart;
import com.google.common.io.Resources;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Exhaustive test of the share resource.
@@ -28,6 +29,7 @@ import com.sun.jersey.multipart.FormDataMultiPart;
public class TestShareResource extends BaseJerseyTest {
/**
* Test the share resource.
* @throws Exception
*
* @throws Exception
*/
@@ -38,99 +40,86 @@ public class TestShareResource extends BaseJerseyTest {
String share1AuthenticationToken = clientUtil.login("share1");
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("title", "File test document 1");
postParams.add("language", "eng");
ClientResponse response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String document1Id = json.optString("id");
JsonObject json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.put(Entity.form(new Form()
.param("title", "File test document 1")
.param("language", "eng")), JsonObject.class);
String document1Id = json.getString("id");
Assert.assertNotNull(document1Id);
// Add a file
WebResource fileResource = resource().path("/file");
fileResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken));
FormDataMultiPart form = new FormDataMultiPart();
InputStream file = this.getClass().getResourceAsStream("/file/PIA00452.jpg");
FormDataBodyPart fdp = new FormDataBodyPart("file",
new BufferedInputStream(file),
MediaType.APPLICATION_OCTET_STREAM_TYPE);
form.bodyPart(fdp);
form.field("id", document1Id);
response = fileResource.type(MediaType.MULTIPART_FORM_DATA).put(ClientResponse.class, form);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String file1Id = json.getString("id");
String file1Id = null;
try (InputStream is = Resources.getResource("file/PIA00452.jpg").openStream()) {
StreamDataBodyPart streamDataBodyPart = new StreamDataBodyPart("file", is, "PIA00452.jpg");
try (FormDataMultiPart multiPart = new FormDataMultiPart()) {
json = target()
.register(MultiPartFeature.class)
.path("/file").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.put(Entity.entity(multiPart.field("id", document1Id).bodyPart(streamDataBodyPart),
MediaType.MULTIPART_FORM_DATA_TYPE), JsonObject.class);
file1Id = json.getString("id");
}
}
// Share this document
WebResource shareResource = resource().path("/share");
shareResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.add("id", document1Id);
postParams.add("name", "4 All");
response = shareResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/share").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.put(Entity.form(new Form()
.param("id", document1Id)
.param("name", "4 All")), JsonObject.class);
String share1Id = json.getString("id");
// Get the document anonymously
documentResource = resource().path("/document/" + document1Id);
MultivaluedMapImpl getParams = new MultivaluedMapImpl();
getParams.putSingle("share", share1Id);
response = documentResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = target().path("/document/" + document1Id)
.queryParam("share", share1Id)
.request()
.get(JsonObject.class);
Assert.assertEquals(document1Id, json.getString("id"));
Assert.assertEquals(3, json.getJSONArray("acls").length()); // 2 for the creator, 1 for the share
Assert.assertEquals(3, json.getJsonArray("acls").size()); // 2 for the creator, 1 for the share
// Get all files from this document anonymously
fileResource = resource().path("/file/list");
getParams = new MultivaluedMapImpl();
getParams.putSingle("id", document1Id);
getParams.putSingle("share", share1Id);
response = fileResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONArray files = json.getJSONArray("files");
Assert.assertEquals(1, files.length());
json = target().path("/file/list")
.queryParam("id", document1Id)
.queryParam("share", share1Id)
.request()
.get(JsonObject.class);
JsonArray files = json.getJsonArray("files");
Assert.assertEquals(1, files.size());
// Get the file data anonymously
fileResource = resource().path("/file/" + file1Id + "/data");
getParams = new MultivaluedMapImpl();
getParams.putSingle("thumbnail", false);
getParams.putSingle("share", share1Id);
response = fileResource.queryParams(getParams).get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
InputStream is = response.getEntityInputStream();
Response response = target().path("/file/" + file1Id + "/data")
.queryParam("thumbnail", false)
.queryParam("share", share1Id)
.request()
.get();
InputStream is = (InputStream) response.getEntity();
byte[] fileBytes = ByteStreams.toByteArray(is);
Assert.assertEquals(163510, fileBytes.length);
// Deletes the share (not allowed)
clientUtil.createUser("share2");
String share2AuthenticationToken = clientUtil.login("share2");
shareResource = resource().path("/share/" + share1Id);
shareResource.addFilter(new CookieAuthenticationFilter(share2AuthenticationToken));
response = shareResource.delete(ClientResponse.class);
response = target().path("/share/" + share1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share2AuthenticationToken)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("DocumentNotFound", json.getString("type"));
// Deletes the share
shareResource = resource().path("/share/" + share1Id);
shareResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken));
response = shareResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/share/" + share1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Deletes the share again
shareResource = resource().path("/share/" + share1Id);
shareResource.addFilter(new CookieAuthenticationFilter(share1AuthenticationToken));
response = shareResource.delete(ClientResponse.class);
response = target().path("/share/" + share1Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, share1AuthenticationToken)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("ShareNotFound", json.getString("type"));
}
}

237
docs-web/src/test/java/com/sismics/docs/rest/TestTagResource.java
View File

@@ -1,16 +1,18 @@
package com.sismics.docs.rest;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.junit.Assert;
import org.junit.Test;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Test the tag resource.
*
@@ -23,173 +25,138 @@ public class TestTagResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testTagResource() throws JSONException {
public void testTagResource() {
// Login tag1
clientUtil.createUser("tag1");
String tag1Token = clientUtil.login("tag1");
// Create a tag
WebResource tagResource = resource().path("/tag");
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("name", "Tag3");
postParams.add("color", "#ff0000");
ClientResponse response = tagResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
String tag3Id = json.optString("id");
JsonObject json = target().path("/tag").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.put(Entity.form(new Form()
.param("name", "Tag3")
.param("color", "#ff0000")), JsonObject.class);
String tag3Id = json.getString("id");
Assert.assertNotNull(tag3Id);
// Create a tag
tagResource = resource().path("/tag");
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
postParams = new MultivaluedMapImpl();
postParams.add("name", "Tag4");
postParams.add("color", "#00ff00");
response = tagResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
String tag4Id = json.optString("id");
json = target().path("/tag").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.put(Entity.form(new Form()
.param("name", "Tag4")
.param("color", "#00ff00")), JsonObject.class);
String tag4Id = json.getString("id");
Assert.assertNotNull(tag4Id);
// Create a tag with space (not allowed)
tagResource = resource().path("/tag");
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
postParams = new MultivaluedMapImpl();
postParams.add("name", "Tag 4");
response = tagResource.put(ClientResponse.class, postParams);
Response response = target().path("/tag").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.put(Entity.form(new Form()
.param("name", "Tag 4")));
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
// Create a document
WebResource documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(tag1Token));
postParams = new MultivaluedMapImpl();
postParams.add("title", "My super document 1");
postParams.add("tags", tag3Id);
postParams.add("language", "eng");
response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.put(Entity.form(new Form()
.param("title", "My super document 1")
.param("tags", tag3Id)
.param("language", "eng")), JsonObject.class);
// Create a document
documentResource = resource().path("/document");
documentResource.addFilter(new CookieAuthenticationFilter(tag1Token));
postParams = new MultivaluedMapImpl();
postParams.add("title", "My super document 2");
postParams.add("tags", tag4Id);
postParams.add("language", "eng");
response = documentResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/document").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.put(Entity.form(new Form()
.param("title", "My super document 2")
.param("tags", tag4Id)
.param("language", "eng")), JsonObject.class);
String document2Id = json.getString("id");
// Check tags on a document
documentResource = resource().path("/document/" + document2Id);
documentResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONArray tags = json.getJSONArray("tags");
Assert.assertEquals(1, tags.length());
Assert.assertEquals(tag4Id, tags.getJSONObject(0).getString("id"));
json = target().path("/document/" + document2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.get(JsonObject.class);
JsonArray tags = json.getJsonArray("tags");
Assert.assertEquals(1, tags.size());
Assert.assertEquals(tag4Id, tags.getJsonObject(0).getString("id"));
// Update tags on a document
documentResource = resource().path("/document/" + document2Id);
documentResource.addFilter(new CookieAuthenticationFilter(tag1Token));
postParams = new MultivaluedMapImpl();
postParams.add("tags", tag3Id);
postParams.add("tags", tag4Id);
response = documentResource.post(ClientResponse.class, postParams);
response = target().path("/document/" + document2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.post(Entity.form(new Form()
.param("tags", tag3Id)
.param("tags", tag4Id)));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
// Check tags on a document
documentResource = resource().path("/document/" + document2Id);
documentResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
tags = json.getJSONArray("tags");
Assert.assertEquals(2, tags.length());
Assert.assertEquals(tag3Id, tags.getJSONObject(0).getString("id"));
Assert.assertEquals(tag4Id, tags.getJSONObject(1).getString("id"));
json = target().path("/document/" + document2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.get(JsonObject.class);
tags = json.getJsonArray("tags");
Assert.assertEquals(2, tags.size());
Assert.assertEquals(tag3Id, tags.getJsonObject(0).getString("id"));
Assert.assertEquals(tag4Id, tags.getJsonObject(1).getString("id"));
// Update tags on a document
documentResource = resource().path("/document/" + document2Id);
documentResource.addFilter(new CookieAuthenticationFilter(tag1Token));
postParams = new MultivaluedMapImpl();
postParams.add("tags", tag4Id);
response = documentResource.post(ClientResponse.class, postParams);
response = target().path("/document/" + document2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.post(Entity.form(new Form()
.param("tags", tag4Id)));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
// Check tags on a document
documentResource = resource().path("/document/" + document2Id);
documentResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = documentResource.get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
tags = json.getJSONArray("tags");
Assert.assertEquals(1, tags.length());
Assert.assertEquals(tag4Id, tags.getJSONObject(0).getString("id"));
json = target().path("/document/" + document2Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.get(JsonObject.class);
tags = json.getJsonArray("tags");
Assert.assertEquals(1, tags.size());
Assert.assertEquals(tag4Id, tags.getJsonObject(0).getString("id"));
// Get tag stats
tagResource = resource().path("/tag/stats");
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = tagResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
JSONArray stats = json.getJSONArray("stats");
Assert.assertTrue(stats.length() == 2);
Assert.assertEquals(1, stats.getJSONObject(0).getInt("count"));
Assert.assertEquals(1, stats.getJSONObject(1).getInt("count"));
json = target().path("/tag/stats").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.get(JsonObject.class);
JsonArray stats = json.getJsonArray("stats");
Assert.assertTrue(stats.size() == 2);
Assert.assertEquals(1, stats.getJsonObject(0).getInt("count"));
Assert.assertEquals(1, stats.getJsonObject(1).getInt("count"));
// Get all tags
tagResource = resource().path("/tag/list");
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = tagResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
tags = json.getJSONArray("tags");
Assert.assertTrue(tags.length() > 0);
Assert.assertEquals("Tag4", tags.getJSONObject(1).getString("name"));
Assert.assertEquals("#00ff00", tags.getJSONObject(1).getString("color"));
json = target().path("/tag/list").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.get(JsonObject.class);
tags = json.getJsonArray("tags");
Assert.assertTrue(tags.size() > 0);
Assert.assertEquals("Tag4", tags.getJsonObject(1).getString("name"));
Assert.assertEquals("#00ff00", tags.getJsonObject(1).getString("color"));
// Update a tag
tagResource = resource().path("/tag/" + tag4Id);
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
postParams = new MultivaluedMapImpl();
postParams.add("name", "UpdatedName");
postParams.add("color", "#0000ff");
response = tagResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/tag/" + tag4Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.post(Entity.form(new Form()
.param("name", "UpdatedName")
.param("color", "#0000ff")), JsonObject.class);
Assert.assertEquals(tag4Id, json.getString("id"));
// Get all tags
tagResource = resource().path("/tag/list");
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = tagResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
tags = json.getJSONArray("tags");
Assert.assertTrue(tags.length() > 0);
Assert.assertEquals("UpdatedName", tags.getJSONObject(1).getString("name"));
Assert.assertEquals("#0000ff", tags.getJSONObject(1).getString("color"));
json = target().path("/tag/list").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.get(JsonObject.class);
tags = json.getJsonArray("tags");
Assert.assertTrue(tags.size() > 0);
Assert.assertEquals("UpdatedName", tags.getJsonObject(1).getString("name"));
Assert.assertEquals("#0000ff", tags.getJsonObject(1).getString("color"));
// Deletes a tag
tagResource = resource().path("/tag/" + tag4Id);
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = tagResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
Assert.assertEquals("ok", json.getString("status"));
target().path("/tag/" + tag4Id).request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.delete();
// Get all tags
tagResource = resource().path("/tag/list");
tagResource.addFilter(new CookieAuthenticationFilter(tag1Token));
response = tagResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
tags = json.getJSONArray("tags");
Assert.assertTrue(tags.length() == 1);
json = target().path("/tag/list").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, tag1Token)
.get(JsonObject.class);
tags = json.getJsonArray("tags");
Assert.assertTrue(tags.size() == 1);
}
}

33
docs-web/src/test/java/com/sismics/docs/rest/TestThemeResource.java
View File

@@ -1,33 +0,0 @@
package com.sismics.docs.rest;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.junit.Test;
/**
* Test the theme resource.
*
* @author jtremeaux
*/
public class TestThemeResource extends BaseJerseyTest {
/**
* Test the theme resource.
*
* @throws JSONException
*/
@Test
public void testThemeResource() throws JSONException {
WebResource themeResource = resource().path("/theme");
ClientResponse response = themeResource.get(ClientResponse.class);
response = themeResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
JSONArray theme = json.getJSONArray("themes");
Assert.assertTrue(theme.length() > 0);
}
}

317
docs-web/src/test/java/com/sismics/docs/rest/TestUserResource.java
View File

@@ -1,18 +1,19 @@
package com.sismics.docs.rest;
import com.sismics.docs.rest.filter.CookieAuthenticationFilter;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.api.client.ClientResponse.Status;
import com.sun.jersey.api.client.WebResource;
import com.sun.jersey.core.util.MultivaluedMapImpl;
import junit.framework.Assert;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import java.util.Locale;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.Form;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import org.junit.Assert;
import org.junit.Test;
import javax.ws.rs.core.MultivaluedMap;
import java.util.Locale;
import com.sismics.util.filter.TokenBasedSecurityFilter;
/**
* Exhaustive test of the user resource.
@@ -26,12 +27,11 @@ public class TestUserResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testUserResource() throws JSONException {
public void testUserResource() {
// Check anonymous user information
WebResource userResource = resource().path("/user");
ClientResponse response = userResource.acceptLanguage(Locale.US).get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
JsonObject json = target().path("/user").request()
.acceptLanguage(Locale.US)
.get(JsonObject.class);
Assert.assertTrue(json.getBoolean("is_default_password"));
// Create alice user
@@ -41,95 +41,82 @@ public class TestUserResource extends BaseJerseyTest {
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
// List all users
userResource = resource().path("/user/list");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
MultivaluedMapImpl getParams = new MultivaluedMapImpl();
getParams.putSingle("sort_column", 2);
getParams.putSingle("asc", false);
response = userResource.queryParams(getParams).get(ClientResponse.class);
json = response.getEntity(JSONObject.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONArray users = json.getJSONArray("users");
Assert.assertTrue(users.length() > 0);
json = target().path("/user/list")
.queryParam("sort_column", 2)
.queryParam("asc", false)
.request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.get(JsonObject.class);
JsonArray users = json.getJsonArray("users");
Assert.assertTrue(users.size() > 0);
// Create a user KO (login length validation)
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.putSingle("username", " bb ");
postParams.putSingle("email", "bob@docs.com");
postParams.putSingle("password", "12345678");
response = userResource.put(ClientResponse.class, postParams);
Response response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.put(Entity.form(new Form()
.param("username", " bb ")
.param("email", "bob@docs.com")
.param("password", "12345678")));
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("ValidationError", json.getString("type"));
Assert.assertTrue(json.getString("message"), json.getString("message").contains("more than 3"));
// Create a user KO (login format validation)
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.putSingle("username", "bob-");
postParams.putSingle("email", " bob@docs.com ");
postParams.putSingle("password", "12345678");
response = userResource.put(ClientResponse.class, postParams);
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.put(Entity.form(new Form()
.param("username", "bob-")
.param("email", "bob@docs.com")
.param("password", "12345678")));
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("ValidationError", json.getString("type"));
Assert.assertTrue(json.getString("message"), json.getString("message").contains("alphanumeric"));
// Create a user KO (email format validation)
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.putSingle("username", "bob");
postParams.putSingle("email", " bobdocs.com ");
postParams.putSingle("password", "12345678");
response = userResource.put(ClientResponse.class, postParams);
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.put(Entity.form(new Form()
.param("username", "bob")
.param("email", "bobdocs.com")
.param("password", "12345678")));
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("ValidationError", json.getString("type"));
Assert.assertTrue(json.getString("message"), json.getString("message").contains("must be an email"));
// Create a user bob OK
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.putSingle("username", " bob ");
postParams.putSingle("email", " bob@docs.com ");
postParams.putSingle("password", " 12345678 ");
postParams.putSingle("locale", "fr");
response = userResource.put(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
Form form = new Form()
.param("username", " bob ")
.param("email", " bob@docs.com ")
.param("password", " 12345678 ");
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.put(Entity.form(form), JsonObject.class);
// Create a user bob KO : duplicate username
response = userResource.put(ClientResponse.class, postParams);
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.put(Entity.form(form));
Assert.assertNotSame(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("AlreadyExistingUsername", json.getString("type"));
// Check if a username is free : OK
userResource = resource().path("/user/check_username");
MultivaluedMap<String, String> queryParams = new MultivaluedMapImpl();
queryParams.add("username", "carol");
response = userResource.queryParams(queryParams).get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
target().path("/user/check_username").queryParam("username", "carol").request().get(JsonObject.class);
// Check if a username is free : KO
userResource = resource().path("/user/check_username");
queryParams = new MultivaluedMapImpl();
queryParams.add("username", "alice");
response = userResource.queryParams(queryParams).get(ClientResponse.class);
response = target().path("/user/check_username").queryParam("username", "alice").request().get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("ko", json.getString("status"));
// Login alice with extra whitespaces
userResource = resource().path("/user/login");
postParams = new MultivaluedMapImpl();
postParams.putSingle("username", " alice ");
postParams.putSingle("password", " 12345678 ");
response = userResource.post(ClientResponse.class, postParams);
response = target().path("/user/login").request()
.post(Entity.form(new Form()
.param("username", " alice ")
.param("password", " 12345678 ")));
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
String aliceAuthToken = clientUtil.getAuthenticationCookie(response);
@@ -138,95 +125,81 @@ public class TestUserResource extends BaseJerseyTest {
String bobAuthToken2 = clientUtil.login("bob");
// List sessions
userResource = resource().path("/user/session");
userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken));
response = userResource.get(ClientResponse.class);
response = target().path("/user/session").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
Assert.assertTrue(json.getJSONArray("sessions").length() > 0);
JSONObject session = json.getJSONArray("sessions").getJSONObject(0);
json = response.readEntity(JsonObject.class);
Assert.assertTrue(json.getJsonArray("sessions").size() > 0);
JsonObject session = json.getJsonArray("sessions").getJsonObject(0);
Assert.assertEquals("127.0.0.1", session.getString("ip"));
Assert.assertTrue(session.getString("user_agent").startsWith("Java"));
Assert.assertTrue(session.getString("user_agent").startsWith("Jersey"));
// Delete all sessions
userResource = resource().path("/user/session");
userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken));
response = userResource.delete(ClientResponse.class);
response = target().path("/user/session").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken)
.delete();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
// Check bob user information with token 2 (just deleted)
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken2));
response = userResource.get(ClientResponse.class);
response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken2)
.get();
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals(true, json.getBoolean("anonymous"));
// Check alice user information
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken));
response = userResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken)
.get(JsonObject.class);
Assert.assertEquals("alice@docs.com", json.getString("email"));
Assert.assertEquals("default.less", json.getString("theme"));
Assert.assertFalse(json.getBoolean("first_connection"));
Assert.assertFalse(json.getBoolean("is_default_password"));
// Check bob user information
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(bobAuthToken));
response = userResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, bobAuthToken)
.get(JsonObject.class);
Assert.assertEquals("bob@docs.com", json.getString("email"));
Assert.assertEquals("fr", json.getString("locale"));
// Test login KO (user not found)
userResource = resource().path("/user/login");
postParams.putSingle("username", "intruder");
postParams.putSingle("password", "12345678");
response = userResource.post(ClientResponse.class, postParams);
response = target().path("/user/login").request()
.post(Entity.form(new Form()
.param("username", "intruder")
.param("password", "12345678")));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
// Test login KO (wrong password)
userResource = resource().path("/user/login");
postParams.putSingle("username", "alice");
postParams.putSingle("password", "error");
response = userResource.post(ClientResponse.class, postParams);
response = target().path("/user/login").request()
.post(Entity.form(new Form()
.param("username", "alice")
.param("password", "error")));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
// User alice updates her information + changes her email
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken));
postParams = new MultivaluedMapImpl();
postParams.add("email", " alice2@docs.com ");
postParams.add("theme", " default.less ");
postParams.add("locale", " en ");
response = userResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken)
.post(Entity.form(new Form()
.param("email", " alice2@docs.com ")), JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Check the update
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken));
response = userResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken)
.get(JsonObject.class);
Assert.assertEquals("alice2@docs.com", json.getString("email"));
// Delete user alice
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(aliceAuthToken));
response = userResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, aliceAuthToken)
.delete();
// Check the deletion
userResource = resource().path("/user/login");
postParams.putSingle("username", "alice");
postParams.putSingle("password", "12345678");
response = userResource.post(ClientResponse.class, postParams);
response = target().path("/user/login").request()
.post(Entity.form(new Form()
.param("username", "alice")
.param("password", "12345678")));
Assert.assertEquals(Status.FORBIDDEN, Status.fromStatusCode(response.getStatus()));
}
@@ -236,86 +209,60 @@ public class TestUserResource extends BaseJerseyTest {
* @throws JSONException
*/
@Test
public void testUserResourceAdmin() throws JSONException {
// Create admin_user1 user
public void testUserResourceAdmin() {
// Create admin_user1 user
clientUtil.createUser("admin_user1");
// Login admin
String adminAuthenticationToken = clientUtil.login("admin", "admin", false);
// Check admin information
WebResource userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
ClientResponse response = userResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
JSONObject json = response.getEntity(JSONObject.class);
JsonObject json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.get(JsonObject.class);
Assert.assertTrue(json.getBoolean("first_connection"));
Assert.assertTrue(json.getBoolean("is_default_password"));
// User admin updates his information
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
MultivaluedMapImpl postParams = new MultivaluedMapImpl();
postParams.add("first_connection", false);
response = userResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.post(Entity.form(new Form()
.param("first_connection", "false")), JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// Check admin information update
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = userResource.get(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.get(JsonObject.class);
Assert.assertFalse(json.getBoolean("first_connection"));
// User admin update admin_user1 information
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
postParams = new MultivaluedMapImpl();
postParams.add("email", " alice2@reader.com ");
postParams.add("theme", " default.less");
postParams.add("locale", " en ");
postParams.add("display_title_web", true);
postParams.add("display_title_mobile", false);
postParams.add("display_unread_web", false);
postParams.add("display_unread_mobile", false);
response = userResource.post(ClientResponse.class, postParams);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.post(Entity.form(new Form()
.param("email", " alice2@docs.com ")), JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// User admin deletes himself: forbidden
userResource = resource().path("/user");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = userResource.delete(ClientResponse.class);
Response response = target().path("/user").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
Assert.assertEquals("ForbiddenError", json.getString("type"));
// User admin deletes himself: forbidden
userResource = resource().path("/user/admin");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = userResource.delete(ClientResponse.class);
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("ForbiddenError", json.getString("type"));
// User admin deletes user admin_user1
userResource = resource().path("/user/admin_user1");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = userResource.delete(ClientResponse.class);
Assert.assertEquals(Status.OK, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = target().path("/user/admin_user1").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.delete(JsonObject.class);
Assert.assertEquals("ok", json.getString("status"));
// User admin deletes user admin_user1 : KO (user doesn't exist)
userResource = resource().path("/user/admin_user1");
userResource.addFilter(new CookieAuthenticationFilter(adminAuthenticationToken));
response = userResource.delete(ClientResponse.class);
response = target().path("/user/admin_user1").request()
.cookie(TokenBasedSecurityFilter.COOKIE_NAME, adminAuthenticationToken)
.delete();
Assert.assertEquals(Status.BAD_REQUEST, Status.fromStatusCode(response.getStatus()));
json = response.getEntity(JSONObject.class);
json = response.readEntity(JsonObject.class);
Assert.assertEquals("UserNotFound", json.getString("type"));
}
}