From 9fcff2ecadf7e442cb4b2a273d067f0d76d0d372 Mon Sep 17 00:00:00 2001 From: Jan Vonka Date: Wed, 12 Jul 2017 12:10:45 +0000 Subject: [PATCH] Merged 5.2.N-AUDIT-API (5.2.2) to 5.2.N (5.2.2) 137925 aforascu: REPO-2555 / REPO-2598 - Retrieve Application Audit Entries - added Junit positive and negative tests for audit entries: checked response codes and basic audit entry details git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@137970 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../alfresco/rest/api/tests/AuditAppTest.java | 111 +++++++++++++-- .../api/tests/client/PublicApiClient.java | 18 +++ .../api/tests/client/data/AuditEntry.java | 134 ++++++++++++++++++ .../rest/api/tests/client/data/UserInfo.java | 19 ++- 4 files changed, 266 insertions(+), 16 deletions(-) create mode 100644 source/test-java/org/alfresco/rest/api/tests/client/data/AuditEntry.java diff --git a/source/test-java/org/alfresco/rest/api/tests/AuditAppTest.java b/source/test-java/org/alfresco/rest/api/tests/AuditAppTest.java index 270ba9cf46..419a89c320 100644 --- a/source/test-java/org/alfresco/rest/api/tests/AuditAppTest.java +++ b/source/test-java/org/alfresco/rest/api/tests/AuditAppTest.java @@ -36,8 +36,11 @@ import java.util.Map; import javax.servlet.http.HttpServletResponse; +import org.alfresco.repo.security.authentication.AuthenticationException; import org.alfresco.repo.security.authentication.AuthenticationUtil; +import org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork; import org.alfresco.rest.AbstractSingleNetworkSiteTest; +import org.alfresco.rest.api.tests.client.data.AuditEntry; import org.alfresco.rest.api.tests.client.PublicApiClient; import org.alfresco.rest.api.tests.client.PublicApiClient.AuditApps; import org.alfresco.rest.api.tests.client.PublicApiClient.ListResponse; @@ -94,6 +97,12 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest { final AuditApps auditAppsProxy = publicApiClient.auditApps(); + String appId = null; + + // Get one of the audit app ids (default tagging) + setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); + ListResponse apps = auditAppsProxy.getAuditApps(null, "Getting audit apps error ", HttpServletResponse.SC_OK); + appId = (apps.getList().size()>0) ? apps.getList().get(0).getId() : "tagging"; // Enable system audit AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin); @@ -117,19 +126,12 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest // Get an enabled audit application setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); - int skipCount = 0; - int maxItems = 4; - Paging paging = getPaging(skipCount, maxItems); - - ListResponse auditApps = getAuditApps(paging); - AuditApp auditApp = auditAppsProxy.getAuditApp(auditApps.getList().get(0).getId()); - // Disable system audit AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin); disableSystemAudit(); // Check response code - auditAppsProxy.getAuditApp(auditApp.getId(), HttpServletResponse.SC_NOT_IMPLEMENTED); + auditAppsProxy.getAuditApp(appId, HttpServletResponse.SC_NOT_IMPLEMENTED); // Re-enable system audit enableSystemAudit(); @@ -141,14 +143,8 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest // Get the list of audit applications in the system setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); - int skipCount = 0; - int maxItems = 4; - Paging paging = getPaging(skipCount, maxItems); - - ListResponse auditApps = getAuditApps(paging); - // Get audit application info - AuditApp auditApp = auditAppsProxy.getAuditApp(auditApps.getList().get(0).getId()); + AuditApp auditApp = auditAppsProxy.getAuditApp(appId); validateAuditApplicationFields(auditApp); } } @@ -225,6 +221,24 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest assertTrue(auditApp.getIsEnabled()); } + private void validateAuditEntryFields(AuditEntry auditEntry, AuditApp auditApp) + { + String auditAppid = auditApp.getId(); + + assertNotNull(auditEntry); + assertNotNull(auditEntry.getId()); + assertNotNull(auditEntry.getAuditApplicationId()); + assertNotNull(auditEntry.getCreatedAt()); + assertNotNull(auditEntry.getCreatedByUser()); + assertFalse(auditEntry.getId().toString().isEmpty()); + assertFalse(auditEntry.getAuditApplicationId().isEmpty()); + + if (auditApp.getId().equals("alfresco-access")) + { + assertTrue(auditEntry.getAuditApplicationId().toString().equals(auditAppid)); + } + + } @Test public void testEnableDisableAuditApplication() throws Exception @@ -300,4 +314,71 @@ public class AuditAppTest extends AbstractSingleNetworkSiteTest } } + + @Test + public void testGetAuditEntries() throws Exception + { + final AuditApps auditAppsProxy = publicApiClient.auditApps(); + + // Get and enable audit app + setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); + AuditApp auditApp = auditAppsProxy.getAuditApp("alfresco-access"); + + // Positive tests + ListResponse auditEntries = auditAppsProxy.getAuditAppEntries(auditApp.getId(), null, HttpServletResponse.SC_OK); + for (AuditEntry ae : auditEntries.getList()) + { + validateAuditEntryFields(ae, auditApp); + } + + // Negative tests + // 400 + Map wrongParams = new HashMap(); + wrongParams.put("wrongkey", "wrongvalue"); + wrongParams.put("wrongkey1", "wrongvalue1"); + + setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); + auditAppsProxy.getAuditAppEntries(auditApp.getId(), wrongParams, HttpServletResponse.SC_BAD_REQUEST); + // 401 + setRequestContext(networkOne.getId(), networkAdmin, "wrongPassword"); + auditAppsProxy.getAuditAppEntries(auditApp.getId(), null, HttpServletResponse.SC_UNAUTHORIZED); + // 403 + setRequestContext(networkOne.getId(), user1, null); + auditAppsProxy.getAuditAppEntries(auditApp.getId(), null, HttpServletResponse.SC_FORBIDDEN); + // 404 + setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); + auditAppsProxy.getAuditAppEntries("randomId", null, HttpServletResponse.SC_NOT_FOUND); + // 501 + setRequestContext(networkOne.getId(), networkAdmin, DEFAULT_ADMIN_PWD); + AuthenticationUtil.setFullyAuthenticatedUser(networkAdmin); + disableSystemAudit(); + auditAppsProxy.getAuditAppEntries("randomId", null, HttpServletResponse.SC_NOT_IMPLEMENTED); + enableSystemAudit(); + } + + /** + * Perform a login attempt (to be used to create audit entries) + */ + private void login(final String username, final String password) throws Exception + { + // Force a failed login + RunAsWork failureWork = new RunAsWork() + { + @Override + public Void doWork() throws Exception + { + try + { + authenticationService.authenticate(username, password.toCharArray()); + fail("Failed to force authentication failure"); + } + catch (AuthenticationException e) + { + // Expected + } + return null; + } + }; + AuthenticationUtil.runAs(failureWork, AuthenticationUtil.getSystemUserName()); + } } diff --git a/source/test-java/org/alfresco/rest/api/tests/client/PublicApiClient.java b/source/test-java/org/alfresco/rest/api/tests/client/PublicApiClient.java index d415edbf10..347ef36b13 100644 --- a/source/test-java/org/alfresco/rest/api/tests/client/PublicApiClient.java +++ b/source/test-java/org/alfresco/rest/api/tests/client/PublicApiClient.java @@ -43,6 +43,7 @@ import javax.servlet.http.HttpServletResponse; import org.alfresco.cmis.client.impl.AlfrescoObjectFactoryImpl; import org.alfresco.opencmis.CMISDispatcherRegistry.Binding; +import org.alfresco.rest.api.tests.client.data.AuditEntry; import org.alfresco.rest.api.model.SiteUpdate; import org.alfresco.rest.api.tests.TestPeople; import org.alfresco.rest.api.tests.TestSites; @@ -2493,6 +2494,23 @@ public class PublicApiClient return null; } + public ListResponse getAuditAppEntries(String applicationId, Map params, int expectedStatus) + throws PublicApiException, ParseException + { + HttpResponse response = getAll("audit-applications", applicationId, "audit-entries", null, params, + "Failed to get audit entries for " + applicationId, expectedStatus); + + if (response != null && response.getJsonResponse() != null) + { + JSONObject jsonList = (JSONObject) response.getJsonResponse().get("list"); + if (jsonList != null) + { + return AuditEntry.parseAuditEntries(response.getJsonResponse()); + } + } + return null; + } + } } diff --git a/source/test-java/org/alfresco/rest/api/tests/client/data/AuditEntry.java b/source/test-java/org/alfresco/rest/api/tests/client/data/AuditEntry.java new file mode 100644 index 0000000000..e67b2aeade --- /dev/null +++ b/source/test-java/org/alfresco/rest/api/tests/client/data/AuditEntry.java @@ -0,0 +1,134 @@ +/* + * #%L + * Alfresco Remote API + * %% + * Copyright (C) 2005 - 2016 Alfresco Software Limited + * %% + * This file is part of the Alfresco software. + * If the software was purchased under a paid Alfresco license, the terms of + * the paid license agreement will prevail. Otherwise, the software is + * provided under the following open source license terms: + * + * Alfresco is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Alfresco is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Alfresco. If not, see . + * #L% + */ +package org.alfresco.rest.api.tests.client.data; + +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + +import java.io.Serializable; +import java.util.ArrayList; +import java.util.Date; +import java.util.List; +import java.util.Map; + +import org.alfresco.rest.api.tests.client.PublicApiClient.ExpectedPaging; +import org.alfresco.rest.api.tests.client.PublicApiClient.ListResponse; +import org.alfresco.util.ISO8601DateFormat; +import org.json.simple.JSONArray; +import org.json.simple.JSONObject; + +/** + * A representation of an Audit Application Entry in JUnit Test + * + * @author Andrei Forascu + * + */ +public class AuditEntry extends org.alfresco.rest.api.model.AuditEntry implements Serializable, ExpectedComparison +{ + + private static final long serialVersionUID = 1L; + + public AuditEntry(Long id, String auditApplicationId, org.alfresco.rest.api.model.UserInfo createdByUser, Date createdAt, Map values) + { + super(id, auditApplicationId, createdByUser, createdAt, values); + } + + @Override + public void expected(Object o) + { + assertTrue("o is an instance of " + o.getClass(), o instanceof AuditEntry); + + AuditEntry other = (AuditEntry) o; + + AssertUtil.assertEquals("id", getId(), other.getId()); + AssertUtil.assertEquals("auditApplicationId", getAuditApplicationId(), other.getAuditApplicationId()); + AssertUtil.assertEquals("values", getValues(), other.getValues()); + AssertUtil.assertEquals("createdByUser", getCreatedByUser(), other.getCreatedByUser()); + AssertUtil.assertEquals("createdAt", getCreatedAt(), other.getCreatedAt()); + } + + @SuppressWarnings("unchecked") + public JSONObject toJSON() + { + JSONObject auditEntryJson = new JSONObject(); + if (getId() != null) + { + auditEntryJson.put("id", getId()); + } + auditEntryJson.put("auditApplicationId", getAuditApplicationId()); + if (createdByUser != null) + { + auditEntryJson.put("createdByUser", new UserInfo(createdByUser.getId(), createdByUser.getDisplayName()).toJSON()); + } + auditEntryJson.put("values", getValues()); + auditEntryJson.put("createdAt", getCreatedAt()); + + return auditEntryJson; + } + + @SuppressWarnings("unchecked") + public static AuditEntry parseAuditEntry(JSONObject jsonObject) + { + Long id = (Long) jsonObject.get("id"); + String auditApplicationId = (String) jsonObject.get("auditApplicationId"); + Map values = (Map) jsonObject.get("values"); + UserInfo createdByUser = null; + JSONObject createdByUserJson = (JSONObject) jsonObject.get("createdByUser"); + if (createdByUserJson != null) + { + String userId = (String) createdByUserJson.get("id"); + String displayName = (String) createdByUserJson.get("displayName"); + createdByUser = new UserInfo(userId, displayName); + } + Date createdAt = ISO8601DateFormat.parse((String) jsonObject.get("createdAt")); + + AuditEntry auditEntry = new AuditEntry(id, auditApplicationId, createdByUser, createdAt, values); + return auditEntry; + } + + public static ListResponse parseAuditEntries(JSONObject jsonObject) + { + List entries = new ArrayList<>(); + + JSONObject jsonList = (JSONObject) jsonObject.get("list"); + assertNotNull(jsonList); + + JSONArray jsonEntries = (JSONArray) jsonList.get("entries"); + assertNotNull(jsonEntries); + + for (int i = 0; i < jsonEntries.size(); i++) + { + JSONObject jsonEntry = (JSONObject) jsonEntries.get(i); + JSONObject entry = (JSONObject) jsonEntry.get("entry"); + entries.add(parseAuditEntry(entry)); + } + + ExpectedPaging paging = ExpectedPaging.parsePagination(jsonList); + ListResponse resp = new ListResponse(paging, entries); + return resp; + } + +} diff --git a/source/test-java/org/alfresco/rest/api/tests/client/data/UserInfo.java b/source/test-java/org/alfresco/rest/api/tests/client/data/UserInfo.java index bce97ff986..856b1a272a 100644 --- a/source/test-java/org/alfresco/rest/api/tests/client/data/UserInfo.java +++ b/source/test-java/org/alfresco/rest/api/tests/client/data/UserInfo.java @@ -28,13 +28,17 @@ package org.alfresco.rest.api.tests.client.data; import static org.junit.Assert.assertTrue; +import org.json.simple.JSONObject; + /** * Representation of a user info (initially for client tests for File Folder API) * * @author janv */ -public class UserInfo +public class UserInfo extends org.alfresco.rest.api.model.UserInfo implements ExpectedComparison { + private static final long serialVersionUID = 1L; + private String id; private String displayName; @@ -90,4 +94,17 @@ public class UserInfo AssertUtil.assertEquals("id", id, other.getId()); AssertUtil.assertEquals("displayName", displayName, other.getDisplayName()); } + + public JSONObject toJSON() + { + JSONObject userInfoJson = new JSONObject(); + if (getId() != null) + { + userInfoJson.put("id", getId()); + } + + userInfoJson.put("displayName", getDisplayName()); + + return userInfoJson; + } }