inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged HEAD (5.2) to 5.2.N (5.2.1)

Browse Source 
127567 jkaabimofrad: Merged API-STRIKES-BACK (5.2.0) to HEAD (5.2)
      126000 jkaabimofrad: RA-933, RA-934, RA-972: Changed the "tickets" API namespace from "alfresco" to "authentication". Also, added support to the REST API test fwk to handle different API namespaces.


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@127661 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2016-06-03 14:09:26 +00:00
parent b111c81f6a
commit cdd3aa1075
4 changed files with 100 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
source/java/org/alfresco/rest/api/authentications/package-info.java
View File

@@ -1,4 +1,4 @@
@WebApi(name = "alfresco", scope = Api.SCOPE.PUBLIC, version = 1)
@WebApi(name = "authentication", scope = Api.SCOPE.PUBLIC, version = 1)
package org.alfresco.rest.api.authentications;
import org.alfresco.rest.framework.Api;

39
source/test-java/org/alfresco/rest/api/tests/AbstractBaseApiTest.java
View File

@@ -31,15 +31,11 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.content.MimetypeMap;
import org.alfresco.repo.site.SiteInfoImpl;
import org.alfresco.repo.tenant.TenantUtil;
import org.alfresco.rest.api.Nodes;
import org.alfresco.rest.api.model.Site;
import org.alfresco.rest.api.nodes.NodesEntityResource;
import org.alfresco.rest.api.sites.SiteEntityResource;
import org.alfresco.rest.api.tests.RepoService.SiteInformation;
import org.alfresco.rest.api.tests.RepoService.TestNetwork;
import org.alfresco.rest.api.tests.RepoService.TestPerson;
@@ -55,7 +51,6 @@ import org.alfresco.rest.api.tests.client.data.Node;
import org.alfresco.rest.api.tests.client.data.Rendition;
import org.alfresco.rest.api.tests.util.MultiPartBuilder;
import org.alfresco.rest.api.tests.util.RestApiUtil;
import org.alfresco.service.cmr.site.SiteInfo;
import org.alfresco.service.cmr.site.SiteVisibility;
import org.alfresco.util.TempFileProvider;
import org.springframework.util.ResourceUtils;
@@ -105,6 +100,22 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
return response;
}
protected HttpResponse post(String url, String runAsUser, String body, Map<String, String> params, Map<String, String> headers, String apiName, int expectedStatus) throws Exception
{
RequestBuilder requestBuilder = httpClient.new PostRequestBuilder()
.setBodyAsString(body)
.setRequestContext(new RequestContext(runAsUser))
.setScope(getScope())
.setApiName(apiName)
.setEntityCollectionName(url)
.setHeaders(headers)
.setParams(params);
HttpResponse response = publicApiClient.execute(requestBuilder);
checkStatus(expectedStatus, response.getStatusCode());
return response;
}
protected HttpResponse post(String url, String runAsUser, String body, String queryString, int expectedStatus) throws Exception
{
publicApiClient.setRequestContext(new RequestContext(runAsUser));
@@ -180,11 +191,17 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
}
protected HttpResponse getAll(String url, String runAsUser, PublicApiClient.Paging paging, Map<String, String> otherParams, Map<String, String> headers, int expectedStatus) throws Exception
{
return getAll(url, runAsUser, paging, otherParams, headers, null, expectedStatus);
}
protected HttpResponse getAll(String url, String runAsUser, PublicApiClient.Paging paging, Map<String, String> otherParams, Map<String, String> headers, String apiName, int expectedStatus) throws Exception
{
Map<String, String> params = createParams(paging, otherParams);
RequestBuilder requestBuilder = httpClient.new GetRequestBuilder()
.setRequestContext(new RequestContext(runAsUser))
.setScope(getScope())
.setApiName(apiName)
.setEntityCollectionName(url)
.setParams(params)
.setHeaders(headers);
@@ -221,10 +238,16 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
}
protected HttpResponse getSingle(String url, String runAsUser, String entityId, Map<String, String> params, Map<String, String> headers, int expectedStatus) throws Exception
{
return getSingle(url, runAsUser, entityId, params, headers, null, expectedStatus);
}
protected HttpResponse getSingle(String url, String runAsUser, String entityId, Map<String, String> params, Map<String, String> headers, String apiName, int expectedStatus) throws Exception
{
RequestBuilder requestBuilder = httpClient.new GetRequestBuilder()
.setRequestContext(new RequestContext(runAsUser))
.setScope(getScope())
.setApiName(apiName)
.setEntityCollectionName(url)
.setEntityId(entityId)
.setParams(params)
@@ -305,10 +328,16 @@ public abstract class AbstractBaseApiTest extends EnterpriseTestApi
}
protected HttpResponse delete(String url, String runAsUser, String entityId, Map<String, String> params, Map<String, String> headers, int expectedStatus) throws Exception
{
return delete(url, runAsUser, entityId, params, headers, null, expectedStatus);
}
protected HttpResponse delete(String url, String runAsUser, String entityId, Map<String, String> params, Map<String, String> headers, String apiName, int expectedStatus) throws Exception
{
RequestBuilder requestBuilder = httpClient.new DeleteRequestBuilder()
.setRequestContext(new RequestContext(runAsUser))
.setScope(getScope())
.setApiName(apiName)
.setEntityCollectionName(url)
.setEntityId(entityId)
.setParams(params)

53
source/test-java/org/alfresco/rest/api/tests/AuthenticationsTest.java
View File

@@ -46,15 +46,20 @@ import java.util.List;
import java.util.Map;
/**
* Authentication tickets API tests.
*
* @author Jamal Kaabi-Mofrad
*/
public class AuthenticationsTest extends AbstractBaseApiTest
{
private static final String TICKETS_URL = "tickets";
private static final String TICKETS_API_NAME = "authentication";
private String user1;
private String user2;
private List<String> users = new ArrayList<>();
protected MutableAuthenticationService authenticationService;
protected PersonService personService;
private MutableAuthenticationService authenticationService;
private PersonService personService;
@Before
public void setup() throws Exception
@@ -98,13 +103,13 @@ public class AuthenticationsTest extends AbstractBaseApiTest
* Tests login (create ticket), logout (delete ticket), and validate (get ticket).
*
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/tickets}
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets}
*
* <p>GET:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/tickets/-me-}
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets/-me-}
*
* <p>DELETE:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/tickets/-me-}
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets/-me-}
*/
@Test
public void testCreateValidateDeleteTicket() throws Exception
@@ -120,22 +125,22 @@ public class AuthenticationsTest extends AbstractBaseApiTest
// User1 login request
LoginTicket loginRequest = new LoginTicket();
// Invalid login details
post("tickets", null, RestApiUtil.toJsonAsString(loginRequest), 400);
post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(null);
loginRequest.setPassword("user1Password");
// Invalid login details
post("tickets", null, RestApiUtil.toJsonAsString(loginRequest), 400);
post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(user1);
loginRequest.setPassword(null);
// Invalid login details
post("tickets", null, RestApiUtil.toJsonAsString(loginRequest), 400);
post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(user1);
loginRequest.setPassword("user1Password");
// Authenticate and create a ticket
HttpResponse response = post("tickets", null, RestApiUtil.toJsonAsString(loginRequest), 201);
HttpResponse response = post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 201);
LoginTicketResponse loginResponse = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertNotNull(loginResponse.getId());
assertNotNull(loginResponse.getUserId());
@@ -149,26 +154,26 @@ public class AuthenticationsTest extends AbstractBaseApiTest
getAll(SiteEntityResource.class, null, paging, Collections.singletonMap("alf_ticket", "TICKET_" + System.currentTimeMillis()), 401);
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle("tickets", null, loginResponse.getId(), ticket, 400);
getSingle(TICKETS_URL, null, loginResponse.getId(), ticket, null, TICKETS_API_NAME, 400);
// Validate ticket
response = getSingle("tickets", null, People.DEFAULT_USER, ticket, 200);
response = getSingle(TICKETS_URL, null, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 200);
LoginTicketResponse validatedTicket = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertEquals(loginResponse.getId(), validatedTicket.getId());
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle("tickets", null, loginResponse.getId(), ticket, 400);
getSingle(TICKETS_URL, null, loginResponse.getId(), ticket, null, TICKETS_API_NAME, 400);
// Delete the ticket - Logout
delete("tickets", null, People.DEFAULT_USER, ticket, 204);
delete(TICKETS_URL, null, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 204);
// Validate ticket - 401 as ticket has been invalidated so the API call is unauthorized
getSingle("tickets", null, People.DEFAULT_USER, ticket, 401);
getSingle(TICKETS_URL, null, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 401);
// Check the ticket has been invalidated - the difference with the above is that the API call is authorized
getSingle("tickets", user1, People.DEFAULT_USER, ticket, 404);
getSingle(TICKETS_URL, user1, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 404);
// Ticket has already been invalidated
delete("tickets", user1, People.DEFAULT_USER, ticket, 404);
delete(TICKETS_URL, user1, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 404);
// Get list of site by appending the invalidated ticket
getAll(SiteEntityResource.class, null, paging, ticket, 401);
@@ -189,18 +194,18 @@ public class AuthenticationsTest extends AbstractBaseApiTest
loginRequest.setUserId(user2);
loginRequest.setPassword("wrongPassword");
// Authentication failed - wrong password
post("tickets", null, RestApiUtil.toJsonAsString(loginRequest), 403);
post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 403);
loginRequest.setUserId(user1);
loginRequest.setPassword("user2Password");
// Authentication failed - userId/password mismatch
post("tickets", null, RestApiUtil.toJsonAsString(loginRequest), 403);
post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 403);
// Set the correct details
loginRequest.setUserId(user2);
loginRequest.setPassword("user2Password");
// Authenticate and create a ticket
response = post("tickets", null, RestApiUtil.toJsonAsString(loginRequest), 201);
response = post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 201);
loginResponse = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertNotNull(loginResponse.getId());
assertNotNull(loginResponse.getUserId());
@@ -214,10 +219,10 @@ public class AuthenticationsTest extends AbstractBaseApiTest
assertEquals(1, nodes.size());
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle("tickets", null, loginResponse.getId(), null, header, 400);
getSingle(TICKETS_URL, null, loginResponse.getId(), null, header, TICKETS_API_NAME, 400);
// Validate ticket - user2
response = getSingle("tickets", null, People.DEFAULT_USER, null, header, 200);
response = getSingle(TICKETS_URL, null, People.DEFAULT_USER, null, header, TICKETS_API_NAME, 200);
validatedTicket = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertEquals(loginResponse.getId(), validatedTicket.getId());
@@ -238,14 +243,14 @@ public class AuthenticationsTest extends AbstractBaseApiTest
assertEquals(1, nodes.size());
// Try to validate the ticket without supplying the Authorization header or the alf_ticket param
getSingle("tickets", user2, People.DEFAULT_USER, null, null, 400);
getSingle(TICKETS_URL, user2, People.DEFAULT_USER, null, null, TICKETS_API_NAME, 400);
// Delete the ticket - Invalid parameter. Only '-me-' is supported
header = Collections.singletonMap("Authorization", "Basic " + encodedUserIdAndTicket);
delete("tickets", null, loginResponse.getId(), null, header, 400);
delete(TICKETS_URL, null, loginResponse.getId(), null, header, TICKETS_API_NAME, 400);
// Delete the ticket - Logout
delete("tickets", null, People.DEFAULT_USER, null, header, 204);
delete(TICKETS_URL, null, People.DEFAULT_USER, null, header, TICKETS_API_NAME, 204);
// Get children of user2 home folder - invalidated ticket
getAll(getNodeChildrenUrl(Nodes.PATH_MY), null, paging, null, header, 401);

41
source/test-java/org/alfresco/rest/api/tests/client/PublicApiHttpClient.java
View File

@@ -65,6 +65,7 @@ import org.apache.commons.httpclient.methods.PutMethod;
import org.apache.commons.httpclient.methods.RequestEntity;
import org.apache.commons.httpclient.methods.StringRequestEntity;
import org.apache.commons.httpclient.methods.TraceMethod;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
@@ -668,10 +669,16 @@ public class PublicApiHttpClient
Api api = ResourceInspector.inspectApi(resourceClass);
SCOPE scope = api.getScope();
int version = api.getVersion();
String name = api.getName();
if (StringUtils.isEmpty(name))
{
name = apiName;
}
Pair<String, String> relationshipCollectionInfo = getRelationCollectionInfo(resourceClass);
sb.append(MessageFormat.format(BASE_URL, new Object[] { scheme, host, String.valueOf(port), contextPath, servletName,
tenantDomain == null ? TenantUtil.DEFAULT_TENANT : tenantDomain, scope.toString(), apiName, version }));
tenantDomain == null ? TenantUtil.DEFAULT_TENANT : tenantDomain, scope.toString(), name, version }));
if (relationshipCollectionInfo != null)
{
@@ -744,6 +751,12 @@ public class PublicApiHttpClient
RestApiEndpoint(String tenantDomain, String scope, int version, String collectionName, Object collectionEntityId, String relationName,
Object relationEntityId, Map<String, String> params) throws IOException
{
this(tenantDomain, scope, apiName, version, collectionName, collectionEntityId, relationName, relationEntityId, params);
}
RestApiEndpoint(String tenantDomain, String scope, String apiName, int version, String collectionName, Object collectionEntityId,
String relationName, Object relationEntityId, Map<String, String> params) throws IOException
{
StringBuilder sb = new StringBuilder();
@@ -751,6 +764,12 @@ public class PublicApiHttpClient
{
tenantDomain = TenantUtil.DEFAULT_TENANT;
}
if (StringUtils.isEmpty(apiName))
{
apiName = PublicApiHttpClient.this.apiName;
}
sb.append(MessageFormat.format(BASE_URL,
new Object[] { scheme, host, String.valueOf(port), contextPath, servletName, tenantDomain, scope, apiName, version }));
@@ -992,6 +1011,7 @@ public class PublicApiHttpClient
{
private RequestContext requestContext;
private String scope;
private String apiName = "alfresco"; // default api namespace
private int version = 1;
private String entityCollectionName;
private Object entityId;
@@ -1035,6 +1055,17 @@ public class PublicApiHttpClient
return this;
}
public String getApiName()
{
return apiName;
}
public RequestBuilder setApiName(String apiName)
{
this.apiName = apiName;
return this;
}
public int getVersion()
{
return version;
@@ -1132,7 +1163,7 @@ public class PublicApiHttpClient
public GetMethod getHttpMethod() throws IOException
{
RestApiEndpoint endpoint = new RestApiEndpoint(getRequestContext().getNetworkId(),
getScope(), getVersion(), getEntityCollectionName(),
getScope(), getApiName(), getVersion(), getEntityCollectionName(),
getEntityId(), getRelationCollectionName(), getRelationshipEntityId(), getParams());
String url = endpoint.getUrl();
@@ -1148,7 +1179,7 @@ public class PublicApiHttpClient
public DeleteMethod getHttpMethod() throws IOException
{
RestApiEndpoint endpoint = new RestApiEndpoint(getRequestContext().getNetworkId(),
getScope(), getVersion(), getEntityCollectionName(),
getScope(), getApiName(), getVersion(), getEntityCollectionName(),
getEntityId(), getRelationCollectionName(), getRelationshipEntityId(), getParams());
String url = endpoint.getUrl();
@@ -1205,7 +1236,7 @@ public class PublicApiHttpClient
public PostMethod getHttpMethod() throws IOException
{
RestApiEndpoint endpoint = new RestApiEndpoint(getRequestContext().getNetworkId(),
getScope(), getVersion(), getEntityCollectionName(),
getScope(), getApiName(), getVersion(), getEntityCollectionName(),
getEntityId(), getRelationCollectionName(), getRelationshipEntityId(), getParams());
String url = endpoint.getUrl();
@@ -1254,7 +1285,7 @@ public class PublicApiHttpClient
public PutMethod getHttpMethod() throws IOException
{
RestApiEndpoint endpoint = new RestApiEndpoint(getRequestContext().getNetworkId(),
getScope(), getVersion(), getEntityCollectionName(),
getScope(), getApiName(), getVersion(), getEntityCollectionName(),
getEntityId(), getRelationCollectionName(), getRelationshipEntityId(), getParams());
String url = endpoint.getUrl();