usergrid-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mru...@apache.org
Subject [2/2] usergrid git commit: Add additional tests for checking permissions.
Date Fri, 04 Dec 2015 17:52:33 GMT
Add additional tests for checking permissions.


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/b1e11e38
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/b1e11e38
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/b1e11e38

Branch: refs/heads/rest-fixes
Commit: b1e11e38af16d21ac77139aacd697a3a159a793a
Parents: 7ddf0f4
Author: Michael Russo <michaelarusso@gmail.com>
Authored: Fri Dec 4 09:52:28 2015 -0800
Committer: Michael Russo <michaelarusso@gmail.com>
Committed: Fri Dec 4 09:52:28 2015 -0800

----------------------------------------------------------------------
 .../usergrid/rest/applications/SecurityIT.java  | 124 +++++++++++++++++++
 .../usergrid/services/ServiceRequestIT.java     |   5 +-
 2 files changed, 128 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/b1e11e38/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
new file mode 100644
index 0000000..825e30f
--- /dev/null
+++ b/stack/rest/src/test/java/org/apache/usergrid/rest/applications/SecurityIT.java
@@ -0,0 +1,124 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.usergrid.rest.applications;
+
+
+import com.sun.jersey.api.client.UniformInterfaceException;
+import org.apache.usergrid.rest.AbstractRestIT;
+import org.apache.usergrid.utils.UUIDUtils;
+import org.codehaus.jackson.JsonNode;
+import org.junit.Test;
+import javax.ws.rs.core.MediaType;
+import java.util.UUID;
+import static org.junit.Assert.assertEquals;
+
+/**
+ * These tests will execute requests against certain paths (with or without credentials)
to ensure access is being
+ * allowed according to the REST and Services permissions defined for the resource.
+ */
+public class SecurityIT extends AbstractRestIT {
+
+    final String BASE_PATH = "/test-organization/test-app";
+    final int UNAUTHORIZED_STATUS = 401;
+
+    @Test
+    public void testAssetsNoCredentials(){
+
+        final UUID uuid = UUIDUtils.newTimeUUID();
+        int responseStatus = 0;
+
+        try {
+            // intentionally do not add access_token
+            resource().path(BASE_PATH + "/assets/" + uuid + "/data")
+                    .accept(MediaType.APPLICATION_JSON_TYPE)
+                    .get(JsonNode.class);
+        }
+        catch (UniformInterfaceException uie ) {
+            responseStatus = uie.getResponse().getStatus();
+        }
+        assertEquals(UNAUTHORIZED_STATUS, responseStatus);
+    }
+
+    @Test
+    public void testFacebookAuthNoCredentials(){
+
+        int responseStatus = 0;
+
+        try {
+            // intentionally do not add access_token
+            resource().path(BASE_PATH + "/auth/facebook")
+                    .accept(MediaType.APPLICATION_JSON_TYPE)
+                    .get(JsonNode.class);
+        }
+        catch (UniformInterfaceException uie ) {
+            responseStatus = uie.getResponse().getStatus();
+        }
+        assertEquals(UNAUTHORIZED_STATUS, responseStatus);
+    }
+
+    @Test
+    public void testPingIdentityAuthNoCredentials(){
+
+        int responseStatus = 0;
+
+        try {
+            // intentionally do not add access_token
+            resource().path(BASE_PATH + "/auth/pingident")
+                    .accept(MediaType.APPLICATION_JSON_TYPE)
+                    .get(JsonNode.class);
+        }
+        catch (UniformInterfaceException uie ) {
+            responseStatus = uie.getResponse().getStatus();
+        }
+        assertEquals(UNAUTHORIZED_STATUS, responseStatus);
+    }
+
+    @Test
+    public void testFoursquareAuthNoCredentials(){
+
+        int responseStatus = 0;
+
+        try {
+            // intentionally do not add access_token
+            resource().path(BASE_PATH + "/auth/foursquare")
+                    .accept(MediaType.APPLICATION_JSON_TYPE)
+                    .get(JsonNode.class);
+        }
+        catch (UniformInterfaceException uie ) {
+            responseStatus = uie.getResponse().getStatus();
+        }
+        assertEquals(UNAUTHORIZED_STATUS, responseStatus);
+    }
+
+    @Test
+    public void testQueuesNoCredentials(){
+
+        int responseStatus = 0;
+
+        try {
+            // intentionally do not add access_token
+            resource().path(BASE_PATH + "/queues")
+                    .accept(MediaType.APPLICATION_JSON_TYPE)
+                    .get(JsonNode.class);
+        }
+        catch (UniformInterfaceException uie ) {
+            responseStatus = uie.getResponse().getStatus();
+        }
+        assertEquals(UNAUTHORIZED_STATUS, responseStatus);
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/usergrid/blob/b1e11e38/stack/services/src/test/java/org/apache/usergrid/services/ServiceRequestIT.java
----------------------------------------------------------------------
diff --git a/stack/services/src/test/java/org/apache/usergrid/services/ServiceRequestIT.java
b/stack/services/src/test/java/org/apache/usergrid/services/ServiceRequestIT.java
index 846c58e..94be312 100644
--- a/stack/services/src/test/java/org/apache/usergrid/services/ServiceRequestIT.java
+++ b/stack/services/src/test/java/org/apache/usergrid/services/ServiceRequestIT.java
@@ -25,6 +25,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.UUID;
 
+import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.slf4j.Logger;
@@ -107,6 +108,7 @@ public class ServiceRequestIT {
     }
 
     //Verify that entity read repair is functioning as intended.
+    @Ignore("Temporarily disabled as read repair is disabled temporarily in EntityManagerImpl.")
     @Test
     public void testRepairOfSingleEntity() throws Exception{
         String rand = RandomStringUtils.randomAlphanumeric( 10 );
@@ -165,7 +167,7 @@ public class ServiceRequestIT {
 
     }
 
-
+    @Ignore("Temporarily disabled as read repair is disabled temporarily in EntityManagerImpl.")
     @Test
     public void testRepairOfOnlyOneOfTwoColumns() throws Exception{
         String rand = RandomStringUtils.randomAlphanumeric( 10 );
@@ -235,6 +237,7 @@ public class ServiceRequestIT {
     //For this test you need to insert a dummy key with a dummy column that leads to nowhere
     //then run the unique index cleanup.
     //checks for bug when only column doesn't exist make sure to delete the row as well.
+    @Ignore("Temporarily disabled as read repair is disabled temporarily in EntityManagerImpl.")
     @Test
     public void testRepairOfMultipleEntitiesAndRemainingEntities() throws Exception{
         String rand = RandomStringUtils.randomAlphanumeric( 10 );


Mime
View raw message