diff options
Diffstat (limited to 'opendc-web/opendc-web-server/src/test/java/org')
9 files changed, 283 insertions, 320 deletions
diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/SchedulerResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/SchedulerResourceTest.java index feeac4d3..f52ede3a 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/SchedulerResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/SchedulerResourceTest.java @@ -22,11 +22,10 @@ package org.opendc.web.server.rest; -import static io.restassured.RestAssured.when; +import static io.restassured.RestAssured.given; import io.quarkus.test.common.http.TestHTTPEndpoint; import io.quarkus.test.junit.QuarkusTest; -import io.restassured.http.ContentType; import org.junit.jupiter.api.Test; /** @@ -40,6 +39,6 @@ public final class SchedulerResourceTest { */ @Test public void testGetSchedulers() { - when().get().then().statusCode(200).contentType(ContentType.JSON); + given().get().then().statusCode(200); } } diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/TraceResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/TraceResourceTest.java index 5c5976db..9da26059 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/TraceResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/TraceResourceTest.java @@ -41,7 +41,7 @@ public final class TraceResourceTest { */ @Test public void testGetAllEmpty() { - when().get().then().statusCode(200).contentType(ContentType.JSON); + when().get().then().statusCode(200); } /** @@ -49,7 +49,7 @@ public final class TraceResourceTest { */ @Test public void testGetNonExisting() { - when().get("/unknown").then().statusCode(404).contentType(ContentType.JSON); + when().get("/unknown").then().statusCode(404); } /** diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/runner/JobResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/runner/JobResourceTest.java index 94b2cef0..09f60c0a 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/runner/JobResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/runner/JobResourceTest.java @@ -23,7 +23,6 @@ package org.opendc.web.server.rest.runner; import static io.restassured.RestAssured.given; -import static io.restassured.RestAssured.when; import static org.hamcrest.Matchers.equalTo; import io.quarkus.test.common.http.TestHTTPEndpoint; @@ -44,7 +43,7 @@ public final class JobResourceTest { */ @Test public void testQueryWithoutToken() { - when().get().then().statusCode(401); + given().get().then().statusCode(401); } /** @@ -52,10 +51,10 @@ public final class JobResourceTest { */ @Test @TestSecurity( - user = "test", + user = "test_user_1", roles = {"openid"}) public void testQueryInvalidScope() { - when().get().then().statusCode(403); + given().get().then().statusCode(403); } /** @@ -63,10 +62,10 @@ public final class JobResourceTest { */ @Test @TestSecurity( - user = "test", + user = "test_user_1", roles = {"runner"}) public void testQuery() { - when().get().then().statusCode(200).contentType(ContentType.JSON).body("get(0).state", equalTo("PENDING")); + given().get().then().statusCode(200).contentType(ContentType.JSON).body("get(0).state", equalTo("PENDING")); } /** @@ -74,10 +73,10 @@ public final class JobResourceTest { */ @Test @TestSecurity( - user = "test", + user = "test_user_1", roles = {"runner"}) public void testGetNonExisting() { - when().get("/0").then().statusCode(404).contentType(ContentType.JSON); + given().get("/0").then().statusCode(404); } /** @@ -85,10 +84,10 @@ public final class JobResourceTest { */ @Test @TestSecurity( - user = "test", + user = "test_user_1", roles = {"runner"}) public void testGetExisting() { - when().get("/1").then().statusCode(200).contentType(ContentType.JSON).body("id", equalTo(1)); + given().get("/1").then().statusCode(200).contentType(ContentType.JSON).body("id", equalTo(1)); } /** @@ -96,7 +95,7 @@ public final class JobResourceTest { */ @Test @TestSecurity( - user = "test", + user = "test_user_1", roles = {"runner"}) public void testUpdateNonExistent() { given().body(new org.opendc.web.proto.runner.Job.Update(JobState.PENDING, 0, null)) @@ -113,7 +112,7 @@ public final class JobResourceTest { */ @Test @TestSecurity( - user = "test", + user = "test_user_1", roles = {"runner"}) public void testUpdateState() { given().body(new org.opendc.web.proto.runner.Job.Update(JobState.CLAIMED, 0, null)) @@ -131,7 +130,7 @@ public final class JobResourceTest { */ @Test @TestSecurity( - user = "test", + user = "test_user_1", roles = {"runner"}) public void testUpdateInvalidInput() { given().body("{ \"test\": \"test\" }") diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioResourceTest.java index a952d83f..f23b4fc4 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioResourceTest.java @@ -40,33 +40,55 @@ import org.opendc.web.proto.Targets; @TestHTTPEndpoint(PortfolioResource.class) public final class PortfolioResourceTest { /** - * Test that tries to obtain the list of portfolios belonging to a project. + * Test that tries to obtain the list of all portfolios belonging to a project. */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) - public void testGetForProject() { - given().pathParam("project", 1).when().get().then().statusCode(200).contentType(ContentType.JSON); + public void testGetAllForProject() { + given().pathParam("project", 1).when().get().then().statusCode(200); } /** - * Test that tries to obtain the list of portfolios belonging to a project without authorization. + * Test that tries to obtain the list of all portfolios belonging to a project + * without authorization. + * + * TODO: Why is this an empty list, and not a 403 message? */ @Test @TestSecurity( - user = "unknown", + user = "test_user_1", roles = {"openid"}) - public void testGetForProjectNoAuthorization() { - given().pathParam("project", 1).when().get().then().statusCode(200).contentType(ContentType.JSON); + public void testGetAllForProjectNoAuthorization() { + given().pathParam("project", 1).when().get().then().statusCode(200); } /** - * Test that tries to create a topology for a project. + * Test that tries to create a portfolio for a project that exists and user has permission. */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", + roles = {"openid"}) + public void testCreate() { + given().pathParam("project", "1") + .body(new org.opendc.web.proto.user.Portfolio.Create("Test Portfolio New", new Targets(Set.of(), 1))) + .contentType(ContentType.JSON) + .when() + .post() + .then() + .statusCode(200) + .contentType(ContentType.JSON) + .body("name", equalTo("Test Portfolio New")); + } + + /** + * Test that tries to create a topology for a project that does not exist. + */ + @Test + @TestSecurity( + user = "test_user_1", roles = {"openid"}) public void testCreateNonExistent() { given().pathParam("project", "0") @@ -75,45 +97,42 @@ public final class PortfolioResourceTest { .when() .post() .then() - .statusCode(404) - .contentType(ContentType.JSON); + .statusCode(404); } /** - * Test that tries to create a topology for a project. + * Test that tries to create a portfolio for a project that does exist but the user does not have permission. */ @Test @TestSecurity( - user = "viewer", + user = "test_user_2", roles = {"openid"}) - public void testCreateNotPermitted() { + public void testCreateViewer() { given().pathParam("project", "1") .body(new org.opendc.web.proto.user.Portfolio.Create("test", new Targets(Set.of(), 1))) .contentType(ContentType.JSON) .when() .post() .then() - .statusCode(403) - .contentType(ContentType.JSON); + .statusCode(403); } /** - * Test that tries to create a portfolio for a project. + * Test that tries to create a portfolio for a project that does exist but the user does not have permission. + * TODO: This should return 403 but does not because there is no user class */ @Test @TestSecurity( - user = "editor", + user = "test_user_1", roles = {"openid"}) - public void testCreate() { - given().pathParam("project", "1") + public void testCreateNotPermitted() { + given().pathParam("project", "3") .body(new org.opendc.web.proto.user.Portfolio.Create("test", new Targets(Set.of(), 1))) .contentType(ContentType.JSON) .when() .post() .then() - .statusCode(200) - .contentType(ContentType.JSON) - .body("name", equalTo("test")); + .statusCode(404); } /** @@ -121,7 +140,7 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "editor", + user = "test_user_1", roles = {"openid"}) public void testCreateEmpty() { given().pathParam("project", "1") @@ -130,8 +149,7 @@ public final class PortfolioResourceTest { .when() .post() .then() - .statusCode(400) - .contentType(ContentType.JSON); + .statusCode(400); } /** @@ -139,7 +157,7 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "editor", + user = "test_user_1", roles = {"openid"}) public void testCreateBlankName() { given().pathParam("project", "1") @@ -148,8 +166,7 @@ public final class PortfolioResourceTest { .when() .post() .then() - .statusCode(400) - .contentType(ContentType.JSON); + .statusCode(400); } /** @@ -165,7 +182,7 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"runner"}) public void testGetInvalidToken() { given().pathParam("project", "1").when().get("/1").then().statusCode(403); @@ -176,15 +193,10 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetNonExisting() { - given().pathParam("project", "1") - .when() - .get("/0") - .then() - .statusCode(404) - .contentType(ContentType.JSON); + given().pathParam("project", "1").when().get("/0").then().statusCode(404); } /** @@ -192,15 +204,10 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetNonExistingProject() { - given().pathParam("project", "0") - .when() - .get("/1") - .then() - .statusCode(404) - .contentType(ContentType.JSON); + given().pathParam("project", "0").when().get("/1").then().statusCode(404); } /** @@ -208,7 +215,7 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetExisting() { given().pathParam("project", "1") @@ -225,7 +232,7 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDeleteNonExistent() { given().pathParam("project", "1").when().delete("/0").then().statusCode(404); @@ -236,7 +243,7 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDeleteNonExistentProject() { given().pathParam("project", "0").when().delete("/1").then().statusCode(404); @@ -247,26 +254,21 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDelete() { - int number = given().pathParam("project", "1") - .body(new org.opendc.web.proto.user.Portfolio.Create("Delete Portfolio", new Targets(Set.of(), 1))) - .contentType(ContentType.JSON) - .when() - .post() - .then() - .statusCode(200) - .contentType(ContentType.JSON) - .extract() - .path("number"); + given().pathParam("project", "1").when().delete("/2").then().statusCode(200); + } - given().pathParam("project", "1") - .when() - .delete("/" + number) - .then() - .statusCode(200) - .contentType(ContentType.JSON); + /** + * Test to delete a portfolio as an editor. + */ + @Test + @TestSecurity( + user = "test_user_3", + roles = {"openid"}) + public void testDeleteEditor() { + given().pathParam("project", "1").when().delete("/3").then().statusCode(200); } /** @@ -274,14 +276,9 @@ public final class PortfolioResourceTest { */ @Test @TestSecurity( - user = "viewer", + user = "test_user_2", roles = {"openid"}) public void testDeleteAsViewer() { - given().pathParam("project", "1") - .when() - .delete("/1") - .then() - .statusCode(403) - .contentType(ContentType.JSON); + given().pathParam("project", "1").when().delete("/1").then().statusCode(403); } } diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioScenarioResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioScenarioResourceTest.java index 58042833..270dbae9 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioScenarioResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/PortfolioScenarioResourceTest.java @@ -43,7 +43,7 @@ public final class PortfolioScenarioResourceTest { /** * Test that tries to obtain a portfolio without token. */ - // @Test + @Test public void testGetWithoutToken() { given().pathParam("project", "1") .pathParam("portfolio", "1") @@ -58,7 +58,7 @@ public final class PortfolioScenarioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"runner"}) public void testGetInvalidToken() { given().pathParam("project", "1") @@ -72,12 +72,12 @@ public final class PortfolioScenarioResourceTest { /** * Test that tries to obtain a scenario without authorization. */ - // @Test - // @TestSecurity( - // user = "unknown", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testGetUnauthorized() { - given().pathParam("project", "1") + given().pathParam("project", "2") .pathParam("portfolio", "1") .when() .get() @@ -88,28 +88,28 @@ public final class PortfolioScenarioResourceTest { /** * Test that tries to obtain a scenario. + * TODO: shouldn't this be all scenarios? */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testGet() { given().pathParam("project", "1") .pathParam("portfolio", "1") .when() .get() .then() - .statusCode(200) - .contentType(ContentType.JSON); + .statusCode(200); } /** - * Test that tries to create a scenario for a portfolio. + * Test that tries to create a scenario for a portfolio that does not exist in a project that can be accessed. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateNonExistent() { given().pathParam("project", "1") .pathParam("portfolio", "0") @@ -126,13 +126,13 @@ public final class PortfolioScenarioResourceTest { /** * Test that tries to create a scenario for a portfolio without authorization. */ - // @Test - // @TestSecurity( - // user = "unknown", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateUnauthorized() { - given().pathParam("project", "1") - .pathParam("portfolio", "0") + given().pathParam("project", "2") + .pathParam("portfolio", "1") .body(new Scenario.Create( "test", new Workload.Spec("test", 1.0), 1, new OperationalPhenomena(false, false), "test")) .contentType(ContentType.JSON) @@ -146,13 +146,13 @@ public final class PortfolioScenarioResourceTest { /** * Test that tries to create a scenario for a portfolio as a viewer. */ - // @Test - // @TestSecurity( - // user = "viewer", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_2", + roles = {"openid"}) public void testCreateAsViewer() { given().pathParam("project", "1") - .pathParam("portfolio", "0") + .pathParam("portfolio", "1") .body(new Scenario.Create( "test", new Workload.Spec("test", 1.0), 1, new OperationalPhenomena(false, false), "test")) .contentType(ContentType.JSON) @@ -166,15 +166,15 @@ public final class PortfolioScenarioResourceTest { /** * Test that tries to create a scenario for a portfolio. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreate() { given().pathParam("project", "1") .pathParam("portfolio", "1") .body(new Scenario.Create( - "test", + "Test Scenario New", new Workload.Spec("bitbrains-small", 1.0), 1, new OperationalPhenomena(false, false), @@ -185,16 +185,16 @@ public final class PortfolioScenarioResourceTest { .then() .statusCode(200) .contentType(ContentType.JSON) - .body("name", equalTo("test")); + .body("name", equalTo("Test Scenario New")); } /** * Test to create a project with an empty body. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateEmpty() { given().pathParam("project", "1") .pathParam("portfolio", "1") @@ -210,10 +210,10 @@ public final class PortfolioScenarioResourceTest { /** * Test to create a project with a blank name. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateBlankName() { given().pathParam("project", "1") .pathParam("portfolio", "1") @@ -228,12 +228,12 @@ public final class PortfolioScenarioResourceTest { } /** - * Test that tries to create a scenario for a portfolio. + * Test that tries to create a scenario for a portfolio with an unknown Topology. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateUnknownTopology() { given().pathParam("project", "1") .pathParam("portfolio", "1") @@ -252,12 +252,12 @@ public final class PortfolioScenarioResourceTest { } /** - * Test that tries to create a scenario for a portfolio. + * Test that tries to create a scenario for a portfolio with an unknown Trace. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateUnknownTrace() { given().pathParam("project", "1") .pathParam("portfolio", "1") diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ProjectResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ProjectResourceTest.java index bd7cff9b..450c0c0c 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ProjectResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ProjectResourceTest.java @@ -24,7 +24,7 @@ package org.opendc.web.server.rest.user; import static io.restassured.RestAssured.given; import static io.restassured.RestAssured.when; -import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.Matchers.*; import io.quarkus.test.common.http.TestHTTPEndpoint; import io.quarkus.test.junit.QuarkusTest; @@ -41,7 +41,7 @@ public final class ProjectResourceTest { /** * Test that tries to obtain all projects without token. */ - // @Test + @Test public void testGetAllWithoutToken() { when().get().then().statusCode(401); } @@ -51,30 +51,41 @@ public final class ProjectResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"runner"}) public void testGetAllWithInvalidScope() { when().get().then().statusCode(403); } /** + * Test that tries to obtain when no projects have yet been made. + */ + @Test + @TestSecurity( + user = "test_user_4", + roles = {"openid"}) + public void testGetAllWithNoAvailableProjects() { + when().get().then().statusCode(200).contentType(ContentType.JSON).body("", empty()); + } + + /** * Test that tries to obtain all project for a user. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_3", + roles = {"openid"}) public void testGetAll() { - when().get().then().statusCode(200).contentType(ContentType.JSON).body("get(0).name", equalTo("Test Project")); + given().get().then().statusCode(200).contentType(ContentType.JSON).body("", hasSize(4)); } /** * Test that tries to obtain a non-existent project. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testGetNonExisting() { when().get("/0").then().statusCode(404).contentType(ContentType.JSON); } @@ -82,106 +93,104 @@ public final class ProjectResourceTest { /** * Test that tries to obtain a project. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testGetExisting() { - when().get("/1").then().statusCode(200).contentType(ContentType.JSON).body("id", equalTo(1)); + // Try to get the project + given().get("/1").then().statusCode(200).contentType(ContentType.JSON).body("id", equalTo(1)); } /** * Test that tries to create a project. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreate() { - given().body(new org.opendc.web.proto.user.Project.Create("test")) + given().body(new org.opendc.web.proto.user.Project.Create("Test Project New")) .contentType(ContentType.JSON) .when() .post() .then() .statusCode(200) .contentType(ContentType.JSON) - .body("name", equalTo("test")); + .body("name", equalTo("Test Project New")); } /** * Test to create a project with an empty body. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateEmpty() { - given().body("{}") - .contentType(ContentType.JSON) - .when() - .post() - .then() - .statusCode(400) - .contentType(ContentType.JSON); + given().body("{}").contentType(ContentType.JSON).when().post().then().statusCode(400); } /** * Test to create a project with a blank name. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testCreateBlankName() { given().body(new org.opendc.web.proto.user.Project.Create("")) .contentType(ContentType.JSON) .when() .post() .then() - .statusCode(400) - .contentType(ContentType.JSON); + .statusCode(400); + } + + /** + * Test to delete a project that is owned by the user. + */ + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) + public void testDelete() { + given().delete("/6").then().statusCode(200); } /** * Test to delete a non-existent project. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_1", + roles = {"openid"}) public void testDeleteNonExistent() { - when().delete("/0").then().statusCode(404).contentType(ContentType.JSON); + when().delete("/0").then().statusCode(404); } /** - * Test to delete a project. + * Test to delete a project which is not connected to the user. + * test_user_3 is not connected to project 1. */ - // @Test - // @TestSecurity( - // user = "owner", - // roles = {"openid"}) - public void testDelete() { - int id = given().body(new org.opendc.web.proto.user.Project.Create("Delete Project")) - .contentType(ContentType.JSON) - .when() - .post() - .then() - .statusCode(200) - .contentType(ContentType.JSON) - .extract() - .path("id"); - - when().delete("/" + id).then().statusCode(200).contentType(ContentType.JSON); + @Test + @TestSecurity( + user = "test_user_3", + roles = {"openid"}) + public void testDeleteNotConnected() { + when().delete("/1").then().statusCode(403); } /** * Test to delete a project which the user does not own. + * project 1 is owned by test_user_1, test_user_2 is a viewer + * should not be able to delete it */ - // @Test - // @TestSecurity( - // user = "viewer", - // roles = {"openid"}) + @Test + @TestSecurity( + user = "test_user_2", + roles = {"openid"}) public void testDeleteNonOwner() { - when().delete("/1").then().statusCode(403).contentType(ContentType.JSON); + when().delete("/1").then().statusCode(403); } } diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ScenarioResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ScenarioResourceTest.java index a980e4e2..d81f9655 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ScenarioResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/ScenarioResourceTest.java @@ -28,13 +28,8 @@ import static org.hamcrest.Matchers.equalTo; import io.quarkus.test.common.http.TestHTTPEndpoint; import io.quarkus.test.junit.QuarkusTest; import io.quarkus.test.security.TestSecurity; -import io.restassured.builder.RequestSpecBuilder; import io.restassured.http.ContentType; -import io.restassured.specification.RequestSpecification; import org.junit.jupiter.api.Test; -import org.opendc.web.proto.OperationalPhenomena; -import org.opendc.web.proto.Workload; -import org.opendc.web.proto.user.Scenario; /** * Test suite for {@link ScenarioResource}. @@ -47,10 +42,10 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "unknown", + user = "test_user_1", roles = {"openid"}) public void testGetAllUnauthorized() { - given().pathParam("project", "1").when().get().then().statusCode(404).contentType(ContentType.JSON); + given().pathParam("project", "2").when().get().then().statusCode(404); } /** @@ -58,10 +53,10 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetAll() { - given().pathParam("project", "1").when().get().then().statusCode(200).contentType(ContentType.JSON); + given().pathParam("project", "1").when().get().then().statusCode(200); } /** @@ -77,7 +72,7 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"runner"}) public void testGetInvalidToken() { given().pathParam("project", "1").when().get("/1").then().statusCode(403); @@ -88,7 +83,7 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetNonExisting() { given().pathParam("project", "1") @@ -100,14 +95,14 @@ public final class ScenarioResourceTest { } /** - * Test that tries to obtain a scenario. + * Test that tries to obtain a scenario when it does not have authority to get to the project. */ @Test @TestSecurity( - user = "unknown", + user = "test_user_1", roles = {"openid"}) public void testGetExistingUnauthorized() { - given().pathParam("project", "1") + given().pathParam("project", "2") .when() .get("/1") .then() @@ -120,7 +115,7 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetExisting() { given().pathParam("project", "1") @@ -137,7 +132,7 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDeleteNonExistent() { given().pathParam("project", "1").when().delete("/0").then().statusCode(404); @@ -148,10 +143,10 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "unknown", + user = "test_user_1", roles = {"openid"}) public void testDeleteUnauthorized() { - given().pathParam("project", "1").when().delete("/1").then().statusCode(404); + given().pathParam("project", "2").when().delete("/1").then().statusCode(404); } /** @@ -159,7 +154,7 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "viewer", + user = "test_user_2", roles = {"openid"}) public void testDeleteAsViewer() { given().pathParam("project", "1").when().delete("/1").then().statusCode(403); @@ -170,32 +165,12 @@ public final class ScenarioResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDelete() { - RequestSpecification spec = new RequestSpecBuilder() - .setBasePath("/projects/1/portfolios/1/scenarios") - .build(); - - int number = given(spec) - .body(new Scenario.Create( - "test", - new Workload.Spec("bitbrains-small", 1.0), - 1, - new OperationalPhenomena(false, false), - "test")) - .contentType(ContentType.JSON) - .when() - .post() - .then() - .statusCode(200) - .contentType(ContentType.JSON) - .extract() - .path("number"); - given().pathParam("project", "1") .when() - .delete("/" + number) + .delete("/1") .then() .statusCode(200) .contentType(ContentType.JSON); diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/TopologyResourceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/TopologyResourceTest.java index c0746e7a..277376e5 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/TopologyResourceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/rest/user/TopologyResourceTest.java @@ -44,7 +44,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "unknown", + user = "test_user_4", roles = {"openid"}) public void testGetAllWithoutAuth() { given().pathParam("project", "1") @@ -58,21 +58,22 @@ public final class TopologyResourceTest { /** * Test that tries to obtain the list of topologies belonging to a project. + * TODO: check if any topology comes back */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetAll() { - given().pathParam("project", "1").when().get().then().statusCode(200).contentType(ContentType.JSON); + given().pathParam("project", "1").when().get().then().statusCode(200); } /** - * Test that tries to create a topology for a project. + * Test that tries to create a topology for a project that does not exist. */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testCreateNonExistent() { given().pathParam("project", "0") @@ -81,26 +82,25 @@ public final class TopologyResourceTest { .when() .post() .then() - .statusCode(404) - .contentType(ContentType.JSON); + .statusCode(404); } /** - * Test that tries to create a topology for a project as viewer. + * Test that tries to create a topology for a project while not authorized. + * TODO: should probably return 403, but this does not work in the current system */ @Test @TestSecurity( - user = "viewer", + user = "test_user_1", roles = {"openid"}) public void testCreateUnauthorized() { - given().pathParam("project", "1") + given().pathParam("project", "2") .body(new Topology.Create("test", List.of())) .contentType(ContentType.JSON) .when() .post() .then() - .statusCode(403) - .contentType(ContentType.JSON); + .statusCode(404); } /** @@ -108,18 +108,18 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testCreate() { given().pathParam("project", "1") - .body(new Topology.Create("test", List.of())) + .body(new Topology.Create("Test Topology New", List.of())) .contentType(ContentType.JSON) .when() .post() .then() .statusCode(200) .contentType(ContentType.JSON) - .body("name", equalTo("test")); + .body("name", equalTo("Test Topology New")); } /** @@ -127,7 +127,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testCreateEmpty() { given().pathParam("project", "1") @@ -136,8 +136,7 @@ public final class TopologyResourceTest { .when() .post() .then() - .statusCode(400) - .contentType(ContentType.JSON); + .statusCode(400); } /** @@ -145,7 +144,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testCreateBlankName() { given().pathParam("project", "1") @@ -154,8 +153,7 @@ public final class TopologyResourceTest { .when() .post() .then() - .statusCode(400) - .contentType(ContentType.JSON); + .statusCode(400); } /** @@ -171,7 +169,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"runner"}) public void testGetInvalidToken() { given().pathParam("project", "1").when().get("/1").then().statusCode(403); @@ -182,15 +180,10 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetNonExisting() { - given().pathParam("project", "1") - .when() - .get("/0") - .then() - .statusCode(404) - .contentType(ContentType.JSON); + given().pathParam("project", "1").when().get("/0").then().statusCode(404); } /** @@ -198,15 +191,10 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "unknown", + user = "test_user_1", roles = {"openid"}) public void testGetUnauthorized() { - given().pathParam("project", "1") - .when() - .get("/1") - .then() - .statusCode(404) - .contentType(ContentType.JSON); + given().pathParam("project", "2").when().get("/1").then().statusCode(404); } /** @@ -214,7 +202,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testGetExisting() { given().pathParam("project", "1") @@ -231,7 +219,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testUpdateNonExistent() { given().pathParam("project", "1") @@ -248,10 +236,10 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "unknown", + user = "test_user_1", roles = {"openid"}) public void testUpdateUnauthorized() { - given().pathParam("project", "1") + given().pathParam("project", "2") .body(new Topology.Update(List.of())) .contentType(ContentType.JSON) .when() @@ -262,10 +250,11 @@ public final class TopologyResourceTest { /** * Test to update a topology as a viewer. + * TODO: should return 403, but currently returns 404 */ @Test @TestSecurity( - user = "viewer", + user = "test_user_2", roles = {"openid"}) public void testUpdateAsViewer() { given().pathParam("project", "1") @@ -283,7 +272,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testUpdate() { given().pathParam("project", "1") @@ -292,8 +281,7 @@ public final class TopologyResourceTest { .when() .put("/1") .then() - .statusCode(200) - .contentType(ContentType.JSON); + .statusCode(200); } /** @@ -301,7 +289,7 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDeleteNonExistent() { given().pathParam("project", "1").when().delete("/0").then().statusCode(404); @@ -312,10 +300,10 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "unknown", + user = "test_user_1", roles = {"openid"}) public void testDeleteUnauthorized() { - given().pathParam("project", "1").when().delete("/1").then().statusCode(404); + given().pathParam("project", "2").when().delete("/1").then().statusCode(404); } /** @@ -323,50 +311,46 @@ public final class TopologyResourceTest { */ @Test @TestSecurity( - user = "viewer", + user = "test_user_2", roles = {"openid"}) public void testDeleteAsViewer() { given().pathParam("project", "1").when().delete("/1").then().statusCode(403); } /** + * Test to delete a topology as a viewer. + */ + @Test + @TestSecurity( + user = "test_user_3", + roles = {"openid"}) + public void testDeleteAsEditor() { + given().pathParam("project", "1").when().delete("/2").then().statusCode(200); + } + + /** * Test to delete a topology. */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDelete() { - int number = given().pathParam("project", "1") - .body(new Topology.Create("Delete Topology", List.of())) - .contentType(ContentType.JSON) - .when() - .post() - .then() - .statusCode(200) - .contentType(ContentType.JSON) - .extract() - .path("number"); - - given().pathParam("project", "1") - .when() - .delete("/" + number) - .then() - .statusCode(200) - .contentType(ContentType.JSON); + given().pathParam("project", "1").when().delete("/3").then().statusCode(200); } /** * Test to delete a topology that is still being used by a scenario. + * TODO: fix later */ @Test @TestSecurity( - user = "owner", + user = "test_user_1", roles = {"openid"}) public void testDeleteUsed() { given().pathParam("project", "1") .when() - .delete("/1") // Topology 1 is still used by scenario 1 and 2 + .delete("/4") // Topology 1 is still used by scenario 1 and 2 .then() .statusCode(403) .contentType(ContentType.JSON); diff --git a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/service/UserAccountingServiceTest.java b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/service/UserAccountingServiceTest.java index d1d82097..91e3eb66 100644 --- a/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/service/UserAccountingServiceTest.java +++ b/opendc-web/opendc-web-server/src/test/java/org/opendc/web/server/service/UserAccountingServiceTest.java @@ -33,9 +33,9 @@ import static org.mockito.ArgumentMatchers.anyString; import io.quarkus.panache.mock.PanacheMock; import io.quarkus.test.junit.QuarkusTest; +import jakarta.persistence.EntityExistsException; import java.time.Duration; import java.time.LocalDate; -import javax.persistence.EntityExistsException; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.mockito.Mockito; |