Search in sources :

Example 26 with RestAssuredClient

use of guru.nidi.ramltester.restassured3.RestAssuredClient in project okapi by folio-org.

the class ModuleTest method testVersion.

@Test
public void testVersion(TestContext context) {
    logger.info("testVersion starting");
    async = context.async();
    RestAssuredClient c;
    Response r;
    c = api.createRestAssured3();
    r = c.given().get("/_/version").then().statusCode(200).log().ifValidationFails().extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    async.complete();
}
Also used : ValidatableResponse(io.restassured.response.ValidatableResponse) Response(io.restassured.response.Response) RestAssuredClient(guru.nidi.ramltester.restassured3.RestAssuredClient) Test(org.junit.Test)

Example 27 with RestAssuredClient

use of guru.nidi.ramltester.restassured3.RestAssuredClient in project okapi by folio-org.

the class ModuleTest method testSemVer.

@Test
public void testSemVer(TestContext context) {
    async = context.async();
    RestAssuredClient c;
    Response r;
    c = api.createRestAssured3();
    String docSampleModule = "{" + LS + "  \"id\" : \"sample-1.2.3-alpha.1\"," + LS + "  \"name\" : \"sample module 3\"" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSampleModule).post("/_/proxy/modules").then().statusCode(201).log().ifValidationFails().extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    docSampleModule = "{" + LS + "  \"id\" : \"sample-1.2.3-SNAPSHOT.5\"," + LS + "  \"name\" : \"sample module 3\"" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSampleModule).post("/_/proxy/modules").then().statusCode(201).log().ifValidationFails().extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    docSampleModule = "{" + LS + "  \"id\" : \"sample-1.2.3-alpha.1+2017\"," + LS + "  \"name\" : \"sample module 3\"" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSampleModule).post("/_/proxy/modules").then().statusCode(201).log().ifValidationFails().extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    async.complete();
}
Also used : ValidatableResponse(io.restassured.response.ValidatableResponse) Response(io.restassured.response.Response) Matchers.containsString(org.hamcrest.Matchers.containsString) RestAssuredClient(guru.nidi.ramltester.restassured3.RestAssuredClient) Test(org.junit.Test)

Example 28 with RestAssuredClient

use of guru.nidi.ramltester.restassured3.RestAssuredClient in project okapi by folio-org.

the class ModuleTest method testRedirect.

/*
   * Test redirect types. Sets up two modules, our sample, and the header test
   * module.
   *
   * Both modules support the /testb path.
   * Test also supports /testr path.
   * Header will redirect /red path to /testr, which will end up in the test module.
   * Header will also attempt to support /loop, /loop1, and /loop2 for testing
   * looping redirects. These are expected to fail.
   *
   */
@Test
public void testRedirect(TestContext context) {
    logger.info("Redirect test starting");
    async = context.async();
    RestAssuredClient c;
    Response r;
    // Set up a tenant to test with
    final String docTenantRoskilde = "{" + LS + "  \"id\" : \"" + okapiTenant + "\"," + LS + "  \"name\" : \"" + okapiTenant + "\"," + LS + "  \"description\" : \"Roskilde bibliotek\"" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docTenantRoskilde).post("/_/proxy/tenants").then().statusCode(201).log().ifValidationFails().extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String locationTenantRoskilde = r.getHeader("Location");
    // Set up, deploy, and enable a sample module
    final String docSampleModule = "{" + LS + "  \"id\" : \"sample-module-1\"," + LS + "  \"filters\" : [ {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/testb\"," + LS + "    \"level\" : \"50\"," + LS + "    \"type\" : \"request-response\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/testr\"," + LS + "    \"level\" : \"59\"," + LS + "    \"type\" : \"request-response\"," + LS + "    \"permissionsDesired\" : [ \"sample.testr\" ]" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\" ]," + LS + "    \"path\" : \"/loop2\"," + LS + "    \"level\" : \"52\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/loop1\"" + LS + "  }, {" + LS + "    \"modulePermissions\" : [ \"sample.modperm\" ]," + LS + "    \"methods\" : [ \"GET\" ]," + LS + "    \"path\" : \"/chain3\"," + LS + "    \"level\" : \"53\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/testr\"," + LS + "    \"permissionsDesired\" : [ \"sample.chain3\" ]" + LS + "  } ]," + LS + "  \"launchDescriptor\" : {" + LS + "    \"exec\" : \"java -Dport=%p -jar ../okapi-test-module/target/okapi-test-module-fat.jar\"" + LS + "  }" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSampleModule).post("/_/proxy/modules").then().statusCode(201).extract().response();
    final String locationSampleModule = r.getHeader("Location");
    final String docSampleDeploy = "{" + LS + "  \"srvcId\" : \"sample-module-1\"," + LS + "  \"nodeId\" : \"localhost\"" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSampleDeploy).post("/_/discovery/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    locationSampleDeployment = r.getHeader("Location");
    final String docEnableSample = "{" + LS + "  \"id\" : \"sample-module-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableSample).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).body(equalTo(docEnableSample));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    given().header("X-Okapi-Tenant", okapiTenant).get("/testr").then().statusCode(200).body(containsString("It works")).log().ifValidationFails();
    // Set up, deploy, and enable the header module
    final String docHeaderModule = "{" + LS + "  \"id\" : \"header-module-1\"," + LS + "  \"filters\" : [ {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/testb\"," + LS + "    \"level\" : \"20\"," + LS + "    \"type\" : \"request-response\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/red\"," + LS + "    \"level\" : \"21\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/testr\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\" ]," + LS + "    \"path\" : \"/badredirect\"," + LS + "    \"level\" : \"22\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/nonexisting\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\" ]," + LS + "    \"path\" : \"/simpleloop\"," + LS + "    \"level\" : \"23\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/simpleloop\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\" ]," + LS + "    \"path\" : \"/loop1\"," + LS + "    \"level\" : \"24\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/loop2\"" + LS + "  }, {" + LS + "    \"modulePermissions\" : [ \"hdr.modperm\" ]," + LS + "    \"methods\" : [ \"GET\" ]," + LS + "    \"path\" : \"/chain1\"," + LS + "    \"level\" : \"25\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/chain2\"," + LS + "    \"permissionsDesired\" : [ \"hdr.chain1\" ]" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\" ]," + LS + "    \"path\" : \"/chain2\"," + LS + "    \"level\" : \"26\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/chain3\"," + LS + "    \"permissionsDesired\" : [ \"hdr.chain2\" ]" + LS + "  }, {" + LS + "    \"methods\" : [ \"POST\" ]," + LS + "    \"path\" : \"/multiple\"," + LS + "    \"level\" : \"27\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/testr\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"POST\" ]," + LS + "    \"path\" : \"/multiple\"," + LS + "    \"level\" : \"28\"," + LS + "    \"type\" : \"redirect\"," + LS + "    \"redirectPath\" : \"/testr\"" + LS + "  } ]," + LS + "  \"launchDescriptor\" : {" + LS + "    \"exec\" : \"java -Dport=%p -jar ../okapi-test-header-module/target/okapi-test-header-module-fat.jar\"" + LS + "  }" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docHeaderModule).post("/_/proxy/modules").then().statusCode(201).extract().response();
    final String locationHeaderModule = r.getHeader("Location");
    final String docHeaderDeploy = "{" + LS + "  \"srvcId\" : \"header-module-1\"," + LS + "  \"nodeId\" : \"localhost\"" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docHeaderDeploy).post("/_/discovery/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    locationHeaderDeployment = r.getHeader("Location");
    final String docEnableHeader = "{" + LS + "  \"id\" : \"header-module-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableHeader).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).body(equalTo(docEnableHeader));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    given().header("X-Okapi-Tenant", okapiTenant).get("/testb").then().statusCode(200).body(containsString("It works")).log().ifValidationFails();
    // Actual redirecting request
    given().header("X-Okapi-Tenant", okapiTenant).get("/red").then().statusCode(200).body(containsString("It works")).header("X-Okapi-Trace", containsString("GET sample-module-1 http://localhost:9231/testr")).log().ifValidationFails();
    // Bad redirect
    given().header("X-Okapi-Tenant", okapiTenant).get("/badredirect").then().statusCode(500).body(equalTo("Redirecting /badredirect to /nonexisting FAILED. No suitable module found")).log().ifValidationFails();
    // catch redirect loops
    given().header("X-Okapi-Tenant", okapiTenant).get("/simpleloop").then().statusCode(500).body(containsString("loop:")).log().ifValidationFails();
    given().header("X-Okapi-Tenant", okapiTenant).get("/loop1").then().statusCode(500).body(containsString("loop:")).log().ifValidationFails();
    // redirect to multiple modules
    given().header("X-Okapi-Tenant", okapiTenant).header("Content-Type", "application/json").body("{}").post("/multiple").then().statusCode(200).body(// test-module run twice
    containsString("Hello Hello")).log().ifValidationFails();
    // Redirect with parameters
    given().header("X-Okapi-Tenant", okapiTenant).get("/red?foo=bar").then().statusCode(200).body(containsString("It works")).log().ifValidationFails();
    // A longer chain of redirects
    given().header("X-Okapi-Tenant", okapiTenant).header("X-all-headers", "B").get("/chain1").then().statusCode(200).body(containsString("It works")).log().ifValidationFails();
    // What happens on prefix match
    // /red matches, replaces with /testr, getting /testrlight which is not found
    // This is odd, and subotimal, but not a serious failure. okapi-253
    given().header("X-Okapi-Tenant", okapiTenant).get("/redlight").then().statusCode(404).header("X-Okapi-Trace", containsString("sample-module-1 http://localhost:9231/testrlight : 404")).log().ifValidationFails();
    // Verify that we replace only the beginning of the path
    given().header("X-Okapi-Tenant", okapiTenant).get("/red/blue/red?color=/red").then().statusCode(404).log().ifValidationFails();
    // Clean up
    logger.info("Redirect test done. Cleaning up");
    given().delete(locationTenantRoskilde).then().statusCode(204);
    given().delete(locationSampleModule).then().statusCode(204);
    given().delete(locationSampleDeployment).then().statusCode(204);
    locationSampleDeployment = null;
    given().delete(locationHeaderModule).then().statusCode(204);
    given().delete(locationHeaderDeployment).then().statusCode(204);
    locationHeaderDeployment = null;
    checkDbIsEmpty("testRedirect done", context);
    async.complete();
}
Also used : ValidatableResponse(io.restassured.response.ValidatableResponse) Response(io.restassured.response.Response) Matchers.containsString(org.hamcrest.Matchers.containsString) RestAssuredClient(guru.nidi.ramltester.restassured3.RestAssuredClient) Test(org.junit.Test)

Example 29 with RestAssuredClient

use of guru.nidi.ramltester.restassured3.RestAssuredClient in project okapi by folio-org.

the class ModuleTest method testProxy.

// TODO - This function is way too long and confusing
// Create smaller functions that test one thing at a time
// Later, move them into separate files
@Test
public void testProxy(TestContext context) {
    async = context.async();
    RestAssuredClient c;
    Response r;
    String nodeListDoc = "[ {" + LS + "  \"nodeId\" : \"localhost\"," + LS + "  \"url\" : \"http://localhost:9230\"," + LS + "  \"nodeName\" : \"node1\"" + LS + "} ]";
    c = api.createRestAssured3();
    c.given().get("/_/discovery/nodes").then().statusCode(200).body(equalTo(nodeListDoc));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/discovery/nodes/gyf").then().statusCode(404);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/discovery/nodes/localhost").then().statusCode(200);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body("{ }").post("/_/xyz").then().statusCode(404);
    Assert.assertEquals("RamlReport{requestViolations=[Resource '/_/xyz' is not defined], " + "responseViolations=[], validationViolations=[]}", c.getLastReport().toString());
    final String badDoc = "{" + LS + "  \"instId\" : \"BAD\"," + // the comma here makes it bad json!
    LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(badDoc).post("/_/deployment/modules").then().statusCode(400);
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body("{}").post("/_/deployment/modules").then().statusCode(400);
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body("{\"srvcId\" : \"foo\"}").post("/_/deployment/modules").then().statusCode(400);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String docUnknownJar = "{" + LS + "  \"srvcId\" : \"auth-1\"," + LS + "  \"descriptor\" : {" + LS + "    \"exec\" : " + "\"java -Dport=%p -jar ../okapi-test-auth-module/target/okapi-unknown.jar\"" + LS + "  }" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docUnknownJar).post("/_/deployment/modules").then().statusCode(400);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String docAuthDeployment = "{" + LS + "  \"srvcId\" : \"auth-1\"," + LS + "  \"descriptor\" : {" + LS + "    \"exec\" : " + "\"java -Dport=%p -jar ../okapi-test-auth-module/target/okapi-test-auth-module-fat.jar\"" + LS + "  }" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docAuthDeployment).post("/_/deployment/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    locationAuthDeployment = r.getHeader("Location");
    c = api.createRestAssured3();
    String docAuthDiscovery = c.given().get(locationAuthDeployment).then().statusCode(200).extract().body().asString();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String docAuthModule = "{" + LS + "  \"id\" : \"auth-1\"," + LS + "  \"name\" : \"auth\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"auth\"," + LS + "    \"version\" : \"1.2\"," + LS + "    \"handlers\" : [ {" + LS + "      \"methods\" : [ \"POST\" ]," + LS + "      \"path\" : \"/authn/login\"," + LS + "      \"level\" : \"20\"," + LS + "      \"type\" : \"request-response\"" + LS + "    } ]" + LS + "  } ]," + LS + "  \"filters\" : [ {" + LS + "    \"methods\" : [ \"*\" ]," + LS + "    \"path\" : \"/\"," + LS + "    \"phase\" : \"auth\"," + LS + "    \"type\" : \"request-response\"," + LS + "    \"permissionsDesired\" : [ \"auth.extra\" ]" + LS + "  } ]," + LS + "  \"requires\" : [ ]" + LS + "}";
    // Check that we fail on unknown route types
    final String docBadTypeModule = docAuthModule.replaceAll("request-response", "UNKNOWN-ROUTE-TYPE");
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docBadTypeModule).post("/_/proxy/modules").then().statusCode(400);
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docAuthModule).post("/_/proxy/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String locationAuthModule = r.getHeader("Location");
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docAuthModule).put(locationAuthModule + "misMatch").then().statusCode(400);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body("{ \"bad Json\" ").put(locationAuthModule).then().statusCode(400);
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docAuthModule).put(locationAuthModule).then().statusCode(200).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String docAuthModule2 = "{" + LS + "  \"id\" : \"auth2-1\"," + LS + "  \"name\" : \"auth2\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"auth2\"," + LS + "    \"version\" : \"1.2\"," + LS + "    \"handlers\" : [ {" + LS + "      \"methods\" : [ \"POST\" ]," + LS + "      \"path\" : \"/authn/login\"," + LS + "      \"level\" : \"20\"," + LS + "      \"type\" : \"request-response\"" + LS + "    } ]" + LS + "  } ]," + LS + "  \"filters\" : [ {" + LS + "    \"methods\" : [ \"*\" ]," + LS + "    \"path\" : \"/\"," + LS + "    \"level\" : \"10\"," + LS + "    \"type\" : \"request-response\"," + LS + "    \"permissionsDesired\" : [ \"auth.extra\" ]" + LS + "  } ]," + LS + "  \"requires\" : [ ]" + LS + "}";
    final String locationAuthModule2 = locationAuthModule.replace("auth-1", "auth2-1");
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docAuthModule2).put(locationAuthModule2).then().statusCode(200).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().delete(locationAuthModule2).then().statusCode(204);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String docSampleDeployment = "{" + LS + "  \"srvcId\" : \"sample-module-1\"," + LS + "  \"descriptor\" : {" + LS + "    \"exec\" : " + "\"java -Dport=%p -jar ../okapi-test-module/target/okapi-test-module-fat.jar\"," + LS + "    \"env\" : [ {" + LS + "      \"name\" : \"helloGreeting\"," + LS + "      \"value\" : \"hej\"" + LS + "    } ]" + LS + "  }" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSampleDeployment).post("/_/deployment/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    locationSampleDeployment = r.getHeader("Location");
    c = api.createRestAssured3();
    String docSampleDiscovery = c.given().get(locationSampleDeployment).then().statusCode(200).extract().body().asString();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String docSampleModuleBadRequire = "{" + LS + "  \"id\" : \"sample-module-1\"," + LS + "  \"name\" : \"sample module\"," + LS + "  \"requires\" : [ {" + LS + "    \"id\" : \"SOMETHINGWEDONOTHAVE\"," + LS + "    \"version\" : \"1.2\"" + LS + "  } ]," + LS + "  \"routingEntries\" : [ ] " + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docSampleModuleBadRequire).post("/_/proxy/modules").then().statusCode(400).extract().response();
    final String docSampleModuleBadVersion = "{" + LS + "  \"id\" : \"sample-module-1\"," + LS + "  \"name\" : \"sample module\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"sample\"," + LS + "    \"version\" : \"1.0\"" + LS + "  } ]," + LS + "  \"requires\" : [ {" + LS + "    \"id\" : \"auth\"," + LS + "    \"version\" : \"9.9\"" + // We only have 1.2
    LS + "  } ]," + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docSampleModuleBadVersion).post("/_/proxy/modules").then().statusCode(400).extract().response();
    final String docSampleModule = "{" + LS + "  \"id\" : \"sample-module-1\"," + LS + "  \"name\" : \"sample module\"," + LS + "  \"requires\" : [ {" + LS + "    \"id\" : \"auth\"," + LS + "    \"version\" : \"1.2\"" + LS + "  } ]," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"sample\"," + LS + "    \"version\" : \"1.0\"," + LS + "    \"handlers\" : [ {" + LS + "      \"methods\" : [ \"GET\", \"POST\" ]," + LS + "      \"path\" : \"/testb\"," + LS + "      \"level\" : \"30\"," + LS + "      \"type\" : \"request-response\"," + LS + "      \"modulePermissions\" : [ \"sample.modperm\" ]," + LS + "      \"permissionsRequired\" : [ \"sample.needed\" ]," + LS + "      \"permissionsDesired\" : [ \"sample.extra\" ]" + LS + "      } ]" + LS + "  }, {" + LS + "    \"id\" : \"_tenant\"," + LS + "    \"version\" : \"1.0\"" + // TODO - Define paths - add test
    LS + "  } ]," + LS + "  \"launchDescriptor\" : {" + LS + "    \"exec\" : \"/usr/bin/false\"" + LS + "  }" + LS + "}";
    logger.debug(docSampleModule);
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSampleModule).post("/_/proxy/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String locationSampleModule = r.getHeader("Location");
    // Try to delete the auth module that our sample depends on
    c.given().delete(locationAuthModule).then().statusCode(400);
    // Try to update the auth module to a lower version, would break
    // sample dependency
    final String docAuthLowerVersion = docAuthModule.replace("1.2", "1.0");
    c.given().header("Content-Type", "application/json").body(docAuthLowerVersion).put(locationAuthModule).then().statusCode(400);
    // Update the auth module to a bit higher version
    final String docAuthhigherVersion = docAuthModule.replace("1.2", "1.3");
    c.given().header("Content-Type", "application/json").body(docAuthhigherVersion).put(locationAuthModule).then().statusCode(200);
    // Create our tenant
    final String docTenantRoskilde = "{" + LS + "  \"id\" : \"" + okapiTenant + "\"," + LS + "  \"name\" : \"" + okapiTenant + "\"," + LS + "  \"description\" : \"Roskilde bibliotek\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docTenantRoskilde).post(// trailing slash fails
    "/_/proxy/tenants/").then().statusCode(404);
    Assert.assertEquals("RamlReport{requestViolations=[Resource '/_/proxy/tenants/' is not defined], " + "responseViolations=[], validationViolations=[]}", c.getLastReport().toString());
    // add tenant by using PUT (which will insert)
    final String locationTenantRoskilde = "/_/proxy/tenants/" + okapiTenant;
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docTenantRoskilde).put(locationTenantRoskilde).then().statusCode(200).body(equalTo(docTenantRoskilde)).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Try to enable sample without the auth that it requires
    final String docEnableWithoutDep = "{" + LS + "  \"id\" : \"sample-module-1\"" + LS + "}";
    c.given().header("Content-Type", "application/json").body(docEnableWithoutDep).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(400);
    // try to enable a module we don't know
    final String docEnableAuthBad = "{" + LS + "  \"id\" : \"UnknonwModule-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableAuthBad).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(404);
    final String docEnableAuth = "{" + LS + "  \"id\" : \"auth-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableAuth).post("/_/proxy/tenants/" + okapiTenant + "/modules/").then().statusCode(// trailing slash is no good
    404);
    // Actually enable the auith
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableAuth).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).body(equalTo(docEnableAuth));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/proxy/tenants/" + okapiTenant + "/modules/").then().statusCode(// trailing slash again
    404);
    // Get the list of one enabled module
    c = api.createRestAssured3();
    final String exp1 = "[ {" + LS + "  \"id\" : \"auth-1\"" + LS + "} ]";
    c.given().get("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(200).body(equalTo(exp1));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // get the auth enabled record
    final String expAuthEnabled = "{" + LS + "  \"id\" : \"auth-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().get("/_/proxy/tenants/" + okapiTenant + "/modules/auth-1").then().statusCode(200).body(equalTo(expAuthEnabled));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Enable with bad JSON
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body("{").post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(400);
    // Enable the sample
    final String docEnableSample = "{" + LS + "  \"id\" : \"sample-module-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableSample).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).body(equalTo(docEnableSample));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Try to enable it again, should fail
    given().header("Content-Type", "application/json").body(docEnableSample).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(400).body(containsString("already provided"));
    c = api.createRestAssured3();
    c.given().get("/_/proxy/tenants/" + okapiTenant + "/modules/").then().statusCode(// trailing slash
    404);
    c = api.createRestAssured3();
    final String expEnabledBoth = "[ {" + LS + "  \"id\" : \"auth-1\"" + LS + "}, {" + LS + "  \"id\" : \"sample-module-1\"" + LS + "} ]";
    c.given().get("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(200).body(equalTo(expEnabledBoth));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Try to disable the auth module for the tenant.
    // Ought to fail, because it is needed by sample module
    c.given().delete("/_/proxy/tenants/" + okapiTenant + "/modules/auth-1").then().statusCode(400);
    // Update the tenant
    String docTenant = "{" + LS + "  \"id\" : \"" + okapiTenant + "\"," + LS + "  \"name\" : \"Roskilde-library\"," + LS + "  \"description\" : \"Roskilde bibliotek\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docTenant).put("/_/proxy/tenants/" + okapiTenant).then().statusCode(200).body(equalTo(docTenant));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Check that both modules are still enabled
    c = api.createRestAssured3();
    c.given().get("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(200).body(equalTo(expEnabledBoth));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Request without any X-Okapi headers
    given().get("/testb").then().statusCode(403);
    // Request with a header, to unknown path
    // (note, should fail without invoking the auth module)
    given().header("X-Okapi-Tenant", okapiTenant).get("/something.we.do.not.have").then().statusCode(404).body(equalTo("No suitable module found for path /something.we.do.not.have"));
    // Request without an auth token
    // This is acceptable, we get back a token that certifies that we have no
    // logged-in username. We can use this for modulePermissions still.
    // A real auth module would refuse the request because we do not have the
    // permission. But the test-auth lets it pass...
    given().header("X-Okapi-Tenant", okapiTenant).header("X-all-headers", // ask sample to report all headers
    "B").get("/testb").then().statusCode(200).body(// auth created a token
    containsString("X-Okapi-Token")).body(// with no good userid
    containsString("X-Okapi-User-Id:?"));
    // Failed login
    final String docWrongLogin = "{" + LS + "  \"tenant\" : \"t1\"," + LS + "  \"username\" : \"peter\"," + LS + "  \"password\" : \"peter-wrong-password\"" + LS + "}";
    given().header("Content-Type", "application/json").body(docWrongLogin).header("X-Okapi-Tenant", okapiTenant).post("/authn/login").then().statusCode(401);
    // Ok login, get token
    final String docLogin = "{" + LS + "  \"tenant\" : \"" + okapiTenant + "\"," + LS + "  \"username\" : \"peter\"," + LS + "  \"password\" : \"peter-password\"" + LS + "}";
    okapiToken = given().header("Content-Type", "application/json").body(docLogin).header("X-Okapi-Tenant", okapiTenant).post("/authn/login").then().statusCode(200).extract().header("X-Okapi-Token");
    // Actual requests to the module
    // Check the X-Okapi-Url header in, as well as URL parameters.
    // X-Okapi-Filter can not be checked here, but the log shows that it gets
    // passed to the auth filter, and not to the handler.
    // Check that the auth module has seen the right X-Okapi-Permissions-Required
    // and -Desired, it returns them in X-Auth-Permissions-Required and -Desired.
    // The X-Okapi-Permissions-Required and -Desired can not be checked here
    // directly, since Okapi sanitizes them away after invoking the auth module.
    // The auth module should return X-Okapi-Permissions to the sample module
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("X-all-headers", // ask sample to report all headers
    "HBL").get("/testb?query=foo&limit=10").then().statusCode(200).log().ifValidationFails().header("X-Okapi-Url", // no trailing slash!
    "http://localhost:9230").header("X-Okapi-User-Id", "peter").header("X-Url-Params", "query=foo&limit=10").header("X-Okapi-Permissions", containsString("sample.extra")).header("X-Okapi-Permissions", containsString("auth.extra")).header("X-Auth-Permissions-Desired", containsString("auth.extra")).header("X-Auth-Permissions-Desired", containsString("sample.extra")).header("X-Auth-Permissions-Required", "sample.needed").body(containsString("It works"));
    // Check the CORS headers.
    // The presence of the Origin header should provoke the two extra headers.
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("Origin", "http://foobar.com").get("/testb").then().statusCode(200).header("Access-Control-Allow-Origin", "*").header("Access-Control-Expose-Headers", "Location,X-Okapi-Trace,X-Okapi-Token,Authorization,X-Okapi-Request-Id").body(equalTo("It works"));
    // Post request.
    // Test also URL parameters.
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("Content-Type", "text/xml").header("X-all-headers", // ask sample to report all headers
    "H").body("Okapi").post("/testb?query=foo").then().statusCode(200).header("X-Url-Params", "query=foo").body(equalTo("hej  (XML) Okapi"));
    // Verify that the path matching is case sensitive
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).get("/TESTB").then().statusCode(404);
    // See that a delete fails - we only match auth, which is a filter
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).delete("/testb").then().statusCode(404);
    // Check that we don't do prefix matching
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).get("/testbXXX").then().statusCode(404);
    // Check that parameters don't mess with the routing
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).get("/testb?p=parameters&q=query").then().statusCode(200);
    // Check that we called the tenant init
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("X-tenant-reqs", "yes").get("/testb").then().statusCode(// No longer expects a DELETE. See Okapi-252
    200).body(equalTo("It works Tenant requests: POST-roskilde-auth ")).log().ifValidationFails();
    // Check that we refuse unknown paths, even with auth module
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).get("/something.we.do.not.have").then().statusCode(404);
    // Check that we accept Authorization: Bearer <token> instead of X-Okapi-Token,
    // and that we can extract the tenant from it.
    given().header("X-all-headers", // ask sample to report all headers
    "H").header("Authorization", "Bearer " + okapiToken).get("/testb").then().log().ifValidationFails().header("X-Okapi-Tenant", okapiTenant).statusCode(200);
    // Note that we can not check the token, the module sees a different token,
    // created by the auth module, when it saw a ModulePermission for the sample
    // module. This is all right, since we explicitly ask sample to pass its
    // request headers into its response. See Okapi-266.
    // Check that we fail on conflicting X-Okapi-Token and Auth tokens
    // ask sample to report all headers
    given().header("X-all-headers", "H").header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("Authorization", "Bearer " + okapiToken + "WRONG").get("/testb").then().log().ifValidationFails().statusCode(400);
    // 2nd sample module. We only create it in discovery and give it same URL as
    // for sample-module (first one). Then we delete it again.
    c = api.createRestAssured3();
    final String docSample2Deployment = "{" + LS + "  \"instId\" : \"sample2-inst\"," + LS + "  \"srvcId\" : \"sample-module2-1\"," + LS + // + "  \"nodeId\" : null," + LS // no nodeId, we aren't deploying on any node
    "  \"url\" : \"http://localhost:9232\"" + LS + "}";
    r = c.given().header("Content-Type", "application/json").body(docSample2Deployment).post("/_/discovery/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String locationSample2Discovery = r.header("Location");
    // Get the sample-2
    c = api.createRestAssured3();
    c.given().get("/_/discovery/modules/sample-module2-1").then().statusCode(200).log().ifValidationFails();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // and its instance
    c = api.createRestAssured3();
    c.given().get("/_/discovery/modules/sample-module2-1/sample2-inst").then().statusCode(200).log().ifValidationFails();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // health check
    c = api.createRestAssured3();
    c.given().get("/_/discovery/health").then().statusCode(200);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // health for sample2
    c = api.createRestAssured3();
    c.given().get("/_/discovery/health/sample-module2-1").then().statusCode(200);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // health for an instance
    c = api.createRestAssured3();
    c.given().get("/_/discovery/health/sample-module2-1/sample2-inst").then().statusCode(200);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Declare sample2
    final String docSample2Module = "{" + LS + "  \"id\" : \"sample-module2-1\"," + LS + "  \"name\" : \"another-sample-module2\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"_tenant\"," + LS + "    \"version\" : \"1.0\"" + LS + "  } ]," + LS + "  \"filters\" : [ {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/testb\"," + LS + "    \"level\" : \"31\"," + LS + "    \"type\" : \"request-response\"" + LS + "  } ]" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSample2Module).post("/_/proxy/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String locationSample2Module = r.getHeader("Location");
    // enable sample2
    final String docEnableSample2 = "{" + LS + "  \"id\" : \"sample-module2-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableSample2).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).body(equalTo(docEnableSample2));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // disable it, and re-enable.
    // Later we will check that we got the right calls in its
    // tenant interface.
    given().delete("/_/proxy/tenants/" + okapiTenant + "/modules/sample-module2-1").then().statusCode(204);
    given().header("Content-Type", "application/json").body(docEnableSample2).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).body(equalTo(docEnableSample2));
    // 3rd sample module. We only create it in discovery and give it same URL as
    // for sample-module (first one), just like sample2 above.
    c = api.createRestAssured3();
    final String docSample3Deployment = "{" + LS + "  \"instId\" : \"sample3-instance\"," + LS + "  \"srvcId\" : \"sample-module3-1\"," + LS + "  \"url\" : \"http://localhost:9232\"" + LS + "}";
    r = c.given().header("Content-Type", "application/json").body(docSample3Deployment).post("/_/discovery/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String locationSample3Inst = r.getHeader("Location");
    logger.debug("Deployed: locationSample3Inst " + locationSample3Inst);
    final String docSample3Module = "{" + LS + "  \"id\" : \"sample-module3-1\"," + LS + "  \"name\" : \"sample-module3\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"_tenant\"," + LS + "    \"version\" : \"1.0\"" + LS + "  } ]," + LS + "  \"filters\" : [ {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/testb\"," + LS + "    \"level\" : \"05\"," + LS + "    \"type\" : \"headers\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/testb\"," + LS + "    \"level\" : \"45\"," + LS + "    \"type\" : \"headers\"" + LS + "  }, {" + LS + "    \"methods\" : [ \"GET\", \"POST\" ]," + LS + "    \"path\" : \"/testb\"," + LS + "    \"level\" : \"33\"," + LS + "    \"type\" : \"request-only\"" + LS + "  } ]" + LS + "}";
    c = api.createRestAssured3();
    r = c.given().header("Content-Type", "application/json").body(docSample3Module).post("/_/proxy/modules").then().statusCode(201).extract().response();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    final String locationSample3Module = r.getHeader("Location");
    final String docEnableSample3 = "{" + LS + "  \"id\" : \"sample-module3-1\"" + LS + "}";
    c = api.createRestAssured3();
    c.given().header("Content-Type", "application/json").body(docEnableSample3).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).header("Location", equalTo("/_/proxy/tenants/" + okapiTenant + "/modules/sample-module3-1")).log().ifValidationFails().body(equalTo(docEnableSample3));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(200);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/proxy/tenants/" + "unknown" + "/modules").then().statusCode(404);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/proxy/tenants/" + "unknown" + "/modules/unknown").then().statusCode(404);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).get("/testb").then().statusCode(200).body(equalTo("It works"));
    // Verify that both modules get executed
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).body("OkapiX").post("/testb").then().log().ifValidationFails().statusCode(200).body(equalTo("hej hej OkapiX"));
    // Verify that we have seen tenant requests to POST but not DELETE
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("X-tenant-reqs", "yes").get("/testb").then().statusCode(// No longer expects a DELETE. See Okapi-252
    200).body(containsString("POST-roskilde-auth POST-roskilde-auth")).log().ifValidationFails();
    // Check that the X-Okapi-Stop trick works. Sample will set it if it sees
    // a X-Stop-Here header.
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("X-Stop-Here", "Enough!").body("OkapiX").post("/testb").then().statusCode(200).header("X-Okapi-Stop", "Enough!").body(// only one "Hello"
    equalTo("hej OkapiX"));
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("Content-Type", "text/xml").get("/testb").then().statusCode(200).body(equalTo("It works (XML) "));
    c = api.createRestAssured3();
    final String exp4Modules = "[ {" + LS + "  \"id\" : \"auth-1\"" + LS + "}, {" + LS + "  \"id\" : \"sample-module-1\"" + LS + "}, {" + LS + "  \"id\" : \"sample-module2-1\"" + LS + "}, {" + LS + "  \"id\" : \"sample-module3-1\"" + LS + "} ]";
    c.given().get(locationTenantRoskilde + "/modules").then().statusCode(200).body(equalTo(exp4Modules));
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().delete(locationTenantRoskilde + "/modules/sample-module3-1").then().statusCode(204);
    Assert.assertTrue(c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    final String exp3Modules = "[ {" + LS + "  \"id\" : \"auth-1\"" + LS + "}, {" + LS + "  \"id\" : \"sample-module-1\"" + LS + "}, {" + LS + "  \"id\" : \"sample-module2-1\"" + LS + "} ]";
    c.given().get(locationTenantRoskilde + "/modules").then().statusCode(200).body(equalTo(exp3Modules));
    Assert.assertTrue(c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/discovery/modules").then().statusCode(200).log().ifValidationFails();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // make sample 2 disappear from discovery!
    c = api.createRestAssured3();
    c.given().delete(locationSample2Discovery).then().statusCode(204);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    c = api.createRestAssured3();
    c.given().get("/_/discovery/modules").then().statusCode(200).log().ifValidationFails();
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    given().header("X-Okapi-Tenant", okapiTenant).header("X-Okapi-Token", okapiToken).header("Content-Type", "text/xml").get("/testb").then().statusCode(// because sample2 was removed
    404);
    // Disable the sample module. No tenant-destroy for sample
    given().delete("/_/proxy/tenants/" + okapiTenant + "/modules/sample-module-1").then().statusCode(204);
    // Disable the sample2 module. It has a tenant request handler which is
    // no longer invoked, so it does not matter we don't have a running instance
    given().delete("/_/proxy/tenants/" + okapiTenant + "/modules/sample-module2-1").then().statusCode(204);
    c = api.createRestAssured3();
    c.given().delete(locationTenantRoskilde).then().statusCode(204);
    Assert.assertTrue("raml: " + c.getLastReport().toString(), c.getLastReport().isEmpty());
    // Clean up, so the next test starts with a clean slate
    logger.debug("testproxy cleaning up");
    given().delete(locationSample3Inst).then().log().ifValidationFails().statusCode(204);
    given().delete(locationSample3Module).then().log().ifValidationFails().statusCode(204);
    given().delete("/_/proxy/modules/sample-module-1").then().log().ifValidationFails().statusCode(204);
    given().delete("/_/proxy/modules/sample-module2-1").then().log().ifValidationFails().statusCode(204);
    given().delete("/_/proxy/modules/auth-1").then().log().ifValidationFails().statusCode(204);
    given().delete(locationAuthDeployment).then().log().ifValidationFails().statusCode(204);
    locationAuthDeployment = null;
    given().delete(locationSampleDeployment).then().log().ifValidationFails().statusCode(204);
    locationSampleDeployment = null;
    checkDbIsEmpty("testproxy done", context);
    async.complete();
}
Also used : ValidatableResponse(io.restassured.response.ValidatableResponse) Response(io.restassured.response.Response) Matchers.containsString(org.hamcrest.Matchers.containsString) RestAssuredClient(guru.nidi.ramltester.restassured3.RestAssuredClient) Test(org.junit.Test)

Example 30 with RestAssuredClient

use of guru.nidi.ramltester.restassured3.RestAssuredClient in project okapi by folio-org.

the class ModuleTest method testSystemInterfaces.

/**
 * Test system interfaces. Mostly about the system interfaces _tenant (on the
 * module itself, to initialize stuff), and _tenantPermissions to pass its
 * permissions to the permissions module.
 *
 * @param context
 */
@Test
public void testSystemInterfaces(TestContext context) {
    async = context.async();
    checkDbIsEmpty("testSystemInterfaces starting", context);
    RestAssuredClient c;
    Response r;
    // Set up a tenant to test with
    final String locTenant = createTenant();
    // Enable the Okapi internal module for our tenant.
    // This is not unlike what happens to the superTenant, who has the internal
    // module enabled from the boot up, before anyone can provide the
    // _tenantPermissions interface. Its permissions should be (re)loaded
    // when our Hdr module gets enabled.
    final String locInternal = enableModule("okapi-0.0.0");
    // Set up a module that does the _tenantPermissions interface that will
    // get called when sample gets enabled. We (ab)use the header module for
    // this.
    final String testHdrJar = "../okapi-test-header-module/target/okapi-test-header-module-fat.jar";
    final String docHdrModule = "{" + LS + "  \"id\" : \"header-1\"," + LS + "  \"name\" : \"header-module\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"_tenantPermissions\"," + LS + "    \"version\" : \"1.0\"," + LS + "    \"interfaceType\" : \"system\"," + LS + "    \"handlers\" : [ {" + LS + "      \"methods\" : [ \"POST\" ]," + LS + "      \"path\" : \"/_/tenantPermissions\"," + LS + "      \"level\" : \"20\"" + LS + "    } ]" + LS + "  } ]," + LS + "  \"launchDescriptor\" : {" + LS + "    \"exec\" : \"java -Dport=%p -jar " + testHdrJar + "\"" + LS + "  }" + LS + "}";
    // Create, deploy, and enable the header module
    final String locHdrModule = createModule(docHdrModule);
    locationHeaderDeployment = deployModule("header-1");
    final String docEnableHdr = "{" + LS + "  \"id\" : \"header-1\"" + LS + "}";
    // Enable the header module. Check that tenantPermissions gets called
    // both for header module, and the already-enabled okapi internal module.
    Headers headers = given().header("Content-Type", "application/json").body(docEnableHdr).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().extract().headers();
    final String locHdrEnable = headers.getValue("Location");
    List<Header> list = headers.getList("X-Tenant-Perms-Result");
    // one for okapi, one for header-1
    Assert.assertEquals(2, list.size());
    Assert.assertThat("okapi perm result", list.get(0).getValue(), containsString("okapi.all"));
    Assert.assertThat("header-1perm result", list.get(1).getValue(), containsString("header-1"));
    // Set up the test module
    // It provides a _tenant interface, but no _tenantPermissions
    // Enabling it will end up invoking the _tenantPermissions in header-module
    final String testModJar = "../okapi-test-module/target/okapi-test-module-fat.jar";
    final String docSampleModule = "{" + LS + "  \"id\" : \"sample-module-1\"," + LS + "  \"name\" : \"sample module\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"sample\"," + LS + "    \"version\" : \"1.0\"," + LS + "    \"handlers\" : [ {" + LS + "      \"methods\" : [ \"GET\", \"POST\" ]," + LS + "      \"path\" : \"/testb\"," + LS + "      \"level\" : \"30\"," + LS + "      \"type\" : \"request-response\"," + LS + "      \"permissionsRequired\" : [ \"sample.needed\" ]," + LS + "      \"permissionsDesired\" : [ \"sample.extra\" ]," + LS + "      \"modulePermissions\" : [ \"sample.modperm\" ]" + LS + "    } ]" + LS + "  }, {" + LS + "    \"id\" : \"_tenant\"," + LS + "    \"version\" : \"1.0\"," + LS + "    \"interfaceType\" : \"system\"," + LS + "    \"handlers\" : [ {" + LS + "      \"methods\" : [ \"POST\", \"DELETE\" ]," + LS + "      \"path\" : \"/_/tenant\"," + LS + "      \"level\" : \"10\"," + LS + "      \"type\" : \"system\"," + LS + "      \"modulePermissions\" : [ \"sample.tenantperm\" ]" + LS + "    } ]" + LS + "  } ]," + LS + "  \"permissionSets\" : [ {" + LS + "    \"permissionName\" : \"everything\"," + LS + "    \"displayName\" : \"every possible permission\"," + LS + "    \"description\" : \"All permissions combined\"," + LS + "    \"subPermissions\" : [ \"sample.needed\", \"sample.extra\" ]," + LS + "    \"visible\" : true" + LS + "  } ]," + LS + "  \"launchDescriptor\" : {" + LS + "    \"exec\" : \"java -Dport=%p -jar " + testModJar + "\"" + LS + "  }" + LS + "}";
    // Create and deploy the sample module
    final String locSampleModule = createModule(docSampleModule);
    locationSampleDeployment = deployModule("sample-module-1");
    // Enable the sample module. Verify that the _tenantPermissions gets
    // invoked.
    final String docEnable = "{" + LS + "  \"id\" : \"sample-module-1\"" + LS + "}";
    final String expPerms = "{ " + "\"moduleId\" : \"sample-module-1\", " + "\"perms\" : [ { " + "\"permissionName\" : \"everything\", " + "\"displayName\" : \"every possible permission\", " + "\"description\" : \"All permissions combined\", " + "\"subPermissions\" : [ \"sample.needed\", \"sample.extra\" ], " + "\"visible\" : true " + "} ] }";
    String locSampleEnable = given().header("Content-Type", "application/json").body(docEnable).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().header("X-Tenant-Perms-Result", expPerms).extract().header("Location");
    // Try with a minimal MD, to see we don't have null pointers hanging around
    final String docSampleModule2 = "{" + LS + "  \"id\" : \"sample-module2-1\"," + LS + "  \"name\" : \"sample module2\"," + LS + "  \"launchDescriptor\" : {" + LS + "    \"exec\" : \"java -Dport=%p -jar " + testModJar + "\"" + LS + "  }" + LS + "}";
    // Create the sample module
    final String locSampleModule2 = createModule(docSampleModule2);
    final String locationSampleDeployment2 = deployModule("sample-module2-1");
    // Enable the small module. Verify that the _tenantPermissions gets
    // invoked.
    final String docEnable2 = "{" + LS + "  \"id\" : \"sample-module2-1\"" + LS + "}";
    final String expPerms2 = "{ " + "\"moduleId\" : \"sample-module2-1\", " + "\"perms\" : null }";
    String locSampleEnable2 = given().header("Content-Type", "application/json").body(docEnable2).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().header("X-Tenant-Perms-Result", expPerms2).extract().header("Location");
    // Tests to see that we get a new auth token for the system calls
    // Disable sample, so we can re-enable it after we have established auth
    given().delete(locSampleEnable).then().log().ifValidationFails().statusCode(204);
    locSampleEnable = null;
    // Declare and enable test-auth
    final String testAuthJar = "../okapi-test-auth-module/target/okapi-test-auth-module-fat.jar";
    final String docAuthModule = "{" + LS + "  \"id\" : \"auth-1\"," + LS + "  \"name\" : \"auth\"," + LS + "  \"provides\" : [ {" + LS + "    \"id\" : \"auth\"," + LS + "    \"version\" : \"1.2\"," + LS + "    \"handlers\" : [ {" + LS + "      \"methods\" : [ \"POST\" ]," + LS + "      \"path\" : \"/authn/login\"," + LS + "      \"level\" : \"20\"," + LS + "      \"type\" : \"request-response\"" + LS + "    } ]" + LS + "  } ]," + LS + "  \"filters\" : [ {" + LS + "    \"methods\" : [ \"*\" ]," + LS + "    \"path\" : \"/\"," + LS + "    \"phase\" : \"auth\"," + LS + "    \"type\" : \"request-response\"," + // Headers-only ?
    LS + "    \"permissionsDesired\" : [ \"auth.extra\" ]" + LS + "  } ]," + LS + "  \"requires\" : [ ]," + LS + "  \"launchDescriptor\" : {" + LS + "    \"exec\" : \"java -Dport=%p -jar " + testAuthJar + "\"" + LS + "  }" + LS + "}";
    final String docEnableAuth = "{" + LS + "  \"id\" : \"auth-1\"" + LS + "}";
    final String locAuthModule = createModule(docAuthModule);
    final String locAuthDeployment = deployModule("auth-1");
    final String locAuthEnable = given().header("Content-Type", "application/json").body(docEnableAuth).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().extract().header("Location");
    // Re-enable sample.
    locSampleEnable = given().header("Content-Type", "application/json").body(docEnable).post("/_/proxy/tenants/" + okapiTenant + "/modules").then().statusCode(201).log().ifValidationFails().header("X-Tenant-Perms-Result", expPerms).extract().header("Location");
    // Check that the tenant interface and the tenantpermission interfaces
    // were called with proper auth tokens and with ModulePermissions
    // Clean up, so the next test starts with a clean slate (in reverse order)
    logger.debug("testSystemInterfaces cleaning up");
    given().delete(locSampleEnable).then().log().ifValidationFails().statusCode(204);
    given().delete(locAuthEnable).then().log().ifValidationFails().statusCode(204);
    given().delete(locAuthDeployment).then().log().ifValidationFails().statusCode(204);
    given().delete(locAuthModule).then().log().ifValidationFails().statusCode(204);
    given().delete(locSampleEnable2).then().log().ifValidationFails().statusCode(204);
    given().delete(locationSampleDeployment2).then().log().ifValidationFails().statusCode(204);
    given().delete(locSampleModule2).then().log().ifValidationFails().statusCode(204);
    // given().delete(locSampleEnable).then().log().ifValidationFails().statusCode(204);
    given().delete(locationSampleDeployment).then().log().ifValidationFails().statusCode(204);
    given().delete(locSampleModule).then().log().ifValidationFails().statusCode(204);
    locationSampleDeployment = null;
    given().delete(locHdrEnable).then().log().ifValidationFails().statusCode(204);
    given().delete(locationHeaderDeployment).then().log().ifValidationFails().statusCode(204);
    locationHeaderDeployment = null;
    given().delete(locHdrModule).then().log().ifValidationFails().statusCode(204);
    given().delete(locInternal).then().log().ifValidationFails().statusCode(204);
    given().delete(locTenant).then().log().ifValidationFails().statusCode(204);
    checkDbIsEmpty("testSystemInterfaces done", context);
    async.complete();
}
Also used : ValidatableResponse(io.restassured.response.ValidatableResponse) Response(io.restassured.response.Response) Header(io.restassured.http.Header) Headers(io.restassured.http.Headers) Matchers.containsString(org.hamcrest.Matchers.containsString) RestAssuredClient(guru.nidi.ramltester.restassured3.RestAssuredClient) Test(org.junit.Test)

Aggregations

RestAssuredClient (guru.nidi.ramltester.restassured3.RestAssuredClient)30 Test (org.junit.Test)28 Response (io.restassured.response.Response)25 ValidatableResponse (io.restassured.response.ValidatableResponse)12 Matchers.containsString (org.hamcrest.Matchers.containsString)11 MainDeploy (org.folio.okapi.MainDeploy)4 DeploymentOptions (io.vertx.core.DeploymentOptions)2 JsonObject (io.vertx.core.json.JsonObject)2 MainVerticle (org.folio.okapi.MainVerticle)2 RamlDefinition (guru.nidi.ramltester.RamlDefinition)1 Header (io.restassured.http.Header)1 Headers (io.restassured.http.Headers)1 Async (io.vertx.ext.unit.Async)1