use of org.alfresco.rest.api.tests.client.HttpResponse in project alfresco-remote-api by Alfresco.
the class ProcessDefinitionWorkflowApiTest method testGetProcessDefinitionsImage.
@Test
public void testGetProcessDefinitionsImage() throws Exception {
RequestContext requestContext = initApiClientWithTestUser();
ProcessDefinitionsClient processDefinitionsClient = publicApiClient.processDefinitionsClient();
String adhocKey = createProcessDefinitionKey("activitiAdhoc", requestContext);
org.activiti.engine.repository.ProcessDefinition activitiDefinition = activitiProcessEngine.getRepositoryService().createProcessDefinitionQuery().processDefinitionKey(adhocKey).singleResult();
assertNotNull(activitiDefinition);
try {
HttpResponse response = processDefinitionsClient.findImageById(activitiDefinition.getId());
fail("Exception expected");
} catch (PublicApiException expected) {
assertEquals(HttpStatus.INTERNAL_SERVER_ERROR.value(), expected.getHttpResponse().getStatusCode());
assertTrue(expected.getMessage().contains("No image available"));
}
}
use of org.alfresco.rest.api.tests.client.HttpResponse in project alfresco-remote-api by Alfresco.
the class ProcessDefinitionWorkflowApiTest method testMethodNotAllowedURIs.
@Test
public void testMethodNotAllowedURIs() throws Exception {
RequestContext requestContext = initApiClientWithTestUser();
HttpResponse response = publicApiClient.get("public", "process-definitions", null, null, null, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.post("public", "process-definitions", null, null, null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.delete("public", "process-definitions", null, null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.put("public", "process-definitions", null, null, null, null, null);
assertEquals(405, response.getStatusCode());
String adhocKey = createProcessDefinitionKey("activitiAdhoc", requestContext);
org.activiti.engine.repository.ProcessDefinition processDefinition = activitiProcessEngine.getRepositoryService().createProcessDefinitionQuery().processDefinitionKey(adhocKey).singleResult();
assertNotNull(processDefinition);
response = publicApiClient.get("public", "process-definitions", processDefinition.getId(), null, null, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.post("public", "process-definitions", processDefinition.getId(), null, null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.delete("public", "process-definitions", processDefinition.getId(), null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.put("public", "process-definitions", processDefinition.getId(), null, null, null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.get("public", "process-definitions", processDefinition.getId(), "start-form-model", null, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.post("public", "process-definitions", processDefinition.getId(), "start-form-model", null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.delete("public", "process-definitions", processDefinition.getId(), "start-form-model", null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.put("public", "process-definitions", processDefinition.getId(), "start-form-model", null, null, null);
assertEquals(405, response.getStatusCode());
}
use of org.alfresco.rest.api.tests.client.HttpResponse in project alfresco-remote-api by Alfresco.
the class ProcessWorkflowApiTest method testMethodNotAllowedURIs.
@Test
public void testMethodNotAllowedURIs() throws Exception {
RequestContext requestContext = initApiClientWithTestUser();
HttpResponse response = publicApiClient.get("public", "processes", null, null, null, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.put("public", "processes", null, null, null, null, null);
assertEquals(405, response.getStatusCode());
final ProcessInfo processInfo = startAdhocProcess(requestContext, null);
try {
response = publicApiClient.get("public", "processes", processInfo.getId(), null, null, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.post("public", "processes", processInfo.getId(), null, null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.put("public", "processes", processInfo.getId(), null, null, null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.get("public", "processes", processInfo.getId(), "activities", null, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.post("public", "processes", processInfo.getId(), "activities", null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.delete("public", "processes", processInfo.getId(), "activities", null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.put("public", "processes", processInfo.getId(), "activities", null, null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.get("public", "processes", processInfo.getId(), "tasks", null, null);
assertEquals(200, response.getStatusCode());
response = publicApiClient.post("public", "processes", processInfo.getId(), "tasks", null, null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.delete("public", "processes", processInfo.getId(), "tasks", null);
assertEquals(405, response.getStatusCode());
response = publicApiClient.put("public", "processes", processInfo.getId(), "tasks", null, null, null);
assertEquals(405, response.getStatusCode());
} finally {
cleanupProcessInstance(processInfo.getId());
}
}
use of org.alfresco.rest.api.tests.client.HttpResponse in project alfresco-remote-api by Alfresco.
the class ProcessWorkflowApiTest method getProcessImage.
@Test
public void getProcessImage() throws Exception {
final RequestContext requestContext = initApiClientWithTestUser();
final ProcessInfo processRest = startAdhocProcess(requestContext, null);
HttpResponse response = publicApiClient.processesClient().getImage(processRest.getId());
assertEquals(200, response.getStatusCode());
cleanupProcessInstance(processRest.getId());
try {
response = publicApiClient.processesClient().getImage("fakeId");
fail("Exception expected");
} catch (PublicApiException e) {
assertEquals(404, e.getHttpResponse().getStatusCode());
}
}
use of org.alfresco.rest.api.tests.client.HttpResponse in project alfresco-remote-api by Alfresco.
the class AuthenticationsTest method testCreateValidateDeleteTicket.
/**
* Tests login (create ticket), logout (delete ticket), and validate (get ticket).
*
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets}
*
* <p>GET:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets/-me-}
*
* <p>DELETE:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets/-me-}
*/
@Test
public void testCreateValidateDeleteTicket() throws Exception {
Paging paging = getPaging(0, 100);
setRequestContext(null);
// Unauthorized call
getAll(SiteEntityResource.class, paging, null, 401);
/*
* user1 login - via alf_ticket parameter
*/
// User1 login request
LoginTicket loginRequest = new LoginTicket();
// Invalid login details
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(null);
loginRequest.setPassword("user1Password");
// Invalid login details
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(user1);
loginRequest.setPassword(null);
// Invalid login details
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(user1);
loginRequest.setPassword("user1Password");
// Authenticate and create a ticket
HttpResponse response = post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 201);
LoginTicketResponse loginResponse = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertNotNull(loginResponse.getId());
assertNotNull(loginResponse.getUserId());
// Get list of sites by appending the alf_ticket to the URL
// e.g. .../alfresco/versions/1/sites/?alf_ticket=TICKET_57866258ea56c28491bb3e75d8355ebf6fbaaa23
Map<String, String> ticket = Collections.singletonMap("alf_ticket", loginResponse.getId());
getAll(SiteEntityResource.class, paging, ticket, 200);
// Unauthorized - Invalid ticket
getAll(SiteEntityResource.class, paging, Collections.singletonMap("alf_ticket", "TICKET_" + System.currentTimeMillis()), 401);
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle(TICKETS_URL, loginResponse.getId(), ticket, null, TICKETS_API_NAME, 400);
// Validate ticket
response = getSingle(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 200);
LoginTicketResponse validatedTicket = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertEquals(loginResponse.getId(), validatedTicket.getId());
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle(TICKETS_URL, loginResponse.getId(), ticket, null, TICKETS_API_NAME, 400);
// Delete the ticket - Logout
delete(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 204);
// Validate ticket - 401 as ticket has been invalidated so the API call is unauthorized
getSingle(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 401);
setRequestContext(user1);
// Check the ticket has been invalidated - the difference with the above is that the API call is authorized
response = getSingle(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 404);
PublicApiClient.ExpectedErrorResponse error = RestApiUtil.parseErrorResponse(response.getJsonResponse());
// Double check that we've retrieved a standard error response (REPO-1773)
assertEquals(404, error.getStatusCode());
// Ticket has already been invalidated
delete(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 404);
setRequestContext(null);
// Get list of site by appending the invalidated ticket
getAll(SiteEntityResource.class, paging, ticket, 401);
/*
* user2 login - Via Authorization header
*/
setRequestContext(user2);
// User2 create a folder within his home folder (-my-)
Folder folderResp = createFolder(Nodes.PATH_MY, "F2", null);
assertNotNull(folderResp.getId());
setRequestContext(null);
getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, 401);
// User2 login request
loginRequest = new LoginTicket();
loginRequest.setUserId(user2);
loginRequest.setPassword("wrongPassword");
// Authentication failed - wrong password
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 403);
loginRequest.setUserId(user1);
loginRequest.setPassword("user2Password");
// Authentication failed - userId/password mismatch
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 403);
// Set the correct details
loginRequest.setUserId(user2);
loginRequest.setPassword("user2Password");
// Authenticate and create a ticket
response = post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 201);
loginResponse = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertNotNull(loginResponse.getId());
assertNotNull(loginResponse.getUserId());
String encodedTicket = encodeB64(loginResponse.getId());
// Set the authorization (encoded ticket only) header rather than appending the ticket to the URL
Map<String, String> header = Collections.singletonMap("Authorization", "Basic " + encodedTicket);
// Get children of user2 home folder
response = getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, null, header, 200);
List<Document> nodes = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), Document.class);
assertEquals(1, nodes.size());
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle(TICKETS_URL, loginResponse.getId(), null, header, TICKETS_API_NAME, 400);
// Validate ticket - user2
response = getSingle(TICKETS_URL, People.DEFAULT_USER, null, header, TICKETS_API_NAME, 200);
validatedTicket = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertEquals(loginResponse.getId(), validatedTicket.getId());
// Try list children for user2 again.
// Encode Alfresco predefined userId for ticket authentication, ROLE_TICKET, and the ticket
String encodedUserIdAndTicket = encodeB64("ROLE_TICKET:" + loginResponse.getId());
// Set the authorization (encoded userId:ticket) header rather than appending the ticket to the URL
header = Collections.singletonMap("Authorization", "Basic " + encodedUserIdAndTicket);
// Get children of user2 home folder
response = getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, null, header, 200);
nodes = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), Document.class);
assertEquals(1, nodes.size());
// Try list children for user2 again - appending ticket
ticket = Collections.singletonMap("alf_ticket", loginResponse.getId());
response = getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, ticket, 200);
nodes = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), Document.class);
assertEquals(1, nodes.size());
setRequestContext(user2);
// Try to validate the ticket without supplying the Authorization header or the alf_ticket param
getSingle(TICKETS_URL, People.DEFAULT_USER, null, null, TICKETS_API_NAME, 400);
setRequestContext(null);
// Delete the ticket - Invalid parameter. Only '-me-' is supported
header = Collections.singletonMap("Authorization", "Basic " + encodedUserIdAndTicket);
delete(TICKETS_URL, loginResponse.getId(), null, header, TICKETS_API_NAME, 400);
// Delete the ticket - Logout
delete(TICKETS_URL, People.DEFAULT_USER, null, header, TICKETS_API_NAME, 204);
// Get children of user2 home folder - invalidated ticket
getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, null, header, 401);
}
Aggregations