use of org.alfresco.rest.api.tests.client.data.Folder in project alfresco-remote-api by Alfresco.
the class AuthenticationsTest method testCreateValidateDeleteTicket.
/**
* Tests login (create ticket), logout (delete ticket), and validate (get ticket).
*
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets}
*
* <p>GET:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets/-me-}
*
* <p>DELETE:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/authentication/versions/1/tickets/-me-}
*/
@Test
public void testCreateValidateDeleteTicket() throws Exception {
Paging paging = getPaging(0, 100);
setRequestContext(null);
// Unauthorized call
getAll(SiteEntityResource.class, paging, null, 401);
/*
* user1 login - via alf_ticket parameter
*/
// User1 login request
LoginTicket loginRequest = new LoginTicket();
// Invalid login details
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(null);
loginRequest.setPassword("user1Password");
// Invalid login details
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(user1);
loginRequest.setPassword(null);
// Invalid login details
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 400);
loginRequest.setUserId(user1);
loginRequest.setPassword("user1Password");
// Authenticate and create a ticket
HttpResponse response = post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 201);
LoginTicketResponse loginResponse = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertNotNull(loginResponse.getId());
assertNotNull(loginResponse.getUserId());
// Get list of sites by appending the alf_ticket to the URL
// e.g. .../alfresco/versions/1/sites/?alf_ticket=TICKET_57866258ea56c28491bb3e75d8355ebf6fbaaa23
Map<String, String> ticket = Collections.singletonMap("alf_ticket", loginResponse.getId());
getAll(SiteEntityResource.class, paging, ticket, 200);
// Unauthorized - Invalid ticket
getAll(SiteEntityResource.class, paging, Collections.singletonMap("alf_ticket", "TICKET_" + System.currentTimeMillis()), 401);
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle(TICKETS_URL, loginResponse.getId(), ticket, null, TICKETS_API_NAME, 400);
// Validate ticket
response = getSingle(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 200);
LoginTicketResponse validatedTicket = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertEquals(loginResponse.getId(), validatedTicket.getId());
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle(TICKETS_URL, loginResponse.getId(), ticket, null, TICKETS_API_NAME, 400);
// Delete the ticket - Logout
delete(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 204);
// Validate ticket - 401 as ticket has been invalidated so the API call is unauthorized
getSingle(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 401);
setRequestContext(user1);
// Check the ticket has been invalidated - the difference with the above is that the API call is authorized
response = getSingle(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 404);
PublicApiClient.ExpectedErrorResponse error = RestApiUtil.parseErrorResponse(response.getJsonResponse());
// Double check that we've retrieved a standard error response (REPO-1773)
assertEquals(404, error.getStatusCode());
// Ticket has already been invalidated
delete(TICKETS_URL, People.DEFAULT_USER, ticket, null, TICKETS_API_NAME, 404);
setRequestContext(null);
// Get list of site by appending the invalidated ticket
getAll(SiteEntityResource.class, paging, ticket, 401);
/*
* user2 login - Via Authorization header
*/
setRequestContext(user2);
// User2 create a folder within his home folder (-my-)
Folder folderResp = createFolder(Nodes.PATH_MY, "F2", null);
assertNotNull(folderResp.getId());
setRequestContext(null);
getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, 401);
// User2 login request
loginRequest = new LoginTicket();
loginRequest.setUserId(user2);
loginRequest.setPassword("wrongPassword");
// Authentication failed - wrong password
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 403);
loginRequest.setUserId(user1);
loginRequest.setPassword("user2Password");
// Authentication failed - userId/password mismatch
post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 403);
// Set the correct details
loginRequest.setUserId(user2);
loginRequest.setPassword("user2Password");
// Authenticate and create a ticket
response = post(TICKETS_URL, RestApiUtil.toJsonAsString(loginRequest), null, null, TICKETS_API_NAME, 201);
loginResponse = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertNotNull(loginResponse.getId());
assertNotNull(loginResponse.getUserId());
String encodedTicket = encodeB64(loginResponse.getId());
// Set the authorization (encoded ticket only) header rather than appending the ticket to the URL
Map<String, String> header = Collections.singletonMap("Authorization", "Basic " + encodedTicket);
// Get children of user2 home folder
response = getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, null, header, 200);
List<Document> nodes = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), Document.class);
assertEquals(1, nodes.size());
// Validate ticket - Invalid parameter. Only '-me-' is supported
getSingle(TICKETS_URL, loginResponse.getId(), null, header, TICKETS_API_NAME, 400);
// Validate ticket - user2
response = getSingle(TICKETS_URL, People.DEFAULT_USER, null, header, TICKETS_API_NAME, 200);
validatedTicket = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), LoginTicketResponse.class);
assertEquals(loginResponse.getId(), validatedTicket.getId());
// Try list children for user2 again.
// Encode Alfresco predefined userId for ticket authentication, ROLE_TICKET, and the ticket
String encodedUserIdAndTicket = encodeB64("ROLE_TICKET:" + loginResponse.getId());
// Set the authorization (encoded userId:ticket) header rather than appending the ticket to the URL
header = Collections.singletonMap("Authorization", "Basic " + encodedUserIdAndTicket);
// Get children of user2 home folder
response = getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, null, header, 200);
nodes = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), Document.class);
assertEquals(1, nodes.size());
// Try list children for user2 again - appending ticket
ticket = Collections.singletonMap("alf_ticket", loginResponse.getId());
response = getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, ticket, 200);
nodes = RestApiUtil.parseRestApiEntries(response.getJsonResponse(), Document.class);
assertEquals(1, nodes.size());
setRequestContext(user2);
// Try to validate the ticket without supplying the Authorization header or the alf_ticket param
getSingle(TICKETS_URL, People.DEFAULT_USER, null, null, TICKETS_API_NAME, 400);
setRequestContext(null);
// Delete the ticket - Invalid parameter. Only '-me-' is supported
header = Collections.singletonMap("Authorization", "Basic " + encodedUserIdAndTicket);
delete(TICKETS_URL, loginResponse.getId(), null, header, TICKETS_API_NAME, 400);
// Delete the ticket - Logout
delete(TICKETS_URL, People.DEFAULT_USER, null, header, TICKETS_API_NAME, 204);
// Get children of user2 home folder - invalidated ticket
getAll(getNodeChildrenUrl(Nodes.PATH_MY), paging, null, header, 401);
}
use of org.alfresco.rest.api.tests.client.data.Folder in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testMoveCopyBetweenSites.
/**
* Tests move and copy folder between sites.
*
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/nodes/<nodeId>/move}
*
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/<networkId>/public/alfresco/versions/1/nodes/<nodeId>/copy}
*/
@Test
public void testMoveCopyBetweenSites() throws Exception {
setRequestContext(user1);
/*
* Precondition - create two sites, invite users, create folders
*/
// user1 creates a public site and adds user2 as a site collaborator
String site1Title = "site-testMoveCopyBetweenSites1-" + RUNID;
final String site1Id = createSite(site1Title, SiteVisibility.PUBLIC).getId();
addSiteMember(site1Id, user2, SiteRole.SiteCollaborator);
// Get user1Site's docLib node id
final String user1SitetDocLibNodeId = getSiteContainerNodeId(site1Id, "documentLibrary");
// user1 creates a folder in the docLib of his site (user1Site)
String user1Folder = "folder" + RUNID + "_user1";
String user1FolderNodeId = createFolder(user1SitetDocLibNodeId, user1Folder, null).getId();
setRequestContext(user2);
// user2 creates a public site and adds user1 as a site collaborator
String site2Title = "site-testMoveCopyBetweenSites2--" + RUNID;
final String site2Id = createSite(site2Title, SiteVisibility.PUBLIC).getId();
addSiteMember(site2Id, user1, SiteRole.SiteCollaborator);
// Get user2Site's docLib node id
final String user2SitetDocLibNodeId = getSiteContainerNodeId(site2Id, "documentLibrary");
// user2 creates 2 folders within the docLib of the user1Site
String user2Folder1 = "folder1" + RUNID + "_user2";
String user2FolderNodeId = createFolder(user1SitetDocLibNodeId, user2Folder1, null).getId();
String user2Folder2 = "folder2" + RUNID + "_user2";
String user2Folder2NodeId = createFolder(user1SitetDocLibNodeId, user2Folder2, null).getId();
/*
* Test move between sites
*/
// user1 moves the folder created by user2 to the user2Site's docLib
setRequestContext(user1);
NodeTarget target = new NodeTarget();
target.setTargetParentId(user2SitetDocLibNodeId);
HttpResponse response = post("nodes/" + user2FolderNodeId + "/move", toJsonAsStringNonNull(target), null, 200);
Folder moveFolderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(user2SitetDocLibNodeId, moveFolderResp.getParentId());
// user1 tries to undo the move (moves back the folder to its original place)
// as user1 is just a SiteCollaborator in the user2Site, he can't move the folder which he doesn't own - ACL access permission.
target = new NodeTarget();
target.setTargetParentId(user1SitetDocLibNodeId);
post("nodes/" + user2FolderNodeId + "/move", toJsonAsStringNonNull(target), null, 403);
// user1 moves the folder created by himself to the docLib of the user2Site
target = new NodeTarget();
target.setTargetParentId(user2SitetDocLibNodeId);
response = post("nodes/" + user1FolderNodeId + "/move", toJsonAsStringNonNull(target), null, 200);
moveFolderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(user2SitetDocLibNodeId, moveFolderResp.getParentId());
// user1 tries to undo the move (moves back the folder to its original place)
// The undo should be successful as user1 owns the folder
target = new NodeTarget();
target.setTargetParentId(user1SitetDocLibNodeId);
response = post("nodes/" + user1FolderNodeId + "/move", toJsonAsStringNonNull(target), null, 200);
moveFolderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(user1SitetDocLibNodeId, moveFolderResp.getParentId());
/*
* Test copy between sites
*/
// user1 copies the folder created by user2 to the user2Site's docLib
target = new NodeTarget();
target.setTargetParentId(user2SitetDocLibNodeId);
response = post("nodes/" + user2Folder2NodeId + "/copy", toJsonAsStringNonNull(target), null, 201);
Folder copyFolderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(user2SitetDocLibNodeId, copyFolderResp.getParentId());
// user1 tries to undo the copy (hard deletes the created copy)
deleteNode(copyFolderResp.getId(), true, 204);
// Check it's deleted
getSingle("nodes", copyFolderResp.getId(), 404);
// cleanup
setRequestContext(user1);
deleteSite(site1Id, true, 204);
setRequestContext(user2);
deleteSite(site2Id, true, 204);
}
use of org.alfresco.rest.api.tests.client.data.Folder in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUpdateNodeInfo.
/**
* Tests update node info (file or folder)
* <p>PUT:</p>
* {@literal <host>:<port>/alfresco/api/-default-/public/alfresco/versions/1/nodes/<nodeId>}
*/
@Test
public void testUpdateNodeInfo() throws Exception {
setRequestContext(user1);
// create folder f0
String folder0Name = "f0-testUpdateNodeInfo-" + RUNID;
String f0Id = createFolder(Nodes.PATH_MY, folder0Name).getId();
UserInfo expectedUser = new UserInfo(user1);
String postUrl = getNodeChildrenUrl(f0Id);
String folderName = "My Folder";
// create folder
Folder folderResp = createFolder(f0Id, folderName);
String fId = folderResp.getId();
Folder f1 = new Folder();
f1.setName(folderName);
f1.setNodeType(TYPE_CM_FOLDER);
f1.setIsFolder(true);
f1.setParentId(f0Id);
f1.setAspectNames(Collections.singletonList("cm:auditable"));
f1.setCreatedByUser(expectedUser);
f1.setModifiedByUser(expectedUser);
f1.expected(folderResp);
// create empty file
Document d1 = new Document();
d1.setName("d1.txt");
d1.setNodeType(TYPE_CM_CONTENT);
HttpResponse response = post(postUrl, toJsonAsStringNonNull(d1), 201);
Document documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
String dId = documentResp.getId();
d1.setIsFolder(false);
d1.setParentId(f0Id);
d1.setAspectNames(Collections.singletonList("cm:auditable"));
d1.setCreatedByUser(expectedUser);
d1.setModifiedByUser(expectedUser);
ContentInfo ciExpected = new ContentInfo();
ciExpected.setMimeType("text/plain");
ciExpected.setMimeTypeName("Plain Text");
ciExpected.setSizeInBytes(0L);
ciExpected.setEncoding("UTF-8");
d1.setContent(ciExpected);
d1.expected(documentResp);
// update file - name (=> rename within current folder)
Document dUpdate = new Document();
dUpdate.setName("d1b.txt");
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
d1.setName("d1b.txt");
d1.expected(documentResp);
// update file - add some properties
Map<String, Object> props = new HashMap<>();
props.put("cm:title", "my file title");
props.put("cm:description", "my file description");
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
d1.setProperties(props);
d1.setAspectNames(Arrays.asList("cm:auditable", "cm:titled"));
d1.expected(documentResp);
// update file - add versionable aspect
dUpdate = new Document();
dUpdate.setAspectNames(Arrays.asList("cm:auditable", "cm:titled", "cm:versionable"));
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
d1.getProperties().put("cm:versionLabel", "1.0");
d1.getProperties().put("cm:versionType", "MAJOR");
d1.setAspectNames(Arrays.asList("cm:auditable", "cm:titled", "cm:versionable"));
d1.expected(documentResp);
response = getSingle(URL_NODES, dId, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
d1.getProperties().put("cm:versionLabel", "1.0");
d1.getProperties().put("cm:versionType", "MAJOR");
d1.expected(documentResp);
// update file - remove titled aspect (and it's related aspect properties)
dUpdate = new Document();
dUpdate.setAspectNames(Arrays.asList("cm:auditable", "cm:versionable"));
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
d1.getProperties().remove("cm:title");
d1.getProperties().remove("cm:description");
d1.setAspectNames(Arrays.asList("cm:auditable", "cm:versionable"));
d1.expected(documentResp);
// update folder - rename and add some properties
props = new HashMap<>();
props.put("cm:title", "my folder title");
props.put("cm:description", "my folder description");
folderName = "My Updated Folder";
Folder fUpdate = new Folder();
fUpdate.setProperties(props);
fUpdate.setName(folderName);
response = put(URL_NODES, fId, toJsonAsStringNonNull(fUpdate), null, 200);
folderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
f1.setName(folderName);
f1.setAspectNames(Arrays.asList("cm:auditable", "cm:titled"));
f1.setProperties(props);
f1.expected(folderResp);
// update folder - unset a property
props = new HashMap<>();
props.put("cm:title", null);
fUpdate = new Folder();
fUpdate.setProperties(props);
response = put(URL_NODES, fId, toJsonAsStringNonNull(fUpdate), null, 200);
folderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
f1.getProperties().remove("cm:title");
f1.expected(folderResp);
// update folder - specialise node type
fUpdate = new Folder();
fUpdate.setNodeType("app:glossary");
response = put(URL_NODES, fId, toJsonAsStringNonNull(fUpdate), null, 200);
folderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
f1.setNodeType("app:glossary");
f1.expected(folderResp);
{
// test versioning for metadata-only updates
Map params = new HashMap<>();
params.put("majorVersion", "true");
params.put("comment", "Initial empty file :-)");
String fileName = "My File";
Node nodeResp = createEmptyTextFile(f0Id, fileName, params, 201);
assertEquals("1.0", nodeResp.getProperties().get("cm:versionLabel"));
props = new HashMap<>();
props.put("cm:title", "my file title");
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
nodeResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertEquals("1.0", nodeResp.getProperties().get("cm:versionLabel"));
// turn-off auto-version on metadata-only updates (OOTB this is now false by default, as per MNT-12226)
props = new HashMap<>();
props.put("cm:autoVersionOnUpdateProps", true);
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
nodeResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertEquals("1.1", nodeResp.getProperties().get("cm:versionLabel"));
props = new HashMap<>();
props.put("cm:title", "my file title 2");
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
nodeResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertEquals("1.2", nodeResp.getProperties().get("cm:versionLabel"));
props = new HashMap<>();
props.put("cm:title", "my file title 3");
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
nodeResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertEquals("1.3", nodeResp.getProperties().get("cm:versionLabel"));
// turn-off auto-version on metadata-only updates
props = new HashMap<>();
props.put("cm:autoVersionOnUpdateProps", false);
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
nodeResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertEquals("1.3", nodeResp.getProperties().get("cm:versionLabel"));
props = new HashMap<>();
props.put("cm:title", "my file title 4");
dUpdate = new Document();
dUpdate.setProperties(props);
response = put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 200);
nodeResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertEquals("1.3", nodeResp.getProperties().get("cm:versionLabel"));
}
// update folder(s) via well-known aliases rather than node id
// note: as of now, the platform does allow a user to modify their home folder [this may change in the future, if so adjust the test accordingly]
response = getSingle(URL_NODES, Nodes.PATH_MY, 200);
Folder user1MyFolder = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
String user1MyFolderId = user1MyFolder.getId();
String description = "my folder description " + RUNID;
props = new HashMap<>();
props.put("cm:description", description);
fUpdate = new Folder();
fUpdate.setProperties(props);
response = put(URL_NODES, Nodes.PATH_MY, toJsonAsStringNonNull(fUpdate), null, 200);
folderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(description, folderResp.getProperties().get("cm:description"));
setRequestContext(networkAdmin);
props = new HashMap<>();
props.put("cm:description", description);
fUpdate = new Folder();
fUpdate.setProperties(props);
response = put(URL_NODES, Nodes.PATH_ROOT, toJsonAsStringNonNull(fUpdate), null, 200);
folderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(description, folderResp.getProperties().get("cm:description"));
props = new HashMap<>();
props.put("cm:description", description);
fUpdate = new Folder();
fUpdate.setProperties(props);
response = put(URL_NODES, Nodes.PATH_SHARED, toJsonAsStringNonNull(fUpdate), null, 200);
folderResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
assertEquals(description, folderResp.getProperties().get("cm:description"));
setRequestContext(user1);
// -ve test - fail on unknown property
props = new HashMap<>();
props.put("cm:xyz", "my unknown property");
dUpdate = new Document();
dUpdate.setProperties(props);
put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 400);
// -ve test - fail on unknown aspect
List<String> aspects = new ArrayList<>(d1.getAspectNames());
aspects.add("cm:unknownAspect");
dUpdate = new Document();
dUpdate.setAspectNames(aspects);
put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 400);
// -ve test - duplicate name
dUpdate = new Document();
dUpdate.setName(folderName);
put(URL_NODES, dId, toJsonAsStringNonNull(dUpdate), null, 409);
// -ve test - unknown node id
dUpdate = new Document();
dUpdate.setName("some.txt");
put(URL_NODES, UUID.randomUUID().toString(), toJsonAsStringNonNull(dUpdate), null, 404);
// -ve test - generalise node type
fUpdate = new Folder();
fUpdate.setNodeType(TYPE_CM_FOLDER);
put(URL_NODES, fId, toJsonAsStringNonNull(fUpdate), null, 400);
// -ve test - try to move to a different parent using PUT (note: should use new POST /nodes/{nodeId}/move operation instead)
folderResp = createFolder(f0Id, "folder 2");
String f2Id = folderResp.getId();
fUpdate = new Folder();
fUpdate.setParentId(f2Id);
put(URL_NODES, fId, toJsonAsStringNonNull(fUpdate), null, 400);
// ok - if parent does not change
fUpdate = new Folder();
fUpdate.setParentId(f0Id);
put(URL_NODES, fId, toJsonAsStringNonNull(fUpdate), null, 200);
// -ve test - minor: error code if trying to update property with invalid format (REPO-473)
props = new HashMap<>();
props.put("exif:pixelYDimension", "my unknown property");
fUpdate = new Folder();
fUpdate.setProperties(props);
put(URL_NODES, f2Id, toJsonAsStringNonNull(fUpdate), null, 400);
// -ve test - minor: error code if trying to update property with invalid format (REPO-1635)
props = new HashMap<>();
props.put("exif:dateTimeOriginal", "25-11-2016");
fUpdate = new Folder();
fUpdate.setProperties(props);
put(URL_NODES, f2Id, toJsonAsStringNonNull(fUpdate), null, 400);
// +ve test - try again with valid formats (REPO-473, REPO-1635)
props = new HashMap<>();
props.put("exif:pixelYDimension", "123");
props.put("exif:dateTimeOriginal", "2016-11-21T16:26:19.037+0000");
fUpdate = new Folder();
fUpdate.setProperties(props);
put(URL_NODES, f2Id, toJsonAsStringNonNull(fUpdate), null, 200);
// -ve test - non-admin cannot modify root (Company Home) folder
props = new HashMap<>();
props.put("cm:description", "my folder description");
fUpdate = new Folder();
fUpdate.setProperties(props);
put(URL_NODES, Nodes.PATH_ROOT, toJsonAsStringNonNull(fUpdate), null, 403);
// -ve test - non-admin cannot modify "Shared" folder
props = new HashMap<>();
props.put("cm:description", "my folder description");
fUpdate = new Folder();
fUpdate.setProperties(props);
put(URL_NODES, Nodes.PATH_SHARED, toJsonAsStringNonNull(fUpdate), null, 403);
setRequestContext(user2);
// -ve test - user cannot modify another user's home folder
props = new HashMap<>();
props.put("cm:description", "my folder description");
fUpdate = new Folder();
fUpdate.setProperties(props);
put(URL_NODES, user1MyFolderId, toJsonAsStringNonNull(fUpdate), null, 403);
}
use of org.alfresco.rest.api.tests.client.data.Folder in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testUploadToMyFiles.
/**
* Tests Multipart upload to user's home (a.k.a My Files).
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/-default-/public/alfresco/versions/1/nodes/<nodeId>/children}
*/
@Test
public void testUploadToMyFiles() throws Exception {
setRequestContext(user1);
// create folder f0
String folder0Name = "f0-testUploadToMyFiles-" + RUNID;
Folder folderResp = createFolder(Nodes.PATH_MY, folder0Name);
String f0Id = folderResp.getId();
final String fileName = "quick.pdf";
final File file = getResourceFile(fileName);
Paging paging = getPaging(0, Integer.MAX_VALUE);
HttpResponse response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
PublicApiClient.ExpectedPaging pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
final int numOfNodes = pagingResult.getCount();
MultiPartBuilder multiPartBuilder = MultiPartBuilder.create().setFileData(new FileData(fileName, file));
MultiPartRequest reqBody = multiPartBuilder.build();
// Try to upload into a non-existent folder
post(getNodeChildrenUrl(UUID.randomUUID().toString()), reqBody.getBody(), null, reqBody.getContentType(), 404);
// Upload
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
Document document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName, document.getName());
ContentInfo contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_PDF, contentInfo.getMimeType());
// Default encoding
assertEquals("UTF-8", contentInfo.getEncoding());
// Check there is no path info returned.
// The path info should only be returned when it is requested via a include statement.
assertNull(document.getPath());
// Retrieve the uploaded file
response = getSingle(NodesEntityResource.class, document.getId(), null, 200);
document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(fileName, document.getName());
contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_PDF, contentInfo.getMimeType());
// Check 'get children' is confirming the upload
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals(numOfNodes + 1, pagingResult.getCount().intValue());
// Upload the same file again to check the name conflicts handling
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 409);
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals("Duplicate file name. The file shouldn't have been uploaded.", numOfNodes + 1, pagingResult.getCount().intValue());
// Set autoRename=true and upload the same file again
reqBody = MultiPartBuilder.copy(multiPartBuilder).setAutoRename(true).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals("quick-1.pdf", document.getName());
// upload the same file again, and request the path info to be present in the response
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), "?include=path", reqBody.getContentType(), 201);
document = jacksonUtil.parseEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals("quick-2.pdf", document.getName());
assertNotNull(document.getPath());
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals(numOfNodes + 3, pagingResult.getCount().intValue());
// upload without specifying content type or without overriding filename - hence guess mimetype and use file's name
final String fileName1 = "quick-1.txt";
final File file1 = getResourceFile(fileName1);
reqBody = MultiPartBuilder.create().setFileData(new FileData(null, file1)).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = jacksonUtil.parseEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName1, document.getName());
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, document.getContent().getMimeType());
// upload with "default" binary content type and override filename - hence guess mimetype & use overridden name
final String fileName2 = "quick-2.txt";
final String fileName2b = "quick-2b.txt";
final File file2 = getResourceFile(fileName2);
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2b, file2)).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = jacksonUtil.parseEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName2b, document.getName());
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, document.getContent().getMimeType());
response = getSingle(NodesEntityResource.class, Nodes.PATH_MY, null, 200);
Folder user1Home = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Folder.class);
// User2 tries to upload a new file into the user1's home folder.
setRequestContext(user2);
final File file3 = getResourceFile(fileName2);
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2, file3)).build();
post(getNodeChildrenUrl(user1Home.getId()), reqBody.getBody(), null, reqBody.getContentType(), 403);
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 403);
setRequestContext(user1);
response = getAll(getNodeChildrenUrl(f0Id), paging, 200);
pagingResult = parsePaging(response.getJsonResponse());
assertNotNull(paging);
assertEquals("Access Denied. The file shouldn't have been uploaded.", numOfNodes + 5, pagingResult.getCount().intValue());
// User1 tries to upload a file into a document rather than a folder!
post(getNodeChildrenUrl(document.getId()), reqBody.getBody(), null, reqBody.getContentType(), 400);
// Try to upload a file without defining the required formData
reqBody = MultiPartBuilder.create().setAutoRename(true).build();
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 400);
// Test unsupported node type
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2, file2)).setAutoRename(true).setNodeType("cm:link").build();
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 400);
// User1 uploads a new file
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName2, file2)).build();
response = post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 201);
document = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
// Check the upload response
assertEquals(fileName2, document.getName());
contentInfo = document.getContent();
assertNotNull(contentInfo);
assertEquals(MimetypeMap.MIMETYPE_TEXT_PLAIN, contentInfo.getMimeType());
assertEquals("ISO-8859-1", contentInfo.getEncoding());
// Test content size limit
final SimpleFixedLimitProvider limitProvider = applicationContext.getBean("defaultContentLimitProvider", SimpleFixedLimitProvider.class);
final long defaultSizeLimit = limitProvider.getSizeLimit();
// 20 KB
limitProvider.setSizeLimitString("20000");
try {
// quick.pdf size is about 23 KB
reqBody = MultiPartBuilder.create().setFileData(new FileData(fileName, file)).setAutoRename(true).build();
// Try to upload a file larger than the configured size limit
post(getNodeChildrenUrl(f0Id), reqBody.getBody(), null, reqBody.getContentType(), 413);
} finally {
limitProvider.setSizeLimitString(Long.toString(defaultSizeLimit));
}
}
use of org.alfresco.rest.api.tests.client.data.Folder in project alfresco-remote-api by Alfresco.
the class NodeApiTest method testLock.
/**
* Tests lock of a node
* <p>POST:</p>
* {@literal <host>:<port>/alfresco/api/-default-/public/alfresco/versions/1/nodes/<nodeId>/lock}
*/
@Test
public void testLock() throws Exception {
setRequestContext(user1);
// create folder
Folder folderResp = createFolder(Nodes.PATH_MY, "folder" + RUNID);
String folderId = folderResp.getId();
// try to lock the folder and check that is not allowed
LockInfo lockInfo = new LockInfo();
lockInfo.setTimeToExpire(60);
lockInfo.setType("FULL");
lockInfo.setLifetime("PERSISTENT");
HttpResponse response = post(getNodeOperationUrl(folderId, "lock"), toJsonAsStringNonNull(lockInfo), null, 400);
// create document d1
String d1Name = "content" + RUNID + "_1l";
Document d1 = createTextFile(folderId, d1Name, "The quick brown fox jumps over the lazy dog 1.");
String d1Id = d1.getId();
// lock d1 document
lockInfo = new LockInfo();
lockInfo.setTimeToExpire(30);
lockInfo.setType("FULL");
lockInfo.setLifetime("PERSISTENT");
response = post(getNodeOperationUrl(d1Id, "lock"), toJsonAsStringNonNull(lockInfo), null, 200);
Document documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(d1Name, documentResp.getName());
assertEquals(d1Id, documentResp.getId());
assertEquals(LockType.READ_ONLY_LOCK.toString(), documentResp.getProperties().get("cm:lockType"));
assertNotNull(documentResp.getProperties().get("cm:lockOwner"));
assertNull(documentResp.getIsLocked());
// invalid test - delete a locked node
deleteNode(d1Id, true, 409);
// wait for expiration time set to pass and delete node
TimeUnit.SECONDS.sleep(30);
deleteNode(d1Id, true, 204);
// create doc d2
String d2Name = "content" + RUNID + "_2l";
Document d2 = createTextFile(folderId, d2Name, "The quick brown fox jumps over the lazy dog 2.");
String d2Id = d2.getId();
response = getSingle(URL_NODES, d2Id, null, null, 200);
Node node = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertNull(node.getProperties().get("cm:lockType"));
assertNull(node.getProperties().get("cm:lockOwner"));
assertNull(node.getIsLocked());
Map<String, String> params = Collections.singletonMap("include", "isLocked");
response = getSingle(URL_NODES, d2Id, params, null, 200);
node = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertNull(node.getProperties().get("cm:lockType"));
assertNull(node.getProperties().get("cm:lockOwner"));
assertFalse(node.getIsLocked());
lockInfo = new LockInfo();
lockInfo.setTimeToExpire(60);
lockInfo.setType("FULL");
lockInfo.setLifetime("PERSISTENT");
response = post(getNodeOperationUrl(d2Id, "lock"), toJsonAsStringNonNull(lockInfo), null, 200);
documentResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Document.class);
assertEquals(d2Name, documentResp.getName());
assertEquals(d2Id, documentResp.getId());
assertEquals(LockType.READ_ONLY_LOCK.toString(), documentResp.getProperties().get("cm:lockType"));
assertNotNull(documentResp.getProperties().get("cm:lockOwner"));
assertNull(documentResp.getIsLocked());
unlock(d2Id);
// Empty lock body, the default values are used
post(getNodeOperationUrl(d2Id, "lock"), EMPTY_BODY, null, 200);
// Lock on already locked node
post(getNodeOperationUrl(d2Id, "lock"), toJsonAsStringNonNull(lockInfo), null, 200);
// Test delete on a folder which contains a locked node - NodeLockedException
deleteNode(folderId, true, 409);
// Content update on a locked node
updateTextFile(d2Id, "Updated text", null, 409);
unlock(d2Id);
// Test lock file
// create folder
String folderAName = "folder" + RUNID + "_A";
Folder folderA = createFolder(Nodes.PATH_MY, folderAName);
String folderAId = folderA.getId();
// create a file in the folderA
Document dA1 = createTextFile(folderAId, "content" + RUNID + "_A1", "A1 content");
String dA1Id = dA1.getId();
lockInfo = new LockInfo();
lockInfo.setTimeToExpire(60);
lockInfo.setType("ALLOW_OWNER_CHANGES");
lockInfo.setLifetime("EPHEMERAL");
// lock the file
post(getNodeOperationUrl(dA1Id, "lock"), toJsonAsStringNonNull(lockInfo), null, 200);
params = Collections.singletonMap("include", "aspectNames,properties,isLocked");
response = getSingle(URL_NODES, dA1Id, params, null, 200);
node = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
assertTrue(node.getIsLocked());
// note: this can be updated by the owner since the lock type is "ALLOW_OWNER_CHANGES"
updateTextFile(node.getId(), "Updated text", null, 200);
// Lock body properties - boundary values
Document dB1 = createTextFile(folderAId, "content" + RUNID + "_dB1", "dB1 content");
String dB1Id = dB1.getId();
lockInfo = new LockInfo();
// values lower than 0 are considered as no expiry time
lockInfo.setTimeToExpire(-100);
post(getNodeOperationUrl(dB1Id, "lock"), toJsonAsStringNonNull(lockInfo), null, 200);
// Lock node by a different user than the owner
setRequestContext(user1);
Folder folder1Resp = createFolder(Nodes.PATH_SHARED, "folder1" + RUNID);
String folder1Id = folder1Resp.getId();
String f1d1Name = "content f1" + RUNID + "_1l";
Document f1d1 = createTextFile(folder1Id, f1d1Name, "The quick brown fox jumps over the lazy dog 1.");
String f1d1Id = f1d1.getId();
// use admin for now (might be better to use a user with given WRITE permission)
setRequestContext(networkAdmin);
post(getNodeOperationUrl(f1d1Id, "lock"), EMPTY_BODY, null, 200);
unlock(f1d1Id);
// -ve tests
// Missing target node
lockInfo = new LockInfo();
post(getNodeOperationUrl("fakeId", "lock"), toJsonAsStringNonNull(lockInfo), null, 404);
// Cannot lock Data Dictionary node
params = new HashMap<>();
params.put(Nodes.PARAM_RELATIVE_PATH, "/Data Dictionary");
response = getSingle(NodesEntityResource.class, getRootNodeId(), params, 200);
Node nodeResp = RestApiUtil.parseRestApiEntry(response.getJsonResponse(), Node.class);
String ddNodeId = nodeResp.getId();
setRequestContext(networkAdmin);
post(getNodeOperationUrl(ddNodeId, "lock"), toJsonAsStringNonNull(lockInfo), null, 403);
// Lock node already locked by another user - UnableToAquireLockException
post(getNodeOperationUrl(dB1Id, "lock"), EMPTY_BODY, null, 422);
// Lock node without permission (node created by user 1 in the Home folder)
setRequestContext(user1);
Folder folder2Resp = createFolder(Nodes.PATH_MY, "folder2" + RUNID);
String folder2Id = folder2Resp.getId();
String f2d1Name = "content f2" + RUNID + "_1l";
Document f2d1 = createTextFile(folder2Id, f2d1Name, "The quick brown fox jumps over the lazy dog 1.");
String f2d1Id = f2d1.getId();
setRequestContext(user2);
post(getNodeOperationUrl(f2d1Id, "lock"), EMPTY_BODY, null, 403);
// Invalid lock body values
setRequestContext(user1);
Folder folderC = createFolder(Nodes.PATH_MY, "folder" + RUNID + "_C");
String folderCId = folderC.getId();
Document dC1 = createTextFile(folderCId, "content" + RUNID + "_dC1", "dC1 content");
String dC1Id = dC1.getId();
Map<String, String> body = new HashMap<>();
body.put("type", "FULL123");
post(getNodeOperationUrl(dC1Id, "lock"), toJsonAsStringNonNull(body), null, 400);
body = new HashMap<>();
body.put("type", "ALLOW_ADD_CHILDREN");
post(getNodeOperationUrl(dC1Id, "lock"), toJsonAsStringNonNull(body), null, 400);
body = new HashMap<>();
body.put("lifetime", "PERSISTENT123");
post(getNodeOperationUrl(dC1Id, "lock"), toJsonAsStringNonNull(body), null, 400);
body = new HashMap<>();
body.put("includeChildren", "true");
post(getNodeOperationUrl(dC1Id, "lock"), toJsonAsStringNonNull(body), null, 400);
body = new HashMap<>();
body.put("timeToExpire", "NaN");
post(getNodeOperationUrl(dC1Id, "lock"), toJsonAsStringNonNull(body), null, 400);
body = new HashMap<>();
body.put("invalid_property", "true");
post(getNodeOperationUrl(dC1Id, "lock"), toJsonAsStringNonNull(body), null, 400);
// Invalid lock of a folder
post(getNodeOperationUrl(folderId, "lock"), toJsonAsStringNonNull(lockInfo), null, 400);
// cleanup
// all locks were made by user1
setRequestContext(user1);
unlock(dB1Id);
deleteNode(dB1Id);
deleteNode(folderId);
deleteNode(folderAId);
deleteNode(folderCId);
deleteNode(folder1Id);
deleteNode(folder2Id);
}
Aggregations