use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.
the class ApiTokenControllerTest method testPatchApiTokenAttributesProperty.
@Test
void testPatchApiTokenAttributesProperty() {
final String uid = createNewTokenWithAttributes();
final ApiToken apiToken1 = fetchAsEntity(uid);
assertEquals(3, apiToken1.getIpAllowedList().getAllowedIps().size());
assertTrue(apiToken1.getIpAllowedList().getAllowedIps().contains("1.1.1.1"));
assertFalse(apiToken1.getIpAllowedList().getAllowedIps().contains("8.8.8.8"));
assertStatus(HttpStatus.OK, PATCH(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{id}", uid + "?importReportMode=ERRORS", Body("[{'op':'replace','path':'/attributes','value':[{'type':'IpAllowedList','allowedIps':['8.8.8.8']}]}]")));
final ApiToken apiToken2 = fetchAsEntity(uid);
assertEquals(1, apiToken2.getIpAllowedList().getAllowedIps().size());
assertFalse(apiToken2.getIpAllowedList().getAllowedIps().contains("1.1.1.1"));
assertTrue(apiToken2.getIpAllowedList().getAllowedIps().contains("8.8.8.8"));
}
use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.
the class ApiTokenControllerTest method testCantModifyKeyPut.
@Test
void testCantModifyKeyPut() {
final ApiToken newToken = createNewEmptyToken();
final ApiToken apiToken1 = fetchAsEntity(newToken.getUid());
apiToken1.setKey("x");
final HttpResponse put = PUT(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{id}", newToken.getUid() + "?importReportMode=ERRORS", Body(renderService.toJsonAsString(apiToken1)));
final ApiToken afterPatched = apiTokenService.getWithUid(newToken.getUid());
assertEquals(newToken.getKey(), afterPatched.getKey());
}
use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.
the class ApiTokenControllerTest method testDelete.
@Test
void testDelete() {
final ApiToken newToken = createNewEmptyToken();
assertStatus(HttpStatus.OK, DELETE(ApiTokenSchemaDescriptor.API_ENDPOINT + "/" + newToken.getUid()));
assertStatus(HttpStatus.NOT_FOUND, GET(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{uid}", newToken.getUid()));
}
use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.
the class ApiTokenControllerTest method testCreateAndFetchWithAnotherUser.
@Test
void testCreateAndFetchWithAnotherUser() {
final ApiToken newToken = createNewEmptyToken();
switchToNewUser("anonymous");
assertStatus(HttpStatus.NOT_FOUND, GET(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{uid}", newToken.getUid()));
switchToSuperuser();
fetchAsEntity(newToken.getUid());
}
use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.
the class ApiTokenController method prePatchEntity.
@Override
protected void prePatchEntity(ApiToken newToken) {
final ApiToken oldToken = apiTokenService.getWithUid(newToken.getUid());
newToken.setKey(oldToken.getKey());
validateApiKeyAttributes(newToken);
}
Aggregations