Search in sources :

Example 6 with ApiToken

use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.

the class ApiTokenControllerTest method testPatchApiTokenAttributesProperty.

@Test
void testPatchApiTokenAttributesProperty() {
    final String uid = createNewTokenWithAttributes();
    final ApiToken apiToken1 = fetchAsEntity(uid);
    assertEquals(3, apiToken1.getIpAllowedList().getAllowedIps().size());
    assertTrue(apiToken1.getIpAllowedList().getAllowedIps().contains("1.1.1.1"));
    assertFalse(apiToken1.getIpAllowedList().getAllowedIps().contains("8.8.8.8"));
    assertStatus(HttpStatus.OK, PATCH(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{id}", uid + "?importReportMode=ERRORS", Body("[{'op':'replace','path':'/attributes','value':[{'type':'IpAllowedList','allowedIps':['8.8.8.8']}]}]")));
    final ApiToken apiToken2 = fetchAsEntity(uid);
    assertEquals(1, apiToken2.getIpAllowedList().getAllowedIps().size());
    assertFalse(apiToken2.getIpAllowedList().getAllowedIps().contains("1.1.1.1"));
    assertTrue(apiToken2.getIpAllowedList().getAllowedIps().contains("8.8.8.8"));
}
Also used : ApiToken(org.hisp.dhis.security.apikey.ApiToken) JsonApiToken(org.hisp.dhis.webapi.json.domain.JsonApiToken) DhisControllerConvenienceTest(org.hisp.dhis.webapi.DhisControllerConvenienceTest) Test(org.junit.jupiter.api.Test)

Example 7 with ApiToken

use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.

the class ApiTokenControllerTest method testCantModifyKeyPut.

@Test
void testCantModifyKeyPut() {
    final ApiToken newToken = createNewEmptyToken();
    final ApiToken apiToken1 = fetchAsEntity(newToken.getUid());
    apiToken1.setKey("x");
    final HttpResponse put = PUT(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{id}", newToken.getUid() + "?importReportMode=ERRORS", Body(renderService.toJsonAsString(apiToken1)));
    final ApiToken afterPatched = apiTokenService.getWithUid(newToken.getUid());
    assertEquals(newToken.getKey(), afterPatched.getKey());
}
Also used : ApiToken(org.hisp.dhis.security.apikey.ApiToken) JsonApiToken(org.hisp.dhis.webapi.json.domain.JsonApiToken) DhisControllerConvenienceTest(org.hisp.dhis.webapi.DhisControllerConvenienceTest) Test(org.junit.jupiter.api.Test)

Example 8 with ApiToken

use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.

the class ApiTokenControllerTest method testDelete.

@Test
void testDelete() {
    final ApiToken newToken = createNewEmptyToken();
    assertStatus(HttpStatus.OK, DELETE(ApiTokenSchemaDescriptor.API_ENDPOINT + "/" + newToken.getUid()));
    assertStatus(HttpStatus.NOT_FOUND, GET(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{uid}", newToken.getUid()));
}
Also used : ApiToken(org.hisp.dhis.security.apikey.ApiToken) JsonApiToken(org.hisp.dhis.webapi.json.domain.JsonApiToken) DhisControllerConvenienceTest(org.hisp.dhis.webapi.DhisControllerConvenienceTest) Test(org.junit.jupiter.api.Test)

Example 9 with ApiToken

use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.

the class ApiTokenControllerTest method testCreateAndFetchWithAnotherUser.

@Test
void testCreateAndFetchWithAnotherUser() {
    final ApiToken newToken = createNewEmptyToken();
    switchToNewUser("anonymous");
    assertStatus(HttpStatus.NOT_FOUND, GET(ApiTokenSchemaDescriptor.API_ENDPOINT + "/{uid}", newToken.getUid()));
    switchToSuperuser();
    fetchAsEntity(newToken.getUid());
}
Also used : ApiToken(org.hisp.dhis.security.apikey.ApiToken) JsonApiToken(org.hisp.dhis.webapi.json.domain.JsonApiToken) DhisControllerConvenienceTest(org.hisp.dhis.webapi.DhisControllerConvenienceTest) Test(org.junit.jupiter.api.Test)

Example 10 with ApiToken

use of org.hisp.dhis.security.apikey.ApiToken in project dhis2-core by dhis2.

the class ApiTokenController method prePatchEntity.

@Override
protected void prePatchEntity(ApiToken newToken) {
    final ApiToken oldToken = apiTokenService.getWithUid(newToken.getUid());
    newToken.setKey(oldToken.getKey());
    validateApiKeyAttributes(newToken);
}
Also used : ApiToken(org.hisp.dhis.security.apikey.ApiToken)

Aggregations

ApiToken (org.hisp.dhis.security.apikey.ApiToken)21 Test (org.junit.jupiter.api.Test)17 DhisControllerConvenienceTest (org.hisp.dhis.webapi.DhisControllerConvenienceTest)13 JsonApiToken (org.hisp.dhis.webapi.json.domain.JsonApiToken)13 DhisControllerWithApiTokenAuthTest (org.hisp.dhis.webapi.DhisControllerWithApiTokenAuthTest)4 JsonUser (org.hisp.dhis.webapi.json.domain.JsonUser)3 User (org.hisp.dhis.user.User)2 MetadataImportParams (org.hisp.dhis.dxf2.metadata.MetadataImportParams)1 WebMessage (org.hisp.dhis.dxf2.webmessage.WebMessage)1 ObjectReport (org.hisp.dhis.feedback.ObjectReport)1 CreateAccessDeniedException (org.hisp.dhis.hibernate.exception.CreateAccessDeniedException)1 JsonObject (org.hisp.dhis.jsontree.JsonObject)1 CurrentUser (org.hisp.dhis.user.CurrentUser)1 PostMapping (org.springframework.web.bind.annotation.PostMapping)1 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1