Example 1 with JsonUser
use of org.hisp.dhis.webapi.json.domain.JsonUser in project dhis2-core by dhis2.
the class ApiTokenAuthenticationTest method testAllowedReferrerRule.
@Test
void testAllowedReferrerRule() {
final TokenAndKey tokenAndKey = createNewToken();
final String key = tokenAndKey.key;
final ApiToken apiToken = tokenAndKey.apiToken;
apiToken.addReferrerToAllowedList("https://one.io");
apiTokenService.update(apiToken);
assertEquals("Failed to authenticate API token, request http referrer is missing or not allowed.", GET(URI, ApiTokenHeader(key)).error(HttpStatus.UNAUTHORIZED).getMessage());
apiToken.addReferrerToAllowedList("https://two.io");
apiTokenService.update(apiToken);
JsonUser user = GET(URI, ApiTokenHeader(key), Header("referer", "https://two.io")).content().as(JsonUser.class);
assertEquals(adminUser.getUid(), user.getId());
}
Also used :
JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser)
ApiToken(org.hisp.dhis.security.apikey.ApiToken)
DhisControllerWithApiTokenAuthTest(org.hisp.dhis.webapi.DhisControllerWithApiTokenAuthTest)
Test(org.junit.jupiter.api.Test)
Example 2 with JsonUser
use of org.hisp.dhis.webapi.json.domain.JsonUser in project dhis2-core by dhis2.
the class ApiTokenAuthenticationTest method testAllowedIpRule.
@Test
void testAllowedIpRule() {
final TokenAndKey tokenAndKey = createNewToken();
final String key = tokenAndKey.key;
final ApiToken apiToken = tokenAndKey.apiToken;
apiToken.addIpToAllowedList("192.168.2.1");
apiTokenService.update(apiToken);
assertEquals("Failed to authenticate API token, request ip address is not allowed.", GET(URI, ApiTokenHeader(key)).error(HttpStatus.UNAUTHORIZED).getMessage());
apiToken.addIpToAllowedList("127.0.0.1");
apiTokenService.update(apiToken);
JsonUser user = GET(URI, ApiTokenHeader(key)).content().as(JsonUser.class);
assertEquals(adminUser.getUid(), user.getId());
}
Also used :
JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser)
ApiToken(org.hisp.dhis.security.apikey.ApiToken)
DhisControllerWithApiTokenAuthTest(org.hisp.dhis.webapi.DhisControllerWithApiTokenAuthTest)
Test(org.junit.jupiter.api.Test)
Example 3 with JsonUser
use of org.hisp.dhis.webapi.json.domain.JsonUser in project dhis2-core by dhis2.
the class JwtBearerTokenTest method testSuccessfulRequest.
@Test
void testSuccessfulRequest() {
setupTestingProvider(CLIENT_ID_1, TEST_PROVIDER_ONE_NAME, TEST_PROVIDER_ONE_URI);
User openIDUser = createOpenIDUser("openiduser", "openiduser@oidc.org");
String tokenValue = createJwt(TEST_PROVIDER_ONE_URI, CLIENT_ID_1, "email", "openiduser@oidc.org").getTokenValue();
JsonUser user = GET("/me?fields=settings,id", JwtTokenHeader(tokenValue)).content().as(JsonUser.class);
assertEquals(openIDUser.getUid(), user.getId());
}
Also used :
JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser)
User(org.hisp.dhis.user.User)
JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser)
DhisControllerWithJwtTokenAuthTest(org.hisp.dhis.webapi.DhisControllerWithJwtTokenAuthTest)
Test(org.junit.jupiter.api.Test)
Example 4 with JsonUser
use of org.hisp.dhis.webapi.json.domain.JsonUser in project dhis2-core by dhis2.
the class UserLookupControllerTest method testLookUpUsers.
/**
* This test makes sure a user having the same role as users in the system
* can see those users.
*/
@Test
void testLookUpUsers() {
User tester = switchToNewUser("tester");
switchToSuperuser();
assertStatus(HttpStatus.NO_CONTENT, POST("/userRoles/" + roleId + "/users/" + tester.getUid()));
switchContextToUser(tester);
JsonArray matches = GET("/userLookup?query=John").content().getArray("users");
assertEquals(1, matches.size());
JsonUser user = matches.get(0, JsonUser.class);
assertEquals("John", user.getFirstName());
}
Also used :
JsonArray(org.hisp.dhis.jsontree.JsonArray)
JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser)
JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser)
User(org.hisp.dhis.user.User)
Test(org.junit.jupiter.api.Test)
DhisControllerConvenienceTest(org.hisp.dhis.webapi.DhisControllerConvenienceTest)
Example 5 with JsonUser
use of org.hisp.dhis.webapi.json.domain.JsonUser in project dhis2-core by dhis2.
the class AbstractCrudControllerTest method testUpdateObject.
@Test
void testUpdateObject() {
String peter = "{'name': 'Peter', 'firstName':'Peter', 'surname':'Pan', 'username':'peter47'}";
String peterUserId = assertStatus(HttpStatus.CREATED, POST("/users", peter));
JsonResponse roles = GET("/userRoles?fields=id").content();
String roleId = roles.getArray("userRoles").getObject(0).getString("id").string();
assertStatus(HttpStatus.NO_CONTENT, POST("/userRoles/" + roleId + "/users/" + peterUserId));
JsonUser oldPeter = GET("/users/{id}", peterUserId).content().as(JsonUser.class);
assertEquals("Peter", oldPeter.getFirstName());
assertEquals(1, oldPeter.getArray("userRoles").size());
assertStatus(HttpStatus.OK, PUT("/users/" + peterUserId, Body(oldPeter.getString("firstName").node().replaceWith("\"Fry\"").getDeclaration()), ContentType(MediaType.APPLICATION_JSON)));
JsonUser newPeter = GET("/users/{id}", peterUserId).content().as(JsonUser.class);
assertEquals("Fry", newPeter.getFirstName());
// are user roles still there?
assertEquals(1, newPeter.getArray("userRoles").size());
}
Also used :
JsonUser(org.hisp.dhis.webapi.json.domain.JsonUser)
JsonResponse(org.hisp.dhis.jsontree.JsonResponse)
DhisControllerConvenienceTest(org.hisp.dhis.webapi.DhisControllerConvenienceTest)
Test(org.junit.jupiter.api.Test)
Aggregations
JsonUser (org.hisp.dhis.webapi.json.domain.JsonUser)15
Test (org.junit.jupiter.api.Test)15
DhisControllerConvenienceTest (org.hisp.dhis.webapi.DhisControllerConvenienceTest)9
DhisControllerWithApiTokenAuthTest (org.hisp.dhis.webapi.DhisControllerWithApiTokenAuthTest)5
ApiToken (org.hisp.dhis.security.apikey.ApiToken)3
User (org.hisp.dhis.user.User)3
JsonResponse (org.hisp.dhis.jsontree.JsonResponse)2
JsonArray (org.hisp.dhis.jsontree.JsonArray)1
UserAuthorityGroup (org.hisp.dhis.user.UserAuthorityGroup)1
DhisControllerWithJwtTokenAuthTest (org.hisp.dhis.webapi.DhisControllerWithJwtTokenAuthTest)1
SomeUserId (org.hisp.dhis.webapi.snippets.SomeUserId)1
