Examples with FunctionalTestHelper org.neo4j.server.helpers.FunctionalTestHelper used on opensource projects

Example 26 with FunctionalTestHelper

use of org.neo4j.server.helpers.FunctionalTestHelper in project neo4j by neo4j.

the class SecurityRulesIT method aSimpleWildcardUriPathShould401OnAccessToProtectedSubPath.

@Test
@Title("Using Wildcards to Target Security Rules")
@Documented("In this example, a security rule is registered to deny\n" + "access to all URIs to the server by listing the rule(s) class(es) in\n" + "'neo4j.conf'.\n" + "In this case, the rule is registered\n" + "using a wildcard URI path (where `*` characters can be used to signify\n" + "any part of the path). For example `/users*` means the rule\n" + "will be bound to any resources under the `/users` root path. Similarly\n" + "`/users*type*` will bind the rule to resources matching\n" + "URIs like `/users/fred/type/premium`.\n" + "\n" + "@@config\n" + "\n" + "with the rule source code of:\n" + "\n" + "@@failingRuleWithWildcardPath\n" + "\n" + "With this rule registered, any access to URIs under /protected/ will be\n" + "denied by the server. Using wildcards allows flexible targeting of security rules to\n" + "arbitrary parts of the server's API, including any unmanaged extensions or managed\n" + "plugins that have been registered.")
public void aSimpleWildcardUriPathShould401OnAccessToProtectedSubPath() throws Exception {
    String mountPoint = "/protected/tree/starts/here" + DummyThirdPartyWebService.DUMMY_WEB_SERVICE_MOUNT_POINT;
    server = CommunityServerBuilder.server().withDefaultDatabaseTuning().withThirdPartyJaxRsPackage("org.dummy.web.service", mountPoint).withSecurityRules(PermanentlyFailingSecurityRuleWithWildcardPath.class.getCanonicalName()).usingDataDir(folder.directory(name.getMethodName()).getAbsolutePath()).build();
    server.start();
    functionalTestHelper = new FunctionalTestHelper(server);
    JaxRsResponse clientResponse = gen.get().expectedStatus(401).expectedType(MediaType.APPLICATION_JSON_TYPE).expectedHeader("WWW-Authenticate").get(trimTrailingSlash(functionalTestHelper.baseUri()) + mountPoint + "/more/stuff").response();
    assertEquals(401, clientResponse.getStatus());
}

Example 27 with FunctionalTestHelper

use of org.neo4j.server.helpers.FunctionalTestHelper in project neo4j by neo4j.

the class SecurityRulesIT method shouldInvokeAllSecurityRules.

@Test
public void shouldInvokeAllSecurityRules() throws Exception {
    // given
    server = CommunityServerBuilder.server().withDefaultDatabaseTuning().withSecurityRules(NoAccessToDatabaseSecurityRule.class.getCanonicalName()).usingDataDir(folder.directory(name.getMethodName()).getAbsolutePath()).build();
    server.start();
    functionalTestHelper = new FunctionalTestHelper(server);
    // when
    gen.get().expectedStatus(401).get(functionalTestHelper.dataUri()).response();
    // then
    assertTrue(NoAccessToDatabaseSecurityRule.wasInvoked());
}

Example 28 with FunctionalTestHelper

use of org.neo4j.server.helpers.FunctionalTestHelper in project neo4j by neo4j.

the class SecurityRulesIT method aComplexWildcardUriPathShould401OnAccessToProtectedSubPath.

@Test
@Title("Using Complex Wildcards to Target Security Rules")
@Documented("In this example, a security rule is registered to deny\n" + "access to all URIs matching a complex pattern.\n" + "The config looks like this:\n" + "\n" + "@@config\n" + "\n" + "with the rule source code of:\n" + "\n" + "@@failingRuleWithComplexWildcardPath")
public void aComplexWildcardUriPathShould401OnAccessToProtectedSubPath() throws Exception {
    String mountPoint = "/protected/wildcard_replacement/x/y/z/something/else/more_wildcard_replacement/a/b/c" + "/final/bit";
    server = CommunityServerBuilder.server().withDefaultDatabaseTuning().withThirdPartyJaxRsPackage("org.dummy.web.service", mountPoint).withSecurityRules(PermanentlyFailingSecurityRuleWithComplexWildcardPath.class.getCanonicalName()).usingDataDir(folder.directory(name.getMethodName()).getAbsolutePath()).build();
    server.start();
    functionalTestHelper = new FunctionalTestHelper(server);
    JaxRsResponse clientResponse = gen.get().expectedStatus(401).expectedType(MediaType.APPLICATION_JSON_TYPE).expectedHeader("WWW-Authenticate").get(trimTrailingSlash(functionalTestHelper.baseUri()) + mountPoint + "/more/stuff").response();
    assertEquals(401, clientResponse.getStatus());
}

Example 29 with FunctionalTestHelper

use of org.neo4j.server.helpers.FunctionalTestHelper in project neo4j by neo4j.

the class SecurityRulesIT method should401WithBasicChallengeIfAnyOneOfTheRulesFails.

@Test
public void should401WithBasicChallengeIfAnyOneOfTheRulesFails() throws Exception {
    server = CommunityServerBuilder.server().withDefaultDatabaseTuning().withSecurityRules(PermanentlyFailingSecurityRule.class.getCanonicalName(), PermanentlyPassingSecurityRule.class.getCanonicalName()).usingDataDir(folder.directory(name.getMethodName()).getAbsolutePath()).build();
    server.start();
    functionalTestHelper = new FunctionalTestHelper(server);
    JaxRsResponse response = gen.get().expectedStatus(401).expectedHeader("WWW-Authenticate").post(functionalTestHelper.nodeUri()).response();
    assertThat(response.getHeaders().getFirst("WWW-Authenticate"), containsString("Basic realm=\"" + PermanentlyFailingSecurityRule.REALM + "\""));
}

Example 30 with FunctionalTestHelper

use of org.neo4j.server.helpers.FunctionalTestHelper in project neo4j by neo4j.

the class XForwardFilterIT method setupServer.

@BeforeClass
public static void setupServer() throws IOException {
    FunctionalTestHelper functionalTestHelper = new FunctionalTestHelper(server());
    helper = functionalTestHelper.getGraphDbHelper();
}