use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.
the class MemberV3ApiServiceDelegator_ExternalIdentifiersTest method testReadPublicScope_ExternalIdentifiers.
@Test
public void testReadPublicScope_ExternalIdentifiers() {
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
// Public works
Response r = serviceDelegator.viewExternalIdentifiers(ORCID);
assertNotNull(r);
assertEquals(PersonExternalIdentifiers.class.getName(), r.getEntity().getClass().getName());
PersonExternalIdentifiers p = (PersonExternalIdentifiers) r.getEntity();
assertNotNull(p);
assertEquals("/0000-0000-0000-0003/external-identifiers", p.getPath());
Utils.verifyLastModified(p.getLastModifiedDate());
assertEquals(3, p.getExternalIdentifiers().size());
boolean found13 = false, found14 = false, found15 = false;
for (PersonExternalIdentifier element : p.getExternalIdentifiers()) {
if (element.getPutCode() == 13) {
found13 = true;
} else if (element.getPutCode() == 14) {
found14 = true;
} else if (element.getPutCode() == 15) {
found15 = true;
} else {
fail("Invalid put code " + element.getPutCode());
}
}
assertTrue(found13);
assertTrue(found14);
assertTrue(found15);
r = serviceDelegator.viewExternalIdentifier(ORCID, 13L);
assertNotNull(r);
assertEquals(PersonExternalIdentifier.class.getName(), r.getEntity().getClass().getName());
// Limited am the source of should work
serviceDelegator.viewExternalIdentifier(ORCID, 14L);
// Limited fail
try {
serviceDelegator.viewExternalIdentifier(ORCID, 16L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
// Private am the source of should work
serviceDelegator.viewExternalIdentifier(ORCID, 15L);
// Private fail
try {
serviceDelegator.viewExternalIdentifier(ORCID, 17L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
}
use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.
the class MemberV3ApiServiceDelegator_KeywordsTest method testReadPublicScope_Keywords.
@Test
public void testReadPublicScope_Keywords() {
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
// Public works
Response r = serviceDelegator.viewKeywords(ORCID);
assertNotNull(r);
assertEquals(Keywords.class.getName(), r.getEntity().getClass().getName());
Keywords k = (Keywords) r.getEntity();
assertNotNull(k);
Utils.verifyLastModified(k.getLastModifiedDate());
assertEquals(3, k.getKeywords().size());
boolean found1 = false, found2 = false, found3 = false;
for (Keyword element : k.getKeywords()) {
Utils.verifyLastModified(element.getLastModifiedDate());
if (element.getPutCode() == 9) {
found1 = true;
} else if (element.getPutCode() == 10) {
found2 = true;
} else if (element.getPutCode() == 11) {
found3 = true;
} else {
fail("Invalid put code " + element.getPutCode());
}
}
assertTrue(found1);
assertTrue(found2);
assertTrue(found3);
r = serviceDelegator.viewKeyword(ORCID, 9L);
assertNotNull(r);
assertEquals(Keyword.class.getName(), r.getEntity().getClass().getName());
// Limited where am the source of should work
serviceDelegator.viewKeyword(ORCID, 10L);
// Limited where am not the source of should fail
try {
serviceDelegator.viewKeyword(ORCID, 12L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
// Private where am the source of should work
serviceDelegator.viewKeyword(ORCID, 11L);
// Private where am not the source of should fail
try {
serviceDelegator.viewKeyword(ORCID, 13L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
}
use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.
the class MemberV3ApiServiceDelegator_MembershipsTest method testReadPublicScope_Memberships.
@Test
public void testReadPublicScope_Memberships() {
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
Response r = serviceDelegator.viewMembership(ORCID, 37L);
assertNotNull(r);
assertEquals(Membership.class.getName(), r.getEntity().getClass().getName());
r = serviceDelegator.viewMembershipSummary(ORCID, 37L);
assertNotNull(r);
assertEquals(MembershipSummary.class.getName(), r.getEntity().getClass().getName());
// Limited that am the source of should work
serviceDelegator.viewMembership(ORCID, 38L);
serviceDelegator.viewMembershipSummary(ORCID, 38L);
// Private that am the source of should work
serviceDelegator.viewMembership(ORCID, 39L);
serviceDelegator.viewMembershipSummary(ORCID, 39L);
// Limited that am not the source of should fail
try {
serviceDelegator.viewMembership(ORCID, 40L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
try {
serviceDelegator.viewMembershipSummary(ORCID, 40L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
// Private that am not the source of should fails
try {
serviceDelegator.viewMembership(ORCID, 40L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
try {
serviceDelegator.viewMembershipSummary(ORCID, 40L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
}
use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.
the class MemberV3ApiServiceDelegator_OtherNamesTest method testReadPublicScope_OtherNames.
@Test
public void testReadPublicScope_OtherNames() {
SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
// Public works
Response r = serviceDelegator.viewOtherNames(ORCID);
assertNotNull(r);
assertEquals(OtherNames.class.getName(), r.getEntity().getClass().getName());
OtherNames o = (OtherNames) r.getEntity();
assertNotNull(o);
Utils.verifyLastModified(o.getLastModifiedDate());
assertEquals(3, o.getOtherNames().size());
boolean found1 = false, found2 = false, found3 = false;
for (OtherName element : o.getOtherNames()) {
Utils.verifyLastModified(element.getLastModifiedDate());
if (element.getPutCode() == 13) {
found1 = true;
} else if (element.getPutCode() == 14) {
found2 = true;
} else if (element.getPutCode() == 15) {
found3 = true;
} else {
fail("Invalid put code " + element.getPutCode());
}
}
assertTrue(found1);
assertTrue(found2);
assertTrue(found3);
r = serviceDelegator.viewOtherName(ORCID, 13L);
assertNotNull(r);
assertEquals(OtherName.class.getName(), r.getEntity().getClass().getName());
// Limited where am the source should work
serviceDelegator.viewOtherName(ORCID, 14L);
// Limited where am not the source of should fail
try {
serviceDelegator.viewOtherName(ORCID, 16L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
// Private where am the source should work
serviceDelegator.viewOtherName(ORCID, 15L);
// Private where am not the source should work
try {
serviceDelegator.viewOtherName(ORCID, 17L);
fail();
} catch (OrcidAccessControlException e) {
} catch (Exception e) {
fail();
}
}
use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.
the class MemberV2ApiServiceDelegatorImpl method viewEmails.
@Override
public Response viewEmails(String orcid) {
Emails emails = null;
try {
// return all emails if client has /email/read-private scope
orcidSecurityManager.checkClientAccessAndScopes(orcid, ScopePathType.EMAIL_READ_PRIVATE);
emails = emailManagerReadOnly.getEmails(orcid);
// Lets copy the list so we don't modify the cached collection
List<Email> filteredList = new ArrayList<Email>(emails.getEmails());
emails = new Emails();
emails.setEmails(filteredList);
} catch (OrcidAccessControlException e) {
emails = emailManagerReadOnly.getEmails(orcid);
// Lets copy the list so we don't modify the cached collection
List<Email> filteredList = new ArrayList<Email>(emails.getEmails());
emails = new Emails();
emails.setEmails(filteredList);
// Filter just in case client doesn't have the /email/read-private
// scope
orcidSecurityManager.checkAndFilter(orcid, emails.getEmails(), ScopePathType.ORCID_BIO_READ_LIMITED);
}
ElementUtils.setPathToEmail(emails, orcid);
Api2_0_LastModifiedDatesHelper.calculateLastModified(emails);
sourceUtils.setSourceName(emails);
return Response.ok(emails).build();
}
Aggregations