Search in sources :

Example 26 with OrcidAccessControlException

use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.

the class MemberV3ApiServiceDelegator_ExternalIdentifiersTest method testReadPublicScope_ExternalIdentifiers.

@Test
public void testReadPublicScope_ExternalIdentifiers() {
    SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
    // Public works
    Response r = serviceDelegator.viewExternalIdentifiers(ORCID);
    assertNotNull(r);
    assertEquals(PersonExternalIdentifiers.class.getName(), r.getEntity().getClass().getName());
    PersonExternalIdentifiers p = (PersonExternalIdentifiers) r.getEntity();
    assertNotNull(p);
    assertEquals("/0000-0000-0000-0003/external-identifiers", p.getPath());
    Utils.verifyLastModified(p.getLastModifiedDate());
    assertEquals(3, p.getExternalIdentifiers().size());
    boolean found13 = false, found14 = false, found15 = false;
    for (PersonExternalIdentifier element : p.getExternalIdentifiers()) {
        if (element.getPutCode() == 13) {
            found13 = true;
        } else if (element.getPutCode() == 14) {
            found14 = true;
        } else if (element.getPutCode() == 15) {
            found15 = true;
        } else {
            fail("Invalid put code " + element.getPutCode());
        }
    }
    assertTrue(found13);
    assertTrue(found14);
    assertTrue(found15);
    r = serviceDelegator.viewExternalIdentifier(ORCID, 13L);
    assertNotNull(r);
    assertEquals(PersonExternalIdentifier.class.getName(), r.getEntity().getClass().getName());
    // Limited am the source of should work
    serviceDelegator.viewExternalIdentifier(ORCID, 14L);
    // Limited fail
    try {
        serviceDelegator.viewExternalIdentifier(ORCID, 16L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
    // Private am the source of should work
    serviceDelegator.viewExternalIdentifier(ORCID, 15L);
    // Private fail
    try {
        serviceDelegator.viewExternalIdentifier(ORCID, 17L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
}
Also used : Response(javax.ws.rs.core.Response) PersonExternalIdentifiers(org.orcid.jaxb.model.v3.dev1.record.PersonExternalIdentifiers) PersonExternalIdentifier(org.orcid.jaxb.model.v3.dev1.record.PersonExternalIdentifier) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) NoResultException(javax.persistence.NoResultException) VisibilityMismatchException(org.orcid.core.exception.VisibilityMismatchException) WrongSourceException(org.orcid.core.exception.WrongSourceException) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) OrcidVisibilityException(org.orcid.core.exception.OrcidVisibilityException) OrcidUnauthorizedException(org.orcid.core.exception.OrcidUnauthorizedException) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 27 with OrcidAccessControlException

use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.

the class MemberV3ApiServiceDelegator_KeywordsTest method testReadPublicScope_Keywords.

@Test
public void testReadPublicScope_Keywords() {
    SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
    // Public works
    Response r = serviceDelegator.viewKeywords(ORCID);
    assertNotNull(r);
    assertEquals(Keywords.class.getName(), r.getEntity().getClass().getName());
    Keywords k = (Keywords) r.getEntity();
    assertNotNull(k);
    Utils.verifyLastModified(k.getLastModifiedDate());
    assertEquals(3, k.getKeywords().size());
    boolean found1 = false, found2 = false, found3 = false;
    for (Keyword element : k.getKeywords()) {
        Utils.verifyLastModified(element.getLastModifiedDate());
        if (element.getPutCode() == 9) {
            found1 = true;
        } else if (element.getPutCode() == 10) {
            found2 = true;
        } else if (element.getPutCode() == 11) {
            found3 = true;
        } else {
            fail("Invalid put code " + element.getPutCode());
        }
    }
    assertTrue(found1);
    assertTrue(found2);
    assertTrue(found3);
    r = serviceDelegator.viewKeyword(ORCID, 9L);
    assertNotNull(r);
    assertEquals(Keyword.class.getName(), r.getEntity().getClass().getName());
    // Limited where am the source of should work
    serviceDelegator.viewKeyword(ORCID, 10L);
    // Limited where am not the source of should fail
    try {
        serviceDelegator.viewKeyword(ORCID, 12L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
    // Private where am the source of should work
    serviceDelegator.viewKeyword(ORCID, 11L);
    // Private where am not the source of should fail
    try {
        serviceDelegator.viewKeyword(ORCID, 13L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
}
Also used : Response(javax.ws.rs.core.Response) Keywords(org.orcid.jaxb.model.v3.dev1.record.Keywords) Keyword(org.orcid.jaxb.model.v3.dev1.record.Keyword) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) NoResultException(javax.persistence.NoResultException) VisibilityMismatchException(org.orcid.core.exception.VisibilityMismatchException) WrongSourceException(org.orcid.core.exception.WrongSourceException) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) OrcidVisibilityException(org.orcid.core.exception.OrcidVisibilityException) OrcidUnauthorizedException(org.orcid.core.exception.OrcidUnauthorizedException) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 28 with OrcidAccessControlException

use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.

the class MemberV3ApiServiceDelegator_MembershipsTest method testReadPublicScope_Memberships.

@Test
public void testReadPublicScope_Memberships() {
    SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
    Response r = serviceDelegator.viewMembership(ORCID, 37L);
    assertNotNull(r);
    assertEquals(Membership.class.getName(), r.getEntity().getClass().getName());
    r = serviceDelegator.viewMembershipSummary(ORCID, 37L);
    assertNotNull(r);
    assertEquals(MembershipSummary.class.getName(), r.getEntity().getClass().getName());
    // Limited that am the source of should work
    serviceDelegator.viewMembership(ORCID, 38L);
    serviceDelegator.viewMembershipSummary(ORCID, 38L);
    // Private that am the source of should work
    serviceDelegator.viewMembership(ORCID, 39L);
    serviceDelegator.viewMembershipSummary(ORCID, 39L);
    // Limited that am not the source of should fail
    try {
        serviceDelegator.viewMembership(ORCID, 40L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
    try {
        serviceDelegator.viewMembershipSummary(ORCID, 40L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
    // Private that am not the source of should fails
    try {
        serviceDelegator.viewMembership(ORCID, 40L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
    try {
        serviceDelegator.viewMembershipSummary(ORCID, 40L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
}
Also used : Response(javax.ws.rs.core.Response) Membership(org.orcid.jaxb.model.v3.dev1.record.Membership) MembershipSummary(org.orcid.jaxb.model.v3.dev1.record.summary.MembershipSummary) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) NoResultException(javax.persistence.NoResultException) VisibilityMismatchException(org.orcid.core.exception.VisibilityMismatchException) WrongSourceException(org.orcid.core.exception.WrongSourceException) OrcidDuplicatedActivityException(org.orcid.core.exception.OrcidDuplicatedActivityException) OrcidValidationException(org.orcid.core.exception.OrcidValidationException) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) OrcidVisibilityException(org.orcid.core.exception.OrcidVisibilityException) OrcidUnauthorizedException(org.orcid.core.exception.OrcidUnauthorizedException) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 29 with OrcidAccessControlException

use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.

the class MemberV3ApiServiceDelegator_OtherNamesTest method testReadPublicScope_OtherNames.

@Test
public void testReadPublicScope_OtherNames() {
    SecurityContextTestUtils.setUpSecurityContext(ORCID, ScopePathType.READ_PUBLIC);
    // Public works
    Response r = serviceDelegator.viewOtherNames(ORCID);
    assertNotNull(r);
    assertEquals(OtherNames.class.getName(), r.getEntity().getClass().getName());
    OtherNames o = (OtherNames) r.getEntity();
    assertNotNull(o);
    Utils.verifyLastModified(o.getLastModifiedDate());
    assertEquals(3, o.getOtherNames().size());
    boolean found1 = false, found2 = false, found3 = false;
    for (OtherName element : o.getOtherNames()) {
        Utils.verifyLastModified(element.getLastModifiedDate());
        if (element.getPutCode() == 13) {
            found1 = true;
        } else if (element.getPutCode() == 14) {
            found2 = true;
        } else if (element.getPutCode() == 15) {
            found3 = true;
        } else {
            fail("Invalid put code " + element.getPutCode());
        }
    }
    assertTrue(found1);
    assertTrue(found2);
    assertTrue(found3);
    r = serviceDelegator.viewOtherName(ORCID, 13L);
    assertNotNull(r);
    assertEquals(OtherName.class.getName(), r.getEntity().getClass().getName());
    // Limited where am the source should work
    serviceDelegator.viewOtherName(ORCID, 14L);
    // Limited where am not the source of should fail
    try {
        serviceDelegator.viewOtherName(ORCID, 16L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
    // Private where am the source should work
    serviceDelegator.viewOtherName(ORCID, 15L);
    // Private where am not the source should work
    try {
        serviceDelegator.viewOtherName(ORCID, 17L);
        fail();
    } catch (OrcidAccessControlException e) {
    } catch (Exception e) {
        fail();
    }
}
Also used : Response(javax.ws.rs.core.Response) OtherNames(org.orcid.jaxb.model.v3.dev1.record.OtherNames) OtherName(org.orcid.jaxb.model.v3.dev1.record.OtherName) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) NoResultException(javax.persistence.NoResultException) VisibilityMismatchException(org.orcid.core.exception.VisibilityMismatchException) WrongSourceException(org.orcid.core.exception.WrongSourceException) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException) OrcidVisibilityException(org.orcid.core.exception.OrcidVisibilityException) OrcidUnauthorizedException(org.orcid.core.exception.OrcidUnauthorizedException) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 30 with OrcidAccessControlException

use of org.orcid.core.exception.OrcidAccessControlException in project ORCID-Source by ORCID.

the class MemberV2ApiServiceDelegatorImpl method viewEmails.

@Override
public Response viewEmails(String orcid) {
    Emails emails = null;
    try {
        // return all emails if client has /email/read-private scope
        orcidSecurityManager.checkClientAccessAndScopes(orcid, ScopePathType.EMAIL_READ_PRIVATE);
        emails = emailManagerReadOnly.getEmails(orcid);
        // Lets copy the list so we don't modify the cached collection
        List<Email> filteredList = new ArrayList<Email>(emails.getEmails());
        emails = new Emails();
        emails.setEmails(filteredList);
    } catch (OrcidAccessControlException e) {
        emails = emailManagerReadOnly.getEmails(orcid);
        // Lets copy the list so we don't modify the cached collection
        List<Email> filteredList = new ArrayList<Email>(emails.getEmails());
        emails = new Emails();
        emails.setEmails(filteredList);
        // Filter just in case client doesn't have the /email/read-private
        // scope
        orcidSecurityManager.checkAndFilter(orcid, emails.getEmails(), ScopePathType.ORCID_BIO_READ_LIMITED);
    }
    ElementUtils.setPathToEmail(emails, orcid);
    Api2_0_LastModifiedDatesHelper.calculateLastModified(emails);
    sourceUtils.setSourceName(emails);
    return Response.ok(emails).build();
}
Also used : Email(org.orcid.jaxb.model.record_v2.Email) ArrayList(java.util.ArrayList) List(java.util.List) ArrayList(java.util.ArrayList) Emails(org.orcid.jaxb.model.record_v2.Emails) OrcidAccessControlException(org.orcid.core.exception.OrcidAccessControlException)

Aggregations

OrcidAccessControlException (org.orcid.core.exception.OrcidAccessControlException)31 NoResultException (javax.persistence.NoResultException)25 Response (javax.ws.rs.core.Response)25 Test (org.junit.Test)25 OrcidUnauthorizedException (org.orcid.core.exception.OrcidUnauthorizedException)25 OrcidVisibilityException (org.orcid.core.exception.OrcidVisibilityException)25 VisibilityMismatchException (org.orcid.core.exception.VisibilityMismatchException)25 WrongSourceException (org.orcid.core.exception.WrongSourceException)25 DBUnitTest (org.orcid.test.DBUnitTest)25 OrcidDuplicatedActivityException (org.orcid.core.exception.OrcidDuplicatedActivityException)9 OrcidValidationException (org.orcid.core.exception.OrcidValidationException)7 ActivityIdentifierValidationException (org.orcid.core.exception.ActivityIdentifierValidationException)6 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)4 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)4 ArrayList (java.util.ArrayList)2 List (java.util.List)2 ExceedMaxNumberOfPutCodesException (org.orcid.core.exception.ExceedMaxNumberOfPutCodesException)2 OrcidNoResultException (org.orcid.core.exception.OrcidNoResultException)2 ScopePathType (org.orcid.jaxb.model.message.ScopePathType)2 Filterable (org.orcid.jaxb.model.common_v2.Filterable)1