kangaroo-and-rabbit/karso
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Activity

[DEV] updat to the new model (READY)

Browse Source
This commit is contained in:
Edouard DUPIN 2024-01-18 23:34:43 +01:00
parent 3ea26e3f78
commit 7ce71f91d5
10 changed files with 128 additions and 128 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
back/src/org/kar/karso/WebLauncherLocal.java
View File

@ -24,7 +24,7 @@ public class WebLauncherLocal extends WebLauncher {
if (true) {
// for local test:
ConfigBaseVariable.apiAdress = "http://0.0.0.0:15080/karso/api/";
ConfigBaseVariable.dbPort = "3307";
ConfigBaseVariable.dbPort = "3906";
// create a unique key for test ==> not retrieve the token every load...
ConfigVariable.uuid_for_key_generation = "lkjlkjlkjlmkjqmwlsdkjqfsdlkf88QJSDMLQKSndmLQKZNERMAL";
//ConfigBaseVariable.dbType = "sqlite";

60
back/src/org/kar/karso/api/ApplicationResource.java
View File

@ -25,8 +25,8 @@ import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PATCH;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
@ -40,9 +40,9 @@ import jakarta.ws.rs.core.SecurityContext;
@Produces(MediaType.APPLICATION_JSON)
public class ApplicationResource {
final Logger logger = LoggerFactory.getLogger(ApplicationResource.class);
public ApplicationResource() {}
public List<Long> getUserListOfApplication(final Long userId) {
final List<Long> out = new ArrayList<>();
List<UserLinkApplication> links = null;
@ -60,7 +60,7 @@ public class ApplicationResource {
}
return out;
}
public List<Long> getListOfUsers(final Long applicationId) {
final List<Long> out = new ArrayList<>();
List<UserLinkApplication> links = null;
@ -83,7 +83,7 @@ public class ApplicationResource {
// Generic /application/
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@RolesAllowed(value = { "USER", "ADMIN" })
public List<Application> getApplications(@Context final SecurityContext sc) throws Exception {
@ -103,7 +103,7 @@ public class ApplicationResource {
}
return out;
}
@POST
@RolesAllowed("ADMIN")
public Application create(final Application application) throws Exception {
@ -121,21 +121,21 @@ public class ApplicationResource {
application.updatedAt = null;
return DataAccess.insert(application);
}
////////////////////////////////////////////////////////////////////////////////////////
//
// Generic /application/{id}
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@Path("{id}")
@RolesAllowed("ADMIN")
public Application get(@PathParam("id") final Long id) throws Exception {
return DataAccess.get(Application.class, id);
}
@PUT
@PATCH
@Path("{id}")
@RolesAllowed("ADMIN")
@Consumes(MediaType.APPLICATION_JSON)
@ -143,7 +143,7 @@ public class ApplicationResource {
DataAccess.updateWithJson(Application.class, id, jsonRequest);
return DataAccess.get(Application.class, id);
}
@DELETE
@Path("{id}")
@RolesAllowed("ADMIN")
@ -151,29 +151,29 @@ public class ApplicationResource {
public void remove(@Context final SecurityContext sc, @PathParam("id") final long applicationId) throws Exception {
DataAccess.delete(Application.class, applicationId);
}
////////////////////////////////////////////////////////////////////////////////////////
//
// Generic /{id}/*
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@Path("{id}/users")
@RolesAllowed(value = { "ADMIN" })
public List<Long> getApplicationUsers(@PathParam("id") final Long applicationId) throws Exception {
// special case for SSO: (all user have access on the SSO...).
this.logger.debug("Request list of user for an applciation: {}", applicationId);
return getListOfUsers(applicationId);
}
////////////////////////////////////////////////////////////////////////////////////////
//
// Generic /application/*
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@Path("small")
@RolesAllowed(value = { "USER", "ADMIN" })
@ -190,10 +190,10 @@ public class ApplicationResource {
}
return out;
}
public record AddUserData(
long userId) {};
long userId) {}
// TODO : review the function to correct admin only access...
@POST
@Path("{id}/users")
@ -203,7 +203,7 @@ public class ApplicationResource {
AddOnManyToMany.addLink(UserAuth.class, data.userId, "application", applicationId);
return true;
}
// TODO : review the function to correct admin only access...
@DELETE
@Path("{id}/users")
@ -213,7 +213,7 @@ public class ApplicationResource {
AddOnManyToMany.removeLink(UserAuth.class, data.userId, "application", applicationId);
return true;
}
// TODO : review the function to correct admin only access...
@GET
@Path("{id}/rights")
@ -222,7 +222,7 @@ public class ApplicationResource {
this.logger.debug("getApplications rights");
return DataAccess.getsWhere(RightDescription.class, new Condition(new QueryCondition("applicationId", "=", applicationId)));
}
@GET
@Path("get_token")
@RolesAllowed(value = { "USER", "ADMIN" })
@ -230,7 +230,7 @@ public class ApplicationResource {
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.info("get application TOKEN application name='{}'", application);
this.logger.debug("== USER ? {}", gc.userByToken.name);
if (application == null) {
final String result = "Input error missing parameter: 'application'";
this.logger.debug(" result: {}", result);
@ -243,7 +243,7 @@ public class ApplicationResource {
isDev = true;
}
this.logger.debug("Search for '{}' base of '{}'", applicationName, application);
Application appl = null;
try {
appl = DataAccess.getWhere(Application.class, new Condition(new QueryCondition("name", "=", applicationName)));
@ -254,7 +254,7 @@ public class ApplicationResource {
this.logger.debug(" result: {}", result);
return Response.status(500).entity(result).build();
}
if (appl == null) {
final String result = "Authentiocate-wrong email/login '" + applicationName + "')";
this.logger.error(" result: {}", result);
@ -295,7 +295,7 @@ public class ApplicationResource {
}
return Response.status(201).entity("{ \"url\":\"" + returnAdress + "\", \"jwt\":\"" + ret + "\"}").build();
}
@GET
@Path("return")
@RolesAllowed(value = { "USER", "ADMIN" })
@ -305,7 +305,7 @@ public class ApplicationResource {
this.logger.debug("=====================================");
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.debug("== USER ? {}", gc.userByToken);
if (application == null) {
final String result = "Input error missing parameter: 'application'";
this.logger.error(" result: {}", result);
@ -318,7 +318,7 @@ public class ApplicationResource {
isDev = true;
}
this.logger.debug("Search for '{}' base of '{}'", applicationName, application);
Application appl = null;
try {
appl = DataAccess.getWhere(Application.class, new Condition(new QueryCondition("name", "=", applicationName)));
@ -329,7 +329,7 @@ public class ApplicationResource {
this.logger.error(" result: {}", result);
return Response.status(500).entity(result).build();
}
if (appl == null) {
final String result = "Authentiocate-wrong email/login '" + applicationName + "')";
this.logger.error(" result: {}", result);
@ -341,5 +341,5 @@ public class ApplicationResource {
}
return Response.status(201).entity("{ \"url\":\"" + returnAdress + "\"}").build();
}
}

26
back/src/org/kar/karso/api/RightResource.java
View File

@ -18,8 +18,8 @@ import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PATCH;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
@ -30,15 +30,15 @@ import jakarta.ws.rs.core.Response;
@Produces({ MediaType.APPLICATION_JSON })
public class RightResource {
final static Logger logger = LoggerFactory.getLogger(RightResource.class);
public static List<RightDescription> getApplicationRightDecription(final long applicationId) throws Exception {
return DataAccess.getsWhere(RightDescription.class, new Condition(new QueryCondition("applicationId", "=", applicationId)));
}
public static List<Right> getRawUserRight(final long userId, final long applicationId) throws Exception {
return DataAccess.getsWhere(Right.class, new Condition(new QueryAnd(new QueryCondition("applicationId", "=", applicationId), new QueryCondition("userId", "=", userId))));
}
public static Map<String, Object> getUserRight(final long userId, final long applicationId) throws Exception {
final Map<String, Object> out = new HashMap<>();
final List<RightDescription> rightsDescriptions = getApplicationRightDecription(applicationId);
@ -55,7 +55,7 @@ public class RightResource {
logger.debug(" - id={} key={} type={} default={}", elem.id, elem.key, elem.type, elem.defaultValue);
}
for (final RightDescription description : rightsDescriptions) {
if (description == null) {
// TODO: this is a really strange case to manage later...
continue;
@ -75,7 +75,7 @@ public class RightResource {
}
return out;
}
public static void updateUserRight(final long userId, final long applicationId, final Map<String, Object> delta) throws Exception {
final List<RightDescription> rightsDescriptions = getApplicationRightDecription(applicationId);
logger.debug("Get some descriptions: {} applicationId={}", rightsDescriptions.size(), applicationId);
@ -116,28 +116,28 @@ public class RightResource {
}
}
}
@GET
@RolesAllowed("ADMIN")
public List<Right> get() throws Exception {
return DataAccess.gets(Right.class);
}
@POST
@RolesAllowed("ADMIN")
@Consumes(MediaType.APPLICATION_JSON)
public Right post(final String jsonRequest) throws Exception {
return DataAccess.insertWithJson(Right.class, jsonRequest);
}
@GET
@Path("{id}")
@RolesAllowed("ADMIN")
public static Right getWithId(@PathParam("id") final Long id) throws Exception {
return DataAccess.get(Right.class, id);
}
@PUT
@PATCH
@Path("{id}")
@RolesAllowed("ADMIN")
@Consumes(MediaType.APPLICATION_JSON)
@ -145,7 +145,7 @@ public class RightResource {
DataAccess.updateWithJson(Right.class, id, jsonRequest);
return DataAccess.get(Right.class, id);
}
@DELETE
@Path("{id}")
@RolesAllowed("ADMIN")
@ -153,5 +153,5 @@ public class RightResource {
DataAccess.delete(Right.class, id);
return Response.ok().build();
}
}

26
back/src/org/kar/karso/api/SystemConfigResource.java
View File

@ -17,7 +17,7 @@ import jakarta.annotation.security.PermitAll;
import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.PATCH;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
@ -30,21 +30,21 @@ import jakarta.ws.rs.core.SecurityContext;
@Produces(MediaType.APPLICATION_JSON)
public class SystemConfigResource {
final Logger logger = LoggerFactory.getLogger(SystemConfigResource.class);
public static class GetSignUpAvaillable {
public boolean signup;
public GetSignUpAvaillable(final boolean availlable) {
this.signup = availlable;
}
public GetSignUpAvaillable() {
this.signup = false;
}
}
public SystemConfigResource() {}
@GET
@Path("is_sign_up_availlable")
@PermitAll
@ -58,7 +58,7 @@ public class SystemConfigResource {
this.logger.debug("mlkmlk {}", tmp.signup);
return tmp;
}
@GET
@Path("key/{key}")
@RolesAllowed(value = { "USER", "ADMIN" })
@ -67,18 +67,18 @@ public class SystemConfigResource {
if (set == null) {
throw new NotFoundException("Value does not exist");
}
if (set.type.equals("BOOLEAN")) {
if ("BOOLEAN".equals(set.type)) {
final boolean availlable = "true".equalsIgnoreCase(set.value);
return Response.status(200).entity("{ \"value\":" + availlable + "}").build();
}
if (set.type.equals("NUMBER")) {
if ("NUMBER".equals(set.type)) {
final double value = Double.parseDouble(set.value);
return Response.status(200).entity("{ \"value\":" + value + "}").build();
}
return Response.status(200).entity("{ \"value\":\"" + set.value + "\"}").build();
}
@PUT
@PATCH
@Path("key/{key}")
@RolesAllowed(value = { "ADMIN" })
@Consumes(MediaType.APPLICATION_JSON)
@ -96,11 +96,11 @@ public class SystemConfigResource {
// Read the tree to filter injection of data:
final JsonNode root = mapper.readTree(jsonRequest);
final JsonNode value = root.findPath("value");
res.value = value.asText();
this.logger.debug("Update value : {}", res.value);
DataAccess.update(res, res.id, List.of("value"));
return Response.status(201).entity("{ \"value\":\"" + res.value + "\"}").build();
}
}

74
back/src/org/kar/karso/api/UserResource.java
View File

@ -36,8 +36,8 @@ import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.NotFoundException;
import jakarta.ws.rs.PATCH;
import jakarta.ws.rs.POST;
import jakarta.ws.rs.PUT;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.PathParam;
import jakarta.ws.rs.Produces;
@ -51,26 +51,26 @@ import jakarta.ws.rs.core.SecurityContext;
@Produces(MediaType.APPLICATION_JSON)
public class UserResource {
final Logger logger = LoggerFactory.getLogger(UserResource.class);
@JsonInclude(JsonInclude.Include.NON_NULL)
public class UserOut {
public long id;
public String login;
public UserOut(final long id, final String login) {
this.id = id;
this.login = login;
}
}
public UserResource() {}
@GET
@RolesAllowed("ADMIN")
public List<UserAuthGet> getUsers() throws Exception {
return DataAccess.gets(UserAuthGet.class);
}
@GET
@Path("{id}")
@RolesAllowed("ADMIN")
@ -78,7 +78,7 @@ public class UserResource {
//GenericContext gc = (GenericContext) sc.getUserPrincipal();
return DataAccess.get(UserAuthGet.class, userId);
}
@POST
@Path("{userId}/application/{applicationId}/link")
@RolesAllowed("ADMIN")
@ -92,15 +92,15 @@ public class UserResource {
}
return DataAccess.get(UserAuth.class, userId);
}
@GET
@Path("{userId}/application/{applicationId}/rights")
@RolesAllowed("ADMIN")
public Map<String, Object> getApplicationRight(@Context final SecurityContext sc, @PathParam("userId") final long userId, @PathParam("applicationId") final long applicationId) throws Exception {
return RightResource.getUserRight(userId, applicationId);
}
@PUT
@PATCH
@Path("{userId}/application/{applicationId}/rights")
@RolesAllowed("ADMIN")
public Map<String, Object> patchApplicationRight(@Context final SecurityContext sc, @PathParam("userId") final long userId, @PathParam("applicationId") final long applicationId,
@ -109,7 +109,7 @@ public class UserResource {
RightResource.updateUserRight(userId, applicationId, data);
return RightResource.getUserRight(userId, applicationId);
}
// TODO: check this it might be deprecated ...
@POST
@Path("{id}/set_admin")
@ -123,7 +123,7 @@ public class UserResource {
}
return Response.ok("{}").build();
}
@POST
@Path("{id}/set_blocked")
@RolesAllowed("ADMIN")
@ -136,7 +136,7 @@ public class UserResource {
}
return Response.ok("{}").build();
}
@POST
@Path("create_new_user")
@RolesAllowed("ADMIN")
@ -147,17 +147,17 @@ public class UserResource {
throw new InputException("login", "Authentiocate-method-error (login too small: '" + user.login + "')");
}
// TODO: check login format
if (user.email == null || user.email.length() < 6) {
throw new InputException("email", "Authentiocate-method-error (email too small: '" + user.email + "')");
}
// TODO: check email format
if (user.password == null || user.password.length() != 128) {
throw new InputException("password", "null password, or wrong hash size");
}
// TODO: verify if the data are a hash ...
// Check login does not exist
List<UserAuth> out = DataAccess.getsWhere(UserAuth.class, new Condition(new QueryCondition("login", "=", user.login)));
if (out.size() >= 1) {
@ -168,7 +168,7 @@ public class UserResource {
if (out.size() >= 1) {
throw new FailException(Response.Status.BAD_REQUEST, "e-mail already used !!!");
}
// Add new user and return formated dat.
final UserAuth newUser = new UserAuth();
newUser.admin = false;
@ -183,7 +183,7 @@ public class UserResource {
this.logger.debug("create new user done with id=={}", tmp.id);
return DataAccess.get(UserAuthGet.class, tmp.id);
}
@GET
@Path("me")
@RolesAllowed("USER")
@ -193,7 +193,7 @@ public class UserResource {
this.logger.debug("== USER ? {}", gc.userByToken);
return new UserOut(gc.userByToken.id, gc.userByToken.name);
}
@POST
@Path("password")
@RolesAllowed("USER")
@ -201,7 +201,7 @@ public class UserResource {
this.logger.debug("ChangePassword()");
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.debug("== USER ? {}", gc.userByToken);
if (data == null) {
throw new InputException("data", "No data set...");
}
@ -217,24 +217,24 @@ public class UserResource {
DataAccess.update(user, user.id, List.of("password"));
return Response.status(Response.Status.OK).build();
}
/*
@GET
@Path("validipass")
@PermitAll
public Response validatePasswordFromEMail(@QueryParam("uuid") String uuid, @QueryParam("securityId") String securityId) {
// Validate new password if OK
// clear the passwordChange, passwordValidation fields
// send an e-mail to confirm the new password has been set.
return Response.status(500).build();
}
*/
@GET
@Path("/check_login")
@PermitAll
@ -246,7 +246,7 @@ public class UserResource {
}
throw new NotFoundException("User does not exist: '" + login + "'");
}
// TODO: add an application TOKEN and permit only 50 requested (maybe add an option to disable it).
@GET
@Path("/check_email")
@ -259,7 +259,7 @@ public class UserResource {
}
throw new NotFoundException("emain does not exist: '" + email + "'");
}
private UserAuth checkAuthUser(final String method, final String login, final String time, final String password) throws Exception {
// check good version:
if (!"v1".contentEquals(method)) {
@ -278,7 +278,7 @@ public class UserResource {
query = "email";
}
final UserAuth user = DataAccess.getWhere(UserAuth.class, new Condition(new QueryCondition(query, "=", login)));
if (user == null) {
throw new FailException(Response.Status.PRECONDITION_FAILED, "FAIL Authentiocate-wrong email/login '" + login + "')");
}
@ -293,7 +293,7 @@ public class UserResource {
}
return user;
}
@POST
@Path("/get_token")
@PermitAll
@ -304,7 +304,7 @@ public class UserResource {
// at the point the user has been not deleted and not blocked.
// this authentication is valid only for Karso ==> not for the application
final int expirationTimeInMinutes = ConfigVariable.getAuthExpirationTime();
// Get the USER Right (Note: by construction KARSO have application ID = KARSO_INITIALISATION_ID
final Map<String, Object> ssoRight = RightResource.getUserRight(user.id, Initialization.KARSO_INITIALISATION_ID);
if (!ssoRight.containsKey("USER")) {
@ -318,16 +318,16 @@ public class UserResource {
outRight.put(applicationName, ssoRight);
// TODO: maybe correct this get of TTL...
final String ret = JWTWrapper.generateJWToken(user.id, user.login, "KarAuth", applicationName, outRight, expirationTimeInMinutes);
// Update last connection:
final UserAuth newUser = new UserAuth();
newUser.lastConnection = Timestamp.valueOf(LocalDateTime.now());
DataAccess.update(newUser, user.id, List.of("lastConnection"));
//logger.debug(" ==> generate token: {}", ret);
return new GetToken(ret);
}
public static String bytesToHex(final byte[] bytes) {
final StringBuilder sb = new StringBuilder();
for (final byte b : bytes) {
@ -335,7 +335,7 @@ public class UserResource {
}
return sb.toString();
}
public String getSHA512(final String passwordToHash) {
try {
final MessageDigest md = MessageDigest.getInstance("SHA-512");
@ -346,5 +346,5 @@ public class UserResource {
}
return null;
}
}

56
back/test/src/test/kar/karso/TestUnAuthorizedAPI.java
View File

@ -21,10 +21,10 @@ import org.slf4j.LoggerFactory;
@TestMethodOrder(MethodOrderer.OrderAnnotation.class)
public class TestUnAuthorizedAPI {
private final static Logger LOGGER = LoggerFactory.getLogger(TestUnAuthorizedAPI.class);
static WebLauncherTest webInterface = null;
static RESTApi api = null;
public void login(final String login, final String password) {
try {
final GetToken token = api.post(GetToken.class, "users/get_token", DataGetToken.generate(login, "v1", "202515252", password));
@ -33,11 +33,11 @@ public class TestUnAuthorizedAPI {
Assertions.fail("Can not get Authentication for '" + login + "' ==> " + ex.getMessage());
}
}
public void loginAdmin() {
login("karadmin", "adminA@666");
}
@BeforeAll
public static void configureWebServer() throws Exception {
LOGGER.info("configure server ...");
@ -54,7 +54,7 @@ public class TestUnAuthorizedAPI {
LOGGER.info("Start REST (DONE)");
api = new RESTApi(ConfigBaseVariable.apiAdress);
}
@AfterAll
public static void stopWebServer() throws InterruptedException, IOException {
LOGGER.info("Kill the web server");
@ -65,11 +65,11 @@ public class TestUnAuthorizedAPI {
ConfigBaseVariable.clearAllValue();
Thread.sleep(1000);
}
public void checkFail(final String type, final String urlOffset, final int errorStatus) {
checkFail(type, urlOffset, errorStatus, null);
}
public void checkFail(final String type, final String urlOffset, final int errorStatus, final String data) {
LOGGER.info("Test API: url={} urlOffset={}", type, urlOffset);
try {
@ -77,8 +77,8 @@ public class TestUnAuthorizedAPI {
api.get(String.class, urlOffset);
} else if ("POST".equals(type)) {
api.post(String.class, urlOffset, data);
} else if ("PUT".equals(type)) {
api.put(String.class, urlOffset, data);
} else if ("PATCH".equals(type)) {
api.patch(String.class, urlOffset, data);
} else if ("DELETE".equals(type)) {
api.delete(String.class, urlOffset);
}
@ -92,13 +92,13 @@ public class TestUnAuthorizedAPI {
LOGGER.error("Unexpected throw error: {}", ex);
Assertions.fail("Unexpected throws...");
}
}
public void checkWork(final String type, final String urlOffset) {
checkWork(type, urlOffset, null);
}
public void checkWork(final String type, final String urlOffset, final String data) {
LOGGER.info("Test API: url={} urlOffset={}", type, urlOffset);
try {
@ -106,8 +106,8 @@ public class TestUnAuthorizedAPI {
api.get(String.class, urlOffset);
} else if ("POST".equals(type)) {
api.post(String.class, urlOffset, data);
} else if ("PUT".equals(type)) {
api.put(String.class, urlOffset, data);
} else if ("PATCH".equals(type)) {
api.patch(String.class, urlOffset, data);
} else if ("DELETE".equals(type)) {
api.delete(String.class, urlOffset);
}
@ -118,20 +118,20 @@ public class TestUnAuthorizedAPI {
LOGGER.error("Unexpected throw error: {}", ex);
Assertions.fail("Unexpected throws...");
}
}
@Order(1)
@Test
public void checkUnAuthorizedAPI() throws Exception {
// /application/
checkFail("GET", "application/", 401);
checkFail("POST", "application/", 401, "{}");
checkFail("PUT", "application/", 405, "{}"); // does not exist
checkFail("PATCH", "application/", 405, "{}"); // does not exist
checkFail("DELETE", "application/", 405); // does not exist
// /application/{id}
checkFail("GET", "application/0", 401);
checkFail("PUT", "application/0", 401, "{}");
checkFail("PATCH", "application/0", 401, "{}");
checkFail("POST", "application/0", 405, "{}");
checkFail("DELETE", "application/0", 401);
// /application/{id}/*
@ -140,33 +140,33 @@ public class TestUnAuthorizedAPI {
checkFail("GET", "application/small", 401);
checkFail("GET", "application/get_token", 401);
checkFail("GET", "application/return", 401);
// /application_token/ section:
checkFail("GET", "application_token/0", 401);
checkFail("DELETE", "application_token/0/5", 401);
checkFail("DELETE", "application_token/0/create", 401);
// /front/*
checkFail("GET", "front", 404); // no index in test section
// health check
checkWork("GET", "health_check");
// public_key (only application)
checkFail("GET", "public_key", 401);
checkFail("GET", "public_key/pem", 401);
// /right
checkFail("GET", "right", 401);
checkFail("POST", "right", 401, "{}");
checkFail("GET", "right/0", 401);
checkFail("PUT", "right/0", 401, "{}");
checkFail("PATCH", "right/0", 401, "{}");
checkFail("DELETE", "right/0", 401);
// /system_config
checkWork("GET", "system_config/is_sign_up_availlable");
checkFail("GET", "system_config/key/skjdfhkjsdhfkjsh", 401);
checkFail("PUT", "system_config/key/skjdfhkjsdhfkjsh", 401, "{}");
checkFail("PATCH", "system_config/key/skjdfhkjsdhfkjsh", 401, "{}");
// /users
checkFail("GET", "users", 401);
checkFail("GET", "users/0", 401);
@ -181,7 +181,7 @@ public class TestUnAuthorizedAPI {
checkWork("GET", "users/check_email?email=admin@admin.ZZZ");
checkFail("GET", "users/check_email?email=ksjhdkjfhskjdh", 404);
// not testable : get_token
}
}

2
front/src/base/service/admin-user.ts
View File

@ -382,7 +382,7 @@ export class AdminUserService {
.requestJson({
server: 'karso',
endPoint: `users/${userId}/application/${applicationId}/rights`,
requestType: HTTPRequestModel.PUT,
requestType: HTTPRequestModel.PATCH,
accept: HTTPMimeType.JSON,
contentType: HTTPMimeType.JSON,
body: dataUpdate

2
front/src/base/service/application.ts
View File

@ -286,7 +286,7 @@ export class ApplicationService {
.requestJson({
server: 'karso',
endPoint: `application/${id}`,
requestType: HTTPRequestModel.PUT,
requestType: HTTPRequestModel.PATCH,
accept: HTTPMimeType.JSON,
contentType: HTTPMimeType.JSON,
body: updateState,

6
front/src/base/service/settings.ts
View File

@ -13,7 +13,7 @@ class MultipleRequest {
failResponse = undefined;
data = {};
constructor(private resolve: any, private reject: any, private countRequest: number) {}
constructor(private resolve: any, private reject: any, private countRequest: number) { }
add(key: string, value: any): void {
this.requestDone += 1;
this.data[key] = value;
@ -44,7 +44,7 @@ class MultipleRequest {
@Injectable()
export class SettingsService {
constructor(private http: HttpWrapperService) {}
constructor(private http: HttpWrapperService) { }
/**
* Get a generic setting (Key value)
* @returns a promise of the data value
@ -76,7 +76,7 @@ export class SettingsService {
this.http
.requestJson({
endPoint: `system_config/key/${key}`,
requestType: HTTPRequestModel.PUT,
requestType: HTTPRequestModel.PATCH,
accept: HTTPMimeType.JSON,
contentType: HTTPMimeType.JSON,
body: {

2
front/src/common

@ -1 +1 @@
Subproject commit 9fc25b4feaeba509ff39f70b24d97be47f4b30e1
Subproject commit 0496753211a09aacb11436567d513b3586bbaabb