From 7ce71f91d54c6f3b2b1e49c8c809b17a6aa5ac04 Mon Sep 17 00:00:00 2001 From: Edouard DUPIN Date: Thu, 18 Jan 2024 23:34:43 +0100 Subject: [PATCH] [DEV] updat to the new model (READY) --- back/src/org/kar/karso/WebLauncherLocal.java | 2 +- .../kar/karso/api/ApplicationResource.java | 60 +++++++-------- back/src/org/kar/karso/api/RightResource.java | 26 +++---- .../kar/karso/api/SystemConfigResource.java | 26 +++---- back/src/org/kar/karso/api/UserResource.java | 74 +++++++++---------- .../test/kar/karso/TestUnAuthorizedAPI.java | 56 +++++++------- front/src/base/service/admin-user.ts | 2 +- front/src/base/service/application.ts | 2 +- front/src/base/service/settings.ts | 6 +- front/src/common | 2 +- 10 files changed, 128 insertions(+), 128 deletions(-) diff --git a/back/src/org/kar/karso/WebLauncherLocal.java b/back/src/org/kar/karso/WebLauncherLocal.java index a6490db..db5644d 100755 --- a/back/src/org/kar/karso/WebLauncherLocal.java +++ b/back/src/org/kar/karso/WebLauncherLocal.java @@ -24,7 +24,7 @@ public class WebLauncherLocal extends WebLauncher { if (true) { // for local test: ConfigBaseVariable.apiAdress = "http://0.0.0.0:15080/karso/api/"; - ConfigBaseVariable.dbPort = "3307"; + ConfigBaseVariable.dbPort = "3906"; // create a unique key for test ==> not retrieve the token every load... ConfigVariable.uuid_for_key_generation = "lkjlkjlkjlmkjqmwlsdkjqfsdlkf88QJSDMLQKSndmLQKZNERMAL"; //ConfigBaseVariable.dbType = "sqlite"; diff --git a/back/src/org/kar/karso/api/ApplicationResource.java b/back/src/org/kar/karso/api/ApplicationResource.java index 19374e4..f28876e 100755 --- a/back/src/org/kar/karso/api/ApplicationResource.java +++ b/back/src/org/kar/karso/api/ApplicationResource.java @@ -25,8 +25,8 @@ import jakarta.annotation.security.RolesAllowed; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.DELETE; import jakarta.ws.rs.GET; +import jakarta.ws.rs.PATCH; import jakarta.ws.rs.POST; -import jakarta.ws.rs.PUT; import jakarta.ws.rs.Path; import jakarta.ws.rs.PathParam; import jakarta.ws.rs.Produces; @@ -40,9 +40,9 @@ import jakarta.ws.rs.core.SecurityContext; @Produces(MediaType.APPLICATION_JSON) public class ApplicationResource { final Logger logger = LoggerFactory.getLogger(ApplicationResource.class); - + public ApplicationResource() {} - + public List getUserListOfApplication(final Long userId) { final List out = new ArrayList<>(); List links = null; @@ -60,7 +60,7 @@ public class ApplicationResource { } return out; } - + public List getListOfUsers(final Long applicationId) { final List out = new ArrayList<>(); List links = null; @@ -83,7 +83,7 @@ public class ApplicationResource { // Generic /application/ // //////////////////////////////////////////////////////////////////////////////////////// - + @GET @RolesAllowed(value = { "USER", "ADMIN" }) public List getApplications(@Context final SecurityContext sc) throws Exception { @@ -103,7 +103,7 @@ public class ApplicationResource { } return out; } - + @POST @RolesAllowed("ADMIN") public Application create(final Application application) throws Exception { @@ -121,21 +121,21 @@ public class ApplicationResource { application.updatedAt = null; return DataAccess.insert(application); } - + //////////////////////////////////////////////////////////////////////////////////////// // // Generic /application/{id} // //////////////////////////////////////////////////////////////////////////////////////// - + @GET @Path("{id}") @RolesAllowed("ADMIN") public Application get(@PathParam("id") final Long id) throws Exception { return DataAccess.get(Application.class, id); } - - @PUT + + @PATCH @Path("{id}") @RolesAllowed("ADMIN") @Consumes(MediaType.APPLICATION_JSON) @@ -143,7 +143,7 @@ public class ApplicationResource { DataAccess.updateWithJson(Application.class, id, jsonRequest); return DataAccess.get(Application.class, id); } - + @DELETE @Path("{id}") @RolesAllowed("ADMIN") @@ -151,29 +151,29 @@ public class ApplicationResource { public void remove(@Context final SecurityContext sc, @PathParam("id") final long applicationId) throws Exception { DataAccess.delete(Application.class, applicationId); } - + //////////////////////////////////////////////////////////////////////////////////////// // // Generic /{id}/* // //////////////////////////////////////////////////////////////////////////////////////// - + @GET @Path("{id}/users") @RolesAllowed(value = { "ADMIN" }) public List getApplicationUsers(@PathParam("id") final Long applicationId) throws Exception { // special case for SSO: (all user have access on the SSO...). - + this.logger.debug("Request list of user for an applciation: {}", applicationId); return getListOfUsers(applicationId); } - + //////////////////////////////////////////////////////////////////////////////////////// // // Generic /application/* // //////////////////////////////////////////////////////////////////////////////////////// - + @GET @Path("small") @RolesAllowed(value = { "USER", "ADMIN" }) @@ -190,10 +190,10 @@ public class ApplicationResource { } return out; } - + public record AddUserData( - long userId) {}; - + long userId) {} + // TODO : review the function to correct admin only access... @POST @Path("{id}/users") @@ -203,7 +203,7 @@ public class ApplicationResource { AddOnManyToMany.addLink(UserAuth.class, data.userId, "application", applicationId); return true; } - + // TODO : review the function to correct admin only access... @DELETE @Path("{id}/users") @@ -213,7 +213,7 @@ public class ApplicationResource { AddOnManyToMany.removeLink(UserAuth.class, data.userId, "application", applicationId); return true; } - + // TODO : review the function to correct admin only access... @GET @Path("{id}/rights") @@ -222,7 +222,7 @@ public class ApplicationResource { this.logger.debug("getApplications rights"); return DataAccess.getsWhere(RightDescription.class, new Condition(new QueryCondition("applicationId", "=", applicationId))); } - + @GET @Path("get_token") @RolesAllowed(value = { "USER", "ADMIN" }) @@ -230,7 +230,7 @@ public class ApplicationResource { final GenericContext gc = (GenericContext) sc.getUserPrincipal(); this.logger.info("get application TOKEN application name='{}'", application); this.logger.debug("== USER ? {}", gc.userByToken.name); - + if (application == null) { final String result = "Input error missing parameter: 'application'"; this.logger.debug(" result: {}", result); @@ -243,7 +243,7 @@ public class ApplicationResource { isDev = true; } this.logger.debug("Search for '{}' base of '{}'", applicationName, application); - + Application appl = null; try { appl = DataAccess.getWhere(Application.class, new Condition(new QueryCondition("name", "=", applicationName))); @@ -254,7 +254,7 @@ public class ApplicationResource { this.logger.debug(" result: {}", result); return Response.status(500).entity(result).build(); } - + if (appl == null) { final String result = "Authentiocate-wrong email/login '" + applicationName + "')"; this.logger.error(" result: {}", result); @@ -295,7 +295,7 @@ public class ApplicationResource { } return Response.status(201).entity("{ \"url\":\"" + returnAdress + "\", \"jwt\":\"" + ret + "\"}").build(); } - + @GET @Path("return") @RolesAllowed(value = { "USER", "ADMIN" }) @@ -305,7 +305,7 @@ public class ApplicationResource { this.logger.debug("====================================="); final GenericContext gc = (GenericContext) sc.getUserPrincipal(); this.logger.debug("== USER ? {}", gc.userByToken); - + if (application == null) { final String result = "Input error missing parameter: 'application'"; this.logger.error(" result: {}", result); @@ -318,7 +318,7 @@ public class ApplicationResource { isDev = true; } this.logger.debug("Search for '{}' base of '{}'", applicationName, application); - + Application appl = null; try { appl = DataAccess.getWhere(Application.class, new Condition(new QueryCondition("name", "=", applicationName))); @@ -329,7 +329,7 @@ public class ApplicationResource { this.logger.error(" result: {}", result); return Response.status(500).entity(result).build(); } - + if (appl == null) { final String result = "Authentiocate-wrong email/login '" + applicationName + "')"; this.logger.error(" result: {}", result); @@ -341,5 +341,5 @@ public class ApplicationResource { } return Response.status(201).entity("{ \"url\":\"" + returnAdress + "\"}").build(); } - + } diff --git a/back/src/org/kar/karso/api/RightResource.java b/back/src/org/kar/karso/api/RightResource.java index b9d39b0..64dd72e 100644 --- a/back/src/org/kar/karso/api/RightResource.java +++ b/back/src/org/kar/karso/api/RightResource.java @@ -18,8 +18,8 @@ import jakarta.annotation.security.RolesAllowed; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.DELETE; import jakarta.ws.rs.GET; +import jakarta.ws.rs.PATCH; import jakarta.ws.rs.POST; -import jakarta.ws.rs.PUT; import jakarta.ws.rs.Path; import jakarta.ws.rs.PathParam; import jakarta.ws.rs.Produces; @@ -30,15 +30,15 @@ import jakarta.ws.rs.core.Response; @Produces({ MediaType.APPLICATION_JSON }) public class RightResource { final static Logger logger = LoggerFactory.getLogger(RightResource.class); - + public static List getApplicationRightDecription(final long applicationId) throws Exception { return DataAccess.getsWhere(RightDescription.class, new Condition(new QueryCondition("applicationId", "=", applicationId))); } - + public static List getRawUserRight(final long userId, final long applicationId) throws Exception { return DataAccess.getsWhere(Right.class, new Condition(new QueryAnd(new QueryCondition("applicationId", "=", applicationId), new QueryCondition("userId", "=", userId)))); } - + public static Map getUserRight(final long userId, final long applicationId) throws Exception { final Map out = new HashMap<>(); final List rightsDescriptions = getApplicationRightDecription(applicationId); @@ -55,7 +55,7 @@ public class RightResource { logger.debug(" - id={} key={} type={} default={}", elem.id, elem.key, elem.type, elem.defaultValue); } for (final RightDescription description : rightsDescriptions) { - + if (description == null) { // TODO: this is a really strange case to manage later... continue; @@ -75,7 +75,7 @@ public class RightResource { } return out; } - + public static void updateUserRight(final long userId, final long applicationId, final Map delta) throws Exception { final List rightsDescriptions = getApplicationRightDecription(applicationId); logger.debug("Get some descriptions: {} applicationId={}", rightsDescriptions.size(), applicationId); @@ -116,28 +116,28 @@ public class RightResource { } } } - + @GET @RolesAllowed("ADMIN") public List get() throws Exception { return DataAccess.gets(Right.class); } - + @POST @RolesAllowed("ADMIN") @Consumes(MediaType.APPLICATION_JSON) public Right post(final String jsonRequest) throws Exception { return DataAccess.insertWithJson(Right.class, jsonRequest); } - + @GET @Path("{id}") @RolesAllowed("ADMIN") public static Right getWithId(@PathParam("id") final Long id) throws Exception { return DataAccess.get(Right.class, id); } - - @PUT + + @PATCH @Path("{id}") @RolesAllowed("ADMIN") @Consumes(MediaType.APPLICATION_JSON) @@ -145,7 +145,7 @@ public class RightResource { DataAccess.updateWithJson(Right.class, id, jsonRequest); return DataAccess.get(Right.class, id); } - + @DELETE @Path("{id}") @RolesAllowed("ADMIN") @@ -153,5 +153,5 @@ public class RightResource { DataAccess.delete(Right.class, id); return Response.ok().build(); } - + } diff --git a/back/src/org/kar/karso/api/SystemConfigResource.java b/back/src/org/kar/karso/api/SystemConfigResource.java index 37bcd6e..8df3d6c 100755 --- a/back/src/org/kar/karso/api/SystemConfigResource.java +++ b/back/src/org/kar/karso/api/SystemConfigResource.java @@ -17,7 +17,7 @@ import jakarta.annotation.security.PermitAll; import jakarta.annotation.security.RolesAllowed; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.GET; -import jakarta.ws.rs.PUT; +import jakarta.ws.rs.PATCH; import jakarta.ws.rs.Path; import jakarta.ws.rs.PathParam; import jakarta.ws.rs.Produces; @@ -30,21 +30,21 @@ import jakarta.ws.rs.core.SecurityContext; @Produces(MediaType.APPLICATION_JSON) public class SystemConfigResource { final Logger logger = LoggerFactory.getLogger(SystemConfigResource.class); - + public static class GetSignUpAvaillable { public boolean signup; - + public GetSignUpAvaillable(final boolean availlable) { this.signup = availlable; } - + public GetSignUpAvaillable() { this.signup = false; } } - + public SystemConfigResource() {} - + @GET @Path("is_sign_up_availlable") @PermitAll @@ -58,7 +58,7 @@ public class SystemConfigResource { this.logger.debug("mlkmlk {}", tmp.signup); return tmp; } - + @GET @Path("key/{key}") @RolesAllowed(value = { "USER", "ADMIN" }) @@ -67,18 +67,18 @@ public class SystemConfigResource { if (set == null) { throw new NotFoundException("Value does not exist"); } - if (set.type.equals("BOOLEAN")) { + if ("BOOLEAN".equals(set.type)) { final boolean availlable = "true".equalsIgnoreCase(set.value); return Response.status(200).entity("{ \"value\":" + availlable + "}").build(); } - if (set.type.equals("NUMBER")) { + if ("NUMBER".equals(set.type)) { final double value = Double.parseDouble(set.value); return Response.status(200).entity("{ \"value\":" + value + "}").build(); } return Response.status(200).entity("{ \"value\":\"" + set.value + "\"}").build(); } - - @PUT + + @PATCH @Path("key/{key}") @RolesAllowed(value = { "ADMIN" }) @Consumes(MediaType.APPLICATION_JSON) @@ -96,11 +96,11 @@ public class SystemConfigResource { // Read the tree to filter injection of data: final JsonNode root = mapper.readTree(jsonRequest); final JsonNode value = root.findPath("value"); - + res.value = value.asText(); this.logger.debug("Update value : {}", res.value); DataAccess.update(res, res.id, List.of("value")); return Response.status(201).entity("{ \"value\":\"" + res.value + "\"}").build(); } - + } diff --git a/back/src/org/kar/karso/api/UserResource.java b/back/src/org/kar/karso/api/UserResource.java index ea113b5..12f2ea3 100755 --- a/back/src/org/kar/karso/api/UserResource.java +++ b/back/src/org/kar/karso/api/UserResource.java @@ -36,8 +36,8 @@ import jakarta.annotation.security.RolesAllowed; import jakarta.ws.rs.Consumes; import jakarta.ws.rs.GET; import jakarta.ws.rs.NotFoundException; +import jakarta.ws.rs.PATCH; import jakarta.ws.rs.POST; -import jakarta.ws.rs.PUT; import jakarta.ws.rs.Path; import jakarta.ws.rs.PathParam; import jakarta.ws.rs.Produces; @@ -51,26 +51,26 @@ import jakarta.ws.rs.core.SecurityContext; @Produces(MediaType.APPLICATION_JSON) public class UserResource { final Logger logger = LoggerFactory.getLogger(UserResource.class); - + @JsonInclude(JsonInclude.Include.NON_NULL) public class UserOut { public long id; public String login; - + public UserOut(final long id, final String login) { this.id = id; this.login = login; } } - + public UserResource() {} - + @GET @RolesAllowed("ADMIN") public List getUsers() throws Exception { return DataAccess.gets(UserAuthGet.class); } - + @GET @Path("{id}") @RolesAllowed("ADMIN") @@ -78,7 +78,7 @@ public class UserResource { //GenericContext gc = (GenericContext) sc.getUserPrincipal(); return DataAccess.get(UserAuthGet.class, userId); } - + @POST @Path("{userId}/application/{applicationId}/link") @RolesAllowed("ADMIN") @@ -92,15 +92,15 @@ public class UserResource { } return DataAccess.get(UserAuth.class, userId); } - + @GET @Path("{userId}/application/{applicationId}/rights") @RolesAllowed("ADMIN") public Map getApplicationRight(@Context final SecurityContext sc, @PathParam("userId") final long userId, @PathParam("applicationId") final long applicationId) throws Exception { return RightResource.getUserRight(userId, applicationId); } - - @PUT + + @PATCH @Path("{userId}/application/{applicationId}/rights") @RolesAllowed("ADMIN") public Map patchApplicationRight(@Context final SecurityContext sc, @PathParam("userId") final long userId, @PathParam("applicationId") final long applicationId, @@ -109,7 +109,7 @@ public class UserResource { RightResource.updateUserRight(userId, applicationId, data); return RightResource.getUserRight(userId, applicationId); } - + // TODO: check this it might be deprecated ... @POST @Path("{id}/set_admin") @@ -123,7 +123,7 @@ public class UserResource { } return Response.ok("{}").build(); } - + @POST @Path("{id}/set_blocked") @RolesAllowed("ADMIN") @@ -136,7 +136,7 @@ public class UserResource { } return Response.ok("{}").build(); } - + @POST @Path("create_new_user") @RolesAllowed("ADMIN") @@ -147,17 +147,17 @@ public class UserResource { throw new InputException("login", "Authentiocate-method-error (login too small: '" + user.login + "')"); } // TODO: check login format - + if (user.email == null || user.email.length() < 6) { throw new InputException("email", "Authentiocate-method-error (email too small: '" + user.email + "')"); } // TODO: check email format - + if (user.password == null || user.password.length() != 128) { throw new InputException("password", "null password, or wrong hash size"); } // TODO: verify if the data are a hash ... - + // Check login does not exist List out = DataAccess.getsWhere(UserAuth.class, new Condition(new QueryCondition("login", "=", user.login))); if (out.size() >= 1) { @@ -168,7 +168,7 @@ public class UserResource { if (out.size() >= 1) { throw new FailException(Response.Status.BAD_REQUEST, "e-mail already used !!!"); } - + // Add new user and return formated dat. final UserAuth newUser = new UserAuth(); newUser.admin = false; @@ -183,7 +183,7 @@ public class UserResource { this.logger.debug("create new user done with id=={}", tmp.id); return DataAccess.get(UserAuthGet.class, tmp.id); } - + @GET @Path("me") @RolesAllowed("USER") @@ -193,7 +193,7 @@ public class UserResource { this.logger.debug("== USER ? {}", gc.userByToken); return new UserOut(gc.userByToken.id, gc.userByToken.name); } - + @POST @Path("password") @RolesAllowed("USER") @@ -201,7 +201,7 @@ public class UserResource { this.logger.debug("ChangePassword()"); final GenericContext gc = (GenericContext) sc.getUserPrincipal(); this.logger.debug("== USER ? {}", gc.userByToken); - + if (data == null) { throw new InputException("data", "No data set..."); } @@ -217,24 +217,24 @@ public class UserResource { DataAccess.update(user, user.id, List.of("password")); return Response.status(Response.Status.OK).build(); } - + /* @GET @Path("validipass") @PermitAll public Response validatePasswordFromEMail(@QueryParam("uuid") String uuid, @QueryParam("securityId") String securityId) { - + // Validate new password if OK - + // clear the passwordChange, passwordValidation fields - + // send an e-mail to confirm the new password has been set. - - + + return Response.status(500).build(); } */ - + @GET @Path("/check_login") @PermitAll @@ -246,7 +246,7 @@ public class UserResource { } throw new NotFoundException("User does not exist: '" + login + "'"); } - + // TODO: add an application TOKEN and permit only 50 requested (maybe add an option to disable it). @GET @Path("/check_email") @@ -259,7 +259,7 @@ public class UserResource { } throw new NotFoundException("emain does not exist: '" + email + "'"); } - + private UserAuth checkAuthUser(final String method, final String login, final String time, final String password) throws Exception { // check good version: if (!"v1".contentEquals(method)) { @@ -278,7 +278,7 @@ public class UserResource { query = "email"; } final UserAuth user = DataAccess.getWhere(UserAuth.class, new Condition(new QueryCondition(query, "=", login))); - + if (user == null) { throw new FailException(Response.Status.PRECONDITION_FAILED, "FAIL Authentiocate-wrong email/login '" + login + "')"); } @@ -293,7 +293,7 @@ public class UserResource { } return user; } - + @POST @Path("/get_token") @PermitAll @@ -304,7 +304,7 @@ public class UserResource { // at the point the user has been not deleted and not blocked. // this authentication is valid only for Karso ==> not for the application final int expirationTimeInMinutes = ConfigVariable.getAuthExpirationTime(); - + // Get the USER Right (Note: by construction KARSO have application ID = KARSO_INITIALISATION_ID final Map ssoRight = RightResource.getUserRight(user.id, Initialization.KARSO_INITIALISATION_ID); if (!ssoRight.containsKey("USER")) { @@ -318,16 +318,16 @@ public class UserResource { outRight.put(applicationName, ssoRight); // TODO: maybe correct this get of TTL... final String ret = JWTWrapper.generateJWToken(user.id, user.login, "KarAuth", applicationName, outRight, expirationTimeInMinutes); - + // Update last connection: final UserAuth newUser = new UserAuth(); newUser.lastConnection = Timestamp.valueOf(LocalDateTime.now()); DataAccess.update(newUser, user.id, List.of("lastConnection")); - + //logger.debug(" ==> generate token: {}", ret); return new GetToken(ret); } - + public static String bytesToHex(final byte[] bytes) { final StringBuilder sb = new StringBuilder(); for (final byte b : bytes) { @@ -335,7 +335,7 @@ public class UserResource { } return sb.toString(); } - + public String getSHA512(final String passwordToHash) { try { final MessageDigest md = MessageDigest.getInstance("SHA-512"); @@ -346,5 +346,5 @@ public class UserResource { } return null; } - + } diff --git a/back/test/src/test/kar/karso/TestUnAuthorizedAPI.java b/back/test/src/test/kar/karso/TestUnAuthorizedAPI.java index d116ba2..3e58115 100644 --- a/back/test/src/test/kar/karso/TestUnAuthorizedAPI.java +++ b/back/test/src/test/kar/karso/TestUnAuthorizedAPI.java @@ -21,10 +21,10 @@ import org.slf4j.LoggerFactory; @TestMethodOrder(MethodOrderer.OrderAnnotation.class) public class TestUnAuthorizedAPI { private final static Logger LOGGER = LoggerFactory.getLogger(TestUnAuthorizedAPI.class); - + static WebLauncherTest webInterface = null; static RESTApi api = null; - + public void login(final String login, final String password) { try { final GetToken token = api.post(GetToken.class, "users/get_token", DataGetToken.generate(login, "v1", "202515252", password)); @@ -33,11 +33,11 @@ public class TestUnAuthorizedAPI { Assertions.fail("Can not get Authentication for '" + login + "' ==> " + ex.getMessage()); } } - + public void loginAdmin() { login("karadmin", "adminA@666"); } - + @BeforeAll public static void configureWebServer() throws Exception { LOGGER.info("configure server ..."); @@ -54,7 +54,7 @@ public class TestUnAuthorizedAPI { LOGGER.info("Start REST (DONE)"); api = new RESTApi(ConfigBaseVariable.apiAdress); } - + @AfterAll public static void stopWebServer() throws InterruptedException, IOException { LOGGER.info("Kill the web server"); @@ -65,11 +65,11 @@ public class TestUnAuthorizedAPI { ConfigBaseVariable.clearAllValue(); Thread.sleep(1000); } - + public void checkFail(final String type, final String urlOffset, final int errorStatus) { checkFail(type, urlOffset, errorStatus, null); } - + public void checkFail(final String type, final String urlOffset, final int errorStatus, final String data) { LOGGER.info("Test API: url={} urlOffset={}", type, urlOffset); try { @@ -77,8 +77,8 @@ public class TestUnAuthorizedAPI { api.get(String.class, urlOffset); } else if ("POST".equals(type)) { api.post(String.class, urlOffset, data); - } else if ("PUT".equals(type)) { - api.put(String.class, urlOffset, data); + } else if ("PATCH".equals(type)) { + api.patch(String.class, urlOffset, data); } else if ("DELETE".equals(type)) { api.delete(String.class, urlOffset); } @@ -92,13 +92,13 @@ public class TestUnAuthorizedAPI { LOGGER.error("Unexpected throw error: {}", ex); Assertions.fail("Unexpected throws..."); } - + } - + public void checkWork(final String type, final String urlOffset) { checkWork(type, urlOffset, null); } - + public void checkWork(final String type, final String urlOffset, final String data) { LOGGER.info("Test API: url={} urlOffset={}", type, urlOffset); try { @@ -106,8 +106,8 @@ public class TestUnAuthorizedAPI { api.get(String.class, urlOffset); } else if ("POST".equals(type)) { api.post(String.class, urlOffset, data); - } else if ("PUT".equals(type)) { - api.put(String.class, urlOffset, data); + } else if ("PATCH".equals(type)) { + api.patch(String.class, urlOffset, data); } else if ("DELETE".equals(type)) { api.delete(String.class, urlOffset); } @@ -118,20 +118,20 @@ public class TestUnAuthorizedAPI { LOGGER.error("Unexpected throw error: {}", ex); Assertions.fail("Unexpected throws..."); } - + } - + @Order(1) @Test public void checkUnAuthorizedAPI() throws Exception { // /application/ checkFail("GET", "application/", 401); checkFail("POST", "application/", 401, "{}"); - checkFail("PUT", "application/", 405, "{}"); // does not exist + checkFail("PATCH", "application/", 405, "{}"); // does not exist checkFail("DELETE", "application/", 405); // does not exist // /application/{id} checkFail("GET", "application/0", 401); - checkFail("PUT", "application/0", 401, "{}"); + checkFail("PATCH", "application/0", 401, "{}"); checkFail("POST", "application/0", 405, "{}"); checkFail("DELETE", "application/0", 401); // /application/{id}/* @@ -140,33 +140,33 @@ public class TestUnAuthorizedAPI { checkFail("GET", "application/small", 401); checkFail("GET", "application/get_token", 401); checkFail("GET", "application/return", 401); - + // /application_token/ section: checkFail("GET", "application_token/0", 401); checkFail("DELETE", "application_token/0/5", 401); checkFail("DELETE", "application_token/0/create", 401); - + // /front/* checkFail("GET", "front", 404); // no index in test section // health check checkWork("GET", "health_check"); - + // public_key (only application) checkFail("GET", "public_key", 401); checkFail("GET", "public_key/pem", 401); - + // /right checkFail("GET", "right", 401); checkFail("POST", "right", 401, "{}"); checkFail("GET", "right/0", 401); - checkFail("PUT", "right/0", 401, "{}"); + checkFail("PATCH", "right/0", 401, "{}"); checkFail("DELETE", "right/0", 401); - + // /system_config checkWork("GET", "system_config/is_sign_up_availlable"); checkFail("GET", "system_config/key/skjdfhkjsdhfkjsh", 401); - checkFail("PUT", "system_config/key/skjdfhkjsdhfkjsh", 401, "{}"); - + checkFail("PATCH", "system_config/key/skjdfhkjsdhfkjsh", 401, "{}"); + // /users checkFail("GET", "users", 401); checkFail("GET", "users/0", 401); @@ -181,7 +181,7 @@ public class TestUnAuthorizedAPI { checkWork("GET", "users/check_email?email=admin@admin.ZZZ"); checkFail("GET", "users/check_email?email=ksjhdkjfhskjdh", 404); // not testable : get_token - + } - + } diff --git a/front/src/base/service/admin-user.ts b/front/src/base/service/admin-user.ts index 18f0269..c2fc20c 100644 --- a/front/src/base/service/admin-user.ts +++ b/front/src/base/service/admin-user.ts @@ -382,7 +382,7 @@ export class AdminUserService { .requestJson({ server: 'karso', endPoint: `users/${userId}/application/${applicationId}/rights`, - requestType: HTTPRequestModel.PUT, + requestType: HTTPRequestModel.PATCH, accept: HTTPMimeType.JSON, contentType: HTTPMimeType.JSON, body: dataUpdate diff --git a/front/src/base/service/application.ts b/front/src/base/service/application.ts index 48b2d9f..73abf9e 100644 --- a/front/src/base/service/application.ts +++ b/front/src/base/service/application.ts @@ -286,7 +286,7 @@ export class ApplicationService { .requestJson({ server: 'karso', endPoint: `application/${id}`, - requestType: HTTPRequestModel.PUT, + requestType: HTTPRequestModel.PATCH, accept: HTTPMimeType.JSON, contentType: HTTPMimeType.JSON, body: updateState, diff --git a/front/src/base/service/settings.ts b/front/src/base/service/settings.ts index e9fa9a5..116490d 100644 --- a/front/src/base/service/settings.ts +++ b/front/src/base/service/settings.ts @@ -13,7 +13,7 @@ class MultipleRequest { failResponse = undefined; data = {}; - constructor(private resolve: any, private reject: any, private countRequest: number) {} + constructor(private resolve: any, private reject: any, private countRequest: number) { } add(key: string, value: any): void { this.requestDone += 1; this.data[key] = value; @@ -44,7 +44,7 @@ class MultipleRequest { @Injectable() export class SettingsService { - constructor(private http: HttpWrapperService) {} + constructor(private http: HttpWrapperService) { } /** * Get a generic setting (Key value) * @returns a promise of the data value @@ -76,7 +76,7 @@ export class SettingsService { this.http .requestJson({ endPoint: `system_config/key/${key}`, - requestType: HTTPRequestModel.PUT, + requestType: HTTPRequestModel.PATCH, accept: HTTPMimeType.JSON, contentType: HTTPMimeType.JSON, body: { diff --git a/front/src/common b/front/src/common index 9fc25b4..0496753 160000 --- a/front/src/common +++ b/front/src/common @@ -1 +1 @@ -Subproject commit 9fc25b4feaeba509ff39f70b24d97be47f4b30e1 +Subproject commit 0496753211a09aacb11436567d513b3586bbaabb