diff --git a/src/main/java/org/eclipsefoundation/openvsx/namespace/OpenVSXParameters.java b/src/main/java/org/eclipsefoundation/openvsx/namespace/OpenVSXParameters.java
new file mode 100644
index 0000000000000000000000000000000000000000..5909edfdf7b79b352df3ef4a2a9d1f574a8db8f6
--- /dev/null
+++ b/src/main/java/org/eclipsefoundation/openvsx/namespace/OpenVSXParameters.java
@@ -0,0 +1,19 @@
+/*********************************************************************
+* Copyright (c) 2025 Eclipse Foundation.
+*
+* This program and the accompanying materials are made
+* available under the terms of the Eclipse Public License 2.0
+* which is available at https://www.eclipse.org/legal/epl-2.0/
+*
+* SPDX-License-Identifier: EPL-2.0
+**********************************************************************/
+package org.eclipsefoundation.openvsx.namespace;
+
+/**
+ * Shared parameters used in the operation of the API.
+ */
+public class OpenVSXParameters {
+ public static final String DEFAULT_ACCESS_ROLE = "openvsx_publisher_agreement";
+
+ private OpenVSXParameters() {}
+}
diff --git a/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java b/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
index 659af962a14990cff8f5324a852ac6b3869eef10..cf5343656ff0ff30d9bc12c93ba661d8c5a7a4f3 100644
--- a/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
+++ b/src/main/java/org/eclipsefoundation/openvsx/resources/ProfileResource.java
@@ -15,15 +15,16 @@ import java.util.Arrays;
import org.eclipsefoundation.efservices.services.ProfileService;
import org.eclipsefoundation.http.exception.ApplicationException;
+import org.eclipsefoundation.openvsx.namespace.OpenVSXParameters;
-import io.quarkus.security.Authenticated;
import io.quarkus.security.identity.SecurityIdentity;
+import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.core.Response;
-@Authenticated
@Path("profile")
+@RolesAllowed(OpenVSXParameters.DEFAULT_ACCESS_ROLE)
public class ProfileResource {
private final ProfileService profile;
diff --git a/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java b/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
index 1c93e272adc56d0fce0dc4a4598efa4966d3165a..8fb35825f2a9ea7f6fa1ddbfc0c6e8507d8539b1 100644
--- a/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
+++ b/src/main/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResource.java
@@ -21,12 +21,13 @@ import org.eclipsefoundation.http.exception.ApplicationException;
import org.eclipsefoundation.openvsx.config.PublisherAgreementConfig;
import org.eclipsefoundation.openvsx.models.AgreementSigningRequest;
import org.eclipsefoundation.openvsx.models.PublisherAgreementData;
+import org.eclipsefoundation.openvsx.namespace.OpenVSXParameters;
import org.eclipsefoundation.openvsx.services.FoundationOperationService;
import org.eclipsefoundation.openvsx.services.PublisherAgreementService;
import org.eclipsefoundation.utils.exception.FinalForbiddenException;
-import io.quarkus.security.Authenticated;
import io.quarkus.security.identity.SecurityIdentity;
+import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.BadRequestException;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.GET;
@@ -41,8 +42,8 @@ import jakarta.ws.rs.core.Response.Status;
/**
* Resource containing calls for retrieving and signing OpenVSX publisher agreements.
*/
-@Authenticated
@Path("publisher_agreement")
+@RolesAllowed(OpenVSXParameters.DEFAULT_ACCESS_ROLE)
public class PublisherAgreementResource {
private static final String NOT_FOUND_MSG_FORMAT = "Unable to find agreement for user: %s";
diff --git a/src/test/java/org/eclipsefoundation/openvsx/resources/ProfileResourceTest.java b/src/test/java/org/eclipsefoundation/openvsx/resources/ProfileResourceTest.java
index 6f13fd66578db3cd793164ee56792679268f293d..58fe3a1030352daeb22a0aceb865dc0325a07952 100644
--- a/src/test/java/org/eclipsefoundation/openvsx/resources/ProfileResourceTest.java
+++ b/src/test/java/org/eclipsefoundation/openvsx/resources/ProfileResourceTest.java
@@ -14,8 +14,8 @@ package org.eclipsefoundation.openvsx.resources;
import java.util.Map;
import java.util.Optional;
+import org.eclipsefoundation.openvsx.namespace.OpenVSXParameters;
import org.eclipsefoundation.openvsx.test.helpers.SchemaNamespaceHelper;
-import org.eclipsefoundation.testing.helpers.AuthHelper;
import org.eclipsefoundation.testing.helpers.TestCaseHelper;
import org.eclipsefoundation.testing.models.EndpointTestBuilder;
import org.eclipsefoundation.testing.models.EndpointTestCase;
@@ -37,19 +37,19 @@ class ProfileResourceTest {
* GET CURRENT USER
*/
@Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
void testGetProfile_success() {
EndpointTestBuilder.from(GET_CURRENT_SUCCESS).run();
}
@Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
void testGetProfile_success_validateResponseFormat() {
EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckFormat().run();
}
@Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
void testGetProfile_success_validateSchema() {
EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckSchema().run();
}
@@ -70,4 +70,16 @@ class ProfileResourceTest {
.build())
.run();
}
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = "user")
+ void testGetProfile_failure_noValidRole() {
+ EndpointTestBuilder
+ .from(TestCaseHelper
+ .prepareTestCase(BASE_URL, new String[] {}, null)
+ .setStatusCode(403)
+ .setHeaderParams(Optional.of(Map.of("Authorization", "Bearer token1")))
+ .build())
+ .run();
+ }
}
diff --git a/src/test/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResourceTest.java b/src/test/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResourceTest.java
index 5f8d34f964c0ab691cbe9a7cca5b93ad8c15d796..50259dbaadc7e37e2ffa69deb3bc08cf026d5b32 100644
--- a/src/test/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResourceTest.java
+++ b/src/test/java/org/eclipsefoundation/openvsx/resources/PublisherAgreementResourceTest.java
@@ -15,8 +15,8 @@ import java.util.Map;
import java.util.Optional;
import org.eclipsefoundation.openvsx.models.AgreementSigningRequest;
+import org.eclipsefoundation.openvsx.namespace.OpenVSXParameters;
import org.eclipsefoundation.openvsx.test.helpers.SchemaNamespaceHelper;
-import org.eclipsefoundation.testing.helpers.AuthHelper;
import org.eclipsefoundation.testing.helpers.TestCaseHelper;
import org.eclipsefoundation.testing.models.EndpointTestBuilder;
import org.eclipsefoundation.testing.models.EndpointTestCase;
@@ -32,248 +32,269 @@ import jakarta.inject.Inject;
@QuarkusTest
class PublisherAgreementResourceTest {
- public static final String BASE_URL = "publisher_agreement";
- public static final String USER_URL = BASE_URL + "/{efusername}";
-
- public static final String FAKEUSER_PROFILE = "fakeuser";
- public static final String OTHERUSER_PROFILE = "otheruser";
- public static final String NODOC_PROFILE = "nodoc";
-
- public static final Optional<Map<String, Object>> invalidCreds = Optional.of(Map.of("Authorization", "Bearer token1"));
-
- public static final EndpointTestCase GET_CURRENT_SUCCESS = TestCaseHelper
- .prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
- .build();
-
- public static final EndpointTestCase GET_CURRENT_NOT_FOUND = TestCaseHelper
- .prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
- .setStatusCode(404)
- .build();
-
- public static final EndpointTestCase BAD_CREDS = TestCaseHelper
- .prepareTestCase(BASE_URL, new String[] {}, null)
- .setStatusCode(401)
- .setHeaderParams(invalidCreds)
- .build();
-
- public static final EndpointTestCase POST_CURRENT_CONFLICT = TestCaseHelper
- .prepareTestCase(BASE_URL, new String[] {}, null)
- .setStatusCode(409)
- .build();
-
- public static final EndpointTestCase POST_CURRENT_INVALID_HANDLE = TestCaseHelper
- .prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
- .setStatusCode(400)
- .build();
-
- public static final EndpointTestCase GET_USER_SUCCESS = TestCaseHelper
- .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
- .build();
-
- public static final EndpointTestCase GET_USER_NOT_FOUND = TestCaseHelper
- .prepareTestCase(USER_URL, new String[] { "name" }, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
- .setStatusCode(404)
- .build();
-
- public static final EndpointTestCase FOR_USER_BAD_CREDS = TestCaseHelper
- .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
- .setStatusCode(401)
- .setHeaderParams(invalidCreds)
- .build();
-
- public static final EndpointTestCase REVOKE_SUCCESS = TestCaseHelper
- .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
- .setStatusCode(204)
- .build();
-
- public static final EndpointTestCase REVOKE_NO_DOC = TestCaseHelper
- .prepareTestCase(USER_URL, new String[] { "name" }, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
- .setStatusCode(404)
- .build();
-
- public static final EndpointTestCase REVOKE_INVALID_USER = TestCaseHelper
- .prepareTestCase(USER_URL, new String[] { "other" }, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
- .setStatusCode(403)
- .setResponseContentType(ContentType.JSON)
- .build();
-
- @Inject
- ObjectMapper mapper;
-
- /*
- * GET CURRENT USER
- */
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_currentUser_success() {
- EndpointTestBuilder.from(GET_CURRENT_SUCCESS).run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_currentUser_success_validateResponseFormat() {
- EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckFormat().run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_currentUser_success_validateSchema() {
- EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckSchema().run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_currentUser_failure_notFound() {
- EndpointTestBuilder.from(GET_CURRENT_NOT_FOUND).run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_currentUser_failure_notFound_validateResponseFormat() {
- EndpointTestBuilder.from(GET_CURRENT_NOT_FOUND).andCheckFormat().run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_currentUser_failure_notFound_validateSchema() {
- EndpointTestBuilder.from(GET_CURRENT_NOT_FOUND).andCheckSchema().run();
- }
-
- @Test
- void testGet_currentUser_failure_badCreds() {
- EndpointTestBuilder.from(BAD_CREDS).run();
- }
-
- /*
- * POST CURRENT USER
- */
- @Test
- @TestSecurity(user = NODOC_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testPost_currentUser_success() {
- EndpointTestBuilder
- .from(TestCaseHelper
- .prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
- .build())
- .doPost(generateSigningSample("nodoc"))
- .run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testPost_currentUser_conflict() {
- EndpointTestBuilder.from(POST_CURRENT_CONFLICT).doPost(generateSigningSample("fakeuser")).run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testPost_currentUser_conflict_validateResponseFormat() {
- EndpointTestBuilder.from(POST_CURRENT_CONFLICT).doPost(generateSigningSample("fakeuser")).andCheckFormat().run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testPost_currentUser_conflict_validateSchema() {
- EndpointTestBuilder.from(POST_CURRENT_CONFLICT).doPost(generateSigningSample("fakeuser")).andCheckFormat().run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testPost_currentUser_failure_invalidHandle() {
- EndpointTestBuilder.from(POST_CURRENT_INVALID_HANDLE).doPost(generateSigningSample("otheruser")).run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testPost_currentUser_failure_invalidHandle_validateFormat() {
- EndpointTestBuilder.from(POST_CURRENT_INVALID_HANDLE).doPost(generateSigningSample("otheruser")).andCheckFormat().run();
- }
-
- @Test
- void testPost_currentUser_failure_badCreds() {
- EndpointTestBuilder.from(BAD_CREDS).doPost(generateSigningSample("fakeuser")).run();
- }
-
- /*
- * GET FOR USER
- */
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_getForUser_success() {
- EndpointTestBuilder.from(GET_USER_SUCCESS).run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_geFortUser_success_validateResponseFormat() {
- EndpointTestBuilder.from(GET_USER_SUCCESS).andCheckFormat().run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_getForUser_success_validateSchema() {
- EndpointTestBuilder.from(GET_USER_SUCCESS).andCheckSchema().run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_getForUser_failure_notFound() {
- EndpointTestBuilder.from(GET_USER_NOT_FOUND).run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_getForUser_failure_notFound_validateResponseFormat() {
- EndpointTestBuilder.from(GET_USER_NOT_FOUND).andCheckFormat().run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testGet_getForUser_failure_notFound_validateSchema() {
- EndpointTestBuilder.from(GET_USER_NOT_FOUND).andCheckSchema().run();
- }
-
- @Test
- void testGet_getForUser_failure_badCreds() {
- EndpointTestBuilder.from(FOR_USER_BAD_CREDS).run();
- }
-
- /*
- * DELETE FOR USER
- */
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testDelete_deleteForUser_success() {
- EndpointTestBuilder.from(REVOKE_SUCCESS).doDelete(null).run();
- }
-
- @Test
- @TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testDelete_deleteForUser_failure_invalidUser() {
- EndpointTestBuilder.from(REVOKE_INVALID_USER).doDelete(null).run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testDelete_deleteForUser_failure_noDoc() {
- EndpointTestBuilder.from(REVOKE_NO_DOC).doDelete(null).run();
- }
-
- @Test
- @TestSecurity(user = OTHERUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
- void testDelete_deleteForUser_failure_noDoc_validateSchema() {
- EndpointTestBuilder.from(REVOKE_NO_DOC).doDelete(null).andCheckSchema().run();
- }
-
- @Test
- void testDelete_deleteForUser_failure_badCreds() {
- EndpointTestBuilder.from(FOR_USER_BAD_CREDS).run();
- }
-
- private String generateSigningSample(String ghHandle) {
- try {
- return mapper.writeValueAsString(new AgreementSigningRequest("1", ghHandle));
- } catch (JsonProcessingException e) {
- throw new RuntimeException(e);
- }
+ public static final String BASE_URL = "publisher_agreement";
+ public static final String USER_URL = BASE_URL + "/{efusername}";
+
+ public static final String FAKEUSER_PROFILE = "fakeuser";
+ public static final String OTHERUSER_PROFILE = "otheruser";
+ public static final String NODOC_PROFILE = "nodoc";
+
+ public static final Optional<Map<String, Object>> invalidCreds = Optional.of(Map.of("Authorization", "Bearer token1"));
+
+ public static final EndpointTestCase GET_CURRENT_SUCCESS = TestCaseHelper
+ .prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
+ .build();
+
+ public static final EndpointTestCase GET_CURRENT_NOT_FOUND = TestCaseHelper
+ .prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
+ .setStatusCode(404)
+ .build();
+
+ public static final EndpointTestCase BAD_CREDS = TestCaseHelper
+ .prepareTestCase(BASE_URL, new String[] {}, null)
+ .setStatusCode(401)
+ .setHeaderParams(invalidCreds)
+ .build();
+
+ public static final EndpointTestCase POST_CURRENT_CONFLICT = TestCaseHelper
+ .prepareTestCase(BASE_URL, new String[] {}, null)
+ .setStatusCode(409)
+ .build();
+
+ public static final EndpointTestCase POST_CURRENT_INVALID_HANDLE = TestCaseHelper
+ .prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
+ .setStatusCode(400)
+ .build();
+
+ public static final EndpointTestCase GET_USER_SUCCESS = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
+ .build();
+
+ public static final EndpointTestCase GET_USER_NOT_FOUND = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "name" }, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
+ .setStatusCode(404)
+ .build();
+
+ public static final EndpointTestCase FOR_USER_BAD_CREDS = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
+ .setStatusCode(401)
+ .setHeaderParams(invalidCreds)
+ .build();
+
+ public static final EndpointTestCase FOR_USER_BAD_ROLE = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
+ .setStatusCode(403)
+ .setHeaderParams(invalidCreds)
+ .build();
+
+ public static final EndpointTestCase REVOKE_SUCCESS = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH)
+ .setStatusCode(204)
+ .build();
+
+ public static final EndpointTestCase REVOKE_NO_DOC = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "name" }, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
+ .setStatusCode(404)
+ .build();
+
+ public static final EndpointTestCase REVOKE_INVALID_USER = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "other" }, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
+ .setStatusCode(403)
+ .setResponseContentType(ContentType.JSON)
+ .build();
+ public static final EndpointTestCase REVOKE_INVALID_ROLE = TestCaseHelper
+ .prepareTestCase(USER_URL, new String[] { "fakeuser" }, SchemaNamespaceHelper.ERROR_SCHEMA_PATH)
+ .setStatusCode(403)
+ .setResponseContentType(ContentType.JSON)
+ .build();
+
+ @Inject
+ ObjectMapper mapper;
+
+ /*
+ * GET CURRENT USER
+ */
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_currentUser_success() {
+ EndpointTestBuilder.from(GET_CURRENT_SUCCESS).run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_currentUser_success_validateResponseFormat() {
+ EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckFormat().run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_currentUser_success_validateSchema() {
+ EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckSchema().run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_currentUser_failure_notFound() {
+ EndpointTestBuilder.from(GET_CURRENT_NOT_FOUND).run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_currentUser_failure_notFound_validateResponseFormat() {
+ EndpointTestBuilder.from(GET_CURRENT_NOT_FOUND).andCheckFormat().run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_currentUser_failure_notFound_validateSchema() {
+ EndpointTestBuilder.from(GET_CURRENT_NOT_FOUND).andCheckSchema().run();
+ }
+
+ @Test
+ void testGet_currentUser_failure_badCreds() {
+ EndpointTestBuilder.from(BAD_CREDS).run();
+ }
+
+ /*
+ * POST CURRENT USER
+ */
+ @Test
+ @TestSecurity(user = NODOC_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testPost_currentUser_success() {
+ EndpointTestBuilder
+ .from(TestCaseHelper.prepareTestCase(BASE_URL, new String[] {}, SchemaNamespaceHelper.PUBLISHER_AGREEMENT_SCHEMA_PATH).build())
+ .doPost(generateSigningSample("nodoc"))
+ .run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testPost_currentUser_conflict() {
+ EndpointTestBuilder.from(POST_CURRENT_CONFLICT).doPost(generateSigningSample("fakeuser")).run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testPost_currentUser_conflict_validateResponseFormat() {
+ EndpointTestBuilder.from(POST_CURRENT_CONFLICT).doPost(generateSigningSample("fakeuser")).andCheckFormat().run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testPost_currentUser_conflict_validateSchema() {
+ EndpointTestBuilder.from(POST_CURRENT_CONFLICT).doPost(generateSigningSample("fakeuser")).andCheckFormat().run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testPost_currentUser_failure_invalidHandle() {
+ EndpointTestBuilder.from(POST_CURRENT_INVALID_HANDLE).doPost(generateSigningSample("otheruser")).run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testPost_currentUser_failure_invalidHandle_validateFormat() {
+ EndpointTestBuilder.from(POST_CURRENT_INVALID_HANDLE).doPost(generateSigningSample("otheruser")).andCheckFormat().run();
+ }
+
+ @Test
+ void testPost_currentUser_failure_badCreds() {
+ EndpointTestBuilder.from(BAD_CREDS).doPost(generateSigningSample("fakeuser")).run();
+ }
+
+ /*
+ * GET FOR USER
+ */
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_getForUser_success() {
+ EndpointTestBuilder.from(GET_USER_SUCCESS).run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_geFortUser_success_validateResponseFormat() {
+ EndpointTestBuilder.from(GET_USER_SUCCESS).andCheckFormat().run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_getForUser_success_validateSchema() {
+ EndpointTestBuilder.from(GET_USER_SUCCESS).andCheckSchema().run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_getForUser_failure_notFound() {
+ EndpointTestBuilder.from(GET_USER_NOT_FOUND).run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_getForUser_failure_notFound_validateResponseFormat() {
+ EndpointTestBuilder.from(GET_USER_NOT_FOUND).andCheckFormat().run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testGet_getForUser_failure_notFound_validateSchema() {
+ EndpointTestBuilder.from(GET_USER_NOT_FOUND).andCheckSchema().run();
+ }
+
+ @Test
+ void testGet_getForUser_failure_badCreds() {
+ EndpointTestBuilder.from(FOR_USER_BAD_CREDS).run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = "profile")
+ void testGet_getForUser_failure_noValidRole() {
+ EndpointTestBuilder.from(FOR_USER_BAD_ROLE).run();
+ }
+
+ /*
+ * DELETE FOR USER
+ */
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testDelete_deleteForUser_success() {
+ EndpointTestBuilder.from(REVOKE_SUCCESS).doDelete(null).run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testDelete_deleteForUser_failure_invalidUser() {
+ EndpointTestBuilder.from(REVOKE_INVALID_USER).doDelete(null).run();
+ }
+
+ @Test
+ @TestSecurity(user = FAKEUSER_PROFILE, roles = "role")
+ void testDelete_deleteForUser_failure_invalidRole() {
+ EndpointTestBuilder.from(REVOKE_INVALID_ROLE).doDelete(null).run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testDelete_deleteForUser_failure_noDoc() {
+ EndpointTestBuilder.from(REVOKE_NO_DOC).doDelete(null).run();
+ }
+
+ @Test
+ @TestSecurity(user = OTHERUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
+ void testDelete_deleteForUser_failure_noDoc_validateSchema() {
+ EndpointTestBuilder.from(REVOKE_NO_DOC).doDelete(null).andCheckSchema().run();
+ }
+
+ @Test
+ void testDelete_deleteForUser_failure_badCreds() {
+ EndpointTestBuilder.from(FOR_USER_BAD_CREDS).run();
+ }
+
+ private String generateSigningSample(String ghHandle) {
+ try {
+ return mapper.writeValueAsString(new AgreementSigningRequest("1", ghHandle));
+ } catch (JsonProcessingException e) {
+ throw new RuntimeException(e);
}
+ }
}