Skip to content
Snippets Groups Projects
Commit b52fa156 authored by Martin Lowe's avatar Martin Lowe :flag_ca:
Browse files

fix: Add required role to the endpoint calls

parent 1a95ce67
No related branches found
No related tags found
No related merge requests found
Pipeline #74547 failed
/*********************************************************************
* Copyright (c) 2025 Eclipse Foundation.
*
* This program and the accompanying materials are made
* available under the terms of the Eclipse Public License 2.0
* which is available at https://www.eclipse.org/legal/epl-2.0/
*
* SPDX-License-Identifier: EPL-2.0
**********************************************************************/
package org.eclipsefoundation.openvsx.namespace;
/**
*
*/
public class OpenVSXParameters {
public static final String DEFAULT_ACCESS_ROLE = "openvsx_publisher_agreement";
private OpenVSXParameters() {}
}
......@@ -15,15 +15,16 @@ import java.util.Arrays;
import org.eclipsefoundation.efservices.services.ProfileService;
import org.eclipsefoundation.http.exception.ApplicationException;
import org.eclipsefoundation.openvsx.namespace.OpenVSXParameters;
import io.quarkus.security.Authenticated;
import io.quarkus.security.identity.SecurityIdentity;
import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.Path;
import jakarta.ws.rs.core.Response;
@Authenticated
@Path("profile")
@RolesAllowed(OpenVSXParameters.DEFAULT_ACCESS_ROLE)
public class ProfileResource {
private final ProfileService profile;
......
......@@ -21,12 +21,13 @@ import org.eclipsefoundation.http.exception.ApplicationException;
import org.eclipsefoundation.openvsx.config.PublisherAgreementConfig;
import org.eclipsefoundation.openvsx.models.AgreementSigningRequest;
import org.eclipsefoundation.openvsx.models.PublisherAgreementData;
import org.eclipsefoundation.openvsx.namespace.OpenVSXParameters;
import org.eclipsefoundation.openvsx.services.FoundationOperationService;
import org.eclipsefoundation.openvsx.services.PublisherAgreementService;
import org.eclipsefoundation.utils.exception.FinalForbiddenException;
import io.quarkus.security.Authenticated;
import io.quarkus.security.identity.SecurityIdentity;
import jakarta.annotation.security.RolesAllowed;
import jakarta.ws.rs.BadRequestException;
import jakarta.ws.rs.DELETE;
import jakarta.ws.rs.GET;
......@@ -41,8 +42,8 @@ import jakarta.ws.rs.core.Response.Status;
/**
* Resource containing calls for retrieving and signing OpenVSX publisher agreements.
*/
@Authenticated
@Path("publisher_agreement")
@RolesAllowed(OpenVSXParameters.DEFAULT_ACCESS_ROLE)
public class PublisherAgreementResource {
private static final String NOT_FOUND_MSG_FORMAT = "Unable to find agreement for user: %s";
......
......@@ -14,8 +14,8 @@ package org.eclipsefoundation.openvsx.resources;
import java.util.Map;
import java.util.Optional;
import org.eclipsefoundation.openvsx.namespace.OpenVSXParameters;
import org.eclipsefoundation.openvsx.test.helpers.SchemaNamespaceHelper;
import org.eclipsefoundation.testing.helpers.AuthHelper;
import org.eclipsefoundation.testing.helpers.TestCaseHelper;
import org.eclipsefoundation.testing.models.EndpointTestBuilder;
import org.eclipsefoundation.testing.models.EndpointTestCase;
......@@ -37,19 +37,19 @@ class ProfileResourceTest {
* GET CURRENT USER
*/
@Test
@TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
@TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
void testGetProfile_success() {
EndpointTestBuilder.from(GET_CURRENT_SUCCESS).run();
}
@Test
@TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
@TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
void testGetProfile_success_validateResponseFormat() {
EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckFormat().run();
}
@Test
@TestSecurity(user = FAKEUSER_PROFILE, roles = AuthHelper.DEFAULT_ROLE)
@TestSecurity(user = FAKEUSER_PROFILE, roles = OpenVSXParameters.DEFAULT_ACCESS_ROLE)
void testGetProfile_success_validateSchema() {
EndpointTestBuilder.from(GET_CURRENT_SUCCESS).andCheckSchema().run();
}
......@@ -70,4 +70,16 @@ class ProfileResourceTest {
.build())
.run();
}
@Test
@TestSecurity(user = FAKEUSER_PROFILE, roles = "user")
void testGetProfile_failure_noValidRole() {
EndpointTestBuilder
.from(TestCaseHelper
.prepareTestCase(BASE_URL, new String[] {}, null)
.setStatusCode(403)
.setHeaderParams(Optional.of(Map.of("Authorization", "Bearer token1")))
.build())
.run();
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment