Add tests + static namespace vars for property names for opt resources

9e39c9dd · Martin Lowe · 1208a5b2 · 9e39c9dd · 9e39c9dd · 9e39c9dd
Commit 9e39c9dd authored Jun 15, 2022 by Martin Lowe 🇨🇦
--- a/core/src/main/java/org/eclipsefoundation/core/request/OptionalPathFilter.java
+++ b/core/src/main/java/org/eclipsefoundation/core/request/OptionalPathFilter.java
@@ -32,26 +32,31 @@ public class OptionalPathFilter implements ContainerRequestFilter {

    @Override
    public void filter(ContainerRequestContext requestContext) throws IOException {
-        if (optionalResourcesEnabled.get()) {
-            // check annotation on target endpoint to be sure that endpoint is enabled
-            Method m = ((PostMatchContainerRequestContext) requestContext).getResourceMethod().getMethod();
-            OptionalPath opt = m.getAnnotation(OptionalPath.class);
-            if (opt != null) {
-                // get the specified config value fresh and check that it is enabled, or enabled by default if missing
-                Optional<Boolean> configValue = ConfigProvider.getConfig().getOptionalValue(opt.value(), Boolean.class);
-                if (configValue.isPresent() && configValue.get()) {
-                    LOGGER.trace("Request to '{}' enabled by config, allowing call",
-                            requestContext.getUriInfo().getAbsolutePath());
-                } else if (configValue.isEmpty() && opt.enabledByDefault()) {
-                    LOGGER.trace("Request to '{}' enabled by default, allowing call",
-                            requestContext.getUriInfo().getAbsolutePath());
-                } else {
-                    LOGGER.trace("Request to '{}' rejected as endpoint is not enabled",
-                            requestContext.getUriInfo().getAbsolutePath());
-                    // abort with 404 as we should hide that this exists
-                    requestContext.abortWith(Response.status(404).build());
-                }
+        // check annotation on target endpoint to be sure that endpoint is enabled
+        Method m = ((PostMatchContainerRequestContext) requestContext).getResourceMethod().getMethod();
+        OptionalPath opt = m.getAnnotation(OptionalPath.class);
+        if (opt != null) {
+            if (!optionalResourcesEnabled.get()) {
+                LOGGER.trace("Request to '{}' rejected as optional resources are not enabled",
+                        requestContext.getUriInfo().getAbsolutePath());
+                // abort with 404 as we should hide that this exists
+                requestContext.abortWith(Response.status(404).build());
+            }
+            // get the specified config value fresh and check that it is enabled, or enabled by default if missing
+            Optional<Boolean> configValue = ConfigProvider.getConfig().getOptionalValue(opt.value(), Boolean.class);
+            if (configValue.isPresent() && configValue.get()) {
+                LOGGER.trace("Request to '{}' enabled by config, allowing call",
+                        requestContext.getUriInfo().getAbsolutePath());
+            } else if (configValue.isEmpty() && opt.enabledByDefault()) {
+                LOGGER.trace("Request to '{}' enabled by default, allowing call",
+                        requestContext.getUriInfo().getAbsolutePath());
+            } else {
+                LOGGER.trace("Request to '{}' rejected as endpoint is not enabled",
+                        requestContext.getUriInfo().getAbsolutePath());
+                // abort with 404 as we should hide that this exists
+                requestContext.abortWith(Response.status(404).build());
            }
        }
+
    }
 }
--- a/core/src/main/java/org/eclipsefoundation/core/resource/CacheResource.java
+++ b/core/src/main/java/org/eclipsefoundation/core/resource/CacheResource.java
@@ -20,6 +20,7 @@ import javax.ws.rs.core.Response;

 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.eclipsefoundation.core.namespace.MicroprofilePropertyNames;
 import org.eclipsefoundation.core.namespace.OptionalPath;
 import org.eclipsefoundation.core.service.CachingService;
 import org.eclipsefoundation.core.service.CachingService.ParameterizedCacheKey;
@@ -52,7 +53,7 @@ public class CacheResource {
    @GET
    @Path("keys")
    @Produces(MediaType.TEXT_HTML)
-    @OptionalPath("eclipse.cache.resource.enabled")
+    @OptionalPath(MicroprofilePropertyNames.CACHE_RESOURCE_ENABLED)
    public Response getCaches(@QueryParam("key") String passedKey) {
        if (shouldBlockCacheRequest(passedKey)) {
            return Response.status(403).build();
@@ -66,7 +67,7 @@ public class CacheResource {

    @POST
    @Path("{cacheKey}/clear")
-    @OptionalPath("eclipse.cache.resource.enabled")
+    @OptionalPath(MicroprofilePropertyNames.CACHE_RESOURCE_ENABLED)
    public Response clearForKey(@PathParam("cacheKey") String cacheKey, @QueryParam("key") String passedKey,
            Map<String, List<String>> params) {
        if (shouldBlockCacheRequest(passedKey)) {

--- a/core/src/test/java/org/eclipsefoundation/core/resource/CacheResourceDisabledTest.java
+++ b/core/src/test/java/org/eclipsefoundation/core/resource/CacheResourceDisabledTest.java
+package org.eclipsefoundation.core.resource;
+
+import static io.restassured.RestAssured.given;
+
+import java.util.UUID;
+
+import javax.inject.Inject;
+
+import org.eclipsefoundation.core.resource.CacheResource.InstanceCacheResourceKey;
+import org.junit.jupiter.api.Test;
+
+import io.quarkus.test.junit.QuarkusTest;
+
+@QuarkusTest
+public class CacheResourceDisabledTest {
+
+    @Inject
+    InstanceCacheResourceKey key;
+
+    @Test
+    void cacheUI_protected() {
+        given().when().get("/caches/keys").then().statusCode(404);
+    }
+
+    @Test
+    void cacheUI_returnsMissingWithKeyValues() {
+        given().when().get("/caches/keys?key={key}", UUID.randomUUID().toString()).then().statusCode(404);
+        given().when().get("/caches/keys?key={key}", key.key).then().statusCode(404);
+    }
+}
--- a/core/src/test/java/org/eclipsefoundation/core/resource/CacheResourceTest.java
+++ b/core/src/test/java/org/eclipsefoundation/core/resource/CacheResourceTest.java
+package org.eclipsefoundation.core.resource;
+
+import static io.restassured.RestAssured.given;
+
+import java.util.UUID;
+
+import javax.inject.Inject;
+
+import org.eclipsefoundation.core.resource.CacheResource.InstanceCacheResourceKey;
+import org.eclipsefoundation.core.test.OptionalResourceEnabledTestProfile;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+import io.quarkus.arc.Arc;
+import io.quarkus.test.junit.QuarkusTest;
+import io.quarkus.test.junit.TestProfile;
+
+@QuarkusTest
+@TestProfile(OptionalResourceEnabledTestProfile.class)
+public class CacheResourceTest {
+
+    @Inject
+    InstanceCacheResourceKey key;
+
+    @Test
+    void resourceSecuringKey_changesEachCreation() {
+        InstanceCacheResourceKey k = new InstanceCacheResourceKey();
+        InstanceCacheResourceKey k2 = new InstanceCacheResourceKey();
+        Assertions.assertNotEquals(k.key, k2.key);
+    }
+
+    @Test
+    void resourceSecuringKey_availableThroughCDI() {
+        Assertions.assertNotNull(key.key);
+    }
+
+    @Test
+    void resourceSecuringKey_sharedLifecycle() {
+        // check that key doesn't change across calls
+        InstanceCacheResourceKey keyCdiRef = Arc.container().instance(InstanceCacheResourceKey.class).get();
+        Assertions.assertEquals(keyCdiRef.key, key.key);
+    }
+
+    @Test
+    void cacheUI_protected() {
+        given().when().get("/caches/keys").then().statusCode(403);
+    }
+
+    @Test
+    void cacheUI_usesInstanceKey() {
+        given().when().get("/caches/keys?key={key}", UUID.randomUUID().toString()).then().statusCode(403);
+        given().when().get("/caches/keys?key={key}", key.key).then().statusCode(200);
+    }
+}
--- a/core/src/test/java/org/eclipsefoundation/core/test/OptionalResourceEnabledTestProfile.java
+++ b/core/src/test/java/org/eclipsefoundation/core/test/OptionalResourceEnabledTestProfile.java
+package org.eclipsefoundation.core.test;
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.eclipsefoundation.core.namespace.MicroprofilePropertyNames;
+
+import io.quarkus.test.junit.QuarkusTestProfile;
+
+/**
+ * 
+ * @author Martin Lowe
+ */
+public class OptionalResourceEnabledTestProfile implements QuarkusTestProfile {
+
+    // private immutable copy of the configs for auth state
+    private static final Map<String, String> CONFIG_OVERRIDES;
+    static {
+        Map<String, String> tmp = new HashMap<>();
+        tmp.put(MicroprofilePropertyNames.OPTIONAL_RESOURCES_ENABLED, "true");
+        tmp.put(MicroprofilePropertyNames.CACHE_RESOURCE_ENABLED, "true");
+        CONFIG_OVERRIDES = Collections.unmodifiableMap(tmp);
+    }
+
+    @Override
+    public Map<String, String> getConfigOverrides() {
+        return CONFIG_OVERRIDES;
+    }
+}