@Test public void mgmtCreateAndGetApplication() throws Exception { OrganizationInfo orgInfo = setup.getMgmtSvc().getOrganizationByName("test-organization"); Map<String, String> data = new HashMap<String, String>(); data.put("name", "mgmt-org-app"); // POST /applications JsonNode appdata = resource() .path("/management/orgs/" + orgInfo.getUuid() + "/applications") .queryParam("access_token", adminToken()) .accept(MediaType.APPLICATION_JSON) .type(MediaType.APPLICATION_JSON_TYPE) .post(JsonNode.class, data); logNode(appdata); appdata = getEntity(appdata, 0); assertEquals("test-organization/mgmt-org-app", appdata.get("name").asText()); assertEquals( "Roles", appdata.get("metadata").get("collections").get("roles").get("title").asText()); assertEquals(3, appdata.get("metadata").get("collections").get("roles").get("count").asInt()); // GET /applications/mgmt-org-app appdata = resource() .path("/management/orgs/" + orgInfo.getUuid() + "/applications/mgmt-org-app") .queryParam("access_token", adminToken()) .accept(MediaType.APPLICATION_JSON) .type(MediaType.APPLICATION_JSON_TYPE) .get(JsonNode.class); logNode(appdata); assertEquals("test-organization", appdata.get("organization").asText()); assertEquals("mgmt-org-app", appdata.get("applicationName").asText()); assertEquals( "http://sometestvalue/test-organization/mgmt-org-app", appdata.get("uri").getTextValue()); appdata = getEntity(appdata, 0); assertEquals("test-organization/mgmt-org-app", appdata.get("name").asText()); assertEquals( "Roles", appdata.get("metadata").get("collections").get("roles").get("title").asText()); assertEquals(3, appdata.get("metadata").get("collections").get("roles").get("count").asInt()); }
@Override public ApplicationInfo createSampleFor(OrganizationInfo organizationInfo) throws ApplicationCreationException { Preconditions.checkArgument(organizationInfo != null, "OrganizationInfo was null"); Preconditions.checkArgument(organizationInfo.getUuid() != null, "OrganizationInfo had no UUID"); logger.info("create sample app {} in: {}", sampleAppName, organizationInfo.getName()); UUID appId = null; try { appId = managementService.createApplication(organizationInfo.getUuid(), sampleAppName).getId(); } catch (Exception ex) { throw new ApplicationCreationException( "'" + sampleAppName + "' could not be created for organization: " + organizationInfo.getUuid(), ex); } logger.info("granting permissions for: {} in: {}", sampleAppName, organizationInfo.getName()); // grant access to all default collections with groups EntityManager em = entityManagerFactory.getEntityManager(appId); try { em.grantRolePermissions("guest", Arrays.asList("get,post,put,delete:/**")); em.grantRolePermissions("default", Arrays.asList("get,put,post,delete:/**")); } catch (Exception ex) { throw new ApplicationCreationException( "Could not grant permissions to guest for default collections in '" + sampleAppName + "'", ex); } // re-load the applicationinfo so the correct name is set try { return managementService.getApplicationInfo(appId); } catch (Exception ex) { throw new ApplicationCreationException("Could not load new Application.", ex); } }
@POST @Path("collection/{collection_name}/export") @Consumes(APPLICATION_JSON) @RequireOrganizationAccess public Response exportPostJson( @Context UriInfo ui, @PathParam("collection_name") String collection_name, Map<String, Object> json, @QueryParam("callback") @DefaultValue("") String callback) throws OAuthSystemException { UsergridAwsCredentials uac = new UsergridAwsCredentials(); UUID jobUUID = null; String colExport = collection_name; Map<String, String> uuidRet = new HashMap<String, String>(); Map<String, Object> properties; Map<String, Object> storage_info; try { // checkJsonExportProperties(json); if ((properties = (Map<String, Object>) json.get("properties")) == null) { throw new NullArgumentException("Could not find 'properties'"); } storage_info = (Map<String, Object>) properties.get("storage_info"); String storage_provider = (String) properties.get("storage_provider"); if (storage_provider == null) { throw new NullArgumentException("Could not find field 'storage_provider'"); } if (storage_info == null) { throw new NullArgumentException("Could not find field 'storage_info'"); } String bucketName = (String) storage_info.get("bucket_location"); String accessId = (String) storage_info.get("s3_access_id"); String secretKey = (String) storage_info.get("s3_key"); if (accessId == null) { throw new NullArgumentException("Could not find field 's3_access_id'"); } if (secretKey == null) { throw new NullArgumentException("Could not find field 's3_key'"); } if (bucketName == null) { throw new NullArgumentException("Could not find field 'bucketName'"); } json.put("organizationId", organization.getUuid()); json.put("applicationId", applicationId); json.put("collectionName", colExport); jobUUID = exportService.schedule(json); uuidRet.put("Export Entity", jobUUID.toString()); } catch (NullArgumentException e) { return Response.status(SC_BAD_REQUEST) .type(JSONPUtils.jsonMediaType(callback)) .entity(ServiceResource.wrapWithCallback(e.getMessage(), callback)) .build(); } catch (Exception e) { // TODO: throw descriptive error message and or include on in the response // TODO: fix below, it doesn't work if there is an exception. // Make it look like the OauthResponse. OAuthResponse errorMsg = OAuthResponse.errorResponse(SC_INTERNAL_SERVER_ERROR) .setErrorDescription(e.getMessage()) .buildJSONMessage(); return Response.status(errorMsg.getResponseStatus()) .type(JSONPUtils.jsonMediaType(callback)) .entity(ServiceResource.wrapWithCallback(errorMsg.getBody(), callback)) .build(); } return Response.status(SC_ACCEPTED).entity(uuidRet).build(); }
/** Test that admins can't view organizations they're not authorized to view. */ @Test public void crossOrgsNotViewable() throws Exception { OrganizationOwnerInfo orgInfo = setup .getMgmtSvc() .createOwnerAndOrganization( "crossOrgsNotViewable", "crossOrgsNotViewable", "TestName", "*****@*****.**", "password"); // check that the test admin cannot access the new org info Status status = null; try { resource() .path(String.format("/management/orgs/%s", orgInfo.getOrganization().getName())) .queryParam("access_token", adminAccessToken) .accept(MediaType.APPLICATION_JSON) .type(MediaType.APPLICATION_JSON_TYPE) .get(JsonNode.class); } catch (UniformInterfaceException uie) { status = uie.getResponse().getClientResponseStatus(); } assertNotNull(status); assertEquals(Status.UNAUTHORIZED, status); status = null; try { resource() .path(String.format("/management/orgs/%s", orgInfo.getOrganization().getUuid())) .queryParam("access_token", adminAccessToken) .accept(MediaType.APPLICATION_JSON) .type(MediaType.APPLICATION_JSON_TYPE) .get(JsonNode.class); } catch (UniformInterfaceException uie) { status = uie.getResponse().getClientResponseStatus(); } assertNotNull(status); assertEquals(Status.UNAUTHORIZED, status); // this admin should have access to test org status = null; try { resource() .path("/management/orgs/test-organization") .queryParam("access_token", adminAccessToken) .accept(MediaType.APPLICATION_JSON) .type(MediaType.APPLICATION_JSON_TYPE) .get(JsonNode.class); } catch (UniformInterfaceException uie) { status = uie.getResponse().getClientResponseStatus(); } assertNull(status); OrganizationInfo org = setup.getMgmtSvc().getOrganizationByName("test-organization"); status = null; try { resource() .path(String.format("/management/orgs/%s", org.getUuid())) .queryParam("access_token", adminAccessToken) .accept(MediaType.APPLICATION_JSON) .type(MediaType.APPLICATION_JSON_TYPE) .get(JsonNode.class); } catch (UniformInterfaceException uie) { status = uie.getResponse().getClientResponseStatus(); } assertNull(status); }