@Test
public void crestPatchIsAllowed() throws SSOException, DelegationException {
// Given...
final Set<String> actions = new HashSet<>(Arrays.asList("MODIFY"));
final DelegationPermission permission =
new DelegationPermission(
"/abc", "rest", "1.0", "policies", "modify", actions, EXTENSIONS, DUMB_FUNC);
given(factory.newInstance("/abc", "rest", "1.0", "policies", "modify", actions, EXTENSIONS))
.willReturn(permission);
given(subjectContext.getCallerSSOToken()).willReturn(token);
given(evaluator.isAllowed(eq(token), eq(permission), eq(ENVIRONMENT))).willReturn(true);
JsonValue jsonValue = json(object(field("someKey", "someValue")));
Promise<ResourceResponse, ResourceException> promise =
Promises.newResultPromise(Responses.newResourceResponse("1", "1.0", jsonValue));
given(provider.patchInstance(isA(Context.class), eq("123"), isA(PatchRequest.class)))
.willReturn(promise);
// When...
final FilterChain chain = AuthorizationFilters.createAuthorizationFilter(provider, module);
final Router router = new Router();
router.addRoute(RoutingMode.STARTS_WITH, Router.uriTemplate("/policies"), chain);
final RealmContext context = new RealmContext(subjectContext);
context.setSubRealm("abc", "abc");
final PatchRequest request =
Requests.newPatchRequest("/policies/123", PatchOperation.add("abc", "123"));
Promise<ResourceResponse, ResourceException> result = router.handlePatch(context, request);
// Then...
assertThat(result).succeeded().withContent().stringAt("someKey").isEqualTo("someValue");
}
@Test
public void testResource() throws Exception {
ScriptName scriptName = new ScriptName("resource", getLanguageName());
ScriptEntry scriptEntry = getScriptRegistry().takeScript(scriptName);
Assert.assertNotNull(scriptEntry);
Script script = scriptEntry.getScript(new RootContext());
// Set RequestLevel Scope
script.put("ketto", 2);
script.putSafe("callback", mock(Function.class));
JsonValue createContent = new JsonValue(new LinkedHashMap<String, Object>());
createContent.put("externalId", "701984");
createContent.put("userName", "*****@*****.**");
createContent.put(
"assignedDashboard", Arrays.asList("Salesforce", "Google", "ConstantContact"));
createContent.put("displayName", "Babs Jensen");
createContent.put("nickName", "Babs");
JsonValue updateContent = createContent.copy();
updateContent.put("_id", UUID.randomUUID().toString());
updateContent.put("profileUrl", "https://login.example.com/bjensen");
final Context context =
new ApiInfoContext(
new SecurityContext(new RootContext(), "*****@*****.**", null), "", "");
script.put("context", context);
CreateRequest createRequest = Requests.newCreateRequest("/Users", "701984", createContent);
script.put("createRequest", createRequest);
ReadRequest readRequest = Requests.newReadRequest("/Users/701984");
script.put("readRequest", readRequest);
UpdateRequest updateRequest = Requests.newUpdateRequest("/Users/701984", updateContent);
script.put("updateRequest", updateRequest);
PatchRequest patchRequest =
Requests.newPatchRequest("/Users/701984", PatchOperation.replace("userName", "ddoe"));
script.put("patchRequest", patchRequest);
QueryRequest queryRequest = Requests.newQueryRequest("/Users/");
script.put("queryRequest", queryRequest);
DeleteRequest deleteRequest = Requests.newDeleteRequest("/Users/701984");
script.put("deleteRequest", deleteRequest);
ActionRequest actionRequest = Requests.newActionRequest("/Users", "clear");
script.put("actionRequest", actionRequest);
script.eval();
}
void doPatch(final HttpServletRequest req, final HttpServletResponse resp) {
try {
// Parse out the required API versions.
final AcceptAPIVersion acceptVersion = parseAcceptAPIVersion(req);
// Prepare response.
prepareResponse(req, resp);
// Validate request.
preprocessRequest(req);
if (req.getHeader(HEADER_IF_NONE_MATCH) != null) {
// FIXME: i18n
throw new PreconditionFailedException(
"Use of If-None-Match not supported for PATCH requests");
}
final Map<String, String[]> parameters = req.getParameterMap();
final PatchRequest request =
Requests.newPatchRequest(getResourceName(req)).setRevision(getIfMatch(req));
request.getPatchOperations().addAll(getJsonPatchContent(req));
for (final Map.Entry<String, String[]> p : parameters.entrySet()) {
final String name = p.getKey();
final String[] values = p.getValue();
if (HttpUtils.isMultiPartRequest(req.getContentType())) {
// Ignore - multipart content adds form parts to the parameter set
} else if (parseCommonParameter(name, values, request)) {
continue;
} else {
request.setAdditionalParameter(name, asSingleValue(name, values));
}
}
doRequest(req, resp, acceptVersion, request);
} catch (final Exception e) {
fail(req, resp, e);
}
}