@Test
  public void crestPatchIsAllowed() throws SSOException, DelegationException {
    // Given...
    final Set<String> actions = new HashSet<>(Arrays.asList("MODIFY"));
    final DelegationPermission permission =
        new DelegationPermission(
            "/abc", "rest", "1.0", "policies", "modify", actions, EXTENSIONS, DUMB_FUNC);
    given(factory.newInstance("/abc", "rest", "1.0", "policies", "modify", actions, EXTENSIONS))
        .willReturn(permission);

    given(subjectContext.getCallerSSOToken()).willReturn(token);
    given(evaluator.isAllowed(eq(token), eq(permission), eq(ENVIRONMENT))).willReturn(true);

    JsonValue jsonValue = json(object(field("someKey", "someValue")));
    Promise<ResourceResponse, ResourceException> promise =
        Promises.newResultPromise(Responses.newResourceResponse("1", "1.0", jsonValue));
    given(provider.patchInstance(isA(Context.class), eq("123"), isA(PatchRequest.class)))
        .willReturn(promise);

    // When...
    final FilterChain chain = AuthorizationFilters.createAuthorizationFilter(provider, module);
    final Router router = new Router();
    router.addRoute(RoutingMode.STARTS_WITH, Router.uriTemplate("/policies"), chain);

    final RealmContext context = new RealmContext(subjectContext);
    context.setSubRealm("abc", "abc");
    final PatchRequest request =
        Requests.newPatchRequest("/policies/123", PatchOperation.add("abc", "123"));
    Promise<ResourceResponse, ResourceException> result = router.handlePatch(context, request);

    // Then...
    assertThat(result).succeeded().withContent().stringAt("someKey").isEqualTo("someValue");
  }
예제 #2
0
  @Test
  public void testResource() throws Exception {
    ScriptName scriptName = new ScriptName("resource", getLanguageName());
    ScriptEntry scriptEntry = getScriptRegistry().takeScript(scriptName);
    Assert.assertNotNull(scriptEntry);

    Script script = scriptEntry.getScript(new RootContext());
    // Set RequestLevel Scope
    script.put("ketto", 2);
    script.putSafe("callback", mock(Function.class));

    JsonValue createContent = new JsonValue(new LinkedHashMap<String, Object>());
    createContent.put("externalId", "701984");
    createContent.put("userName", "*****@*****.**");
    createContent.put(
        "assignedDashboard", Arrays.asList("Salesforce", "Google", "ConstantContact"));
    createContent.put("displayName", "Babs Jensen");
    createContent.put("nickName", "Babs");

    JsonValue updateContent = createContent.copy();
    updateContent.put("_id", UUID.randomUUID().toString());
    updateContent.put("profileUrl", "https://login.example.com/bjensen");

    final Context context =
        new ApiInfoContext(
            new SecurityContext(new RootContext(), "*****@*****.**", null), "", "");
    script.put("context", context);

    CreateRequest createRequest = Requests.newCreateRequest("/Users", "701984", createContent);
    script.put("createRequest", createRequest);
    ReadRequest readRequest = Requests.newReadRequest("/Users/701984");
    script.put("readRequest", readRequest);
    UpdateRequest updateRequest = Requests.newUpdateRequest("/Users/701984", updateContent);
    script.put("updateRequest", updateRequest);
    PatchRequest patchRequest =
        Requests.newPatchRequest("/Users/701984", PatchOperation.replace("userName", "ddoe"));
    script.put("patchRequest", patchRequest);
    QueryRequest queryRequest = Requests.newQueryRequest("/Users/");
    script.put("queryRequest", queryRequest);
    DeleteRequest deleteRequest = Requests.newDeleteRequest("/Users/701984");
    script.put("deleteRequest", deleteRequest);
    ActionRequest actionRequest = Requests.newActionRequest("/Users", "clear");
    script.put("actionRequest", actionRequest);
    script.eval();
  }
  void doPatch(final HttpServletRequest req, final HttpServletResponse resp) {
    try {
      // Parse out the required API versions.
      final AcceptAPIVersion acceptVersion = parseAcceptAPIVersion(req);

      // Prepare response.
      prepareResponse(req, resp);

      // Validate request.
      preprocessRequest(req);
      if (req.getHeader(HEADER_IF_NONE_MATCH) != null) {
        // FIXME: i18n
        throw new PreconditionFailedException(
            "Use of If-None-Match not supported for PATCH requests");
      }

      final Map<String, String[]> parameters = req.getParameterMap();
      final PatchRequest request =
          Requests.newPatchRequest(getResourceName(req)).setRevision(getIfMatch(req));
      request.getPatchOperations().addAll(getJsonPatchContent(req));
      for (final Map.Entry<String, String[]> p : parameters.entrySet()) {
        final String name = p.getKey();
        final String[] values = p.getValue();
        if (HttpUtils.isMultiPartRequest(req.getContentType())) {
          // Ignore - multipart content adds form parts to the parameter set
        } else if (parseCommonParameter(name, values, request)) {
          continue;
        } else {
          request.setAdditionalParameter(name, asSingleValue(name, values));
        }
      }
      doRequest(req, resp, acceptVersion, request);
    } catch (final Exception e) {
      fail(req, resp, e);
    }
  }