mirror of
https://github.com/DSpace/DSpace.git
synced 2025-10-07 01:54:22 +00:00
Merge pull request #2993 from atmire/w2p-73207_Download-permission-features
Features endpoint: Download/RequestACopy features
This commit is contained in:
Tim Donohue
@@ -0,0 +1,51 @@
|
||||
/**
|
||||
* The contents of this file are subject to the license and copyright
|
||||
* detailed in the LICENSE and NOTICE files at the root of the source
|
||||
* tree and available online at
|
||||
*
|
||||
* http://www.dspace.org/license/
|
||||
*/
|
||||
package org.dspace.app.rest.authorization.impl;
|
||||
|
||||
import java.sql.SQLException;
|
||||
|
||||
import org.dspace.app.rest.authorization.AuthorizationFeature;
|
||||
import org.dspace.app.rest.authorization.AuthorizationFeatureDocumentation;
|
||||
import org.dspace.app.rest.authorization.AuthorizeServiceRestUtil;
|
||||
import org.dspace.app.rest.model.BaseObjectRest;
|
||||
import org.dspace.app.rest.model.BitstreamRest;
|
||||
import org.dspace.app.rest.security.DSpaceRestPermission;
|
||||
import org.dspace.core.Context;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* The download bitstream feature. It can be used to verify if a bitstream can be downloaded.
|
||||
*
|
||||
* Authorization is granted if the current user has READ permissions on the given bitstream.
|
||||
*/
|
||||
@Component
|
||||
@AuthorizationFeatureDocumentation(name = DownloadFeature.NAME,
|
||||
description = "It can be used to verify if the user can download a bitstream")
|
||||
public class DownloadFeature implements AuthorizationFeature {
|
||||
|
||||
public final static String NAME = "canDownload";
|
||||
|
||||
@Autowired
|
||||
private AuthorizeServiceRestUtil authorizeServiceRestUtil;
|
||||
|
||||
@Override
|
||||
public boolean isAuthorized(Context context, BaseObjectRest object) throws SQLException {
|
||||
if (object instanceof BitstreamRest) {
|
||||
return authorizeServiceRestUtil.authorizeActionBoolean(context, object, DSpaceRestPermission.READ);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String[] getSupportedTypes() {
|
||||
return new String[]{
|
||||
BitstreamRest.CATEGORY + "." + BitstreamRest.NAME,
|
||||
};
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,117 @@
|
||||
/**
|
||||
* The contents of this file are subject to the license and copyright
|
||||
* detailed in the LICENSE and NOTICE files at the root of the source
|
||||
* tree and available online at
|
||||
*
|
||||
* http://www.dspace.org/license/
|
||||
*/
|
||||
package org.dspace.app.rest.authorization.impl;
|
||||
|
||||
import java.sql.SQLException;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.dspace.app.rest.authorization.AuthorizationFeature;
|
||||
import org.dspace.app.rest.authorization.AuthorizationFeatureDocumentation;
|
||||
import org.dspace.app.rest.model.BaseObjectRest;
|
||||
import org.dspace.app.rest.model.BitstreamRest;
|
||||
import org.dspace.app.rest.model.ItemRest;
|
||||
import org.dspace.authorize.service.AuthorizeService;
|
||||
import org.dspace.content.Bitstream;
|
||||
import org.dspace.content.Bundle;
|
||||
import org.dspace.content.DSpaceObject;
|
||||
import org.dspace.content.Item;
|
||||
import org.dspace.content.service.BitstreamService;
|
||||
import org.dspace.content.service.ItemService;
|
||||
import org.dspace.core.Constants;
|
||||
import org.dspace.core.Context;
|
||||
import org.dspace.eperson.EPerson;
|
||||
import org.dspace.services.ConfigurationService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* The can request a copy feature. It can be used to verify if a copy can be requested of a bitstream or of a bitstream
|
||||
* in an item.
|
||||
*
|
||||
* Authorization is granted for a bitstream if the user has no access to the bitstream
|
||||
* and the bistream is part of an archived item.
|
||||
* Authorization is granted for an item if the user has no access to a bitstream in the item, and the item is archived.
|
||||
*/
|
||||
@Component
|
||||
@AuthorizationFeatureDocumentation(name = RequestCopyFeature.NAME,
|
||||
description = "It can be used to verify if the user can request a copy of a bitstream")
|
||||
public class RequestCopyFeature implements AuthorizationFeature {
|
||||
|
||||
Logger log = Logger.getLogger(RequestCopyFeature.class);
|
||||
|
||||
public final static String NAME = "canRequestACopy";
|
||||
|
||||
@Autowired
|
||||
private AuthorizeService authorizeService;
|
||||
|
||||
@Autowired
|
||||
private ItemService itemService;
|
||||
|
||||
@Autowired
|
||||
private BitstreamService bitstreamService;
|
||||
|
||||
@Autowired
|
||||
private ConfigurationService configurationService;
|
||||
|
||||
@Override
|
||||
public boolean isAuthorized(Context context, BaseObjectRest object) throws SQLException {
|
||||
String requestType = configurationService.getProperty("request.item.type");
|
||||
if (StringUtils.isBlank(requestType)) {
|
||||
return false;
|
||||
} else if (StringUtils.equalsIgnoreCase(requestType, "logged")) {
|
||||
EPerson currentUser = context.getCurrentUser();
|
||||
if (currentUser == null) {
|
||||
return false;
|
||||
}
|
||||
} else if (!StringUtils.equalsIgnoreCase(requestType, "all")) {
|
||||
log.warn("The configuration parameter \"request.item.type\" contains an invalid value.");
|
||||
return false;
|
||||
}
|
||||
if (object instanceof ItemRest) {
|
||||
ItemRest itemRest = (ItemRest) object;
|
||||
String id = itemRest.getId();
|
||||
Item item = itemService.find(context, UUID.fromString(id));
|
||||
if (!item.isArchived()) {
|
||||
return false;
|
||||
}
|
||||
List<Bundle> bunds = itemService.getBundles(item, Constants.DEFAULT_BUNDLE_NAME);
|
||||
|
||||
for (Bundle bund : bunds) {
|
||||
List<Bitstream> bitstreams = bund.getBitstreams();
|
||||
for (Bitstream bitstream : bitstreams) {
|
||||
boolean authorized = authorizeService.authorizeActionBoolean(context, bitstream, Constants.READ);
|
||||
if (!authorized) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
} else if (object instanceof BitstreamRest) {
|
||||
BitstreamRest bitstreamRest = (BitstreamRest) object;
|
||||
Bitstream bitstream = bitstreamService.find(context, UUID.fromString(bitstreamRest.getId()));
|
||||
|
||||
DSpaceObject parentObject = bitstreamService.getParentObject(context, bitstream);
|
||||
if (parentObject instanceof Item) {
|
||||
if (((Item) parentObject).isArchived()) {
|
||||
return !authorizeService.authorizeActionBoolean(context, bitstream, Constants.READ);
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String[] getSupportedTypes() {
|
||||
return new String[]{
|
||||
ItemRest.CATEGORY + "." + ItemRest.NAME,
|
||||
BitstreamRest.CATEGORY + "." + BitstreamRest.NAME,
|
||||
};
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,305 @@
|
||||
/**
|
||||
* The contents of this file are subject to the license and copyright
|
||||
* detailed in the LICENSE and NOTICE files at the root of the source
|
||||
* tree and available online at
|
||||
*
|
||||
* http://www.dspace.org/license/
|
||||
*/
|
||||
package org.dspace.app.rest.authorization;
|
||||
|
||||
import static org.hamcrest.Matchers.contains;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
import java.io.InputStream;
|
||||
|
||||
import org.apache.commons.codec.CharEncoding;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.dspace.app.rest.authorization.impl.DownloadFeature;
|
||||
import org.dspace.app.rest.converter.BitstreamConverter;
|
||||
import org.dspace.app.rest.converter.CollectionConverter;
|
||||
import org.dspace.app.rest.converter.ItemConverter;
|
||||
import org.dspace.app.rest.matcher.AuthorizationMatcher;
|
||||
import org.dspace.app.rest.model.BitstreamRest;
|
||||
import org.dspace.app.rest.model.CollectionRest;
|
||||
import org.dspace.app.rest.model.ItemRest;
|
||||
import org.dspace.app.rest.projection.Projection;
|
||||
import org.dspace.app.rest.test.AbstractControllerIntegrationTest;
|
||||
import org.dspace.app.rest.utils.Utils;
|
||||
import org.dspace.authorize.service.ResourcePolicyService;
|
||||
import org.dspace.builder.BitstreamBuilder;
|
||||
import org.dspace.builder.CollectionBuilder;
|
||||
import org.dspace.builder.CommunityBuilder;
|
||||
import org.dspace.builder.ItemBuilder;
|
||||
import org.dspace.content.Bitstream;
|
||||
import org.dspace.content.Collection;
|
||||
import org.dspace.content.Community;
|
||||
import org.dspace.content.Item;
|
||||
import org.dspace.core.Constants;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
||||
public class DownloadFeatureIT extends AbstractControllerIntegrationTest {
|
||||
|
||||
@Autowired
|
||||
private AuthorizationFeatureService authorizationFeatureService;
|
||||
|
||||
@Autowired
|
||||
private ResourcePolicyService resourcePolicyService;
|
||||
|
||||
@Autowired
|
||||
private CollectionConverter collectionConverter;
|
||||
|
||||
@Autowired
|
||||
private ItemConverter itemConverter;
|
||||
|
||||
@Autowired
|
||||
private BitstreamConverter bitstreamConverter;
|
||||
|
||||
|
||||
@Autowired
|
||||
private Utils utils;
|
||||
|
||||
private AuthorizationFeature downloadFeature;
|
||||
|
||||
private Collection collectionA;
|
||||
private Item itemA;
|
||||
private Bitstream bitstreamA;
|
||||
private Bitstream bitstreamB;
|
||||
|
||||
@Override
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
super.setUp();
|
||||
context.turnOffAuthorisationSystem();
|
||||
downloadFeature = authorizationFeatureService.find(DownloadFeature.NAME);
|
||||
|
||||
String bitstreamContent = "Dummy content";
|
||||
|
||||
Community communityA = CommunityBuilder.createCommunity(context).build();
|
||||
collectionA = CollectionBuilder.createCollection(context, communityA).withLogo("Blub").build();
|
||||
|
||||
itemA = ItemBuilder.createItem(context, collectionA).build();
|
||||
|
||||
try (InputStream is = IOUtils.toInputStream(bitstreamContent, CharEncoding.UTF_8)) {
|
||||
bitstreamA = BitstreamBuilder.createBitstream(context, itemA, is)
|
||||
.withName("Bitstream")
|
||||
.withDescription("Description")
|
||||
.withMimeType("text/plain")
|
||||
.build();
|
||||
bitstreamB = BitstreamBuilder.createBitstream(context, itemA, is)
|
||||
.withName("Bitstream2")
|
||||
.withDescription("Description2")
|
||||
.withMimeType("text/plain")
|
||||
.build();
|
||||
}
|
||||
resourcePolicyService.removePolicies(context, bitstreamB, Constants.READ);
|
||||
|
||||
|
||||
context.restoreAuthSystemState();
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void downloadOfCollectionAAsAdmin() throws Exception {
|
||||
CollectionRest collectionRest = collectionConverter.convert(collectionA, Projection.DEFAULT);
|
||||
String collectionUri = utils.linkToSingleResource(collectionRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", collectionUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfItemAAsAdmin() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemA, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfBitstreamAAsAdmin() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamA, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
Authorization authorizationFeature = new Authorization(admin, downloadFeature, bitstreamRest);
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature)))));
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfBitstreamBAsAdmin() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
Authorization authorizationFeature = new Authorization(admin, downloadFeature, bitstreamRest);
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature)))));
|
||||
|
||||
}
|
||||
|
||||
|
||||
// Tests for anonymous user
|
||||
@Test
|
||||
public void downloadOfCollectionAAsAnonymous() throws Exception {
|
||||
CollectionRest collectionRest = collectionConverter.convert(collectionA, Projection.DEFAULT);
|
||||
String collectionUri = utils.linkToSingleResource(collectionRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", collectionUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfItemAAsAnonymous() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemA, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfBitstreamAAsAnonymous() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamA, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
Authorization authorizationFeature = new Authorization(null, downloadFeature, bitstreamRest);
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature)))));
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfBitstreamBAsAnonymous() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
// Test for Eperson
|
||||
@Test
|
||||
public void downloadOfCollectionAAsEperson() throws Exception {
|
||||
CollectionRest collectionRest = collectionConverter.convert(collectionA, Projection.DEFAULT);
|
||||
String collectionUri = utils.linkToSingleResource(collectionRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", collectionUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfItemAAsEperson() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemA, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfBitstreamAAsEperson() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamA, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
Authorization authorizationFeature = new Authorization(eperson, downloadFeature, bitstreamRest);
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature)))));
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void downloadOfBitstreamBAsEperson() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", downloadFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,553 @@
|
||||
/**
|
||||
* The contents of this file are subject to the license and copyright
|
||||
* detailed in the LICENSE and NOTICE files at the root of the source
|
||||
* tree and available online at
|
||||
*
|
||||
* http://www.dspace.org/license/
|
||||
*/
|
||||
package org.dspace.app.rest.authorization;
|
||||
|
||||
import static org.hamcrest.Matchers.contains;
|
||||
import static org.hamcrest.Matchers.greaterThan;
|
||||
import static org.hamcrest.Matchers.is;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
|
||||
import java.io.InputStream;
|
||||
|
||||
import org.apache.commons.codec.CharEncoding;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.dspace.app.rest.authorization.impl.RequestCopyFeature;
|
||||
import org.dspace.app.rest.converter.BitstreamConverter;
|
||||
import org.dspace.app.rest.converter.CollectionConverter;
|
||||
import org.dspace.app.rest.converter.ItemConverter;
|
||||
import org.dspace.app.rest.matcher.AuthorizationMatcher;
|
||||
import org.dspace.app.rest.model.BitstreamRest;
|
||||
import org.dspace.app.rest.model.CollectionRest;
|
||||
import org.dspace.app.rest.model.ItemRest;
|
||||
import org.dspace.app.rest.projection.Projection;
|
||||
import org.dspace.app.rest.test.AbstractControllerIntegrationTest;
|
||||
import org.dspace.app.rest.utils.Utils;
|
||||
import org.dspace.authorize.service.ResourcePolicyService;
|
||||
import org.dspace.builder.BitstreamBuilder;
|
||||
import org.dspace.builder.CollectionBuilder;
|
||||
import org.dspace.builder.CommunityBuilder;
|
||||
import org.dspace.builder.ItemBuilder;
|
||||
import org.dspace.builder.WorkspaceItemBuilder;
|
||||
import org.dspace.content.Bitstream;
|
||||
import org.dspace.content.Collection;
|
||||
import org.dspace.content.Community;
|
||||
import org.dspace.content.Item;
|
||||
import org.dspace.content.WorkspaceItem;
|
||||
import org.dspace.core.Constants;
|
||||
import org.dspace.services.ConfigurationService;
|
||||
import org.hamcrest.Matchers;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
||||
public class RequestCopyFeatureIT extends AbstractControllerIntegrationTest {
|
||||
|
||||
@Autowired
|
||||
private AuthorizationFeatureService authorizationFeatureService;
|
||||
|
||||
@Autowired
|
||||
ResourcePolicyService resourcePolicyService;
|
||||
|
||||
@Autowired
|
||||
private CollectionConverter collectionConverter;
|
||||
|
||||
@Autowired
|
||||
private ItemConverter itemConverter;
|
||||
|
||||
@Autowired
|
||||
private BitstreamConverter bitstreamConverter;
|
||||
|
||||
@Autowired
|
||||
private ConfigurationService configurationService;
|
||||
|
||||
|
||||
@Autowired
|
||||
private Utils utils;
|
||||
|
||||
|
||||
private AuthorizationFeature requestCopyFeature;
|
||||
|
||||
private Collection collectionA;
|
||||
private Item itemA;
|
||||
private Bitstream bitstreamA;
|
||||
private Bitstream bitstreamB;
|
||||
|
||||
private Item itemInWorkSpace;
|
||||
private Bitstream bitstreamFromWorkSpaceItem;
|
||||
|
||||
private Bitstream bitstreamFromCollection;
|
||||
|
||||
|
||||
@Override
|
||||
@Before
|
||||
public void setUp() throws Exception {
|
||||
super.setUp();
|
||||
|
||||
configurationService.setProperty("request.item.type", "all");
|
||||
|
||||
context.turnOffAuthorisationSystem();
|
||||
requestCopyFeature = authorizationFeatureService.find(RequestCopyFeature.NAME);
|
||||
|
||||
String bitstreamContent = "Dummy content";
|
||||
|
||||
Community communityA = CommunityBuilder.createCommunity(context).build();
|
||||
collectionA = CollectionBuilder.createCollection(context, communityA).withLogo("Blub").build();
|
||||
bitstreamFromCollection = collectionA.getLogo();
|
||||
|
||||
itemA = ItemBuilder.createItem(context, collectionA).build();
|
||||
|
||||
try (InputStream is = IOUtils.toInputStream(bitstreamContent, CharEncoding.UTF_8)) {
|
||||
bitstreamA = BitstreamBuilder.createBitstream(context, itemA, is)
|
||||
.withName("Bitstream")
|
||||
.withDescription("Description")
|
||||
.withMimeType("text/plain")
|
||||
.build();
|
||||
bitstreamB = BitstreamBuilder.createBitstream(context, itemA, is)
|
||||
.withName("Bitstream2")
|
||||
.withDescription("Description2")
|
||||
.withMimeType("text/plain")
|
||||
.build();
|
||||
WorkspaceItem workspaceItem = WorkspaceItemBuilder.createWorkspaceItem(context, collectionA)
|
||||
.withFulltext("Test", "source", is)
|
||||
.build();
|
||||
itemInWorkSpace = workspaceItem.getItem();
|
||||
bitstreamFromWorkSpaceItem = itemInWorkSpace.getBundles("ORIGINAL").get(0).getBitstreams().get(0);
|
||||
}
|
||||
resourcePolicyService.removePolicies(context, bitstreamB, Constants.READ);
|
||||
|
||||
|
||||
context.restoreAuthSystemState();
|
||||
}
|
||||
|
||||
|
||||
@Test
|
||||
public void requestCopyOnCollectionAAsAdmin() throws Exception {
|
||||
CollectionRest collectionRest = collectionConverter.convert(collectionA, Projection.DEFAULT);
|
||||
String collectionUri = utils.linkToSingleResource(collectionRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", collectionUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnItemAAsAdmin() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemA, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnItemInWorkSpaceAsAdmin() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemInWorkSpace, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamAAsAdmin() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamA, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamBAsAdmin() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamFromWorkSpaceItemAsAdmin() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamFromWorkSpaceItem, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamFromCollectionAsAdmin() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamFromCollection, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(admin.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
|
||||
// Tests for anonymous user
|
||||
@Test
|
||||
public void requestCopyOnCollectionAAsAnonymous() throws Exception {
|
||||
CollectionRest collectionRest = collectionConverter.convert(collectionA, Projection.DEFAULT);
|
||||
String collectionUri = utils.linkToSingleResource(collectionRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", collectionUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnItemAAsAnonymous() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemA, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
Authorization authorizationFeature = new Authorization(null, requestCopyFeature, itemRest);
|
||||
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature)))));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnItemInWorkSpaceAsAnonymous() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemInWorkSpace, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamAAsAnonymous() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamA, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamBAsAnonymous() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
Authorization authorizationFeature = new Authorization(null, requestCopyFeature, bitstreamRest);
|
||||
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature))))
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamFromWorkSpaceItemAsAnonymous() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamFromWorkSpaceItem, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamFromCollectionAsAnonymous() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamFromCollection, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
// Test for Eperson
|
||||
@Test
|
||||
public void requestCopyOnCollectionAAsEperson() throws Exception {
|
||||
CollectionRest collectionRest = collectionConverter.convert(collectionA, Projection.DEFAULT);
|
||||
String collectionUri = utils.linkToSingleResource(collectionRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", collectionUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnItemAAsEperson() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemA, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
Authorization authorizationFeature = new Authorization(eperson, requestCopyFeature, itemRest);
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature)))));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnItemInWorkSpaceAsEperson() throws Exception {
|
||||
ItemRest itemRest = itemConverter.convert(itemInWorkSpace, Projection.DEFAULT);
|
||||
String itemUri = utils.linkToSingleResource(itemRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", itemUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamAAsEperson() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamA, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamBAsEperson() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
Authorization authorizationFeature = new Authorization(eperson, requestCopyFeature, bitstreamRest);
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature))))
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamFromWorkSpaceItemAsEperson() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamFromWorkSpaceItem, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestCopyOnBitstreamFromCollectionAsEperson() throws Exception {
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamFromCollection, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
public void requestACopyItemTypeLoggedAsAnonymous() throws Exception {
|
||||
configurationService.setProperty("request.item.type", "logged");
|
||||
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void requestACopyItemTypeLoggedAsEperson() throws Exception {
|
||||
configurationService.setProperty("request.item.type", "logged");
|
||||
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
Authorization authorizationFeature = new Authorization(eperson, requestCopyFeature, bitstreamRest);
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", greaterThan(0)))
|
||||
.andExpect(jsonPath("$._embedded.authorizations", contains(
|
||||
Matchers.is(AuthorizationMatcher.matchAuthorization(authorizationFeature))))
|
||||
);
|
||||
}
|
||||
|
||||
public void requestACopyItemTypeEmptyAsAnonymous() throws Exception {
|
||||
configurationService.setProperty("request.item.type", "");
|
||||
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
public void requestACopyItemTypeEmptyAsEperson() throws Exception {
|
||||
configurationService.setProperty("request.item.type", "");
|
||||
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
public void requestACopyItemTypeBogusValueAsAnonymous() throws Exception {
|
||||
configurationService.setProperty("request.item.type", "invalid value");
|
||||
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
getClient().perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
|
||||
public void requestACopyItemTypeBogusValueAsEperson() throws Exception {
|
||||
configurationService.setProperty("request.item.type", "invalid value");
|
||||
|
||||
BitstreamRest bitstreamRest = bitstreamConverter.convert(bitstreamB, Projection.DEFAULT);
|
||||
String bitstreamUri = utils.linkToSingleResource(bitstreamRest, "self").getHref();
|
||||
|
||||
String token = getAuthToken(eperson.getEmail(), password);
|
||||
|
||||
getClient(token).perform(get("/api/authz/authorizations/search/object")
|
||||
.param("uri", bitstreamUri)
|
||||
.param("feature", requestCopyFeature.getName()))
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$.page.totalElements", is(0)))
|
||||
.andExpect(jsonPath("$._embedded").doesNotExist());
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user