From 6aa52dfcc56b8543f227f4ea70c3500d71424b57 Mon Sep 17 00:00:00 2001 From: AAJELLAL <128486125+AAJELLAL@users.noreply.github.com> Date: Wed, 29 May 2024 11:02:46 +0200 Subject: [PATCH] Handle elements access right. (#90) Signed-off-by: AAJELLAL --- .../explore/server/ExploreController.java | 12 +++- .../explore/server/ExploreException.java | 1 + .../RestResponseEntityExceptionHandler.java | 2 + .../server/dto/AccessRightsAttributes.java | 24 ------- .../explore/server/dto/ElementAttributes.java | 6 +- .../server/services/DirectoryService.java | 42 ++++++++++-- .../server/services/ExploreService.java | 48 ++++++------- .../gridsuite/explore/server/ExploreTest.java | 68 +++++++++++++------ .../explore/server/SupervisionTest.java | 4 +- 9 files changed, 124 insertions(+), 83 deletions(-) delete mode 100644 src/main/java/org/gridsuite/explore/server/dto/AccessRightsAttributes.java diff --git a/src/main/java/org/gridsuite/explore/server/ExploreController.java b/src/main/java/org/gridsuite/explore/server/ExploreController.java index 81d63b19..de057351 100644 --- a/src/main/java/org/gridsuite/explore/server/ExploreController.java +++ b/src/main/java/org/gridsuite/explore/server/ExploreController.java @@ -207,7 +207,11 @@ public ResponseEntity replaceFilterWithScript(@PathVariable("id") UUID id, @DeleteMapping(value = "/explore/elements/{elementUuid}") @Operation(summary = "Remove directory/element") - @ApiResponses(@ApiResponse(responseCode = "200", description = "Directory/element was successfully removed")) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "Directory/element was successfully removed"), + @ApiResponse(responseCode = "404", description = "Directory/element was not found"), + @ApiResponse(responseCode = "403", description = "Access forbidden for the directory/element") + }) public ResponseEntity deleteElement(@PathVariable("elementUuid") UUID elementUuid, @RequestHeader("userId") String userId) { exploreService.deleteElement(elementUuid, userId); @@ -216,7 +220,11 @@ public ResponseEntity deleteElement(@PathVariable("elementUuid") UUID elem @DeleteMapping(value = "/explore/elements/{directoryUuid}", params = "ids") @Operation(summary = "Remove directories/elements") - @ApiResponses(value = {@ApiResponse(responseCode = "200", description = "directories/elements was successfully removed")}) + @ApiResponses(value = { + @ApiResponse(responseCode = "200", description = "directories/elements was successfully removed"), + @ApiResponse(responseCode = "404", description = "At least one directory/element was not found"), + @ApiResponse(responseCode = "403", description = "Access forbidden for at least one directory/element") + }) public ResponseEntity deleteElements(@RequestParam("ids") List elementsUuid, @RequestHeader("userId") String userId, @PathVariable UUID directoryUuid) { diff --git a/src/main/java/org/gridsuite/explore/server/ExploreException.java b/src/main/java/org/gridsuite/explore/server/ExploreException.java index 5237a011..d041d3da 100644 --- a/src/main/java/org/gridsuite/explore/server/ExploreException.java +++ b/src/main/java/org/gridsuite/explore/server/ExploreException.java @@ -14,6 +14,7 @@ public class ExploreException extends RuntimeException { public enum Type { + NOT_FOUND, NOT_ALLOWED, UNKNOWN_ELEMENT_TYPE, REMOTE_ERROR, diff --git a/src/main/java/org/gridsuite/explore/server/RestResponseEntityExceptionHandler.java b/src/main/java/org/gridsuite/explore/server/RestResponseEntityExceptionHandler.java index d188e4d9..25a9983b 100644 --- a/src/main/java/org/gridsuite/explore/server/RestResponseEntityExceptionHandler.java +++ b/src/main/java/org/gridsuite/explore/server/RestResponseEntityExceptionHandler.java @@ -32,6 +32,8 @@ protected ResponseEntity handleExploreException(ExploreException excepti } ExploreException exploreException = exception; switch (exploreException.getType()) { + case NOT_FOUND: + return ResponseEntity.status(HttpStatus.NOT_FOUND).build(); case NOT_ALLOWED: return ResponseEntity.status(HttpStatus.FORBIDDEN).body(NOT_ALLOWED); case REMOTE_ERROR: diff --git a/src/main/java/org/gridsuite/explore/server/dto/AccessRightsAttributes.java b/src/main/java/org/gridsuite/explore/server/dto/AccessRightsAttributes.java deleted file mode 100644 index 64125ce5..00000000 --- a/src/main/java/org/gridsuite/explore/server/dto/AccessRightsAttributes.java +++ /dev/null @@ -1,24 +0,0 @@ -/** - * Copyright (c) 2021, RTE (http://www.rte-france.com) - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. - */ -package org.gridsuite.explore.server.dto; - -import lombok.AllArgsConstructor; -import lombok.Getter; -import lombok.NoArgsConstructor; -import lombok.Setter; - -/** - * @author Etienne Homer - */ - -@Getter -@Setter -@NoArgsConstructor -@AllArgsConstructor -public class AccessRightsAttributes { - private boolean isPrivate; -} diff --git a/src/main/java/org/gridsuite/explore/server/dto/ElementAttributes.java b/src/main/java/org/gridsuite/explore/server/dto/ElementAttributes.java index 5eb3ee8c..663eb188 100644 --- a/src/main/java/org/gridsuite/explore/server/dto/ElementAttributes.java +++ b/src/main/java/org/gridsuite/explore/server/dto/ElementAttributes.java @@ -26,8 +26,6 @@ public class ElementAttributes { private String type; - private AccessRightsAttributes accessRights; - private String owner; private Long subdirectoriesCount; @@ -36,7 +34,7 @@ public class ElementAttributes { private Map specificMetadata = new HashMap<>(); - public ElementAttributes(UUID elementUuid, String elementName, String type, AccessRightsAttributes accessRights, String owner, long subdirectoriesCount, String description) { - this(elementUuid, elementName, type, accessRights, owner, subdirectoriesCount, description, null); + public ElementAttributes(UUID elementUuid, String elementName, String type, String owner, long subdirectoriesCount, String description) { + this(elementUuid, elementName, type, owner, subdirectoriesCount, description, null); } } diff --git a/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java b/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java index 0523968c..498284bb 100644 --- a/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java +++ b/src/main/java/org/gridsuite/explore/server/services/DirectoryService.java @@ -11,12 +11,10 @@ import org.gridsuite.explore.server.utils.ParametersType; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.ParameterizedTypeReference; -import org.springframework.http.HttpEntity; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpMethod; -import org.springframework.http.MediaType; +import org.springframework.http.*; import org.springframework.stereotype.Service; import org.springframework.util.CollectionUtils; +import org.springframework.web.client.HttpStatusCodeException; import org.springframework.web.client.RestTemplate; import org.springframework.web.util.UriComponentsBuilder; @@ -42,6 +40,9 @@ public class DirectoryService implements IDirectoryElementsService { private static final String ELEMENTS_SERVER_ROOT_PATH = DELIMITER + DIRECTORY_SERVER_API_VERSION + DELIMITER + "elements"; + private static final String PARAM_IDS = "ids"; + private static final String PARAM_FOR_DELETION = "forDeletion"; + private final Map genericServices; private final RestTemplate restTemplate; private String directoryServerBaseUri; @@ -115,11 +116,42 @@ public void deleteDirectoryElement(UUID elementUuid, String userId) { restTemplate.exchange(directoryServerBaseUri + path, HttpMethod.DELETE, new HttpEntity<>(headers), Void.class); } + public void areDirectoryElementsDeletable(List elementUuids, String userId) { + var ids = elementUuids.stream().map(UUID::toString).collect(Collectors.joining(",")); + + HttpHeaders headers = new HttpHeaders(); + headers.add(HEADER_USER_ID, userId); + String path = UriComponentsBuilder + .fromPath(ELEMENTS_SERVER_ROOT_PATH) + .queryParam(PARAM_FOR_DELETION, true) + .queryParam(PARAM_IDS, ids) + .buildAndExpand() + .toUriString(); + + ResponseEntity response; + try { + response = restTemplate.exchange(directoryServerBaseUri + path, HttpMethod.HEAD, new HttpEntity<>(headers), Void.class); + + } catch (HttpStatusCodeException e) { + if (HttpStatus.FORBIDDEN.equals(e.getStatusCode())) { + throw new ExploreException(NOT_ALLOWED); + } else if (HttpStatus.NOT_FOUND.equals(e.getStatusCode())) { + throw new ExploreException(NOT_FOUND); + } else { + throw e; + } + } + + if (HttpStatus.NO_CONTENT.equals(response.getStatusCode())) { + throw new ExploreException(NOT_ALLOWED); + } + } + public void deleteElementsFromDirectory(List elementUuids, UUID parentDirectoryUuid, String userId) { var ids = elementUuids.stream().map(UUID::toString).collect(Collectors.joining(",")); String path = UriComponentsBuilder .fromPath(ELEMENTS_SERVER_ROOT_PATH) - .queryParam("ids", ids) + .queryParam(PARAM_IDS, ids) .queryParam("parentDirectoryUuid", parentDirectoryUuid) .buildAndExpand() .toUriString(); diff --git a/src/main/java/org/gridsuite/explore/server/services/ExploreService.java b/src/main/java/org/gridsuite/explore/server/services/ExploreService.java index f2137a37..60f44df3 100644 --- a/src/main/java/org/gridsuite/explore/server/services/ExploreService.java +++ b/src/main/java/org/gridsuite/explore/server/services/ExploreService.java @@ -38,13 +38,13 @@ public class ExploreService { static final String MODIFICATION = "MODIFICATION"; static final String DIRECTORY = "DIRECTORY"; - private DirectoryService directoryService; - private StudyService studyService; - private ContingencyListService contingencyListService; - private NetworkModificationService networkModificationService; - private FilterService filterService; - private CaseService caseService; - private ParametersService parametersService; + private final DirectoryService directoryService; + private final StudyService studyService; + private final ContingencyListService contingencyListService; + private final NetworkModificationService networkModificationService; + private final FilterService filterService; + private final CaseService caseService; + private final ParametersService parametersService; private static final Logger LOGGER = LoggerFactory.getLogger(ExploreService.class); @@ -67,7 +67,7 @@ public ExploreService( } public void createStudy(String studyName, CaseInfo caseInfo, String description, String userId, UUID parentDirectoryUuid, Map importParams, Boolean duplicateCase) { - ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), studyName, STUDY, null, userId, 0L, description); + ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), studyName, STUDY, userId, 0L, description); studyService.insertStudyWithExistingCaseFile(elementAttributes.getElementUuid(), userId, caseInfo.caseUuid(), caseInfo.caseFormat(), importParams, duplicateCase); directoryService.createElement(elementAttributes, parentDirectoryUuid, userId); } @@ -79,7 +79,7 @@ public void duplicateStudy(UUID sourceStudyUuid, UUID targetDirectoryId, String public void createCase(String caseName, MultipartFile caseFile, String description, String userId, UUID parentDirectoryUuid) { UUID uuid = caseService.importCase(caseFile); - directoryService.createElement(new ElementAttributes(uuid, caseName, CASE, null, userId, 0L, description), + directoryService.createElement(new ElementAttributes(uuid, caseName, CASE, userId, 0L, description), parentDirectoryUuid, userId); } @@ -89,8 +89,7 @@ public void duplicateCase(UUID sourceCaseUuid, UUID targetDirectoryId, String us } public void createScriptContingencyList(String listName, String content, String description, String userId, UUID parentDirectoryUuid) { - ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), listName, CONTINGENCY_LIST, - null, userId, 0L, description); + ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), listName, CONTINGENCY_LIST, userId, 0L, description); contingencyListService.insertScriptContingencyList(elementAttributes.getElementUuid(), content); directoryService.createElement(elementAttributes, parentDirectoryUuid, userId); } @@ -105,8 +104,7 @@ public void duplicateContingencyList(UUID contingencyListsId, UUID targetDirecto } public void createFormContingencyList(String listName, String content, String description, String userId, UUID parentDirectoryUuid) { - ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), listName, CONTINGENCY_LIST, - null, userId, 0L, description); + ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), listName, CONTINGENCY_LIST, userId, 0L, description); contingencyListService.insertFormContingencyList(elementAttributes.getElementUuid(), content); directoryService.createElement(elementAttributes, parentDirectoryUuid, userId); } @@ -117,7 +115,7 @@ public void newScriptFromFormContingencyList(UUID id, String scriptName, String throw new ExploreException(NOT_ALLOWED); } ElementAttributes newElementAttributes = new ElementAttributes(UUID.randomUUID(), scriptName, - CONTINGENCY_LIST, new AccessRightsAttributes(elementAttribute.getAccessRights().isPrivate()), userId, 0L, null); + CONTINGENCY_LIST, userId, 0L, null); contingencyListService.newScriptFromFormContingencyList(id, newElementAttributes.getElementUuid()); directoryService.createElement(newElementAttributes, parentDirectoryUuid, userId); } @@ -135,15 +133,13 @@ public void replaceFormContingencyListWithScript(UUID id, String userId) { } public void createIdentifierContingencyList(String listName, String content, String description, String userId, UUID parentDirectoryUuid) { - ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), listName, CONTINGENCY_LIST, - null, userId, 0L, description); + ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), listName, CONTINGENCY_LIST, userId, 0L, description); contingencyListService.insertIdentifierContingencyList(elementAttributes.getElementUuid(), content); directoryService.createElement(elementAttributes, parentDirectoryUuid, userId); } public void createFilter(String filter, String filterName, String description, UUID parentDirectoryUuid, String userId) { - ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), filterName, FILTER, - null, userId, 0, description); + ElementAttributes elementAttributes = new ElementAttributes(UUID.randomUUID(), filterName, FILTER, userId, 0, description); filterService.insertFilter(filter, elementAttributes.getElementUuid(), userId); directoryService.createElement(elementAttributes, parentDirectoryUuid, userId); } @@ -159,7 +155,7 @@ public void newScriptFromFilter(UUID filterId, String scriptName, String userId, throw new ExploreException(NOT_ALLOWED); } ElementAttributes newElementAttributes = new ElementAttributes(UUID.randomUUID(), scriptName, - FILTER, new AccessRightsAttributes(elementAttribute.getAccessRights().isPrivate()), userId, 0, null); + FILTER, userId, 0, null); filterService.insertNewScriptFromFilter(filterId, newElementAttributes.getElementUuid()); directoryService.createElement(newElementAttributes, parentDirectoryUuid, userId); } @@ -177,6 +173,9 @@ public void replaceFilterWithScript(UUID id, String userId) { } public void deleteElement(UUID id, String userId) { + // Verify if the user is allowed to delete the element. + // FIXME: to be deleted when it's properly handled by the gateway + directoryService.areDirectoryElementsDeletable(List.of(id), userId); try { directoryService.deleteElement(id, userId); directoryService.deleteDirectoryElement(id, userId); @@ -188,6 +187,10 @@ public void deleteElement(UUID id, String userId) { } public void deleteElementsFromDirectory(List uuids, UUID parentDirectoryUuids, String userId) { + + // Verify if the user is allowed to delete the elements. + // FIXME: to be deleted when it's properly handled by the gateway + directoryService.areDirectoryElementsDeletable(uuids, userId); try { uuids.forEach(id -> directoryService.deleteElement(id, userId)); // FIXME dirty fix to ignore errors and still delete the elements in the directory-server. To delete when handled properly. @@ -232,8 +235,7 @@ private String getProperPath(ContingencyListType contingencyListType) { public void createParameters(String parameters, ParametersType parametersType, String parametersName, UUID parentDirectoryUuid, String userId) { UUID parametersUuid = parametersService.createParameters(parameters, parametersType); - ElementAttributes elementAttributes = new ElementAttributes(parametersUuid, parametersName, parametersType.name(), - null, userId, 0, null); + ElementAttributes elementAttributes = new ElementAttributes(parametersUuid, parametersName, parametersType.name(), userId, 0, null); directoryService.createElement(elementAttributes, parentDirectoryUuid, userId); } @@ -260,8 +262,7 @@ public void createNetworkModifications(List modificationAttri final UUID newId = newModificationsUuids.get(m.getElementUuid()); if (newId != null) { // an Id may be null if a duplication could not succeed (ex: we provide a bad uuid) - ElementAttributes elementAttributes = new ElementAttributes(newId, m.getElementName(), MODIFICATION, - null, userId, 0L, m.getDescription()); + ElementAttributes elementAttributes = new ElementAttributes(newId, m.getElementName(), MODIFICATION, userId, 0L, m.getDescription()); directoryService.createElementWithNewName(elementAttributes, parentDirectoryUuid, userId, true); } }); @@ -274,5 +275,4 @@ public void duplicateNetworkModifications(UUID sourceId, UUID parentDirectoryUui // create corresponding directory element directoryService.duplicateElement(sourceId, newNetworkModification, parentDirectoryUuid, userId); } - } diff --git a/src/test/java/org/gridsuite/explore/server/ExploreTest.java b/src/test/java/org/gridsuite/explore/server/ExploreTest.java index 5903c4f2..8de61ae1 100644 --- a/src/test/java/org/gridsuite/explore/server/ExploreTest.java +++ b/src/test/java/org/gridsuite/explore/server/ExploreTest.java @@ -15,7 +15,6 @@ import okhttp3.mockwebserver.MockWebServer; import okhttp3.mockwebserver.RecordedRequest; import okio.Buffer; -import org.gridsuite.explore.server.dto.AccessRightsAttributes; import org.gridsuite.explore.server.dto.ElementAttributes; import org.gridsuite.explore.server.services.*; import org.gridsuite.explore.server.utils.ContingencyListType; @@ -65,6 +64,8 @@ public class ExploreTest { private static final UUID PARENT_DIRECTORY_UUID = UUID.randomUUID(); private static final UUID PARENT_DIRECTORY_WITH_ERROR_UUID = UUID.randomUUID(); private static final UUID PRIVATE_STUDY_UUID = UUID.randomUUID(); + private static final UUID FORBIDDEN_STUDY_UUID = UUID.randomUUID(); + private static final UUID NOT_FOUND_STUDY_UUID = UUID.randomUUID(); private static final UUID PUBLIC_STUDY_UUID = UUID.randomUUID(); private static final UUID FILTER_UUID = UUID.randomUUID(); private static final UUID FILTER_UUID_2 = UUID.randomUUID(); @@ -81,8 +82,6 @@ public class ExploreTest { private static final UUID ELEMENT_COPY_UUID = UUID.randomUUID(); private static final String STUDY_ERROR_NAME = "studyInError"; private static final String STUDY1 = "study1"; - private static final String CASE1 = "case1"; - private static final String FILTER1 = "filter1"; private static final String USER1 = "user1"; public static final String FILTER_CONTINGENCY_LIST = "filterContingencyList"; public static final String FILTER_CONTINGENCY_LIST_2 = "filterContingencyList2"; @@ -131,21 +130,21 @@ public void setup() throws IOException { caseService.setBaseUri(baseUrl); remoteServicesProperties.getServices().forEach(s -> s.setBaseUri(baseUrl)); - String privateStudyAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PRIVATE_STUDY_UUID, STUDY1, "STUDY", new AccessRightsAttributes(true), USER1, 0, null)); - String listOfPrivateStudyAttributesAsString = mapper.writeValueAsString(List.of(new ElementAttributes(PRIVATE_STUDY_UUID, STUDY1, "STUDY", new AccessRightsAttributes(true), USER1, 0, null))); - String publicStudyAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PUBLIC_STUDY_UUID, STUDY1, "STUDY", new AccessRightsAttributes(false), USER1, 0, null)); - String invalidElementAsString = mapper.writeValueAsString(new ElementAttributes(INVALID_ELEMENT_UUID, "invalidElementName", "INVALID", new AccessRightsAttributes(false), USER1, 0, null)); - String formContingencyListAttributesAsString = mapper.writeValueAsString(new ElementAttributes(CONTINGENCY_LIST_UUID, FILTER_CONTINGENCY_LIST, "CONTINGENCY_LIST", new AccessRightsAttributes(true), USER1, 0, null)); - String listOfFormContingencyListAttributesAsString = mapper.writeValueAsString(List.of(new ElementAttributes(CONTINGENCY_LIST_UUID, FILTER_CONTINGENCY_LIST, "CONTINGENCY_LIST", new AccessRightsAttributes(true), USER1, 0, null))); - String filterAttributesAsString = mapper.writeValueAsString(new ElementAttributes(FILTER_UUID, FILTER_CONTINGENCY_LIST, FILTER, new AccessRightsAttributes(true), USER1, 0, null)); - String filter2AttributesAsString = mapper.writeValueAsString(new ElementAttributes(FILTER_UUID_2, FILTER_CONTINGENCY_LIST_2, FILTER, new AccessRightsAttributes(true), USER1, 0, null)); - String listOfFilterAttributesAsString = mapper.writeValueAsString(List.of(new ElementAttributes(FILTER_UUID, FILTER_CONTINGENCY_LIST, FILTER, new AccessRightsAttributes(true), USER1, 0, null))); - String directoryAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PARENT_DIRECTORY_UUID, "directory", "DIRECTORY", new AccessRightsAttributes(true), USER1, 0, null)); - String caseElementAttributesAsString = mapper.writeValueAsString(new ElementAttributes(CASE_UUID, "case", "CASE", new AccessRightsAttributes(true), USER1, 0L, null)); - String parametersElementAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PARAMETERS_UUID, "voltageInitParametersName", ParametersType.VOLTAGE_INIT_PARAMETERS.name(), new AccessRightsAttributes(true), USER1, 0, null)); + String privateStudyAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PRIVATE_STUDY_UUID, STUDY1, "STUDY", USER1, 0, null)); + String listOfPrivateStudyAttributesAsString = mapper.writeValueAsString(List.of(new ElementAttributes(PRIVATE_STUDY_UUID, STUDY1, "STUDY", USER1, 0, null))); + String publicStudyAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PUBLIC_STUDY_UUID, STUDY1, "STUDY", USER1, 0, null)); + String invalidElementAsString = mapper.writeValueAsString(new ElementAttributes(INVALID_ELEMENT_UUID, "invalidElementName", "INVALID", USER1, 0, null)); + String formContingencyListAttributesAsString = mapper.writeValueAsString(new ElementAttributes(CONTINGENCY_LIST_UUID, FILTER_CONTINGENCY_LIST, "CONTINGENCY_LIST", USER1, 0, null)); + String listOfFormContingencyListAttributesAsString = mapper.writeValueAsString(List.of(new ElementAttributes(CONTINGENCY_LIST_UUID, FILTER_CONTINGENCY_LIST, "CONTINGENCY_LIST", USER1, 0, null))); + String filterAttributesAsString = mapper.writeValueAsString(new ElementAttributes(FILTER_UUID, FILTER_CONTINGENCY_LIST, FILTER, USER1, 0, null)); + String filter2AttributesAsString = mapper.writeValueAsString(new ElementAttributes(FILTER_UUID_2, FILTER_CONTINGENCY_LIST_2, FILTER, USER1, 0, null)); + String listOfFilterAttributesAsString = mapper.writeValueAsString(List.of(new ElementAttributes(FILTER_UUID, FILTER_CONTINGENCY_LIST, FILTER, USER1, 0, null))); + String directoryAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PARENT_DIRECTORY_UUID, "directory", "DIRECTORY", USER1, 0, null)); + String caseElementAttributesAsString = mapper.writeValueAsString(new ElementAttributes(CASE_UUID, "case", "CASE", USER1, 0L, null)); + String parametersElementAttributesAsString = mapper.writeValueAsString(new ElementAttributes(PARAMETERS_UUID, "voltageInitParametersName", ParametersType.VOLTAGE_INIT_PARAMETERS.name(), USER1, 0, null)); String listElementsAttributesAsString = "[" + filterAttributesAsString + "," + privateStudyAttributesAsString + "," + formContingencyListAttributesAsString + "]"; String caseInfosAttributesAsString = mapper.writeValueAsString(List.of(caseSpecificMetadata)); - String modificationElementAttributesAsString = mapper.writeValueAsString(new ElementAttributes(MODIFICATION_UUID, "one modif", "MODIFICATION", new AccessRightsAttributes(true), USER1, 0L, null)); + String modificationElementAttributesAsString = mapper.writeValueAsString(new ElementAttributes(MODIFICATION_UUID, "one modif", "MODIFICATION", USER1, 0L, null)); String modificationInfosAttributesAsString = mapper.writeValueAsString(List.of(modificationSpecificMetadata)); String modificationIdsAsString = mapper.writeValueAsString(Map.of(MODIFICATION_UUID, MODIFICATION_COPY_UUID)); String newStudyUuidAsString = mapper.writeValueAsString(STUDY_COPY_UUID); @@ -332,6 +331,14 @@ public MockResponse dispatch(RecordedRequest request) { return new MockResponse().setResponseCode(200); } return new MockResponse().setResponseCode(404); + } else if ("HEAD".equals(request.getMethod())) { + if (path.matches("/v1/elements\\?forDeletion=true&ids=" + FORBIDDEN_STUDY_UUID)) { + return new MockResponse().setResponseCode(403); + } else if (path.matches("/v1/elements\\?forDeletion=true&ids=" + NOT_FOUND_STUDY_UUID)) { + return new MockResponse().setResponseCode(404); + } else if (path.matches("/v1/elements\\?forDeletion=true&ids=.*")) { + return new MockResponse().setResponseCode(200); + } } return new MockResponse().setResponseCode(418); } @@ -506,6 +513,19 @@ public void deleteElementInvalidType(UUID elementUUid) throws Exception { .andExpect(status().is2xxSuccessful()); } + public void deleteElementNotAllowed(UUID elementUUid, int status) throws Exception { + mockMvc.perform(delete("/v1/explore/elements/{elementUuid}", + elementUUid).header("userId", USER1)) + .andExpect(status().is(status)); + } + + public void deleteElementsNotAllowed(List elementUuids, UUID parentUuid, int status) throws Exception { + var ids = elementUuids.stream().map(UUID::toString).collect(Collectors.joining(",")); + mockMvc.perform(delete("/v1/explore/elements/{parentUuid}?ids=" + ids, parentUuid) + .header("userId", USER1)) + .andExpect(status().is(status)); + } + @Test public void testDeleteElement() throws Exception { deleteElements(List.of(FILTER_UUID, PRIVATE_STUDY_UUID, CONTINGENCY_LIST_UUID, CASE_UUID), PARENT_DIRECTORY_UUID); @@ -517,6 +537,10 @@ public void testDeleteElement() throws Exception { deleteElement(CASE_UUID); deleteElement(PARAMETERS_UUID); deleteElement(MODIFICATION_UUID); + deleteElementsNotAllowed(List.of(FORBIDDEN_STUDY_UUID), PARENT_DIRECTORY_UUID, 403); + deleteElementsNotAllowed(List.of(NOT_FOUND_STUDY_UUID), PARENT_DIRECTORY_UUID, 404); + deleteElementNotAllowed(FORBIDDEN_STUDY_UUID, 403); + deleteElementNotAllowed(NOT_FOUND_STUDY_UUID, 404); } @Test @@ -525,8 +549,8 @@ public void testGetElementsMetadata() throws Exception { .header("userId", USER1) ).andExpectAll(status().isOk()); - ElementAttributes filter1 = new ElementAttributes(FILTER_UUID, FILTER_CONTINGENCY_LIST, FILTER, new AccessRightsAttributes(true), USER1, 0L, null, specificMetadata); - ElementAttributes filter2 = new ElementAttributes(FILTER_UUID_2, FILTER_CONTINGENCY_LIST_2, FILTER, new AccessRightsAttributes(true), USER1, 0L, null, specificMetadata2); + ElementAttributes filter1 = new ElementAttributes(FILTER_UUID, FILTER_CONTINGENCY_LIST, FILTER, USER1, 0L, null, specificMetadata); + ElementAttributes filter2 = new ElementAttributes(FILTER_UUID_2, FILTER_CONTINGENCY_LIST_2, FILTER, USER1, 0L, null, specificMetadata2); mockMvc.perform(get("/v1/explore/elements/metadata?ids=" + FILTER_UUID + "," + FILTER_UUID_2 + "&equipmentTypes=&elementTypes=FILTER") .header("userId", USER1)) @@ -695,7 +719,7 @@ public void testGetMetadata() throws Exception { String res = result.getResponse().getContentAsString(); List elementsMetadata = mapper.readValue(res, new TypeReference<>() { }); - String caseAttributesAsString = mapper.writeValueAsString(new ElementAttributes(CASE_UUID, "case", "CASE", new AccessRightsAttributes(true), USER1, 0L, null, caseSpecificMetadata)); + String caseAttributesAsString = mapper.writeValueAsString(new ElementAttributes(CASE_UUID, "case", "CASE", USER1, 0L, null, caseSpecificMetadata)); assertEquals(1, elementsMetadata.size()); assertEquals(mapper.writeValueAsString(elementsMetadata.get(0)), caseAttributesAsString); } @@ -704,8 +728,8 @@ public void testGetMetadata() throws Exception { @SneakyThrows public void testcreateNetworkModifications() { final String body = mapper.writeValueAsString(List.of( - new ElementAttributes(MODIFICATION_UUID, "one modif", "", null, USER1, 0L, "a description"), - new ElementAttributes(UUID.randomUUID(), "2nd modif", "", null, USER1, 0L, "a description") + new ElementAttributes(MODIFICATION_UUID, "one modif", "", USER1, 0L, "a description"), + new ElementAttributes(UUID.randomUUID(), "2nd modif", "", USER1, 0L, "a description") ) ); mockMvc.perform(post("/v1/explore/modifications?parentDirectoryUuid={parentDirectoryUuid}", PARENT_DIRECTORY_UUID) @@ -718,7 +742,7 @@ public void testcreateNetworkModifications() { @Test @SneakyThrows public void testGetModificationMetadata() { - final String expectedResult = mapper.writeValueAsString(new ElementAttributes(MODIFICATION_UUID, "one modif", "MODIFICATION", new AccessRightsAttributes(true), USER1, 0L, null, modificationSpecificMetadata)); + final String expectedResult = mapper.writeValueAsString(new ElementAttributes(MODIFICATION_UUID, "one modif", "MODIFICATION", USER1, 0L, null, modificationSpecificMetadata)); MvcResult result = mockMvc.perform(get("/v1/explore/elements/metadata?ids=" + MODIFICATION_UUID) .header("userId", USER1)) .andExpect(status().isOk()) diff --git a/src/test/java/org/gridsuite/explore/server/SupervisionTest.java b/src/test/java/org/gridsuite/explore/server/SupervisionTest.java index 07d06479..2578f921 100644 --- a/src/test/java/org/gridsuite/explore/server/SupervisionTest.java +++ b/src/test/java/org/gridsuite/explore/server/SupervisionTest.java @@ -31,9 +31,9 @@ class SupervisionTest { @MockBean RestTemplate restTemplate; - ElementAttributes filter = new ElementAttributes(UUID.randomUUID(), "filter", "FILTER", null, "userId", 0L, null, null); + ElementAttributes filter = new ElementAttributes(UUID.randomUUID(), "filter", "FILTER", "userId", 0L, null, null); - ElementAttributes study = new ElementAttributes(UUID.randomUUID(), "study", "STUDY", null, "userId", 0L, null, null); + ElementAttributes study = new ElementAttributes(UUID.randomUUID(), "study", "STUDY", "userId", 0L, null, null); @Test void testDeleteElements() {