Compare commits
24 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 4bb458e8d6 | |||
| 921a545877 | |||
| ef942b956e | |||
| ff74ad7e47 | |||
| 2bb90ced03 | |||
| a48cd52652 | |||
| dd4c2dadab | |||
| c81b63aef2 | |||
| cb762a446a | |||
| db810ab0c6 | |||
| 01c5b78325 | |||
| 1bc7293660 | |||
| 55c890aca5 | |||
| c0e364637a | |||
| 0a1ed9ba82 | |||
| 620085fda8 | |||
| 3b5c1cf68a | |||
| a0d07e88a1 | |||
| f17277c0e9 | |||
| 9f13213a35 | |||
| 5f0b8de159 | |||
| 6b66130ddc | |||
| 7f93ec5044 | |||
| 7e16c7bb74 |
11
.github/workflows/tests.yml
vendored
11
.github/workflows/tests.yml
vendored
@@ -101,6 +101,17 @@ jobs:
|
||||
arguments: coveralls
|
||||
env:
|
||||
COVERALLS_REPO_TOKEN: ${{ secrets.COVERALLS_REPO_TOKEN }}
|
||||
- name: Cache SonarCloud packages
|
||||
uses: actions/cache@v1
|
||||
with:
|
||||
path: ~/.sonar/cache
|
||||
key: ${{ runner.os }}-sonar
|
||||
restore-keys: ${{ runner.os }}-sonar
|
||||
- name: Build and analyze
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
|
||||
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
|
||||
run: ./gradlew build sonarqube --info
|
||||
|
||||
lint:
|
||||
needs: build
|
||||
|
||||
5
.idea/runConfigurations/Sonarqube.xml
generated
5
.idea/runConfigurations/Sonarqube.xml
generated
@@ -1,6 +1,11 @@
|
||||
<component name="ProjectRunConfigurationManager">
|
||||
<configuration default="false" name="Sonarqube" type="GradleRunConfiguration" factoryName="Gradle">
|
||||
<ExternalSystemSettings>
|
||||
<option name="env">
|
||||
<map>
|
||||
<entry key="SONAR_TOKEN" value="15ad34f46763706727d884ced12c48d5222fe639" />
|
||||
</map>
|
||||
</option>
|
||||
<option name="executionName" />
|
||||
<option name="externalProjectPath" value="$PROJECT_DIR$" />
|
||||
<option name="externalSystemIdString" value="GRADLE" />
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
# DC Project
|
||||
|
||||
[](https://www.codefactor.io/repository/github/flecomte/dc-project)
|
||||
[](https://www.codacy.com/gh/flecomte/dc-project/dashboard?utm_source=github.com&utm_medium=referral&utm_content=flecomte/dc-project&utm_campaign=Badge_Grade)
|
||||
[](https://sonarcloud.io/dashboard?id=dc-project)
|
||||
|
||||
[](https://github.com/flecomte/dc-project/actions/workflows/tests.yml)
|
||||
[](https://coveralls.io/github/flecomte/dc-project?branch=master)
|
||||
[](https://www.codacy.com/gh/flecomte/dc-project/dashboard?utm_source=github.com&utm_medium=referral&utm_content=flecomte/dc-project&utm_campaign=Badge_Grade)
|
||||
[](https://sonarcloud.io/dashboard?id=dc-project)
|
||||
|
||||
[](https://sonarcloud.io/dashboard?id=dc-project)
|
||||
|
||||
[Installation](./doc/installation/Installation.md)
|
||||
|
||||
|
||||
@@ -121,8 +121,8 @@ val testSql by tasks.registering {
|
||||
group = "verification"
|
||||
dependsOn(tasks.named("processResources"))
|
||||
dependsOn(tasks.named("processTestResources"))
|
||||
dependsOn(tasks.named("testComposeUp"))
|
||||
finalizedBy(tasks.named("testComposeDown"))
|
||||
dependsOn(tasks.named("testSqlComposeUp"))
|
||||
finalizedBy(tasks.named("testSqlComposeDown"))
|
||||
|
||||
doLast {
|
||||
val config = ConfigFactory.parseFile(file("$buildDir/resources/test/application-test.conf")).resolve()
|
||||
@@ -182,7 +182,11 @@ tasks.named<ShadowJar>("shadowJar") {
|
||||
archiveFileName.set("${archiveBaseName.get()}-latest-all.${archiveExtension.get()}")
|
||||
}
|
||||
|
||||
tasks.sonarqube.configure { dependsOn(tasks.jacocoTestReport) }
|
||||
tasks.sonarqube.configure {
|
||||
dependsOn(tasks.test)
|
||||
dependsOn(tasks.detekt)
|
||||
dependsOn(tasks.jacocoTestReport)
|
||||
}
|
||||
|
||||
val sourcesJar by tasks.registering(Jar::class) {
|
||||
group = "build"
|
||||
@@ -218,23 +222,22 @@ dockerCompose {
|
||||
removeVolumes = false
|
||||
removeContainers = false
|
||||
isRequiredBy(project.tasks.run)
|
||||
|
||||
createNested("testSql").apply {
|
||||
projectName = "dc-project_test"
|
||||
useComposeFiles = listOf("docker-compose-test.yml")
|
||||
startedServices = listOf("db", "elasticsearch")
|
||||
stopContainers = false
|
||||
isRequiredBy(project.tasks.named("testSql"))
|
||||
}
|
||||
|
||||
createNested("test").apply {
|
||||
projectName = "dc-project_test"
|
||||
useComposeFiles = listOf("docker-compose-test.yml")
|
||||
stopContainers = false
|
||||
isRequiredBy(project.tasks.test)
|
||||
isRequiredBy(project.tasks.named("testSql"))
|
||||
}
|
||||
createNested("sonarqube").apply {
|
||||
projectName = "dc-project"
|
||||
useComposeFiles = listOf("docker-compose-sonar.yml")
|
||||
stopContainers = false
|
||||
removeVolumes = false
|
||||
removeContainers = false
|
||||
// isRequiredBy(project.tasks.sonarqube)
|
||||
}
|
||||
}
|
||||
tasks.sonarqube.configure { dependsOn(tasks.named("sonarqubeComposeUp")) }
|
||||
|
||||
publishing {
|
||||
if (versioning.info.dirty == false) {
|
||||
|
||||
30
doc/CreateAction.md
Normal file
30
doc/CreateAction.md
Normal file
@@ -0,0 +1,30 @@
|
||||
Create Action
|
||||
============
|
||||
|
||||
* [ ] Create [OpenApi](../src/main/resources/openapi.yaml) documentation
|
||||
* [ ] Create route
|
||||
* [ ] Create request with [Location](https://ktor.io/docs/features-locations.html)
|
||||
* [ ] Create Validation of request with [Konform](https://www.konform.io)
|
||||
* [ ] Test validation
|
||||
* [ ] [Check auth](../src/main/kotlin/fr/dcproject/component/auth/CitizenContext.kt) on protected route
|
||||
* [ ] [Create test for auth](../src/test/kotlin/integration/steps/given/Auth.kt)
|
||||
* [ ] Return must not be an Entity
|
||||
* [ ] Tests request:
|
||||
* [ ] Route with these params
|
||||
* [ ] Body of the request
|
||||
* [ ] Success
|
||||
* [ ] BadRequest
|
||||
* [ ] Body and request params must [match with the openapi schema](../src/test/kotlin/integration/steps/then/schema.kt)
|
||||
* [ ] Create [AccessControl](../src/main/kotlin/fr/dcproject/common/security/AccessControlModule.kt)
|
||||
* [ ] Test [AccessControl](../src/test/kotlin/integration/steps/given/Auth.kt)
|
||||
|
||||
|
||||
* [ ] Create Entity
|
||||
|
||||
|
||||
* [ ] Create Repository
|
||||
* [ ] Create SQL function in file
|
||||
* [ ] Create Tests SQL
|
||||
|
||||
* [ ] Tests
|
||||
* [ ] Test BadRequest
|
||||
@@ -1,48 +0,0 @@
|
||||
version: '3.8'
|
||||
services:
|
||||
sonarqube:
|
||||
container_name: ${APP_NAME}_sonarqube
|
||||
image: sonarqube:community
|
||||
depends_on:
|
||||
- sonarqube_db
|
||||
ports:
|
||||
- ${SONARQUBE_PORT}:9000
|
||||
networks:
|
||||
- sonarnet
|
||||
environment:
|
||||
SONAR_JDBC_URL: jdbc:postgresql://sonarqube_db:5432/sonar
|
||||
SONAR_JDBC_USERNAME: sonar
|
||||
SONAR_JDBC_PASSWORD: sonar
|
||||
volumes:
|
||||
- sonarqube_data:/opt/sonarqube/data
|
||||
- sonarqube_extensions:/opt/sonarqube/extensions
|
||||
- sonarqube_logs:/opt/sonarqube/logs
|
||||
- sonarqube_temp:/opt/sonarqube/temp
|
||||
|
||||
sonarqube_db:
|
||||
container_name: ${APP_NAME}_sonarqube_db
|
||||
image: postgres:alpine
|
||||
networks:
|
||||
- sonarnet
|
||||
environment:
|
||||
POSTGRES_USER: sonar
|
||||
POSTGRES_PASSWORD: sonar
|
||||
ports:
|
||||
- ${SONARQUBE_DB_PORT}:5432
|
||||
volumes:
|
||||
- sonarqube_postgresql:/var/lib/postgresql
|
||||
# This needs explicit mapping due to https://github.com/docker-library/postgres/blob/4e48e3228a30763913ece952c611e5e9b95c8759/Dockerfile.template#L52
|
||||
- sonarqube_postgresql_data:/var/lib/postgresql/data
|
||||
|
||||
|
||||
networks:
|
||||
sonarnet:
|
||||
driver: bridge
|
||||
|
||||
volumes:
|
||||
sonarqube_data:
|
||||
sonarqube_extensions:
|
||||
sonarqube_logs:
|
||||
sonarqube_temp:
|
||||
sonarqube_postgresql:
|
||||
sonarqube_postgresql_data:
|
||||
@@ -38,6 +38,9 @@ services:
|
||||
REDIS_CONNECTION: ${REDIS_CONNECTION}
|
||||
RABBITMQ_CONNECTION: ${RABBITMQ_CONNECTION}
|
||||
ELASTICSEARCH_CONNECTION: ${ELASTICSEARCH_CONNECTION}
|
||||
JWT_SECRET: ${JWT_SECRET}
|
||||
JWT_ISSUER: ${JWT_ISSUER}
|
||||
JWT_VALIDITY: ${JWT_VALIDITY}
|
||||
depends_on:
|
||||
- elasticsearch
|
||||
- db
|
||||
|
||||
@@ -1,9 +1,7 @@
|
||||
kotlin.code.style=official
|
||||
systemProp.sonar.host.url=http://localhost:9002
|
||||
systemProp.sonar.login=admin
|
||||
systemProp.sonar.password=sonar
|
||||
systemProp.sonar.host.url=https://sonarcloud.io
|
||||
systemProp.sonar.projectKey=dc-project
|
||||
systemProp.sonar.projectName=DC Project
|
||||
systemProp.sonar.organization=flecomte
|
||||
systemProp.sonar.java.coveragePlugin=jacoco
|
||||
systemProp.sonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml
|
||||
systemProp.sonar.kotlin.detekt.reportPaths=build/reports/detekt/detekt.xml
|
||||
|
||||
@@ -6,17 +6,14 @@ import com.fasterxml.jackson.databind.DeserializationFeature
|
||||
import com.fasterxml.jackson.databind.PropertyNamingStrategies
|
||||
import com.fasterxml.jackson.databind.SerializationFeature
|
||||
import com.fasterxml.jackson.datatype.joda.JodaModule
|
||||
import com.github.jasync.sql.db.postgresql.exceptions.GenericDatabaseException
|
||||
import fr.dcproject.application.Env.PROD
|
||||
import fr.dcproject.application.Env.TEST
|
||||
import fr.dcproject.common.security.AccessDeniedException
|
||||
import fr.dcproject.application.http.statusPagesInstallation
|
||||
import fr.dcproject.component.article.articleKoinModule
|
||||
import fr.dcproject.component.article.routes.installArticleRoutes
|
||||
import fr.dcproject.component.auth.ForbiddenException
|
||||
import fr.dcproject.component.auth.authKoinModule
|
||||
import fr.dcproject.component.auth.jwt.jwtInstallation
|
||||
import fr.dcproject.component.auth.routes.installAuthRoutes
|
||||
import fr.dcproject.component.auth.user
|
||||
import fr.dcproject.component.citizen.citizenKoinModule
|
||||
import fr.dcproject.component.citizen.routes.installCitizenRoutes
|
||||
import fr.dcproject.component.comment.article.routes.installCommentArticleRoutes
|
||||
@@ -41,7 +38,6 @@ import fr.dcproject.component.workgroup.workgroupKoinModule
|
||||
import fr.postgresjson.migration.Migrations
|
||||
import io.ktor.application.Application
|
||||
import io.ktor.application.ApplicationStopped
|
||||
import io.ktor.application.call
|
||||
import io.ktor.application.install
|
||||
import io.ktor.auth.Authentication
|
||||
import io.ktor.client.HttpClient
|
||||
@@ -51,17 +47,14 @@ import io.ktor.features.CORS
|
||||
import io.ktor.features.CallLogging
|
||||
import io.ktor.features.ContentNegotiation
|
||||
import io.ktor.features.DataConversion
|
||||
import io.ktor.features.NotFoundException
|
||||
import io.ktor.features.StatusPages
|
||||
import io.ktor.http.HttpHeaders
|
||||
import io.ktor.http.HttpMethod
|
||||
import io.ktor.http.HttpStatusCode
|
||||
import io.ktor.http.cio.websocket.pingPeriod
|
||||
import io.ktor.http.cio.websocket.timeout
|
||||
import io.ktor.jackson.jackson
|
||||
import io.ktor.locations.KtorExperimentalLocationsAPI
|
||||
import io.ktor.locations.Locations
|
||||
import io.ktor.response.respond
|
||||
import io.ktor.routing.Routing
|
||||
import io.ktor.server.jetty.EngineMain
|
||||
import io.ktor.util.KtorExperimentalAPI
|
||||
@@ -73,7 +66,6 @@ import org.koin.ktor.ext.Koin
|
||||
import org.koin.ktor.ext.get
|
||||
import org.slf4j.event.Level
|
||||
import java.time.Duration
|
||||
import java.util.concurrent.CompletionException
|
||||
|
||||
fun main(args: Array<String>): Unit = EngineMain.main(args)
|
||||
|
||||
@@ -132,7 +124,7 @@ fun Application.module(env: Env = PROD) {
|
||||
}
|
||||
}
|
||||
|
||||
install(Authentication, jwtInstallation(get()))
|
||||
install(Authentication, jwtInstallation(get(), get()))
|
||||
|
||||
install(AutoHeadResponse)
|
||||
|
||||
@@ -171,26 +163,7 @@ fun Application.module(env: Env = PROD) {
|
||||
installDocRoutes()
|
||||
}
|
||||
|
||||
install(StatusPages) {
|
||||
exception<CompletionException> { e ->
|
||||
val parent = e.cause?.cause
|
||||
if (parent is GenericDatabaseException) {
|
||||
call.respond(HttpStatusCode.BadRequest, parent.errorMessage.message!!)
|
||||
} else {
|
||||
throw e
|
||||
}
|
||||
}
|
||||
exception<NotFoundException> { e ->
|
||||
call.respond(HttpStatusCode.NotFound, e.message!!)
|
||||
}
|
||||
exception<AccessDeniedException> {
|
||||
if (call.user == null) call.respond(HttpStatusCode.Unauthorized)
|
||||
else call.respond(HttpStatusCode.Forbidden)
|
||||
}
|
||||
exception<ForbiddenException> {
|
||||
call.respond(HttpStatusCode.Forbidden)
|
||||
}
|
||||
}
|
||||
install(StatusPages, statusPagesInstallation())
|
||||
|
||||
install(CORS) {
|
||||
method(HttpMethod.Options)
|
||||
|
||||
@@ -43,4 +43,15 @@ class Configuration(val config: Config) {
|
||||
val rabbitmq: String = config.getString("rabbitmq.connection")
|
||||
val exchangeNotificationName = "notification"
|
||||
val sendGridKey: String = config.getString("mail.sendGrid.key")
|
||||
|
||||
interface Jwt {
|
||||
val secret: String
|
||||
val issuer: String
|
||||
val validityInMs: Int
|
||||
}
|
||||
val jwt = object : Jwt {
|
||||
override val secret = config.getString("jwt.secret")
|
||||
override val issuer = config.getString("jwt.issuer")
|
||||
override val validityInMs = config.getInt("jwt.validity")
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,6 +9,7 @@ import com.fasterxml.jackson.datatype.joda.JodaModule
|
||||
import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
|
||||
import com.rabbitmq.client.ConnectionFactory
|
||||
import fr.dcproject.common.email.Mailer
|
||||
import fr.dcproject.component.auth.jwt.JwtConfig
|
||||
import fr.dcproject.component.notification.NotificationConsumer
|
||||
import fr.dcproject.component.notification.NotificationEmailSender
|
||||
import fr.dcproject.component.notification.NotificationsPush
|
||||
@@ -25,6 +26,19 @@ import org.koin.dsl.module
|
||||
|
||||
@KtorExperimentalAPI
|
||||
val KoinModule = module {
|
||||
// JWT
|
||||
single {
|
||||
val config: Configuration = get()
|
||||
JwtConfig(
|
||||
config.jwt.secret,
|
||||
config.jwt.issuer,
|
||||
config.jwt.validityInMs,
|
||||
)
|
||||
}
|
||||
// JWT Verifier
|
||||
single {
|
||||
get<JwtConfig>().verifier
|
||||
}
|
||||
// SQL connection
|
||||
single {
|
||||
val config: Configuration = get()
|
||||
|
||||
@@ -0,0 +1,82 @@
|
||||
package fr.dcproject.application.http
|
||||
|
||||
import com.github.jasync.sql.db.postgresql.exceptions.GenericDatabaseException
|
||||
import fr.dcproject.common.security.AccessDeniedException
|
||||
import fr.dcproject.component.auth.ForbiddenException
|
||||
import fr.dcproject.component.auth.user
|
||||
import io.ktor.application.call
|
||||
import io.ktor.features.NotFoundException
|
||||
import io.ktor.features.StatusPages
|
||||
import io.ktor.http.HttpStatusCode
|
||||
import io.ktor.response.respond
|
||||
import java.util.concurrent.CompletionException
|
||||
|
||||
class HttpError(
|
||||
statusCode: HttpStatusCode,
|
||||
val cause: Throwable? = null,
|
||||
val type: String? = null,
|
||||
val title: String = cause?.message ?: statusCode.description,
|
||||
val detail: String? = null,
|
||||
val invalidParams: List<InvalidParam>? = null,
|
||||
val stackTrace: String? = cause?.stackTraceToString()
|
||||
) {
|
||||
val statusCode: Int = statusCode.value
|
||||
data class InvalidParam(
|
||||
val name: String,
|
||||
val reason: String
|
||||
)
|
||||
}
|
||||
|
||||
fun statusPagesInstallation(): StatusPages.Configuration.() -> Unit = {
|
||||
exception<CompletionException> { e ->
|
||||
val parent = e.cause?.cause
|
||||
if (parent is GenericDatabaseException) {
|
||||
HttpError(
|
||||
HttpStatusCode.BadRequest,
|
||||
cause = parent
|
||||
).let {
|
||||
call.respond(HttpStatusCode.BadRequest, it)
|
||||
}
|
||||
} else {
|
||||
HttpError(
|
||||
HttpStatusCode.BadRequest,
|
||||
cause = e
|
||||
).let {
|
||||
call.respond(HttpStatusCode.InternalServerError, it)
|
||||
}
|
||||
}
|
||||
}
|
||||
exception<NotFoundException> { e ->
|
||||
HttpError(
|
||||
HttpStatusCode.NotFound,
|
||||
cause = e
|
||||
).let {
|
||||
call.respond(HttpStatusCode.NotFound, it)
|
||||
}
|
||||
}
|
||||
exception<AccessDeniedException> { e ->
|
||||
if (call.user == null) {
|
||||
HttpError(
|
||||
HttpStatusCode.Unauthorized,
|
||||
cause = e
|
||||
).let {
|
||||
call.respond(HttpStatusCode.Unauthorized, it)
|
||||
}
|
||||
} else {
|
||||
HttpError(
|
||||
HttpStatusCode.Forbidden,
|
||||
cause = e
|
||||
).let {
|
||||
call.respond(HttpStatusCode.Forbidden, it)
|
||||
}
|
||||
}
|
||||
}
|
||||
exception<ForbiddenException> { e ->
|
||||
HttpError(
|
||||
HttpStatusCode.Forbidden,
|
||||
cause = e
|
||||
).let {
|
||||
call.respond(HttpStatusCode.Forbidden, it)
|
||||
}
|
||||
}
|
||||
}
|
||||
4
src/main/kotlin/fr/dcproject/common/utils/Numeric.kt
Normal file
4
src/main/kotlin/fr/dcproject/common/utils/Numeric.kt
Normal file
@@ -0,0 +1,4 @@
|
||||
package fr.dcproject.common.utils
|
||||
|
||||
fun String.isInt(): Boolean = this.toIntOrNull() != null
|
||||
fun String.isBool(): Boolean = this == "true" || this == "false"
|
||||
@@ -1,15 +1,13 @@
|
||||
package fr.dcproject.component.article
|
||||
package fr.dcproject.component.article.database
|
||||
|
||||
import fr.dcproject.common.entity.VersionableId
|
||||
import fr.dcproject.common.utils.contentToString
|
||||
import fr.dcproject.common.utils.getJsonField
|
||||
import fr.dcproject.common.utils.toIso
|
||||
import fr.dcproject.component.article.database.ArticleI
|
||||
import fr.dcproject.component.citizen.database.CitizenI
|
||||
import fr.dcproject.component.views.ViewManager
|
||||
import fr.dcproject.component.views.ViewRepository
|
||||
import fr.dcproject.component.views.entity.ViewAggregation
|
||||
import org.elasticsearch.client.Request
|
||||
import org.elasticsearch.client.Response
|
||||
import org.elasticsearch.client.RestClient
|
||||
import org.joda.time.DateTime
|
||||
import java.util.UUID
|
||||
@@ -17,11 +15,11 @@ import java.util.UUID
|
||||
/**
|
||||
* Wrapper for manage views with elasticsearch
|
||||
*/
|
||||
class ArticleViewManager <A> (private val restClient: RestClient) : ViewManager<A> where A : VersionableId, A : ArticleI {
|
||||
class ArticleViewRepository <A> (private val restClient: RestClient) : ViewRepository<A> where A : VersionableId, A : ArticleI {
|
||||
/**
|
||||
* Add view on article to elasticsearch
|
||||
*/
|
||||
override fun addView(ip: String, entity: A, citizen: CitizenI?, dateTime: DateTime): Response? {
|
||||
override fun addView(ip: String, entity: A, citizen: CitizenI?, dateTime: DateTime) {
|
||||
val isLogged = (citizen != null).toString()
|
||||
val ref = citizen?.id ?: UUID.nameUUIDFromBytes(ip.toByteArray())!!
|
||||
val request = Request(
|
||||
@@ -45,7 +43,7 @@ class ArticleViewManager <A> (private val restClient: RestClient) : ViewManager<
|
||||
)
|
||||
}
|
||||
|
||||
return restClient.performRequest(request)
|
||||
restClient.performRequest(request)
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -2,10 +2,10 @@ package fr.dcproject.component.article.routes
|
||||
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.article.ArticleAccessControl
|
||||
import fr.dcproject.component.article.ArticleViewManager
|
||||
import fr.dcproject.component.article.database.ArticleForView
|
||||
import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.article.database.ArticleRepository
|
||||
import fr.dcproject.component.article.database.ArticleViewRepository
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import io.ktor.application.call
|
||||
import io.ktor.features.NotFoundException
|
||||
@@ -24,7 +24,7 @@ object GetOneArticle {
|
||||
val article = ArticleRef(article)
|
||||
}
|
||||
|
||||
fun Route.getOneArticle(viewManager: ArticleViewManager<ArticleForView>, ac: ArticleAccessControl, repo: ArticleRepository) {
|
||||
fun Route.getOneArticle(viewRepository: ArticleViewRepository<ArticleForView>, ac: ArticleAccessControl, repo: ArticleRepository) {
|
||||
get<ArticleRequest> {
|
||||
val article: ArticleForView = repo.findById(it.article.id) ?: throw NotFoundException("Article ${it.article.id} not found")
|
||||
ac.assert { canView(article, citizenOrNull) }
|
||||
@@ -64,7 +64,7 @@ object GetOneArticle {
|
||||
val total: Int = a.votes.total
|
||||
val score: Int = a.votes.score
|
||||
}
|
||||
val views: Any = viewManager.getViewsCount(article).let { v ->
|
||||
val views: Any = viewRepository.getViewsCount(article).let { v ->
|
||||
object {
|
||||
val total = v.total
|
||||
val unique = v.unique
|
||||
@@ -76,7 +76,7 @@ object GetOneArticle {
|
||||
)
|
||||
|
||||
launch {
|
||||
viewManager.addView(call.request.local.remoteHost, article, citizenOrNull)
|
||||
viewRepository.addView(call.request.local.remoteHost, article, citizenOrNull)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -8,6 +8,7 @@ import fr.dcproject.component.article.database.ArticleRepository
|
||||
import fr.dcproject.component.article.routes.UpsertArticle.UpsertArticleRequest.Input
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.notification.ArticleUpdateNotification
|
||||
import fr.dcproject.component.notification.Publisher
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupRef
|
||||
@@ -54,6 +55,7 @@ object UpsertArticle {
|
||||
}
|
||||
|
||||
post<UpsertArticleRequest> {
|
||||
mustBeAuth()
|
||||
val article = call.convertRequestToEntity()
|
||||
ac.assert { canUpsert(article, citizenOrNull) }
|
||||
repo.upsert(article)?.let { a ->
|
||||
|
||||
@@ -26,7 +26,21 @@ val ApplicationCall.citizenOrNull: CitizenEntity?
|
||||
GlobalContext.get().koin.get<CitizenRepository>().findByUser(it)
|
||||
}
|
||||
|
||||
val ApplicationCall.isAuth: Boolean
|
||||
get() = citizenOrNull == null
|
||||
|
||||
fun ApplicationCall.mustBeAuth() {
|
||||
citizenOrNull ?: throw ForbiddenException("No User Connected")
|
||||
}
|
||||
|
||||
val PipelineContext<Unit, ApplicationCall>.citizen get() = context.citizen
|
||||
val PipelineContext<Unit, ApplicationCall>.citizenOrNull get() = context.citizenOrNull
|
||||
|
||||
val ApplicationCall.user get() = authentication.principal<User>()
|
||||
|
||||
val PipelineContext<Unit, ApplicationCall>.isAuth: Boolean
|
||||
get() = citizenOrNull == null
|
||||
|
||||
fun PipelineContext<Unit, ApplicationCall>.mustBeAuth() {
|
||||
citizenOrNull ?: throw ForbiddenException("No User Connected")
|
||||
}
|
||||
|
||||
@@ -2,13 +2,16 @@ package fr.dcproject.component.auth.jwt
|
||||
|
||||
import com.auth0.jwt.JWT
|
||||
import fr.dcproject.component.auth.database.UserI
|
||||
import org.koin.core.context.GlobalContext
|
||||
|
||||
/**
|
||||
* Produce a token for this combination of User and Account
|
||||
*/
|
||||
fun UserI.makeToken(): String = JWT.create()
|
||||
fun UserI.makeToken(): String = GlobalContext.get().koin.get<JwtConfig>().run {
|
||||
JWT.create()
|
||||
.withSubject("Authentication")
|
||||
.withIssuer(JwtConfig.issuer)
|
||||
.withIssuer(issuer)
|
||||
.withClaim("id", id.toString())
|
||||
.withExpiresAt(JwtConfig.getExpiration())
|
||||
.sign(JwtConfig.algorithm)
|
||||
.withExpiresAt(getExpiration())
|
||||
.sign(algorithm)
|
||||
}
|
||||
|
||||
@@ -5,11 +5,11 @@ import com.auth0.jwt.JWTVerifier
|
||||
import com.auth0.jwt.algorithms.Algorithm
|
||||
import java.util.Date
|
||||
|
||||
object JwtConfig {
|
||||
private const val secret = "zAP5MBA4B4Ijz0MZaS48"
|
||||
const val issuer = "dc-project.fr"
|
||||
private const val validityInMs = 3_600_000 * 10 // 10 hours
|
||||
|
||||
class JwtConfig(
|
||||
private val secret: String,
|
||||
val issuer: String,
|
||||
private val validityInMs: Int,
|
||||
) {
|
||||
// TODO change to RSA512
|
||||
val algorithm: Algorithm = Algorithm.HMAC512(secret)
|
||||
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package fr.dcproject.component.auth.jwt
|
||||
|
||||
import com.auth0.jwt.JWTVerifier
|
||||
import fr.dcproject.component.auth.database.User
|
||||
import fr.dcproject.component.auth.database.UserRepository
|
||||
import io.ktor.application.ApplicationCall
|
||||
@@ -9,14 +10,14 @@ import io.ktor.http.auth.HttpAuthHeader
|
||||
import io.ktor.routing.Routing
|
||||
import java.util.UUID
|
||||
|
||||
fun jwtInstallation(userRepo: UserRepository): Authentication.Configuration.() -> Unit = {
|
||||
fun jwtInstallation(userRepo: UserRepository, verifier: JWTVerifier): Authentication.Configuration.() -> Unit = {
|
||||
/**
|
||||
* Setup the JWT authentication to be used in [Routing].
|
||||
* If the token is valid, the corresponding [User] is fetched from the database.
|
||||
* The [User] can then be accessed in each [ApplicationCall].
|
||||
*/
|
||||
jwt {
|
||||
verifier(JwtConfig.verifier)
|
||||
verifier(verifier)
|
||||
realm = "dc-project.fr"
|
||||
validate {
|
||||
it.payload.getClaim("id").asString()?.let { id ->
|
||||
@@ -27,7 +28,7 @@ fun jwtInstallation(userRepo: UserRepository): Authentication.Configuration.() -
|
||||
|
||||
/* Token in URL */
|
||||
jwt("url") {
|
||||
verifier(JwtConfig.verifier)
|
||||
verifier(verifier)
|
||||
realm = "dc-project.fr"
|
||||
authHeader { call ->
|
||||
call.request.queryParameters["token"]?.let {
|
||||
|
||||
@@ -6,6 +6,7 @@ import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.database.UserRepository
|
||||
import fr.dcproject.component.auth.database.UserWithPassword
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.CitizenAccessControl
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import io.ktor.application.call
|
||||
@@ -29,6 +30,7 @@ object ChangeMyPassword {
|
||||
|
||||
fun Route.changeMyPassword(ac: CitizenAccessControl, userRepository: UserRepository) {
|
||||
put<ChangePasswordCitizenRequest> {
|
||||
mustBeAuth()
|
||||
ac.assert { canChangePassword(it.citizen, citizenOrNull) }
|
||||
val content = call.receiveOrBadRequest<ChangePasswordCitizenRequest.Input>()
|
||||
userRepository.findByCredentials(UserPasswordCredential(citizen.user.username, content.oldPassword)) ?: throw BadRequestException("Bad Password")
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.citizen.routes
|
||||
import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.CitizenAccessControl
|
||||
import fr.dcproject.component.citizen.database.CitizenCreator
|
||||
import fr.dcproject.component.citizen.database.CitizenRepository
|
||||
@@ -30,6 +31,7 @@ object FindCitizens {
|
||||
|
||||
fun Route.findCitizen(ac: CitizenAccessControl, repo: CitizenRepository) {
|
||||
get<CitizensRequest> {
|
||||
mustBeAuth()
|
||||
val citizens = repo.find(it.page, it.limit, it.sort, it.direction, it.search)
|
||||
ac.assert { canView(citizens.result, citizenOrNull) }
|
||||
call.respond(
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.citizen.routes
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.CitizenAccessControl
|
||||
import io.ktor.application.call
|
||||
import io.ktor.http.HttpStatusCode
|
||||
@@ -22,6 +23,7 @@ object GetCurrentCitizen {
|
||||
|
||||
fun Route.getCurrentCitizen(ac: CitizenAccessControl) {
|
||||
get<CurrentCitizenRequest> {
|
||||
mustBeAuth()
|
||||
val currentUser = citizenOrNull
|
||||
if (currentUser === null) {
|
||||
call.respond(HttpStatusCode.Unauthorized)
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.citizen.routes
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.CitizenAccessControl
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.citizen.database.CitizenRepository
|
||||
@@ -26,6 +27,7 @@ object GetOneCitizen {
|
||||
|
||||
fun Route.getOneCitizen(ac: CitizenAccessControl, citizenRepository: CitizenRepository) {
|
||||
get<CitizenRequest> {
|
||||
mustBeAuth()
|
||||
val citizen = citizenRepository.findById(it.citizen.id) ?: throw NotFoundException("Citizen not found ${it.citizen.id}")
|
||||
ac.assert { canView(citizen, citizenOrNull) }
|
||||
|
||||
|
||||
@@ -6,6 +6,7 @@ import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.comment.article.database.CommentArticleRepository
|
||||
import fr.dcproject.component.comment.article.routes.CreateCommentArticle.PostArticleCommentRequest.Input
|
||||
import fr.dcproject.component.comment.generic.CommentAccessControl
|
||||
@@ -30,6 +31,7 @@ object CreateCommentArticle {
|
||||
|
||||
fun Route.createCommentArticle(repo: CommentArticleRepository, ac: CommentAccessControl) {
|
||||
post<PostArticleCommentRequest> {
|
||||
mustBeAuth()
|
||||
call.receiveOrBadRequest<Input>().run {
|
||||
CommentForUpdate(
|
||||
target = it.article,
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.comment.article.routes
|
||||
import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.comment.article.database.CommentArticleRepository
|
||||
import fr.dcproject.component.comment.generic.CommentAccessControl
|
||||
@@ -25,6 +26,7 @@ object GetCitizenArticleComments {
|
||||
|
||||
fun Route.getCitizenArticleComments(repo: CommentArticleRepository, ac: CommentAccessControl) {
|
||||
get<CitizenCommentArticleRequest> {
|
||||
mustBeAuth()
|
||||
repo.findByCitizen(it.citizen).let { comments ->
|
||||
ac.assert { canView(comments.result, citizenOrNull) }
|
||||
call.respond(
|
||||
|
||||
@@ -5,6 +5,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.comment.constitution.database.CommentConstitutionRepository
|
||||
import fr.dcproject.component.comment.constitution.routes.CreateConstitutionComment.CreateConstitutionCommentRequest.Input
|
||||
import fr.dcproject.component.comment.generic.CommentAccessControl
|
||||
@@ -30,6 +31,7 @@ object CreateConstitutionComment {
|
||||
|
||||
fun Route.createConstitutionComment(repo: CommentConstitutionRepository, ac: CommentAccessControl) {
|
||||
post<CreateConstitutionCommentRequest> {
|
||||
mustBeAuth()
|
||||
call.receiveOrBadRequest<Input>().run {
|
||||
CommentForUpdate(
|
||||
target = it.constitution,
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.comment.constitution.routes
|
||||
import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.comment.constitution.database.CommentConstitutionRepository
|
||||
import fr.dcproject.component.comment.generic.CommentAccessControl
|
||||
@@ -25,6 +26,7 @@ object GetCitizenCommentConstitution {
|
||||
|
||||
fun Route.getCitizenCommentConstitution(repo: CommentConstitutionRepository, ac: CommentAccessControl) {
|
||||
get<GetCitizenCommentConstitutionRequest> {
|
||||
mustBeAuth()
|
||||
val comments = repo.findByCitizen(it.citizen)
|
||||
ac.assert { canView(comments.result, citizenOrNull) }
|
||||
call.respond(
|
||||
|
||||
@@ -4,6 +4,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.comment.generic.CommentAccessControl
|
||||
import fr.dcproject.component.comment.generic.database.CommentForUpdate
|
||||
import fr.dcproject.component.comment.generic.database.CommentRef
|
||||
@@ -29,6 +30,7 @@ object CreateCommentChildren {
|
||||
|
||||
fun Route.createCommentChildren(repo: CommentRepository, ac: CommentAccessControl) {
|
||||
post<CreateCommentChildrenRequest> {
|
||||
mustBeAuth()
|
||||
val parent = repo.findById(it.comment.id) ?: throw NotFoundException("Comment not found")
|
||||
val newComment = CommentForUpdate(
|
||||
content = call.receiveOrBadRequest<CreateCommentChildrenRequest.Input>().content,
|
||||
|
||||
@@ -4,6 +4,7 @@ import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.comment.generic.CommentAccessControl
|
||||
import fr.dcproject.component.comment.generic.database.CommentRef
|
||||
import fr.dcproject.component.comment.generic.database.CommentRepository
|
||||
@@ -28,6 +29,7 @@ object EditComment {
|
||||
|
||||
fun Route.editComment(repo: CommentRepository, ac: CommentAccessControl) {
|
||||
put<EditCommentRequest> {
|
||||
mustBeAuth()
|
||||
val comment = repo.findById(it.comment.id) ?: throw NotFoundException("Comment not found")
|
||||
ac.assert { canUpdate(comment, citizenOrNull) }
|
||||
|
||||
|
||||
@@ -6,6 +6,7 @@ import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.Citizen
|
||||
import fr.dcproject.component.citizen.database.CitizenWithUserI
|
||||
import fr.dcproject.component.constitution.ConstitutionAccessControl
|
||||
@@ -68,6 +69,7 @@ object CreateConstitution {
|
||||
|
||||
fun Route.createConstitution(repo: ConstitutionRepository, ac: ConstitutionAccessControl) {
|
||||
post<PostConstitutionRequest> {
|
||||
mustBeAuth()
|
||||
getNewConstitution(call.receiveOrBadRequest(), citizen).let {
|
||||
ac.assert { canCreate(it, citizenOrNull) }
|
||||
val c = repo.upsert(it) ?: error("Unable to create Constitution")
|
||||
|
||||
@@ -4,6 +4,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.follow.FollowAccessControl
|
||||
import fr.dcproject.component.follow.database.FollowArticleRepository
|
||||
import fr.dcproject.component.follow.database.FollowForUpdate
|
||||
@@ -25,6 +26,7 @@ object FollowArticle {
|
||||
|
||||
fun Route.followArticle(repo: FollowArticleRepository, ac: FollowAccessControl) {
|
||||
post<ArticleFollowRequest> {
|
||||
mustBeAuth()
|
||||
val follow = FollowForUpdate(target = it.article, createdBy = this.citizen)
|
||||
ac.assert { canCreate(follow, citizenOrNull) }
|
||||
repo.follow(follow)
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.follow.routes.article
|
||||
import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.follow.FollowAccessControl
|
||||
import fr.dcproject.component.follow.database.FollowArticleRepository
|
||||
@@ -25,6 +26,7 @@ object GetMyFollowsArticle {
|
||||
|
||||
fun Route.getMyFollowsArticle(repo: FollowArticleRepository, ac: FollowAccessControl) {
|
||||
get<CitizenFollowArticleRequest> {
|
||||
mustBeAuth()
|
||||
val follows = repo.findByCitizen(it.citizen)
|
||||
ac.assert { canView(follows.result, citizenOrNull) }
|
||||
call.respond(
|
||||
|
||||
@@ -4,6 +4,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.follow.FollowAccessControl
|
||||
import fr.dcproject.component.follow.database.FollowArticleRepository
|
||||
import fr.dcproject.component.follow.database.FollowForUpdate
|
||||
@@ -25,6 +26,7 @@ object UnfollowArticle {
|
||||
|
||||
fun Route.unfollowArticle(repo: FollowArticleRepository, ac: FollowAccessControl) {
|
||||
delete<ArticleFollowRequest> {
|
||||
mustBeAuth()
|
||||
val follow = FollowForUpdate(target = it.article, createdBy = this.citizen)
|
||||
ac.assert { canDelete(follow, citizenOrNull) }
|
||||
repo.unfollow(follow)
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.follow.routes.constitution
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.constitution.database.ConstitutionRef
|
||||
import fr.dcproject.component.follow.FollowAccessControl
|
||||
import fr.dcproject.component.follow.database.FollowConstitutionRepository
|
||||
@@ -25,6 +26,7 @@ object FollowConstitution {
|
||||
|
||||
fun Route.followConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) {
|
||||
post<ConstitutionFollowRequest> {
|
||||
mustBeAuth()
|
||||
val follow = FollowForUpdate(target = it.constitution, createdBy = this.citizen)
|
||||
ac.assert { canCreate(follow, citizenOrNull) }
|
||||
repo.follow(follow)
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.follow.routes.constitution
|
||||
import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.follow.FollowAccessControl
|
||||
import fr.dcproject.component.follow.database.FollowConstitutionRepository
|
||||
@@ -25,6 +26,7 @@ object GetMyFollowsConstitution {
|
||||
|
||||
fun Route.getMyFollowsConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) {
|
||||
get<CitizenFollowConstitutionRequest> {
|
||||
mustBeAuth()
|
||||
val follows = repo.findByCitizen(it.citizen)
|
||||
ac.assert { canView(follows.result, citizenOrNull) }
|
||||
call.respond(
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.follow.routes.constitution
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.constitution.database.ConstitutionRef
|
||||
import fr.dcproject.component.follow.FollowAccessControl
|
||||
import fr.dcproject.component.follow.database.FollowConstitutionRepository
|
||||
@@ -25,6 +26,7 @@ object UnfollowConstitution {
|
||||
|
||||
fun Route.unfollowConstitution(repo: FollowConstitutionRepository, ac: FollowAccessControl) {
|
||||
delete<ConstitutionUnfollowRequest> {
|
||||
mustBeAuth()
|
||||
val follow = FollowForUpdate(target = it.constitution, createdBy = this.citizen)
|
||||
ac.assert { canDelete(follow, citizenOrNull) }
|
||||
repo.unfollow(follow)
|
||||
|
||||
@@ -5,6 +5,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.toUUID
|
||||
import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.opinion.OpinionAccessControl
|
||||
import fr.dcproject.component.opinion.database.Opinion
|
||||
@@ -31,6 +32,7 @@ object GetCitizenOpinions {
|
||||
|
||||
fun Route.getCitizenOpinions(repo: OpinionArticleRepository, ac: OpinionAccessControl) {
|
||||
get<CitizenOpinions> {
|
||||
mustBeAuth()
|
||||
val opinionsEntities: List<Opinion<ArticleRef>> = repo.findCitizenOpinionsByTargets(it.citizen, it.id)
|
||||
ac.assert { canView(opinionsEntities, citizenOrNull) }
|
||||
|
||||
|
||||
@@ -5,6 +5,7 @@ import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.opinion.OpinionAccessControl
|
||||
import fr.dcproject.component.opinion.database.Opinion
|
||||
@@ -37,6 +38,7 @@ object GetMyOpinionsArticle {
|
||||
|
||||
fun Route.getMyOpinionsArticle(repo: OpinionArticleRepository, ac: OpinionAccessControl) {
|
||||
get<CitizenOpinionsArticleRequest> {
|
||||
mustBeAuth()
|
||||
val opinions: Paginated<Opinion<TargetRef>> = repo.findCitizenOpinions(citizen, it.page, it.limit)
|
||||
ac.assert { canView(opinions.result, citizenOrNull) }
|
||||
call.respond(
|
||||
|
||||
@@ -6,6 +6,7 @@ import fr.dcproject.common.utils.toUUID
|
||||
import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.opinion.OpinionAccessControl
|
||||
import fr.dcproject.component.opinion.database.OpinionChoiceRef
|
||||
import fr.dcproject.component.opinion.database.OpinionForUpdate
|
||||
@@ -34,6 +35,7 @@ object OpinionArticle {
|
||||
|
||||
fun Route.setOpinionOnArticle(repo: OpinionArticleRepository, ac: OpinionAccessControl) {
|
||||
put<ArticleOpinion> {
|
||||
mustBeAuth()
|
||||
call.receiveOrBadRequest<ArticleOpinion.Body>().ids.map { id ->
|
||||
OpinionForUpdate(
|
||||
choice = OpinionChoiceRef(id),
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
package fr.dcproject.component.views
|
||||
|
||||
import fr.dcproject.application.Configuration
|
||||
import fr.dcproject.component.article.ArticleViewManager
|
||||
import fr.dcproject.component.article.database.ArticleForView
|
||||
import fr.dcproject.component.article.database.ArticleViewRepository
|
||||
import org.apache.http.HttpHost
|
||||
import org.elasticsearch.client.RestClient
|
||||
import org.koin.dsl.module
|
||||
@@ -17,6 +17,6 @@ val viewKoinModule = module {
|
||||
).build().apply {
|
||||
createEsIndexForViews()
|
||||
}
|
||||
ArticleViewManager<ArticleForView>(esClient)
|
||||
ArticleViewRepository<ArticleForView>(esClient)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,14 +2,13 @@ package fr.dcproject.component.views
|
||||
|
||||
import fr.dcproject.component.citizen.database.CitizenI
|
||||
import fr.dcproject.component.views.entity.ViewAggregation
|
||||
import org.elasticsearch.client.Response
|
||||
import org.joda.time.DateTime
|
||||
|
||||
interface ViewManager <T> {
|
||||
interface ViewRepository <T> {
|
||||
/**
|
||||
* Add view to one entity
|
||||
*/
|
||||
fun addView(ip: String, entity: T, citizen: CitizenI? = null, dateTime: DateTime = DateTime.now()): Response?
|
||||
fun addView(ip: String, entity: T, citizen: CitizenI? = null, dateTime: DateTime = DateTime.now())
|
||||
|
||||
/**
|
||||
* Get Views aggregations
|
||||
@@ -4,6 +4,7 @@ import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.toUUID
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.vote.VoteAccessControl
|
||||
import fr.dcproject.component.vote.database.VoteRepository
|
||||
@@ -26,6 +27,7 @@ object GetCitizenVotes {
|
||||
|
||||
fun Route.getCitizenVote(repo: VoteRepository, ac: VoteAccessControl) {
|
||||
get<CitizenVotesRequest> {
|
||||
mustBeAuth()
|
||||
val votes = repo.findCitizenVotesByTargets(it.citizen, it.id)
|
||||
if (votes.isNotEmpty()) {
|
||||
ac.assert { canView(votes, citizenOrNull) }
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.vote.routes
|
||||
import fr.dcproject.common.response.toOutput
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.vote.VoteAccessControl
|
||||
import fr.dcproject.component.vote.database.VoteArticleRepository
|
||||
@@ -31,6 +32,7 @@ object GetCitizenVotesOnArticle {
|
||||
|
||||
fun Route.getCitizenVotesOnArticle(repo: VoteArticleRepository, ac: VoteAccessControl) {
|
||||
get<CitizenVoteArticleRequest> {
|
||||
mustBeAuth()
|
||||
val votes = repo.findByCitizen(it.citizen, it.page, it.limit)
|
||||
ac.assert { canView(votes.result, citizenOrNull) }
|
||||
|
||||
|
||||
@@ -6,6 +6,7 @@ import fr.dcproject.component.article.database.ArticleRef
|
||||
import fr.dcproject.component.article.database.ArticleRepository
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.vote.VoteAccessControl
|
||||
import fr.dcproject.component.vote.database.VoteArticleRepository
|
||||
import fr.dcproject.component.vote.database.VoteForUpdate
|
||||
@@ -29,6 +30,7 @@ object PutVoteOnArticle {
|
||||
|
||||
fun Route.putVoteOnArticle(repo: VoteArticleRepository, ac: VoteAccessControl, articleRepo: ArticleRepository) {
|
||||
put<ArticleVoteRequest> {
|
||||
mustBeAuth()
|
||||
val input = call.receiveOrBadRequest<ArticleVoteRequest.Input>()
|
||||
val article = articleRepo.findById(it.article.id) ?: throw NotFoundException("Article ${it.article.id} not found")
|
||||
val vote = VoteForUpdate(
|
||||
|
||||
@@ -4,6 +4,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.comment.generic.database.CommentRepository
|
||||
import fr.dcproject.component.vote.VoteAccessControl
|
||||
import fr.dcproject.component.vote.database.VoteCommentRepository
|
||||
@@ -26,6 +27,7 @@ object PutVoteOnComment {
|
||||
|
||||
fun Route.putVoteOnComment(voteCommentRepo: VoteCommentRepository, commentRepo: CommentRepository, ac: VoteAccessControl) {
|
||||
put<CommentVoteRequest> {
|
||||
mustBeAuth()
|
||||
val comment = commentRepo.findById(it.comment)!!
|
||||
val content = call.receiveOrBadRequest<CommentVoteRequest.Content>()
|
||||
val vote = VoteForUpdate(
|
||||
|
||||
@@ -4,6 +4,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.constitution.database.ConstitutionRef
|
||||
import fr.dcproject.component.constitution.database.ConstitutionRepository
|
||||
import fr.dcproject.component.vote.VoteAccessControl
|
||||
@@ -30,6 +31,7 @@ object PutVoteOnConstitution {
|
||||
|
||||
fun Route.voteConstitution(repo: VoteConstitutionRepository, ac: VoteAccessControl, constitutionRepo: ConstitutionRepository) {
|
||||
put<ConstitutionVoteRequest> {
|
||||
mustBeAuth()
|
||||
val constitution = constitutionRepo.findById(it.constitution.id) ?: throw NotFoundException("Unable to find constitution ${it.constitution.id}")
|
||||
val content = call.receiveOrBadRequest<Input>()
|
||||
val vote = VoteForUpdate(
|
||||
|
||||
@@ -5,6 +5,7 @@ import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizen
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.workgroup.WorkgroupAccessControl
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupForUpdate
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupRepository
|
||||
@@ -33,6 +34,7 @@ object CreateWorkgroup {
|
||||
|
||||
fun Route.createWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) {
|
||||
post<PostWorkgroupRequest> {
|
||||
mustBeAuth()
|
||||
call.receiveOrBadRequest<Input>().run {
|
||||
WorkgroupForUpdate(
|
||||
id ?: UUID.randomUUID(),
|
||||
|
||||
@@ -2,6 +2,7 @@ package fr.dcproject.component.workgroup.routes
|
||||
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.workgroup.WorkgroupAccessControl
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupRepository
|
||||
import io.ktor.application.call
|
||||
@@ -20,6 +21,7 @@ object DeleteWorkgroup {
|
||||
|
||||
fun Route.deleteWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) {
|
||||
delete<DeleteWorkgroupRequest> {
|
||||
mustBeAuth()
|
||||
repo.findById(it.workgroupId)?.let { workgroup ->
|
||||
ac.assert { canDelete(workgroup, citizenOrNull) }
|
||||
repo.delete(workgroup)
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.workgroup.routes
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.workgroup.WorkgroupAccessControl
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupForUpdate
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupRepository
|
||||
@@ -31,6 +32,7 @@ object EditWorkgroup {
|
||||
|
||||
fun Route.editWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) {
|
||||
put<PutWorkgroupRequest> {
|
||||
mustBeAuth()
|
||||
repo.findById(it.workgroupId)?.let { old ->
|
||||
call.receiveOrBadRequest<Input>().run {
|
||||
WorkgroupForUpdate(
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.workgroup.routes.members
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.workgroup.WorkgroupAccessControl
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupRepository
|
||||
@@ -44,6 +45,7 @@ object AddMemberToWorkgroup {
|
||||
fun Route.addMemberToWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) {
|
||||
/* Add members to workgroup */
|
||||
post<WorkgroupsMembersRequest> {
|
||||
mustBeAuth()
|
||||
repo.findById(it.workgroupId)?.let { workgroup ->
|
||||
call.getMembersFromRequest().let { members ->
|
||||
ac.assert { canAddMembers(workgroup, citizenOrNull) }
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.workgroup.routes.members
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.workgroup.WorkgroupAccessControl
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupRepository
|
||||
@@ -35,6 +36,7 @@ object DeleteMembersOfWorkgroup {
|
||||
fun Route.deleteMemberOfWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) {
|
||||
/* Delete members of workgroup */
|
||||
delete<WorkgroupsMembersRequest> {
|
||||
mustBeAuth()
|
||||
repo.findById(it.workgroupId)?.let { workgroup ->
|
||||
call.getMembersFromRequest()
|
||||
.let { members ->
|
||||
|
||||
@@ -3,6 +3,7 @@ package fr.dcproject.component.workgroup.routes.members
|
||||
import fr.dcproject.common.security.assert
|
||||
import fr.dcproject.common.utils.receiveOrBadRequest
|
||||
import fr.dcproject.component.auth.citizenOrNull
|
||||
import fr.dcproject.component.auth.mustBeAuth
|
||||
import fr.dcproject.component.citizen.database.CitizenRef
|
||||
import fr.dcproject.component.workgroup.WorkgroupAccessControl
|
||||
import fr.dcproject.component.workgroup.database.WorkgroupRepository
|
||||
@@ -42,6 +43,7 @@ object UpdateMemberOfWorkgroup {
|
||||
fun Route.updateMemberOfWorkgroup(repo: WorkgroupRepository, ac: WorkgroupAccessControl) {
|
||||
/* Update members of workgroup */
|
||||
put<WorkgroupsMembersRequest> {
|
||||
mustBeAuth()
|
||||
repo.findById(it.workgroupId)?.let { workgroup ->
|
||||
call.getMembersFromRequest().let { members ->
|
||||
ac.assert { canUpdateMembers(workgroup, citizenOrNull) }
|
||||
|
||||
@@ -42,3 +42,11 @@ mail {
|
||||
key = ${?SEND_GRID_KEY}
|
||||
}
|
||||
}
|
||||
|
||||
jwt {
|
||||
secret = ${?JWT_SECRET}
|
||||
issuer = "dc-project.fr"
|
||||
issuer = ${?JWT_ISSUER}
|
||||
validity = 36000000
|
||||
validity = ${?JWT_VALIDITY}
|
||||
}
|
||||
@@ -108,12 +108,22 @@ paths:
|
||||
type: integer
|
||||
401:
|
||||
$ref: '#/components/responses/401'
|
||||
403:
|
||||
description: Forbiden
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
description: Forbiden
|
||||
properties:
|
||||
statusCode:
|
||||
type: integer
|
||||
title:
|
||||
type: string
|
||||
|
||||
/articles/{article}:
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/article'
|
||||
get:
|
||||
security:
|
||||
- JWTAuth: []
|
||||
summary: Get one article
|
||||
tags:
|
||||
- article
|
||||
@@ -1126,8 +1136,6 @@ paths:
|
||||
/workgroups:
|
||||
get:
|
||||
summary: Get all Workgroup (Paginated)
|
||||
security:
|
||||
- JWTAuth: [ ]
|
||||
tags:
|
||||
- workgroup
|
||||
parameters:
|
||||
@@ -1194,8 +1202,6 @@ paths:
|
||||
- $ref: '#/components/parameters/workgroup'
|
||||
get:
|
||||
summary: Get one workgroup by ID
|
||||
security:
|
||||
- JWTAuth: [ ]
|
||||
tags:
|
||||
- workgroup
|
||||
responses:
|
||||
|
||||
7
src/test/kotlin/assert/Range.kt
Normal file
7
src/test/kotlin/assert/Range.kt
Normal file
@@ -0,0 +1,7 @@
|
||||
package assert
|
||||
|
||||
import kotlin.test.assertTrue
|
||||
|
||||
infix fun IntProgression.assertContain(expected: Int) {
|
||||
assertTrue(this.contains(expected), "Expected $this less than $expected")
|
||||
}
|
||||
@@ -22,7 +22,7 @@ import org.koin.test.get
|
||||
@KtorExperimentalLocationsAPI
|
||||
@KtorExperimentalAPI
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Tags(Tag("functional"))
|
||||
@Tags(Tag("functional"), Tag("mail"))
|
||||
class MailerTest : KoinTest, AutoCloseKoinTest() {
|
||||
@InternalCoroutinesApi
|
||||
@ExperimentalCoroutinesApi
|
||||
|
||||
@@ -33,7 +33,7 @@ import org.junit.jupiter.api.TestInstance
|
||||
import org.slf4j.LoggerFactory
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_METHOD)
|
||||
@Tags(Tag("functional"))
|
||||
@Tags(Tag("functional"), Tag("notification"))
|
||||
class NotificationConsumerTest {
|
||||
companion object {
|
||||
@BeforeAll
|
||||
|
||||
@@ -24,7 +24,7 @@ import org.junit.jupiter.api.Tags
|
||||
import org.junit.jupiter.api.Test
|
||||
import kotlin.test.assertEquals
|
||||
|
||||
@Tags(Tag("functional"))
|
||||
@Tags(Tag("functional"), Tag("notification"))
|
||||
internal class NotificationsPushTest {
|
||||
companion object {
|
||||
@BeforeAll
|
||||
|
||||
@@ -8,7 +8,7 @@ import org.junit.jupiter.api.TestInstance
|
||||
import kotlin.test.assertEquals
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Tags(Tag("functional"))
|
||||
@Tags(Tag("functional"), Tag("utils"))
|
||||
class ResourcesKtTest {
|
||||
@Test
|
||||
fun readResource() {
|
||||
|
||||
@@ -2,8 +2,8 @@ package functional
|
||||
|
||||
import fr.dcproject.application.Env.TEST
|
||||
import fr.dcproject.application.module
|
||||
import fr.dcproject.component.article.ArticleViewManager
|
||||
import fr.dcproject.component.article.database.ArticleForView
|
||||
import fr.dcproject.component.article.database.ArticleViewRepository
|
||||
import fr.dcproject.component.auth.database.UserCreator
|
||||
import fr.dcproject.component.citizen.database.CitizenCreator
|
||||
import fr.dcproject.component.citizen.database.CitizenI
|
||||
@@ -25,7 +25,7 @@ import java.util.UUID
|
||||
@KtorExperimentalAPI
|
||||
@ExperimentalCoroutinesApi
|
||||
@TestInstance(PER_CLASS)
|
||||
@Tags(Tag("functional"))
|
||||
@Tags(Tag("functional"), Tag("view"))
|
||||
class ViewTest {
|
||||
@Test
|
||||
fun `test View Article`() {
|
||||
@@ -44,33 +44,33 @@ class ViewTest {
|
||||
val citizenRef = CitizenRef()
|
||||
|
||||
withTestApplication({ module(TEST) }) {
|
||||
val viewManager: ArticleViewManager<ArticleForView> = application.get()
|
||||
val viewRepository: ArticleViewRepository<ArticleForView> = application.get()
|
||||
|
||||
/* Get view before */
|
||||
val startView = viewManager.getViewsCount(article)
|
||||
val startView = viewRepository.getViewsCount(article)
|
||||
|
||||
/* Add View */
|
||||
viewManager.addView(
|
||||
viewRepository.addView(
|
||||
"1.2.3.4",
|
||||
article,
|
||||
citizenRef
|
||||
)
|
||||
|
||||
/* Add View */
|
||||
viewManager.addView(
|
||||
viewRepository.addView(
|
||||
"10.10.10.10",
|
||||
article,
|
||||
citizenRef
|
||||
)
|
||||
|
||||
/* Add View */
|
||||
viewManager.addView(
|
||||
viewRepository.addView(
|
||||
"8.8.8.8",
|
||||
article
|
||||
)
|
||||
|
||||
/* Add View */
|
||||
viewManager.addView(
|
||||
viewRepository.addView(
|
||||
"1.1.1.1",
|
||||
article
|
||||
)
|
||||
@@ -79,7 +79,7 @@ class ViewTest {
|
||||
Thread.sleep(1000)
|
||||
|
||||
/* Get view */
|
||||
val afterView = viewManager.getViewsCount(article)
|
||||
val afterView = viewRepository.getViewsCount(article)
|
||||
|
||||
/* Check if view has increment */
|
||||
afterView.total `should be equal to` startView.total + 4
|
||||
|
||||
@@ -12,11 +12,13 @@ import integration.steps.given.`authenticated as`
|
||||
import integration.steps.then.`And have property`
|
||||
import integration.steps.then.`And the response should contain list`
|
||||
import integration.steps.then.`And the response should contain pattern`
|
||||
import integration.steps.then.`And the response should contain`
|
||||
import integration.steps.then.`And the response should not be null`
|
||||
import integration.steps.then.`And the response should not contain`
|
||||
import integration.steps.then.`Then the response should be`
|
||||
import integration.steps.then.`whish contains`
|
||||
import integration.steps.then.and
|
||||
import io.ktor.http.HttpStatusCode.Companion.Forbidden
|
||||
import io.ktor.http.HttpStatusCode.Companion.OK
|
||||
import org.junit.jupiter.api.Tag
|
||||
import org.junit.jupiter.api.Tags
|
||||
@@ -36,7 +38,7 @@ class `Article routes` : BaseTest() {
|
||||
`And the response should contain pattern`("$.result[1].createdBy.name.firstName", "firstName.+")
|
||||
`And the response should contain pattern`("$.result[2].createdBy.name.firstName", "firstName.+")
|
||||
`And the response should not contain`("$.result[3]")
|
||||
`And the response should contain list`("$.result", 3, 3)
|
||||
`And the response should contain list`("$.result", 3)
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -104,4 +106,30 @@ class `Article routes` : BaseTest() {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
fun `I cannot create an article if I'm not connected`() {
|
||||
withIntegrationApplication {
|
||||
`When I send a POST request`("/articles") {
|
||||
`with body`(
|
||||
"""
|
||||
{
|
||||
"versionId": "e3c7ce42-241c-4caf-9a59-aba4e466440e",
|
||||
"title": "title2",
|
||||
"anonymous": false,
|
||||
"content": "content2",
|
||||
"description": "description2",
|
||||
"tags": [
|
||||
"green"
|
||||
]
|
||||
}
|
||||
"""
|
||||
)
|
||||
} `Then the response should be` Forbidden and {
|
||||
`And the response should not be null`()
|
||||
`And the response should contain`("$.statusCode", 403)
|
||||
`And the response should contain`("$.title", "No User Connected")
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
147
src/test/kotlin/integration/Check auth on all routes.kt
Normal file
147
src/test/kotlin/integration/Check auth on all routes.kt
Normal file
@@ -0,0 +1,147 @@
|
||||
package integration
|
||||
|
||||
import fr.dcproject.common.utils.getResource
|
||||
import io.ktor.http.ContentType
|
||||
import io.ktor.http.HttpHeaders
|
||||
import io.ktor.http.HttpMethod
|
||||
import io.ktor.http.HttpStatusCode
|
||||
import org.junit.jupiter.api.Tag
|
||||
import org.junit.jupiter.api.Tags
|
||||
import org.junit.jupiter.api.Test
|
||||
import org.junit.jupiter.api.TestInstance
|
||||
import org.openapi4j.core.model.OAIContext
|
||||
import org.openapi4j.parser.OpenApi3Parser
|
||||
import org.openapi4j.parser.model.v3.OpenApi3
|
||||
import org.openapi4j.parser.model.v3.Operation
|
||||
import org.openapi4j.parser.model.v3.Parameter
|
||||
import org.openapi4j.parser.model.v3.Path
|
||||
import java.io.File
|
||||
import java.util.UUID
|
||||
import kotlin.test.assertTrue
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Tags(Tag("integration"), Tag("auth"))
|
||||
class `Check auth on all routes` : BaseTest() {
|
||||
@Test
|
||||
fun `Check all routes`() {
|
||||
val filePath = "/openapi.yaml"
|
||||
OpenApi3Parser().parse(File(filePath.getResource().toURI()), true).let { api: OpenApi3 ->
|
||||
/* Loop on paths and http methods */
|
||||
api.paths.flatMap { (pathName: String, path: Path) ->
|
||||
path.operations
|
||||
/* Take only the secure route */
|
||||
.filter { (_, operation: Operation) -> operation.hasSecurityRequirements() }
|
||||
.map { (methodName, _) ->
|
||||
/* Send request to check security */
|
||||
sendRequest(
|
||||
path.buildUrl(pathName, methodName, api.context), /* Replace route to real URL */
|
||||
HttpMethod.parse(methodName.toUpperCase()) /* Convert http method name to enum */
|
||||
)
|
||||
}
|
||||
}.let { requests ->
|
||||
/* Check security of routes */
|
||||
assertTrue(
|
||||
requests.all { it.statusCode == HttpStatusCode.Forbidden },
|
||||
requests
|
||||
.filter { it.statusCode != HttpStatusCode.Forbidden }
|
||||
.joinToString("\n") { it.toString() }
|
||||
)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private fun sendRequest(uri: String, method: HttpMethod): RequestResponse {
|
||||
return try {
|
||||
withIntegrationApplication {
|
||||
handleRequest(true) {
|
||||
this.method = method
|
||||
this.uri = uri
|
||||
addHeader(HttpHeaders.ContentType, ContentType.Application.Json.toString())
|
||||
addHeader(HttpHeaders.Accept, ContentType.Application.Json.toString())
|
||||
}.run {
|
||||
RequestResponse(
|
||||
response.status() ?: error("Request error"),
|
||||
method,
|
||||
uri
|
||||
)
|
||||
}
|
||||
}
|
||||
} catch (e: Throwable) {
|
||||
RequestResponse(
|
||||
HttpStatusCode.InternalServerError,
|
||||
method,
|
||||
uri
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
private data class RequestResponse(
|
||||
val statusCode: HttpStatusCode,
|
||||
val method: HttpMethod,
|
||||
val uri: String
|
||||
) {
|
||||
override fun toString(): String {
|
||||
return """HttpStatus ${statusCode.value} for: ${method.value.padStart(6, ' ')} $uri"""
|
||||
}
|
||||
}
|
||||
|
||||
private fun Path.buildUrl(path: String, methodName: String, context: OAIContext): String {
|
||||
val urlReplaced = this.getParametersIn(context, "path")
|
||||
.fold(path) { pathToReplace: String, parameter: Parameter ->
|
||||
"""\{${parameter.name}}""".toRegex().replace(
|
||||
pathToReplace,
|
||||
parameter.generateFakeValue()
|
||||
)
|
||||
}
|
||||
|
||||
val rootQueryParameters = this.getParametersIn(context, "query")
|
||||
.filter { it.isRequired }
|
||||
.map { parameter ->
|
||||
parameter
|
||||
.generateFakeArray()
|
||||
.joinToString("&") { "${parameter.name}=$it" }
|
||||
}
|
||||
|
||||
val queryParameters = this.getOperation(methodName).getParametersIn(context, "query")
|
||||
.filter { it.isRequired }
|
||||
.map { parameter ->
|
||||
parameter
|
||||
.generateFakeArray()
|
||||
.joinToString("&") { "${parameter.name}=$it" }
|
||||
}
|
||||
val allParameters: String = (rootQueryParameters + queryParameters)
|
||||
.joinToString("&")
|
||||
.let {
|
||||
if (it.isNotEmpty()) {
|
||||
"?$it"
|
||||
} else {
|
||||
it
|
||||
}
|
||||
}
|
||||
|
||||
return "$urlReplaced$allParameters"
|
||||
}
|
||||
|
||||
private fun Parameter.generateFakeValue(): String {
|
||||
return if (example != null) {
|
||||
example.toString()
|
||||
} else if (schema.type == "string" && schema.format == "uuid") {
|
||||
UUID.randomUUID().toString()
|
||||
} else {
|
||||
"example123"
|
||||
}
|
||||
}
|
||||
|
||||
private fun Parameter.generateFakeArray(): List<String> {
|
||||
if (schema.type != "array") {
|
||||
error("Parameter is not an array")
|
||||
}
|
||||
return if (example != null && example is Iterable<*>) {
|
||||
(example as Iterable<*>).map { it.toString() }
|
||||
} else if (schema.itemsSchema.type == "string" && schema.itemsSchema.format == "uuid") {
|
||||
listOf(UUID.randomUUID().toString())
|
||||
} else {
|
||||
listOf("example123")
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -84,6 +84,7 @@ class `Comment articles routes` : BaseTest() {
|
||||
`Given I have article`(id = "17df7fb9-b388-4e20-ab19-29c29972da01", createdBy = Name("Erwin", "Schrodinger"))
|
||||
`Given I have comment on article`(article = "17df7fb9-b388-4e20-ab19-29c29972da01", createdBy = Name("Erwin", "Schrodinger"))
|
||||
`When I send a GET request`("/citizens/292a20cc-4a60-489e-9866-a95d38ffaf47/comments/articles") {
|
||||
`authenticated as`("Erwin", "Schrodinger")
|
||||
} `Then the response should be` OK and {
|
||||
`And the response should not be null`()
|
||||
`And the response should contain`("$.currentPage", 1)
|
||||
|
||||
@@ -50,13 +50,14 @@ class `Comment constitutions routes` : BaseTest() {
|
||||
`Given I have constitution`(id = "34ddd50a-da00-4a90-a869-08baa2a121be", createdBy = Name("Charles", "Darwin"))
|
||||
`Given I have comment on constitution`(constitution = "34ddd50a-da00-4a90-a869-08baa2a121be", createdBy = Name("Charles", "Darwin"))
|
||||
`When I send a GET request`("/citizens/46e0bda9-ca6a-4c65-a58b-7e7267a0bbc5/comments/constitutions") {
|
||||
`authenticated as`("Charles", "Darwin")
|
||||
} `Then the response should be` OK and {
|
||||
`And the response should not be null`()
|
||||
`And the response should contain`("$.currentPage", 1)
|
||||
`And the response should contain`("$.limit", 50)
|
||||
`And the response should contain`("$.result[0].createdBy.id", "46e0bda9-ca6a-4c65-a58b-7e7267a0bbc5")
|
||||
`And the response should contain`("$.result[0].target.id", "34ddd50a-da00-4a90-a869-08baa2a121be")
|
||||
`And the response should contain list`("$.result[*]", 1, 1)
|
||||
`And the response should contain list`("$.result[*]", 1)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -21,7 +21,7 @@ import org.junit.jupiter.api.Test
|
||||
import org.junit.jupiter.api.TestInstance
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Tags(Tag("integration"), Tag("article"), Tag("opinion"))
|
||||
@Tags(Tag("integration"), Tag("opinion"))
|
||||
class `Opinion routes` : BaseTest() {
|
||||
@Test
|
||||
fun `I can get all opinion choices`() {
|
||||
@@ -48,6 +48,7 @@ class `Opinion routes` : BaseTest() {
|
||||
}
|
||||
|
||||
@Test
|
||||
@Tag("article")
|
||||
fun `I can create opinion on article`() {
|
||||
withIntegrationApplication {
|
||||
`Given I have citizen`("Isaac", "Newton", id = "2f414045-95d9-42ca-a3a9-8cdde52ad253")
|
||||
@@ -89,6 +90,7 @@ class `Opinion routes` : BaseTest() {
|
||||
}
|
||||
|
||||
@Test
|
||||
@Tag("article")
|
||||
fun `I can receive opinion aggregation with article`() {
|
||||
withIntegrationApplication {
|
||||
`Given I have an opinion choice`("Opinion6")
|
||||
@@ -120,6 +122,7 @@ class `Opinion routes` : BaseTest() {
|
||||
}
|
||||
|
||||
@Test
|
||||
@Tag("article")
|
||||
fun `I can get all my opinion of one article`() {
|
||||
withIntegrationApplication {
|
||||
`Given I have citizen`("Albert", "Einstein", id = "c1542096-3431-432d-8e35-9dc071d4c818")
|
||||
@@ -134,7 +137,7 @@ class `Opinion routes` : BaseTest() {
|
||||
`authenticated as`("Albert", "Einstein")
|
||||
} `Then the response should be` OK and {
|
||||
`And the response should contain`("$.result[0].name", "Opinion9")
|
||||
`And the response should contain list`("$.result[*]", 1, 1)
|
||||
`And the response should contain list`("$.result[*]", 1)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -119,7 +119,7 @@ class `Workgroup routes` : BaseTest() {
|
||||
`And the response should contain`("$.description", "Une petite souris")
|
||||
|
||||
`And have property`("$.members")
|
||||
`And the response should contain list`("$.members", 3, 3)
|
||||
`And the response should contain list`("$.members", 3)
|
||||
`And the response should contain`("$.members.[1]citizen.id", "94f92424-c257-4582-907c-98564a8c4ac9")
|
||||
`And the response should contain`("$.members.[2]citizen.id", "87909ba3-2069-431c-9924-219fd8411cf2")
|
||||
}
|
||||
@@ -215,7 +215,7 @@ class `Workgroup routes` : BaseTest() {
|
||||
]
|
||||
"""
|
||||
} `Then the response should be` OK and {
|
||||
`And the response should contain list`("$", 2, 2)
|
||||
`And the response should contain list`("$", 2)
|
||||
`And the response should contain`("$.[0]citizen.id", "94f92424-c257-4582-907c-98564a8c4ac9")
|
||||
`And the response should contain`("$.[1]citizen.id", "1baf48bb-02bc-4d8f-ac86-33335354f5e7")
|
||||
}
|
||||
@@ -252,7 +252,7 @@ class `Workgroup routes` : BaseTest() {
|
||||
"""
|
||||
)
|
||||
} `Then the response should be` OK and {
|
||||
`And the response should contain list`("$", 2, 2)
|
||||
`And the response should contain list`("$", 2)
|
||||
`And the response should contain`("$.[0]citizen.id", "be3b0926-8628-4426-804a-75188a6eb315")
|
||||
`And the response should contain`("$.[1]citizen.id", "b49e20c1-8393-45d6-a6a0-3fa5c71cbdc1")
|
||||
}
|
||||
|
||||
@@ -15,10 +15,11 @@ fun TestApplicationRequest.`authenticated as`(
|
||||
val username = "$firstName-$lastName".toLowerCase()
|
||||
val repo: CitizenRepository by lazy<CitizenRepository> { GlobalContext.get().koin.get() }
|
||||
val citizen = repo.findByUsername(username) ?: error("Citizen not exist with username $username")
|
||||
val algorithm = GlobalContext.get().koin.get<JwtConfig>().algorithm
|
||||
val jwtAsString: String = JWT.create()
|
||||
.withIssuer("dc-project.fr")
|
||||
.withClaim("id", citizen.user.id.toString())
|
||||
.sign(JwtConfig.algorithm)
|
||||
.sign(algorithm)
|
||||
|
||||
addHeader(HttpHeaders.Authorization, "Bearer $jwtAsString")
|
||||
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package integration.steps.then
|
||||
|
||||
import assert.assertGreaterThan
|
||||
import assert.assertLessThan
|
||||
import assert.assertContain
|
||||
import com.jayway.jsonpath.JsonPath
|
||||
import com.jayway.jsonpath.PathNotFoundException
|
||||
import io.ktor.http.HttpStatusCode
|
||||
@@ -85,15 +84,13 @@ fun TestApplicationResponse.`And the response should contain pattern`(path: Stri
|
||||
}
|
||||
}
|
||||
|
||||
fun TestApplicationResponse.`And the response should contain list`(path: String, min: Int? = null, max: Int? = null) {
|
||||
fun TestApplicationResponse.`And the response should contain list`(path: String, exactCount: Int) =
|
||||
`And the response should contain list`(path, IntRange(exactCount, exactCount))
|
||||
|
||||
fun TestApplicationResponse.`And the response should contain list`(path: String, range: IntRange) {
|
||||
JsonPath.read<JSONArray?>(content, path).also {
|
||||
assertNotNull(it)
|
||||
if (min != null) {
|
||||
it.size assertGreaterThan min
|
||||
}
|
||||
if (max != null) {
|
||||
it.size assertLessThan max
|
||||
}
|
||||
range assertContain it.size
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -2,8 +2,12 @@ package integration.steps.then
|
||||
|
||||
import com.fasterxml.jackson.databind.JsonNode
|
||||
import com.fasterxml.jackson.databind.ObjectMapper
|
||||
import com.fasterxml.jackson.databind.node.BooleanNode
|
||||
import com.fasterxml.jackson.databind.node.IntNode
|
||||
import com.fasterxml.jackson.databind.node.TextNode
|
||||
import fr.dcproject.common.utils.getResource
|
||||
import fr.dcproject.common.utils.isBool
|
||||
import fr.dcproject.common.utils.isInt
|
||||
import io.ktor.http.ContentType
|
||||
import io.ktor.http.Url
|
||||
import io.ktor.request.contentType
|
||||
@@ -55,16 +59,17 @@ fun TestApplicationResponse.`And the schema response body must be valid`(content
|
||||
/* Validate Response */
|
||||
this.apply {
|
||||
val status = call.response.status()
|
||||
val httpMethod = call.request.httpMethod.value.toUpperCase()
|
||||
val responseContent: JsonNode = if (content != null)
|
||||
ObjectMapper().readTree(content)
|
||||
else TextNode("")
|
||||
|
||||
val response = getResponse(status?.value?.toString() ?: error("HttpStatus not found")) ?: fail("""No Status "${status.value}" found for "$this $uri".""")
|
||||
val response = getResponse(status?.value?.toString() ?: error("HttpStatus not found")) ?: fail("""No Status "${status.value}" found for "$httpMethod $uri".""")
|
||||
val schema = response.getContentMediaType(contentType.toString())?.schema
|
||||
|
||||
if (content != null) {
|
||||
schema?.validate(api, responseContent)
|
||||
?: fail("""No Status "${status.value}" found with media type "$contentType" for "$this $uri".""")
|
||||
?: fail("""No Status "${status.value}" found with media type "$contentType" for "$httpMethod $uri".""")
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -74,13 +79,18 @@ fun TestApplicationResponse.`And the schema parameters must be valid`() {
|
||||
operation { api, uri ->
|
||||
/* Validate Request URL */
|
||||
this.apply {
|
||||
val methodName = call.request.httpMethod.value.toUpperCase()
|
||||
Url(call.request.uri).parameters.forEach { parameter: String, values: List<String> ->
|
||||
val schema = getParametersIn(api.context, "query")
|
||||
?.firstOrNull { it.name == parameter }?.schema
|
||||
?: error("""No parameter found ($parameter) for "$this $uri".""")
|
||||
?: error("""No parameter found ($parameter) for "$methodName $uri".""")
|
||||
|
||||
if (schema.type == "array") {
|
||||
schema.validate(api, ObjectMapper().valueToTree(values))
|
||||
} else if (schema.type == "integer" && values.first().isInt()) {
|
||||
schema.validate(api, IntNode(values.first().toInt()))
|
||||
} else if (schema.type == "boolean" && values.first().isBool()) {
|
||||
schema.validate(api, BooleanNode.valueOf(values.first().toBoolean()))
|
||||
} else {
|
||||
schema.validate(api, TextNode(values.first()))
|
||||
}
|
||||
|
||||
@@ -27,7 +27,7 @@ import fr.dcproject.component.article.database.ArticleRepository as ArticleRepo
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("article"))
|
||||
internal class `Article Access Control` {
|
||||
private val tesla = CitizenCreator(
|
||||
id = UUID.fromString("e6efc288-4283-4729-a268-6debb18de1a0"),
|
||||
|
||||
@@ -18,7 +18,7 @@ import org.junit.jupiter.api.parallel.ExecutionMode.CONCURRENT
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("citizen"))
|
||||
internal class `Citizen Access Control` {
|
||||
private val tesla = CitizenCart(
|
||||
user = User(
|
||||
|
||||
@@ -25,7 +25,7 @@ import java.util.UUID
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("comment"))
|
||||
internal class `Comment Access Control` {
|
||||
private val tesla = Citizen(
|
||||
user = User(
|
||||
|
||||
@@ -23,7 +23,7 @@ import java.util.UUID
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("follow"))
|
||||
internal class `Follow Access Control` {
|
||||
private val tesla = CitizenCreator(
|
||||
user = UserCreator(
|
||||
|
||||
@@ -21,7 +21,7 @@ import java.util.UUID
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("opinion"))
|
||||
internal class `Opinion Access Control` {
|
||||
private val tesla = CitizenCreator(
|
||||
user = UserCreator(
|
||||
|
||||
@@ -15,7 +15,7 @@ import java.util.UUID
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("opinion"))
|
||||
internal class `OpinionChoice Access Control` {
|
||||
private val tesla = CitizenRef(
|
||||
id = UUID.fromString("e6efc288-4283-4729-a268-6debb18de1a0"),
|
||||
|
||||
@@ -24,7 +24,7 @@ import java.util.UUID
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("vote"))
|
||||
internal class `Vote Access Control` {
|
||||
private val tesla = Citizen(
|
||||
id = UUID.fromString("a1e35c99-9d33-4fb4-9201-58d7071243bb"),
|
||||
|
||||
@@ -20,7 +20,7 @@ import fr.dcproject.component.workgroup.database.WorkgroupForView as WorkgroupEn
|
||||
|
||||
@TestInstance(TestInstance.Lifecycle.PER_CLASS)
|
||||
@Execution(CONCURRENT)
|
||||
@Tags(Tag("security"), Tag("unit"))
|
||||
@Tags(Tag("security"), Tag("unit"), Tag("workgroup"))
|
||||
internal class `Workgroup Access Control` {
|
||||
private val tesla = CitizenCreator(
|
||||
user = UserCreator(
|
||||
|
||||
@@ -37,3 +37,9 @@ mail {
|
||||
key = "abcd"
|
||||
}
|
||||
}
|
||||
|
||||
jwt {
|
||||
secret = "zAP5MBA4B4Ijz0MZaS48"
|
||||
issuer = "dc-project.fr"
|
||||
validity = 36000000
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user