Commit a0e2cece authored by Piotr Gawron's avatar Piotr Gawron
Browse files

plugins contain information about being public or not

parent 837f6c95
......@@ -53,6 +53,8 @@ public class Plugin implements Serializable {
* Is the plugin public.
*/
private boolean isPublic = false;
private boolean isDefault= false;
/**
* List of urls from which plugin can be downloaded.
......@@ -109,4 +111,12 @@ public class Plugin implements Serializable {
public void setPublic(boolean isPublic) {
this.isPublic = isPublic;
}
public boolean isDefault() {
return isDefault;
}
public void setDefault(boolean isDefault) {
this.isDefault = isDefault;
}
}
alter table plugin_table add column is_default boolean default false not null;
......@@ -34,15 +34,16 @@ public class PluginController extends BaseController {
this.userService = userService;
}
@PreAuthorize("not #isPublic or hasAuthority('IS_ADMIN')")
@PreAuthorize("(not #isPublic and #isDefault!=true) or hasAuthority('IS_ADMIN')")
@PostMapping(value = "/")
public Map<String, Object> createPlugin(
@RequestParam(value = "hash") String hash,
@RequestParam(value = "name") String name,
@RequestParam(value = "version") String version,
@RequestParam(value = "isPublic", defaultValue = "false") boolean isPublic,
@RequestParam(value = "isDefault", required = false) Boolean isDefault,
@RequestParam(value = "url", defaultValue = "") String url) {
return pluginRest.createPlugin(hash, name, version, url, isPublic);
return pluginRest.createPlugin(hash, name, version, url, isPublic, isDefault);
}
@GetMapping(value = "/")
......
......@@ -28,11 +28,15 @@ public class PluginRestImpl extends BaseRestImpl {
this.pluginDataEntryDao = pluginDataEntryDao;
}
public Map<String, Object> createPlugin(String hash, String name, String version, String url, boolean isPublic) {
public Map<String, Object> createPlugin(String hash, String name, String version, String url, boolean isPublic,
Boolean isDefault) {
Plugin plugin = pluginDao.getByHash(hash);
if (plugin != null) {
plugin.getUrls().add(url);
plugin.setPublic(plugin.isPublic() || isPublic);
if (isDefault != null) {
plugin.setDefault(isDefault);
}
pluginDao.update(plugin);
} else {
plugin = new Plugin();
......@@ -40,6 +44,9 @@ public class PluginRestImpl extends BaseRestImpl {
plugin.setName(name);
plugin.setVersion(version);
plugin.setPublic(isPublic);
if (isDefault != null) {
plugin.setDefault(isDefault);
}
if (!url.isEmpty()) {
plugin.getUrls().add(url);
}
......
......@@ -12,7 +12,8 @@ import org.apache.http.message.BasicNameValuePair;
import org.apache.http.util.EntityUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.junit.*;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
......@@ -24,7 +25,6 @@ import org.springframework.transaction.annotation.Transactional;
import com.google.gson.JsonParser;
import lcsb.mapviewer.common.Configuration;
import lcsb.mapviewer.model.plugin.Plugin;
import lcsb.mapviewer.model.security.PrivilegeType;
import lcsb.mapviewer.model.user.User;
......@@ -115,39 +115,25 @@ public class PluginControllerIntegrationTest extends ControllerIntegrationTest {
assertEquals(1, pluginDao.getAll().size());
}
@Ignore("API has changed. The user parameter is now implicit, therefor this call is not handled by the servlet.")
@Test
public void setAndGetPluginData() throws Exception {
public void createDefaultPluginWithoutAccess() throws Exception {
MockHttpSession session = createSession(TEST_USER_LOGIN, TEST_USER_PASSWORD);
String body = "value=xxx";
Plugin plugin = createPlugin();
String body = EntityUtils.toString(new UrlEncodedFormEntity(Arrays.asList(
new BasicNameValuePair("hash", "x"),
new BasicNameValuePair("name", "x"),
new BasicNameValuePair("version", "x"),
new BasicNameValuePair("isPublic", "false"),
new BasicNameValuePair("isDefault", "true"),
new BasicNameValuePair("url", "x"))));
RequestBuilder request = post("/plugins/" + plugin.getHash() + "/data/users/" + TEST_USER_LOGIN + "/key/")
RequestBuilder request = post("/plugins/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.content(body)
.session(session);
mockMvc.perform(request)
.andExpect(status().is2xxSuccessful())
.andReturn().getResponse().getContentAsString();
request = get("/plugins/" + plugin.getHash() + "/data/users/" + TEST_USER_LOGIN + "/key/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.session(session);
String response = mockMvc.perform(request)
.andExpect(status().is2xxSuccessful())
.andReturn().getResponse().getContentAsString();
String result = new JsonParser()
.parse(response)
.getAsJsonObject()
.get("value")
.getAsString();
assertEquals("xxx", result);
.andExpect(status().isForbidden());
}
@Test
......@@ -181,30 +167,6 @@ public class PluginControllerIntegrationTest extends ControllerIntegrationTest {
assertEquals("xxx", result);
}
@Ignore("API has changed. The user parameter is now implicit, therefor this call is not handled by the servlet.")
@Test
public void forbidAccessingOtherUserPluginData() throws Exception {
String body = "value=xxx";
Plugin plugin = createPlugin();
RequestBuilder request = post(
"/plugins/" + plugin.getHash() + "/data/users/" + Configuration.ANONYMOUS_LOGIN + "/key/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.content(body);
mockMvc.perform(request)
.andExpect(status().is2xxSuccessful());
MockHttpSession session = createSession(TEST_USER_LOGIN, TEST_USER_PASSWORD);
request = get("/plugins/" + plugin.getHash() + "/data/users/" + Configuration.ANONYMOUS_LOGIN + "/key/")
.contentType(MediaType.APPLICATION_FORM_URLENCODED)
.session(session);
mockMvc.perform(request)
.andExpect(status().isForbidden());
}
private Plugin createPlugin() {
Plugin plugin = new Plugin();
plugin.setHash("XYZ");
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment