From dca5fbc353f19e6a50fbd60b1249456f03c66463 Mon Sep 17 00:00:00 2001 From: Sanjay Dalal Date: Fri, 31 Jul 2009 20:51:24 +0000 Subject: [PATCH] CSPACE-324 added initial set of tests (support for various http methods, check for service existence, check for server existence, etc.) for service layer. moved isSecureServer to CollectionSpaceClient/BaseServiceClient --- .../client/AuthenticationServiceTest.java | 57 +++-- services/client/pom.xml | 43 ++-- .../services/client/BaseServiceClient.java | 5 + .../client/CollectionSpaceClient.java | 6 + .../services/client/TestServiceClient.java | 45 ++++ .../services/client/test/ServiceTest.java | 204 ++++++++++++++++++ .../src/test/resources/log4j.properties | 23 ++ 7 files changed, 334 insertions(+), 49 deletions(-) create mode 100644 services/client/src/main/java/org/collectionspace/services/client/TestServiceClient.java create mode 100644 services/client/src/test/java/org/collectionspace/services/client/test/ServiceTest.java create mode 100644 services/client/src/test/resources/log4j.properties diff --git a/services/authentication/client/src/test/java/org/collectionspace/services/authentication/client/AuthenticationServiceTest.java b/services/authentication/client/src/test/java/org/collectionspace/services/authentication/client/AuthenticationServiceTest.java index bd49c3da8..efab061d8 100644 --- a/services/authentication/client/src/test/java/org/collectionspace/services/authentication/client/AuthenticationServiceTest.java +++ b/services/authentication/client/src/test/java/org/collectionspace/services/authentication/client/AuthenticationServiceTest.java @@ -50,12 +50,13 @@ public class AuthenticationServiceTest { @Test public void auth_createCollectionObject() { - if(!isServerSecure()){ - return; - } String identifier = this.createIdentifier(); CollectionObject collectionObject = createCollectionObject(identifier); CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); + if(!collectionObjectClient.isServerSecure()){ + logger.warn("set -Dcspace.server.secure=true to run security tests"); + return; + } collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY, "true"); collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY, "test"); collectionObjectClient.setProperty(CollectionSpaceClient.PASSWORD_PROPERTY, "test"); @@ -77,12 +78,13 @@ public class AuthenticationServiceTest { @Test(dependsOnMethods = {"auth_createCollectionObject"}) public void auth_createCollectionObjectWithoutUser() { - if(!isServerSecure()){ - return; - } String identifier = this.createIdentifier(); CollectionObject collectionObject = createCollectionObject(identifier); CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); + if(!collectionObjectClient.isServerSecure()){ + logger.warn("set -Dcspace.server.secure=true to run security tests"); + return; + } collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY, "true"); collectionObjectClient.removeProperty(CollectionSpaceClient.USER_PROPERTY); collectionObjectClient.setProperty(CollectionSpaceClient.PASSWORD_PROPERTY, "test"); @@ -101,13 +103,13 @@ public class AuthenticationServiceTest { @Test(dependsOnMethods = {"auth_createCollectionObjectWithoutUser"}) public void auth_createCollectionObjectWithoutPassword() { - if(!isServerSecure()){ - logger.warn("set -Dcspace.server.secure=true to run security tests"); - return; - } String identifier = this.createIdentifier(); CollectionObject collectionObject = createCollectionObject(identifier); CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); + if(!collectionObjectClient.isServerSecure()){ + logger.warn("set -Dcspace.server.secure=true to run security tests"); + return; + } collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY, "true"); collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY, "test"); collectionObjectClient.removeProperty(CollectionSpaceClient.PASSWORD_PROPERTY); @@ -126,13 +128,13 @@ public class AuthenticationServiceTest { @Test(dependsOnMethods = {"auth_createCollectionObjectWithoutPassword"}) public void auth_createCollectionObjectWithIncorrectPassword() { - if(!isServerSecure()){ - logger.warn("set -Dcspace.server.secure=true to run security tests"); - return; - } String identifier = this.createIdentifier(); CollectionObject collectionObject = createCollectionObject(identifier); CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); + if(!collectionObjectClient.isServerSecure()){ + logger.warn("set -Dcspace.server.secure=true to run security tests"); + return; + } collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY, "true"); collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY, "test"); collectionObjectClient.setProperty(CollectionSpaceClient.PASSWORD_PROPERTY, "bar"); @@ -151,13 +153,13 @@ public class AuthenticationServiceTest { @Test(dependsOnMethods = {"auth_createCollectionObjectWithoutPassword"}) public void auth_createCollectionObjectWithoutUserPassword() { - if(!isServerSecure()){ - logger.warn("set -Dcspace.server.secure=true to run security tests"); - return; - } String identifier = this.createIdentifier(); CollectionObject collectionObject = createCollectionObject(identifier); CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); + if(!collectionObjectClient.isServerSecure()){ + logger.warn("set -Dcspace.server.secure=true to run security tests"); + return; + } collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY, "true"); collectionObjectClient.removeProperty(CollectionSpaceClient.USER_PROPERTY); collectionObjectClient.removeProperty(CollectionSpaceClient.PASSWORD_PROPERTY); @@ -176,13 +178,13 @@ public class AuthenticationServiceTest { @Test(dependsOnMethods = {"auth_createCollectionObjectWithoutPassword"}) public void auth_createCollectionObjectWithIncorrectUserPassword() { - if(!isServerSecure()){ - logger.warn("set -Dcspace.server.secure=true to run security tests"); - return; - } String identifier = this.createIdentifier(); CollectionObject collectionObject = createCollectionObject(identifier); CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); + if(!collectionObjectClient.isServerSecure()){ + logger.warn("set -Dcspace.server.secure=true to run security tests"); + return; + } collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY, "true"); collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY, "foo"); collectionObjectClient.setProperty(CollectionSpaceClient.PASSWORD_PROPERTY, "bar"); @@ -199,15 +201,14 @@ public class AuthenticationServiceTest { "expected " + Response.Status.UNAUTHORIZED.getStatusCode()); } - @Test(dependsOnMethods = {"auth_createCollectionObjectWithIncorrectUserPassword"}) public void auth_deleteCollectionObject() { - if(!isServerSecure()){ + CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); + collectionObjectClient = new CollectionObjectClient(); + if(!collectionObjectClient.isServerSecure()){ logger.warn("set -Dcspace.server.secure=true to run security tests"); return; } - CollectionObjectClient collectionObjectClient = new CollectionObjectClient(); - collectionObjectClient = new CollectionObjectClient(); collectionObjectClient.setProperty(CollectionSpaceClient.AUTH_PROPERTY, "true"); collectionObjectClient.setProperty(CollectionSpaceClient.USER_PROPERTY, "test"); collectionObjectClient.setProperty(CollectionSpaceClient.PASSWORD_PROPERTY, "test"); @@ -277,8 +278,4 @@ public class AuthenticationServiceTest { long identifier = System.currentTimeMillis(); return Long.toString(identifier); } - - private boolean isServerSecure() { - return Boolean.getBoolean("cspace.server.secure"); - } } diff --git a/services/client/pom.xml b/services/client/pom.xml index 92d13f6f4..72920e59f 100644 --- a/services/client/pom.xml +++ b/services/client/pom.xml @@ -13,6 +13,14 @@ services.client + + org.slf4j + slf4j-api + + + org.slf4j + slf4j-log4j12 + org.jboss.resteasy resteasy-jaxrs @@ -35,28 +43,13 @@ 1.0.2.GA - junit - junit - 4.1 - test - - - org.slf4j - slf4j-api - - - org.slf4j - slf4j-log4j12 - - - org.slf4j - slf4j-simple + org.testng + testng + 5.6 test - 1.5.2 - - + javax.security jaas @@ -79,6 +72,18 @@ collectionspace-services-client + + org.apache.maven.plugins + maven-surefire-plugin + + + + log4j.configuration + file:target/test-classes/log4j.properties + + + + org.apache.maven.plugins maven-compiler-plugin diff --git a/services/client/src/main/java/org/collectionspace/services/client/BaseServiceClient.java b/services/client/src/main/java/org/collectionspace/services/client/BaseServiceClient.java index 91aaee852..8579d5bd6 100644 --- a/services/client/src/main/java/org/collectionspace/services/client/BaseServiceClient.java +++ b/services/client/src/main/java/org/collectionspace/services/client/BaseServiceClient.java @@ -175,4 +175,9 @@ public abstract class BaseServiceClient implements CollectionSpaceClient { } } } + + @Override + public boolean isServerSecure() { + return Boolean.getBoolean("cspace.server.secure"); + } } diff --git a/services/client/src/main/java/org/collectionspace/services/client/CollectionSpaceClient.java b/services/client/src/main/java/org/collectionspace/services/client/CollectionSpaceClient.java index 371803ff6..6d08d1fb8 100644 --- a/services/client/src/main/java/org/collectionspace/services/client/CollectionSpaceClient.java +++ b/services/client/src/main/java/org/collectionspace/services/client/CollectionSpaceClient.java @@ -59,4 +59,10 @@ public interface CollectionSpaceClient { boolean useSSL(); + /** + * checks System property cspace.server.secure + * @return + */ + boolean isServerSecure(); + } diff --git a/services/client/src/main/java/org/collectionspace/services/client/TestServiceClient.java b/services/client/src/main/java/org/collectionspace/services/client/TestServiceClient.java new file mode 100644 index 000000000..a80d6dbbb --- /dev/null +++ b/services/client/src/main/java/org/collectionspace/services/client/TestServiceClient.java @@ -0,0 +1,45 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright © 2009 Regents of the University of California + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.collectionspace.services.client; + + + +/** + * A CollectionObjectClient. + + * @version $Revision:$ + */ +public class TestServiceClient extends BaseServiceClient { + + + /** + * + * Default constructor for CollectionObjectClient class. + * + */ + public TestServiceClient() { + } + + +} diff --git a/services/client/src/test/java/org/collectionspace/services/client/test/ServiceTest.java b/services/client/src/test/java/org/collectionspace/services/client/test/ServiceTest.java new file mode 100644 index 000000000..98b8b600b --- /dev/null +++ b/services/client/src/test/java/org/collectionspace/services/client/test/ServiceTest.java @@ -0,0 +1,204 @@ +/** + * This document is a part of the source code and related artifacts + * for CollectionSpace, an open source collections management system + * for museums and related institutions: + * + * http://www.collectionspace.org + * http://wiki.collectionspace.org + * + * Copyright © 2009 Regents of the University of California + * + * Licensed under the Educational Community License (ECL), Version 2.0. + * You may not use this file except in compliance with this License. + * + * You may obtain a copy of the ECL 2.0 License at + * https://source.collectionspace.org/collection-space/LICENSE.txt + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.collectionspace.services.client.test; + +import java.io.IOException; +import org.apache.commons.httpclient.Header; +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.HttpException; +import org.apache.commons.httpclient.HttpStatus; +import org.apache.commons.httpclient.methods.GetMethod; +import org.apache.commons.httpclient.methods.HeadMethod; +import org.apache.commons.httpclient.methods.OptionsMethod; +import org.apache.commons.httpclient.methods.TraceMethod; +import org.collectionspace.services.client.TestServiceClient; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.testng.Assert; +import org.testng.annotations.Test; + +/** + * A ServiceTest. + + * @version $Revision:$ + */ +public class ServiceTest { + + final Logger logger = LoggerFactory.getLogger(ServiceTest.class); + private HttpClient httpClient = new HttpClient(); + private TestServiceClient serviceClient = new TestServiceClient(); + + @Test + public void servicesExist() { + //use ID service that should always be present in a working service layer + String url = serviceClient.getBaseURL() + "ids"; + OptionsMethod method = new OptionsMethod(url); + try{ + int statusCode = httpClient.executeMethod(method); + if(logger.isDebugEnabled()){ + logger.debug("servicesExist url=" + url + " status=" + statusCode); + } + Assert.assertEquals(statusCode, HttpStatus.SC_OK, + "expected " + HttpStatus.SC_OK); + }catch(HttpException e){ + logger.error("Fatal protocol violation: ", e); + }catch(IOException e){ + logger.error("Fatal transport error", e); + }catch(Exception e){ + logger.error("unknown exception ", e); + }finally{ + // Release the connection. + method.releaseConnection(); + } + } + + @Test + public void methodNotAllowed() { + //get is not allowed on id service + String url = serviceClient.getBaseURL() + "ids"; + GetMethod method = new GetMethod(url); + try{ + int statusCode = httpClient.executeMethod(method); + if(logger.isDebugEnabled()){ + logger.debug(" methodNotAllowed url=" + url + " status=" + statusCode); + } + Assert.assertEquals(statusCode, HttpStatus.SC_METHOD_NOT_ALLOWED, + "expected " + HttpStatus.SC_METHOD_NOT_ALLOWED); + }catch(HttpException e){ + logger.error("Fatal protocol violation: ", e); + }catch(IOException e){ + logger.error("Fatal transport error", e); + }catch(Exception e){ + logger.error("unknown exception ", e); + }finally{ + // Release the connection. + method.releaseConnection(); + } + } + + @Test + public void noService() { + + String url = serviceClient.getBaseURL() + "fake-service"; + GetMethod method = new GetMethod(url); + try{ + int statusCode = httpClient.executeMethod(method); + if(logger.isDebugEnabled()){ + logger.debug("noService url=" + url + " status=" + statusCode); + } + Assert.assertEquals(statusCode, HttpStatus.SC_NOT_FOUND, + "expected " + HttpStatus.SC_NOT_FOUND); + }catch(HttpException e){ + logger.error("Fatal protocol violation: ", e); + }catch(IOException e){ + logger.error("Fatal transport error", e); + }catch(Exception e){ + logger.error("unknown exception ", e); + }finally{ + // Release the connection. + method.releaseConnection(); + } + } + + @Test + public void serviceSecure() { + if(!serviceClient.isServerSecure()){ + logger.warn("set -Dcspace.server.secure=true to run security tests"); + return; + } + String url = serviceClient.getBaseURL() + "collectionobjects"; + GetMethod method = new GetMethod(url); + try{ + int statusCode = httpClient.executeMethod(method); + if(logger.isDebugEnabled()){ + logger.debug("serviceSecure url=" + url + " status=" + statusCode); + } + Assert.assertEquals(statusCode, HttpStatus.SC_UNAUTHORIZED, + "expected " + HttpStatus.SC_UNAUTHORIZED); + }catch(HttpException e){ + logger.error("Fatal protocol violation: ", e); + }catch(IOException e){ + logger.error("Fatal transport error", e); + }catch(Exception e){ + logger.error("unknown exception ", e); + }finally{ + // Release the connection. + method.releaseConnection(); + } + } + + @Test + public void traceSupported() { + String url = serviceClient.getBaseURL() + "collectionobjects"; + TraceMethod method = new TraceMethod(url); + try{ + int statusCode = httpClient.executeMethod(method); + + if(logger.isDebugEnabled()){ + logger.debug("traceSupported url=" + url + " status=" + statusCode); + logger.debug("traceSupported response=" + new String(method.getResponseBody())); + for(Header h : method.getResponseHeaders()){ + logger.debug("traceSupported header name=" + h.getName() + " value=" + h.getValue()); + } + } + Assert.assertEquals(statusCode, HttpStatus.SC_METHOD_NOT_ALLOWED, + "expected " + HttpStatus.SC_METHOD_NOT_ALLOWED); + }catch(HttpException e){ + logger.error("Fatal protocol violation: ", e); + }catch(IOException e){ + logger.error("Fatal transport error", e); + }catch(Exception e){ + logger.error("unknown exception ", e); + }finally{ + // Release the connection. + method.releaseConnection(); + } + } + + @Test + public void headSupported() { + String url = serviceClient.getBaseURL() + "intakes"; + HeadMethod method = new HeadMethod(url); + try{ + int statusCode = httpClient.executeMethod(method); + Assert.assertEquals(method.getResponseBody(), null, "expected null"); + if(logger.isDebugEnabled()){ + logger.debug("headSupported url=" + url + " status=" + statusCode); + for(Header h : method.getResponseHeaders()){ + logger.debug("headSupported header name=" + h.getName() + " value=" + h.getValue()); + } + } + Assert.assertEquals(statusCode, HttpStatus.SC_OK, + "expected " + HttpStatus.SC_OK); + }catch(HttpException e){ + logger.error("Fatal protocol violation: ", e); + }catch(IOException e){ + logger.error("Fatal transport error", e); + }catch(Exception e){ + logger.error("unknown exception ", e); + }finally{ + // Release the connection. + method.releaseConnection(); + } + } +} diff --git a/services/client/src/test/resources/log4j.properties b/services/client/src/test/resources/log4j.properties new file mode 100644 index 000000000..18c510350 --- /dev/null +++ b/services/client/src/test/resources/log4j.properties @@ -0,0 +1,23 @@ +log4j.rootLogger=debug, stdout, R + +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout + +# Pattern to output the caller's file name and line number. +log4j.appender.stdout.layout.ConversionPattern=%d %-5p [%t] [%c:%L] %m%n + +log4j.appender.R=org.apache.log4j.RollingFileAppender +log4j.appender.R.File=target/test-client.log + +log4j.appender.R.MaxFileSize=100KB +# Keep one backup file +log4j.appender.R.MaxBackupIndex=1 + +log4j.appender.R.layout=org.apache.log4j.PatternLayout +log4j.appender.R.layout.ConversionPattern=%d %-5p [%t] [%c:%L] %m%n + +#packages +log4j.logger.org.collectionspace=DEBUG +log4j.logger.org.apache=INFO +log4j.logger.httpclient=INFO +log4j.logger.org.jboss.resteasy=INFO -- 2.47.3