diff --git a/Jenkinsfile b/Jenkinsfile index b5fbb99..84c424e 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -70,7 +70,7 @@ pipeline { stage('Run GIS interface server'){ steps{ script{ - sh 'scp src/test/resources/IUDX_GIS_Server_APIs_V4.5.0.postman_collection.json jenkins@jenkins-master:/var/lib/jenkins/iudx/gis/Newman/' + sh 'scp src/test/resources/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json jenkins@jenkins-master:/var/lib/jenkins/iudx/gis/Newman/' sh 'docker compose -f docker-compose.test.yml up -d integTest' sh 'sleep 45' } @@ -90,7 +90,7 @@ pipeline { script{ startZap ([host: 'localhost', port: 8090, zapHome: '/var/lib/jenkins/tools/com.cloudbees.jenkins.plugins.customtools.CustomTool/OWASP_ZAP/ZAP_2.11.0']) sh 'curl http://127.0.0.1:8090/JSON/pscan/action/disableScanners/?ids=10096' - sh 'HTTP_PROXY=\'127.0.0.1:8090\' newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V4.5.0.postman_collection.json -e /home/ubuntu/configs/gis-postman-env.json -n 2 --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/report.html --reporter-htmlextra-skipSensitiveData' + sh 'HTTP_PROXY=\'127.0.0.1:8090\' newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json -e /home/ubuntu/configs/gis-postman-env.json -n 2 --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/report.html --reporter-htmlextra-skipSensitiveData' runZapAttack() } } @@ -153,7 +153,7 @@ pipeline { steps { node('built-in') { script{ - sh 'newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V4.5.0.postman_collection.json -e /home/ubuntu/configs/cd/gis-postman-env.json --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/cd-report.html --reporter-htmlextra-skipSensitiveData' + sh 'newman run /var/lib/jenkins/iudx/gis/Newman/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json -e /home/ubuntu/configs/cd/gis-postman-env.json --insecure -r htmlextra --reporter-htmlextra-export /var/lib/jenkins/iudx/gis/Newman/report/cd-report.html --reporter-htmlextra-skipSensitiveData' } } } diff --git a/src/main/java/iudx/gis/server/apiserver/ApiServerVerticle.java b/src/main/java/iudx/gis/server/apiserver/ApiServerVerticle.java index 417db15..e226205 100644 --- a/src/main/java/iudx/gis/server/apiserver/ApiServerVerticle.java +++ b/src/main/java/iudx/gis/server/apiserver/ApiServerVerticle.java @@ -375,11 +375,18 @@ private void executeSearchQuery( postgresService.executeQuery( query, handler -> { + JsonObject result = handler.result(); if (handler.succeeded()) { LOGGER.debug("Success: Search Success"); - handleSuccessResponse(response, ResponseType.Ok.getCode(), handler.result()); - context.data().put(RESPONSE_SIZE, response.bytesWritten()); - // Future.future(fu -> updateAuditTable(context)); + JsonArray rows = result.getJsonArray("result"); + if (rows.size() < 1) { + handleResponse( + response, HttpStatusCode.NOT_FOUND, ResponseUrn.RESOURCE_NOT_FOUND); + } else { + handleSuccessResponse(response, ResponseType.Ok.getCode(), handler.result()); + context.data().put(RESPONSE_SIZE, response.bytesWritten()); + // Future.future(fu -> updateAuditTable(context)); + } } else if (handler.failed()) { LOGGER.error("Fail: Search Fail"); processBackendResponse(response, handler.cause().getMessage()); diff --git a/src/main/java/iudx/gis/server/apiserver/handlers/AuthHandler.java b/src/main/java/iudx/gis/server/apiserver/handlers/AuthHandler.java index 57e1e06..241c2ec 100644 --- a/src/main/java/iudx/gis/server/apiserver/handlers/AuthHandler.java +++ b/src/main/java/iudx/gis/server/apiserver/handlers/AuthHandler.java @@ -54,13 +54,7 @@ public void handle(RoutingContext context) { token = "public"; } - String paramId = getId4rmRequest(); - - String id = null; - - if (paramId != null && !paramId.isBlank()) { - id = paramId; - } + String id = getId(context); JsonObject authInfo = new JsonObject() @@ -68,7 +62,6 @@ public void handle(RoutingContext context) { .put(HEADER_TOKEN, token) .put(API_METHOD, method) .put(ID, id); - LOGGER.debug("Info :" + context.request().path()); LOGGER.debug("Info :" + context.request().path().split("/").length); @@ -118,10 +111,32 @@ public String getNormalizedPath(String url) { return path; } + private String getId(RoutingContext context) { + String paramId = getId4rmRequest(); + String bodyId = getId4rmBody(context); + String id; + if (paramId != null && !paramId.isBlank()) { + id = paramId; + } else { + id = bodyId; + } + return id; + } + private String getId4rmRequest() { return request.getParam(ID); } + private String getId4rmBody(RoutingContext context) { + JsonObject body = context.body().asJsonObject(); + String id = null; + if (body != null) { + id = body.getString("id"); + + } + return id; + } + private JsonObject generateResponse(ResponseUrn urn, HttpStatusCode statusCode) { return new JsonObject() .put(JSON_TYPE, urn.getUrn()) diff --git a/src/main/java/iudx/gis/server/apiserver/validation/types/IdTypeValidator.java b/src/main/java/iudx/gis/server/apiserver/validation/types/IdTypeValidator.java index e6de8b3..28c8b05 100644 --- a/src/main/java/iudx/gis/server/apiserver/validation/types/IdTypeValidator.java +++ b/src/main/java/iudx/gis/server/apiserver/validation/types/IdTypeValidator.java @@ -12,8 +12,7 @@ public class IdTypeValidator implements Validator { private static final Logger LOGGER = LogManager.getLogger(IdTypeValidator.class); private static final Pattern regexIDPattern = Pattern.compile( - "^[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z.]{4,100}/{1}[a-zA-Z-_.]" - + "{4,100}/{1}[a-zA-Z0-9-_.]{4,100}$"); + "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"); private Integer maxLength = VALIDATION_ID_MAX_LEN; private String value; private boolean required; diff --git a/src/main/java/iudx/gis/server/authenticator/JwtAuthenticationServiceImpl.java b/src/main/java/iudx/gis/server/authenticator/JwtAuthenticationServiceImpl.java index 3886d01..c871a36 100644 --- a/src/main/java/iudx/gis/server/authenticator/JwtAuthenticationServiceImpl.java +++ b/src/main/java/iudx/gis/server/authenticator/JwtAuthenticationServiceImpl.java @@ -10,6 +10,7 @@ import io.vertx.core.Promise; import io.vertx.core.Vertx; import io.vertx.core.buffer.Buffer; +import io.vertx.core.json.JsonArray; import io.vertx.core.json.JsonObject; import io.vertx.ext.auth.authentication.TokenCredentials; import io.vertx.ext.auth.jwt.JWTAuth; @@ -95,7 +96,6 @@ public AuthenticationService tokenIntrospect( Future jwtDecodeFuture = decodeJwt(token); ResultContainer result = new ResultContainer(); - LOGGER.debug("endPoint " + endPoint); if (endPoint != null && endPoint.equals(api.getAdminPath())) { jwtDecodeFuture .compose( @@ -185,7 +185,6 @@ public Future decodeJwt(String jwtToken) { private Future isOpenResource(String id) { LOGGER.trace("isOpenResource() started"); Promise promise = Promise.promise(); - String acl = resourceIdCache.getIfPresent(id); if (acl != null) { LOGGER.debug("Cache Hit"); @@ -193,31 +192,29 @@ private Future isOpenResource(String id) { } else { // cache miss LOGGER.debug("Cache miss calling cat server"); - String[] idComponents = id.split("/"); - if (idComponents.length < 4) { - promise.fail("Not Found " + id); - } - String groupId = - (idComponents.length == 4) - ? id - : String.join("/", Arrays.copyOfRange(idComponents, 0, 4)); // 1. check group accessPolicy. // 2. check resource exist, if exist set accessPolicy to group accessPolicy. else fail - Future groupAclFuture = getGroupAccessPolicy(groupId); - groupAclFuture - .compose( - groupACLResult -> { - String groupPolicy = groupACLResult; - return isResourceExist(id, groupPolicy); - }) + getGrupId(id) .onSuccess( - handler -> { - promise.complete(resourceIdCache.getIfPresent(id)); - }) - .onFailure( - handler -> { - LOGGER.error("cat response failed for Id : (" + id + ")" + handler.getCause()); - promise.fail("Not Found " + id); + groupId -> { + Future groupAclFuture = getGroupAccessPolicy(groupId); + groupAclFuture + .compose( + groupACLResult -> { + String groupPolicy = groupACLResult; + return isResourceExist(id, groupPolicy); + }) + .onSuccess( + handler -> { + promise.complete(resourceIdCache.getIfPresent(id)); + }) + .onFailure( + handler -> { + LOGGER.error( + "cat response failed for Id : (" + id + ")" + handler.getCause()); + promise.fail("Not Found " + id); + }); + }); } return promise.future(); @@ -483,4 +480,35 @@ final class ResultContainer { JwtData jwtData; boolean isOpen; } + + public Future getGrupId(String id) { + LOGGER.debug("get item for id: {} ", id); + Promise promise = Promise.promise(); + + catWebClient + .get(port, host, path) + .addQueryParam("property", "[id]") + .addQueryParam("value", "[[" + id + "]]") + .addQueryParam("filter", "[id,resourceGroup]") + .expect(ResponsePredicate.JSON) + .send( + relHandler -> { + if (relHandler.succeeded() + && relHandler.result().bodyAsJsonObject().getInteger("totalHits") > 0) { + JsonArray resultArray = + relHandler.result().bodyAsJsonObject().getJsonArray("results"); + JsonObject response = resultArray.getJsonObject(0); + String groupId = + response.containsKey("resourceGroup") ? response.getString("resourceGroup") : + response.getString("id"); + promise.complete(groupId); + } else { + LOGGER.error("catalogue call search api failed: " + relHandler.cause()); + promise.fail("catalogue call search api failed"); + } + }); + + return promise.future(); + } + } diff --git a/src/main/resources/admin_crud_schema.json b/src/main/resources/admin_crud_schema.json index 7991928..6457e24 100644 --- a/src/main/resources/admin_crud_schema.json +++ b/src/main/resources/admin_crud_schema.json @@ -7,8 +7,8 @@ "$id": "#root/properties/id", "type": "string", "title": "Id", - "pattern": "^[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z0-9.]{4,100}/{1}[a-zA-Z.]{4,100}/{1}[a-zA-Z-_.]{4,100}/{1}[a-zA-Z0-9-_.]{4,100}$", - "maxLength": 512 + "pattern": "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", + "maxLength": 36 }, "server-url": { "$id": "#root/properties/server-url", diff --git a/src/test/java/iudx/gis/server/apiserver/handlers/AuthHandlerTest.java b/src/test/java/iudx/gis/server/apiserver/handlers/AuthHandlerTest.java index 420b100..aa879a0 100644 --- a/src/test/java/iudx/gis/server/apiserver/handlers/AuthHandlerTest.java +++ b/src/test/java/iudx/gis/server/apiserver/handlers/AuthHandlerTest.java @@ -5,6 +5,7 @@ import io.vertx.core.http.HttpServerRequest; import io.vertx.core.http.HttpServerResponse; import io.vertx.core.json.JsonObject; +import io.vertx.ext.web.RequestBody; import io.vertx.ext.web.RoutingContext; import io.vertx.junit5.VertxExtension; import io.vertx.junit5.VertxTestContext; @@ -53,6 +54,8 @@ public class AuthHandlerTest { private static String dxApiBasePath; private static String adminBasePath; private static Api api; + @Mock + RequestBody requestBody; @BeforeEach public void setUp(VertxTestContext vertxTestContext, Vertx vertx) { //authHandler = AuthHandler.create(vertx); @@ -66,6 +69,7 @@ public void setUp(VertxTestContext vertxTestContext, Vertx vertx) { jsonObject.put("adminBasePath","/admin/gis"); dxApiBasePath = "/ngsi-ld/v1"; adminBasePath = "/admin/gis"; + AuthHandler.create(vertx,jsonObject); api = Api.getInstance(dxApiBasePath,adminBasePath); //lenient().doReturn(httpServerRequest).when(routingContextMock).request(); //lenient().doReturn(httpServerResponse).when(routingContextMock).response(); @@ -84,10 +88,12 @@ public void testHandleSuccess(VertxTestContext vertxTestContext) { //HttpMethod httpMethodMock = mock(HttpMethod.class); //Map map = new HashMap(); //AuthenticationService authenticationServiceMock = mock(AuthenticationService.class); - + when(routingContextMock.body()).thenReturn(requestBody); //when(routingContextMock.request()).thenReturn(httpServerRequest); - when(routingContextMock.getBodyAsJson()).thenReturn(jsonObject); + when(requestBody.asJsonObject()).thenReturn(jsonObject); when(httpServerRequest.path()).thenReturn(api.getEntitiesRegex()); + + //doReturn(NGSILD_ENTITIES_URL).when(httpServerRequest).path(); AuthHandler.authenticator = mock(AuthenticationService.class); @@ -128,7 +134,7 @@ public AsyncResult answer(InvocationOnMock arg0) throws Throwable { public void testHandleFail(VertxTestContext vertxTestContext) { //JsonObject jsonObjectMock = new JsonObject().put("id", "iddd"); authHandler = new AuthHandler(); - String str = api.getEntitiesRegex(); + String str = api.getEntitiesEndpoint(); JsonObject jsonObject = new JsonObject(); jsonObject.put("Dummy Key", "Dummy Value"); @@ -138,6 +144,10 @@ public void testHandleFail(VertxTestContext vertxTestContext) { //AuthenticationService authenticationServiceMock = mock(AuthenticationService.class); //AsyncResult asyncResult = mock(AsyncResult.class); + when(routingContextMock.body()).thenReturn(requestBody); + //when(routingContextMock.request()).thenReturn(httpServerRequest); + when(requestBody.asJsonObject()).thenReturn(jsonObject); + when(routingContextMock.getBodyAsJson()).thenReturn(jsonObject); when(httpServerRequest.path()).thenReturn(str); AuthHandler.authenticator = mock(AuthenticationService.class); diff --git a/src/test/java/iudx/gis/server/apiserver/handlers/ValidationHandlerTest.java b/src/test/java/iudx/gis/server/apiserver/handlers/ValidationHandlerTest.java index bd46337..e5894ce 100644 --- a/src/test/java/iudx/gis/server/apiserver/handlers/ValidationHandlerTest.java +++ b/src/test/java/iudx/gis/server/apiserver/handlers/ValidationHandlerTest.java @@ -46,7 +46,7 @@ public void testHandle(VertxTestContext vertxTestContext){ when(routingContextMock.request()).thenReturn(httpServerRequestMock); parameters = MultiMap.caseInsensitiveMultiMap(); - parameters.set(Constants.ID, "asdasd/asdasd/adasd/adasd/adasd"); + parameters.set(Constants.ID, "83c2e5c2-3574-4e11-9530-2b1fbdfce836"); when(httpServerRequestMock.params()).thenReturn(parameters); when(httpServerRequestMock.headers()).thenReturn(multiMapMock); diff --git a/src/test/java/iudx/gis/server/apiserver/validation/types/IdTypeValidatorTest.java b/src/test/java/iudx/gis/server/apiserver/validation/types/IdTypeValidatorTest.java index 4d07bdc..147b33c 100644 --- a/src/test/java/iudx/gis/server/apiserver/validation/types/IdTypeValidatorTest.java +++ b/src/test/java/iudx/gis/server/apiserver/validation/types/IdTypeValidatorTest.java @@ -27,10 +27,10 @@ static Stream allowedValues() { // Add any valid value which will pass successfully. return Stream.of( Arguments.of( - "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/surat-itms-realtime-information/surat-itms-live-eta", + "83c2e5c2-3574-4e11-9530-2b1fbdfce836", true), Arguments.of( - "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/pune-env-flood/FWR055", + "83c2e5c2-3574-4e11-9530-2b1fbdfce836", true), Arguments.of(null, false)); } @@ -52,7 +52,7 @@ static Stream invalidValues() { Arguments.of(" ", true), Arguments.of(" ", false), Arguments.of( - "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/surat-itms-realtime-information/surat-itms-live-eta/sasd asdd", + "83c2e5c2-3574-4e11-9530-2b1fbdfce836lfl", true), Arguments.of( "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/surat-itms-realtime-information/surat-itms-live-eta AND 2434=2434 AND 'qLIl'='qLIl", diff --git a/src/test/resources/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json b/src/test/resources/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json new file mode 100644 index 0000000..566bb7f --- /dev/null +++ b/src/test/resources/IUDX_GIS_Server_APIs_V5.0.0.postman_collection.json @@ -0,0 +1,1045 @@ +{ + "info": { + "_postman_id": "d9919733-bfaa-4ee5-accb-68ac998be8ad", + "name": "DX-GIS-SERVER-APIs-V5.0", + "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" + }, + "item": [ + { + "name": "Get token", + "item": [ + { + "name": "Get token for accessing an Open Resource", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var jsonData = JSON.parse(responseBody);", + "postman.setEnvironmentVariable(\"openResourceToken\", jsonData.results.accessToken);" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "clientId", + "value": "{{clientID}}", + "type": "text" + }, + { + "key": "clientSecret", + "value": "{{clientSecret}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"itemId\": \"b58da193-23d9-43eb-b98a-a103d4b6103c\",\n \"itemType\": \"resource\",\n \"role\": \"consumer\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{auth-url}}/{{dxAuthBasePath}}/token", + "protocol": "https", + "host": [ + "{{auth-url}}" + ], + "path": [ + "{{dxAuthBasePath}}", + "token" + ] + } + }, + "response": [] + }, + { + "name": "Get ADMIN token for uploading a Resource/Resource Group", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "var jsonData = JSON.parse(responseBody);", + "postman.setEnvironmentVariable(\"adminToken\", jsonData.results.accessToken);" + ], + "type": "text/javascript" + } + } + ], + "request": { + "auth": { + "type": "noauth" + }, + "method": "POST", + "header": [ + { + "key": "clientId", + "value": "{{clientID}}", + "type": "text" + }, + { + "key": "clientSecret", + "value": "{{clientSecret}}", + "type": "text" + }, + { + "key": "", + "value": "", + "type": "text", + "disabled": true + }, + { + "key": "", + "value": "", + "type": "text", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"itemId\": \"rs.iudx.io\", \n \"itemType\": \"resource_server\",\n \"role\": \"admin\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{auth-url}}/{{dxAuthBasePath}}/token", + "protocol": "https", + "host": [ + "{{auth-url}}" + ], + "path": [ + "{{dxAuthBasePath}}", + "token" + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Latest Data", + "item": [ + { + "name": "200 (Success) Read Query", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 200 (OK)\", function () {", + " pm.response.to.have.status(200);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"successful operation\");", + " const resultsjsonData = body.result[0];", + " pm.expect(resultsjsonData).to.have.property(\"url\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "token", + "value": "{{openResourceToken}}", + "type": "text" + } + ], + "url": { + "raw": "https://{{base_url}}/{{dxApiBasePath}}/entities?id=b58da193-23d9-43eb-b98a-a103d4b6103c", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{dxApiBasePath}}", + "entities" + ], + "query": [ + { + "key": "id", + "value": "b58da193-23d9-43eb-b98a-a103d4b6103c" + } + ] + } + }, + "response": [] + }, + { + "name": "401 (not authorized) Invalid Token", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 401 (Not Authorized)\", function () {", + " pm.response.to.have.status(401);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Not Authorized\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "token", + "value": "{{openResourceToken}}+invalid", + "type": "text" + } + ], + "url": { + "raw": "https://{{base_url}}/{{dxApiBasePath}}/entities?id=b58da193-23d9-43eb-b98a-a103d4b6103c", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{dxApiBasePath}}", + "entities" + ], + "query": [ + { + "key": "id", + "value": "b58da193-23d9-43eb-b98a-a103d4b6103c" + }, + { + "key": "id", + "value": "iisc.ac.in/89a36273d77dac4cf38114fca1bbe64392547f86/rs.iudx.io/surat-itms-realtime-information/FWR055", + "description": "closed", + "disabled": true + } + ] + } + }, + "response": [] + }, + { + "name": "404 (Not Found) Invalid / Non-existing ID", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 404 (Not Found)\", function () {", + " pm.response.to.have.status(404);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Not Found\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [ + { + "key": "token", + "value": "{{openResourceToken}}", + "type": "text" + } + ], + "url": { + "raw": "https://{{base_url}}/{{dxApiBasePath}}/entities?id=5b7556b5-0779-4c47-9cf2-3f209779aa22", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{dxApiBasePath}}", + "entities" + ], + "query": [ + { + "key": "id", + "value": "5b7556b5-0779-4c47-9cf2-3f209779aa22", + "description": "closed" + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Admin APIs", + "item": [ + { + "name": "201 (Success) Create a GIS entry", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 201 (Created)\", function () {", + " pm.response.to.have.status(201);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Successful Operation\"); ", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "token", + "value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiI4NDRlMjUxYi01NzRiLTQ2ZTYtOTI0Ny1mNzZmMWY3MGE2MzciLCJpc3MiOiJhdXRodmVydHguaXVkeC5pbyIsImF1ZCI6InJzLml1ZHguaW8iLCJleHAiOjE2MzE4MzYzNjMsImlhdCI6MTYzMTc5MzE2MywiaWlkIjoicnM6cnMuaXVkeC5pbyIsInJvbGUiOiJhZG1pbiIsImNvbnMiOnt9fQ.9En0F3LWkB-6FWwTY0nb_xmgQWhlrkbsqXWRvkQM9qTP4D-2l3ciQIz2r9jJop-lXSk6pMOn7rPls1u0j7E8ew", + "type": "text", + "disabled": true + }, + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"83c2e5c2-3574-4e11-9530-2b1fbdfce832\",\n \"server-url\": \"https://gis-test.iudx.io/apis\",\n \"server-port\": 1234,\n \"isSecure\": false\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "400 (Bad Request) Invalid JSON object in GIS entry", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 400 (Bad Request)\", function () {", + " pm.response.to.have.status(400);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Bad Request\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"id123\": \"open-resource-id\",\n \"server-url\": \"URL\",\n \"server-port\": 1234,\n \"isSecure\": false\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "401 (not authorized) Invalid Token", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 401 (Not Authorized)\", function () {", + " pm.response.to.have.status(401);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Not Authorized\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "token", + "value": "{{adminToken}}+invalid", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"83c2e5c2-3574-4e11-9530-2b1fbdfce832\",\n \"server-url\": \"https://gis-test.iudx.io/apis\",\n \"server-port\": 1234,\n \"isSecure\": false\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "409 (Conflict) GIS entry already existing", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 200 (OK)\", function () {", + " pm.response.to.have.status(409);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Conflict\"); ", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"83c2e5c2-3574-4e11-9530-2b1fbdfce832\",\n \"server-url\": \"https://gis-test.iudx.io/apis\",\n \"server-port\": 1234,\n \"isSecure\": false\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "200 (Success) Update GIS entry", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 200 (OK)\", function () {", + " pm.response.to.have.status(200);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Successful Operation\"); ", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "PUT", + "header": [ + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + }, + { + "key": "", + "value": "", + "type": "text", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\n\"id\" : \"83c2e5c2-3574-4e11-9530-2b1fbdfce832\",\n\"server-url\":\"URL\",\n\"server-port\":1234,\n\"isSecure\":true,\n\"accessInfo\":{\n \"username\": \"username\",\n \"password\": \"pass\",\n \"tokenURL\":\"URL\"\n}\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "400 (Bad Request) Invalid JSON object in GIS entry", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 400 (Bad Request)\", function () {", + " pm.response.to.have.status(400);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Bad Request\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "PUT", + "header": [ + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n\"id123\" : \"83c2e5c2-3574-4e11-9530-2b1fbdfce832\",\n\"server-url\":\"URL\",\n\"server-port\":1234,\n\"isSecure\":true,\n\"accessInfo\":{\n \"username\": \"username\",\n \"password\": \"pass\",\n \"tokenURL\":\"URL\"\n}\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "401 (not authorized) Update GIS entry", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 401 (Not Authorized)\", function () {", + " pm.response.to.have.status(401);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Not Authorized\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "PUT", + "header": [ + { + "key": "token", + "value": "{{openResourceToken}}", + "type": "text" + }, + { + "key": "", + "value": "", + "type": "text", + "disabled": true + } + ], + "body": { + "mode": "raw", + "raw": "{\n\"id\" : \"83c2e5c2-3574-4e11-9530-2b1fbdfce832\",\n\"server-url\":\"URL\",\n\"server-port\":1234,\n\"isSecure\":true,\n\"accessInfo\":{\n \"username\": \"username\",\n \"password\": \"pass\",\n \"tokenURL\":\"URL\"\n}\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "404 (Not Found) ID not found", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 404 (Not Found)\", function () {", + " pm.response.to.have.status(404);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Not Found\");", + " pm.expect(body).to.have.property(\"detail\", \"Not Found\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "PUT", + "header": [ + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "body": { + "mode": "raw", + "raw": "{\n\"id\" : \"5b7556b5-0779-4c47-9cf2-3f209779aa22\",\n\"server-url\":\"URL\",\n\"server-port\":1234,\n\"isSecure\":true,\n\"accessInfo\":{\n \"username\": \"username\",\n \"password\": \"pass\",\n \"tokenURL\":\"URL\"\n}\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ] + } + }, + "response": [] + }, + { + "name": "200 (Success) Delete GIS entry", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 200 (OK)\", function () {", + " pm.response.to.have.status(200);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Successful Operation\"); ", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "DELETE", + "header": [ + { + "key": "", + "value": "", + "type": "text", + "disabled": true + }, + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo?id=83c2e5c2-3574-4e11-9530-2b1fbdfce832", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ], + "query": [ + { + "key": "id", + "value": "83c2e5c2-3574-4e11-9530-2b1fbdfce832" + } + ] + } + }, + "response": [] + }, + { + "name": "400 (Bad Request) Invalid ID format", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 400 (Bad Request)\", function () {", + " pm.response.to.have.status(400);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"detail\", \"Validation error : Invalid id\"); ", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "DELETE", + "header": [ + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo?id=open-resource-id", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ], + "query": [ + { + "key": "id", + "value": "open-resource-id" + } + ] + } + }, + "response": [] + }, + { + "name": "401 (not authorized) Delete GIS entry", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 401 (Not Authorized)\", function () {", + " pm.response.to.have.status(401);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"title\", \"Not Authorized\");", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "DELETE", + "header": [ + { + "key": "", + "value": "", + "type": "text", + "disabled": true + }, + { + "key": "token", + "value": "abcd", + "type": "text" + } + ], + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo?id=83c2e5c2-3574-4e11-9530-2b1fbdfce832", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ], + "query": [ + { + "key": "id", + "value": "83c2e5c2-3574-4e11-9530-2b1fbdfce832" + } + ] + } + }, + "response": [] + }, + { + "name": "404 (Not Found) ID not found", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "// Test the response code", + "pm.test(\"response is 404 (Not Found)\", function () {", + " pm.response.to.have.status(404);", + "});", + "", + "// Test the response header", + "pm.test(\"Check response header\", function () {", + " pm.response.to.have.header(\"Content-Type\",\"application/json\");", + "});", + "", + "// Test the response", + "pm.test(\"Check response body\", function () { ", + " const body = pm.response.json();", + " pm.expect(body).to.have.property(\"detail\", \"Not Found\"); ", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "DELETE", + "header": [ + { + "key": "token", + "value": "{{adminToken}}", + "type": "text" + } + ], + "url": { + "raw": "https://{{base_url}}/{{adminBasePath}}/serverInfo?id=83c2e5c2-3574-4e11-9530-2b1fbdfce832", + "protocol": "https", + "host": [ + "{{base_url}}" + ], + "path": [ + "{{adminBasePath}}", + "serverInfo" + ], + "query": [ + { + "key": "id", + "value": "83c2e5c2-3574-4e11-9530-2b1fbdfce832" + } + ] + } + }, + "response": [] + } + ] + } + ] +} \ No newline at end of file