Commit 9f1b6ccf authored by Marcel Nellesen's avatar Marcel Nellesen

New: Included the ResourceCreator Role (coscine/issues#530)

New: Included Search Api (coscine/issues#533)
New: Included metadata in the resource view (coscine/issues#566)
New: Corrected user authentication (coscine/issues#529)
parent b0dcbc30
...@@ -13,6 +13,7 @@ using System.Collections.Generic; ...@@ -13,6 +13,7 @@ using System.Collections.Generic;
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Management; using System.Management;
using System.Security.Claims;
namespace Coscine.Api.Project.Tests namespace Coscine.Api.Project.Tests
{ {
...@@ -257,6 +258,11 @@ namespace Coscine.Api.Project.Tests ...@@ -257,6 +258,11 @@ namespace Coscine.Api.Project.Tests
var context = new Mock<HttpContext>(); var context = new Mock<HttpContext>();
context.SetupGet(x => x.Request).Returns(request.Object); context.SetupGet(x => x.Request).Returns(request.Object);
var claimsPrincipal = new Mock<ClaimsPrincipal>();
Claim claim = new Claim("UserID", user.Id.ToString());
context.SetupGet(x => x.User).Returns(claimsPrincipal.Object);
context.Setup(x => x.User.FindFirst("UserID")).Returns(claim);
if (stream != null) if (stream != null)
{ {
context.SetupGet(x => x.Request.Method).Returns("POST"); context.SetupGet(x => x.Request.Method).Returns("POST");
......
...@@ -56,17 +56,17 @@ ...@@ -56,17 +56,17 @@
<Reference Include="Consul, Version=0.7.2.6, Culture=neutral, PublicKeyToken=20a6ad9a81df1d95, processorArchitecture=MSIL"> <Reference Include="Consul, Version=0.7.2.6, Culture=neutral, PublicKeyToken=20a6ad9a81df1d95, processorArchitecture=MSIL">
<HintPath>..\packages\Consul.0.7.2.6\lib\net45\Consul.dll</HintPath> <HintPath>..\packages\Consul.0.7.2.6\lib\net45\Consul.dll</HintPath>
</Reference> </Reference>
<Reference Include="Coscine.Action, Version=1.7.0.0, Culture=neutral, processorArchitecture=AMD64"> <Reference Include="Coscine.Action, Version=1.7.1.0, Culture=neutral, processorArchitecture=AMD64">
<HintPath>..\packages\Coscine.Action.1.7.0\lib\net461\Coscine.Action.dll</HintPath> <HintPath>..\packages\Coscine.Action.1.7.1\lib\net461\Coscine.Action.dll</HintPath>
</Reference> </Reference>
<Reference Include="Coscine.ApiCommons, Version=1.3.1.0, Culture=neutral, PublicKeyToken=af4c1345df96546b, processorArchitecture=MSIL"> <Reference Include="Coscine.ApiCommons, Version=1.4.0.0, Culture=neutral, PublicKeyToken=af4c1345df96546b, processorArchitecture=MSIL">
<HintPath>..\packages\Coscine.ApiCommons.1.3.1\lib\net461\Coscine.ApiCommons.dll</HintPath> <HintPath>..\packages\Coscine.ApiCommons.1.4.0\lib\net461\Coscine.ApiCommons.dll</HintPath>
</Reference> </Reference>
<Reference Include="Coscine.Configuration, Version=1.4.0.0, Culture=neutral, PublicKeyToken=ce3d7a32d7dc1e5a, processorArchitecture=MSIL"> <Reference Include="Coscine.Configuration, Version=1.4.0.0, Culture=neutral, PublicKeyToken=ce3d7a32d7dc1e5a, processorArchitecture=MSIL">
<HintPath>..\packages\Coscine.Configuration.1.4.0\lib\net461\Coscine.Configuration.dll</HintPath> <HintPath>..\packages\Coscine.Configuration.1.4.0\lib\net461\Coscine.Configuration.dll</HintPath>
</Reference> </Reference>
<Reference Include="Coscine.Database, Version=1.12.1.0, Culture=neutral, PublicKeyToken=767d77427707b70a, processorArchitecture=MSIL"> <Reference Include="Coscine.Database, Version=1.13.0.0, Culture=neutral, PublicKeyToken=767d77427707b70a, processorArchitecture=MSIL">
<HintPath>..\packages\Coscine.Database.1.12.1\lib\net461\Coscine.Database.dll</HintPath> <HintPath>..\packages\Coscine.Database.1.13.0\lib\net461\Coscine.Database.dll</HintPath>
</Reference> </Reference>
<Reference Include="Coscine.Logging, Version=1.0.1.0, Culture=neutral, PublicKeyToken=e1ed402bc3f6525e, processorArchitecture=MSIL"> <Reference Include="Coscine.Logging, Version=1.0.1.0, Culture=neutral, PublicKeyToken=e1ed402bc3f6525e, processorArchitecture=MSIL">
<HintPath>..\packages\Coscine.Logging.1.0.1\lib\net461\Coscine.Logging.dll</HintPath> <HintPath>..\packages\Coscine.Logging.1.0.1\lib\net461\Coscine.Logging.dll</HintPath>
...@@ -107,12 +107,18 @@ ...@@ -107,12 +107,18 @@
<Reference Include="Microsoft.AspNetCore.Antiforgery, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL"> <Reference Include="Microsoft.AspNetCore.Antiforgery, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.AspNetCore.Antiforgery.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Antiforgery.dll</HintPath> <HintPath>..\packages\Microsoft.AspNetCore.Antiforgery.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Antiforgery.dll</HintPath>
</Reference> </Reference>
<Reference Include="Microsoft.AspNetCore.Authentication, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.AspNetCore.Authentication.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.dll</HintPath>
</Reference>
<Reference Include="Microsoft.AspNetCore.Authentication.Abstractions, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL"> <Reference Include="Microsoft.AspNetCore.Authentication.Abstractions, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.AspNetCore.Authentication.Abstractions.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.Abstractions.dll</HintPath> <HintPath>..\packages\Microsoft.AspNetCore.Authentication.Abstractions.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.Abstractions.dll</HintPath>
</Reference> </Reference>
<Reference Include="Microsoft.AspNetCore.Authentication.Core, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL"> <Reference Include="Microsoft.AspNetCore.Authentication.Core, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.AspNetCore.Authentication.Core.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.Core.dll</HintPath> <HintPath>..\packages\Microsoft.AspNetCore.Authentication.Core.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.Core.dll</HintPath>
</Reference> </Reference>
<Reference Include="Microsoft.AspNetCore.Authentication.JwtBearer, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.AspNetCore.Authentication.JwtBearer.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authentication.JwtBearer.dll</HintPath>
</Reference>
<Reference Include="Microsoft.AspNetCore.Authorization, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL"> <Reference Include="Microsoft.AspNetCore.Authorization, Version=2.2.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.AspNetCore.Authorization.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authorization.dll</HintPath> <HintPath>..\packages\Microsoft.AspNetCore.Authorization.2.2.0\lib\netstandard2.0\Microsoft.AspNetCore.Authorization.dll</HintPath>
</Reference> </Reference>
...@@ -371,6 +377,12 @@ ...@@ -371,6 +377,12 @@
<Reference Include="Microsoft.IdentityModel.Logging, Version=5.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> <Reference Include="Microsoft.IdentityModel.Logging, Version=5.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.IdentityModel.Logging.5.6.0\lib\net461\Microsoft.IdentityModel.Logging.dll</HintPath> <HintPath>..\packages\Microsoft.IdentityModel.Logging.5.6.0\lib\net461\Microsoft.IdentityModel.Logging.dll</HintPath>
</Reference> </Reference>
<Reference Include="Microsoft.IdentityModel.Protocols, Version=5.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.IdentityModel.Protocols.5.3.0\lib\net461\Microsoft.IdentityModel.Protocols.dll</HintPath>
</Reference>
<Reference Include="Microsoft.IdentityModel.Protocols.OpenIdConnect, Version=5.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.IdentityModel.Protocols.OpenIdConnect.5.3.0\lib\net461\Microsoft.IdentityModel.Protocols.OpenIdConnect.dll</HintPath>
</Reference>
<Reference Include="Microsoft.IdentityModel.Tokens, Version=5.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"> <Reference Include="Microsoft.IdentityModel.Tokens, Version=5.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL">
<HintPath>..\packages\Microsoft.IdentityModel.Tokens.5.6.0\lib\net461\Microsoft.IdentityModel.Tokens.dll</HintPath> <HintPath>..\packages\Microsoft.IdentityModel.Tokens.5.6.0\lib\net461\Microsoft.IdentityModel.Tokens.dll</HintPath>
</Reference> </Reference>
......
...@@ -25,8 +25,8 @@ namespace Coscine.Api.Project.Tests ...@@ -25,8 +25,8 @@ namespace Coscine.Api.Project.Tests
public void OwnsTest() public void OwnsTest()
{ {
ProjectModel projectModel = new ProjectModel(); ProjectModel projectModel = new ProjectModel();
Assert.IsTrue(projectModel.OwnsProject(Users[0], Projects[0])); Assert.IsTrue(projectModel.HasAccess(Users[0], Projects[0], UserRoles.Owner));
Assert.IsFalse(projectModel.OwnsProject(Users[0], Projects[1])); Assert.IsFalse(projectModel.HasAccess(Users[0], Projects[1], UserRoles.Owner));
var all = projectModel.GetAllWhere((project) => var all = projectModel.GetAllWhere((project) =>
(from projectRole in project.ProjectRolesProjectIdIds (from projectRole in project.ProjectRolesProjectIdIds
...@@ -87,15 +87,8 @@ namespace Coscine.Api.Project.Tests ...@@ -87,15 +87,8 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
try actionResult = Controller.Update(Projects[1].Id.ToString());
{ Assert.IsTrue(actionResult.GetType() == typeof(UnauthorizedObjectResult));
Controller.Update(Projects[1].Id.ToString());
Assert.Fail();
}
catch (Exception e)
{
Assert.IsTrue(e.GetType() == typeof(NotAuthorizedException));
}
// Cleanup // Cleanup
stream.Close(); stream.Close();
...@@ -114,12 +107,12 @@ namespace Coscine.Api.Project.Tests ...@@ -114,12 +107,12 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
var actionResult = Controller.Store(); var actionResult = Controller.Store();
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult jsonResult = (JsonResult)actionResult;
Assert.IsTrue(okObjectResult.Value.GetType() == typeof(ProjectObject)); Assert.IsTrue(jsonResult.Value.GetType() == typeof(ProjectObject));
ProjectObject createdProjectObject = (ProjectObject)okObjectResult.Value; ProjectObject createdProjectObject = (ProjectObject)jsonResult.Value;
Assert.IsTrue(createdProjectObject.Description == newProjectObject.Description); Assert.IsTrue(createdProjectObject.Description == newProjectObject.Description);
Assert.IsTrue(createdProjectObject.DisplayName == newProjectObject.DisplayName); Assert.IsTrue(createdProjectObject.DisplayName == newProjectObject.DisplayName);
...@@ -149,12 +142,12 @@ namespace Coscine.Api.Project.Tests ...@@ -149,12 +142,12 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
var actionResult = Controller.Store(); var actionResult = Controller.Store();
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult result = (JsonResult)actionResult;
Assert.IsTrue(okObjectResult.Value.GetType() == typeof(ProjectObject)); Assert.IsTrue(result.Value.GetType() == typeof(ProjectObject));
ProjectObject createdProjectObject = (ProjectObject)okObjectResult.Value; ProjectObject createdProjectObject = (ProjectObject)result.Value;
stream.Close(); stream.Close();
stream = ObjectFactory<ProjectObject>.SerializeToStream(createdProjectObject); stream = ObjectFactory<ProjectObject>.SerializeToStream(createdProjectObject);
...@@ -162,10 +155,10 @@ namespace Coscine.Api.Project.Tests ...@@ -162,10 +155,10 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
actionResult = Controller.Delete(createdProjectObject.Id.ToString()); actionResult = Controller.Delete(createdProjectObject.Id.ToString());
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
okObjectResult = (OkObjectResult)actionResult; result = (JsonResult)actionResult;
Assert.IsTrue(okObjectResult.Value.GetType() == typeof(ProjectObject)); Assert.IsTrue(result.Value.GetType() == typeof(ProjectObject));
stream.Close(); stream.Close();
} }
...@@ -184,8 +177,8 @@ namespace Coscine.Api.Project.Tests ...@@ -184,8 +177,8 @@ namespace Coscine.Api.Project.Tests
var actionResult = Controller.Store(); var actionResult = Controller.Store();
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult result = (JsonResult)actionResult;
ProjectObject createdProjectObject = (ProjectObject)okObjectResult.Value; ProjectObject createdProjectObject = (ProjectObject)result.Value;
stream.Close(); stream.Close();
newProjectObject = new ProjectObject(Guid.NewGuid(), "NewProject", "NewDisplayName", DateTime.Now, DateTime.Now.AddYears(1), "test2;test3", "abc", "investigator", "grandId", newProjectObject = new ProjectObject(Guid.NewGuid(), "NewProject", "NewDisplayName", DateTime.Now, DateTime.Now.AddYears(1), "test2;test3", "abc", "investigator", "grandId",
...@@ -205,10 +198,10 @@ namespace Coscine.Api.Project.Tests ...@@ -205,10 +198,10 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
actionResult = Controller.Delete(createdProjectObject.Id.ToString()); actionResult = Controller.Delete(createdProjectObject.Id.ToString());
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
okObjectResult = (OkObjectResult)actionResult; result = (JsonResult)actionResult;
Assert.IsTrue(okObjectResult.Value.GetType() == typeof(ProjectObject)); Assert.IsTrue(result.Value.GetType() == typeof(ProjectObject));
stream.Close(); stream.Close();
} }
...@@ -225,8 +218,8 @@ namespace Coscine.Api.Project.Tests ...@@ -225,8 +218,8 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
var actionResult = Controller.Store(); var actionResult = Controller.Store();
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult result = (JsonResult)actionResult;
ProjectObject createdProjectObject = (ProjectObject)okObjectResult.Value; ProjectObject createdProjectObject = (ProjectObject)result.Value;
ProjectObject newSubProjectObject = new ProjectObject(Guid.NewGuid(), "NewSubProject", "NewDisplayNameSub", DateTime.Now, DateTime.Now.AddYears(1), "test2;test3", "abc", "investigator", "grandId", ProjectObject newSubProjectObject = new ProjectObject(Guid.NewGuid(), "NewSubProject", "NewDisplayNameSub", DateTime.Now, DateTime.Now.AddYears(1), "test2;test3", "abc", "investigator", "grandId",
new List<DisciplineObject>() { new DisciplineObject(Discipline.Id, Discipline.Url, Discipline.DisplayNameDe, Discipline.DisplayNameEn) }, new List<DisciplineObject>() { new DisciplineObject(Discipline.Id, Discipline.Url, Discipline.DisplayNameDe, Discipline.DisplayNameEn) },
...@@ -238,8 +231,8 @@ namespace Coscine.Api.Project.Tests ...@@ -238,8 +231,8 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], subStream); FakeControllerContext(Users[0], subStream);
var subActionResult = Controller.Store(); var subActionResult = Controller.Store();
OkObjectResult okSubObjectResult = (OkObjectResult)subActionResult; JsonResult resultSubProject = (JsonResult)subActionResult;
ProjectObject createdSubProjectObject = (ProjectObject)okSubObjectResult.Value; ProjectObject createdSubProjectObject = (ProjectObject)resultSubProject.Value;
SubProjectModel subProjectModel = new SubProjectModel(); SubProjectModel subProjectModel = new SubProjectModel();
var subProjects = subProjectModel.GetAllWhere((x) => x.ProjectId == createdProjectObject.Id); var subProjects = subProjectModel.GetAllWhere((x) => x.ProjectId == createdProjectObject.Id);
......
...@@ -23,19 +23,19 @@ namespace Coscine.Api.Project.Tests ...@@ -23,19 +23,19 @@ namespace Coscine.Api.Project.Tests
public void TestControllerIndex() public void TestControllerIndex()
{ {
var actionResult = Controller.Index(); var actionResult = Controller.Index();
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
} }
[Test] [Test]
public void TestControllerGet() public void TestControllerGet()
{ {
var actionResult = Controller.Get(Resources[0].Id.ToString()); var actionResult = Controller.Get(Resources[0].Id.ToString());
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult result = (JsonResult)actionResult;
Assert.IsTrue(okObjectResult.Value.GetType() == typeof(ResourceObject)); Assert.IsTrue(result.Value.GetType() == typeof(ResourceObject));
ResourceObject resourceObject = (ResourceObject)okObjectResult.Value; ResourceObject resourceObject = (ResourceObject)result.Value;
Assert.IsTrue(resourceObject.Id == Resources[0].Id); Assert.IsTrue(resourceObject.Id == Resources[0].Id);
Assert.IsTrue(resourceObject.DisplayName == Resources[0].DisplayName); Assert.IsTrue(resourceObject.DisplayName == Resources[0].DisplayName);
...@@ -49,8 +49,8 @@ namespace Coscine.Api.Project.Tests ...@@ -49,8 +49,8 @@ namespace Coscine.Api.Project.Tests
public void TestControllerUpdate() public void TestControllerUpdate()
{ {
var actionResult = Controller.Get(Resources[0].Id.ToString()); var actionResult = Controller.Get(Resources[0].Id.ToString());
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult result = (JsonResult)actionResult;
ResourceObject resourceObject = (ResourceObject)okObjectResult.Value; ResourceObject resourceObject = (ResourceObject)result.Value;
resourceObject.DisplayName = "OtherName"; resourceObject.DisplayName = "OtherName";
resourceObject.ResourceTypeOption = JObject.FromObject(new RDSResourceTypeObject(Guid.NewGuid(), "PITLABTTEST", 0)); resourceObject.ResourceTypeOption = JObject.FromObject(new RDSResourceTypeObject(Guid.NewGuid(), "PITLABTTEST", 0));
...@@ -60,7 +60,7 @@ namespace Coscine.Api.Project.Tests ...@@ -60,7 +60,7 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
actionResult = Controller.Update(Resources[0].Id.ToString()); actionResult = Controller.Update(Resources[0].Id.ToString());
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
// Cleanup // Cleanup
stream.Close(); stream.Close();
...@@ -69,15 +69,8 @@ namespace Coscine.Api.Project.Tests ...@@ -69,15 +69,8 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
try actionResult = Controller.Update(Resources[1].Id.ToString());
{ Assert.IsTrue(actionResult.GetType() == typeof(UnauthorizedObjectResult));
Controller.Update(Resources[1].Id.ToString());
Assert.Fail();
}
catch (Exception e)
{
Assert.IsTrue(e.GetType() == typeof(NotAuthorizedException));
}
// Cleanup // Cleanup
stream.Close(); stream.Close();
...@@ -107,9 +100,9 @@ namespace Coscine.Api.Project.Tests ...@@ -107,9 +100,9 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
var actionResult = Controller.StoreToProject(Projects[0].Id.ToString()); var actionResult = Controller.StoreToProject(Projects[0].Id.ToString());
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult result = (JsonResult)actionResult;
resourceObject = (ResourceObject)okObjectResult.Value; resourceObject = (ResourceObject)result.Value;
// Cleanup // Cleanup
stream.Close(); stream.Close();
...@@ -119,7 +112,7 @@ namespace Coscine.Api.Project.Tests ...@@ -119,7 +112,7 @@ namespace Coscine.Api.Project.Tests
FakeControllerContext(Users[0], stream); FakeControllerContext(Users[0], stream);
actionResult = Controller.Delete(resourceObject.Id.ToString()); actionResult = Controller.Delete(resourceObject.Id.ToString());
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
stream.Close(); stream.Close();
} }
......
...@@ -20,10 +20,10 @@ namespace Coscine.Api.Project.Tests ...@@ -20,10 +20,10 @@ namespace Coscine.Api.Project.Tests
public void TestGettingFields() public void TestGettingFields()
{ {
var actionResult = Controller.Fields(Resources[0].Type.Id.ToString()); var actionResult = Controller.Fields(Resources[0].Type.Id.ToString());
Assert.IsTrue(actionResult.GetType() == typeof(OkObjectResult)); Assert.IsTrue(actionResult.GetType() == typeof(JsonResult));
OkObjectResult okObjectResult = (OkObjectResult)actionResult; JsonResult result = (JsonResult)actionResult;
List<string> fields = (List<string>) okObjectResult.Value; List<string> fields = (List<string>) result.Value;
if(fields.Count() == 2) if(fields.Count() == 2)
{ {
Assert.IsTrue(fields[0] == "BucketName"); Assert.IsTrue(fields[0] == "BucketName");
......
...@@ -88,7 +88,7 @@ ...@@ -88,7 +88,7 @@
</dependentAssembly> </dependentAssembly>
<dependentAssembly> <dependentAssembly>
<assemblyIdentity name="Coscine.Database" publicKeyToken="767d77427707b70a" culture="neutral" /> <assemblyIdentity name="Coscine.Database" publicKeyToken="767d77427707b70a" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.12.1.0" newVersion="1.12.1.0" /> <bindingRedirect oldVersion="0.0.0.0-1.13.0.0" newVersion="1.13.0.0" />
</dependentAssembly> </dependentAssembly>
<dependentAssembly> <dependentAssembly>
<assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" /> <assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" />
...@@ -142,6 +142,10 @@ ...@@ -142,6 +142,10 @@
<assemblyIdentity name="Coscine.Logging" publicKeyToken="e1ed402bc3f6525e" culture="neutral" /> <assemblyIdentity name="Coscine.Logging" publicKeyToken="e1ed402bc3f6525e" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.0.1.0" newVersion="1.0.1.0" /> <bindingRedirect oldVersion="0.0.0.0-1.0.1.0" newVersion="1.0.1.0" />
</dependentAssembly> </dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.6.0.0" newVersion="5.6.0.0" />
</dependentAssembly>
</assemblyBinding> </assemblyBinding>
</runtime> </runtime>
<entityFramework> <entityFramework>
......
...@@ -4,10 +4,10 @@ ...@@ -4,10 +4,10 @@
<package id="AutoMapper.Extensions.Microsoft.DependencyInjection" version="6.0.0" targetFramework="net472" /> <package id="AutoMapper.Extensions.Microsoft.DependencyInjection" version="6.0.0" targetFramework="net472" />
<package id="Castle.Core" version="4.4.0" targetFramework="net472" /> <package id="Castle.Core" version="4.4.0" targetFramework="net472" />
<package id="Consul" version="0.7.2.6" targetFramework="net472" /> <package id="Consul" version="0.7.2.6" targetFramework="net472" />
<package id="Coscine.Action" version="1.7.0" targetFramework="net472" /> <package id="Coscine.Action" version="1.7.1" targetFramework="net472" />
<package id="Coscine.ApiCommons" version="1.3.1" targetFramework="net472" /> <package id="Coscine.ApiCommons" version="1.4.0" targetFramework="net472" />
<package id="Coscine.Configuration" version="1.4.0" targetFramework="net472" /> <package id="Coscine.Configuration" version="1.4.0" targetFramework="net472" />
<package id="Coscine.Database" version="1.12.1" targetFramework="net472" /> <package id="Coscine.Database" version="1.13.0" targetFramework="net472" />
<package id="Coscine.Logging" version="1.0.1" targetFramework="net472" /> <package id="Coscine.Logging" version="1.0.1" targetFramework="net472" />
<package id="Coscine.ProxyApi" version="1.2.0" targetFramework="net472" /> <package id="Coscine.ProxyApi" version="1.2.0" targetFramework="net472" />
<package id="Coscine.SharePoint.Webparts.Vue" version="1.4.0" targetFramework="net472" /> <package id="Coscine.SharePoint.Webparts.Vue" version="1.4.0" targetFramework="net472" />
...@@ -22,8 +22,10 @@ ...@@ -22,8 +22,10 @@
<package id="Metadata" version="1.0.0" targetFramework="net472" /> <package id="Metadata" version="1.0.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.AspNetCore" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Antiforgery" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.AspNetCore.Antiforgery" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Authentication" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Authentication.Abstractions" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.AspNetCore.Authentication.Abstractions" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Authentication.Core" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.AspNetCore.Authentication.Core" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Authentication.JwtBearer" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Authorization" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.AspNetCore.Authorization" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Authorization.Policy" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.AspNetCore.Authorization.Policy" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.AspNetCore.Connections.Abstractions" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.AspNetCore.Connections.Abstractions" version="2.2.0" targetFramework="net472" />
...@@ -115,6 +117,8 @@ ...@@ -115,6 +117,8 @@
<package id="Microsoft.IdentityModel" version="7.0.0" targetFramework="net472" /> <package id="Microsoft.IdentityModel" version="7.0.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.JsonWebTokens" version="5.6.0" targetFramework="net472" /> <package id="Microsoft.IdentityModel.JsonWebTokens" version="5.6.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Logging" version="5.6.0" targetFramework="net472" /> <package id="Microsoft.IdentityModel.Logging" version="5.6.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Protocols" version="5.3.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Protocols.OpenIdConnect" version="5.3.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Tokens" version="5.6.0" targetFramework="net472" /> <package id="Microsoft.IdentityModel.Tokens" version="5.6.0" targetFramework="net472" />
<package id="Microsoft.Net.Http.Headers" version="2.2.0" targetFramework="net472" /> <package id="Microsoft.Net.Http.Headers" version="2.2.0" targetFramework="net472" />
<package id="Microsoft.Win32.Registry" version="4.5.0" targetFramework="net472" /> <package id="Microsoft.Win32.Registry" version="4.5.0" targetFramework="net472" />
......
...@@ -91,7 +91,7 @@ ...@@ -91,7 +91,7 @@
</dependentAssembly> </dependentAssembly>
<dependentAssembly> <dependentAssembly>
<assemblyIdentity name="Coscine.Database" publicKeyToken="767d77427707b70a" culture="neutral" /> <assemblyIdentity name="Coscine.Database" publicKeyToken="767d77427707b70a" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.12.1.0" newVersion="1.12.1.0" /> <bindingRedirect oldVersion="0.0.0.0-1.13.0.0" newVersion="1.13.0.0" />
</dependentAssembly> </dependentAssembly>
<dependentAssembly> <dependentAssembly>
<assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" /> <assemblyIdentity name="System.IdentityModel.Tokens.Jwt" publicKeyToken="31bf3856ad364e35" culture="neutral" />
...@@ -145,6 +145,10 @@ ...@@ -145,6 +145,10 @@
<assemblyIdentity name="Coscine.Logging" publicKeyToken="e1ed402bc3f6525e" culture="neutral" /> <assemblyIdentity name="Coscine.Logging" publicKeyToken="e1ed402bc3f6525e" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-1.0.1.0" newVersion="1.0.1.0" /> <bindingRedirect oldVersion="0.0.0.0-1.0.1.0" newVersion="1.0.1.0" />
</dependentAssembly> </dependentAssembly>
<dependentAssembly>
<assemblyIdentity name="Microsoft.IdentityModel.Logging" publicKeyToken="31bf3856ad364e35" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-5.6.0.0" newVersion="5.6.0.0" />
</dependentAssembly>
</assemblyBinding> </assemblyBinding>
</runtime> </runtime>
<entityFramework> <entityFramework>
......
...@@ -5,6 +5,7 @@ using Coscine.ApiCommons.Factories; ...@@ -5,6 +5,7 @@ using Coscine.ApiCommons.Factories;
using Coscine.ApiCommons.Utils; using Coscine.ApiCommons.Utils;
using Coscine.Configuration; using Coscine.Configuration;
using Coscine.Database.Model; using Coscine.Database.Model;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc; using Microsoft.AspNetCore.Mvc;
using Newtonsoft.Json.Linq; using Newtonsoft.Json.Linq;
using System; using System;
...@@ -22,6 +23,7 @@ using System.Web; ...@@ -22,6 +23,7 @@ using System.Web;
namespace Coscine.Api.Project.Controllers namespace Coscine.Api.Project.Controllers
{ {
[Authorize]
public class DataSourceController : Controller public class DataSourceController : Controller
{ {
private readonly IConfiguration _configuration; private readonly IConfiguration _configuration;
...@@ -30,6 +32,7 @@ namespace Coscine.Api.Project.Controllers ...@@ -30,6 +32,7 @@ namespace Coscine.Api.Project.Controllers
private static readonly HttpClient Client; private static readonly HttpClient Client;
private readonly Authenticator _authenticator; private readonly Authenticator _authenticator;
private readonly ResourceModel _resourceModel; private readonly ResourceModel _resourceModel;
private readonly ProjectModel _projectModel;
static DataSourceController() static DataSourceController()
{ {
...@@ -45,6 +48,7 @@ namespace Coscine.Api.Project.Controllers ...@@ -45,6 +48,7 @@ namespace Coscine.Api.Project.Controllers
_jwtHandler = new JWTHandler(_configuration); _jwtHandler = new JWTHandler(_configuration);
_authenticator = new Authenticator(this, _configuration); _authenticator = new Authenticator(this, _configuration);
_resourceModel = new ResourceModel(); _resourceModel = new ResourceModel();
_projectModel = new ProjectModel();
} }
// inferring a ../ (urlencoded) can manipulate the url. // inferring a ../ (urlencoded) can manipulate the url.
...@@ -53,6 +57,8 @@ namespace Coscine.Api.Project.Controllers ...@@ -53,6 +57,8 @@ namespace Coscine.Api.Project.Controllers
[HttpGet("[controller]/{resourceId}/{path}")] [HttpGet("[controller]/{resourceId}/{path}")]
public async Task<IActionResult> GetWaterButlerFolder(string resourceId, string path) public async Task<IActionResult> GetWaterButlerFolder(string resourceId, string path)
{ {
var user = _authenticator.GetUser();
if (!string.IsNullOrWhiteSpace(path)) if (!string.IsNullOrWhiteSpace(path))
{ {
path = HttpUtility.UrlDecode(path); path = HttpUtility.UrlDecode(path);
...@@ -64,6 +70,11 @@ namespace Coscine.Api.Project.Controllers ...@@ -64,6 +70,11 @@ namespace Coscine.Api.Project.Controllers
return check; return check;
} }
if (!_resourceModel.HasAccess(user, resource, UserRoles.Owner, UserRoles.Member))
{
return BadRequest("User does not have permission to the resource.");
}
var authHeader = BuildAuthHeader(resource); var authHeader = BuildAuthHeader(resource);
if (authHeader == null) if (authHeader == null)
...@@ -107,6 +118,9 @@ namespace Coscine.Api.Project.Controllers ...@@ -107,6 +118,9 @@ namespace Coscine.Api.Project.Controllers