add tests for the security layer

commafeed-server/src/test/java/com/commafeed/integration/rest/AdminIT.java

@@ -4,9 +4,7 @@ import java.util.Arrays;
 import java.util.List;
 
 import javax.ws.rs.client.Entity;
-import javax.ws.rs.core.Response;
 
-import org.eclipse.jetty.http.HttpStatus;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
@@ -21,10 +19,8 @@ class AdminIT extends BaseIT {
 
 	@Test
 	void getApplicationSettings() {
-		try (Response response = getClient().target(getApiBaseUrl() + "admin/settings").request().get()) {
-			ApplicationSettings settings = response.readEntity(ApplicationSettings.class);
-			Assertions.assertTrue(settings.getAllowRegistrations());
-		}
+		ApplicationSettings settings = getClient().target(getApiBaseUrl() + "admin/settings").request().get(ApplicationSettings.class);
+		Assertions.assertTrue(settings.getAllowRegistrations());
 	}
 
 	@Nested
@@ -37,45 +33,38 @@ class AdminIT extends BaseIT {
 			user.setName("test");
 			user.setPassword("test".getBytes());
 			user.setEmail("test@test.com");
+			getClient().target(getApiBaseUrl() + "admin/user/save").request().post(Entity.json(user), Void.TYPE);
 
-			try (Response response = getClient().target(getApiBaseUrl() + "admin/user/save").request().post(Entity.json(user))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
+			List<UserModel> newUsers = getAllUsers();
+			Assertions.assertEquals(existingUsers.size() + 1, newUsers.size());
 
-				List<UserModel> newUsers = getAllUsers();
-				Assertions.assertEquals(existingUsers.size() + 1, newUsers.size());
-
-				UserModel newUser = newUsers.stream().filter(u -> u.getName().equals("test")).findFirst().get();
-				user.setId(newUser.getId());
-			}
+			UserModel newUser = newUsers.stream()
+					.filter(u -> u.getName().equals("test"))
+					.findFirst()
+					.orElseThrow(() -> new NullPointerException("User not found"));
+			user.setId(newUser.getId());
 
 			IDRequest req = new IDRequest();
 			req.setId(user.getId());
-			try (Response response = getClient().target(getApiBaseUrl() + "admin/user/delete").request().post(Entity.json(req))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-
-				List<UserModel> newUsers = getAllUsers();
-				Assertions.assertEquals(existingUsers.size(), newUsers.size());
-			}
+			getClient().target(getApiBaseUrl() + "admin/user/delete").request().post(Entity.json(req), Void.TYPE);
+			Assertions.assertEquals(existingUsers.size(), getAllUsers().size());
 		}
 
 		@Test
 		void editExistingUser() {
 			List<UserModel> existingUsers = getAllUsers();
-			UserModel user = existingUsers.stream().filter(u -> u.getName().equals("admin")).findFirst().get();
+			UserModel user = existingUsers.stream()
+					.filter(u -> u.getName().equals("admin"))
+					.findFirst()
+					.orElseThrow(() -> new NullPointerException("User not found"));
 			user.setEmail("new-email@provider.com");
 
-			try (Response response = getClient().target(getApiBaseUrl() + "admin/user/save").request().post(Entity.json(user))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-
-				List<UserModel> newUsers = getAllUsers();
-				Assertions.assertEquals(existingUsers.size(), newUsers.size());
-			}
+			getClient().target(getApiBaseUrl() + "admin/user/save").request().post(Entity.json(user), Void.TYPE);
+			Assertions.assertEquals(existingUsers.size(), getAllUsers().size());
 		}
 
 		private List<UserModel> getAllUsers() {
-			try (Response response = getClient().target(getApiBaseUrl() + "admin/user/getAll").request().get()) {
-				return Arrays.asList(response.readEntity(UserModel[].class));
-			}
+			return Arrays.asList(getClient().target(getApiBaseUrl() + "admin/user/getAll").request().get(UserModel[].class));
 		}
 	}
 

commafeed-server/src/test/java/com/commafeed/integration/rest/FeedIT.java

@@ -40,14 +40,9 @@ class FeedIT extends BaseIT {
 			FeedInfoRequest req = new FeedInfoRequest();
 			req.setUrl(getFeedUrl());
 
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/fetch").request().post(Entity.json(req))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-
-				FeedInfo feedInfo = response.readEntity(FeedInfo.class);
-				Assertions.assertEquals("CommaFeed test feed", feedInfo.getTitle());
-				Assertions.assertEquals(getFeedUrl(), feedInfo.getUrl());
-			}
-
+			FeedInfo feedInfo = getClient().target(getApiBaseUrl() + "feed/fetch").request().post(Entity.json(req), FeedInfo.class);
+			Assertions.assertEquals("CommaFeed test feed", feedInfo.getTitle());
+			Assertions.assertEquals(getFeedUrl(), feedInfo.getUrl());
 		}
 	}
 
@@ -110,10 +105,7 @@ class FeedIT extends BaseIT {
 		private void markFeedEntries(long subscriptionId) {
 			MarkRequest request = new MarkRequest();
 			request.setId(String.valueOf(subscriptionId));
-
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/mark").request().post(Entity.json(request))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-			}
+			getClient().target(getApiBaseUrl() + "feed/mark").request().post(Entity.json(request), Void.TYPE);
 		}
 	}
 
@@ -124,7 +116,9 @@ class FeedIT extends BaseIT {
 			Long subscriptionId = subscribeAndWaitForEntries(getFeedUrl());
 
 			Date now = new Date();
-			refreshFeed(subscriptionId);
+			IDRequest request = new IDRequest();
+			request.setId(subscriptionId);
+			getClient().target(getApiBaseUrl() + "feed/refresh").request().post(Entity.json(request), Void.TYPE);
 
 			Awaitility.await()
 					.atMost(Duration.ofSeconds(15))
@@ -136,28 +130,12 @@ class FeedIT extends BaseIT {
 			Long subscriptionId = subscribeAndWaitForEntries(getFeedUrl());
 
 			Date now = new Date();
-			refreshAllFeeds();
+			getClient().target(getApiBaseUrl() + "feed/refreshAll").request().get(Void.TYPE);
 
 			Awaitility.await()
 					.atMost(Duration.ofSeconds(15))
 					.until(() -> getSubscription(subscriptionId), f -> f.getLastRefresh().after(now));
 		}
-
-		private void refreshFeed(Long subscriptionId) {
-			IDRequest request = new IDRequest();
-			request.setId(subscriptionId);
-
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/refresh").request().post(Entity.json(request))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-			}
-		}
-
-		private void refreshAllFeeds() {
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/refreshAll").request().get()) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-			}
-		}
-
 	}
 
 	@Nested
@@ -172,9 +150,7 @@ class FeedIT extends BaseIT {
 			req.setId(subscriptionId);
 			req.setName("new name");
 			req.setCategoryId(subscription.getCategoryId());
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/modify").request().post(Entity.json(req))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-			}
+			getClient().target(getApiBaseUrl() + "feed/modify").request().post(Entity.json(req), Void.TYPE);
 
 			subscription = getSubscription(subscriptionId);
 			Assertions.assertEquals("new name", subscription.getName());
@@ -187,25 +163,21 @@ class FeedIT extends BaseIT {
 		void favicon() throws IOException {
 			Long subscriptionId = subscribe(getFeedUrl());
 
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/favicon/{id}")
+			byte[] icon = getClient().target(getApiBaseUrl() + "feed/favicon/{id}")
 					.resolveTemplate("id", subscriptionId)
 					.request()
-					.get()) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-				byte[] icon = response.readEntity(byte[].class);
-
-				byte[] defaultFavicon = IOUtils.toByteArray(Objects.requireNonNull(getClass().getResource("/images/default_favicon.gif")));
-				Assertions.assertArrayEquals(defaultFavicon, icon);
-			}
+					.get(byte[].class);
+			byte[] defaultFavicon = IOUtils.toByteArray(Objects.requireNonNull(getClass().getResource("/images/default_favicon.gif")));
+			Assertions.assertArrayEquals(defaultFavicon, icon);
 		}
 	}
 
 	@Nested
 	class Opml {
 		@Test
-		void importExportOpml() throws IOException {
+		void importExportOpml() {
 			importOpml();
-			String opml = exportOpml();
+			String opml = getClient().target(getApiBaseUrl() + "feed/export").request().get(String.class);
 			String expextedOpml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<opml version=\"1.0\">\n" + "  <head>\n"
 					+ "    <title>admin subscriptions in CommaFeed</title>\n" + "  </head>\n" + "  <body>\n"
 					+ "    <outline text=\"out1\" title=\"out1\">\n"
@@ -219,18 +191,9 @@ class FeedIT extends BaseIT {
 			MultiPart multiPart = new MultiPart().bodyPart(new StreamDataBodyPart("file", stream));
 			multiPart.setMediaType(MediaType.MULTIPART_FORM_DATA_TYPE);
 
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/import")
+			getClient().target(getApiBaseUrl() + "feed/import")
 					.request()
-					.post(Entity.entity(multiPart, multiPart.getMediaType()))) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-			}
-		}
-
-		String exportOpml() {
-			try (Response response = getClient().target(getApiBaseUrl() + "feed/export").request().get()) {
-				Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-				return response.readEntity(String.class);
-			}
+					.post(Entity.entity(multiPart, multiPart.getMediaType()), Void.TYPE);
 		}
 	}
 

commafeed-server/src/test/java/com/commafeed/integration/rest/FeverIT.java

@@ -2,10 +2,8 @@ package com.commafeed.integration.rest;
 
 import javax.ws.rs.client.Entity;
 import javax.ws.rs.core.Form;
-import javax.ws.rs.core.Response;
 
 import org.apache.commons.codec.digest.DigestUtils;
-import org.eclipse.jetty.http.HttpStatus;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
@@ -26,9 +24,7 @@ class FeverIT extends BaseIT {
 		ProfileModificationRequest req = new ProfileModificationRequest();
 		req.setCurrentPassword("admin");
 		req.setNewApiKey(true);
-		try (Response response = getClient().target(getApiBaseUrl() + "user/profile").request().post(Entity.json(req))) {
-			Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-		}
+		getClient().target(getApiBaseUrl() + "user/profile").request().post(Entity.json(req), Void.TYPE);
 
 		// retrieve api key
 		UserModel user = getClient().target(getApiBaseUrl() + "user/profile").request().get(UserModel.class);
@@ -38,13 +34,11 @@ class FeverIT extends BaseIT {
 
 	@Test
 	void get() {
-		try (Response response = getClient().target(getApiBaseUrl() + "fever/user/${userId}")
+		String message = getClient().target(getApiBaseUrl() + "fever/user/${userId}")
 				.resolveTemplate("userId", 1)
 				.request()
-				.get()) {
-			Assertions.assertEquals("Welcome to the CommaFeed Fever API. Add this URL to your Fever-compatible reader.",
-					response.readEntity(String.class));
-		}
+				.get(String.class);
+		Assertions.assertEquals("Welcome to the CommaFeed Fever API. Add this URL to your Fever-compatible reader.", message);
 	}
 
 	@Test
@@ -81,12 +75,9 @@ class FeverIT extends BaseIT {
 		Form form = new Form();
 		form.param("api_key", DigestUtils.md5Hex("admin:" + apiKey));
 		form.param(what, "1");
-		try (Response response = getClient().target(getApiBaseUrl() + "fever/user/{userId}")
+		return getClient().target(getApiBaseUrl() + "fever/user/{userId}")
 				.resolveTemplate("userId", userId)
 				.request()
-				.post(Entity.form(form))) {
-			Assertions.assertEquals(HttpStatus.OK_200, response.getStatus());
-			return response.readEntity(FeverResponse.class);
-		}
+				.post(Entity.form(form), FeverResponse.class);
 	}
 }