Skip to content

41 add auth to harvest api #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
donsizemore wants to merge 20 commits into
base: 8117_sphinx_warnings_as_errors
Choose a base branch
from
Open

41 add auth to harvest api #86

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
5884f22
#41 add super user req. and tests
sekmiller Sep 10, 2021
875626f
Merge branch 'develop' into 41-add-auth-to-harvest-api
sekmiller Sep 10, 2021
63aa48f
Merge branch 'develop' into 41-add-auth-to-harvest-api
sekmiller Sep 16, 2021
5e59af3
#41 remove unused imports
sekmiller Sep 17, 2021
50b85ac
#41 enable modify sets endpoint
sekmiller Sep 20, 2021
b586a6f
#41 remove specname from path of create set
sekmiller Sep 21, 2021
6290851
Merge branch 'develop' into 41-add-auth-to-harvest-api
sekmiller Sep 22, 2021
ccafad4
Merge branch 'develop' into 41-add-auth-to-harvest-api
sekmiller Sep 22, 2021
892d844
doc updates for @sekmiller
djbrooke Sep 22, 2021
109b77d
#41 formatting for the benefit of "Review Dog"
sekmiller Sep 23, 2021
02e8e25
Revert "#41 formatting for the benefit of "Review Dog""
sekmiller Sep 23, 2021
90dcbf6
formatting for "Review Dog"
sekmiller Sep 23, 2021
21fd637
Merge branch 'develop' into 41-add-auth-to-harvest-api
djbrooke Sep 27, 2021
b2b05f2
#41 test for PR
Sep 28, 2021
caf28d2
#41 bloop bloop
Sep 28, 2021
282574c
pull request against partial build-command
Sep 28, 2021
f3c1d19
#41 testing option order
Sep 28, 2021
18e3631
#41 test against Odum's fork
Sep 28, 2021
56079f5
#41 bumped to sphinx 3.5.4 by default
Sep 28, 2021
de73121
#41 modified Odum fork with hard-coded build options
Sep 28, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
#41 add super user req. and tests
  • Loading branch information
@sekmiller
sekmiller committed Sep 10, 2021
commit 5884f22521c5870aec0721e968e6f0fdfb4c058e
11 changes: 11 additions & 0 deletions src/main/java/edu/harvard/iq/dataverse/api/HarvestingServer.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -195,6 +195,17 @@ public Response modifyOaiSet(String jsonBody, @PathParam("specname") String spec
@DELETE
@Path("{specname}")
public Response deleteOaiSet(@PathParam("specname") String spec, @QueryParam("key") String apiKey) {

AuthenticatedUser dvUser;
try {
dvUser = findAuthenticatedUserOrDie();
} catch (WrappedResponse wr) {
return wr.getResponse();
}
if (!dvUser.isSuperuser()) {
return badRequest(BundleUtil.getStringFromBundle("harvestserver.deleteSetDialog.setspec.superUser.required"));
}

OAISet set = null;
try {
set = oaiSetService.findBySpec(spec);
Expand Down
1 change: 1 addition & 0 deletions src/main/java/propertyFiles/Bundle.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -593,6 +593,7 @@ harvestserver.newSetDialog.btn.create=Create Set
harvestserver.newSetDialog.success=Successfully created harvesting set "{0}".
harvestserver.viewEditDialog.title=Edit Harvesting Set
harvestserver.viewEditDialog.btn.save=Save Changes
harvestserver.deleteSetDialog.setspec.superUser.required=Only superusers may delete OAI sets.

#dashboard-users.xhtml
dashboard.card.users=Users
Expand Down
14 changes: 14 additions & 0 deletions src/test/java/edu/harvard/iq/dataverse/api/HarvestingServerIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -95,6 +95,20 @@ public void testSetCreation() {
// try to export set as admin user, should succeed (under admin API, not checking that normal user will fail)
Response r4 = UtilIT.exportOaiSet(setName);
assertEquals(200, r4.getStatusCode());

// try to delete as normal user should fail
Response r5 = given()
.header(UtilIT.API_TOKEN_HTTP_HEADER, normalUserAPIKey)
.delete(u0);
logger.info("r5.getStatusCode(): " + r5.getStatusCode());
assertEquals(400, r5.getStatusCode());

// try to delete as admin user should work
Response r6 = given()
.header(UtilIT.API_TOKEN_HTTP_HEADER, adminUserAPIKey)
.delete(u0);
logger.info("r6.getStatusCode(): " + r6.getStatusCode());
assertEquals(200, r6.getStatusCode());

// TODO - get an answer to the question of if it's worth cleaning up (users, sets) or not
}
Expand Down