diff --git a/src/main/java/org/dependencytrack/persistence/DefaultObjectGenerator.java b/src/main/java/org/dependencytrack/persistence/DefaultObjectGenerator.java index 330034cae7..39877bfff7 100644 --- a/src/main/java/org/dependencytrack/persistence/DefaultObjectGenerator.java +++ b/src/main/java/org/dependencytrack/persistence/DefaultObjectGenerator.java @@ -79,7 +79,7 @@ public void contextDestroyed(final ServletContextEvent event) { /** * Loads the default licenses into the database if no license data exists. */ - private void loadDefaultLicenses() { + public void loadDefaultLicenses() { try (QueryManager qm = new QueryManager()) { LOGGER.info("Synchronizing SPDX license definitions to datastore"); @@ -120,7 +120,7 @@ private void loadDefaultLicenseGroups() { /** * Loads the default permissions */ - private void loadDefaultPermissions() { + public void loadDefaultPermissions() { try (QueryManager qm = new QueryManager()) { LOGGER.info("Synchronizing permissions to datastore"); for (final Permissions permission : Permissions.values()) { @@ -197,7 +197,7 @@ private List getAutomationPermissions(final List fullLis /** * Loads the default repositories */ - private void loadDefaultRepositories() { + public void loadDefaultRepositories() { try (QueryManager qm = new QueryManager()) { LOGGER.info("Synchronizing default repositories to datastore"); qm.createRepository(RepositoryType.CPAN, "cpan-public-registry", "https://fastapi.metacpan.org/v1/", true, false, false, null, null); @@ -236,7 +236,7 @@ private void loadDefaultConfigProperties() { /** * Loads the default notification publishers */ - private void loadDefaultNotificationPublishers() { + public void loadDefaultNotificationPublishers() { try (QueryManager qm = new QueryManager()) { LOGGER.info("Synchronizing notification publishers to datastore"); for (final DefaultNotificationPublishers publisher : DefaultNotificationPublishers.values()) { diff --git a/src/test/java/org/dependencytrack/JerseyTestRule.java b/src/test/java/org/dependencytrack/JerseyTestRule.java new file mode 100644 index 0000000000..a30cfe0625 --- /dev/null +++ b/src/test/java/org/dependencytrack/JerseyTestRule.java @@ -0,0 +1,87 @@ +/* + * This file is part of Dependency-Track. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * SPDX-License-Identifier: Apache-2.0 + * Copyright (c) OWASP Foundation. All Rights Reserved. + */ +package org.dependencytrack; + +import org.glassfish.jersey.client.ClientConfig; +import org.glassfish.jersey.grizzly.connector.GrizzlyConnectorProvider; +import org.glassfish.jersey.server.ResourceConfig; +import org.glassfish.jersey.servlet.ServletContainer; +import org.glassfish.jersey.test.DeploymentContext; +import org.glassfish.jersey.test.JerseyTest; +import org.glassfish.jersey.test.ServletDeploymentContext; +import org.glassfish.jersey.test.spi.TestContainerException; +import org.glassfish.jersey.test.spi.TestContainerFactory; +import org.junit.rules.ExternalResource; + +import javax.ws.rs.client.WebTarget; + +/** + * @since 4.11.0 + */ +public class JerseyTestRule extends ExternalResource { + + private final JerseyTest jerseyTest; + + public JerseyTestRule(final ResourceConfig resourceConfig) { + this.jerseyTest = new JerseyTest() { + + @Override + protected TestContainerFactory getTestContainerFactory() throws TestContainerException { + return new DTGrizzlyWebTestContainerFactory(); + } + + @Override + protected void configureClient(final ClientConfig config) { + // Prevent InaccessibleObjectException with JDK >= 16 when performing PATCH requests + // using the default HttpUrlConnection connector provider. + // See https://github.com/eclipse-ee4j/jersey/issues/4825 + config.connectorProvider(new GrizzlyConnectorProvider()); + } + + @Override + protected DeploymentContext configureDeployment() { + return ServletDeploymentContext.forServlet(new ServletContainer(resourceConfig)).build(); + } + + }; + } + + @Override + protected void before() throws Throwable { + jerseyTest.setUp(); + } + + @Override + protected void after() { + try { + jerseyTest.tearDown(); + } catch (Exception e) { + throw new RuntimeException(e); + } + } + + public WebTarget target() { + return jerseyTest.target(); + } + + public final WebTarget target(final String path) { + return jerseyTest.target(path); + } + +} diff --git a/src/test/java/org/dependencytrack/ResourceTest.java b/src/test/java/org/dependencytrack/ResourceTest.java index 1568808bc2..22ddd0900e 100644 --- a/src/test/java/org/dependencytrack/ResourceTest.java +++ b/src/test/java/org/dependencytrack/ResourceTest.java @@ -19,18 +19,12 @@ package org.dependencytrack; import alpine.Config; -import alpine.model.ManagedUser; import alpine.model.Permission; import alpine.model.Team; -import alpine.server.auth.JsonWebToken; import alpine.server.auth.PasswordService; import alpine.server.persistence.PersistenceManagerFactory; import org.dependencytrack.auth.Permissions; import org.dependencytrack.persistence.QueryManager; -import org.glassfish.jersey.client.ClientConfig; -import org.glassfish.jersey.grizzly.connector.GrizzlyConnectorProvider; -import org.glassfish.jersey.test.JerseyTest; -import org.glassfish.jersey.test.spi.TestContainerFactory; import org.junit.After; import org.junit.Before; import org.junit.BeforeClass; @@ -44,7 +38,7 @@ import java.util.ArrayList; import java.util.List; -public abstract class ResourceTest extends JerseyTest { +public abstract class ResourceTest { protected final String V1_ANALYSIS = "/v1/analysis"; protected final String V1_BADGE = "/v1/badge"; @@ -84,12 +78,12 @@ public abstract class ResourceTest extends JerseyTest { protected final String SIZE = "size"; protected final String TOTAL_COUNT_HEADER = "X-Total-Count"; protected final String X_API_KEY = "X-Api-Key"; - protected final String V1_TAG = "/v1/tag"; + // Hashing is expensive. Do it once and re-use across tests as much as possible. + protected static final String TEST_USER_PASSWORD_HASH = new String(PasswordService.createHash("testuser".toCharArray())); + protected QueryManager qm; - protected ManagedUser testUser; - protected String jwt; protected Team team; protected String apiKey; @@ -102,15 +96,12 @@ public static void init() { public void before() throws Exception { // Add a test user and team with API key. Optional if this is used, but its available to all tests. this.qm = new QueryManager(); - testUser = qm.createManagedUser("testuser", String.valueOf(PasswordService.createHash("testuser".toCharArray()))); - this.jwt = new JsonWebToken().createToken(testUser); team = qm.createTeam("Test Users", true); - qm.addUserToTeam(testUser, team); this.apiKey = team.getApiKeys().get(0).getKey(); } @After - public void after() { + public void after() throws Exception { // PersistenceManager will refuse to close when there's an active transaction // that was neither committed nor rolled back. Unfortunately some areas of the // code base can leave such a broken state behind if they run into unexpected @@ -123,28 +114,13 @@ public void after() { PersistenceManagerFactory.tearDown(); } - @Override - protected TestContainerFactory getTestContainerFactory() { - return new DTGrizzlyWebTestContainerFactory(); - } - - @Override - protected void configureClient(final ClientConfig config) { - // Prevent InaccessibleObjectException with JDK >= 16 when performing PATCH requests - // using the default HttpUrlConnection connector provider. - // See https://github.com/eclipse-ee4j/jersey/issues/4825 - config.connectorProvider(new GrizzlyConnectorProvider()); - } - public void initializeWithPermissions(Permissions... permissions) { List permissionList = new ArrayList<>(); for (Permissions permission: permissions) { permissionList.add(qm.createPermission(permission.name(), null)); } - testUser.setPermissions(permissionList); team.setPermissions(permissionList); qm.persist(team); - testUser = qm.persist(testUser); } protected String getPlainTextBody(Response response) { diff --git a/src/test/java/org/dependencytrack/resources/v1/AnalysisResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/AnalysisResourceTest.java index f68ba8287a..08ca069344 100644 --- a/src/test/java/org/dependencytrack/resources/v1/AnalysisResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/AnalysisResourceTest.java @@ -28,6 +28,7 @@ import alpine.server.filters.AuthorizationFilter; import net.jcip.annotations.NotThreadSafe; import org.apache.http.HttpStatus; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.auth.Permissions; import org.dependencytrack.model.Analysis; @@ -44,11 +45,10 @@ import org.dependencytrack.resources.v1.vo.AnalysisRequest; import org.dependencytrack.util.NotificationUtil; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.After; import org.junit.AfterClass; import org.junit.BeforeClass; +import org.junit.ClassRule; import org.junit.Test; import javax.json.Json; @@ -68,15 +68,12 @@ @NotThreadSafe public class AnalysisResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(AnalysisResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class) - .register(AuthorizationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(AnalysisResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class) + .register(AuthorizationFilter.class)); public static class NotificationSubscriber implements Subscriber { @@ -99,10 +96,11 @@ public static void tearDownClass() { NotificationService.getInstance().unsubscribe(new Subscription(NotificationSubscriber.class)); } + @After @Override - public void tearDown() throws Exception { + public void after() throws Exception { NOTIFICATIONS.clear(); - super.tearDown(); + super.after(); } @Test @@ -128,7 +126,7 @@ public void retrieveAnalysisTest() { AnalysisJustification.CODE_NOT_REACHABLE, AnalysisResponse.WILL_NOT_FIX, "Analysis details here", true); qm.makeAnalysisComment(analysis, "Analysis comment here", "Jane Doe"); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .queryParam("project", project.getUuid()) .queryParam("component", component.getUuid()) .queryParam("vulnerability", vulnerability.getUuid()) @@ -170,7 +168,7 @@ public void retrieveAnalysisWithoutExistingAnalysisTest() { vulnerability.setComponents(List.of(component)); vulnerability = qm.createVulnerability(vulnerability, false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .queryParam("project", project.getUuid()) .queryParam("component", component.getUuid()) .queryParam("vulnerability", vulnerability.getUuid()) @@ -200,7 +198,7 @@ public void noAnalysisExists() { vulnerability.setComponents(List.of(component)); vulnerability = qm.createVulnerability(vulnerability, false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .queryParam("component", component.getUuid()) .queryParam("vulnerability", vulnerability.getUuid()) .request() @@ -229,7 +227,7 @@ public void retrieveAnalysisWithProjectNotFoundTest() { vulnerability.setComponents(List.of(component)); vulnerability = qm.createVulnerability(vulnerability, false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .queryParam("project", UUID.randomUUID()) .queryParam("component", component.getUuid()) .queryParam("vulnerability", vulnerability.getUuid()) @@ -260,7 +258,7 @@ public void retrieveAnalysisWithComponentNotFoundTest() { vulnerability.setComponents(List.of(component)); vulnerability = qm.createVulnerability(vulnerability, false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .queryParam("project", project.getUuid()) .queryParam("component", UUID.randomUUID()) .queryParam("vulnerability", vulnerability.getUuid()) @@ -291,7 +289,7 @@ public void retrieveAnalysisWithVulnerabilityNotFoundTest() { vulnerability.setComponents(List.of(component)); qm.createVulnerability(vulnerability, false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .queryParam("project", project.getUuid()) .queryParam("component", component.getUuid()) .queryParam("vulnerability", UUID.randomUUID()) @@ -305,7 +303,7 @@ public void retrieveAnalysisWithVulnerabilityNotFoundTest() { @Test public void retrieveAnalysisUnauthorizedTest() { - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .queryParam("project", UUID.randomUUID()) .queryParam("component", UUID.randomUUID()) .queryParam("vulnerability", UUID.randomUUID()) @@ -339,7 +337,7 @@ public void updateAnalysisCreateNewTest() throws Exception { vulnerability.getUuid().toString(), AnalysisState.NOT_AFFECTED, AnalysisJustification.CODE_NOT_REACHABLE, AnalysisResponse.WILL_NOT_FIX, "Analysis details here", "Analysis comment here", true); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -395,7 +393,7 @@ public void updateAnalysisCreateNewWithEmptyRequestTest() throws Exception { final var analysisRequest = new AnalysisRequest(project.getUuid().toString(), component.getUuid().toString(), vulnerability.getUuid().toString(), null, null, null, null, null, null); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -450,7 +448,7 @@ public void updateAnalysisUpdateExistingTest() throws Exception { vulnerability.getUuid().toString(), AnalysisState.EXPLOITABLE, AnalysisJustification.NOT_SET, AnalysisResponse.UPDATE, "New analysis details here", "New analysis comment here", false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -528,7 +526,7 @@ public void updateAnalysisWithNoChangesTest() throws Exception{ vulnerability.getUuid().toString(), AnalysisState.NOT_AFFECTED, AnalysisJustification.CODE_NOT_REACHABLE, AnalysisResponse.WILL_NOT_FIX, "Analysis details here", null, true); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -577,7 +575,7 @@ public void updateAnalysisUpdateExistingWithEmptyRequestTest() throws Exception final var analysisRequest = new AnalysisRequest(project.getUuid().toString(), component.getUuid().toString(), vulnerability.getUuid().toString(), null, null, null, null, null, null); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -641,7 +639,7 @@ public void updateAnalysisWithProjectNotFoundTest() { vulnerability.getUuid().toString(), AnalysisState.NOT_AFFECTED, AnalysisJustification.CODE_NOT_REACHABLE, AnalysisResponse.WILL_NOT_FIX, "Analysis details here", "Analysis comment here", true); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -673,7 +671,7 @@ public void updateAnalysisWithComponentNotFoundTest() { vulnerability.getUuid().toString(), AnalysisState.NOT_AFFECTED, AnalysisJustification.CODE_NOT_REACHABLE, AnalysisResponse.WILL_NOT_FIX, "Analysis details here", "Analysis comment here", true); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -705,7 +703,7 @@ public void updateAnalysisWithVulnerabilityNotFoundTest() { UUID.randomUUID().toString(), AnalysisState.NOT_AFFECTED, AnalysisJustification.CODE_NOT_REACHABLE, AnalysisResponse.WILL_NOT_FIX, "Analysis details here", "Analysis comment here", true); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -743,7 +741,7 @@ public void updateAnalysisIssue1409Test() throws InterruptedException { vulnerability.getUuid().toString(), AnalysisState.NOT_AFFECTED, AnalysisJustification.PROTECTED_BY_MITIGATING_CONTROL, AnalysisResponse.UPDATE, "New analysis details here", "New analysis comment here", false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); @@ -794,7 +792,7 @@ public void updateAnalysisUnauthorizedTest() { UUID.randomUUID().toString(), AnalysisState.NOT_AFFECTED, AnalysisJustification.PROTECTED_BY_MITIGATING_CONTROL, AnalysisResponse.UPDATE, "Analysis details here", "Analysis comment here", false); - final Response response = target(V1_ANALYSIS) + final Response response = jersey.target(V1_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(analysisRequest, MediaType.APPLICATION_JSON)); diff --git a/src/test/java/org/dependencytrack/resources/v1/BadgeResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/BadgeResourceTest.java index 76b13e959e..a2435e065a 100644 --- a/src/test/java/org/dependencytrack/resources/v1/BadgeResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/BadgeResourceTest.java @@ -20,13 +20,12 @@ import alpine.model.IConfigProperty; import alpine.server.filters.ApiFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Project; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.ws.rs.core.Response; @@ -41,13 +40,10 @@ public class BadgeResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(BadgeResource.class) - .register(ApiFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(BadgeResource.class) + .register(ApiFilter.class)); @Override public void before() throws Exception { @@ -58,7 +54,7 @@ public void before() throws Exception { @Test public void projectVulnerabilitiesByUuidTest() { Project project = qm.createProject("Acme Example", null, "1.0.0", null, null, null, true, false); - Response response = target(V1_BADGE + "/vulns/project/" + project.getUuid()).request() + Response response = jersey.target(V1_BADGE + "/vulns/project/" + project.getUuid()).request() .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals("image/svg+xml", response.getHeaderString("Content-Type")); @@ -68,14 +64,14 @@ public void projectVulnerabilitiesByUuidTest() { @Test public void projectVulnerabilitiesByUuidProjectDisabledTest() { disableBadge(); - Response response = target(V1_BADGE + "/vulns/project/" + UUID.randomUUID()).request() + Response response = jersey.target(V1_BADGE + "/vulns/project/" + UUID.randomUUID()).request() .get(Response.class); Assert.assertEquals(204, response.getStatus(), 0); } @Test public void projectVulnerabilitiesByUuidProjectNotFoundTest() { - Response response = target(V1_BADGE + "/vulns/project/" + UUID.randomUUID()).request() + Response response = jersey.target(V1_BADGE + "/vulns/project/" + UUID.randomUUID()).request() .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); } @@ -83,7 +79,7 @@ public void projectVulnerabilitiesByUuidProjectNotFoundTest() { @Test public void projectVulnerabilitiesByNameAndVersionTest() { qm.createProject("Acme Example", null, "1.0.0", null, null, null, true, false); - Response response = target(V1_BADGE + "/vulns/project/Acme%20Example/1.0.0").request() + Response response = jersey.target(V1_BADGE + "/vulns/project/Acme%20Example/1.0.0").request() .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals("image/svg+xml", response.getHeaderString("Content-Type")); @@ -93,14 +89,14 @@ public void projectVulnerabilitiesByNameAndVersionTest() { @Test public void projectVulnerabilitiesByNameAndVersionDisabledTest() { disableBadge(); - Response response = target(V1_BADGE + "/vulns/project/ProjectNameDoesNotExist/1.0.0").request() + Response response = jersey.target(V1_BADGE + "/vulns/project/ProjectNameDoesNotExist/1.0.0").request() .get(Response.class); Assert.assertEquals(204, response.getStatus(), 0); } @Test public void projectVulnerabilitiesByNameAndVersionProjectNotFoundTest() { - Response response = target(V1_BADGE + "/vulns/project/ProjectNameDoesNotExist/1.0.0").request() + Response response = jersey.target(V1_BADGE + "/vulns/project/ProjectNameDoesNotExist/1.0.0").request() .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); } @@ -108,7 +104,7 @@ public void projectVulnerabilitiesByNameAndVersionProjectNotFoundTest() { @Test public void projectVulnerabilitiesByNameAndVersionVersionNotFoundTest() { qm.createProject("Acme Example", null, "1.0.0", null, null, null, true, false); - Response response = target(V1_BADGE + "/vulns/project/Acme%20Example/1.2.0").request() + Response response = jersey.target(V1_BADGE + "/vulns/project/Acme%20Example/1.2.0").request() .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); } @@ -116,7 +112,7 @@ public void projectVulnerabilitiesByNameAndVersionVersionNotFoundTest() { @Test public void projectPolicyViolationsByUuidTest() { Project project = qm.createProject("Acme Example", null, "1.0.0", null, null, null, true, false); - Response response = target(V1_BADGE + "/violations/project/" + project.getUuid()).request() + Response response = jersey.target(V1_BADGE + "/violations/project/" + project.getUuid()).request() .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals("image/svg+xml", response.getHeaderString("Content-Type")); @@ -126,14 +122,14 @@ public void projectPolicyViolationsByUuidTest() { @Test public void projectPolicyViolationsByUuidProjectDisabledTest() { disableBadge(); - Response response = target(V1_BADGE + "/violations/project/" + UUID.randomUUID()).request() + Response response = jersey.target(V1_BADGE + "/violations/project/" + UUID.randomUUID()).request() .get(Response.class); Assert.assertEquals(204, response.getStatus(), 0); } @Test public void projectPolicyViolationsByUuidProjectNotFoundTest() { - Response response = target(V1_BADGE + "/violations/project/" + UUID.randomUUID()).request() + Response response = jersey.target(V1_BADGE + "/violations/project/" + UUID.randomUUID()).request() .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); } @@ -141,7 +137,7 @@ public void projectPolicyViolationsByUuidProjectNotFoundTest() { @Test public void projectPolicyViolationsByNameAndVersionTest() { qm.createProject("Acme Example", null, "1.0.0", null, null, null, true, false); - Response response = target(V1_BADGE + "/violations/project/Acme%20Example/1.0.0").request() + Response response = jersey.target(V1_BADGE + "/violations/project/Acme%20Example/1.0.0").request() .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals("image/svg+xml", response.getHeaderString("Content-Type")); @@ -151,14 +147,14 @@ public void projectPolicyViolationsByNameAndVersionTest() { @Test public void projectPolicyViolationsByNameAndVersionDisabledTest() { disableBadge(); - Response response = target(V1_BADGE + "/violations/project/ProjectNameDoesNotExist/1.0.0").request() + Response response = jersey.target(V1_BADGE + "/violations/project/ProjectNameDoesNotExist/1.0.0").request() .get(Response.class); Assert.assertEquals(204, response.getStatus(), 0); } @Test public void projectPolicyViolationsByNameAndVersionProjectNotFoundTest() { - Response response = target(V1_BADGE + "/violations/project/ProjectNameDoesNotExist/1.0.0").request() + Response response = jersey.target(V1_BADGE + "/violations/project/ProjectNameDoesNotExist/1.0.0").request() .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); } @@ -166,7 +162,7 @@ public void projectPolicyViolationsByNameAndVersionProjectNotFoundTest() { @Test public void projectPolicyViolationsByNameAndVersionVersionNotFoundTest() { qm.createProject("Acme Example", null, "1.0.0", null, null, null, true, false); - Response response = target(V1_BADGE + "/violations/project/Acme%20Example/1.2.0").request() + Response response = jersey.target(V1_BADGE + "/violations/project/Acme%20Example/1.2.0").request() .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); } diff --git a/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java index ab165db7f4..1258943ad4 100644 --- a/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java @@ -24,6 +24,7 @@ import alpine.server.filters.AuthenticationFilter; import com.fasterxml.jackson.core.StreamReadConstraints; import org.apache.http.HttpStatus; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.auth.Permissions; import org.dependencytrack.model.AnalysisResponse; @@ -44,10 +45,8 @@ import org.dependencytrack.tasks.scanners.AnalyzerIdentity; import org.glassfish.jersey.media.multipart.MultiPartFeature; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonObject; @@ -63,21 +62,18 @@ import static org.apache.commons.io.IOUtils.resourceToByteArray; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatNoException; -import static org.hamcrest.CoreMatchers.equalTo; import static org.dependencytrack.model.ConfigPropertyConstants.BOM_VALIDATION_ENABLED; +import static org.hamcrest.CoreMatchers.equalTo; public class BomResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(BomResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class) - .register(MultiPartFeature.class) - .register(JsonMappingExceptionMapper.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(BomResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class) + .register(MultiPartFeature.class) + .register(JsonMappingExceptionMapper.class)); @Test public void exportProjectAsCycloneDxTest() { @@ -87,7 +83,7 @@ public void exportProjectAsCycloneDxTest() { c.setName("sample-component"); c.setVersion("1.0"); Component component = qm.createComponent(c, false); - Response response = target(V1_BOM + "/cyclonedx/project/" + project.getUuid()).request() + Response response = jersey.target(V1_BOM + "/cyclonedx/project/" + project.getUuid()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -98,7 +94,7 @@ public void exportProjectAsCycloneDxTest() { @Test public void exportProjectAsCycloneDxInvalidTest() { - Response response = target(V1_BOM + "/cyclonedx/project/" + UUID.randomUUID()).request() + Response response = jersey.target(V1_BOM + "/cyclonedx/project/" + UUID.randomUUID()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -202,7 +198,7 @@ public void exportProjectAsCycloneDxInventoryTest() { )); qm.persist(project); - final Response response = target(V1_BOM + "/cyclonedx/project/" + project.getUuid()) + final Response response = jersey.target(V1_BOM + "/cyclonedx/project/" + project.getUuid()) .queryParam("variant", "inventory") .request() .header(X_API_KEY, apiKey) @@ -374,7 +370,7 @@ public void exportProjectAsCycloneDxInventoryWithVulnerabilitiesTest() { )); qm.persist(project); - final Response response = target(V1_BOM + "/cyclonedx/project/" + project.getUuid()) + final Response response = jersey.target(V1_BOM + "/cyclonedx/project/" + project.getUuid()) .queryParam("variant", "withVulnerabilities") .request() .header(X_API_KEY, apiKey) @@ -568,7 +564,7 @@ public void exportProjectAsCycloneDxVdrTest() { )); qm.persist(project); - final Response response = target(V1_BOM + "/cyclonedx/project/" + project.getUuid()) + final Response response = jersey.target(V1_BOM + "/cyclonedx/project/" + project.getUuid()) .queryParam("variant", "vdr") .request() .header(X_API_KEY, apiKey) @@ -705,7 +701,7 @@ public void exportComponentAsCycloneDx() { c.setName("sample-component"); c.setVersion("1.0"); Component component = qm.createComponent(c, false); - Response response = target(V1_BOM + "/cyclonedx/component/" + component.getUuid()).request() + Response response = jersey.target(V1_BOM + "/cyclonedx/component/" + component.getUuid()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -716,7 +712,7 @@ public void exportComponentAsCycloneDx() { @Test public void exportComponentAsCycloneDxInvalid() { - Response response = target(V1_BOM + "/cyclonedx/component/" + UUID.randomUUID()).request() + Response response = jersey.target(V1_BOM + "/cyclonedx/component/" + UUID.randomUUID()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -731,7 +727,7 @@ public void uploadBomTest() throws Exception { Project project = qm.createProject("Acme Example", null, "1.0", null, null, null, true, false); String bomString = Base64.getEncoder().encodeToString(resourceToByteArray("/unit/bom-1.xml")); BomSubmitRequest request = new BomSubmitRequest(project.getUuid().toString(), null, null, false, bomString); - Response response = target(V1_BOM).request() + Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -746,7 +742,7 @@ public void uploadBomInvalidProjectTest() throws Exception { initializeWithPermissions(Permissions.BOM_UPLOAD); String bomString = Base64.getEncoder().encodeToString(resourceToByteArray("/unit/bom-1.xml")); BomSubmitRequest request = new BomSubmitRequest(UUID.randomUUID().toString(), null, null, false, bomString); - Response response = target(V1_BOM).request() + Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -760,7 +756,7 @@ public void uploadBomAutoCreateTest() throws Exception { initializeWithPermissions(Permissions.BOM_UPLOAD, Permissions.PROJECT_CREATION_UPLOAD); String bomString = Base64.getEncoder().encodeToString(resourceToByteArray("/unit/bom-1.xml")); BomSubmitRequest request = new BomSubmitRequest(null, "Acme Example", "1.0", true, bomString); - Response response = target(V1_BOM).request() + Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -776,7 +772,7 @@ public void uploadBomAutoCreateTest() throws Exception { public void uploadBomUnauthorizedTest() throws Exception { String bomString = Base64.getEncoder().encodeToString(resourceToByteArray("/unit/bom-1.xml")); BomSubmitRequest request = new BomSubmitRequest(null, "Acme Example", "1.0", true, bomString); - Response response = target(V1_BOM).request() + Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(401, response.getStatus(), 0); @@ -790,7 +786,7 @@ public void uploadBomAutoCreateTestWithParentTest() throws Exception { String bomString = Base64.getEncoder().encodeToString(resourceToByteArray("/unit/bom-1.xml")); // Upload parent project BomSubmitRequest request = new BomSubmitRequest(null, "Acme Parent", "1.0", true, bomString); - Response response = target(V1_BOM).request() + Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -802,7 +798,7 @@ public void uploadBomAutoCreateTestWithParentTest() throws Exception { // Upload first child, search parent by UUID request = new BomSubmitRequest(null, "Acme Example", "1.0", true, parentUUID, null, null, bomString); - response = target(V1_BOM).request() + response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -818,7 +814,7 @@ public void uploadBomAutoCreateTestWithParentTest() throws Exception { // Upload second child, search parent by name+ver request = new BomSubmitRequest(null, "Acme Example", "2.0", true, null, "Acme Parent", "1.0", bomString); - response = target(V1_BOM).request() + response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -833,7 +829,7 @@ public void uploadBomAutoCreateTestWithParentTest() throws Exception { // Upload third child, specify parent's UUID, name, ver. Name and ver are ignored when UUID is specified. request = new BomSubmitRequest(null, "Acme Example", "3.0", true, parentUUID, "Non-existent parent", "1.0", bomString); - response = target(V1_BOM).request() + response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -852,7 +848,7 @@ public void uploadBomInvalidParentTest() throws Exception { initializeWithPermissions(Permissions.BOM_UPLOAD, Permissions.PROJECT_CREATION_UPLOAD); String bomString = Base64.getEncoder().encodeToString(resourceToByteArray("/unit/bom-1.xml")); BomSubmitRequest request = new BomSubmitRequest(null, "Acme Example", "1.0", true, UUID.randomUUID().toString(), null, null, bomString); - Response response = target(V1_BOM).request() + Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -860,7 +856,7 @@ public void uploadBomInvalidParentTest() throws Exception { Assert.assertEquals("The parent component could not be found.", body); request = new BomSubmitRequest(null, "Acme Example", "2.0", true, null, "Non-existent parent", null, bomString); - response = target(V1_BOM).request() + response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -901,7 +897,7 @@ public void uploadBomInvalidJsonTest() { } """.getBytes()); - final Response response = target(V1_BOM).request() + final Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -953,7 +949,7 @@ public void uploadBomInvalidXmlTest() { """.getBytes()); - final Response response = target(V1_BOM).request() + final Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -988,7 +984,7 @@ public void uploadBomTooLargeViaPutTest() { final String bom = "a".repeat(StreamReadConstraints.DEFAULT_MAX_STRING_LEN + 1); - final Response response = target(V1_BOM).request() + final Response response = jersey.target(V1_BOM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { diff --git a/src/test/java/org/dependencytrack/resources/v1/CalculatorResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/CalculatorResourceTest.java index d1032a2a50..07ffdd7a23 100644 --- a/src/test/java/org/dependencytrack/resources/v1/CalculatorResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/CalculatorResourceTest.java @@ -20,12 +20,11 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import us.springett.owasp.riskrating.Level; @@ -34,18 +33,15 @@ public class CalculatorResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(CalculatorResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(CalculatorResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getCvssScoresV3Test() { - Response response = target(V1_CALCULATOR + "/cvss") + Response response = jersey.target(V1_CALCULATOR + "/cvss") .queryParam("vector", "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H") .request() .header(X_API_KEY, apiKey) @@ -61,7 +57,7 @@ public void getCvssScoresV3Test() { @Test public void getCvssScoresV2Test() { - Response response = target(V1_CALCULATOR + "/cvss") + Response response = jersey.target(V1_CALCULATOR + "/cvss") .queryParam("vector", "(AV:N/AC:L/Au:N/C:P/I:P/A:P)") .request() .header(X_API_KEY, apiKey) @@ -77,7 +73,7 @@ public void getCvssScoresV2Test() { @Test public void getCvssScoresInvalidTest() { - Response response = target(V1_CALCULATOR + "/cvss") + Response response = jersey.target(V1_CALCULATOR + "/cvss") .queryParam("vector", "foobar") .request() .header(X_API_KEY, apiKey) @@ -90,7 +86,7 @@ public void getCvssScoresInvalidTest() { @Test public void getOwaspRRScoresTest() { - Response response = target(V1_CALCULATOR + "/owasp") + Response response = jersey.target(V1_CALCULATOR + "/owasp") .queryParam("vector", "SL:1/M:1/O:0/S:2/ED:1/EE:1/A:1/ID:1/LC:2/LI:1/LAV:1/LAC:1/FD:1/RD:1/NC:2/PV:3") .request() .header(X_API_KEY, apiKey) @@ -109,7 +105,7 @@ public void getOwaspRRScoresTest() { @Test public void getOwaspScoresInvalidTest() { - Response response = target(V1_CALCULATOR + "/owasp") + Response response = jersey.target(V1_CALCULATOR + "/owasp") .queryParam("vector", "foobar") .request() .header(X_API_KEY, apiKey) diff --git a/src/test/java/org/dependencytrack/resources/v1/ComponentPropertyResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ComponentPropertyResourceTest.java index 9756832a42..e5f3910d21 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ComponentPropertyResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ComponentPropertyResourceTest.java @@ -21,14 +21,13 @@ import alpine.model.IConfigProperty.PropertyType; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.ComponentProperty; import org.dependencytrack.model.Project; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.ws.rs.client.Entity; @@ -42,14 +41,11 @@ public class ComponentPropertyResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(ComponentPropertyResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(ComponentPropertyResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getPropertiesTest() { @@ -80,7 +76,7 @@ public void getPropertiesTest() { propertyB.setDescription("qux-b"); qm.persist(propertyB); - final Response response = target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() + final Response response = jersey.target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() .header(X_API_KEY, apiKey) .get(); @@ -113,7 +109,7 @@ public void getPropertiesTest() { @Test public void getPropertiesInvalidTest() { - final Response response = target("%s/%s/property".formatted(V1_COMPONENT, UUID.randomUUID())).request() + final Response response = jersey.target("%s/%s/property".formatted(V1_COMPONENT, UUID.randomUUID())).request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -133,7 +129,7 @@ public void createPropertyTest() { component.setName("acme-lib"); qm.persist(component); - final Response response = target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() + final Response response = jersey.target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -170,7 +166,7 @@ public void createPropertyWithoutGroupTest() { component.setName("acme-lib"); qm.persist(component); - final Response response = target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() + final Response response = jersey.target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -213,7 +209,7 @@ public void createPropertyDuplicateTest() { property.setPropertyType(PropertyType.STRING); qm.persist(property); - final Response response = target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() + final Response response = jersey.target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -242,7 +238,7 @@ public void createPropertyDisallowedPropertyTypeTest() { component.setName("acme-lib"); qm.persist(component); - final Response response = target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() + final Response response = jersey.target("%s/%s/property".formatted(V1_COMPONENT, component.getUuid())).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -279,7 +275,7 @@ public void createPropertyComponentNotFoundTest() { component.setName("acme-lib"); qm.persist(component); - final Response response = target("%s/%s/property".formatted(V1_COMPONENT, UUID.randomUUID())).request() + final Response response = jersey.target("%s/%s/property".formatted(V1_COMPONENT, UUID.randomUUID())).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -315,7 +311,7 @@ public void deletePropertyTest() { property.setPropertyType(PropertyType.STRING); qm.persist(property); - final Response response = target("%s/%s/property/%s".formatted(V1_COMPONENT, component.getUuid(), property.getUuid())).request() + final Response response = jersey.target("%s/%s/property/%s".formatted(V1_COMPONENT, component.getUuid(), property.getUuid())).request() .header(X_API_KEY, apiKey) .delete(); diff --git a/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java index b3aa3a6d06..bfa2d17f3d 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ComponentResourceTest.java @@ -24,6 +24,7 @@ import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; import org.apache.http.HttpStatus; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.ConfigPropertyConstants; @@ -31,10 +32,8 @@ import org.dependencytrack.model.RepositoryMetaComponent; import org.dependencytrack.model.RepositoryType; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -52,18 +51,15 @@ public class ComponentResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(ComponentResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(ComponentResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getComponentsDefaultRequestTest() { - Response response = target(V1_COMPONENT).request() + Response response = jersey.target(V1_COMPONENT).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(405, response.getStatus()); // No longer prohibited in DT 4.0+ @@ -125,7 +121,7 @@ private Project prepareProject() throws MalformedPackageURLException { public void getOutdatedComponentsTest() throws MalformedPackageURLException { final Project project = prepareProject(); - final Response response = target(V1_COMPONENT + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid()) .queryParam("onlyOutdated", true) .queryParam("onlyDirect", false) .request() @@ -142,7 +138,7 @@ public void getOutdatedComponentsTest() throws MalformedPackageURLException { public void getOutdatedDirectComponentsTest() throws MalformedPackageURLException { final Project project = prepareProject(); - final Response response = target(V1_COMPONENT + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid()) .queryParam("onlyOutdated", true) .queryParam("onlyDirect", true) .request() @@ -159,7 +155,7 @@ public void getOutdatedDirectComponentsTest() throws MalformedPackageURLExceptio public void getAllComponentsTest() throws MalformedPackageURLException { final Project project = prepareProject(); - final Response response = target(V1_COMPONENT + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -174,7 +170,7 @@ public void getAllComponentsTest() throws MalformedPackageURLException { public void getAllDirectComponentsTest() throws MalformedPackageURLException { final Project project = prepareProject(); - final Response response = target(V1_COMPONENT + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid()) .queryParam("onlyDirect", true) .request() .header(X_API_KEY, apiKey) @@ -193,7 +189,7 @@ public void getComponentByUuidTest() { component.setProject(project); component.setName("ABC"); component = qm.createComponent(component, false); - Response response = target(V1_COMPONENT + "/" + component.getUuid()) + Response response = jersey.target(V1_COMPONENT + "/" + component.getUuid()) .request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertNull(response.getHeaderString(TOTAL_COUNT_HEADER)); @@ -204,7 +200,7 @@ public void getComponentByUuidTest() { @Test public void getComponentByInvalidUuidTest() { - Response response = target(V1_COMPONENT + "/" + UUID.randomUUID()) + Response response = jersey.target(V1_COMPONENT + "/" + UUID.randomUUID()) .request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); Assert.assertNull(response.getHeaderString(TOTAL_COUNT_HEADER)); @@ -228,7 +224,7 @@ public void getComponentByUuidWithRepositoryMetaDataTest() { meta.setRepositoryType(RepositoryType.MAVEN); qm.persist(meta); component = qm.createComponent(component, false); - Response response = target(V1_COMPONENT + "/" + component.getUuid()) + Response response = jersey.target(V1_COMPONENT + "/" + component.getUuid()) .queryParam("includeRepositoryMetaData", true) .request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -265,7 +261,7 @@ public void getComponentByIdentityWithCoordinatesTest() { componentA.setPurl("pkg:maven/groupB/nameB@versionB?baz=qux"); componentB = qm.createComponent(componentB, false); - final Response response = target(V1_COMPONENT + "/identity") + final Response response = jersey.target(V1_COMPONENT + "/identity") .queryParam("group", "groupB") .queryParam("name", "nameB") .queryParam("version", "versionB") @@ -305,7 +301,7 @@ public void getComponentByIdentityWithPurlTest() { componentB.setPurl("pkg:maven/groupB/nameB@versionB?baz=qux"); componentB = qm.createComponent(componentB, false); - final Response response = target(V1_COMPONENT + "/identity") + final Response response = jersey.target(V1_COMPONENT + "/identity") .queryParam("purl", "pkg:maven/groupB/nameB@versionB") .request() .header(X_API_KEY, apiKey) @@ -343,7 +339,7 @@ public void getComponentByIdentityWithCpeTest() { componentB.setPurl("pkg:maven/groupB/nameB@versionB?baz=qux"); componentB = qm.createComponent(componentB, false); - final Response response = target(V1_COMPONENT + "/identity") + final Response response = jersey.target(V1_COMPONENT + "/identity") .queryParam("cpe", "cpe:2.3:a:groupB:nameB:versionB") .request() .header(X_API_KEY, apiKey) @@ -379,7 +375,7 @@ public void getComponentByIdentityWithProjectTest() { componentB.setPurl("pkg:maven/group/name@version?foo=bar"); componentB = qm.createComponent(componentB, false); - final Response response = target(V1_COMPONENT + "/identity") + final Response response = jersey.target(V1_COMPONENT + "/identity") .queryParam("purl", "pkg:maven/group/name@version") .queryParam("project", projectB.getUuid().toString()) .request() @@ -398,7 +394,7 @@ public void getComponentByIdentityWithProjectTest() { @Test public void getComponentByIdentityWithProjectWhenProjectDoesNotExistTest() { - final Response response = target(V1_COMPONENT + "/identity") + final Response response = jersey.target(V1_COMPONENT + "/identity") .queryParam("purl", "pkg:maven/group/name@version") .queryParam("project", UUID.randomUUID()) .request() @@ -417,7 +413,7 @@ public void getComponentByHashTest() { component.setName("ABC"); component.setSha1("da39a3ee5e6b4b0d3255bfef95601890afd80709"); component = qm.createComponent(component, false); - Response response = target(V1_COMPONENT + "/hash/" + component.getSha1()) + Response response = jersey.target(V1_COMPONENT + "/hash/" + component.getSha1()) .request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals(response.getHeaderString(TOTAL_COUNT_HEADER), "1"); @@ -428,7 +424,7 @@ public void getComponentByHashTest() { @Test public void getComponentByInvalidHashTest() { - Response response = target(V1_COMPONENT + "/hash/c5a8829aa3da800216b933e265dd0b97eb6f9341") + Response response = jersey.target(V1_COMPONENT + "/hash/c5a8829aa3da800216b933e265dd0b97eb6f9341") .request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals(response.getHeaderString(TOTAL_COUNT_HEADER), "0"); @@ -459,7 +455,7 @@ public void getComponentByHashWithAclTest() { component.setSha1("da39a3ee5e6b4b0d3255bfef95601890afd80709"); qm.persist(component); - final Response response = target("%s/hash/%s".formatted(V1_COMPONENT, component.getSha1())) + final Response response = jersey.target("%s/hash/%s".formatted(V1_COMPONENT, component.getSha1())) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -477,7 +473,7 @@ public void createComponentTest() { component.setProject(project); component.setName("My Component"); component.setVersion("1.0"); - Response response = target(V1_COMPONENT + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .put(Entity.entity(component, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -503,7 +499,7 @@ public void createComponentUpperCaseHashTest() { component.setSha512("c6ee9e33cf5c6715a1d148fd73f7318884b41adcb916021e2bc0e800a5c5dd97f5142178f6ae88c8fdd98e1afb0ce4c8d2c54b5f37b30b7da1997bb33b0b8a31".toUpperCase()); component.setSha3_512("301bb421c971fbb7ed01dcc3a9976ce53df034022ba982b97d0f27d48c4f03883aabf7c6bc778aa7c383062f6823045a6d41b8a720afbb8a9607690f89fbe1a7".toUpperCase()); component.setMd5("0cbc6611f5540bd0809a388dc95a615b".toUpperCase()); - Response response = target(V1_COMPONENT + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .put(Entity.entity(component, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -531,7 +527,7 @@ public void updateComponentTest() { component.setVersion("1.0"); component = qm.createComponent(component, false); component.setDescription("Test component"); - Response response = target(V1_COMPONENT).request() + Response response = jersey.target(V1_COMPONENT).request() .header(X_API_KEY, apiKey) .post(Entity.entity(component, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -551,7 +547,7 @@ public void updateComponentEmptyNameTest() { component.setVersion("1.0"); component = qm.createComponent(component, false); component.setName(" "); - Response response = target(V1_COMPONENT).request() + Response response = jersey.target(V1_COMPONENT).request() .header(X_API_KEY, apiKey) .post(Entity.entity(component, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -574,7 +570,7 @@ public void updateComponentInvalidLicenseExpressionTest() { jsonComponent.setVersion("1.0.0"); jsonComponent.setLicenseExpression("(invalid"); - final Response response = target(V1_COMPONENT).request() + final Response response = jersey.target(V1_COMPONENT).request() .header(X_API_KEY, apiKey) .post(Entity.entity(""" { @@ -607,7 +603,7 @@ public void deleteComponentTest() { component.setName("My Component"); component.setVersion("1.0"); component = qm.createComponent(component, false); - Response response = target(V1_COMPONENT + "/" + component.getUuid().toString()) + Response response = jersey.target(V1_COMPONENT + "/" + component.getUuid().toString()) .request().header(X_API_KEY, apiKey).delete(); Assert.assertEquals(204, response.getStatus(), 0); } @@ -620,14 +616,14 @@ public void deleteComponentInvalidUuidTest() { component.setName("My Component"); component.setVersion("1.0"); qm.createComponent(component, false); - Response response = target(V1_COMPONENT + "/" + UUID.randomUUID()) + Response response = jersey.target(V1_COMPONENT + "/" + UUID.randomUUID()) .request().header(X_API_KEY, apiKey).delete(); Assert.assertEquals(404, response.getStatus(), 0); } @Test public void internalComponentIdentificationTest() { - Response response = target(V1_COMPONENT + "/internal/identify") + Response response = jersey.target(V1_COMPONENT + "/internal/identify") .request().header(X_API_KEY, apiKey).get(); Assert.assertEquals(204, response.getStatus(), 0); } @@ -678,7 +674,7 @@ public void getDependencyGraphForComponentTest() { component2_1.setDirectDependencies("[{\"uuid\":\"" + component2_1_1.getUuid() + "\"}]"); component2_1_1.setDirectDependencies("[{\"uuid\":\"" + component2_1_1_1.getUuid() + "\"}]"); - Response response = target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + component1_1_1.getUuid()) + Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + component1_1_1.getUuid()) .request().header(X_API_KEY, apiKey).get(); JsonObject json = parseJsonObject(response); Assert.assertEquals(200, response.getStatus(), 0); @@ -744,7 +740,7 @@ public void getDependencyGraphForComponentTestWithRepositoryMetaData() { component1.setDirectDependencies("[{\"uuid\":\"" + component1_1.getUuid() + "\"}]"); component1_1.setDirectDependencies("[{\"uuid\":\"" + component1_1_1.getUuid() + "\"}]"); - Response response = target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + component1_1_1.getUuid()) + Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + component1_1_1.getUuid()) .request().header(X_API_KEY, apiKey).get(); JsonObject json = parseJsonObject(response); Assert.assertEquals(200, response.getStatus(), 0); @@ -765,7 +761,7 @@ public void getDependencyGraphForComponentInvalidProjectUuidTest() { component.setName("My Component"); component.setVersion("1.0"); component = qm.createComponent(component, false); - Response response = target(V1_COMPONENT + "/project/" + UUID.randomUUID() + "/dependencyGraph/" + component.getUuid()) + Response response = jersey.target(V1_COMPONENT + "/project/" + UUID.randomUUID() + "/dependencyGraph/" + component.getUuid()) .request().header(X_API_KEY, apiKey).get(); Assert.assertEquals(404, response.getStatus(), 0); } @@ -773,7 +769,7 @@ public void getDependencyGraphForComponentInvalidProjectUuidTest() { @Test public void getDependencyGraphForComponentInvalidComponentUuidTest() { Project project = qm.createProject("Acme Application", null, null, null, null, null, true, false); - Response response = target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + UUID.randomUUID()) + Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + UUID.randomUUID()) .request().header(X_API_KEY, apiKey).get(); Assert.assertEquals(404, response.getStatus(), 0); } @@ -786,7 +782,7 @@ public void getDependencyGraphForComponentNoDependencyGraphTest() { component.setName("My Component"); component.setVersion("1.0"); component = qm.createComponent(component, false); - Response response = target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + component.getUuid()) + Response response = jersey.target(V1_COMPONENT + "/project/" + project.getUuid() + "/dependencyGraph/" + component.getUuid()) .request().header(X_API_KEY, apiKey).get(); JsonObject json = parseJsonObject(response); Assert.assertEquals(200, response.getStatus(), 0); @@ -803,12 +799,12 @@ public void getDependencyGraphForComponentIsNotComponentOfProject() { component = qm.createComponent(component, false); projectWithComponent.setDirectDependencies("[{\"uuid\":\"" + component.getUuid() + "\"}]"); Project projectWithoutComponent = qm.createProject("Acme Library", null, null, null, null, null, true, false); - Response responseWithComponent = target(V1_COMPONENT + "/project/" + projectWithComponent.getUuid() + "/dependencyGraph/" + component.getUuid()) + Response responseWithComponent = jersey.target(V1_COMPONENT + "/project/" + projectWithComponent.getUuid() + "/dependencyGraph/" + component.getUuid()) .request().header(X_API_KEY, apiKey).get(); JsonObject jsonWithComponent = parseJsonObject(responseWithComponent); Assert.assertEquals(200, responseWithComponent.getStatus(), 0); Assert.assertEquals(1, jsonWithComponent.size()); - Response responseWithoutComponent = target(V1_COMPONENT + "/project/" + projectWithoutComponent.getUuid() + "/dependencyGraph/" + component.getUuid()) + Response responseWithoutComponent = jersey.target(V1_COMPONENT + "/project/" + projectWithoutComponent.getUuid() + "/dependencyGraph/" + component.getUuid()) .request().header(X_API_KEY, apiKey).get(); JsonObject jsonWithoutComponent = parseJsonObject(responseWithoutComponent); Assert.assertEquals(200, responseWithoutComponent.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/ConfigPropertyResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ConfigPropertyResourceTest.java index 30e140970a..516a7a3577 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ConfigPropertyResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ConfigPropertyResourceTest.java @@ -18,17 +18,16 @@ */ package org.dependencytrack.resources.v1; -import alpine.server.filters.ApiFilter; -import alpine.server.filters.AuthenticationFilter; import alpine.model.ConfigProperty; import alpine.model.IConfigProperty; +import alpine.server.filters.ApiFilter; +import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.ConfigPropertyConstants; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -40,21 +39,18 @@ public class ConfigPropertyResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(ConfigPropertyResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(ConfigPropertyResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getConfigPropertiesTest() { qm.createConfigProperty("my.group", "my.string", "ABC", IConfigProperty.PropertyType.STRING, "A string"); qm.createConfigProperty("my.group", "my.integer", "1", IConfigProperty.PropertyType.INTEGER, "A integer"); qm.createConfigProperty("my.group", "my.password", "password", IConfigProperty.PropertyType.ENCRYPTEDSTRING, "A password"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -83,7 +79,7 @@ public void updateConfigPropertyStringTest() { ConfigProperty property = qm.createConfigProperty("my.group", "my.string", "ABC", IConfigProperty.PropertyType.STRING, "A string"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("DEF"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -101,7 +97,7 @@ public void updateConfigPropertyBooleanTest() { ConfigProperty property = qm.createConfigProperty("my.group", "my.boolean", "false", IConfigProperty.PropertyType.BOOLEAN, "A boolean"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("true"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -119,7 +115,7 @@ public void updateConfigPropertyNumberTest() { ConfigProperty property = qm.createConfigProperty("my.group", "my.number", "7.75", IConfigProperty.PropertyType.NUMBER, "A number"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("5.50"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -137,7 +133,7 @@ public void updateBadTaskSchedulerCadenceConfigPropertyTest() { ConfigProperty property = qm.createConfigProperty(ConfigPropertyConstants.TASK_SCHEDULER_LDAP_SYNC_CADENCE.getGroupName(), "my.cadence", "24", IConfigProperty.PropertyType.INTEGER, "A cadence"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("-2"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -150,7 +146,7 @@ public void updateBadIndexConsistencyThresholdConfigPropertyTest() { ConfigProperty property = qm.createConfigProperty(ConfigPropertyConstants.SEARCH_INDEXES_CONSISTENCY_CHECK_DELTA_THRESHOLD.getGroupName(), ConfigPropertyConstants.SEARCH_INDEXES_CONSISTENCY_CHECK_DELTA_THRESHOLD.getPropertyName(), "24", IConfigProperty.PropertyType.INTEGER, ConfigPropertyConstants.SEARCH_INDEXES_CONSISTENCY_CHECK_DELTA_THRESHOLD.getDescription()); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("-1"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -163,7 +159,7 @@ public void updateConfigPropertyUrlTest() { ConfigProperty property = qm.createConfigProperty("my.group", "my.url", "http://localhost", IConfigProperty.PropertyType.URL, "A url"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("http://localhost/path"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -181,7 +177,7 @@ public void updateConfigPropertyUuidTest() { ConfigProperty property = qm.createConfigProperty("my.group", "my.uuid", "a496cabc-749d-4751-b9e5-3b49b656d018", IConfigProperty.PropertyType.UUID, "A uuid"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("fe03c401-b5a1-4b86-bc3b-1b7a68f0f78d"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -199,7 +195,7 @@ public void updateConfigPropertyEncryptedStringTest() { ConfigProperty property = qm.createConfigProperty("my.group", "my.encryptedString", "aaaaa", IConfigProperty.PropertyType.ENCRYPTEDSTRING, "A encrypted string"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("bbbbb"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -224,7 +220,7 @@ public void updateConfigPropertiesAggregateTest() { prop4 = qm.detach(ConfigProperty.class, prop4.getId()); prop3.setPropertyValue("XYZ"); prop4.setPropertyValue("-2"); - Response response = target(V1_CONFIG_PROPERTY+"/aggregate").request() + Response response = jersey.target(V1_CONFIG_PROPERTY+"/aggregate").request() .header(X_API_KEY, apiKey) .post(Entity.entity(Arrays.asList(prop1, prop2, prop3, prop4), MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -245,7 +241,7 @@ public void updateConfigPropertyOsvEcosystemTest() { ConfigProperty property = qm.createConfigProperty("my.group", ConfigPropertyConstants.VULNERABILITY_SOURCE_GOOGLE_OSV_ENABLED.getPropertyName(), "maven;npm;maven", IConfigProperty.PropertyType.STRING, "List of ecosystems"); ConfigProperty request = qm.detach(ConfigProperty.class, property.getId()); request.setPropertyValue("maven;npm;maven"); - Response response = target(V1_CONFIG_PROPERTY).request() + Response response = jersey.target(V1_CONFIG_PROPERTY).request() .header(X_API_KEY, apiKey) .post(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/CweResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/CweResourceTest.java index af02631aad..4feeb8542f 100644 --- a/src/test/java/org/dependencytrack/resources/v1/CweResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/CweResourceTest.java @@ -20,12 +20,11 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -34,18 +33,15 @@ public class CweResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(CweResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(CweResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getCwesTest() { - Response response = target(V1_CWE).request() + Response response = jersey.target(V1_CWE).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -59,7 +55,7 @@ public void getCwesTest() { @Test public void getCweTest() { - Response response = target(V1_CWE + "/79").request() + Response response = jersey.target(V1_CWE + "/79").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/DependencyGraphResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/DependencyGraphResourceTest.java index 2d4f7b9832..5ea6a06a32 100644 --- a/src/test/java/org/dependencytrack/resources/v1/DependencyGraphResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/DependencyGraphResourceTest.java @@ -21,21 +21,23 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; -import com.github.packageurl.PackageURL; import net.javacrumbs.jsonunit.core.Option; import org.apache.http.HttpStatus; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; -import org.dependencytrack.model.*; +import org.dependencytrack.model.Component; +import org.dependencytrack.model.ComponentIdentity; +import org.dependencytrack.model.Project; +import org.dependencytrack.model.RepositoryMetaComponent; +import org.dependencytrack.model.RepositoryType; +import org.dependencytrack.model.ServiceComponent; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.json.JSONArray; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; import javax.ws.rs.core.Response; - import java.util.ArrayList; import java.util.Date; import java.util.List; @@ -47,15 +49,11 @@ public class DependencyGraphResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(DependencyGraphResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } - + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(DependencyGraphResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getComponentsAndServicesByComponentUuidTests() { @@ -91,7 +89,7 @@ public void getComponentsAndServicesByComponentUuidTests() { jsonArray.put(new ComponentIdentity(component).toJSON()); } - for(ServiceComponent serviceComponent : serviceComponents) { + for (ServiceComponent serviceComponent : serviceComponents) { jsonArray.put(new ComponentIdentity(serviceComponent).toJSON()); } @@ -99,7 +97,7 @@ public void getComponentsAndServicesByComponentUuidTests() { final UUID rootUuid = qm.createComponent(rootComponent, false).getUuid(); - final Response response = target(V1_DEPENDENCY_GRAPH + "/component/" + rootUuid.toString() + "/directDependencies") + final Response response = jersey.target(V1_DEPENDENCY_GRAPH + "/component/" + rootUuid.toString() + "/directDependencies") .request() .header(X_API_KEY, apiKey) .get(); @@ -173,7 +171,7 @@ public void getComponentsAndServicesByComponentUuidWithRepositoryMetaTests() { jsonArray.put(new ComponentIdentity(component).toJSON()); } - for(ServiceComponent serviceComponent : serviceComponents) { + for (ServiceComponent serviceComponent : serviceComponents) { jsonArray.put(new ComponentIdentity(serviceComponent).toJSON()); } @@ -181,7 +179,7 @@ public void getComponentsAndServicesByComponentUuidWithRepositoryMetaTests() { final UUID rootUuid = qm.createComponent(rootComponent, false).getUuid(); - final Response response = target(V1_DEPENDENCY_GRAPH + "/component/" + rootUuid.toString() + "/directDependencies") + final Response response = jersey.target(V1_DEPENDENCY_GRAPH + "/component/" + rootUuid.toString() + "/directDependencies") .request() .header(X_API_KEY, apiKey) .get(); @@ -222,14 +220,14 @@ public void getComponentsAndServicesByProjectUuidTests() { jsonArray.put(new ComponentIdentity(component).toJSON()); } - for(ServiceComponent serviceComponent : serviceComponents) { + for (ServiceComponent serviceComponent : serviceComponents) { jsonArray.put(new ComponentIdentity(serviceComponent).toJSON()); } project.setDirectDependencies(jsonArray.toString()); qm.updateProject(project, false); - final Response response = target(V1_DEPENDENCY_GRAPH + "/project/" + project.getUuid().toString() + "/directDependencies") + final Response response = jersey.target(V1_DEPENDENCY_GRAPH + "/project/" + project.getUuid().toString() + "/directDependencies") .request() .header(X_API_KEY, apiKey) .get(); @@ -298,14 +296,14 @@ public void getComponentsAndServicesByProjectUuidWithRepositoryMetaTests() { jsonArray.put(new ComponentIdentity(component).toJSON()); } - for(ServiceComponent serviceComponent : serviceComponents) { + for (ServiceComponent serviceComponent : serviceComponents) { jsonArray.put(new ComponentIdentity(serviceComponent).toJSON()); } project.setDirectDependencies(jsonArray.toString()); qm.updateProject(project, false); - final Response response = target(V1_DEPENDENCY_GRAPH + "/project/" + project.getUuid().toString() + "/directDependencies") + final Response response = jersey.target(V1_DEPENDENCY_GRAPH + "/project/" + project.getUuid().toString() + "/directDependencies") .request() .header(X_API_KEY, apiKey) .get(); @@ -353,7 +351,7 @@ public void getComponentsAndServicesByProjectUuidWithComponentsWithoutPurlTest() """.formatted(componentWithPurl.getUuid(), componentWithoutPurl.getUuid())); qm.persist(project); - final Response response = target("%s/project/%s/directDependencies".formatted(V1_DEPENDENCY_GRAPH, project.getUuid())) + final Response response = jersey.target("%s/project/%s/directDependencies".formatted(V1_DEPENDENCY_GRAPH, project.getUuid())) .request() .header(X_API_KEY, apiKey) .get(); diff --git a/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java index 380ddc1e67..e058c30a76 100644 --- a/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java @@ -18,18 +18,13 @@ */ package org.dependencytrack.resources.v1; -import static net.javacrumbs.jsonunit.assertj.JsonAssertions.assertThatJson; -import static net.javacrumbs.jsonunit.assertj.JsonAssertions.json; -import static org.dependencytrack.resources.v1.FindingResource.MEDIA_TYPE_SARIF_JSON; -import static org.hamcrest.CoreMatchers.equalTo; - import alpine.Config; import alpine.model.About; import alpine.model.ConfigProperty; import alpine.model.Team; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; -import javax.ws.rs.core.HttpHeaders; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.ConfigPropertyConstants; @@ -40,29 +35,30 @@ import org.dependencytrack.model.Vulnerability; import org.dependencytrack.tasks.scanners.AnalyzerIdentity; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; import javax.json.JsonObject; +import javax.ws.rs.core.HttpHeaders; import javax.ws.rs.core.Response; import java.util.Date; import java.util.List; import java.util.UUID; +import static net.javacrumbs.jsonunit.assertj.JsonAssertions.assertThatJson; +import static net.javacrumbs.jsonunit.assertj.JsonAssertions.json; +import static org.dependencytrack.resources.v1.FindingResource.MEDIA_TYPE_SARIF_JSON; +import static org.hamcrest.CoreMatchers.equalTo; + public class FindingResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(FindingResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(FindingResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getFindingsByProjectTest() { @@ -82,7 +78,7 @@ public void getFindingsByProjectTest() { qm.addVulnerability(v2, c1, AnalyzerIdentity.NONE); qm.addVulnerability(v3, c2, AnalyzerIdentity.NONE); qm.addVulnerability(v4, c5, AnalyzerIdentity.NONE); - Response response = target(V1_FINDING + "/project/" + p1.getUuid().toString()).request() + Response response = jersey.target(V1_FINDING + "/project/" + p1.getUuid().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -124,7 +120,7 @@ public void getFindingsByProjectTest() { @Test public void getFindingsByProjectInvalidTest() { - Response response = target(V1_FINDING + "/project/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_FINDING + "/project/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -151,7 +147,7 @@ public void exportFindingsByProjectTest() { qm.addVulnerability(v2, c1, AnalyzerIdentity.NONE); qm.addVulnerability(v3, c2, AnalyzerIdentity.NONE); qm.addVulnerability(v4, c5, AnalyzerIdentity.NONE); - Response response = target(V1_FINDING + "/project/" + p1.getUuid().toString() + "/export").request() + Response response = jersey.target(V1_FINDING + "/project/" + p1.getUuid().toString() + "/export").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -201,7 +197,7 @@ public void exportFindingsByProjectTest() { @Test public void exportFindingsByProjectInvalidTest() { - Response response = target(V1_FINDING + "/project/" + UUID.randomUUID().toString() + "/export").request() + Response response = jersey.target(V1_FINDING + "/project/" + UUID.randomUUID().toString() + "/export").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -259,7 +255,7 @@ public void getFindingsByProjectWithComponentLatestVersionTest() { qm.addVulnerability(v2, c1, AnalyzerIdentity.NONE); qm.addVulnerability(v3, c2, AnalyzerIdentity.NONE); qm.addVulnerability(v4, c5, AnalyzerIdentity.NONE); - Response response = target(V1_FINDING + "/project/" + p1.getUuid().toString()).request() + Response response = jersey.target(V1_FINDING + "/project/" + p1.getUuid().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -310,7 +306,7 @@ public void getFindingsByProjectWithComponentLatestVersionWithoutRepositoryMetaC Vulnerability v1 = createVulnerability("Vuln-1", Severity.CRITICAL); qm.addVulnerability(v1, c1, AnalyzerIdentity.NONE); - Response response = target(V1_FINDING + "/project/" + p1.getUuid().toString()).request() + Response response = jersey.target(V1_FINDING + "/project/" + p1.getUuid().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -356,7 +352,7 @@ public void getAllFindings() { qm.addVulnerability(v2, c3, AnalyzerIdentity.NONE); qm.addVulnerability(v3, c2, AnalyzerIdentity.NONE); qm.addVulnerability(v4, c5, AnalyzerIdentity.NONE); - Response response = target(V1_FINDING) + Response response = jersey.target(V1_FINDING) .queryParam("sortName", "component.projectName") .queryParam("sortOrder", "asc") .request() @@ -423,7 +419,7 @@ public void getAllFindingsWithAclEnabled() { aclToggle.setPropertyValue("true"); qm.persist(aclToggle); } - Response response = target(V1_FINDING).request() + Response response = jersey.target(V1_FINDING).request() .header(X_API_KEY, team.getApiKeys().get(0).getKey()) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -472,7 +468,7 @@ public void getAllFindingsGroupedByVulnerability() { qm.addVulnerability(v3, c2, AnalyzerIdentity.NONE); qm.addVulnerability(v3, c6, AnalyzerIdentity.NONE); qm.addVulnerability(v4, c5, AnalyzerIdentity.NONE); - Response response = target(V1_FINDING + "/grouped").request() + Response response = jersey.target(V1_FINDING + "/grouped").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -557,7 +553,7 @@ public void getAllFindingsGroupedByVulnerabilityWithAclEnabled() { aclToggle.setPropertyValue("true"); qm.persist(aclToggle); } - Response response = target(V1_FINDING + "/grouped").request() + Response response = jersey.target(V1_FINDING + "/grouped").request() .header(X_API_KEY, team.getApiKeys().get(0).getKey()) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -616,7 +612,7 @@ public void getSARIFFindingsByProjectTest() { qm.addVulnerability(v3, c1, AnalyzerIdentity.NONE); qm.addVulnerability(v3, c2, AnalyzerIdentity.NONE); - Response response = target(V1_FINDING + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_FINDING + "/project/" + project.getUuid().toString()).request() .header(HttpHeaders.ACCEPT, MEDIA_TYPE_SARIF_JSON) .header(X_API_KEY, apiKey) .get(Response.class); diff --git a/src/test/java/org/dependencytrack/resources/v1/IntegrationResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/IntegrationResourceTest.java index b7867b221c..2d59768a4e 100644 --- a/src/test/java/org/dependencytrack/resources/v1/IntegrationResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/IntegrationResourceTest.java @@ -21,13 +21,12 @@ import alpine.model.IConfigProperty; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -38,14 +37,11 @@ public class IntegrationResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(IntegrationResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(IntegrationResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Before public void before() throws Exception { @@ -64,7 +60,7 @@ public void before() throws Exception { @Test public void getEcosystemsTest() { - Response response = target(V1_OSV_ECOSYSTEM).request() + Response response = jersey.target(V1_OSV_ECOSYSTEM).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -74,7 +70,7 @@ public void getEcosystemsTest() { Assert.assertFalse(json.isEmpty()); var total = json.size(); - response = target(V1_OSV_ECOSYSTEM + "/inactive").request() + response = jersey.target(V1_OSV_ECOSYSTEM + "/inactive").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/LdapResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/LdapResourceTest.java index 4731e85394..b759a8d381 100644 --- a/src/test/java/org/dependencytrack/resources/v1/LdapResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/LdapResourceTest.java @@ -18,16 +18,15 @@ */ package org.dependencytrack.resources.v1; +import alpine.model.MappedLdapGroup; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; -import alpine.model.MappedLdapGroup; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.resources.v1.vo.MappedLdapGroupRequest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -39,18 +38,15 @@ public class LdapResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(LdapResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(LdapResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void retrieveLdapGroupsNotEnabledTest() { - Response response = target(V1_LDAP + "/groups").request() + Response response = jersey.target(V1_LDAP + "/groups").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -65,7 +61,7 @@ public void retrieveLdapGroupsIsEnabledTest() { public void retrieveLdapGroupsTest() { qm.createMappedLdapGroup(team, "CN=Developers,OU=R&D,O=Acme"); qm.createMappedLdapGroup(team, "CN=QA,OU=R&D,O=Acme"); - Response response = target(V1_LDAP + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_LDAP + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -80,7 +76,7 @@ public void retrieveLdapGroupsTest() { @Test public void addMappingTest() { MappedLdapGroupRequest request = new MappedLdapGroupRequest(team.getUuid().toString(), "CN=Administrators,OU=R&D,O=Acme"); - Response response = target(V1_LDAP + "/mapping").request() + Response response = jersey.target(V1_LDAP + "/mapping").request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -93,7 +89,7 @@ public void addMappingTest() { @Test public void addMappingInvalidTest() { MappedLdapGroupRequest request = new MappedLdapGroupRequest(UUID.randomUUID().toString(), "CN=Administrators,OU=R&D,O=Acme"); - Response response = target(V1_LDAP + "/mapping").request() + Response response = jersey.target(V1_LDAP + "/mapping").request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -105,7 +101,7 @@ public void addMappingInvalidTest() { @Test public void deleteMappingTest() { MappedLdapGroup mapping = qm.createMappedLdapGroup(team, "CN=Finance,OU=R&D,O=Acme"); - Response response = target(V1_LDAP + "/mapping/" + mapping.getUuid().toString()).request() + Response response = jersey.target(V1_LDAP + "/mapping/" + mapping.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(Response.class); Assert.assertEquals(204, response.getStatus(), 0); @@ -114,7 +110,7 @@ public void deleteMappingTest() { @Test public void deleteMappingInvalidTest() { - Response response = target(V1_LDAP + "/mapping/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_LDAP + "/mapping/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .delete(Response.class); Assert.assertEquals(404, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/LicenseResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/LicenseResourceTest.java index a6d6206662..ad558ad876 100644 --- a/src/test/java/org/dependencytrack/resources/v1/LicenseResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/LicenseResourceTest.java @@ -21,15 +21,14 @@ import alpine.common.util.UuidUtil; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.License; import org.dependencytrack.persistence.DefaultObjectGenerator; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -40,24 +39,23 @@ public class LicenseResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(LicenseResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(LicenseResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Before - public void loadDefaultLicenses() { - DefaultObjectGenerator dog = new DefaultObjectGenerator(); - dog.contextInitialized(null); + @Override + public void before() throws Exception { + super.before(); + final var generator = new DefaultObjectGenerator(); + generator.loadDefaultLicenses(); } @Test public void getLicensesTest() { - Response response = target(V1_LICENSE).request() + Response response = jersey.target(V1_LICENSE).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -73,7 +71,7 @@ public void getLicensesTest() { @Test public void getLicensesConciseTest() { - Response response = target(V1_LICENSE + "/concise").request() + Response response = jersey.target(V1_LICENSE + "/concise").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -89,7 +87,7 @@ public void getLicensesConciseTest() { @Test public void getLicense() { - Response response = target(V1_LICENSE + "/Apache-2.0").request() + Response response = jersey.target(V1_LICENSE + "/Apache-2.0").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -104,7 +102,7 @@ public void getLicense() { @Test public void getLicenseInvalid() { - Response response = target(V1_LICENSE + "/blah").request() + Response response = jersey.target(V1_LICENSE + "/blah").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -118,7 +116,7 @@ public void createCustomLicense() { License license = new License(); license.setName("Acme Example"); license.setLicenseId("Acme-Example-License"); - Response response = target(V1_LICENSE) + Response response = jersey.target(V1_LICENSE) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(license, MediaType.APPLICATION_JSON)); @@ -139,7 +137,7 @@ public void createCustomLicenseDuplicate() { License license = new License(); license.setName("Apache License 2.0"); license.setLicenseId("Apache-2.0"); - Response response = target(V1_LICENSE) + Response response = jersey.target(V1_LICENSE) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(license, MediaType.APPLICATION_JSON)); @@ -153,7 +151,7 @@ public void createCustomLicenseDuplicate() { public void createCustomLicenseWithoutLicenseId() { License license = new License(); license.setName("Acme Example"); - Response response = target(V1_LICENSE) + Response response = jersey.target(V1_LICENSE) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(license, MediaType.APPLICATION_JSON)); @@ -169,7 +167,7 @@ public void deleteCustomLicense() { license.setCustomLicense(true); qm.createCustomLicense(license, false); - Response response = target(V1_LICENSE + "/" + license.getLicenseId()) + Response response = jersey.target(V1_LICENSE + "/" + license.getLicenseId()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -184,7 +182,7 @@ public void deleteNotCustomLicense() { license1.setName("Acme Example"); License license2 = qm.createCustomLicense(license1, false); license1.setCustomLicense(false); - Response response = target(V1_LICENSE + "/" + license1.getLicenseId()) + Response response = jersey.target(V1_LICENSE + "/" + license1.getLicenseId()) .request() .header(X_API_KEY, apiKey) .delete(); diff --git a/src/test/java/org/dependencytrack/resources/v1/NotificationPublisherResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/NotificationPublisherResourceTest.java index e0d5d8a678..064060ed54 100644 --- a/src/test/java/org/dependencytrack/resources/v1/NotificationPublisherResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/NotificationPublisherResourceTest.java @@ -19,10 +19,10 @@ package org.dependencytrack.resources.v1; import alpine.common.util.UuidUtil; -import alpine.model.ConfigProperty; import alpine.notification.NotificationLevel; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.ConfigPropertyConstants; import org.dependencytrack.model.NotificationPublisher; @@ -32,13 +32,10 @@ import org.dependencytrack.notification.publisher.Publisher; import org.dependencytrack.notification.publisher.SendMailPublisher; import org.dependencytrack.persistence.DefaultObjectGenerator; -import org.glassfish.jersey.client.ClientProperties; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -51,25 +48,22 @@ public class NotificationPublisherResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(NotificationPublisherResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(NotificationPublisherResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Before public void before() throws Exception { super.before(); - DefaultObjectGenerator generator = new DefaultObjectGenerator(); - generator.contextInitialized(null); + final var generator = new DefaultObjectGenerator(); + generator.loadDefaultNotificationPublishers(); } @Test public void getAllNotificationPublishersTest() { - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -94,7 +88,7 @@ public void createNotificationPublisherTest() { publisher.setTemplateMimeType("application/json"); publisher.setPublisherClass(SendMailPublisher.class.getName()); publisher.setDefaultPublisher(false); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .put(Entity.entity(publisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -118,7 +112,7 @@ public void createNotificationPublisherWithDefaultFlagTest() { publisher.setTemplateMimeType("application/json"); publisher.setPublisherClass(SendMailPublisher.class.getName()); publisher.setDefaultPublisher(true); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .put(Entity.entity(publisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -135,7 +129,7 @@ public void createNotificationPublisherWithExistingNameTest() { publisher.setTemplateMimeType("application/json"); publisher.setPublisherClass(SendMailPublisher.class.getName()); publisher.setDefaultPublisher(true); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .put(Entity.entity(publisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(409, response.getStatus(), 0); @@ -152,7 +146,7 @@ public void createNotificationPublisherWithClassNotImplementingPublisherInterfac publisher.setTemplateMimeType("application/json"); publisher.setPublisherClass(NotificationPublisherResource.class.getName()); publisher.setDefaultPublisher(false); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .put(Entity.entity(publisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -169,7 +163,7 @@ public void createNotificationPublisherClassNotFoundTest() { publisher.setTemplateMimeType("application/json"); publisher.setPublisherClass("invalidClassFqcn"); publisher.setDefaultPublisher(false); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .put(Entity.entity(publisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -185,7 +179,7 @@ public void updateNotificationPublisherTest() { false ); notificationPublisher.setName("Updated Publisher name"); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .post(Entity.entity(notificationPublisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -209,7 +203,7 @@ public void updateUnknownNotificationPublisherTest() { ); notificationPublisher = qm.detach(NotificationPublisher.class, notificationPublisher.getId()); notificationPublisher.setUuid(UUID.randomUUID()); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .post(Entity.entity(notificationPublisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -222,7 +216,7 @@ public void updateUnknownNotificationPublisherTest() { public void updateExistingDefaultNotificationPublisherTest() { NotificationPublisher notificationPublisher = qm.getDefaultNotificationPublisher(SendMailPublisher.class); notificationPublisher.setName(notificationPublisher.getName() + " Updated"); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .post(Entity.entity(notificationPublisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -240,7 +234,7 @@ public void updateNotificationPublisherWithNameOfAnotherNotificationPublisherTes ); notificationPublisher = qm.detach(NotificationPublisher.class, notificationPublisher.getId()); notificationPublisher.setName(DefaultNotificationPublishers.MS_TEAMS.getPublisherName()); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .post(Entity.entity(notificationPublisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(409, response.getStatus(), 0); @@ -257,7 +251,7 @@ public void updateNotificationPublisherWithInvalidClassTest() { false ); notificationPublisher.setPublisherClass("unknownClass"); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .post(Entity.entity(notificationPublisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -274,7 +268,7 @@ public void updateNotificationPublisherWithClassNotImplementingPublisherInterfac false ); notificationPublisher.setPublisherClass(NotificationPublisherResource.class.getName()); - Response response = target(V1_NOTIFICATION_PUBLISHER).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER).request() .header(X_API_KEY, apiKey) .post(Entity.entity(notificationPublisher, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -290,7 +284,7 @@ public void deleteNotificationPublisherWithNoRulesTest() { (Class) SendMailPublisher.class, "template", "text/html", false ); - Response response = target(V1_NOTIFICATION_PUBLISHER + "/" + publisher.getUuid()).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER + "/" + publisher.getUuid()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(204, response.getStatus(), 0); @@ -306,7 +300,7 @@ public void deleteNotificationPublisherWithLinkedNotificationRulesTest() { ); NotificationRule firstRule = qm.createNotificationRule("Example Rule 1", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); NotificationRule secondRule = qm.createNotificationRule("Example Rule 2", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_PUBLISHER + "/" + publisher.getUuid()).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER + "/" + publisher.getUuid()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(204, response.getStatus(), 0); @@ -317,7 +311,7 @@ public void deleteNotificationPublisherWithLinkedNotificationRulesTest() { @Test public void deleteUnknownNotificationPublisherTest() { - Response response = target(V1_NOTIFICATION_PUBLISHER + "/" + UUID.randomUUID()).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER + "/" + UUID.randomUUID()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -326,7 +320,7 @@ public void deleteUnknownNotificationPublisherTest() { @Test public void deleteDefaultNotificationPublisherTest() { NotificationPublisher notificationPublisher = qm.getDefaultNotificationPublisher((Class) SendMailPublisher.class); - Response response = target(V1_NOTIFICATION_PUBLISHER + "/" + notificationPublisher.getUuid()).request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER + "/" + notificationPublisher.getUuid()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(400, response.getStatus(), 0); @@ -339,7 +333,7 @@ public void deleteDefaultNotificationPublisherTest() { public void testSmtpPublisherConfigTest() { Form form = new Form(); form.param("destination", "test@example.com"); - Response response = target(V1_NOTIFICATION_PUBLISHER + "/test/smtp").request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER + "/test/smtp").request() .header(X_API_KEY, apiKey) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(200, response.getStatus(), 0); @@ -351,14 +345,14 @@ public void restoreDefaultTemplatesTest() { slackPublisher.setName(slackPublisher.getName()+" Updated"); qm.persist(slackPublisher); qm.detach(NotificationPublisher.class, slackPublisher.getId()); - ConfigProperty property = qm.getConfigProperty( + qm.createConfigProperty( ConfigPropertyConstants.NOTIFICATION_TEMPLATE_DEFAULT_OVERRIDE_ENABLED.getGroupName(), - ConfigPropertyConstants.NOTIFICATION_TEMPLATE_DEFAULT_OVERRIDE_ENABLED.getPropertyName() + ConfigPropertyConstants.NOTIFICATION_TEMPLATE_DEFAULT_OVERRIDE_ENABLED.getPropertyName(), + "true", + ConfigPropertyConstants.NOTIFICATION_TEMPLATE_DEFAULT_OVERRIDE_ENABLED.getPropertyType(), + ConfigPropertyConstants.NOTIFICATION_TEMPLATE_DEFAULT_OVERRIDE_ENABLED.getDescription() ); - property.setPropertyValue("true"); - qm.persist(property); - qm.detach(ConfigProperty.class, property.getId()); - Response response = target(V1_NOTIFICATION_PUBLISHER + "/restoreDefaultTemplates").request() + Response response = jersey.target(V1_NOTIFICATION_PUBLISHER + "/restoreDefaultTemplates").request() .header(X_API_KEY, apiKey) .post(Entity.json("")); qm.getPersistenceManager().refreshAll(); diff --git a/src/test/java/org/dependencytrack/resources/v1/NotificationRuleResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/NotificationRuleResourceTest.java index 774333148a..0967eed04c 100644 --- a/src/test/java/org/dependencytrack/resources/v1/NotificationRuleResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/NotificationRuleResourceTest.java @@ -23,6 +23,7 @@ import alpine.notification.NotificationLevel; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.NotificationPublisher; import org.dependencytrack.model.NotificationRule; @@ -34,11 +35,9 @@ import org.dependencytrack.persistence.DefaultObjectGenerator; import org.glassfish.jersey.client.ClientProperties; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -57,20 +56,17 @@ public class NotificationRuleResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(NotificationRuleResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(NotificationRuleResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Before public void before() throws Exception { super.before(); - DefaultObjectGenerator generator = new DefaultObjectGenerator(); - generator.contextInitialized(null); + final var generator = new DefaultObjectGenerator(); + generator.loadDefaultNotificationPublishers(); } @Test @@ -79,7 +75,7 @@ public void getAllNotificationRulesTest() { NotificationRule r1 = qm.createNotificationRule("Rule 1", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); NotificationRule r2 = qm.createNotificationRule("Rule 2", NotificationScope.PORTFOLIO, NotificationLevel.WARNING, publisher); NotificationRule r3 = qm.createNotificationRule("Rule 3", NotificationScope.SYSTEM, NotificationLevel.ERROR, publisher); - Response response = target(V1_NOTIFICATION_RULE).request() + Response response = jersey.target(V1_NOTIFICATION_RULE).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -107,7 +103,7 @@ public void createNotificationRuleTest() { rule.setNotificationLevel(NotificationLevel.WARNING); rule.setScope(NotificationScope.SYSTEM); rule.setPublisher(publisher); - Response response = target(V1_NOTIFICATION_RULE).request() + Response response = jersey.target(V1_NOTIFICATION_RULE).request() .header(X_API_KEY, apiKey) .put(Entity.entity(rule, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -134,7 +130,7 @@ public void createNotificationRuleInvalidPublisherTest() { rule.setNotificationLevel(NotificationLevel.WARNING); rule.setScope(NotificationScope.SYSTEM); rule.setPublisher(publisher); - Response response = target(V1_NOTIFICATION_RULE).request() + Response response = jersey.target(V1_NOTIFICATION_RULE).request() .header(X_API_KEY, apiKey) .put(Entity.entity(rule, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -149,7 +145,7 @@ public void updateNotificationRuleTest() { NotificationRule rule = qm.createNotificationRule("Rule 1", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); rule.setName("Example Rule"); rule.setNotifyOn(Collections.singleton(NotificationGroup.NEW_VULNERABILITY)); - Response response = target(V1_NOTIFICATION_RULE).request() + Response response = jersey.target(V1_NOTIFICATION_RULE).request() .header(X_API_KEY, apiKey) .post(Entity.entity(rule, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -170,7 +166,7 @@ public void updateNotificationRuleInvalidTest() { NotificationRule rule = qm.createNotificationRule("Rule 1", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); rule = qm.detach(NotificationRule.class, rule.getId()); rule.setUuid(UUID.randomUUID()); - Response response = target(V1_NOTIFICATION_RULE).request() + Response response = jersey.target(V1_NOTIFICATION_RULE).request() .header(X_API_KEY, apiKey) .post(Entity.entity(rule, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -184,7 +180,7 @@ public void deleteNotificationRuleTest() { NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Rule 1", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); rule.setName("Example Rule"); - Response response = target(V1_NOTIFICATION_RULE).request() + Response response = jersey.target(V1_NOTIFICATION_RULE).request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK .method("DELETE", Entity.entity(rule, MediaType.APPLICATION_JSON)); // HACK @@ -197,7 +193,7 @@ public void addProjectToRuleTest() { Project project = qm.createProject("Acme Example", null, null, null, null, null, true, false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(200, response.getStatus(), 0); @@ -213,7 +209,7 @@ public void addProjectToRuleTest() { public void addProjectToRuleInvalidRuleTest() { Project project = qm.createProject("Acme Example", null, null, null, null, null, true, false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); - Response response = target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(404, response.getStatus(), 0); @@ -227,7 +223,7 @@ public void addProjectToRuleInvalidScopeTest() { Project project = qm.createProject("Acme Example", null, null, null, null, null, true, false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.SYSTEM, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(406, response.getStatus(), 0); @@ -240,7 +236,7 @@ public void addProjectToRuleInvalidScopeTest() { public void addProjectToRuleInvalidProjectTest() { NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(404, response.getStatus(), 0); @@ -258,7 +254,7 @@ public void addProjectToRuleDuplicateProjectTest() { projects.add(project); rule.setProjects(projects); qm.persist(rule); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(304, response.getStatus(), 0); @@ -274,7 +270,7 @@ public void removeProjectFromRuleTest() { projects.add(project); rule.setProjects(projects); qm.persist(rule); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(200, response.getStatus(), 0); @@ -285,7 +281,7 @@ public void removeProjectFromRuleTest() { public void removeProjectFromRuleInvalidRuleTest() { Project project = qm.createProject("Acme Example", null, null, null, null, null, true, false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); - Response response = target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -299,7 +295,7 @@ public void removeProjectFromRuleInvalidScopeTest() { Project project = qm.createProject("Acme Example", null, null, null, null, null, true, false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.SYSTEM, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(406, response.getStatus(), 0); @@ -312,7 +308,7 @@ public void removeProjectFromRuleInvalidScopeTest() { public void removeProjectFromRuleInvalidProjectTest() { NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -326,7 +322,7 @@ public void removeProjectFromRuleDuplicateProjectTest() { Project project = qm.createProject("Acme Example", null, null, null, null, null, true, false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/project/" + project.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(304, response.getStatus(), 0); @@ -338,7 +334,7 @@ public void addTeamToRuleTest(){ Team team = qm.createTeam("Team Example", false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.EMAIL.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(200, response.getStatus(), 0); @@ -354,7 +350,7 @@ public void addTeamToRuleTest(){ public void addTeamToRuleInvalidRuleTest(){ Team team = qm.createTeam("Team Example", false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.EMAIL.getPublisherName()); - Response response = target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(404, response.getStatus(), 0); @@ -367,7 +363,7 @@ public void addTeamToRuleInvalidRuleTest(){ public void addTeamToRuleInvalidTeamTest() { NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.EMAIL.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(404, response.getStatus(), 0); @@ -385,7 +381,7 @@ public void addTeamToRuleDuplicateTeamTest() { teams.add(team); rule.setTeams(teams); qm.persist(rule); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(304, response.getStatus(), 0); @@ -397,7 +393,7 @@ public void addTeamToRuleInvalidPublisherTest(){ Team team = qm.createTeam("Team Example", false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); Assert.assertEquals(406, response.getStatus(), 0); @@ -411,7 +407,7 @@ public void addTeamToRuleWithCustomEmailPublisherTest() { final Team team = qm.createTeam("Team Example", false); final NotificationPublisher publisher = qm.createNotificationPublisher("foo", "description", SendMailPublisher.class, "template", "templateMimeType", false); final NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - final Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid() + "/team/" + team.getUuid()).request() + final Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid() + "/team/" + team.getUuid()).request() .header(X_API_KEY, apiKey) .post(Entity.json("")); assertThat(response.getStatus()).isEqualTo(200); @@ -458,7 +454,7 @@ public void removeTeamFromRuleTest() { teams.add(team); rule.setTeams(teams); qm.persist(rule); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(200, response.getStatus(), 0); @@ -469,7 +465,7 @@ public void removeTeamFromRuleTest() { public void removeTeamFromRuleInvalidRuleTest() { Team team = qm.createTeam("Team Example", false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.EMAIL.getPublisherName()); - Response response = target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + UUID.randomUUID().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -482,7 +478,7 @@ public void removeTeamFromRuleInvalidRuleTest() { public void removeTeamFromRuleInvalidTeamTest() { NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.EMAIL.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -496,7 +492,7 @@ public void removeTeamFromRuleDuplicateTeamTest() { Team team = qm.createTeam("Team Example", false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.EMAIL.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(304, response.getStatus(), 0); @@ -508,7 +504,7 @@ public void removeTeamToRuleInvalidPublisherTest(){ Team team = qm.createTeam("Team Example", false); NotificationPublisher publisher = qm.getNotificationPublisher(DefaultNotificationPublishers.SLACK.getPublisherName()); NotificationRule rule = qm.createNotificationRule("Example Rule", NotificationScope.PORTFOLIO, NotificationLevel.INFORMATIONAL, publisher); - Response response = target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() + Response response = jersey.target(V1_NOTIFICATION_RULE + "/" + rule.getUuid().toString() + "/team/" + team.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(406, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/OidcResourceAuthenticatedTest.java b/src/test/java/org/dependencytrack/resources/v1/OidcResourceAuthenticatedTest.java index 9fc277e561..ad21029915 100644 --- a/src/test/java/org/dependencytrack/resources/v1/OidcResourceAuthenticatedTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/OidcResourceAuthenticatedTest.java @@ -17,17 +17,16 @@ */ package org.dependencytrack.resources.v1; -import alpine.server.filters.ApiFilter; -import alpine.server.filters.AuthenticationFilter; import alpine.model.MappedOidcGroup; import alpine.model.OidcGroup; import alpine.model.Team; +import alpine.server.filters.ApiFilter; +import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.resources.v1.vo.MappedOidcGroupRequest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -41,12 +40,11 @@ public class OidcResourceAuthenticatedTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer(new ResourceConfig(OidcResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))).build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(OidcResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void retrieveGroupsShouldReturnListOfGroups() { @@ -54,7 +52,7 @@ public void retrieveGroupsShouldReturnListOfGroups() { oidcGroup.setName("groupName"); qm.persist(oidcGroup); - final Response response = target(V1_OIDC + "/group") + final Response response = jersey.target(V1_OIDC + "/group") .request().header(X_API_KEY, apiKey).get(); assertThat(response.getStatus()).isEqualTo(200); @@ -66,7 +64,7 @@ public void retrieveGroupsShouldReturnListOfGroups() { @Test public void retrieveGroupsShouldReturnEmptyListWhenNoGroupsWhereFound() { - final Response response = target(V1_OIDC + "/group") + final Response response = jersey.target(V1_OIDC + "/group") .request().header(X_API_KEY, apiKey).get(); assertThat(response.getStatus()).isEqualTo(200); @@ -80,7 +78,7 @@ public void createGroupShouldReturnCreatedGroup() { final OidcGroup oidcGroup = new OidcGroup(); oidcGroup.setName("groupName"); - final Response response = target(V1_OIDC + "/group") + final Response response = jersey.target(V1_OIDC + "/group") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(oidcGroup, MediaType.APPLICATION_JSON)); @@ -100,7 +98,7 @@ public void createGroupShouldIndicateConflictWhenGroupAlreadyExists() { final OidcGroup oidcGroup = new OidcGroup(); oidcGroup.setName("groupName"); - final Response response = target(V1_OIDC + "/group") + final Response response = jersey.target(V1_OIDC + "/group") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(oidcGroup, MediaType.APPLICATION_JSON)); @@ -113,7 +111,7 @@ public void createGroupShouldIndicateBadRequestWhenRequestIsInvalid() { final OidcGroup oidcGroup = new OidcGroup(); oidcGroup.setName(" "); - final Response response = target(V1_OIDC + "/group") + final Response response = jersey.target(V1_OIDC + "/group") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(oidcGroup, MediaType.APPLICATION_JSON)); @@ -129,7 +127,7 @@ public void updateGroupShouldUpdateAndReturnGroup() { jsonGroup.setUuid(existingGroup.getUuid()); jsonGroup.setName("newGroupName"); - final Response response = target(V1_OIDC + "/group").request() + final Response response = jersey.target(V1_OIDC + "/group").request() .header(X_API_KEY, apiKey) .post(Entity.entity(jsonGroup, MediaType.APPLICATION_JSON)); @@ -144,7 +142,7 @@ public void updateGroupShouldUpdateAndReturnGroup() { public void updateGroupShouldIndicateBadRequestWhenRequestBodyIsInvalid() { final OidcGroup jsonGroup = new OidcGroup(); - final Response response = target(V1_OIDC + "/group").request() + final Response response = jersey.target(V1_OIDC + "/group").request() .header(X_API_KEY, apiKey) .post(Entity.entity(jsonGroup, MediaType.APPLICATION_JSON)); @@ -157,7 +155,7 @@ public void updateGroupShouldIndicateNotFoundWhenGroupDoesNotExist() { jsonGroup.setUuid(UUID.randomUUID()); jsonGroup.setName("groupName"); - final Response response = target(V1_OIDC + "/group").request() + final Response response = jersey.target(V1_OIDC + "/group").request() .header(X_API_KEY, apiKey) .post(Entity.entity(jsonGroup, MediaType.APPLICATION_JSON)); @@ -168,7 +166,7 @@ public void updateGroupShouldIndicateNotFoundWhenGroupDoesNotExist() { public void deleteGroupShouldDeleteGroupAndIndicateNoContent() { final OidcGroup existingOidcGroup = qm.createOidcGroup("groupName"); - final Response response = target(V1_OIDC + "/group/" + existingOidcGroup.getUuid()) + final Response response = jersey.target(V1_OIDC + "/group/" + existingOidcGroup.getUuid()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -179,7 +177,7 @@ public void deleteGroupShouldDeleteGroupAndIndicateNoContent() { @Test public void deleteGroupShouldIndicateNotFoundWhenGroupDoesNotExist() { - final Response response = target(V1_OIDC + "/group/" + UUID.randomUUID()) + final Response response = jersey.target(V1_OIDC + "/group/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -193,7 +191,7 @@ public void retrieveTeamsMappedToGroupShouldReturnTeamsMappedToSpecifiedGroup() final Team team = qm.createTeam("teamName", false); qm.createMappedOidcGroup(team, oidcGroup); - final Response response = target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team") + final Response response = jersey.target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team") .request().header(X_API_KEY, apiKey).get(); assertThat(response.getStatus()).isEqualTo(200); @@ -205,7 +203,7 @@ public void retrieveTeamsMappedToGroupShouldReturnTeamsMappedToSpecifiedGroup() @Test public void retrieveTeamsMappedToGroupShouldIndicateNotFoundWhenGroupDoesNotExit() { - final Response response = target(V1_OIDC + "/group/" + UUID.randomUUID() + "/team") + final Response response = jersey.target(V1_OIDC + "/group/" + UUID.randomUUID() + "/team") .request().header(X_API_KEY, apiKey).get(); assertThat(response.getStatus()).isEqualTo(404); @@ -215,7 +213,7 @@ public void retrieveTeamsMappedToGroupShouldIndicateNotFoundWhenGroupDoesNotExit public void addMappingShouldIndicateBadRequestWhenRequestIsInvalid() { final MappedOidcGroupRequest request = new MappedOidcGroupRequest("not-a-uuid", "not-a-uuid"); - final Response response = target(V1_OIDC + "/mapping") + final Response response = jersey.target(V1_OIDC + "/mapping") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -229,7 +227,7 @@ public void addMappingShouldIndicateNotFoundWhenTeamDoesNotExist() { final MappedOidcGroupRequest request = new MappedOidcGroupRequest(UUID.randomUUID().toString(), group.getUuid().toString()); - final Response response = target(V1_OIDC + "/mapping") + final Response response = jersey.target(V1_OIDC + "/mapping") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -243,7 +241,7 @@ public void addMappingShouldIndicateNotFoundWhenGroupDoesNotExist() { final MappedOidcGroupRequest request = new MappedOidcGroupRequest(team.getUuid().toString(), UUID.randomUUID().toString()); - final Response response = target(V1_OIDC + "/mapping") + final Response response = jersey.target(V1_OIDC + "/mapping") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -259,7 +257,7 @@ public void addMappingShouldIndicateConflictWhenMappingAlreadyExists() { final MappedOidcGroupRequest request = new MappedOidcGroupRequest(team.getUuid().toString(), group.getUuid().toString()); - final Response response = target(V1_OIDC + "/mapping") + final Response response = jersey.target(V1_OIDC + "/mapping") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -274,7 +272,7 @@ public void addMappingShouldReturnCreatedMapping() { final MappedOidcGroupRequest request = new MappedOidcGroupRequest(team.getUuid().toString(), group.getUuid().toString()); - final Response response = target(V1_OIDC + "/mapping") + final Response response = jersey.target(V1_OIDC + "/mapping") .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -294,7 +292,7 @@ public void deleteMappingByUuidShouldDeleteMappingAndIndicateNoContent() { final OidcGroup group = qm.createOidcGroup("groupName"); final MappedOidcGroup mapping = qm.createMappedOidcGroup(team, group); - final Response response = target(V1_OIDC + "/mapping/" + mapping.getUuid()) + final Response response = jersey.target(V1_OIDC + "/mapping/" + mapping.getUuid()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -305,7 +303,7 @@ public void deleteMappingByUuidShouldDeleteMappingAndIndicateNoContent() { @Test public void deleteMappingByUuidShouldIndicateNotFoundWhenMappingDoesNotExist() { - final Response response = target(V1_OIDC + "/mapping/" + UUID.randomUUID()) + final Response response = jersey.target(V1_OIDC + "/mapping/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -319,7 +317,7 @@ public void deleteMappingShouldDeleteMappingAndIndicateNoContent() { final Team team = qm.createTeam("teamName", false); final MappedOidcGroup mapping = qm.createMappedOidcGroup(team, oidcGroup); - final Response response = target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team/" + team.getUuid() + "/mapping").request() + final Response response = jersey.target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team/" + team.getUuid() + "/mapping").request() .header(X_API_KEY, apiKey) .delete(); @@ -331,7 +329,7 @@ public void deleteMappingShouldDeleteMappingAndIndicateNoContent() { public void deleteMappingShouldIndicateNotFoundWhenTeamDoesNotExist() { final OidcGroup oidcGroup = qm.createOidcGroup("groupName"); - final Response response = target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team/" + UUID.randomUUID() + "/mapping").request() + final Response response = jersey.target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team/" + UUID.randomUUID() + "/mapping").request() .header(X_API_KEY, apiKey) .delete(); @@ -342,7 +340,7 @@ public void deleteMappingShouldIndicateNotFoundWhenTeamDoesNotExist() { public void deleteMappingShouldIndicateNotFoundWhenGroupDoesNotExist() { final Team team = qm.createTeam("teamName", false); - final Response response = target(V1_OIDC + "/group/" + UUID.randomUUID() + "/team/" + team.getUuid() + "/mapping").request() + final Response response = jersey.target(V1_OIDC + "/group/" + UUID.randomUUID() + "/team/" + team.getUuid() + "/mapping").request() .header(X_API_KEY, apiKey) .delete(); @@ -354,7 +352,7 @@ public void deleteMappingShouldIndicateNotFoundWhenMappingDoesNotExist() { final OidcGroup oidcGroup = qm.createOidcGroup("groupName"); final Team team = qm.createTeam("teamName", false); - final Response response = target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team/" + team.getUuid() + "/mapping").request() + final Response response = jersey.target(V1_OIDC + "/group/" + oidcGroup.getUuid() + "/team/" + team.getUuid() + "/mapping").request() .header(X_API_KEY, apiKey) .delete(); diff --git a/src/test/java/org/dependencytrack/resources/v1/OidcResourceUnauthenticatedTest.java b/src/test/java/org/dependencytrack/resources/v1/OidcResourceUnauthenticatedTest.java index 3953d9a32c..45cd0d7031 100644 --- a/src/test/java/org/dependencytrack/resources/v1/OidcResourceUnauthenticatedTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/OidcResourceUnauthenticatedTest.java @@ -18,11 +18,10 @@ package org.dependencytrack.resources.v1; import alpine.server.filters.ApiFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.ws.rs.core.Response; @@ -31,17 +30,14 @@ public class OidcResourceUnauthenticatedTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(OidcResource.class) - .register(ApiFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(OidcResource.class) + .register(ApiFilter.class)); @Test public void isAvailableShouldReturnFalseWhenOidcIsNotAvailable() { - final Response response = target(V1_OIDC + "/available") + final Response response = jersey.target(V1_OIDC + "/available") .request().get(); assertThat(getPlainTextBody(response)).isEqualTo("false"); diff --git a/src/test/java/org/dependencytrack/resources/v1/PermissionResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/PermissionResourceTest.java index 330ed8c3a0..87d4a04a12 100644 --- a/src/test/java/org/dependencytrack/resources/v1/PermissionResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/PermissionResourceTest.java @@ -18,21 +18,19 @@ */ package org.dependencytrack.resources.v1; -import alpine.server.filters.ApiFilter; -import alpine.server.filters.AuthenticationFilter; import alpine.model.ManagedUser; import alpine.model.Permission; import alpine.model.Team; -import alpine.server.auth.PasswordService; +import alpine.server.filters.ApiFilter; +import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.auth.Permissions; import org.dependencytrack.persistence.DefaultObjectGenerator; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -44,25 +42,22 @@ public class PermissionResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(PermissionResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(PermissionResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Before public void before() throws Exception { super.before(); - DefaultObjectGenerator generator = new DefaultObjectGenerator(); - generator.contextInitialized(null); + final var generator = new DefaultObjectGenerator(); + generator.loadDefaultPermissions(); } @Test public void getAllPermissionsTest() { - Response response = target(V1_PERMISSION).request() + Response response = jersey.target(V1_PERMISSION).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -76,10 +71,10 @@ public void getAllPermissionsTest() { @Test public void addPermissionToUserTest() { - ManagedUser user = qm.createManagedUser("user1", new String(PasswordService.createHash("password".toCharArray()))); + ManagedUser user = qm.createManagedUser("user1", TEST_USER_PASSWORD_HASH); String username = user.getUsername(); qm.close(); - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/" + username).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/" + username).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -92,7 +87,7 @@ public void addPermissionToUserTest() { @Test public void addPermissionToUserInvalidUserTest() { - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/blah").request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/blah").request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -103,10 +98,10 @@ public void addPermissionToUserInvalidUserTest() { @Test public void addPermissionToUserInvalidPermissionTest() { - ManagedUser user = qm.createManagedUser("user1", new String(PasswordService.createHash("password".toCharArray()))); + ManagedUser user = qm.createManagedUser("user1", TEST_USER_PASSWORD_HASH); String username = user.getUsername(); qm.close(); - Response response = target(V1_PERMISSION + "/BLAH/user/" + username).request() + Response response = jersey.target(V1_PERMISSION + "/BLAH/user/" + username).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -117,13 +112,13 @@ public void addPermissionToUserInvalidPermissionTest() { @Test public void addPermissionToUserDuplicateTest() { - ManagedUser user = qm.createManagedUser("user1", new String(PasswordService.createHash("password".toCharArray()))); + ManagedUser user = qm.createManagedUser("user1", TEST_USER_PASSWORD_HASH); String username = user.getUsername(); Permission permission = qm.getPermission(Permissions.PORTFOLIO_MANAGEMENT.name()); user.getPermissions().add(permission); qm.persist(user); qm.close(); - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/" + username).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/" + username).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(304, response.getStatus(), 0); @@ -132,13 +127,13 @@ public void addPermissionToUserDuplicateTest() { @Test public void removePermissionFromUserTest() { - ManagedUser user = qm.createManagedUser("user1", new String(PasswordService.createHash("password".toCharArray()))); + ManagedUser user = qm.createManagedUser("user1", TEST_USER_PASSWORD_HASH); String username = user.getUsername(); Permission permission = qm.getPermission(Permissions.PORTFOLIO_MANAGEMENT.name()); user.getPermissions().add(permission); qm.persist(user); qm.close(); - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/" + username).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/" + username).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(200, response.getStatus(), 0); @@ -150,7 +145,7 @@ public void removePermissionFromUserTest() { @Test public void removePermissionFromUserInvalidUserTest() { - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/blah").request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/user/blah").request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -161,10 +156,10 @@ public void removePermissionFromUserInvalidUserTest() { @Test public void removePermissionFromUserInvalidPermissionTest() { - ManagedUser user = qm.createManagedUser("user1", new String(PasswordService.createHash("password".toCharArray()))); + ManagedUser user = qm.createManagedUser("user1", TEST_USER_PASSWORD_HASH); String username = user.getUsername(); qm.close(); - Response response = target(V1_PERMISSION + "/BLAH/user/" + username).request() + Response response = jersey.target(V1_PERMISSION + "/BLAH/user/" + username).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -175,9 +170,9 @@ public void removePermissionFromUserInvalidPermissionTest() { @Test public void removePermissionFromUserNoChangesTest() { - ManagedUser user = qm.createManagedUser("user1", new String(PasswordService.createHash("password".toCharArray()))); + ManagedUser user = qm.createManagedUser("user1", TEST_USER_PASSWORD_HASH); String username = user.getUsername(); - Response response = target(V1_PERMISSION + "/BOM_UPLOAD/user/" + username).request() + Response response = jersey.target(V1_PERMISSION + "/BOM_UPLOAD/user/" + username).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(304, response.getStatus(), 0); @@ -189,7 +184,7 @@ public void addPermissionToTeamTest() { Team team = qm.createTeam("team1", false); String teamUuid = team.getUuid().toString(); qm.close(); - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + teamUuid).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + teamUuid).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -202,7 +197,7 @@ public void addPermissionToTeamTest() { @Test public void addPermissionToTeamInvalidTeamTest() { - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -216,7 +211,7 @@ public void addPermissionToTeamInvalidPermissionTest() { Team team = qm.createTeam("team1", false); String teamUuid = team.getUuid().toString(); qm.close(); - Response response = target(V1_PERMISSION + "/BLAH/team/" + teamUuid).request() + Response response = jersey.target(V1_PERMISSION + "/BLAH/team/" + teamUuid).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -233,7 +228,7 @@ public void addPermissionToTeamDuplicateTest() { team.getPermissions().add(permission); qm.persist(team); qm.close(); - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + teamUuid).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + teamUuid).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(304, response.getStatus(), 0); @@ -248,7 +243,7 @@ public void removePermissionFromTeamTest() { team.getPermissions().add(permission); qm.persist(team); qm.close(); - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + teamUuid).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + teamUuid).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(200, response.getStatus(), 0); @@ -260,7 +255,7 @@ public void removePermissionFromTeamTest() { @Test public void removePermissionFromTeamInvalidTeamTest() { - Response response = target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_PERMISSION + "/PORTFOLIO_MANAGEMENT/team/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -274,7 +269,7 @@ public void removePermissionFromTeamInvalidPermissionTest() { Team team = qm.createTeam("team1", false); String teamUuid = team.getUuid().toString(); qm.close(); - Response response = target(V1_PERMISSION + "/BLAH/team/" + teamUuid).request() + Response response = jersey.target(V1_PERMISSION + "/BLAH/team/" + teamUuid).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -287,7 +282,7 @@ public void removePermissionFromTeamInvalidPermissionTest() { public void removePermissionFromTeamNoChangesTest() { Team team = qm.createTeam("team1", false); String teamUuid = team.getUuid().toString(); - Response response = target(V1_PERMISSION + "/BOM_UPLOAD/team/" + teamUuid).request() + Response response = jersey.target(V1_PERMISSION + "/BOM_UPLOAD/team/" + teamUuid).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(304, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/PolicyResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/PolicyResourceTest.java index a4c6f3544d..ee1fba255c 100644 --- a/src/test/java/org/dependencytrack/resources/v1/PolicyResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/PolicyResourceTest.java @@ -22,6 +22,7 @@ import alpine.common.util.UuidUtil; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; @@ -30,9 +31,7 @@ import org.dependencytrack.model.Project; import org.dependencytrack.model.Tag; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -47,14 +46,11 @@ public class PolicyResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(PolicyResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(PolicyResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getPoliciesTest() { @@ -62,7 +58,7 @@ public void getPoliciesTest() { qm.createPolicy("policy" + i, Policy.Operator.ANY, Policy.ViolationState.INFO); } - final Response response = target(V1_POLICY) + final Response response = jersey.target(V1_POLICY) .request() .header(X_API_KEY, apiKey) .get(); @@ -80,7 +76,7 @@ public void getPoliciesTest() { public void getPolicyByUuidTest() { final Policy policy = qm.createPolicy("policy", Policy.Operator.ANY, Policy.ViolationState.INFO); - final Response response = target(V1_POLICY + "/" + policy.getUuid()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid()) .request() .header(X_API_KEY, apiKey) .get(); @@ -100,7 +96,7 @@ public void createPolicyTest() { policy.setOperator(Policy.Operator.ANY); policy.setViolationState(Policy.ViolationState.INFO); - final Response response = target(V1_POLICY) + final Response response = jersey.target(V1_POLICY) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(policy, MediaType.APPLICATION_JSON)); @@ -123,7 +119,7 @@ public void createPolicySpecifyOperatorAndViolationStateTest() { policy.setOperator(Policy.Operator.ALL); policy.setViolationState(Policy.ViolationState.FAIL); - final Response response = target(V1_POLICY) + final Response response = jersey.target(V1_POLICY) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(policy, MediaType.APPLICATION_JSON)); @@ -144,7 +140,7 @@ public void createPolicyUseDefaultValueTest() { final Policy policy = new Policy(); policy.setName("policy"); - final Response response = target(V1_POLICY) + final Response response = jersey.target(V1_POLICY) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(policy, MediaType.APPLICATION_JSON)); @@ -166,7 +162,7 @@ public void updatePolicyTest() { policy.setViolationState(Policy.ViolationState.FAIL); policy.setIncludeChildren(true); - final Response response = target(V1_POLICY) + final Response response = jersey.target(V1_POLICY) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(policy, MediaType.APPLICATION_JSON)); @@ -185,7 +181,7 @@ public void updatePolicyTest() { public void deletePolicyTest() { final Policy policy = qm.createPolicy("policy", Policy.Operator.ANY, Policy.ViolationState.INFO); - final Response response = target(V1_POLICY + "/" + policy.getUuid()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -218,7 +214,7 @@ public void deletePolicyCascadingTest() { qm.reconcilePolicyViolations(component, singletonList(violation)); - final Response response = target(V1_POLICY + "/" + policy.getUuid()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -233,7 +229,7 @@ public void addProjectToPolicyTest() { final Policy policy = qm.createPolicy("policy", Policy.Operator.ANY, Policy.ViolationState.INFO); final Project project = qm.createProject("Acme Application", null, null, null, null, null, true, false); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .post(null); @@ -253,7 +249,7 @@ public void addProjectToPolicyProjectAlreadyAddedTest() { policy.setProjects(singletonList(project)); qm.persist(policy); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .post(null); @@ -269,7 +265,7 @@ public void removeProjectFromPolicyTest() { policy.setProjects(singletonList(project)); qm.persist(policy); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -282,7 +278,7 @@ public void removeProjectFromPolicyProjectAlreadyRemovedTest() { final Policy policy = qm.createPolicy("policy", Policy.Operator.ANY, Policy.ViolationState.INFO); final Project project = qm.createProject("Acme Application", null, null, null, null, null, true, false); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/project/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -296,7 +292,7 @@ public void addTagToPolicyTest() { final Tag tag = qm.createTag("Policy Tag"); System.out.println("Tag being created is "+qm.getTagByName("Policy Tag")); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) .request() .header(X_API_KEY, apiKey) .post(null); @@ -316,7 +312,7 @@ public void addTagToPolicyTagAlreadyAddedTest() { policy.setTags(singletonList(tag)); qm.persist(policy); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) .request() .header(X_API_KEY, apiKey) .post(null); @@ -332,7 +328,7 @@ public void removeTagFromPolicyTest() { policy.setTags(singletonList(tag)); qm.persist(policy); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -345,7 +341,7 @@ public void removeTagFromPolicyTagDoesNotExistTest() { final Policy policy = qm.createPolicy("policy", Policy.Operator.ANY, Policy.ViolationState.INFO); final Tag tag = qm.createTag("Policy Tag"); - final Response response = target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) + final Response response = jersey.target(V1_POLICY + "/" + policy.getUuid() + "/tag/" + tag.getName()) .request() .header(X_API_KEY, apiKey) .delete(); diff --git a/src/test/java/org/dependencytrack/resources/v1/PolicyViolationResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/PolicyViolationResourceTest.java index cfc0464c3b..c78ca186e3 100644 --- a/src/test/java/org/dependencytrack/resources/v1/PolicyViolationResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/PolicyViolationResourceTest.java @@ -21,6 +21,7 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; import alpine.server.filters.AuthorizationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.auth.Permissions; import org.dependencytrack.model.Component; @@ -29,9 +30,7 @@ import org.dependencytrack.model.PolicyViolation; import org.dependencytrack.model.Project; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -45,15 +44,12 @@ public class PolicyViolationResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(PolicyViolationResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class) - .register(AuthorizationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(PolicyViolationResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class) + .register(AuthorizationFilter.class)); @Test public void getViolationsTest() { @@ -77,7 +73,7 @@ public void getViolationsTest() { violation.setTimestamp(new Date()); violation = qm.persist(violation); - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .request() .header(X_API_KEY, apiKey) .get(); @@ -99,7 +95,7 @@ public void getViolationsTest() { @Test public void getViolationsUnauthorizedTest() { - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .request() .header(X_API_KEY, apiKey) .get(); @@ -148,7 +144,7 @@ public void getViolationsByProjectTest() { } } - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .queryParam("searchText", "0") .path("/project/" + project.getUuid()) .request() @@ -207,7 +203,7 @@ public void getViolationsByProjectIssue2766() { qm.persist(violation); // Requesting violations for projectB must not yield violations for projectA. - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .path("/project/" + projectB.getUuid()) .request() .header(X_API_KEY, apiKey) @@ -221,7 +217,7 @@ public void getViolationsByProjectIssue2766() { @Test public void getViolationsByProjectUnauthorizedTest() { - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .path("/project/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) @@ -234,7 +230,7 @@ public void getViolationsByProjectUnauthorizedTest() { public void getViolationsByProjectNotFoundTest() { initializeWithPermissions(Permissions.VIEW_POLICY_VIOLATION); - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .path("/project/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) @@ -266,7 +262,7 @@ public void getViolationsByComponentTest() { violation.setTimestamp(new Date()); violation = qm.persist(violation); - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .path("/component/" + component.getUuid()) .request() .header(X_API_KEY, apiKey) @@ -288,7 +284,7 @@ public void getViolationsByComponentTest() { @Test public void getViolationsByComponentUnauthorizedTest() { - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .path("/component/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) @@ -301,7 +297,7 @@ public void getViolationsByComponentUnauthorizedTest() { public void getViolationsByComponentNotFoundTest() { initializeWithPermissions(Permissions.VIEW_POLICY_VIOLATION); - final Response response = target(V1_POLICY_VIOLATION) + final Response response = jersey.target(V1_POLICY_VIOLATION) .path("/component/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) diff --git a/src/test/java/org/dependencytrack/resources/v1/ProjectPropertyResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ProjectPropertyResourceTest.java index 399b6b7605..961b2d36c1 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ProjectPropertyResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ProjectPropertyResourceTest.java @@ -18,18 +18,17 @@ */ package org.dependencytrack.resources.v1; +import alpine.model.IConfigProperty; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; -import alpine.model.IConfigProperty; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Project; import org.dependencytrack.model.ProjectProperty; import org.glassfish.jersey.client.ClientProperties; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -41,21 +40,18 @@ public class ProjectPropertyResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(ProjectPropertyResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(ProjectPropertyResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getPropertiesTest() { Project project = qm.createProject("Acme Example", null, "1.0", null, null, null, true, false); qm.createProjectProperty(project, "mygroup", "prop1", "value1", IConfigProperty.PropertyType.STRING, "Test Property 1"); qm.createProjectProperty(project, "mygroup", "prop2", "value2", IConfigProperty.PropertyType.ENCRYPTEDSTRING, "Test Property 2"); - Response response = target(V1_PROJECT + "/" + project.getUuid().toString() + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + project.getUuid().toString() + "/property").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -77,7 +73,7 @@ public void getPropertiesTest() { @Test public void getPropertiesInvalidTest() { - Response response = target(V1_PROJECT + "/" + UUID.randomUUID().toString() + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + UUID.randomUUID().toString() + "/property").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -96,7 +92,7 @@ public void createPropertyTest() { property.setPropertyValue("value1"); property.setPropertyType(IConfigProperty.PropertyType.STRING); property.setDescription("Test Property 1"); - Response response = target(V1_PROJECT + "/" + project.getUuid().toString() + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + project.getUuid().toString() + "/property").request() .header(X_API_KEY, apiKey) .put(Entity.entity(property, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -119,7 +115,7 @@ public void createPropertyEncryptedTest() { property.setPropertyValue("value1"); property.setPropertyType(IConfigProperty.PropertyType.ENCRYPTEDSTRING); property.setDescription("Test Property 1"); - Response response = target(V1_PROJECT + "/" + project.getUuid().toString() + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + project.getUuid().toString() + "/property").request() .header(X_API_KEY, apiKey) .put(Entity.entity(property, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -145,7 +141,7 @@ public void createPropertyDuplicateTest() { property.setPropertyValue("value1"); property.setPropertyType(IConfigProperty.PropertyType.STRING); property.setDescription("Test Property 1"); - Response response = target(V1_PROJECT + "/" + uuid + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + uuid + "/property").request() .header(X_API_KEY, apiKey) .put(Entity.entity(property, MediaType.APPLICATION_JSON)); Assert.assertEquals(409, response.getStatus(), 0); @@ -164,7 +160,7 @@ public void createPropertyInvalidTest() { property.setPropertyValue("value1"); property.setPropertyType(IConfigProperty.PropertyType.STRING); property.setDescription("Test Property 1"); - Response response = target(V1_PROJECT + "/" + UUID.randomUUID() + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + UUID.randomUUID() + "/property").request() .header(X_API_KEY, apiKey) .put(Entity.entity(property, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -181,7 +177,7 @@ public void updatePropertyTest() { qm.getPersistenceManager().detachCopy(property); qm.close(); property.setPropertyValue("updatedValue"); - Response response = target(V1_PROJECT + "/" + uuid + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + uuid + "/property").request() .header(X_API_KEY, apiKey) .post(Entity.entity(property, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -203,7 +199,7 @@ public void updatePropertyInvalidTest() { property.setPropertyValue("value1"); property.setPropertyType(IConfigProperty.PropertyType.STRING); property.setDescription("Test Property 1"); - Response response = target(V1_PROJECT + "/" + UUID.randomUUID().toString() + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + UUID.randomUUID().toString() + "/property").request() .header(X_API_KEY, apiKey) .post(Entity.entity(property, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -219,7 +215,7 @@ public void deletePropertyTest() { String uuid = project.getUuid().toString(); qm.getPersistenceManager().detachCopy(property); qm.close(); - Response response = target(V1_PROJECT + "/" + uuid + "/property").request() + Response response = jersey.target(V1_PROJECT + "/" + uuid + "/property").request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK .method("DELETE", Entity.entity(property, MediaType.APPLICATION_JSON)); // HACK diff --git a/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java index b3dc5852d9..dd3229bb7a 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java @@ -24,6 +24,7 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; import org.cyclonedx.model.ExternalReference.Type; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.event.CloneProjectEvent; import org.dependencytrack.model.Analysis; @@ -45,12 +46,10 @@ import org.dependencytrack.tasks.scanners.AnalyzerIdentity; import org.glassfish.jersey.client.HttpUrlConnectorProvider; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.hamcrest.CoreMatchers; import org.junit.After; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.Json; @@ -74,20 +73,17 @@ public class ProjectResourceTest extends ResourceTest { - @After - public void tearDown() throws Exception { - EventService.getInstance().unsubscribe(CloneProjectTask.class); - - super.tearDown(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(ProjectResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); + @After @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(ProjectResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); + public void after() throws Exception { + EventService.getInstance().unsubscribe(CloneProjectTask.class); + super.after(); } @Test @@ -95,7 +91,7 @@ public void getProjectsDefaultRequestTest() { for (int i=0; i<1000; i++) { qm.createProject("Acme Example", null, String.valueOf(i), null, null, null, true, false); } - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -127,7 +123,7 @@ public void getProjectsWithAclEnabledTest() { // Create a second project that the current principal has no access to. qm.createProject("acme-app-b", null, "2.0.0", null, null, null, true, false); - final Response response = target(V1_PROJECT) + final Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -145,7 +141,7 @@ public void getProjectsByNameRequestTest() { for (int i=0; i<1000; i++) { qm.createProject("Acme Example", null, String.valueOf(i), null, null, null, true, false); } - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .queryParam("name", "Acme Example") .request() .header(X_API_KEY, apiKey) @@ -164,7 +160,7 @@ public void getProjectsByInvalidNameRequestTest() { for (int i=0; i<1000; i++) { qm.createProject("Acme Example", null, String.valueOf(i), null, null, null, true, false); } - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .queryParam("name", "blah") .request() .header(X_API_KEY, apiKey) @@ -184,7 +180,7 @@ public void getProjectsByNameActiveOnlyRequestTest() { for (int i=500; i<1000; i++) { qm.createProject("Acme Example", null, String.valueOf(i), null, null, null, false, false); } - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .queryParam("name", "Acme Example") .queryParam("excludeInactive", "true") .request() @@ -202,7 +198,7 @@ public void getProjectLookupTest() { for (int i=0; i<500; i++) { qm.createProject("Acme Example", null, String.valueOf(i), null, null, null, false, false); } - Response response = target(V1_PROJECT+"/lookup") + Response response = jersey.target(V1_PROJECT+"/lookup") .queryParam("name", "Acme Example") .queryParam("version", "10") .request() @@ -224,7 +220,7 @@ public void getProjectLookupTest() { public void getProjectsAscOrderedRequestTest() { qm.createProject("ABC", null, "1.0", null, null, null, true, false); qm.createProject("DEF", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .queryParam(ORDER_BY, "name") .queryParam(SORT, SORT_ASC) .request() @@ -241,7 +237,7 @@ public void getProjectsAscOrderedRequestTest() { public void getProjectsDescOrderedRequestTest() { qm.createProject("ABC", null, "1.0", null, null, null, true, false); qm.createProject("DEF", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .queryParam(ORDER_BY, "name") .queryParam(SORT, SORT_DESC) .request() @@ -257,7 +253,7 @@ public void getProjectsDescOrderedRequestTest() { @Test public void getProjectByUuidTest() { Project project = qm.createProject("ABC", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT + "/" + project.getUuid()) + Response response = jersey.target(V1_PROJECT + "/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -274,7 +270,7 @@ public void getProjectByUuidTest() { @Test public void getProjectByInvalidUuidTest() { qm.createProject("ABC", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT + "/" + UUID.randomUUID()) + Response response = jersey.target(V1_PROJECT + "/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -291,7 +287,7 @@ public void getProjectByTagTest() { tags.add(tag); qm.createProject("ABC", null, "1.0", tags, null, null, true, false); qm.createProject("DEF", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT + "/tag/" + "production") + Response response = jersey.target(V1_PROJECT + "/tag/" + "production") .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -309,7 +305,7 @@ public void getProjectByCaseInsensitiveTagTest() { tags.add(tag); qm.createProject("ABC", null, "1.0", tags, null, null, true, false); qm.createProject("DEF", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT + "/tag/" + "production") + Response response = jersey.target(V1_PROJECT + "/tag/" + "production") .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -327,7 +323,7 @@ public void getProjectByUnknownTagTest() { tags.add(tag); qm.createProject("ABC", null, "1.0", tags, null, null, true, false); qm.createProject("DEF", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT + "/tag/" + "stable") + Response response = jersey.target(V1_PROJECT + "/tag/" + "stable") .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -344,7 +340,7 @@ public void createProjectTest(){ project.setName("Acme Example"); project.setVersion("1.0"); project.setDescription("Test project"); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -363,12 +359,12 @@ public void createProjectDuplicateTest() { Project project = new Project(); project.setName("Acme Example"); project.setVersion("1.0"); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(project, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); - response = target(V1_PROJECT) + response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -381,12 +377,12 @@ public void createProjectDuplicateTest() { public void createProjectWithoutVersionDuplicateTest() { Project project = new Project(); project.setName("Acme Example"); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(project, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); - response = target(V1_PROJECT) + response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -399,7 +395,7 @@ public void createProjectWithoutVersionDuplicateTest() { public void createProjectEmptyTest() { Project project = new Project(); project.setName(" "); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -410,7 +406,7 @@ public void createProjectEmptyTest() { public void updateProjectTest() { Project project = qm.createProject("ABC", null, "1.0", null, null, null, true, false); project.setDescription("Test project"); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -428,7 +424,7 @@ public void updateProjectTestIsActiveEqualsNull() { project.setDescription("Test project"); project.setActive(null); Assert.assertNull(project.isActive()); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -456,7 +452,7 @@ public void updateProjectTagsTest() { }).collect(Collectors.toList())); // update the 1st time and add another tag - var response = target(V1_PROJECT) + var response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(jsonProject, MediaType.APPLICATION_JSON)); @@ -473,7 +469,7 @@ public void updateProjectTagsTest() { Assert.assertEquals("tag3", jsonTags.get(2).asJsonObject().getString("name")); // and update again with the same tags ... issue #1165 - response = target(V1_PROJECT) + response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(jsonProject, MediaType.APPLICATION_JSON)); @@ -486,7 +482,7 @@ public void updateProjectTagsTest() { // and finally delete one of the tags jsonProject.getTags().remove(0); - response = target(V1_PROJECT) + response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(jsonProject, MediaType.APPLICATION_JSON)); @@ -501,7 +497,7 @@ public void updateProjectTagsTest() { public void updateProjectEmptyNameTest() { Project project = qm.createProject("ABC", null, "1.0", null, null, null, true, false); project.setName(" "); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -513,7 +509,7 @@ public void updateProjectDuplicateTest() { qm.createProject("ABC", null, "1.0", null, null, null, true, false); Project project = qm.createProject("DEF", null, "1.0", null, null, null, true, false); project.setName("ABC"); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .request() .header(X_API_KEY, apiKey) .post(Entity.entity(project, MediaType.APPLICATION_JSON)); @@ -525,7 +521,7 @@ public void updateProjectDuplicateTest() { @Test public void deleteProjectTest() { Project project = qm.createProject("ABC", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT + "/" + project.getUuid().toString()) + Response response = jersey.target(V1_PROJECT + "/" + project.getUuid().toString()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -535,7 +531,7 @@ public void deleteProjectTest() { @Test public void deleteProjectInvalidUuidTest() { qm.createProject("ABC", null, "1.0", null, null, null, true, false); - Response response = target(V1_PROJECT + "/" + UUID.randomUUID().toString()) + Response response = jersey.target(V1_PROJECT + "/" + UUID.randomUUID().toString()) .request() .header(X_API_KEY, apiKey) .delete(); @@ -549,7 +545,7 @@ public void patchProjectNotModifiedTest() { final var jsonProject = new Project(); jsonProject.setDescription(p1.getDescription()); - final var response = target(V1_PROJECT + "/" + p1.getUuid()) + final var response = jersey.target(V1_PROJECT + "/" + p1.getUuid()) .request() .header(X_API_KEY, apiKey) .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) @@ -565,7 +561,7 @@ public void patchProjectNameVersionConflictTest() { qm.createProject("ABC", "Test project", "0.9", null, null, null, false, false); final var jsonProject = new Project(); jsonProject.setVersion("0.9"); - final var response = target(V1_PROJECT + "/" + p1.getUuid()) + final var response = jersey.target(V1_PROJECT + "/" + p1.getUuid()) .request() .header(X_API_KEY, apiKey) .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) @@ -576,7 +572,7 @@ public void patchProjectNameVersionConflictTest() { @Test public void patchProjectNotFoundTest() { - final var response = target(V1_PROJECT + "/" + UUID.randomUUID()) + final var response = jersey.target(V1_PROJECT + "/" + UUID.randomUUID()) .request() .header(X_API_KEY, apiKey) .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) @@ -626,7 +622,7 @@ public void patchProjectSuccessfullyPatchedTest() { jsonProjectSupplier.setUrls(new String[]{"https://supplier.example.com"}); jsonProjectSupplier.setContacts(List.of(jsonProjectSupplierContact)); jsonProject.setSupplier(jsonProjectSupplier); - final var response = target(V1_PROJECT + "/" + p1.getUuid()) + final var response = jersey.target(V1_PROJECT + "/" + p1.getUuid()) .request() .header(X_API_KEY, apiKey) .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) @@ -688,7 +684,7 @@ public void patchProjectExternalReferencesTest() { final var jsonProject = new Project(); jsonProject.setExternalReferences(externalReferences); - final var response = target(V1_PROJECT + "/" + project.getUuid()) + final var response = jersey.target(V1_PROJECT + "/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) @@ -718,7 +714,7 @@ public void patchProjectParentTest() { .add("uuid", newParent.getUuid().toString())) .build(); - final Response response = target(V1_PROJECT + "/" + project.getUuid()) + final Response response = jersey.target(V1_PROJECT + "/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) @@ -761,7 +757,7 @@ public void patchProjectParentNotFoundTest() { .add("uuid", UUID.randomUUID().toString())) .build(); - final Response response = target(V1_PROJECT + "/" + project.getUuid()) + final Response response = jersey.target(V1_PROJECT + "/" + project.getUuid()) .request() .header(X_API_KEY, apiKey) .property(HttpUrlConnectorProvider.SET_METHOD_WORKAROUND, true) @@ -781,7 +777,7 @@ public void getRootProjectsTest() { Project parent = qm.createProject("ABC", null, "1.0", null, null, null, true, false); Project child = qm.createProject("DEF", null, "1.0", null, parent, null, true, false); qm.createProject("GHI", null, "1.0", null, child, null, true, false); - Response response = target(V1_PROJECT) + Response response = jersey.target(V1_PROJECT) .queryParam("onlyRoot", true) .request() .header(X_API_KEY, apiKey) @@ -800,7 +796,7 @@ public void getChildrenProjectsTest() { Project child = qm.createProject("DEF", null, "1.0", null, parent, null, true, false); qm.createProject("GHI", null, "1.0", null, parent, null, true, false); qm.createProject("JKL", null, "1.0", null, child, null, true, false); - Response response = target(V1_PROJECT + "/" + parent.getUuid().toString() + "/children") + Response response = jersey.target(V1_PROJECT + "/" + parent.getUuid().toString() + "/children") .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -862,7 +858,7 @@ public void getProjectsWithoutDescendantsOfTest() { Project child = qm.createProject("GHI", null, "1.0", null, parent, null, true, false); qm.createProject("JKL", null, "1.0", null, child, null, true, false); - Response response = target(V1_PROJECT + "/withoutDescendantsOf/" + parent.getUuid()) + Response response = jersey.target(V1_PROJECT + "/withoutDescendantsOf/" + parent.getUuid()) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -934,7 +930,7 @@ public void cloneProjectTest() { AnalysisJustification.REQUIRES_ENVIRONMENT, AnalysisResponse.WILL_NOT_FIX, "details", false); qm.makeAnalysisComment(analysis, "comment", "commenter"); - final Response response = target("%s/clone".formatted(V1_PROJECT)).request() + final Response response = jersey.target("%s/clone".formatted(V1_PROJECT)).request() .header(X_API_KEY, apiKey) .put(Entity.json(""" { @@ -1022,7 +1018,7 @@ public void cloneProjectConflictTest() { project.setVersion("1.0.0"); qm.persist(project); - final Response response = target("%s/clone".formatted(V1_PROJECT)).request() + final Response response = jersey.target("%s/clone".formatted(V1_PROJECT)).request() .header(X_API_KEY, apiKey) .put(Entity.json(""" { @@ -1056,7 +1052,7 @@ public void cloneProjectWithAclTest() { noAccessProject.setVersion("2.0.0"); qm.persist(noAccessProject); - Response response = target("%s/clone".formatted(V1_PROJECT)).request() + Response response = jersey.target("%s/clone".formatted(V1_PROJECT)).request() .header(X_API_KEY, apiKey) .put(Entity.json(""" { @@ -1067,7 +1063,7 @@ public void cloneProjectWithAclTest() { assertThat(response.getStatus()).isEqualTo(403); assertThat(getPlainTextBody(response)).isEqualTo("Access to the specified project is forbidden"); - response = target("%s/clone".formatted(V1_PROJECT)).request() + response = jersey.target("%s/clone".formatted(V1_PROJECT)).request() .header(X_API_KEY, apiKey) .put(Entity.json(""" { diff --git a/src/test/java/org/dependencytrack/resources/v1/RepositoryResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/RepositoryResourceTest.java index 0de81d2f4b..a45b559c60 100644 --- a/src/test/java/org/dependencytrack/resources/v1/RepositoryResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/RepositoryResourceTest.java @@ -20,6 +20,7 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Repository; import org.dependencytrack.model.RepositoryMetaComponent; @@ -27,11 +28,9 @@ import org.dependencytrack.persistence.DefaultObjectGenerator; import org.dependencytrack.persistence.QueryManager; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -44,25 +43,22 @@ public class RepositoryResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(RepositoryResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(RepositoryResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Before public void before() throws Exception { super.before(); - DefaultObjectGenerator generator = new DefaultObjectGenerator(); - generator.contextInitialized(null); + final var generator = new DefaultObjectGenerator(); + generator.loadDefaultRepositories(); } @Test public void getRepositoriesTest() { - Response response = target(V1_REPOSITORY).request() + Response response = jersey.target(V1_REPOSITORY).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -81,7 +77,7 @@ public void getRepositoriesTest() { @Test public void getRepositoriesByTypeTest() { - Response response = target(V1_REPOSITORY + "/MAVEN").request() + Response response = jersey.target(V1_REPOSITORY + "/MAVEN").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -108,7 +104,7 @@ public void getRepositoryMetaComponentTest() { meta.setLatestVersion("2.0.0"); meta.setRepositoryType(RepositoryType.MAVEN); qm.persist(meta); - Response response = target(V1_REPOSITORY + "/latest") + Response response = jersey.target(V1_REPOSITORY + "/latest") .queryParam("purl", "pkg:/maven/org.acme/example-component@1.0.0") .request() .header(X_API_KEY, apiKey) @@ -134,7 +130,7 @@ public void getRepositoryMetaComponentInvalidRepoTypeTest() { meta.setLatestVersion("2.0.0"); meta.setRepositoryType(RepositoryType.MAVEN); qm.persist(meta); - Response response = target(V1_REPOSITORY + "/latest") + Response response = jersey.target(V1_REPOSITORY + "/latest") .queryParam("purl", "pkg:/generic/org.acme/example-component@1.0.0") .request() .header(X_API_KEY, apiKey) @@ -153,7 +149,7 @@ public void getRepositoryMetaComponentInvalidPurlTest() { meta.setLatestVersion("2.0.0"); meta.setRepositoryType(RepositoryType.MAVEN); qm.persist(meta); - Response response = target(V1_REPOSITORY + "/latest") + Response response = jersey.target(V1_REPOSITORY + "/latest") .queryParam("purl", "g:/g/g/g") .request() .header(X_API_KEY, apiKey) @@ -164,7 +160,7 @@ public void getRepositoryMetaComponentInvalidPurlTest() { @Test public void getRepositoryMetaUntrackedComponentTest() { - Response response = target(V1_REPOSITORY + "/latest") + Response response = jersey.target(V1_REPOSITORY + "/latest") .queryParam("purl", "pkg:/maven/org.acme/example-component@1.0.0") .request() .header(X_API_KEY, apiKey) @@ -187,12 +183,12 @@ public void createRepositoryTest() { repository.setIdentifier("test"); repository.setUrl("www.foobar.com"); repository.setType(RepositoryType.MAVEN); - Response response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) + Response response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) .put(Entity.entity(repository, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus()); - response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey).get(Response.class); + response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals(String.valueOf(16), response.getHeaderString(TOTAL_COUNT_HEADER)); JsonArray json = parseJsonArray(response); @@ -219,12 +215,12 @@ public void createNonInternalRepositoryTest() { repository.setUrl("www.foobar.com"); repository.setType(RepositoryType.MAVEN); RepositoryResource repositoryResource = new RepositoryResource(); - Response response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) + Response response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) .put(Entity.entity(repository, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus()); - response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey).get(Response.class); + response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals(String.valueOf(16), response.getHeaderString(TOTAL_COUNT_HEADER)); JsonArray json = parseJsonArray(response); @@ -249,12 +245,12 @@ public void createRepositoryAuthFalseTest() { repository.setIdentifier("test"); repository.setUrl("www.foobar.com"); repository.setType(RepositoryType.MAVEN); - Response response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) + Response response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) .put(Entity.entity(repository, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus()); - response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey).get(Response.class); + response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertEquals(String.valueOf(16), response.getHeaderString(TOTAL_COUNT_HEADER)); JsonArray json = parseJsonArray(response); @@ -280,7 +276,7 @@ public void updateRepositoryTest() throws Exception { repository.setIdentifier("test"); repository.setUrl("www.foobar.com"); repository.setType(RepositoryType.MAVEN); - Response response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) + Response response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) .put(Entity.entity(repository, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus()); try (QueryManager qm = new QueryManager()) { @@ -288,7 +284,7 @@ public void updateRepositoryTest() throws Exception { for (Repository repository1 : repositoryList) { if (repository1.getIdentifier().equals("test")) { repository1.setAuthenticationRequired(false); - response = target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) + response = jersey.target(V1_REPOSITORY).request().header(X_API_KEY, apiKey) .post(Entity.entity(repository1, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus()); break; diff --git a/src/test/java/org/dependencytrack/resources/v1/SearchResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/SearchResourceTest.java index 9cf1cdb47f..9a3142dacc 100644 --- a/src/test/java/org/dependencytrack/resources/v1/SearchResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/SearchResourceTest.java @@ -23,18 +23,17 @@ import alpine.event.framework.Subscriber; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.event.IndexEvent; import org.dependencytrack.model.License; import org.dependencytrack.model.Vulnerability; import org.dependencytrack.search.IndexManager; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.After; import org.junit.Assert; import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonObject; @@ -47,14 +46,11 @@ public class SearchResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(SearchResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(SearchResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); private static final ConcurrentLinkedQueue EVENTS = new ConcurrentLinkedQueue<>(); @@ -68,23 +64,24 @@ public void inform(final Event event) { } @Before - public void setUp() throws Exception { - super.setUp(); + @Override + public void before() throws Exception { + super.before(); SingleThreadedEventService.getInstance().subscribe(IndexEvent.class, EventSubscriber.class); } @After - public void tearDown() throws Exception { - super.tearDown(); - + @Override + public void after() throws Exception { SingleThreadedEventService.getInstance().unsubscribe(EventSubscriber.class); EVENTS.clear(); + super.after(); } @Test public void searchTest() { - Response response = target(V1_SEARCH).queryParam("query", "tomcat").request() + Response response = jersey.target(V1_SEARCH).queryParam("query", "tomcat").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -95,7 +92,7 @@ public void searchTest() { @Test public void searchProjectTest() { - Response response = target(V1_SEARCH + "/project").queryParam("query", "acme").request() + Response response = jersey.target(V1_SEARCH + "/project").queryParam("query", "acme").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -106,7 +103,7 @@ public void searchProjectTest() { @Test public void searchComponentTest() { - Response response = target(V1_SEARCH + "/component").queryParam("query", "bootstrap").request() + Response response = jersey.target(V1_SEARCH + "/component").queryParam("query", "bootstrap").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -117,7 +114,7 @@ public void searchComponentTest() { @Test public void searchServiceComponentTest() { - Response response = target(V1_SEARCH + "/service").queryParam("query", "stock-ticker").request() + Response response = jersey.target(V1_SEARCH + "/service").queryParam("query", "stock-ticker").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -128,7 +125,7 @@ public void searchServiceComponentTest() { @Test public void searchLicenseTest() { - Response response = target(V1_SEARCH + "/license").queryParam("query", "Apache").request() + Response response = jersey.target(V1_SEARCH + "/license").queryParam("query", "Apache").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -139,7 +136,7 @@ public void searchLicenseTest() { @Test public void searchVulnerabilityTest() { - Response response = target(V1_SEARCH + "/vulnerability").queryParam("query", "CVE-2020").request() + Response response = jersey.target(V1_SEARCH + "/vulnerability").queryParam("query", "CVE-2020").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -150,7 +147,7 @@ public void searchVulnerabilityTest() { @Test public void reindexWithBadIndexTypes() { - Response response = target(V1_SEARCH + "/reindex").queryParam("type", "BAD_TYPE_1", "BAD_TYPE_2").request() + Response response = jersey.target(V1_SEARCH + "/reindex").queryParam("type", "BAD_TYPE_1", "BAD_TYPE_2").request() .header(X_API_KEY, apiKey) .post(null, Response.class); Assert.assertEquals(400, response.getStatus(), 0); @@ -161,7 +158,7 @@ public void reindexWithBadIndexTypes() { @Test public void reindexWithMixedIndexTypes() { - Response response = target(V1_SEARCH + "/reindex").queryParam("type", "BAD_TYPE_1", IndexManager.IndexType.VULNERABILITY.name(), IndexManager.IndexType.LICENSE).request() + Response response = jersey.target(V1_SEARCH + "/reindex").queryParam("type", "BAD_TYPE_1", IndexManager.IndexType.VULNERABILITY.name(), IndexManager.IndexType.LICENSE).request() .header(X_API_KEY, apiKey) .post(null, Response.class); Assert.assertEquals(200, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/TagResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/TagResourceTest.java index f4851a82f0..f417caabc8 100644 --- a/src/test/java/org/dependencytrack/resources/v1/TagResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/TagResourceTest.java @@ -2,13 +2,12 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Policy; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -17,14 +16,11 @@ public class TagResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(TagResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(TagResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getAllTagsWithOrderingTest() { @@ -35,7 +31,7 @@ public void getAllTagsWithOrderingTest() { qm.createProject("Project B", null, "1", List.of(qm.getTagByName("Tag 2"), qm.getTagByName("Tag 3"), qm.getTagByName("Tag 4")), null, null, true, false); Policy policy = qm.createPolicy("Test Policy", Policy.Operator.ANY, Policy.ViolationState.INFO); - Response response = target(V1_TAG + "/" + policy.getUuid()) + Response response = jersey.target(V1_TAG + "/" + policy.getUuid()) .request() .header(X_API_KEY, apiKey) .get(); @@ -60,7 +56,7 @@ public void getTagsWithPolicyProjectsFilterTest() { Policy policy = qm.createPolicy("Test Policy", Policy.Operator.ANY, Policy.ViolationState.INFO); policy.setProjects(List.of(qm.getProject("Project A", "1"), qm.getProject("Project C", "1"))); - Response response = target(V1_TAG + "/" + policy.getUuid()) + Response response = jersey.target(V1_TAG + "/" + policy.getUuid()) .request() .header(X_API_KEY, apiKey) .get(); diff --git a/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java index 2ef8b62f95..784797cb4f 100644 --- a/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/TeamResourceTest.java @@ -21,19 +21,20 @@ import alpine.common.util.UuidUtil; import alpine.model.ApiKey; import alpine.model.ConfigProperty; +import alpine.model.ManagedUser; import alpine.model.Team; +import alpine.server.auth.JsonWebToken; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.auth.Permissions; import org.dependencytrack.model.ConfigPropertyConstants; import org.dependencytrack.model.Project; import org.glassfish.jersey.client.ClientProperties; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -49,21 +50,18 @@ public class TeamResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(TeamResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(TeamResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getTeamsTest() { for (int i=0; i<1000; i++) { qm.createTeam("Team " + i, false); } - Response response = target(V1_TEAM).request() + Response response = jersey.target(V1_TEAM).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -77,7 +75,7 @@ public void getTeamsTest() { @Test public void getTeamTest() { Team team = qm.createTeam("ABC", false); - Response response = target(V1_TEAM + "/" + team.getUuid()) + Response response = jersey.target(V1_TEAM + "/" + team.getUuid()) .request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); Assert.assertNull(response.getHeaderString(TOTAL_COUNT_HEADER)); @@ -88,7 +86,7 @@ public void getTeamTest() { @Test public void getTeamByInvalidUuidTest() { - Response response = target(V1_TEAM + "/" + UUID.randomUUID()) + Response response = jersey.target(V1_TEAM + "/" + UUID.randomUUID()) .request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); Assert.assertNull(response.getHeaderString(TOTAL_COUNT_HEADER)); @@ -99,7 +97,7 @@ public void getTeamByInvalidUuidTest() { @Test public void getTeamSelfTest() { initializeWithPermissions(Permissions.BOM_UPLOAD, Permissions.PROJECT_CREATION_UPLOAD); - var response = target(V1_TEAM + "/self").request().header(X_API_KEY, apiKey).get(Response.class); + var response = jersey.target(V1_TEAM + "/self").request().header(X_API_KEY, apiKey).get(Response.class); Assert.assertEquals(200, response.getStatus()); final var json = parseJsonObject(response); Assert.assertEquals(team.getName(), json.getString("name")); @@ -110,15 +108,17 @@ public void getTeamSelfTest() { Assert.assertEquals(Permissions.PROJECT_CREATION_UPLOAD.toString(), permissions.get(1).asJsonObject().getString("name")); // missing api-key - response = target(V1_TEAM + "/self").request().get(Response.class); + response = jersey.target(V1_TEAM + "/self").request().get(Response.class); Assert.assertEquals(401, response.getStatus()); // wrong api-key - response = target(V1_TEAM + "/self").request().header(X_API_KEY, "5ce9b8a5-5f18-4c1f-9eda-1611b83e8915").get(Response.class); + response = jersey.target(V1_TEAM + "/self").request().header(X_API_KEY, "5ce9b8a5-5f18-4c1f-9eda-1611b83e8915").get(Response.class); Assert.assertEquals(401, response.getStatus()); // not an api-key - response = target(V1_TEAM + "/self").request().header("Authorization", "Bearer " + jwt).get(Response.class); + final ManagedUser testUser = qm.createManagedUser("testuser", TEST_USER_PASSWORD_HASH); + final String jwt = new JsonWebToken().createToken(testUser); + response = jersey.target(V1_TEAM + "/self").request().header("Authorization", "Bearer " + jwt).get(Response.class); Assert.assertEquals(400, response.getStatus()); } @@ -126,7 +126,7 @@ public void getTeamSelfTest() { public void createTeamTest() { Team team = new Team(); team.setName("My Team"); - Response response = target(V1_TEAM).request() + Response response = jersey.target(V1_TEAM).request() .header(X_API_KEY, apiKey) .put(Entity.entity(team, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -141,7 +141,7 @@ public void createTeamTest() { public void updateTeamTest() { Team team = qm.createTeam("My Team", false); team.setName("My New Teams Name"); - Response response = target(V1_TEAM).request() + Response response = jersey.target(V1_TEAM).request() .header(X_API_KEY, apiKey) .post(Entity.entity(team, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -154,7 +154,7 @@ public void updateTeamTest() { public void updateTeamEmptyNameTest() { Team team = qm.createTeam("My Team", false); team.setName(" "); - Response response = target(V1_TEAM).request() + Response response = jersey.target(V1_TEAM).request() .header(X_API_KEY, apiKey) .post(Entity.entity(team, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -165,7 +165,7 @@ public void updateTeamInvalidTest() { Team team = new Team(); team.setName("My Team"); team.setUuid(UUID.randomUUID()); - Response response = target(V1_TEAM).request() + Response response = jersey.target(V1_TEAM).request() .header(X_API_KEY, apiKey) .post(Entity.entity(team, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -177,7 +177,7 @@ public void updateTeamInvalidTest() { @Test public void deleteTeamTest() { Team team = qm.createTeam("My Team", false); - Response response = target(V1_TEAM).request() + Response response = jersey.target(V1_TEAM).request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK .method("DELETE", Entity.entity(team, MediaType.APPLICATION_JSON)); // HACK @@ -198,7 +198,7 @@ public void deleteTeamWithAclTest() { Project project = qm.createProject("Acme Example", null, "1", null, null, null, true, false); project.addAccessTeam(team); qm.persist(project); - Response response = target(V1_TEAM).request() + Response response = jersey.target(V1_TEAM).request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK .method("DELETE", Entity.entity(team, MediaType.APPLICATION_JSON)); // HACK @@ -210,7 +210,7 @@ public void deleteTeamWithAclTest() { public void generateApiKeyTest() { Team team = qm.createTeam("My Team", false); Assert.assertEquals(0, team.getApiKeys().size()); - Response response = target(V1_TEAM + "/" + team.getUuid().toString() + "/key").request() + Response response = jersey.target(V1_TEAM + "/" + team.getUuid().toString() + "/key").request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) .put(Entity.entity(null, MediaType.APPLICATION_JSON)); @@ -221,7 +221,7 @@ public void generateApiKeyTest() { @Test public void generateApiKeyInvalidTest() { - Response response = target(V1_TEAM + "/" + UUID.randomUUID().toString() + "/key").request() + Response response = jersey.target(V1_TEAM + "/" + UUID.randomUUID().toString() + "/key").request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) .put(Entity.entity(null, MediaType.APPLICATION_JSON)); @@ -235,7 +235,7 @@ public void generateApiKeyInvalidTest() { public void regenerateApiKeyTest() { Team team = qm.createTeam("My Team", true); Assert.assertEquals(1, team.getApiKeys().size()); - Response response = target(V1_TEAM + "/key/" + team.getApiKeys().get(0).getKey()).request() + Response response = jersey.target(V1_TEAM + "/key/" + team.getApiKeys().get(0).getKey()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -247,7 +247,7 @@ public void regenerateApiKeyTest() { @Test public void regenerateApiKeyInvalidTest() { - Response response = target(V1_TEAM + "/key/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_TEAM + "/key/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -260,7 +260,7 @@ public void regenerateApiKeyInvalidTest() { public void deleteApiKeyTest() { Team team = qm.createTeam("My Team", true); Assert.assertEquals(1, team.getApiKeys().size()); - Response response = target(V1_TEAM + "/key/" + team.getApiKeys().get(0).getKey()).request() + Response response = jersey.target(V1_TEAM + "/key/" + team.getApiKeys().get(0).getKey()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(204, response.getStatus(), 0); @@ -268,7 +268,7 @@ public void deleteApiKeyTest() { @Test public void deleteApiKeyInvalidTest() { - Response response = target(V1_TEAM + "/key/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_TEAM + "/key/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -286,7 +286,7 @@ public void updateApiKeyCommentTest() { assertThat(apiKey.getLastUsed()).isNull(); assertThat(apiKey.getComment()).isNull(); - final Response response = target("%s/key/%s/comment".formatted(V1_TEAM, apiKey.getKey())).request() + final Response response = jersey.target("%s/key/%s/comment".formatted(V1_TEAM, apiKey.getKey())).request() .header(X_API_KEY, this.apiKey) .post(Entity.entity("Some comment 123", MediaType.TEXT_PLAIN)); @@ -307,7 +307,7 @@ public void updateApiKeyCommentTest() { @Test public void updateApiKeyCommentNotFoundTest() { - final Response response = target("%s/key/does-not-exist/comment".formatted(V1_TEAM)).request() + final Response response = jersey.target("%s/key/does-not-exist/comment".formatted(V1_TEAM)).request() .header(X_API_KEY, this.apiKey) .post(Entity.entity("Some comment 123", MediaType.TEXT_PLAIN)); diff --git a/src/test/java/org/dependencytrack/resources/v1/UserResourceAuthenticatedTest.java b/src/test/java/org/dependencytrack/resources/v1/UserResourceAuthenticatedTest.java index b7c8b2f80c..dfdd39df10 100644 --- a/src/test/java/org/dependencytrack/resources/v1/UserResourceAuthenticatedTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/UserResourceAuthenticatedTest.java @@ -18,21 +18,21 @@ */ package org.dependencytrack.resources.v1; -import alpine.server.filters.ApiFilter; -import alpine.server.filters.AuthenticationFilter; import alpine.model.LdapUser; import alpine.model.ManagedUser; import alpine.model.OidcUser; import alpine.model.Team; -import alpine.server.auth.PasswordService; +import alpine.server.auth.JsonWebToken; +import alpine.server.filters.ApiFilter; +import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.IdentifiableObject; import org.glassfish.jersey.client.ClientProperties; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.json.JsonArray; @@ -44,22 +44,29 @@ public class UserResourceAuthenticatedTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(UserResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(UserResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); + + private ManagedUser testUser; + private String jwt; + + @Before + public void before() throws Exception { + super.before(); + testUser = qm.createManagedUser("testuser", TEST_USER_PASSWORD_HASH); + this.jwt = new JsonWebToken().createToken(testUser); + qm.addUserToTeam(testUser, team); } @Test public void getManagedUsersTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); for (int i=0; i<1000; i++) { - qm.createManagedUser("managed-user-" + i, hashedPassword); + qm.createManagedUser("managed-user-" + i, TEST_USER_PASSWORD_HASH); } - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -75,7 +82,7 @@ public void getLdapUsersTest() { for (int i=0; i<1000; i++) { qm.createLdapUser("ldap-user-" + i); } - Response response = target(V1_USER + "/ldap").request() + Response response = jersey.target(V1_USER + "/ldap").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -88,7 +95,7 @@ public void getLdapUsersTest() { @Test public void getSelfTest() { - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header("Authorization", "Bearer " + jwt) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -100,7 +107,7 @@ public void getSelfTest() { @Test public void getSelfNonUserTest() { - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(401, response.getStatus(), 0); @@ -112,7 +119,7 @@ public void updateSelfTest() { user.setUsername(testUser.getUsername()); user.setFullname("Captain BlackBeard"); user.setEmail("blackbeard@example.com"); - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -129,7 +136,7 @@ public void updateSelfInvalidFullnameTest() { user.setUsername(testUser.getUsername()); user.setFullname(""); user.setEmail("blackbeard@example.com"); - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -143,7 +150,7 @@ public void updateSelfInvalidEmailTest() { user.setUsername(testUser.getUsername()); user.setFullname("Captain BlackBeard"); user.setEmail(""); - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -155,7 +162,7 @@ public void updateSelfInvalidEmailTest() { public void updateSelfUnauthorizedTest() { ManagedUser user = new ManagedUser(); user.setUsername(testUser.getUsername()); - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header(X_API_KEY, apiKey) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(401, response.getStatus(), 0); @@ -169,7 +176,7 @@ public void updateSelfPasswordsTest() { user.setEmail("blackbeard@example.com"); user.setNewPassword("newPassword"); user.setConfirmPassword("newPassword"); - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -188,7 +195,7 @@ public void updateSelfPasswordMismatchTest() { user.setEmail("blackbeard@example.com"); user.setNewPassword("newPassword"); user.setConfirmPassword("blah"); - Response response = target(V1_USER + "/self").request() + Response response = jersey.target(V1_USER + "/self").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -200,7 +207,7 @@ public void updateSelfPasswordMismatchTest() { public void createLdapUserTest() { LdapUser user = new LdapUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/ldap").request() + Response response = jersey.target(V1_USER + "/ldap").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -214,7 +221,7 @@ public void createLdapUserTest() { public void createLdapUserInvalidUsernameTest() { LdapUser user = new LdapUser(); user.setUsername(""); - Response response = target(V1_USER + "/ldap").request() + Response response = jersey.target(V1_USER + "/ldap").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -227,7 +234,7 @@ public void createLdapUserDuplicateUsernameTest() { qm.createLdapUser("blackbeard"); LdapUser user = new LdapUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/ldap").request() + Response response = jersey.target(V1_USER + "/ldap").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(409, response.getStatus(), 0); @@ -240,7 +247,7 @@ public void deleteLdapUserTest() { qm.createLdapUser("blackbeard"); LdapUser user = new LdapUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/ldap").request() + Response response = jersey.target(V1_USER + "/ldap").request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK .method("DELETE", Entity.entity(user, MediaType.APPLICATION_JSON)); // HACK @@ -256,7 +263,7 @@ public void createManagedUserTest() { user.setUsername("blackbeard"); user.setNewPassword("password"); user.setConfirmPassword("password"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -276,7 +283,7 @@ public void createManagedUserInvalidUsernameTest() { user.setUsername(""); user.setNewPassword("password"); user.setConfirmPassword("password"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -293,7 +300,7 @@ public void createManagedUserInvalidFullnameTest() { user.setUsername("blackbeard"); user.setNewPassword("password"); user.setConfirmPassword("password"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -310,7 +317,7 @@ public void createManagedUserInvalidEmailTest() { user.setUsername("blackbeard"); user.setNewPassword("password"); user.setConfirmPassword("password"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -327,7 +334,7 @@ public void createManagedUserInvalidPasswordTest() { user.setUsername("blackbeard"); user.setNewPassword(""); user.setConfirmPassword("password"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -344,7 +351,7 @@ public void createManagedUserPasswordMismatchTest() { user.setUsername("blackbeard"); user.setNewPassword("password"); user.setConfirmPassword("blah"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -355,14 +362,14 @@ public void createManagedUserPasswordMismatchTest() { @Test public void createManagedUserDuplicateUsernameTest() { - qm.createManagedUser("blackbeard", String.valueOf(PasswordService.createHash("password".toCharArray()))); + qm.createManagedUser("blackbeard", TEST_USER_PASSWORD_HASH); ManagedUser user = new ManagedUser(); user.setFullname("Captain BlackBeard"); user.setEmail("blackbeard@example.com"); user.setUsername("blackbeard"); user.setNewPassword("password"); user.setConfirmPassword("password"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(409, response.getStatus(), 0); @@ -373,8 +380,7 @@ public void createManagedUserDuplicateUsernameTest() { @Test public void updateManagedUserTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); - qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); ManagedUser user = new ManagedUser(); user.setUsername("blackbeard"); user.setFullname("Dr BlackBeard, Ph.D."); @@ -382,7 +388,7 @@ public void updateManagedUserTest() { user.setForcePasswordChange(true); user.setNonExpiryPassword(true); user.setSuspended(true); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -398,8 +404,7 @@ public void updateManagedUserTest() { @Test public void updateManagedUserInvalidFullnameTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); - qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); ManagedUser user = new ManagedUser(); user.setUsername("blackbeard"); user.setFullname(""); @@ -407,7 +412,7 @@ public void updateManagedUserInvalidFullnameTest() { user.setForcePasswordChange(true); user.setNonExpiryPassword(true); user.setSuspended(true); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -418,8 +423,7 @@ public void updateManagedUserInvalidFullnameTest() { @Test public void updateManagedUserInvalidEmailTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); - qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); ManagedUser user = new ManagedUser(); user.setUsername("blackbeard"); user.setFullname("Captain BlackBeard"); @@ -427,7 +431,7 @@ public void updateManagedUserInvalidEmailTest() { user.setForcePasswordChange(true); user.setNonExpiryPassword(true); user.setSuspended(true); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(400, response.getStatus(), 0); @@ -438,8 +442,7 @@ public void updateManagedUserInvalidEmailTest() { @Test public void updateManagedUserInvalidUsernameTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); - qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); ManagedUser user = new ManagedUser(); user.setUsername(""); user.setFullname("Captain BlackBeard"); @@ -447,7 +450,7 @@ public void updateManagedUserInvalidUsernameTest() { user.setForcePasswordChange(true); user.setNonExpiryPassword(true); user.setSuspended(true); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header("Authorization", "Bearer " + jwt) .post(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -458,11 +461,10 @@ public void updateManagedUserInvalidUsernameTest() { @Test public void deleteManagedUserTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); - qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); ManagedUser user = new ManagedUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/managed").request() + Response response = jersey.target(V1_USER + "/managed").request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK .method("DELETE", Entity.entity(user, MediaType.APPLICATION_JSON)); // HACK @@ -474,7 +476,7 @@ public void deleteManagedUserTest() { public void createOidcUserTest() { final OidcUser user = new OidcUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/oidc").request() + Response response = jersey.target(V1_USER + "/oidc").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(201, response.getStatus(), 0); @@ -489,7 +491,7 @@ public void createOidcUserDuplicateUsernameTest() { qm.createOidcUser("blackbeard"); final OidcUser user = new OidcUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/oidc").request() + Response response = jersey.target(V1_USER + "/oidc").request() .header("Authorization", "Bearer " + jwt) .put(Entity.entity(user, MediaType.APPLICATION_JSON)); Assert.assertEquals(409, response.getStatus(), 0); @@ -499,14 +501,13 @@ public void createOidcUserDuplicateUsernameTest() { @Test public void addTeamToUserTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); - qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); Team team = qm.createTeam("Pirates", false); IdentifiableObject ido = new IdentifiableObject(); ido.setUuid(team.getUuid().toString()); ManagedUser user = new ManagedUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/blackbeard/membership").request() + Response response = jersey.target(V1_USER + "/blackbeard/membership").request() .header(X_API_KEY, apiKey) .post(Entity.entity(ido, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -522,13 +523,12 @@ public void addTeamToUserTest() { @Test public void addTeamToUserInvalidTeamTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); - qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); IdentifiableObject ido = new IdentifiableObject(); ido.setUuid(UUID.randomUUID().toString()); ManagedUser user = new ManagedUser(); user.setUsername("blackbeard"); - Response response = target(V1_USER + "/blackbeard/membership").request() + Response response = jersey.target(V1_USER + "/blackbeard/membership").request() .header(X_API_KEY, apiKey) .post(Entity.entity(ido, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -544,7 +544,7 @@ public void addTeamToUserInvalidUserTest() { ido.setUuid(team.getUuid().toString()); ManagedUser user = new ManagedUser(); user.setUsername("blah"); - Response response = target(V1_USER + "/blackbeard/membership").request() + Response response = jersey.target(V1_USER + "/blackbeard/membership").request() .header(X_API_KEY, apiKey) .post(Entity.entity(ido, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -555,13 +555,12 @@ public void addTeamToUserInvalidUserTest() { @Test public void addTeamToUserDuplicateMembershipTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); Team team = qm.createTeam("Pirates", false); - ManagedUser user = qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + ManagedUser user = qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); qm.addUserToTeam(user, team); IdentifiableObject ido = new IdentifiableObject(); ido.setUuid(team.getUuid().toString()); - Response response = target(V1_USER + "/blackbeard/membership").request() + Response response = jersey.target(V1_USER + "/blackbeard/membership").request() .header(X_API_KEY, apiKey) .post(Entity.entity(ido, MediaType.APPLICATION_JSON)); Assert.assertEquals(304, response.getStatus(), 0); @@ -573,13 +572,12 @@ public void addTeamToUserDuplicateMembershipTest() { @Test public void removeTeamFromUserTest() { - String hashedPassword = String.valueOf(PasswordService.createHash("password".toCharArray())); Team team = qm.createTeam("Pirates", false); - ManagedUser user = qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", hashedPassword, false, false, false); + ManagedUser user = qm.createManagedUser("blackbeard", "Captain BlackBeard", "blackbeard@example.com", TEST_USER_PASSWORD_HASH, false, false, false); qm.addUserToTeam(user, team); IdentifiableObject ido = new IdentifiableObject(); ido.setUuid(team.getUuid().toString()); - Response response = target(V1_USER + "/blackbeard/membership").request() + Response response = jersey.target(V1_USER + "/blackbeard/membership").request() .header(X_API_KEY, apiKey) .property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true) // HACK .method("DELETE", Entity.entity(ido, MediaType.APPLICATION_JSON)); // HACK diff --git a/src/test/java/org/dependencytrack/resources/v1/UserResourceUnauthenticatedTest.java b/src/test/java/org/dependencytrack/resources/v1/UserResourceUnauthenticatedTest.java index ded3ad9601..18c6bd5f4e 100644 --- a/src/test/java/org/dependencytrack/resources/v1/UserResourceUnauthenticatedTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/UserResourceUnauthenticatedTest.java @@ -18,15 +18,15 @@ */ package org.dependencytrack.resources.v1; -import alpine.server.filters.ApiFilter; import alpine.model.ManagedUser; import alpine.server.auth.PasswordService; +import alpine.server.filters.ApiFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.Before; +import org.junit.ClassRule; import org.junit.Test; import javax.ws.rs.client.Entity; @@ -36,12 +36,18 @@ public class UserResourceUnauthenticatedTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(UserResource.class) - .register(ApiFilter.class))) - .build(); + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(UserResource.class) + .register(ApiFilter.class)); + + private ManagedUser testUser; + + @Before + public void before() throws Exception { + super.before(); + testUser = qm.createManagedUser("testuser", TEST_USER_PASSWORD_HASH); + qm.addUserToTeam(testUser, team); } @Test @@ -49,7 +55,7 @@ public void validateCredentialsTest() { Form form = new Form(); form.param("username", "testuser"); form.param("password", "testuser"); - Response response = target(V1_USER + "/login").request() + Response response = jersey.target(V1_USER + "/login").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(200, response.getStatus(), 0); @@ -66,7 +72,7 @@ public void validateCredentialsSuspendedTest() { Form form = new Form(); form.param("username", "testuser"); form.param("password", "testuser"); - Response response = target(V1_USER + "/login").request() + Response response = jersey.target(V1_USER + "/login").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(403, response.getStatus(), 0); @@ -77,7 +83,7 @@ public void validateCredentialsUnauthorizedTest() { Form form = new Form(); form.param("username", "testuser"); form.param("password", "wrong"); - Response response = target(V1_USER + "/login").request() + Response response = jersey.target(V1_USER + "/login").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(401, response.getStatus(), 0); @@ -88,7 +94,7 @@ public void validateOidcAccessTokenOidcNotAvailableTest() { final Form form = new Form(); form.param("accessToken", "accessToken"); - final Response response = target(V1_USER + "/oidc/login").request() + final Response response = jersey.target(V1_USER + "/oidc/login").request() .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); // OIDC is disabled by default @@ -103,7 +109,7 @@ public void forceChangePasswordTest() { form.param("newPassword", "Password1!"); form.param("confirmPassword", "Password1!"); Assert.assertTrue(PasswordService.matches("testuser".toCharArray(), testUser)); - Response response = target(V1_USER + "/forceChangePassword").request() + Response response = jersey.target(V1_USER + "/forceChangePassword").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(200, response.getStatus(), 0); @@ -123,7 +129,7 @@ public void forceChangePasswordFlagResetTest() { form.param("newPassword", "Password1!"); form.param("confirmPassword", "Password1!"); Assert.assertTrue(PasswordService.matches("testuser".toCharArray(), testUser)); - Response response = target(V1_USER + "/forceChangePassword").request() + Response response = jersey.target(V1_USER + "/forceChangePassword").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(200, response.getStatus(), 0); @@ -139,7 +145,7 @@ public void forceChangePasswordMismatchTest() { form.param("password", "testuser"); form.param("newPassword", "Password1!"); form.param("confirmPassword", "blah"); - Response response = target(V1_USER + "/forceChangePassword").request() + Response response = jersey.target(V1_USER + "/forceChangePassword").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(406, response.getStatus(), 0); @@ -155,7 +161,7 @@ public void forceChangePasswordUnchangedTest() { form.param("password", "testuser"); form.param("newPassword", "testuser"); form.param("confirmPassword", "testuser"); - Response response = target(V1_USER + "/forceChangePassword").request() + Response response = jersey.target(V1_USER + "/forceChangePassword").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(406, response.getStatus(), 0); @@ -173,7 +179,7 @@ public void forceChangePasswordSuspendedTest() { form.param("password", "testuser"); form.param("newPassword", "Password1!"); form.param("confirmPassword", "Password1!"); - Response response = target(V1_USER + "/forceChangePassword").request() + Response response = jersey.target(V1_USER + "/forceChangePassword").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(403, response.getStatus(), 0); @@ -189,7 +195,7 @@ public void forceChangePasswordInvalidCredsTest() { form.param("password", "blah"); form.param("newPassword", "Password1!"); form.param("confirmPassword", "Password1!"); - Response response = target(V1_USER + "/forceChangePassword").request() + Response response = jersey.target(V1_USER + "/forceChangePassword").request() .accept(MediaType.TEXT_PLAIN) .post(Entity.entity(form, MediaType.APPLICATION_FORM_URLENCODED_TYPE)); Assert.assertEquals(401, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java index f061d07ca0..6b82ee739e 100644 --- a/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java @@ -21,6 +21,7 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; import com.fasterxml.jackson.core.StreamReadConstraints; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.auth.Permissions; import org.dependencytrack.model.AnalysisResponse; @@ -35,9 +36,7 @@ import org.dependencytrack.tasks.scanners.AnalyzerIdentity; import org.glassfish.jersey.media.multipart.MultiPartFeature; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.ws.rs.client.Entity; @@ -48,21 +47,18 @@ import static net.javacrumbs.jsonunit.assertj.JsonAssertions.assertThatJson; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatNoException; -import static org.hamcrest.CoreMatchers.equalTo; import static org.dependencytrack.model.ConfigPropertyConstants.BOM_VALIDATION_ENABLED; +import static org.hamcrest.CoreMatchers.equalTo; public class VexResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(VexResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class) - .register(MultiPartFeature.class) - .register(JsonMappingExceptionMapper.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(VexResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class) + .register(MultiPartFeature.class) + .register(JsonMappingExceptionMapper.class)); @Test public void exportProjectAsCycloneDxTest() { @@ -129,7 +125,7 @@ public void exportProjectAsCycloneDxTest() { )); qm.persist(project); - final Response response = target("%s/cyclonedx/project/%s".formatted(V1_VEX, project.getUuid())) + final Response response = jersey.target("%s/cyclonedx/project/%s".formatted(V1_VEX, project.getUuid())) .request() .header(X_API_KEY, apiKey) .get(Response.class); @@ -249,7 +245,7 @@ public void uploadVexInvalidJsonTest() { } """.getBytes()); - final Response response = target(V1_VEX).request() + final Response response = jersey.target(V1_VEX).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -301,7 +297,7 @@ public void uploadVexInvalidXmlTest() { """.getBytes()); - final Response response = target(V1_VEX).request() + final Response response = jersey.target(V1_VEX).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { @@ -334,7 +330,7 @@ public void uploadVexTooLargeViaPutTest() { final String vex = "a".repeat(StreamReadConstraints.DEFAULT_MAX_STRING_LEN + 1); - final Response response = target(V1_VEX).request() + final Response response = jersey.target(V1_VEX).request() .header(X_API_KEY, apiKey) .put(Entity.entity(""" { diff --git a/src/test/java/org/dependencytrack/resources/v1/ViolationAnalysisResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ViolationAnalysisResourceTest.java index 894c7b4056..a7b3670112 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ViolationAnalysisResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ViolationAnalysisResourceTest.java @@ -27,6 +27,7 @@ import alpine.server.filters.AuthenticationFilter; import alpine.server.filters.AuthorizationFilter; import net.jcip.annotations.NotThreadSafe; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.auth.Permissions; import org.dependencytrack.model.Component; @@ -45,11 +46,10 @@ import org.dependencytrack.resources.v1.vo.ViolationAnalysisRequest; import org.dependencytrack.util.NotificationUtil; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.After; import org.junit.AfterClass; import org.junit.BeforeClass; +import org.junit.ClassRule; import org.junit.Test; import javax.json.Json; @@ -69,15 +69,12 @@ @NotThreadSafe public class ViolationAnalysisResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(ViolationAnalysisResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class) - .register(AuthorizationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(ViolationAnalysisResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class) + .register(AuthorizationFilter.class)); public static class NotificationSubscriber implements Subscriber { @@ -100,10 +97,11 @@ public static void tearDownClass() { NotificationService.getInstance().unsubscribe(new Subscription(NotificationSubscriber.class)); } + @After @Override - public void tearDown() throws Exception { + public void after() throws Exception { NOTIFICATIONS.clear(); - super.tearDown(); + super.after(); } @Test @@ -135,7 +133,7 @@ public void retrieveAnalysisTest() { violationAnalysis = qm.persist(violationAnalysis); qm.makeViolationAnalysisComment(violationAnalysis, "Analysis comment here", "Jane Doe"); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .queryParam("component", component.getUuid()) .queryParam("policyViolation", violation.getUuid()) .request() @@ -156,7 +154,7 @@ public void retrieveAnalysisTest() { @Test public void retrieveAnalysisUnauthorizedTest() { - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .queryParam("component", UUID.randomUUID()) .queryParam("policyViolation", UUID.randomUUID()) .request() @@ -170,7 +168,7 @@ public void retrieveAnalysisUnauthorizedTest() { public void retrieveAnalysisComponentNotFoundTest() { initializeWithPermissions(Permissions.VIEW_POLICY_VIOLATION); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .queryParam("component", UUID.randomUUID()) .queryParam("policyViolation", UUID.randomUUID()) .request() @@ -193,7 +191,7 @@ public void retrieveAnalysisViolationNotFoundTest() { component.setVersion("1.0"); component = qm.createComponent(component, false); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .queryParam("component", component.getUuid()) .queryParam("policyViolation", UUID.randomUUID()) .request() @@ -229,7 +227,7 @@ public void updateAnalysisCreateNewTest() throws Exception { final var request = new ViolationAnalysisRequest(component.getUuid().toString(), violation.getUuid().toString(), ViolationAnalysisState.APPROVED, "Some comment", false); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -286,7 +284,7 @@ public void updateAnalysisCreateNewWithEmptyRequestTest() throws Exception { final var request = new ViolationAnalysisRequest(component.getUuid().toString(), violation.getUuid().toString(), null, null, null); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -343,7 +341,7 @@ public void updateAnalysisUpdateExistingTest() throws Exception { final var request = new ViolationAnalysisRequest(component.getUuid().toString(), violation.getUuid().toString(), ViolationAnalysisState.REJECTED, "Some comment", false); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -411,7 +409,7 @@ public void updateAnalysisUpdateExistingNoChangesTest() throws Exception{ final var request = new ViolationAnalysisRequest(component.getUuid().toString(), violation.getUuid().toString(), ViolationAnalysisState.APPROVED, null, true); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -459,7 +457,7 @@ public void updateAnalysisUpdateExistingWithEmptyRequestTest() throws Exception final var request = new ViolationAnalysisRequest(component.getUuid().toString(), violation.getUuid().toString(), null, null, null); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -492,7 +490,7 @@ public void updateAnalysisUnauthorizedTest() { final var request = new ViolationAnalysisRequest(UUID.randomUUID().toString(), UUID.randomUUID().toString(), ViolationAnalysisState.REJECTED, "Some comment", false); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -507,7 +505,7 @@ public void updateAnalysisComponentNotFoundTest() { final var request = new ViolationAnalysisRequest(UUID.randomUUID().toString(), UUID.randomUUID().toString(), ViolationAnalysisState.REJECTED, "Some comment", false); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); @@ -531,7 +529,7 @@ public void updateAnalysisViolationNotFoundTest() { final var request = new ViolationAnalysisRequest(component.getUuid().toString(), UUID.randomUUID().toString(), ViolationAnalysisState.REJECTED, "Some comment", false); - final Response response = target(V1_VIOLATION_ANALYSIS) + final Response response = jersey.target(V1_VIOLATION_ANALYSIS) .request() .header(X_API_KEY, apiKey) .put(Entity.entity(request, MediaType.APPLICATION_JSON)); diff --git a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java index 812b8722ff..a96d97cd2d 100644 --- a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java @@ -21,6 +21,7 @@ import alpine.common.util.UuidUtil; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.AffectedVersionAttribution; import org.dependencytrack.model.AnalysisJustification; @@ -33,10 +34,8 @@ import org.dependencytrack.model.VulnerableSoftware; import org.dependencytrack.tasks.scanners.AnalyzerIdentity; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; import org.junit.Assert; +import org.junit.ClassRule; import org.junit.Test; import javax.json.Json; @@ -50,19 +49,16 @@ public class VulnerabilityResourceTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(VulnerabilityResource.class) - .register(ApiFilter.class) - .register(AuthenticationFilter.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(VulnerabilityResource.class) + .register(ApiFilter.class) + .register(AuthenticationFilter.class)); @Test public void getVulnerabilitiesByComponentUuidTest() { SampleData sampleData = new SampleData(); - Response response = target(V1_VULNERABILITY + "/component/" + sampleData.c1.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/component/" + sampleData.c1.getUuid().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -89,7 +85,7 @@ public void getVulnerabilitiesByComponentUuidTest() { @Test public void getVulnerabilitiesByComponentInvalidTest() { new SampleData(); - Response response = target(V1_VULNERABILITY + "/component/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/component/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -101,7 +97,7 @@ public void getVulnerabilitiesByComponentInvalidTest() { @Test public void getVulnerabilitiesByComponentUuidIncludeSuppressedTest() { SampleData sampleData = new SampleData(); - Response response = target(V1_VULNERABILITY + "/component/" + sampleData.c1.getUuid().toString()) + Response response = jersey.target(V1_VULNERABILITY + "/component/" + sampleData.c1.getUuid().toString()) .queryParam("suppressed", "true") .request() .header(X_API_KEY, apiKey) @@ -131,7 +127,7 @@ public void getVulnerabilitiesByComponentUuidIncludeSuppressedTest() { @Test public void getVulnerabilitiesByProjectTest() { SampleData sampleData = new SampleData(); - Response response = target(V1_VULNERABILITY + "/project/" + sampleData.p1.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/project/" + sampleData.p1.getUuid().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -164,7 +160,7 @@ public void getVulnerabilitiesByProjectTest() { @Test public void getVulnerabilitiesByProjectIncludeProjectSuppressedTest() { SampleData sampleData = new SampleData(); - Response response = target(V1_VULNERABILITY + "/project/" + sampleData.p2.getUuid().toString()) + Response response = jersey.target(V1_VULNERABILITY + "/project/" + sampleData.p2.getUuid().toString()) .queryParam("suppressed", "true") .request() .header(X_API_KEY, apiKey) @@ -181,7 +177,7 @@ public void getVulnerabilitiesByProjectIncludeProjectSuppressedTest() { @Test public void getVulnerabilitiesByProjectInvalidTest() { new SampleData(); - Response response = target(V1_VULNERABILITY + "/project/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/project/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -193,7 +189,7 @@ public void getVulnerabilitiesByProjectInvalidTest() { @Test public void getVulnerabilityByUuidTest() { SampleData sampleData = new SampleData(); - Response response = target(V1_VULNERABILITY + "/" + sampleData.v1.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + sampleData.v1.getUuid().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -206,7 +202,7 @@ public void getVulnerabilityByUuidTest() { @Test public void getVulnerabilityByUuidInvalidTest() { new SampleData(); - Response response = target(V1_VULNERABILITY + "/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -218,7 +214,7 @@ public void getVulnerabilityByUuidInvalidTest() { @Test public void getVulnerabilityByVulnIdTest() { SampleData sampleData = new SampleData(); - Response response = target(V1_VULNERABILITY + "/source/" + sampleData.v1.getSource() + "/vuln/" + sampleData.v1.getVulnId()).request() + Response response = jersey.target(V1_VULNERABILITY + "/source/" + sampleData.v1.getSource() + "/vuln/" + sampleData.v1.getVulnId()).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -236,7 +232,7 @@ public void getVulnerabilityByVulnIdTest() { @Test public void getVulnerabilityByVulnIdInvalidTest() { new SampleData(); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/blah").request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/blah").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -248,7 +244,7 @@ public void getVulnerabilityByVulnIdInvalidTest() { @Test public void getAffectedProjectTest() { SampleData sampleData = new SampleData(); - Response response = target(V1_VULNERABILITY + "/source/" + sampleData.v1.getSource() + "/vuln/" + sampleData.v1.getVulnId() + "/projects").request() + Response response = jersey.target(V1_VULNERABILITY + "/source/" + sampleData.v1.getSource() + "/vuln/" + sampleData.v1.getVulnId() + "/projects").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -263,7 +259,7 @@ public void getAffectedProjectTest() { @Test public void getAffectedProjectInvalidTest() { new SampleData(); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/blah/projects").request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/blah/projects").request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(404, response.getStatus(), 0); @@ -275,7 +271,7 @@ public void getAffectedProjectInvalidTest() { @Test public void getAllVulnerabilitiesTest() { new SampleData(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .get(Response.class); Assert.assertEquals(200, response.getStatus(), 0); @@ -306,7 +302,7 @@ public void createVulnerabilityTest() { .add("versionType", "RANGE") .add("versionEndIncluding", "1.2.3"))) .build(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .put(Entity.json(payload.toString())); Assert.assertEquals(201, response.getStatus(), 0); @@ -360,7 +356,7 @@ public void createVulnerabilityWithBadOwaspVectorTest() { .add("versionType", "RANGE") .add("versionEndIncluding", "1.2.3"))) .build(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .put(Entity.json(payload.toString())); Assert.assertEquals(400, response.getStatus(), 0); @@ -379,7 +375,7 @@ public void createVulnerabilityCwePreV450CompatTest() { .add("vulnId", "ACME-1") .add("cwe", Json.createObjectBuilder().add("cweId", 80)) .build(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .put(Entity.json(payload.toString())); Assert.assertEquals(201, response.getStatus(), 0); @@ -410,7 +406,7 @@ public void createVulnerabilityDuplicateTest() { .add("cvssV3Vector", "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L") .add("owaspRRVector", "SL:1/M:1/O:0/S:2/ED:1/EE:1/A:1/ID:1/LC:2/LI:1/LAV:1/LAC:1/FD:1/RD:1/NC:2/PV:3") .build(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .put(Entity.json(payload.toString())); Assert.assertEquals(409, response.getStatus(), 0); @@ -435,7 +431,7 @@ public void updateVulnerabilityTest() { .add("owaspRRVector", "SL:1/M:1/O:0/S:2/ED:1/EE:1/A:1/ID:1/LC:2/LI:1/LAV:1/LAC:1/FD:1/RD:1/NC:2/PV:3") .add("uuid", vuln.getUuid().toString()) .build(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .post(Entity.json(payload.toString())); Assert.assertEquals(200, response.getStatus(), 0); @@ -474,7 +470,7 @@ public void updateVulnerabilityInvalidTest() { .add("owaspRRVector", "SL:1/M:1/O:0/S:2/ED:1/EE:1/A:1/ID:1/LC:2/LI:1/LAV:1/LAC:1/FD:1/RD:1/NC:2/PV:3") .add("uuid", UUID.randomUUID().toString()) .build(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .post(Entity.json(payload.toString())); Assert.assertEquals(404, response.getStatus(), 0); @@ -498,7 +494,7 @@ public void updateVulnerabilityUnchangableTest() { .add("owaspRRVector", "SL:1/M:1/O:0/S:2/ED:1/EE:1/A:1/ID:1/LC:2/LI:1/LAV:1/LAC:1/FD:1/RD:1/NC:2/PV:3") .add("uuid", vuln.getUuid().toString()) .build(); - Response response = target(V1_VULNERABILITY).request() + Response response = jersey.target(V1_VULNERABILITY).request() .header(X_API_KEY, apiKey) .post(Entity.json(payload.toString())); Assert.assertEquals(406, response.getStatus(), 0); @@ -517,7 +513,7 @@ public void deleteVulnerabilityTest() { vuln = qm.createVulnerability(vuln, false); final AffectedVersionAttribution attribution = qm.persist(new AffectedVersionAttribution(Vulnerability.Source.INTERNAL, vuln, vs)); - final Response response = target(V1_VULNERABILITY + "/" + vuln.getUuid()).request() + final Response response = jersey.target(V1_VULNERABILITY + "/" + vuln.getUuid()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(204, response.getStatus()); @@ -539,7 +535,7 @@ public void assignVulnerabilityTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -553,7 +549,7 @@ public void assignVulnerabilityInvalidVulnerabilityTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/BLAH/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/BLAH/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -568,7 +564,7 @@ public void assignVulnerabilityInvalidComponentTest() { vuln.setVulnId("ACME-1"); vuln.setSource(Vulnerability.Source.INTERNAL); qm.createVulnerability(vuln, false); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -588,7 +584,7 @@ public void assignVulnerabilityByUuidTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(200, response.getStatus(), 0); @@ -602,7 +598,7 @@ public void assignVulnerabilityByUuidInvalidVulnerabilityTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/" + UUID.randomUUID().toString() + "/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + UUID.randomUUID().toString() + "/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -617,7 +613,7 @@ public void assignVulnerabilityByUuidInvalidComponentTest() { vuln.setVulnId("ACME-1"); vuln.setSource(Vulnerability.Source.INTERNAL); vuln = qm.createVulnerability(vuln, false); - Response response = target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .post(Entity.entity(null, MediaType.APPLICATION_JSON)); Assert.assertEquals(404, response.getStatus(), 0); @@ -637,7 +633,7 @@ public void unassignVulnerabilityTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(200, response.getStatus(), 0); @@ -651,7 +647,7 @@ public void unassignVulnerabilityInvalidVulnerabilityTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/BLAH/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/BLAH/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -666,7 +662,7 @@ public void unassignVulnerabilityInvalidComponentTest() { vuln.setVulnId("ACME-1"); vuln.setSource(Vulnerability.Source.INTERNAL); qm.createVulnerability(vuln, false); - Response response = target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/source/INTERNAL/vuln/ACME-1/component/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -686,7 +682,7 @@ public void unassignVulnerabilityByUuidTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(200, response.getStatus(), 0); @@ -700,7 +696,7 @@ public void unassignVulnerabilityByUuidInvalidVulnerabilityTest() { comp.setProject(project); comp.setName("Test Component"); comp = qm.createComponent(comp, false); - Response response = target(V1_VULNERABILITY + "/" + UUID.randomUUID().toString() + "/component/" + comp.getUuid().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + UUID.randomUUID().toString() + "/component/" + comp.getUuid().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); @@ -715,7 +711,7 @@ public void unassignVulnerabilityByUuidInvalidComponentTest() { vuln.setVulnId("ACME-1"); vuln.setSource(Vulnerability.Source.INTERNAL); vuln = qm.createVulnerability(vuln, false); - Response response = target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + UUID.randomUUID().toString()).request() + Response response = jersey.target(V1_VULNERABILITY + "/" + vuln.getUuid().toString() + "/component/" + UUID.randomUUID().toString()).request() .header(X_API_KEY, apiKey) .delete(); Assert.assertEquals(404, response.getStatus(), 0); diff --git a/src/test/java/org/dependencytrack/resources/v1/exception/ClientErrorExceptionMapperTest.java b/src/test/java/org/dependencytrack/resources/v1/exception/ClientErrorExceptionMapperTest.java index bcc1964c73..038e5b73ac 100644 --- a/src/test/java/org/dependencytrack/resources/v1/exception/ClientErrorExceptionMapperTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/exception/ClientErrorExceptionMapperTest.java @@ -18,11 +18,10 @@ */ package org.dependencytrack.resources.v1.exception; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.ws.rs.GET; @@ -33,17 +32,14 @@ public class ClientErrorExceptionMapperTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(TestResource.class) - .register(ClientErrorExceptionMapper.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(TestResource.class) + .register(ClientErrorExceptionMapper.class)); @Test public void testNotFound() { - final Response response = target("/does/not/exist") + final Response response = jersey.target("/does/not/exist") .request() .get(); @@ -52,7 +48,7 @@ public void testNotFound() { @Test public void testMethodNotAllowed() { - final Response response = target("/test/foo") + final Response response = jersey.target("/test/foo") .request() .delete(); diff --git a/src/test/java/org/dependencytrack/resources/v1/exception/ConstraintViolationExceptionMapperTest.java b/src/test/java/org/dependencytrack/resources/v1/exception/ConstraintViolationExceptionMapperTest.java index 6af6b3330b..459187625b 100644 --- a/src/test/java/org/dependencytrack/resources/v1/exception/ConstraintViolationExceptionMapperTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/exception/ConstraintViolationExceptionMapperTest.java @@ -19,12 +19,11 @@ package org.dependencytrack.resources.v1.exception; import net.javacrumbs.jsonunit.core.Option; +import org.dependencytrack.JerseyTestRule; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.validation.ValidUuid; import org.glassfish.jersey.server.ResourceConfig; -import org.glassfish.jersey.servlet.ServletContainer; -import org.glassfish.jersey.test.DeploymentContext; -import org.glassfish.jersey.test.ServletDeploymentContext; +import org.junit.ClassRule; import org.junit.Test; import javax.validation.constraints.Pattern; @@ -41,17 +40,14 @@ public class ConstraintViolationExceptionMapperTest extends ResourceTest { - @Override - protected DeploymentContext configureDeployment() { - return ServletDeploymentContext.forServlet(new ServletContainer( - new ResourceConfig(TestResource.class) - .register(ConstraintViolationExceptionMapper.class))) - .build(); - } + @ClassRule + public static JerseyTestRule jersey = new JerseyTestRule( + new ResourceConfig(TestResource.class) + .register(ConstraintViolationExceptionMapper.class)); @Test public void test() { - final Response response = target("/not-a-uuid") + final Response response = jersey.target("/not-a-uuid") .queryParam("foo", "666") .request() .get();