Skip to content

Commit

Permalink
Merge branch 'wso2:master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
ashanhr authored Nov 27, 2024
2 parents 2bd7ce1 + 7eeaf2e commit 440c449
Show file tree
Hide file tree
Showing 9 changed files with 267 additions and 6 deletions.
7 changes: 7 additions & 0 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# Lines starting with '#' are comments.
# Each line is a file pattern followed by one or more owners.

# See: https://help.github.com/articles/about-codeowners/

# These owners will be the default owners for everything in the repo.
* @tharindu1st @AnuGayan @chamilaadhi @Arshardh
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,8 @@ associated libraries are also specified here.
relevant, org.wso2.andes.configuration.enums.AndesConfiguration, enum value using the Xpath
expression of the property.
This file is ciphertool compliant. Refer PRODUCT_HOME/repository/conf/security/cipher-text.properties for examples.--><broker>
This file is ciphertool compliant. Refer PRODUCT_HOME/repository/conf/security/cipher-text.properties for examples.-->
<broker xmlns:svns="http://org.wso2.securevault/configuration">

<coordination>
<!-- You can override the cluster node identifier of this MB node using the nodeID.
Expand Down
13 changes: 13 additions & 0 deletions modules/distribution/resources/api_templates/endpoint_template.xml
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,19 @@
<clientSecret>$util.escapeXml($endpointSecurity.clientSecret)</clientSecret>
#end
<tokenUrl>$util.escapeXml($endpointSecurity.tokenUrl)</tokenUrl>
#if($endpointSecurity.proxyConfigs && $endpointSecurity.proxyConfigs.proxyEnabled == true)
<proxyConfigs>
<proxyHost>$util.escapeXml($endpointSecurity.proxyConfigs.proxyHost)</proxyHost>
<proxyPort>$util.escapeXml($endpointSecurity.proxyConfigs.proxyPort)</proxyPort>
<proxyUsername>$util.escapeXml($endpointSecurity.proxyConfigs.proxyUsername)</proxyUsername>
#if($isSecureVaultEnabled)
<proxyPassword>{wso2:vault-lookup('$endpointSecurity.proxyConfigs.proxyPasswordAlias')}</proxyPassword>
#else
<proxyPassword>$util.escapeXml($endpointSecurity.proxyConfigs.proxyPassword)</proxyPassword>
#end
<proxyProtocol>$util.escapeXml($endpointSecurity.proxyConfigs.proxyProtocol)</proxyProtocol>
</proxyConfigs>
#end
<connectionTimeout>$util.escapeXml($endpointSecurity.connectionTimeoutDuration)</connectionTimeout>
<connectionRequestTimeout>$util.escapeXml($endpointSecurity.connectionRequestTimeoutDuration)</connectionRequestTimeout>
<socketTimeout>$util.escapeXml($endpointSecurity.socketTimeoutDuration)</socketTimeout>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -695,10 +695,10 @@ public ApiResponse<Void> deleteEnvironment(String environmentId) throws ApiExcep
* @throws ApiException if an error occurs while retrieving applications.
*/
public ApiResponse<ApplicationListDTO> getApplications(String user, Integer limit, Integer offset,
String appTenantDomain) throws ApiException {
String appTenantDomain, String name) throws ApiException {

return applicationCollectionApi.applicationsGetWithHttpInfo(user, limit, offset, null,
null, null, appTenantDomain);
null, name, appTenantDomain);
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -371,7 +371,7 @@ private void updateOwner(String applicationId, String newOwner, String appTenant

//Verify the owner of the updated application
ApiResponse<ApplicationListDTO> getApplicationsResponse =
restAPIAdminClient.getApplications(newOwner, null, null, appTenantDomain);
restAPIAdminClient.getApplications(newOwner, null, null, appTenantDomain, null);
Assert.assertEquals(getApplicationsResponse.getStatusCode(), HttpStatus.SC_OK);
ApplicationListDTO applicationList = getApplicationsResponse.getData();
List<ApplicationInfoDTO> applicationInfoList = applicationList.getList();
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,11 @@ public void initialize() throws Exception {
}


/**
* Although API visibility on the publisher portal is restricted (eg, to the 'admin' role), if a user has the
* 'internal/publisher' role, the API should still be visible to them.
* This ensures that publishers can view all APIs of the organization on the publisher portal
*/
@Test(groups = {"wso2.am"}, description = "Test the visibility of API in Publisher for API creator ")
public void testVisibilityForCreatorInPublisher()
throws APIManagerIntegrationTestException, MalformedURLException, XPathExpressionException, ApiException {
Expand Down Expand Up @@ -270,7 +275,11 @@ public void testVisibilityForCreatorInPublisher()
getAPIIdentifierString(apiIdentifierSubscriberVisibility));
}


/**
* Although API visibility on the devportal is restricted (eg, to the 'admin' role), if a user has the
* 'internal/publisher' role, the API should still be visible to them.
* This ensures that publishers can view all APIs of the organization on the devportal
*/
@Test(groups = {"wso2.am"}, description = "Test the visibility of API in Store for API creator",
dependsOnMethods = "testVisibilityForCreatorInPublisher")
public void testVisibilityForCreatorInStore()
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,230 @@
/*
* Copyright (c) 2024, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.am.integration.tests.restapi.admin;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.testng.annotations.AfterClass;

import org.wso2.am.integration.clients.admin.ApiResponse;
import org.wso2.am.integration.clients.admin.api.dto.ApplicationInfoDTO;
import org.wso2.am.integration.clients.admin.api.dto.ApplicationListDTO;
import org.wso2.am.integration.clients.store.api.v1.dto.ApplicationDTO;
import org.wso2.am.integration.test.impl.RestAPIAdminImpl;
import org.wso2.am.integration.test.impl.RestAPIStoreImpl;
import org.wso2.am.integration.test.utils.base.APIMIntegrationBaseTest;
import org.wso2.am.integration.test.utils.base.APIMIntegrationConstants;
import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment;
import org.wso2.carbon.automation.engine.annotations.SetEnvironment;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.engine.context.beans.User;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.Arrays;

import static org.testng.Assert.assertTrue;

@SetEnvironment(executionEnvironments = { ExecutionEnvironment.ALL })
public class ApplicationsSearchByNameOrOwnerTestCase extends APIMIntegrationBaseTest {
private final Log log = LogFactory.getLog(ApplicationsSearchByNameOrOwnerTestCase.class);

private static final String ADMIN_USER_KEY = "admin";
private static final String CARBON_USER_KEY = "userKey1";
private static final String TENANT_DOMAIN = "wso2.com";
private static final String TENANT_USER_KEY = "user1";

private static final String DEFAULT_APP = "DefaultApplication";
private static final String ADMIN_APP1 = "MainApp1";
private static final String ADMIN_APP2 = "MainApp2";
private static final String USER_APP1 = "TestApp1";
private static final String USER_APP2 = "TestApp2";

private static final String ADMIN_USER_SEARCH_QUERY_BY_NAME = "MainApp";
private static final String ADMIN_USER_SEARCH_QUERY_BY_OWNER = "admin";
private static final String USER_SEARCH_QUERY_BY_NAME = "TestApp";
private static final String USER_SEARCH_QUERY_BY_OWNER = "test";

private RestAPIAdminImpl restAPIAdminAdminUserClient;
private RestAPIStoreImpl restAPIStoreAdminUserClient;
private RestAPIStoreImpl restAPIStoreSubscriberUserClient;

private String adminApp1Id;
private String adminApp2Id;
private String userApp1Id;
private String userApp2Id;

private User adminUser;
private User user;

private ArrayList<ApplicationDTO> applicationList;

@DataProvider
public static Object[][] userModeDataProvider() {
return new Object[][] { new Object[] { TestUserMode.SUPER_TENANT_ADMIN },
new Object[] { TestUserMode.TENANT_ADMIN }, };
}

@Factory(dataProvider = "userModeDataProvider")
public ApplicationsSearchByNameOrOwnerTestCase(TestUserMode userMode) {
this.userMode = userMode;
}

@BeforeClass(alwaysRun = true)
public void setEnvironment() throws Exception {
super.init(userMode);

if (TestUserMode.SUPER_TENANT_ADMIN.equals(userMode)) {
adminUser = storeContext.getContextTenant().getTenantAdmin();
user = storeContext.getContextTenant().getTenantUser(CARBON_USER_KEY);

} else {
adminUser = storeContext.getContextTenant().getTenantAdmin();
user = storeContext.getContextTenant().getTenantUser(TENANT_USER_KEY);
}

restAPIStoreAdminUserClient = new RestAPIStoreImpl(adminUser.getUserNameWithoutDomain(),
adminUser.getPassword(), adminUser.getUserDomain(), storeURLHttps);

restAPIAdminAdminUserClient = new RestAPIAdminImpl(adminUser.getUserNameWithoutDomain(),
adminUser.getPassword(), adminUser.getUserDomain(), adminURLHttps);

restAPIStoreSubscriberUserClient = new RestAPIStoreImpl(user.getUserNameWithoutDomain(), user.getPassword(),
adminUser.getUserDomain(), storeURLHttps);

ApplicationDTO adminUserApp1 = restAPIStoreAdminUserClient.addApplication(ADMIN_APP1,
APIMIntegrationConstants.APPLICATION_TIER.UNLIMITED, "", "App 1 of admin");

ApplicationDTO adminUserApp2 = restAPIStoreAdminUserClient.addApplication(ADMIN_APP2,
APIMIntegrationConstants.APPLICATION_TIER.UNLIMITED, "", "App 2 of admin");

ApplicationDTO userApp1 = restAPIStoreSubscriberUserClient.addApplication(USER_APP1,
APIMIntegrationConstants.APPLICATION_TIER.UNLIMITED, "", "App 1 of user");

ApplicationDTO userApp2 = restAPIStoreSubscriberUserClient.addApplication(USER_APP2,
APIMIntegrationConstants.APPLICATION_TIER.UNLIMITED, "", "App 2 of user");

adminApp1Id = adminUserApp1.getApplicationId();
adminApp2Id = adminUserApp2.getApplicationId();
userApp1Id = userApp1.getApplicationId();
userApp2Id = userApp2.getApplicationId();

applicationList = new ArrayList<>();

applicationList.add(adminUserApp1);
applicationList.add(adminUserApp2);
applicationList.add(userApp1);
applicationList.add(userApp2);
}

@Test(groups = { "wso2.am" }, description = "Test the application search of admin user by application name")
public void testApplicationSearchAdminByName() throws Exception {
Set<String> expectedApplications = new HashSet<>(Arrays.asList(ADMIN_APP1, ADMIN_APP2));
String searchQuery = ADMIN_USER_SEARCH_QUERY_BY_NAME;

if (applicationList != null && !applicationList.isEmpty()) {

ApiResponse<ApplicationListDTO> getApplicationsResponse = restAPIAdminAdminUserClient.getApplications(
searchQuery, null, null, null, searchQuery);

ApplicationListDTO applicationList = getApplicationsResponse.getData();
List<ApplicationInfoDTO> applicationInfoList = applicationList.getList();

assert applicationInfoList != null;
assertTrue(verifyApplicationSearchQueryResults(expectedApplications, applicationInfoList));
}
}

@Test(groups = { "wso2.am" }, description = "Test the application search of admin user by application owner")
public void testApplicationSearchAdminByOwner() throws Exception {
Set<String> expectedApplications = new HashSet<>(Arrays.asList(ADMIN_APP1, ADMIN_APP2, DEFAULT_APP));
String searchQuery = ADMIN_USER_SEARCH_QUERY_BY_OWNER;

if (applicationList != null && !applicationList.isEmpty()) {

ApiResponse<ApplicationListDTO> getApplicationsResponse = restAPIAdminAdminUserClient.getApplications(
searchQuery, null, null, null, searchQuery);

ApplicationListDTO applicationList = getApplicationsResponse.getData();
List<ApplicationInfoDTO> applicationInfoList = applicationList.getList();

assert applicationInfoList != null;
assertTrue(verifyApplicationSearchQueryResults(expectedApplications, applicationInfoList));
}
}

@Test(groups = { "wso2.am" }, description = "Test the application search of non admin user by application name")
public void testApplicationSearchUserByName() throws Exception {
Set<String> expectedApplications = new HashSet<>(Arrays.asList(USER_APP1, USER_APP2));
String searchQuery = USER_SEARCH_QUERY_BY_NAME;

if (applicationList != null && !applicationList.isEmpty()) {

ApiResponse<ApplicationListDTO> getApplicationsResponse = restAPIAdminAdminUserClient.getApplications(
searchQuery, null, null, null, searchQuery);

ApplicationListDTO applicationList = getApplicationsResponse.getData();
List<ApplicationInfoDTO> applicationInfoList = applicationList.getList();

assert applicationInfoList != null;
assertTrue(verifyApplicationSearchQueryResults(expectedApplications, applicationInfoList));
}
}

@Test(groups = { "wso2.am" }, description = "Test the application search of non admin user by application owner")
public void testApplicationSearchUserByOwner() throws Exception {
Set<String> expectedApplications = new HashSet<>(Arrays.asList(USER_APP1, USER_APP2, DEFAULT_APP));
String searchQuery = USER_SEARCH_QUERY_BY_OWNER;

if (applicationList != null && !applicationList.isEmpty()) {

ApiResponse<ApplicationListDTO> getApplicationsResponse = restAPIAdminAdminUserClient.getApplications(
searchQuery, null, null, null, searchQuery);

ApplicationListDTO applicationList = getApplicationsResponse.getData();
List<ApplicationInfoDTO> applicationInfoList = applicationList.getList();

assert applicationInfoList != null;
assertTrue(verifyApplicationSearchQueryResults(expectedApplications, applicationInfoList));
}
}

@AfterClass(alwaysRun = true)
public void destroy() throws Exception {
restAPIStoreAdminUserClient.deleteApplication(adminApp1Id);
restAPIStoreAdminUserClient.deleteApplication(adminApp2Id);
restAPIStoreSubscriberUserClient.deleteApplication(userApp1Id);
restAPIStoreSubscriberUserClient.deleteApplication(userApp2Id);
}

public boolean verifyApplicationSearchQueryResults(Set<String> expectedResultSet,
List<ApplicationInfoDTO> applications) {
Set<String> resultSet = new HashSet<>();
for (ApplicationInfoDTO app : applications) {
resultSet.add(app.getName());
}
return expectedResultSet.equals(resultSet);
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -308,6 +308,7 @@
<class name="org.wso2.am.integration.tests.restapi.admin.throttlingpolicy.ThrottlePolicyExportImportTestCase"/>
<class name="org.wso2.am.integration.tests.restapi.admin.throttlingpolicy.GetThrottlingPoliciesTestCase"/>
<class name="org.wso2.am.integration.tests.restapi.admin.throttlingpolicy.DenyPolicySearchTestCase"/>
<class name="org.wso2.am.integration.tests.restapi.admin.ApplicationsSearchByNameOrOwnerTestCase"/>
</classes>
</test>

Expand Down
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -1293,7 +1293,7 @@
<carbon.apimgt.imp.pkg.version>[9.0.0, 10.0.0)</carbon.apimgt.imp.pkg.version>

<!-- Carbon Registry -->
<carbon.registry.version>4.8.36</carbon.registry.version>
<carbon.registry.version>4.8.40</carbon.registry.version>
<carbon.registry.package.import.version.range>[4.7.0, 5.0.0)</carbon.registry.package.import.version.range>


Expand Down

0 comments on commit 440c449

Please sign in to comment.