View Javadoc
1   /*
2    * Copyright (c) 2002-2025, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.portal.web.search;
35  
36  import java.math.BigInteger;
37  import java.security.SecureRandom;
38  import java.util.HashMap;
39  import java.util.Map;
40  import java.util.Random;
41  
42  import org.springframework.mock.web.MockHttpServletRequest;
43  
44  import fr.paris.lutece.portal.business.rbac.RBACRole;
45  import fr.paris.lutece.portal.business.rbac.RBACRoleHome;
46  import fr.paris.lutece.portal.business.search.SearchParameterHome;
47  import fr.paris.lutece.portal.business.user.AdminUser;
48  import fr.paris.lutece.portal.service.admin.AccessDeniedException;
49  import fr.paris.lutece.portal.service.message.AdminMessage;
50  import fr.paris.lutece.portal.service.message.AdminMessageService;
51  import fr.paris.lutece.portal.service.security.SecurityTokenService;
52  import fr.paris.lutece.portal.web.dashboard.AdminDashboardJspBean;
53  import fr.paris.lutece.test.LuteceTestCase;
54  import fr.paris.lutece.test.Utils;
55  import fr.paris.lutece.util.ReferenceItem;
56  import fr.paris.lutece.util.ReferenceList;
57  
58  public class SearchJspBeanTest extends LuteceTestCase
59  {
60      private static final String PARAMETER_DATE_FILTER = "date_filter";
61      private static final String PARAMETER_DEFAULT_OPERATOR = "default_operator";
62      private static final String PARAMETER_HELP_MESSAGE = "help_message";
63      private static final String PARAMETER_TAGLIST = "taglist";
64      private static final String PARAMETER_TAG_FILTER = "tag_filter";
65      private static final String PARAMETER_TYPE_FILTER = "type_filter";
66      private SearchJspBean _bean;
67      private ReferenceList _origSearchParameters;
68  
69      @Override
70      protected void setUp( ) throws Exception
71      {
72          super.setUp( );
73          _bean = new SearchJspBean( );
74          _origSearchParameters = SearchParameterHome.findParametersList( );
75      }
76  
77      @Override
78      protected void tearDown( ) throws Exception
79      {
80          for ( ReferenceItem param : _origSearchParameters )
81          {
82              SearchParameterHome.update( param );
83          }
84          super.tearDown( );
85      }
86  
87      public void testDoModifyAdvancedParameters( ) throws AccessDeniedException
88      {
89          String strTypeFilter;
90          if ( "none".equals( SearchParameterHome.findByKey( PARAMETER_TYPE_FILTER ).getName( ) ) )
91          {
92              strTypeFilter = "option";
93          }
94          else
95          {
96              strTypeFilter = "none";
97          }
98  
99          String strDefaultOperator;
100         if ( "OR".equals( SearchParameterHome.findByKey( PARAMETER_DEFAULT_OPERATOR ).getName( ) ) )
101         {
102             strDefaultOperator = "AND";
103         }
104         else
105         {
106             strDefaultOperator = "OR";
107         }
108 
109         String strHelpMessage = getRandomName( );
110 
111         String strDateFilter;
112         if ( "0".equals( SearchParameterHome.findByKey( PARAMETER_DATE_FILTER ).getName( ) ) )
113         {
114             strDateFilter = "1";
115         }
116         else
117         {
118             strDateFilter = "0";
119         }
120 
121         String strTagFilter;
122         if ( "0".equals( SearchParameterHome.findByKey( PARAMETER_TAG_FILTER ).getName( ) ) )
123         {
124             strTagFilter = "1";
125         }
126         else
127         {
128             strTagFilter = "0";
129         }
130 
131         MockHttpServletRequest request = new MockHttpServletRequest( );
132         request.addParameter( PARAMETER_TYPE_FILTER, strTypeFilter );
133         request.addParameter( PARAMETER_DEFAULT_OPERATOR, strDefaultOperator );
134         request.addParameter( PARAMETER_HELP_MESSAGE, strHelpMessage );
135         request.addParameter( PARAMETER_DATE_FILTER, strDateFilter );
136         request.addParameter( PARAMETER_TAG_FILTER, strTagFilter );
137         AdminUser user = new AdminUser( );
138         Map<String, RBACRole> roles = new HashMap<>( );
139         for ( RBACRole role : RBACRoleHome.findAll( ) )
140         {
141             roles.put( role.getKey( ), role );
142         }
143         user.addRoles( roles );
144         Utils.registerAdminUserWithRigth( request, user, "CORE_SEARCH_MANAGEMENT" );
145         _bean.init( request, "CORE_SEARCH_MANAGEMENT" );
146         request.addParameter( SecurityTokenService.PARAMETER_TOKEN,
147                 SecurityTokenService.getInstance( ).getToken( request, AdminDashboardJspBean.TEMPLATE_MANAGE_DASHBOARDS ) );
148 
149         _bean.doModifyAdvancedParameters( request );
150         AdminMessage message = AdminMessageService.getMessage( request );
151         assertNull( message );
152         for ( ReferenceItem param : _origSearchParameters )
153         {
154             if ( PARAMETER_TAGLIST.equals( param.getCode( ) ) )
155             {
156                 continue;
157             }
158             assertFalse( "SearchParameter " + param.getCode( ) + " stayed equal to " + param.getName( ),
159                     param.getName( ).equals( SearchParameterHome.findByKey( param.getCode( ) ).getName( ) ) );
160         }
161         assertEquals( strTypeFilter, SearchParameterHome.findByKey( PARAMETER_TYPE_FILTER ).getName( ) );
162         assertEquals( strDefaultOperator, SearchParameterHome.findByKey( PARAMETER_DEFAULT_OPERATOR ).getName( ) );
163         assertEquals( strHelpMessage, SearchParameterHome.findByKey( PARAMETER_HELP_MESSAGE ).getName( ) );
164         assertEquals( strDateFilter, SearchParameterHome.findByKey( PARAMETER_DATE_FILTER ).getName( ) );
165         assertEquals( strTagFilter, SearchParameterHome.findByKey( PARAMETER_TAG_FILTER ).getName( ) );
166     }
167 
168     public void testDoModifyAdvancedParametersInvalidToken( ) throws AccessDeniedException
169     {
170         String strTypeFilter;
171         if ( "none".equals( SearchParameterHome.findByKey( PARAMETER_TYPE_FILTER ).getName( ) ) )
172         {
173             strTypeFilter = "option";
174         }
175         else
176         {
177             strTypeFilter = "none";
178         }
179 
180         String strDefaultOperator;
181         if ( "OR".equals( SearchParameterHome.findByKey( PARAMETER_DEFAULT_OPERATOR ).getName( ) ) )
182         {
183             strDefaultOperator = "AND";
184         }
185         else
186         {
187             strDefaultOperator = "OR";
188         }
189 
190         String strHelpMessage = getRandomName( );
191 
192         String strDateFilter;
193         if ( "0".equals( SearchParameterHome.findByKey( PARAMETER_DATE_FILTER ).getName( ) ) )
194         {
195             strDateFilter = "1";
196         }
197         else
198         {
199             strDateFilter = "0";
200         }
201 
202         String strTagFilter;
203         if ( "0".equals( SearchParameterHome.findByKey( PARAMETER_TAG_FILTER ).getName( ) ) )
204         {
205             strTagFilter = "1";
206         }
207         else
208         {
209             strTagFilter = "0";
210         }
211 
212         MockHttpServletRequest request = new MockHttpServletRequest( );
213         request.addParameter( PARAMETER_TYPE_FILTER, strTypeFilter );
214         request.addParameter( PARAMETER_DEFAULT_OPERATOR, strDefaultOperator );
215         request.addParameter( PARAMETER_HELP_MESSAGE, strHelpMessage );
216         request.addParameter( PARAMETER_DATE_FILTER, strDateFilter );
217         request.addParameter( PARAMETER_TAG_FILTER, strTagFilter );
218         AdminUser user = new AdminUser( );
219         Map<String, RBACRole> roles = new HashMap<>( );
220         for ( RBACRole role : RBACRoleHome.findAll( ) )
221         {
222             roles.put( role.getKey( ), role );
223         }
224         user.addRoles( roles );
225         Utils.registerAdminUserWithRigth( request, user, "CORE_SEARCH_MANAGEMENT" );
226         _bean.init( request, "CORE_SEARCH_MANAGEMENT" );
227         request.addParameter( SecurityTokenService.PARAMETER_TOKEN,
228                 SecurityTokenService.getInstance( ).getToken( request, "admin/search/manage_advanced_parameters.html" ) + "b" );
229 
230         try
231         {
232             _bean.doModifyAdvancedParameters( request );
233             fail( "Should have thrown" );
234         }
235         catch( AccessDeniedException e )
236         {
237             for ( ReferenceItem param : _origSearchParameters )
238             {
239                 assertEquals( param.getName( ), SearchParameterHome.findByKey( param.getCode( ) ).getName( ) );
240             }
241         }
242     }
243 
244     public void testDoModifyAdvancedParametersNoToken( ) throws AccessDeniedException
245     {
246         String strTypeFilter;
247         if ( "none".equals( SearchParameterHome.findByKey( PARAMETER_TYPE_FILTER ).getName( ) ) )
248         {
249             strTypeFilter = "option";
250         }
251         else
252         {
253             strTypeFilter = "none";
254         }
255 
256         String strDefaultOperator;
257         if ( "OR".equals( SearchParameterHome.findByKey( PARAMETER_DEFAULT_OPERATOR ).getName( ) ) )
258         {
259             strDefaultOperator = "AND";
260         }
261         else
262         {
263             strDefaultOperator = "OR";
264         }
265 
266         String strHelpMessage = getRandomName( );
267 
268         String strDateFilter;
269         if ( "0".equals( SearchParameterHome.findByKey( PARAMETER_DATE_FILTER ).getName( ) ) )
270         {
271             strDateFilter = "1";
272         }
273         else
274         {
275             strDateFilter = "0";
276         }
277 
278         String strTagFilter;
279         if ( "0".equals( SearchParameterHome.findByKey( PARAMETER_TAG_FILTER ).getName( ) ) )
280         {
281             strTagFilter = "1";
282         }
283         else
284         {
285             strTagFilter = "0";
286         }
287 
288         MockHttpServletRequest request = new MockHttpServletRequest( );
289         request.addParameter( PARAMETER_TYPE_FILTER, strTypeFilter );
290         request.addParameter( PARAMETER_DEFAULT_OPERATOR, strDefaultOperator );
291         request.addParameter( PARAMETER_HELP_MESSAGE, strHelpMessage );
292         request.addParameter( PARAMETER_DATE_FILTER, strDateFilter );
293         request.addParameter( PARAMETER_TAG_FILTER, strTagFilter );
294         AdminUser user = new AdminUser( );
295         Map<String, RBACRole> roles = new HashMap<>( );
296         for ( RBACRole role : RBACRoleHome.findAll( ) )
297         {
298             roles.put( role.getKey( ), role );
299         }
300         user.addRoles( roles );
301         Utils.registerAdminUserWithRigth( request, user, "CORE_SEARCH_MANAGEMENT" );
302         _bean.init( request, "CORE_SEARCH_MANAGEMENT" );
303 
304         try
305         {
306             _bean.doModifyAdvancedParameters( request );
307             fail( "Should have thrown" );
308         }
309         catch( AccessDeniedException e )
310         {
311             for ( ReferenceItem param : _origSearchParameters )
312             {
313                 assertEquals( param.getName( ), SearchParameterHome.findByKey( param.getCode( ) ).getName( ) );
314             }
315         }
316     }
317 
318     private String getRandomName( )
319     {
320         Random rand = new SecureRandom( );
321         BigInteger bigInt = new BigInteger( 128, rand );
322         return "junit" + bigInt.toString( 36 );
323     }
324 
325 }