public void LoggedInUserCanSubmitGetAndDeleteJsonData()
{
var testObject = new UnitTestDataObject1();
var json = JsonConvert.SerializeObject(testObject);
var dataType = testObject.GetType().Name;
string objectId = null;
Assert.That(() => objectId = analystDataApiClient.InsertAsync(dataType, json).Result, Throws.Nothing);
Assert.That(objectId, Is.Not.Null);
bool?objectExists = null;
AssertStatusCode(
() => objectExists = analystDataApiClient.ExistsAsync <UnitTestDataObject1>(objectId).Result,
HttpStatusCode.OK);
Assert.That(objectExists, Is.True);
string retreivedObjectJson = null;
Assert.That(() => retreivedObjectJson = analystDataApiClient.GetAsync(dataType, objectId).Result, Throws.Nothing);
var retreivedObject = JsonConvert.DeserializeObject <UnitTestDataObject1>(retreivedObjectJson);
Assert.That(retreivedObject.Id, Is.EqualTo(testObject.Id));
Assert.That(() => analystDataApiClient.DeleteAsync(dataType, objectId).Wait(), Throws.Nothing);
objectExists = null;
AssertStatusCode(
() => objectExists = analystDataApiClient.ExistsAsync(dataType, objectId).Result,
HttpStatusCode.OK);
Assert.That(objectExists, Is.False);
}
public void LoggedInUserCanSubmitGetAndDeleteOwnData()
{
var testObject = new UnitTestDataObject1();
string objectId = null;
Assert.That(() => objectId = analystDataApiClient.InsertAsync(testObject).Result, Throws.Nothing);
Assert.That(objectId, Is.Not.Null);
bool?objectExists = null;
AssertStatusCode(
() => objectExists = analystDataApiClient.ExistsAsync <UnitTestDataObject1>(objectId).Result,
HttpStatusCode.OK);
Assert.That(objectExists, Is.True);
UnitTestDataObject1 retreivedObject = null;
Assert.That(() => retreivedObject = analystDataApiClient.GetAsync <UnitTestDataObject1>(objectId).Result, Throws.Nothing);
Assert.That(retreivedObject.Id, Is.EqualTo(testObject.Id));
Assert.That(retreivedObject.Timestamp, Is.EqualTo(testObject.Timestamp));
Assert.That(() => analystDataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait(), Throws.Nothing);
objectExists = null;
AssertStatusCode(
() => objectExists = analystDataApiClient.ExistsAsync <UnitTestDataObject1>(objectId).Result,
HttpStatusCode.OK);
Assert.That(objectExists, Is.False);
}
public void ViewerCanGetAndSearchData()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Viewer, adminDataApiClient, out var viewerDataApiClient);
var testObject = new UnitTestDataObject1();
var objectId = analystDataApiClient.InsertAsync(testObject).Result;
try
{
UnitTestDataObject1 retreivedObject = null;
AssertStatusCode(
() => retreivedObject = viewerDataApiClient.GetAsync <UnitTestDataObject1>(objectId).Result,
HttpStatusCode.OK, "Get");
Assert.That(retreivedObject.Id, Is.EqualTo(testObject.Id));
var query = $"SELECT * FROM {nameof(UnitTestDataObject1)}";
AssertStatusCode(
() => viewerDataApiClient.SearchAsync(query, ResultFormat.Json).Wait(),
HttpStatusCode.OK, "Search");
}
finally
{
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait();
UserGenerator.DeleteUser(viewerDataApiClient);
}
}
public void InvalidIdIsRejected(string id)
{
var testObject = new UnitTestDataObject1
{
Id = id
};
AssertStatusCode(
() => analystDataApiClient.InsertAsync(testObject, testObject.Id).Wait(),
HttpStatusCode.BadRequest);
}
public void SubmitRejectsDataWithInvalidAccessToken()
{
var noLoginDataApiClient = new DataApiClient(ApiSetup.ApiConfiguration)
{
LoginMethod = LoginMethod.JsonWebToken
};
var testObject = new UnitTestDataObject1();
AssertStatusCode(
() => noLoginDataApiClient.InsertAsync(testObject).Wait(),
HttpStatusCode.Unauthorized);
}
public void DeleteManyDeletesExpectedItems()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.DataProducer, adminDataApiClient, out var otherUserDataApiClient);
var testObject1 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DeleteMe_1"
};
var testObject2 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DeleteMe_2"
};
var testObject3 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DoNotDelete"
};
var testObject4 = new UnitTestDataObject1 {
Id = "DeleteManyTest_DeleteMe_Otheruser"
};
analystDataApiClient.ReplaceAsync(testObject1, testObject1.Id);
analystDataApiClient.ReplaceAsync(testObject2, testObject2.Id);
analystDataApiClient.ReplaceAsync(testObject3, testObject3.Id);
otherUserDataApiClient.ReplaceAsync(testObject4, testObject4.Id);
Task.Delay(500).Wait(); // Work-around for test objects occasionaly not being available when query below is executed
try
{
List <DeleteResult> deleteResults = null;
AssertStatusCode(
() => deleteResults = analystDataApiClient.DeleteMany <UnitTestDataObject1>("Data.Id LIKE '%DeleteMe%'").Result,
HttpStatusCode.OK);
Assert.That(deleteResults.Count, Is.EqualTo(3));
Assert.That(deleteResults, Has.Exactly(2).Matches <DeleteResult>(x => x.IsDeleted));
Assert.That(deleteResults, Has.Exactly(1).Matches <DeleteResult>(x => !x.IsDeleted));
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject1.Id).Result, Is.False);
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject2.Id).Result, Is.False);
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject3.Id).Result, Is.True);
Assert.That(analystDataApiClient.ExistsAsync <UnitTestDataObject1>(testObject4.Id).Result, Is.True);
}
finally
{
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject1.Id);
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject2.Id);
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject3.Id);
otherUserDataApiClient.DeleteAsync <UnitTestDataObject1>(testObject4.Id);
UserGenerator.DeleteUser(otherUserDataApiClient);
}
}
public void DataFromOtherUserCanBeOverwrittenAndDeletedIfEnabled()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
var testObject = new UnitTestDataObject1();
string objectId = null;
Assert.That(() => objectId = analystDataApiClient.InsertAsync(testObject).Result, Throws.Nothing);
Assert.That(objectId, Is.Not.Null);
// Enable overwriting of data
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(nameof(UnitTestDataObject1))
{
NonAdminUsersCanOverwriteData = true
});
try
{
// Test 1: Delete
// NOTE: Order of tests is important, because overwriting data
// results in taking ownership of the object
// and then be able to delete it, but we also want to
// test that we can delete even if the object isn't ours.
AssertStatusCode(
() => analyst2DataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait(),
HttpStatusCode.OK, "Delete");
// Test 2: Overwrite
AssertStatusCode(
() => analyst2DataApiClient.ReplaceAsync(new UnitTestDataObject1(), objectId).Wait(),
HttpStatusCode.OK, "Replace");
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
analystDataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait();
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(nameof(UnitTestDataObject1))
{
NonAdminUsersCanOverwriteData = false
});
}
}
public void OtherUserCannotSubmitObjectWithSameId()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var dataProducerApiClient);
var dataType = nameof(UnitTestDataObject1);
string id = null;
AssertStatusCode(
() => id = dataProducerApiClient.GetNewIdAsync(dataType).Result,
HttpStatusCode.OK);
Assert.That(id, Is.Not.Null);
var testObject = new UnitTestDataObject1 {
Id = id
};
AssertStatusCode(
() => analystDataApiClient.InsertAsync(testObject, id).Wait(),
HttpStatusCode.Conflict);
dataProducerApiClient.DeleteAsync <UnitTestDataObject1>(id);
}
public void DataFromOtherUserCannotBeOverwrittenNorDeleted()
{
UserGenerator.RegisterAndLoginUserWithRole(Role.Analyst, adminDataApiClient, out var analyst2DataApiClient);
// Make sure overwriting is disabled
adminDataApiClient.SetCollectionOptions(
new CollectionOptions(nameof(UnitTestDataObject1))
{
NonAdminUsersCanOverwriteData = false
});
var testObject = new UnitTestDataObject1();
string objectId = null;
Assert.That(() => objectId = analystDataApiClient.InsertAsync(testObject).Result, Throws.Nothing);
Assert.That(objectId, Is.Not.Null);
try
{
// Test 1: Overwrite
var otherTestObject = new UnitTestDataObject1 {
Id = objectId
};
AssertStatusCode(
() => analyst2DataApiClient.ReplaceAsync(otherTestObject, otherTestObject.Id).Wait(),
HttpStatusCode.Unauthorized);
// Test 2: Delete
AssertStatusCode(
() => analyst2DataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait(),
HttpStatusCode.Unauthorized);
AssertStatusCode(
() => analystDataApiClient.DeleteAsync <UnitTestDataObject1>(objectId).Wait(),
HttpStatusCode.OK);
}
finally
{
UserGenerator.DeleteUser(analyst2DataApiClient);
}
}
