public virtual void ChangePassword()
{
// Given
StartServer(true);
// Document
RESTRequestGenerator.ResponseEntity response = Gen.get().expectedStatus(200).withHeader(HttpHeaders.AUTHORIZATION, HTTP.basicAuthHeader("neo4j", "neo4j")).payload(QuotedJson("{'password':'******'}")).post(_server.baseUri().resolve("/user/neo4j/password").ToString());
// Then the new password should work
assertEquals(200, HTTP.withBasicAuth("neo4j", "secret").GET(DataURL()).status());
// Then the old password should not be invalid
assertEquals(401, HTTP.withBasicAuth("neo4j", "neo4j").POST(DataURL()).status());
}
/*
* The default jetty behaviour serves an index page for static resources. The 'directories' exposed through this
* behaviour are not file system directories, but only a list of resources present on the classpath, so there is no
* security vulnerability. However, it might seem like a vulnerability to somebody without the context of how the
* whole stack works, so to avoid confusion we disable the jetty behaviour.
*/
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldDisallowDirectoryListings() throws Exception
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldDisallowDirectoryListings()
{
// Given
_server = CommunityServerBuilder.serverOnRandomPorts().build();
_server.start();
// When
HTTP.Response okResource = HTTP.GET(_server.baseUri().resolve("/browser/index.html").ToString());
HTTP.Response illegalResource = HTTP.GET(_server.baseUri().resolve("/browser/assets/").ToString());
// Then
// Depends on specific resources exposed by the browser module; if this test starts to fail,
// check whether the structure of the browser module has changed and adjust accordingly.
assertEquals(200, okResource.Status());
assertEquals(403, illegalResource.Status());
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldNotWhitelistDB() throws Exception
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldNotWhitelistDB()
{
// Given
_server = CommunityServerBuilder.serverOnRandomPorts().withProperty(GraphDatabaseSettings.auth_enabled.name(), "true").build();
// When
_server.start();
// Then I should get a unauthorized response for access to the DB
HTTP.Response response = HTTP.GET(HTTP.GET(_server.baseUri().resolve("db/data").ToString()).location());
assertThat(response.Status(), equalTo(401));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldNotWhitelistConsoleService() throws Exception
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldNotWhitelistConsoleService()
{
// Given
_server = CommunityServerBuilder.serverOnRandomPorts().withProperty(GraphDatabaseSettings.auth_enabled.name(), "true").build();
// When
_server.start();
// Then I should be able to access the console service
HTTP.Response response = HTTP.GET(_server.baseUri().resolve("db/manage/server/console").ToString());
assertThat(response.Status(), equalTo(401));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldWhitelistBrowser() throws Exception
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldWhitelistBrowser()
{
// Given
assumeTrue(BrowserIsLoaded());
_server = CommunityServerBuilder.serverOnRandomPorts().withProperty(GraphDatabaseSettings.auth_enabled.name(), "true").build();
// When
_server.start();
// Then I should be able to access the browser
HTTP.Response response = HTTP.GET(_server.baseUri().resolve("browser/index.html").ToString());
assertThat(response.Status(), equalTo(200));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void shouldAllowDisablingAuthorization() throws Exception
//JAVA TO C# CONVERTER WARNING: Method 'throws' clauses are not available in C#:
public virtual void ShouldAllowDisablingAuthorization()
{
// Given
_server = CommunityServerBuilder.serverOnRandomPorts().withProperty(GraphDatabaseSettings.auth_enabled.name(), "false").build();
// When
_server.start();
// Then I should have write access
HTTP.Response response = HTTP.POST(_server.baseUri().resolve("db/data/node").ToString(), quotedJson("{'name':'My Node'}"));
assertThat(response.Status(), equalTo(201));
string node = response.Location();
// Then I should have read access
assertThat(HTTP.GET(node).status(), equalTo(200));
}
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes:
//ORIGINAL LINE: @Test public void executeQueryWithSnapshotEngine()
public virtual void ExecuteQueryWithSnapshotEngine()
{
Database database = _server.Database;
GraphDatabaseFacade graph = database.Graph;
using (Transaction transaction = graph.BeginTx())
{
for (int i = 0; i < 10; i++)
{
Node node = graph.CreateNode();
node.SetProperty("a", "b");
}
transaction.Success();
}
HTTP.Builder httpClientBuilder = HTTP.withBaseUri(_server.baseUri());
HTTP.Response transactionStart = httpClientBuilder.Post(TransactionURI());
assertThat(transactionStart.Status(), equalTo(201));
HTTP.Response response = httpClientBuilder.POST(transactionStart.Location(), quotedJson("{ 'statements': [ { 'statement': 'MATCH (n) RETURN n' } ] }"));
assertThat(response.Status(), equalTo(200));
}