Added tests

Author: oharsta

client/src/locale/en.js

@@ -1067,8 +1067,8 @@ const en = {
     appAccess: {
         title: "Central Access",
         users: "Users from {{name}}",
-        requestedAccessNotification: "You have requested access to this application. If the supplier (SP) approves this, you can manage access to the app below. Still don't want to connect?",
-        requestedDisconnectNotification: "You have requested to have no longer access to this application. Still want to remain connected?",
+        requestedAccessNotification: "You have requested access to this application - ticket {{ticketKey}}. If the supplier (SP) approves this, you can manage access to the app below. Still don't want to connect?",
+        requestedDisconnectNotification: "You have requested to have no longer access to this application - ticket {{ticketKey}}. Still want to remain connected?",
         cancelRequest: "Cancel the request.",
         cancelRequestTitle: "Cancel the request.",
         cancelRequestQuestion: "Are you sure you don't want to have access to this application? The request for a connection will be withdrawn.",

client/src/locale/nl.js

@@ -1064,8 +1064,8 @@ const nl = {
     appAccess: {
         title: "Centrale toegang",
         users: "Gebruikers van {{name}}",
-        requestedAccessNotification: "Je hebt toegang tot deze applicatie aangevraagd. Als de leverancier (SP) dit goedkeurt, kun je hieronder de toegang beheren. Wil je toch niet verbinden?",
-        requestedDisconnectNotification: "Je hebt verzocht geen toegang meer te hebben tot deze applicatie. Wil je toch verbonden blijven?",
+        requestedAccessNotification: "Je hebt toegang tot deze applicatie aangevraagd - ticket {{ticketKey}}. Als de leverancier (SP) dit goedkeurt, kun je hieronder de toegang beheren. Wil je toch niet verbinden?",
+        requestedDisconnectNotification: "Je hebt verzocht geen toegang meer te hebben tot deze applicatie - ticket {{ticketKey}}. Wil je toch verbonden blijven?",
         cancelRequest: "Verzoek annuleren.",
         cancelRequestTitle: "Verzoek annuleren.",
         cancelRequestQuestion: "Weet je zeker dat je geen toegang meer wilt tot deze applicatie? Het verzoek om verbinding wordt ingetrokken.",

client/src/utils/Permissions.js

@@ -86,21 +86,26 @@ export const deriveAccess = (user, spEntityId) => {
     const allowedEntities = user.identityProvider.data.allowedEntities.map(e => e.name);
     isAccessible = allowedEntities.includes(spEntityId);
     isReadOnly = !isAccessible;
-
+    let ticketKey = null;
     if (!isAccessible) {
-        isAccessible = user.changeRequests.some(cr =>
+        const changeRequestAdd = user.changeRequests.find(cr =>
             cr.requestType === CHANGE_REQUEST_TYPE.LINK_REQUEST &&
             cr.pathUpdateType === "ADDITION" &&
             cr.pathUpdates.allowedEntities.name === spEntityId
         );
+        isAccessible = !isEmpty(changeRequestAdd);
+        ticketKey = isEmpty(changeRequestAdd) ? null : changeRequestAdd.ticketKey
     }
-    isPendingDisconnect = user.changeRequests.some(cr =>
-            cr.requestType === CHANGE_REQUEST_TYPE.UNLINK_REQUEST &&
-            cr.pathUpdateType === "REMOVAL" &&
-            cr.pathUpdates.allowedEntities.name === spEntityId
-        );
-
-    return {isAccessible, isReadOnly, isPendingDisconnect};
+    const changeRequestRemoval = user.changeRequests.find(cr =>
+        cr.requestType === CHANGE_REQUEST_TYPE.UNLINK_REQUEST &&
+        cr.pathUpdateType === "REMOVAL" &&
+        cr.pathUpdates.allowedEntities.name === spEntityId
+    );
+    isPendingDisconnect = !isEmpty(changeRequestRemoval);
+    if (ticketKey === null) {
+        ticketKey = isEmpty(changeRequestRemoval) ? null : changeRequestRemoval.ticketKey;
+    }
+    return {isAccessible, isReadOnly, isPendingDisconnect, ticketKey};
 }
 
 export const isAdmin = (user, authorities) => {

server/src/main/java/access/manage/LocalManage.java

@@ -107,11 +107,10 @@ public Map<String, Object> saveIdentityProvider(Organization organization) {
     @SneakyThrows
     @Override
     public Map<String, Object> saveProvider(Connection connection) {
-        Map<String, Object> baseStructure = StringUtils.hasText(connection.getManageIdentifier()) ?
+        Map<String, Object> provider = StringUtils.hasText(connection.getManageIdentifier()) ?
                 providerByConnection(connection) :
                 baseStructureProvider();
 
-        Map<String, Object> provider = converter.convert(connection, baseStructure, false);
         boolean existingProvider = provider.containsKey("id");
         if (existingProvider) {
             provider.put("version", (int) provider.get("version") + 1);

server/src/main/java/access/model/Connection.java

@@ -209,7 +209,7 @@ public void updateRemoteManageData(Map<String, Object> provider) {
         this.manageVersion = (Integer) provider.get("version");
         Map<String, Object> data = (Map<String, Object>) provider.get("data");
         this.manageEid = (Integer) data.get("eid");
-        this.state = State.valueOf((String) data.get("state"));
+        this.state = State.valueOf((String) data.getOrDefault("state", "testaccepted"));
     }
 
     @JsonIgnore

server/src/test/java/access/AbstractTest.java

@@ -464,6 +464,20 @@ protected Map<String, Object> stubForGetProvider(EntityType entityType, String m
         return provider;
     }
 
+    @SneakyThrows
+    protected Map<String, Object> stubForGetProvider(EntityType entityType, String manageIdentifier, Environment environment,
+                                                     String actualManageIdentifier) {
+        Map<String, Object> provider = localManage.providerByManageIdentifier(entityType, actualManageIdentifier, environment);
+        String body = objectMapper.writeValueAsString(provider);
+        stubFor(get(String.format("/manage/api/internal/metadata/%s/%s",
+                entityType.name(),
+                manageIdentifier))
+                .willReturn(aResponse().withHeader("Content-Type", "application/json")
+                        .withBody(body)
+                        .withStatus(200)));
+        return provider;
+    }
+
     @SneakyThrows
     protected void stubForGetChangeRequests(List<Map<String, Object>> changeRequests) {
         String body = objectMapper.writeValueAsString(changeRequests);

server/src/test/java/access/api/ApplicationControllerTest.java

@@ -5,8 +5,10 @@
 import access.manage.Contact;
 import access.manage.MetaData;
 import access.model.Application;
+import access.model.Connection;
 import access.model.ConnectionStatus;
 import access.model.EntityType;
+import access.model.Environment;
 import access.model.Organization;
 import com.fasterxml.jackson.core.type.TypeReference;
 import io.restassured.common.mapper.TypeRef;
@@ -17,7 +19,6 @@
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.http.HttpStatus;
 
-import java.lang.reflect.Type;
 import java.nio.charset.Charset;
 import java.util.List;
 import java.util.Map;
@@ -132,7 +133,7 @@ void find() {
         Map<String, Object> o = (Map<String, Object>) connections.stream()
                 .filter(connection -> ((Map<String, Object>) connection).get("status").equals(ConnectionStatus.PROD_READY.name()))
                 .findFirst().get();
-        assertEquals(2, ((List)o.get("changeRequests")).size());
+        assertEquals(2, ((List) o.get("changeRequests")).size());
     }
 
     @Test
@@ -160,6 +161,63 @@ void update() {
         assertEquals(application.getName(), applicationFromDB.getName());
     }
 
+    @Test
+    void updateSignContractNotAllowed() {
+        AccessCookieFilter accessCookieFilter = mockLoginFlow(EXTERNAL_USER_SUB);
+        Application application = applicationRepository.findById(seedIdentifiers.get(BUDDY_CHECK)).get();
+        application.setSignedContract(true);
+        Organization organization = application.getOrganization();
+        //Otherwise rest-assured does not deserialize the Organization
+        Map<String, Object> applicationData = objectMapper.convertValue(application, new TypeReference<>() {
+        });
+        applicationData.put("organization", Map.of("id", organization.getId()));
+
+        given()
+                .when()
+                .filter(accessCookieFilter.cookieFilter())
+                .header(csrfHeader(accessCookieFilter))
+                .accept(ContentType.JSON)
+                .contentType(ContentType.JSON)
+                .body(applicationData)
+                .put("/api/v1/applications")
+                .then()
+                .statusCode(HttpStatus.FORBIDDEN.value());
+    }
+
+    @Test
+    void updateMetaDataChanged() {
+        AccessCookieFilter accessCookieFilter = mockLoginFlow(EXTERNAL_USER_SUB);
+        Application application = applicationRepository.findById(seedIdentifiers.get(BUDDY_CHECK)).get();
+        application.getMetaData().put("information", Map.of("descriptionEN", "Changed"));
+        Organization organization = application.getOrganization();
+        //Otherwise rest-assured does not deserialize the Organization
+        Map<String, Object> applicationData = objectMapper.convertValue(application, new TypeReference<>() {
+        });
+        applicationData.put("organization", Map.of("id", organization.getId()));
+
+        //The details of the connections are retrieved
+        super.stubForGetProvider(EntityType.oidc10_rp, MANAGE_IDENTIFIER, Environment.PROD, "5");
+        Connection connectionProd = connectionRepository.findById(seedIdentifiers.get(BUDDY_CHECK_PROD)).get();
+        connectionProd.setManageIdentifier("5");
+        super.stubForSaveProvider(connectionProd);
+        Connection connectionTest = connectionRepository.findById(seedIdentifiers.get(BUDDY_CHECK_TEST)).get();
+        super.stubForSaveProvider(connectionTest);
+
+        Application savedApplication = given()
+                .when()
+                .filter(accessCookieFilter.cookieFilter())
+                .header(csrfHeader(accessCookieFilter))
+                .accept(ContentType.JSON)
+                .contentType(ContentType.JSON)
+                .body(applicationData)
+                .put("/api/v1/applications")
+                .as(new TypeRef<>() {
+                });
+        Application applicationFromDB = applicationRepository.findById(savedApplication.getId()).get();
+        assertEquals(application.getMetaData(), applicationFromDB.getMetaData());
+
+    }
+
     @Test
     void delete() {
         AccessCookieFilter accessCookieFilter = mockLoginFlow(MANAGE_SUB);

server/src/test/java/access/manage/CidrNotationTest.java

@@ -0,0 +1,30 @@
+package access.manage;
+
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+class CidrNotationTest {
+
+    @Test
+    void getIpInfoIPv4() {
+        CidrNotation cidrNotation = new CidrNotation("192.168.1.1", 16);
+        IPInfo ipInfo = cidrNotation.getIpInfo();
+        assertEquals("192.168.255.255", ipInfo.getBroadcastAddress());
+        assertEquals("192.168.0.0", ipInfo.getNetworkAddress());
+        assertEquals(65536.0, ipInfo.getCapacity());
+        assertEquals(16, ipInfo.getPrefix());
+        assertTrue(ipInfo.isIpv4());
+    }
+
+    @Test
+    void getIpInfoIPv6() {
+        CidrNotation cidrNotation = new CidrNotation("2001:db8:3333:4444:5555:6666:7777:8888", 64);
+        IPInfo ipInfo = cidrNotation.getIpInfo();
+        assertEquals("2001:db8:3333:4444:ffff:ffff:ffff:ffff", ipInfo.getBroadcastAddress());
+        assertEquals("2001:db8:3333:4444:0:0:0:0", ipInfo.getNetworkAddress());
+        assertEquals(1.8446744073709552E19, ipInfo.getCapacity());
+        assertEquals(64, ipInfo.getPrefix());
+        assertFalse(ipInfo.isIpv4());
+    }
+}