Mercurialhg/quoridor / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | help
API for changing own properties
authorJaroslav Tulach <jaroslav.tulach@apidesign.org>
Sat, 07 Nov 2009 18:31:47 +0100
changeset 144cc04ede4cb5e
parent 143 4eb88f05c207
child 145 ac9bd9be5263
API for changing own properties
webidor/src/main/java/cz/xelfi/quoridor/webidor/resources/Users.java file | annotate | diff | revisions
webidor/src/test/java/cz/xelfi/quoridor/webidor/UsersTest.java file | annotate | diff | revisions 
     1.1 --- a/webidor/src/main/java/cz/xelfi/quoridor/webidor/resources/Users.java	Sat Nov 07 15:23:14 2009 +0100
     1.2 +++ b/webidor/src/main/java/cz/xelfi/quoridor/webidor/resources/Users.java	Sat Nov 07 18:31:47 2009 +0100
     1.3 @@ -30,6 +30,7 @@
     1.4  import java.io.File;
     1.5  import java.io.FileInputStream;
     1.6  import java.io.FileNotFoundException;
     1.7 +import java.io.FileOutputStream;
     1.8  import java.io.IOException;
     1.9  import java.util.ArrayList;
    1.10  import java.util.Collections;
    1.11 @@ -38,11 +39,13 @@
    1.12  import java.util.logging.Logger;
    1.13  import javax.ws.rs.DefaultValue;
    1.14  import javax.ws.rs.GET;
    1.15 +import javax.ws.rs.POST;
    1.16  import javax.ws.rs.Path;
    1.17  import javax.ws.rs.PathParam;
    1.18  import javax.ws.rs.Produces;
    1.19  import javax.ws.rs.QueryParam;
    1.20  import javax.ws.rs.core.MediaType;
    1.21 +import javax.ws.rs.core.Response;
    1.22  
    1.23  /**
    1.24   *
    1.25 @@ -82,7 +85,32 @@
    1.26          return user;
    1.27      }
    1.28  
    1.29 -    private Properties getProp(String id) throws FileNotFoundException, IOException {
    1.30 +    @POST
    1.31 +    @Path("{id}")
    1.32 +    @Produces({ MediaType.APPLICATION_JSON, MediaType.TEXT_XML })
    1.33 +    public synchronized Response changeProperty(
    1.34 +        @QueryParam("loginID") String loginId,
    1.35 +        @PathParam("id") String id,
    1.36 +        @QueryParam("name") String name,
    1.37 +        @QueryParam("value") String value
    1.38 +    ) throws IOException {
    1.39 +        String myid = quoridor.isLoggedIn(loginId);
    1.40 +        if (!id.equals(myid) || name.startsWith("permission.")) {
    1.41 +            return Response.status(Response.Status.UNAUTHORIZED).build();
    1.42 +        }
    1.43 +
    1.44 +        Properties p = getProp(myid);
    1.45 +        p.setProperty(name, value);
    1.46 +
    1.47 +        File f = new File(dir, id);
    1.48 +        FileOutputStream os = new FileOutputStream(f);
    1.49 +        p.store(os, "");
    1.50 +        os.close();
    1.51 +        
    1.52 +        return Response.ok().entity(getUserInfo(loginId, id)).build();
    1.53 +    }
    1.54 +
    1.55 +    private synchronized Properties getProp(String id) throws FileNotFoundException, IOException {
    1.56          Properties p = new Properties();
    1.57          if (id != null && id.length() > 0) {
    1.58              File f = new File(dir, id);

     2.1 --- a/webidor/src/test/java/cz/xelfi/quoridor/webidor/UsersTest.java	Sat Nov 07 15:23:14 2009 +0100
     2.2 +++ b/webidor/src/test/java/cz/xelfi/quoridor/webidor/UsersTest.java	Sat Nov 07 18:31:47 2009 +0100
     2.3 @@ -27,6 +27,7 @@
     2.4  package cz.xelfi.quoridor.webidor;
     2.5  
     2.6  import com.sun.jersey.api.client.GenericType;
     2.7 +import com.sun.jersey.api.client.UniformInterfaceException;
     2.8  import com.sun.jersey.test.framework.JerseyTest;
     2.9  import java.io.File;
    2.10  import java.io.FileOutputStream;
    2.11 @@ -111,6 +112,7 @@
    2.12          assertEquals("Jirka", uJirka.getId());
    2.13          assertNull("Cannot get email without login", uJirka.getProperty("email"));
    2.14  
    2.15 +
    2.16          uJirka = webResource.path("users/Jirka").queryParam("loginID", logJirka).accept(MediaType.TEXT_XML).get(User.class);
    2.17          assertEquals("Jirka", uJirka.getId());
    2.18          assertEquals("Email for ownself is OK", "jir@ka.cz", uJirka.getProperty("email"));
    2.19 @@ -123,5 +125,28 @@
    2.20          if (!txt.contains("<user id=\"Jirka\"><property name=\"email\">jir@ka.cz</property></user>")) {
    2.21              fail(txt);
    2.22          }
    2.23 +
    2.24 +        try {
    2.25 +            webResource.path("users/Jarda").queryParam("loginID", logJirka).
    2.26 +                    queryParam("name", "email").queryParam("value", "ka@jir.cz").accept(MediaType.TEXT_XML).post();
    2.27 +            fail("You cannot change email without priviledges");
    2.28 +        } catch (UniformInterfaceException e) {
    2.29 +            // OK, not allowed
    2.30 +        }
    2.31 +
    2.32 +        webResource.path("users/Jirka").queryParam("loginID", logJirka).
    2.33 +                queryParam("name", "email").queryParam("value", "ka@jir.cz").accept(MediaType.TEXT_XML).post();
    2.34 +
    2.35 +        uJirka = webResource.path("users/Jirka").queryParam("loginID", logJirka).accept(MediaType.TEXT_XML).get(User.class);
    2.36 +        assertEquals("Jirka", uJirka.getId());
    2.37 +        assertEquals("Email for ownself is OK", "ka@jir.cz", uJirka.getProperty("email"));
    2.38 +
    2.39 +        try {
    2.40 +            webResource.path("users/Jirka").queryParam("loginID", logJirka).
    2.41 +                    queryParam("name", "permission.email").queryParam("value", "true").accept(MediaType.TEXT_XML).post();
    2.42 +            fail("Shall not be allowed to change own permissions");
    2.43 +        } catch (UniformInterfaceException ex) {
    2.44 +            // OK, not allowed
    2.45 +        }
    2.46      }
    2.47  }
hg/quoridor