Skip to content

Commit

Permalink
Deactivated should return409 on public and member api (#7004)
Browse files Browse the repository at this point in the history
* Deactivated records should get 409 on GET requests

* API 2.0 and 2.1 and also Public API

* Fix unit tests
  • Loading branch information
amontenegro authored Mar 1, 2024
1 parent 9a9b0c8 commit 8d25a88
Show file tree
Hide file tree
Showing 6 changed files with 193 additions and 37 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@

import org.orcid.api.common.jaxb.OrcidValidationJaxbContextResolver;
import org.orcid.api.memberV2.server.delegator.MemberV2ApiServiceDelegator;
import org.orcid.core.exception.DeactivatedException;
import org.orcid.core.exception.OrcidCoreExceptionMapper;
import org.orcid.core.manager.OrcidSearchManager;
import org.orcid.core.manager.OrcidSecurityManager;
Expand Down Expand Up @@ -602,15 +601,7 @@ private Object downgradeObject(Object entity) {
}

private void checkProfileStatus(String orcid, boolean readOperation) {
try {
orcidSecurityManager.checkProfile(orcid);
} catch (DeactivatedException e) {
// If it is a read operation, ignore the deactivated status since we
// are going to return the empty element with the deactivation date
if (!readOperation) {
throw e;
}
}
orcidSecurityManager.checkProfile(orcid);
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -1692,29 +1692,114 @@ public void test2_1() {
person.getResearcherUrls().getResearcherUrls().forEach(e -> assertSourceElement(e, true));
}
}

/**
* Deactivated elements tests
* */
@Test
public void testViewDeactivatedRecordDontThrowError() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
*/
@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewActivities() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewActivities(deactivatedUserOrcid);
serviceDelegator.viewRecord(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewRecord() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewRecord(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewPerson() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewPerson(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewAddresses() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewAddresses(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewEducations() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewEducations(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewEmails() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewEmails(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewEmployments() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewEmployments(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewExternalIdentifiers() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewExternalIdentifiers(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewFundings() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewFundings(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewKeywords() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewKeywords(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewOtherNames() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewOtherNames(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewPeerReviews() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewPeerReviews(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewPersonalDetails() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewPersonalDetails(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewResearcherUrls() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewResearcherUrls(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewWorks() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewWorks(deactivatedUserOrcid);
}
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordCreateWork() {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@
import javax.ws.rs.core.Response;

import org.orcid.api.publicV2.server.delegator.PublicV2ApiServiceDelegator;
import org.orcid.core.exception.DeactivatedException;
import org.orcid.core.manager.OrcidSecurityManager;
import org.orcid.core.manager.ProfileEntityCacheManager;
import org.orcid.core.version.V2Convertible;
Expand Down Expand Up @@ -282,11 +281,7 @@ private Response downgradeResponse(Response response) {
}

private void checkProfileStatus(String orcid) {
try {
orcidSecurityManager.checkProfile(orcid);
} catch(DeactivatedException e) {
// Ignore the DeactivatedException since we should be able to return the empty element
}
orcidSecurityManager.checkProfile(orcid);
}

@SuppressWarnings({ "rawtypes", "unchecked" })
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
package org.orcid.api.publicV3.server.delegator.impl;

import static org.orcid.core.api.OrcidApiConstants.STATUS_OK_MESSAGE;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
Expand All @@ -17,7 +15,6 @@
import org.orcid.api.common.writer.citeproc.V3WorkToCiteprocTranslator;
import org.orcid.api.publicV3.server.delegator.PublicV3ApiServiceDelegator;
import org.orcid.api.publicV3.server.security.PublicAPISecurityManagerV3;
import org.orcid.core.exception.DeactivatedException;
import org.orcid.core.exception.OrcidBadRequestException;
import org.orcid.core.exception.OrcidNoResultException;
import org.orcid.core.exception.SearchStartParameterLimitExceededException;
Expand Down Expand Up @@ -927,11 +924,7 @@ public Response viewServiceSummary(String orcid, Long putCode) {
}

private void checkProfileStatus(String orcid) {
try {
orcidSecurityManager.checkProfile(orcid);
} catch(DeactivatedException e) {
// Ignore the DeactivatedException since we should be able to return the empty element
}
orcidSecurityManager.checkProfile(orcid);
}

@Override
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
import org.orcid.api.publicV2.server.delegator.PublicV2ApiServiceDelegator;
import org.orcid.api.publicV2.server.delegator.impl.PublicV2ApiServiceDelegatorImpl;
import org.orcid.core.api.OrcidApiConstants;
import org.orcid.core.exception.DeactivatedException;
import org.orcid.core.exception.OrcidBadRequestException;
import org.orcid.core.exception.OrcidNonPublicElementException;
import org.orcid.core.exception.SearchStartParameterLimitExceededException;
Expand Down Expand Up @@ -113,7 +114,8 @@ public class PublicV2ApiServiceDelegatorTest extends DBUnitTest {
"/data/PeerReviewEntityData.xml", "/data/BiographyEntityData.xml", "/data/RecordNameEntityData.xml");

private final String ORCID = "0000-0000-0000-0003";

private String deactivatedUserOrcid = "0000-0000-0000-0007";

@Resource(name = "publicV2ApiServiceDelegator")
PublicV2ApiServiceDelegator<?, ?, ?, ?, ?, ?, ?, ?, ?> serviceDelegator;

Expand Down Expand Up @@ -1517,4 +1519,5 @@ public void testSchemaOrgMBWriterV2() throws WebApplicationException, IOExceptio
assertEquals("self_public_user_obo_type",doc.identifier.get(0).propertyID);
assertEquals( "self_public_user_obo_ref",doc.identifier.get(0).value);
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -28,15 +28,18 @@
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
import org.orcid.api.publicV2.server.delegator.PublicV2ApiServiceDelegator;
import org.orcid.core.exception.DeactivatedException;
import org.orcid.core.exception.LockedException;
import org.orcid.core.exception.OrcidDeprecatedException;
import org.orcid.core.exception.OrcidNoBioException;
import org.orcid.core.exception.OrcidNoResultException;
import org.orcid.core.exception.OrcidNotClaimedException;
import org.orcid.core.utils.SecurityContextTestUtils;
import org.orcid.core.version.V2VersionConverterChain;
import org.orcid.jaxb.model.client_v2.ClientSummary;
import org.orcid.jaxb.model.common_v2.OrcidIdentifier;
import org.orcid.jaxb.model.error_v2.OrcidError;
import org.orcid.jaxb.model.message.ScopePathType;
import org.orcid.jaxb.model.record_v2.Work;
import org.orcid.jaxb.model.record_v2.WorkBulk;
import org.orcid.jaxb.model.search_v2.Result;
Expand Down Expand Up @@ -841,25 +844,111 @@ private void updateProfileSubmissionDate(String orcid, int increment) {
}

/**
* Deactivated elements should not throw exception
* */
@Test
public void testViewDeactivatedRecordDontThrowError() {
* Deactivated elements tests
*/
@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewActivities() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewActivities(deactivatedUserOrcid);
serviceDelegator.viewRecord(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewRecord() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewRecord(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewPerson() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewPerson(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewAddresses() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewAddresses(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewEducations() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewEducations(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewEmails() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewEmails(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewEmployments() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewEmployments(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewExternalIdentifiers() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewExternalIdentifiers(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewFundings() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewFundings(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewKeywords() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewKeywords(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewOtherNames() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewOtherNames(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewPeerReviews() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewPeerReviews(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewPersonalDetails() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewPersonalDetails(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewResearcherUrls() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewResearcherUrls(deactivatedUserOrcid);
fail();
}

@Test(expected = DeactivatedException.class)
public void testDeactivatedRecordViewWorks() {
SecurityContextTestUtils.setUpSecurityContext("0000-0000-0000-0007", ScopePathType.READ_LIMITED);
serviceDelegator.viewWorks(deactivatedUserOrcid);
fail();
}

}

0 comments on commit 8d25a88

Please sign in to comment.