diff --git a/security-c4po-api/security-c4po-api.postman_collection.json b/security-c4po-api/security-c4po-api.postman_collection.json index 76ee6a9..b210825 100644 --- a/security-c4po-api/security-c4po-api.postman_collection.json +++ b/security-c4po-api/security-c4po-api.postman_collection.json @@ -98,6 +98,45 @@ "url": null }, "response": [] + }, + { + "name": "updateProject", + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "addTokenTo", + "value": "header", + "type": "string" + } + ] + }, + "method": "PATCH", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"client\": \"updatedProject\",\n \"title\": \"log4j pentest\",\n \"tester\" : \"Stipe\"\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://localhost:8443/projects/f2738715-4005-4aca-8d34-27ce9b8efffe", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8443", + "path": [ + "projects", + "f2738715-4005-4aca-8d34-27ce9b8efffe" + ] + } + }, + "response": [] } ] }, diff --git a/security-c4po-api/src/main/asciidoc/SecurityC4PO.adoc b/security-c4po-api/src/main/asciidoc/SecurityC4PO.adoc index 40d90d8..14a4a76 100644 --- a/security-c4po-api/src/main/asciidoc/SecurityC4PO.adoc +++ b/security-c4po-api/src/main/asciidoc/SecurityC4PO.adoc @@ -77,22 +77,22 @@ To update a project, call the PATCH request /projects/{projectId} ==== Request example -include::{snippets}/deleteProject/http-request.adoc[] +include::{snippets}/updateProject/http-request.adoc[] ==== Response example -include::{snippets}/deleteProject/http-response.adoc[] +include::{snippets}/updateProject/http-response.adoc[] ==== Response structure -include::{snippets}/deleteProject/response-fields.adoc[] +include::{snippets}/updateProject/response-fields.adoc[] == Change History |=== |Date |Change -|2022-03-04 -|Added PATCH endpoint to save Projects +|2022-03-07 +|Added PATCH endpoint to update Projects |2022-02-01 |Added DELETE endpoint to save Projects |2021-12-22 diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt index c5b87bd..251aaf2 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerDocumentationTest.kt @@ -189,6 +189,56 @@ class ProjectControllerDocumentationTest : BaseDocumentationIntTest() { ) } + @Nested + inner class UpdateProject { + @Test + fun updateProject() { + webTestClient.patch().uri("/projects/${projectUpdate.id}") + .header("Authorization", "Bearer $tokenAdmin") + .body(Mono.just(projectUpdate), ProjectRequestBody::class.java) + .exchange() + .expectStatus().isAccepted + .expectHeader().valueEquals("Application-Name", "SecurityC4PO") + .expectBody().json(Json.write(projectUpdate)) + .consumeWith( + WebTestClientRestDocumentation.document( + "{methodName}", + Preprocessors.preprocessRequest( + Preprocessors.prettyPrint(), + Preprocessors.modifyUris().removePort(), + Preprocessors.removeHeaders("Host", "Content-Length") + ), + Preprocessors.preprocessResponse( + Preprocessors.prettyPrint() + ), + PayloadDocumentation.relaxedResponseFields( + PayloadDocumentation.fieldWithPath("id").type(JsonFieldType.STRING) + .description("The id of the updated project"), + PayloadDocumentation.fieldWithPath("client").type(JsonFieldType.STRING) + .description("The updated name of the client of the project"), + PayloadDocumentation.fieldWithPath("title").type(JsonFieldType.STRING) + .description("The updated title of the project"), + PayloadDocumentation.fieldWithPath("createdAt").type(JsonFieldType.STRING) + .description("The date where the project was created at"), + PayloadDocumentation.fieldWithPath("tester").type(JsonFieldType.STRING) + .description("The updated user that is assigned as a tester in the project"), + PayloadDocumentation.fieldWithPath("createdBy").type(JsonFieldType.STRING) + .description("The id of the user that created the project") + ) + ) + ) + } + + val projectUpdate = Project( + id = "4f6567a8-76fd-487b-8602-f82d0ca4d1f9", + client = "Novatec_updated", + title = "log4j Pentest_updated", + createdAt = "2021-01-10T18:05:00Z", + tester = "Stipe_updated", + createdBy = "f8aab31f-4925-4242-a6fa-f98135b4b032" + ) + } + private fun persistBasicTestScenario() { // setup test data val projectOne = Project( diff --git a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt index 9b89b47..529d2fd 100644 --- a/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt +++ b/security-c4po-api/src/test/kotlin/com/securityc4po/api/project/ProjectControllerIntTest.kt @@ -127,15 +127,7 @@ class ProjectControllerIntTest : BaseIntTest() { .expectHeader().valueEquals("Application-Name", "SecurityC4PO") .expectBody().json(Json.write(projectTwo.toProjectDeleteResponseBody())) } - /*@Test - fun `delete project by non-existing id`() { - webTestClient.delete().uri("/projects/{id}", "98754a47-796b-4b3f-abf9-c46c668596c5") - .header("Authorization", "Bearer $tokenAdmin") - .exchange() - .expectStatus().isNoContent - .expectHeader().valueEquals("Application-Name", "SecurityC4PO") - .expectBody().isEmpty - }*/ + val projectTwo = Project( id = "61360a47-796b-4b3f-abf9-c46c668596c5", client = "Allsafe", @@ -146,6 +138,32 @@ class ProjectControllerIntTest : BaseIntTest() { ) } + @Nested + inner class UpdateProject { + @Test + fun `updated project successfully`() { + webTestClient.patch().uri("/projects/{id}", projectUpdate.id) + .header("Authorization", "Bearer $tokenAdmin") + .body(Mono.just(projectUpdate), ProjectRequestBody::class.java) + .exchange() + .expectStatus().isAccepted + .expectHeader().valueEquals("Application-Name", "SecurityC4PO") + .expectBody() + .jsonPath("$.client").isEqualTo("Novatec_updated") + .jsonPath("$.title").isEqualTo("log4j Pentest_updated") + .jsonPath("$.tester").isEqualTo("Stipe_updated") + } + + val projectUpdate = Project( + id = "4f6567a8-76fd-487b-8602-f82d0ca4d1f9", + client = "Novatec_updated", + title = "log4j Pentest_updated", + createdAt = "2021-04-10T18:05:00Z", + tester = "Stipe_updated", + createdBy = "a8891ad2-5cf5-4519-a89e-9ef8eec9e10c" + ) + } + private fun persistBasicTestScenario() { // setup test data val projectOne = Project(