Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a new annotation and an interceptor to control and check content … #36

Merged
merged 9 commits into from
Sep 23, 2024
Prev Previous commit
Next Next commit
Add unit test for sizelimitinginputstream for more coverage
  • Loading branch information
bvasseur-urw committed Sep 19, 2024
commit f6a9e0f09ea5d66ec3463c827e17bd9b2262892f
Original file line number Diff line number Diff line change
@@ -32,6 +32,13 @@ public ContentControlFeature() {
this.maxSize = DEFAULT_MAX_SIZE;
}

public Integer getContentSizeLimit() {
if (maxSize == null) {
return DEFAULT_MAX_SIZE;
}
return maxSize;
}

@Override
public void configure(ResourceInfo resourceInfo, FeatureContext context) {
addContentSizeFilter(resourceInfo.getResourceMethod(), context);
Original file line number Diff line number Diff line change
@@ -2,21 +2,20 @@

import org.junit.Test;

import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.client.Entity;
import jakarta.ws.rs.core.Application;
import jakarta.ws.rs.core.HttpHeaders;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import jakarta.ws.rs.client.Invocation.Builder;

import org.glassfish.jersey.client.ClientConfig;
import org.glassfish.jersey.server.ResourceConfig;
import org.glassfish.jersey.test.JerseyTest;

import static org.junit.Assert.assertEquals;
import static org.junit.jupiter.api.Assertions.assertThrows;

import com.coreoz.plume.jersey.security.control.ContentControlFeature;
import com.coreoz.plume.jersey.security.control.ContentControlFeatureFactory;

public class ContentSizeLimitTest extends JerseyTest {

@@ -35,14 +34,22 @@ public void checkContentSize_withBody_whenWithinDefaultLimit_shouldReturn200() {
}

@Test
public void checkContentSize_withBody_whenBeyondDefaultLimit_shouldThrow() {
public void checkContentSize_withBody_whenBeyondDefaultLimit_shouldReturn413() {
// Generate a byte array of ContentControlFeature.DEFAULT_MAX_SIZE + 1
byte[] data = new byte[ContentControlFeature.DEFAULT_MAX_SIZE + 1];
Builder request = target("/test/upload-default").request();
Entity<byte[]> entity = Entity.entity(data, MediaType.APPLICATION_OCTET_STREAM);
assertEquals(Response.Status.REQUEST_ENTITY_TOO_LARGE.getStatusCode(), request.post(entity).getStatus());
}

@Test
public void checkContentSize_withBody_whenContentLengthIsWrong_shouldReturn411() {
// Generate a byte array of ContentControlFeature.DEFAULT_MAX_SIZE + 1
Builder request = target("/test/upload-default").request();
request.header(HttpHeaders.CONTENT_LENGTH, null);
assertEquals(Response.Status.LENGTH_REQUIRED.getStatusCode(), request.post(null).getStatus());
}

@Test
public void checkContentSize_withBody_whenWithinCustomLimit_shouldReturn200() {
byte[] data = "12345".getBytes();
@@ -51,12 +58,20 @@ public void checkContentSize_withBody_whenWithinCustomLimit_shouldReturn200() {
}

@Test
public void checkContentSize_withBody_whenBeyondCustomLimit_shouldThrow() {
public void checkContentSize_withBody_whenBeyondCustomLimit_shouldReturn413() {
// Generate a byte array of CUSTOM_MAX_SIZE + 1
byte[] data = new byte[TestContentSizeResource.CUSTOM_MAX_SIZE + 1];
Builder request = target("/test/upload-custom").request();
Entity<byte[]> entity = Entity.entity(data, MediaType.APPLICATION_OCTET_STREAM);
assertEquals(Response.Status.REQUEST_ENTITY_TOO_LARGE.getStatusCode(), request.post(entity).getStatus());
}

@Test
public void checkMaxSize_whenCustomControlFeature_shouldSuccess() {
// Custom max size
Integer customMaxSize = 300;
ContentControlFeatureFactory contentControlFeatureFactory = new ContentControlFeatureFactory(customMaxSize);
ContentControlFeature contentControlFeature = contentControlFeatureFactory.provide();
assertEquals(customMaxSize, contentControlFeature.getContentSizeLimit());
}
}
Original file line number Diff line number Diff line change
@@ -78,4 +78,49 @@ public void testRead_whenEmpty_shouldSuccessWithoutReading() throws IOException
assertEquals(-1, bytesRead);
}

@Test
public void testRead_withoutOffsetAndLength_shouldSuccess() throws IOException {
byte[] data = "1234567890".getBytes(); // 10 bytes, exactly at the limit
byteArrayInputStream = new ByteArrayInputStream(data);
sizeLimitingInputStream = new SizeLimitingInputStream(byteArrayInputStream, LIMIT);
int result = sizeLimitingInputStream.read(data, 0, 5);
assertEquals(5, result);
}

@Test
public void testRead_withoutOffsetAndWithoutLength_shouldSuccess() throws IOException {
byte[] data = "1234567890".getBytes(); // 10 bytes, exactly at the limit
byteArrayInputStream = new ByteArrayInputStream(data);
sizeLimitingInputStream = new SizeLimitingInputStream(byteArrayInputStream, LIMIT);
int result = sizeLimitingInputStream.read();
assertEquals('1', result);
}

@Test
public void testRead_withOffsetAndLength_shouldSuccess() throws IOException {
byte[] data = "1234567890".getBytes(); // 10 bytes, exactly at the limit
byteArrayInputStream = new ByteArrayInputStream(data);
sizeLimitingInputStream = new SizeLimitingInputStream(byteArrayInputStream, LIMIT);
int result = sizeLimitingInputStream.read(data, 3, 5);
assertEquals(5, result);
}

@Test
public void testSkip_withinLength_shouldSuccess() throws IOException {
byte[] data = "1234567890".getBytes(); // 10 bytes, exactly at the limit
byteArrayInputStream = new ByteArrayInputStream(data);
sizeLimitingInputStream = new SizeLimitingInputStream(byteArrayInputStream, LIMIT);
long result = sizeLimitingInputStream.skip(3);
assertEquals(3, result);
}

@Test
public void testSkip_beyondLength_shouldSuccess() throws IOException {
byte[] data = "1234567890".getBytes(); // 10 bytes, exactly at the limit
byteArrayInputStream = new ByteArrayInputStream(data);
sizeLimitingInputStream = new SizeLimitingInputStream(byteArrayInputStream, LIMIT);
long result = sizeLimitingInputStream.skip(11);
assertEquals(10, result);
}

}
Loading