FF-330 - ViewFolderContents updated to new sharing concept (#91)

* ViewFolderContents updated to new sharing concept

* Implemented Refactorings from FF-296

* start with delete FeatureFile

* Rewrote part of the logic, Implemented Ownerids, renamed to lastupdated.

* adapt feature files to refactoring

* minor changes.

* Fixed failing request. Happy Easter btw lol

* minor fix of feature files

* Implemented getFolderContents with feature file.

* Rewrote Deletion Endpoint.

* Implemented recursive updating of timestamps

* Updated Tests, fixed cov.

* fix some preperation steps for delte, add check for last modified

* dirty hack, have a better idea ?

* bad things happen when you forget about that one little change you made ages ago

* Finished UnitTests. Changed logger level to debug.

* add return values to delte feature file

* FF-331 rewrote deletion endpoint logic for the 12398th time.

* Fixed tests.

* Added missing coverage.

Co-authored-by: open-schnick <[email protected]>

Author: qvalentin

.run/RestApplication-debug.run.xml

@@ -0,0 +1,13 @@
+<component name="ProjectRunConfigurationManager">
+    <configuration default="false" name="RestApplication[DEBUG]" type="SpringBootApplicationConfigurationType"
+                   factoryName="Spring Boot">
+        <module name="RestApi"/>
+        <option name="SPRING_BOOT_MAIN_CLASS" value="de.filefighter.rest.RestApplication"/>
+        <option name="ACTIVE_PROFILES" value="debug"/>
+        <option name="ALTERNATIVE_JRE_PATH"/>
+        <method v="2">
+            <option name="Maven.BeforeRunTask" enabled="true" file="$PROJECT_DIR$/pom.xml" goal="clean compile"/>
+            <option name="Make" enabled="true"/>
+        </method>
+    </configuration>
+</component>

src/main/java/de/filefighter/rest/configuration/CorsConfig.java

@@ -25,7 +25,7 @@ public CorsConfig() {
     }
 
     @Bean
-    @Profile({"dev","stage"})
+    @Profile({"dev", "stage", "debug"})
     public CorsFilter corsFilterDev() {
         final CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues();
         ArrayList<String> allowedOrigins = new ArrayList<>();
@@ -39,7 +39,7 @@ public CorsFilter corsFilterDev() {
     }
 
     @Bean
-    @Profile({"prod","test"})
+    @Profile({"prod"})
     public CorsFilter corsFilterProd() {
         final CorsConfiguration config = new CorsConfiguration();
         config.setAllowedMethods(allowedMethods);

src/main/java/de/filefighter/rest/configuration/PrepareDataBase.java

@@ -45,7 +45,7 @@ public class PrepareDataBase {
     String date;
 
     @Bean
-    @Profile({"dev", "prod, stage"})
+    @Profile({"dev", "prod, stage", "debug"})
     @Autowired
     CommandLineRunner veryImportantFileFighterStartScript(Environment environment) {
         return args -> {
@@ -70,12 +70,6 @@ CommandLineRunner veryImportantFileFighterStartScript(Environment environment) {
             System.out.println();
             System.out.println("-------------------------------< REST API >-------------------------------");
             System.out.println();
-
-            /*
-            System.out.println("╭---╮")
-            System.out.println("|   |")
-            System.out.println("╰---╯")
-            */
         };
     }
 
@@ -91,26 +85,28 @@ CommandLineRunner initDataBaseProd(UserRepository userRepository, FileSystemRepo
                 addDefaultAdminAndRuntimeUser(userRepository);
                 log.info("Inserting Home directories and default structure: {} {}.", fileSystemRepository.save(FileSystemEntity
                                 .builder()
-                                .createdByUserId(RUNTIME_USER_ID)
+                                .lastUpdatedBy(RUNTIME_USER_ID)
+                                .lastUpdated(Instant.now().getEpochSecond())
+                                .ownerId(1)
                                 .fileSystemId(0)
                                 .isFile(false)
                                 .path("/")
                                 .itemIds(new long[0])
-                                .lastUpdated(Instant.now().getEpochSecond())
-                                .name("HOME_Admin")
+                                .name("HOME_1")
                                 .size(420)
                                 .typeId(FOLDER.getId())
                                 .visibleForGroupIds(new long[]{UNDEFINED.getGroupId(), FAMILY.getGroupId(), ADMIN.getGroupId()})
                                 .itemIds(new long[]{1})
                                 .build()),
                         fileSystemRepository.save(FileSystemEntity.builder()
-                                .createdByUserId(1)
-                                .fileSystemId(1)
-                                .isFile(true)
+                                .lastUpdatedBy(RUNTIME_USER_ID)
                                 .lastUpdated(Instant.now().getEpochSecond())
+                                .ownerId(1).fileSystemId(1)
+                                .isFile(true)
                                 .name("dummyFile.txt")
                                 .size(420)
                                 .typeId(TEXT.getId())
+                                .mimeType("text/plain")
                                 .editableFoGroupIds(new long[]{FAMILY.getGroupId()})
                                 .visibleForGroupIds(new long[]{FAMILY.getGroupId()})
                                 .build()));
@@ -136,7 +132,7 @@ CommandLineRunner initDataBaseProd(UserRepository userRepository, FileSystemRepo
     }
 
     @Bean
-    @Profile("dev")
+    @Profile({"dev", "debug"})
     CommandLineRunner initDataBaseDev(UserRepository userRepository, AccessTokenRepository accessTokenRepository, FileSystemRepository fileSystemRepository) {
         return args -> {
             log.info("Starting with clean user collection.");
@@ -198,7 +194,7 @@ CommandLineRunner initDataBaseDev(UserRepository userRepository, AccessTokenRepo
                 log.error("Inserting Users " + MESSAGE_ON_FAILURE);
             }
 
-            if (fileSystemRepository.findAll().size() == 6) {
+            if (fileSystemRepository.findAll().size() == 8) {
                 log.info("Inserting FileSystemEntities " + MESSAGE_ON_SUCCESS);
             } else {
                 log.error("Inserting FileSystemEntities " + MESSAGE_ON_FAILURE);
@@ -266,75 +262,111 @@ private void addDefaultAdminAndRuntimeUser(UserRepository userRepository) {
     }
 
     private void addTestingFileSystemItems(FileSystemRepository fileSystemRepository) {
-        log.info("Inserting default fsItems:\n {}\n {}\n {}\n {}\n {}\n {}.",
+        log.info("Inserting default fsItems:\n {}\n {}\n {}\n {}\n {}\n {}\n {}\n {}.",
                 fileSystemRepository.save(FileSystemEntity.builder()
-                        .createdByUserId(RUNTIME_USER_ID)
+                        .lastUpdatedBy(RUNTIME_USER_ID)
+                        .ownerId(1)
+                        .lastUpdated(Instant.now().getEpochSecond())
                         .fileSystemId(0)
                         .isFile(false)
                         .path("/")
-                        .itemIds(new long[]{2, 3})
-                        .lastUpdated(Instant.now().getEpochSecond())
-                        .name("HOME_User")
+                        .name("HOME_1")
                         .size(4866)
                         .typeId(FOLDER.getId())
+                        .itemIds(new long[]{2, 3, 7})
                         .visibleForGroupIds(new long[]{FAMILY.getGroupId(), ADMIN.getGroupId()})
+                        .visibleForUserIds(new long[]{0})
+                        .editableForUserIds(new long[]{0})
                         .build()),
                 fileSystemRepository.save(FileSystemEntity.builder()
-                        .createdByUserId(RUNTIME_USER_ID)
+                        .lastUpdatedBy(RUNTIME_USER_ID)
+                        .lastUpdated(Instant.now().getEpochSecond())
+                        .ownerId(2)
                         .fileSystemId(1)
                         .isFile(false)
                         .path("/")
-                        .lastUpdated(Instant.now().getEpochSecond())
-                        .name("HOME_User1")
+                        .name("HOME_2")
                         .size(0)
                         .typeId(FOLDER.getId())
                         .visibleForGroupIds(new long[]{UNDEFINED.getGroupId(), FAMILY.getGroupId(), ADMIN.getGroupId()})
+                        .visibleForUserIds(new long[]{1})
+                        .editableForUserIds(new long[]{1})
                         .build()),
                 fileSystemRepository.save(FileSystemEntity.builder()
-                        .createdByUserId(1)
+                        .lastUpdatedBy(1)
+                        .lastUpdated(Instant.now().getEpochSecond())
+                        .ownerId(1)
                         .fileSystemId(2)
                         .isFile(true)
-                        .lastUpdated(Instant.now().getEpochSecond())
                         .name("dummyFile.txt")
                         .size(420)
                         .typeId(TEXT.getId())
+                        .mimeType("text/plain")
                         .editableFoGroupIds(new long[]{FAMILY.getGroupId()})
                         .visibleForGroupIds(new long[]{FAMILY.getGroupId()})
                         .build()),
                 fileSystemRepository.save(FileSystemEntity.builder()
-                        .createdByUserId(1)
+                        .lastUpdatedBy(1)
+                        .lastUpdated(Instant.now().getEpochSecond())
+                        .ownerId(1)
+                        .fileSystemId(7)
+                        .isFile(true)
+                        .name("visibleNonDeletableText.tex")
+                        .size(42)
+                        .typeId(TEXT.getId())
+                        .mimeType("text/plain")
+                        .visibleForGroupIds(new long[]{FAMILY.getGroupId()})
+                        .build()),
+                fileSystemRepository.save(FileSystemEntity.builder()
+                        .lastUpdatedBy(1)
+                        .lastUpdated(Instant.now().getEpochSecond())
+                        .ownerId(1)
                         .fileSystemId(3)
                         .isFile(false)
                         .path("/somefolder")
                         .name("SomeFolder")
-                        .lastUpdated(Instant.now().getEpochSecond())
                         .size(4446)
                         .typeId(FOLDER.getId())
                         .editableFoGroupIds(new long[]{FAMILY.getGroupId()})
                         .visibleForGroupIds(new long[]{FAMILY.getGroupId()})
-                        .itemIds(new long[]{4, 5})
+                        .itemIds(new long[]{4, 5, 6})
                         .build()),
                 fileSystemRepository.save(FileSystemEntity.builder()
-                        .createdByUserId(1)
+                        .lastUpdatedBy(1)
+                        .lastUpdated(Instant.now().getEpochSecond())
+                        .ownerId(1)
                         .fileSystemId(4)
                         .isFile(true)
-                        .lastUpdated(Instant.now().getEpochSecond())
                         .name("secretFileInSomeFolder.txt")
                         .size(3214)
                         .typeId(TEXT.getId())
+                        .mimeType("text/plain")
                         .editableFoGroupIds(new long[]{FAMILY.getGroupId()})
                         .visibleForGroupIds(new long[]{FAMILY.getGroupId()})
                         .build()),
                 fileSystemRepository.save(FileSystemEntity.builder()
-                        .createdByUserId(1)
+                        .lastUpdatedBy(1)
+                        .lastUpdated(Instant.now().getEpochSecond())
+                        .ownerId(1)
                         .fileSystemId(5)
                         .isFile(true)
-                        .lastUpdated(Instant.now().getEpochSecond())
                         .name("definitelyNotPorn.mp4")
                         .size(1232)
                         .typeId(VIDEO.getId())
+                        .mimeType("video/mp4")
                         .editableFoGroupIds(new long[]{FAMILY.getGroupId()})
                         .visibleForGroupIds(new long[]{FAMILY.getGroupId()})
+                        .build()),
+                fileSystemRepository.save(FileSystemEntity.builder()
+                        .lastUpdatedBy(1)
+                        .lastUpdated(Instant.now().getEpochSecond())
+                        .ownerId(1)
+                        .fileSystemId(6)
+                        .isFile(true)
+                        .name("invisible_secret_video.mp4")
+                        .size(1232)
+                        .typeId(VIDEO.getId())
+                        .mimeType("video/mp4")
                         .build())
         );
     }

src/main/java/de/filefighter/rest/domain/authentication/AuthenticationBusinessService.java

@@ -1,6 +1,6 @@
 package de.filefighter.rest.domain.authentication;
 
-import de.filefighter.rest.domain.common.exceptions.InputSanitizerService;
+import de.filefighter.rest.domain.common.InputSanitizerService;
 import de.filefighter.rest.domain.common.exceptions.RequestDidntMeetFormalRequirementsException;
 import de.filefighter.rest.domain.token.data.dto.AccessToken;
 import de.filefighter.rest.domain.user.business.UserDTOService;
@@ -21,10 +21,12 @@ public class AuthenticationBusinessService {
 
     private final UserRepository userRepository;
     private final UserDTOService userDtoService;
+    private final InputSanitizerService inputSanitizerService;
 
-    public AuthenticationBusinessService(UserRepository userRepository, UserDTOService userDtoService) {
+    public AuthenticationBusinessService(UserRepository userRepository, UserDTOService userDtoService, InputSanitizerService inputSanitizerService) {
         this.userRepository = userRepository;
         this.userDtoService = userDtoService;
+        this.inputSanitizerService = inputSanitizerService;
     }
 
     public User authenticateUserWithUsernameAndPassword(String base64encodedUserAndPassword) {
@@ -42,8 +44,8 @@ public User authenticateUserWithUsernameAndPassword(String base64encodedUserAndP
         if (split.length != 2)
             throw new RequestDidntMeetFormalRequirementsException("Credentials didnt meet formal requirements.");
 
-        String lowerCaseUsername = InputSanitizerService.sanitizeString(split[0].toLowerCase());
-        String password = InputSanitizerService.sanitizeString(split[1]);
+        String lowerCaseUsername = inputSanitizerService.sanitizeString(split[0].toLowerCase());
+        String password = inputSanitizerService.sanitizeString(split[1]);
 
         UserEntity userEntity = userRepository.findByLowercaseUsernameAndPassword(lowerCaseUsername, password);
         if (null == userEntity)

src/main/java/de/filefighter/rest/domain/authentication/AuthenticationService.java

@@ -1,6 +1,6 @@
 package de.filefighter.rest.domain.authentication;
 
-import de.filefighter.rest.domain.common.exceptions.InputSanitizerService;
+import de.filefighter.rest.domain.common.InputSanitizerService;
 import de.filefighter.rest.domain.token.business.AccessTokenBusinessService;
 import de.filefighter.rest.domain.token.data.dto.AccessToken;
 import de.filefighter.rest.domain.user.data.dto.User;

src/main/java/de/filefighter/rest/domain/common/exceptions/InputSanitizerService.java renamed to src/main/java/de/filefighter/rest/domain/common/InputSanitizerService.java

@@ -1,7 +1,11 @@
-package de.filefighter.rest.domain.common.exceptions;
+package de.filefighter.rest.domain.common;
 
+import de.filefighter.rest.domain.common.exceptions.RequestDidntMeetFormalRequirementsException;
 import org.springframework.stereotype.Service;
 
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
 @Service
 public class InputSanitizerService {
 
@@ -10,18 +14,25 @@ public static boolean stringIsValid(String s) {
     }
 
     /**
-     *
      * Sanitizes a String, so it can be used.
+     *
      * @param string String that needs to be sanitized.
      * @return string without whitespaces and without illegal characters.
      * @throws RequestDidntMeetFormalRequirementsException when string was empty.
      */
-    public static String sanitizeString(String string) {
-        if(!InputSanitizerService.stringIsValid(string))
+    public String sanitizeString(String string) {
+        if (!InputSanitizerService.stringIsValid(string))
             throw new RequestDidntMeetFormalRequirementsException("String was empty.");
         return string.replaceAll("\\s", "");
     }
 
+    public String sanitizePath(String path) {
+        if (!pathIsValid(path))
+            throw new RequestDidntMeetFormalRequirementsException("Path was not valid.");
+
+        return sanitizeString(path);
+    }
+
     public String sanitizeRequestHeader(String header, String testString) {
         if (!(stringIsValid(testString) && stringIsValid(header)))
             throw new RequestDidntMeetFormalRequirementsException("Header does not contain a valid String.");
@@ -32,7 +43,18 @@ public String sanitizeRequestHeader(String header, String testString) {
         return split[1];
     }
 
-    public String sanitizeTokenValue(String tokenValue){
-        return InputSanitizerService.sanitizeString(tokenValue);
+    public boolean pathIsValid(String path) {
+        String validString = sanitizeString(path);
+
+        Pattern pattern = Pattern.compile("[~#@*+:!?&%<>|\"^\\\\]");
+        Matcher matcher = pattern.matcher(validString);
+
+        boolean stringContainsDoubleSlash = validString.contains("//");
+
+        return !(matcher.find() || stringContainsDoubleSlash);
+    }
+
+    public String sanitizeTokenValue(String tokenValue) {
+        return this.sanitizeString(tokenValue);
     }
 }