diff --git a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/json/PlayerJSONResolver.java b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/json/PlayerJSONResolver.java index 0f6ec0709..131fdc229 100644 --- a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/json/PlayerJSONResolver.java +++ b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/resolver/json/PlayerJSONResolver.java @@ -20,6 +20,7 @@ import com.djrapitops.plan.delivery.rendering.json.PlayerJSONCreator; import com.djrapitops.plan.delivery.web.resolver.MimeType; import com.djrapitops.plan.delivery.web.resolver.Resolver; import com.djrapitops.plan.delivery.web.resolver.Response; +import com.djrapitops.plan.delivery.web.resolver.exception.BadRequestException; import com.djrapitops.plan.delivery.web.resolver.request.Request; import com.djrapitops.plan.delivery.web.resolver.request.WebUser; import com.djrapitops.plan.identification.Identifiers; @@ -44,10 +45,17 @@ public class PlayerJSONResolver implements Resolver { @Override public boolean canAccess(Request request) { WebUser user = request.getUser().orElse(new WebUser("")); - UUID playerUUID = identifiers.getPlayerUUID(request); - UUID webUserUUID = identifiers.getPlayerUUID(user.getName()); - boolean isOwnPage = playerUUID.equals(webUserUUID); - return user.hasPermission("page.player.other") || (user.hasPermission("page.player.self") && isOwnPage); + if (user.hasPermission("page.player.other")) return true; + if ((user.hasPermission("page.player.self"))) { + try { + UUID webUserUUID = identifiers.getPlayerUUID(user.getName()); + UUID playerUUID = identifiers.getPlayerUUID(request); + return playerUUID.equals(webUserUUID); + } catch (BadRequestException userDoesntExist) { + return false; // Don't give away who has played on the server to someone with level 2 access + } + } + return false; } @Override diff --git a/Plan/common/src/main/java/com/djrapitops/plan/storage/database/queries/objects/TPSQueries.java b/Plan/common/src/main/java/com/djrapitops/plan/storage/database/queries/objects/TPSQueries.java index eee73bc21..98e8a4698 100644 --- a/Plan/common/src/main/java/com/djrapitops/plan/storage/database/queries/objects/TPSQueries.java +++ b/Plan/common/src/main/java/com/djrapitops/plan/storage/database/queries/objects/TPSQueries.java @@ -28,6 +28,7 @@ import com.djrapitops.plan.utilities.java.Lists; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; +import java.sql.Types; import java.util.*; import java.util.concurrent.TimeUnit; @@ -186,7 +187,11 @@ public class TPSQueries { return new QueryStatement>>(sql, 1000) { @Override public void prepare(PreparedStatement statement) throws SQLException { - statement.setString(1, leaveOut.toString()); + if (leaveOut != null) { + statement.setString(1, leaveOut.toString()); + } else { + statement.setNull(1, Types.VARCHAR); + } statement.setBoolean(2, true); statement.setLong(3, before); statement.setLong(4, after); diff --git a/Plan/common/src/test/java/com/djrapitops/plan/delivery/webserver/AccessControlTest.java b/Plan/common/src/test/java/com/djrapitops/plan/delivery/webserver/AccessControlTest.java new file mode 100644 index 000000000..4c54a5980 --- /dev/null +++ b/Plan/common/src/test/java/com/djrapitops/plan/delivery/webserver/AccessControlTest.java @@ -0,0 +1,383 @@ +/* + * This file is part of Player Analytics (Plan). + * + * Plan is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License v3 as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * Plan is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with Plan. If not, see . + */ +package com.djrapitops.plan.delivery.webserver; + +import com.djrapitops.plan.PlanSystem; +import com.djrapitops.plan.delivery.domain.auth.User; +import com.djrapitops.plan.identification.Server; +import com.djrapitops.plan.identification.ServerUUID; +import com.djrapitops.plan.settings.config.PlanConfig; +import com.djrapitops.plan.settings.config.changes.ConfigUpdater; +import com.djrapitops.plan.settings.config.paths.WebserverSettings; +import com.djrapitops.plan.storage.database.transactions.StoreServerInformationTransaction; +import com.djrapitops.plan.storage.database.transactions.commands.RegisterWebUserTransaction; +import com.djrapitops.plan.storage.database.transactions.events.PlayerRegisterTransaction; +import com.djrapitops.plan.utilities.PassEncryptUtil; +import org.apache.commons.compress.utils.IOUtils; +import org.junit.jupiter.api.AfterAll; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.io.TempDir; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.CsvSource; +import utilities.HTTPConnector; +import utilities.RandomData; +import utilities.TestConstants; +import utilities.TestResources; +import utilities.mocks.PluginMockComponent; + +import java.io.File; +import java.io.IOException; +import java.io.InputStream; +import java.net.HttpURLConnection; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.StandardCopyOption; +import java.security.KeyManagementException; +import java.security.NoSuchAlgorithmException; +import java.util.Collections; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertTrue; + +/** + * Tests for limiting user access control based on permissions. + */ +public class AccessControlTest { + + private static final int TEST_PORT_NUMBER = RandomData.randomInt(9005, 9500); + + private static final HTTPConnector CONNECTOR = new HTTPConnector(); + + private static PlanSystem system; + private static String address; + private static String cookieLevel0; + private static String cookieLevel1; + private static String cookieLevel2; + private static ServerUUID serverUUID; + private static String cookieLevel100; + + @BeforeAll + static void setUpClass(@TempDir Path tempDir) throws Exception { + File file = tempDir.resolve("TestCert.p12").toFile(); + File testCert = TestResources.getTestResourceFile("TestCert.p12", ConfigUpdater.class); + Files.copy(testCert.toPath(), file.toPath(), StandardCopyOption.REPLACE_EXISTING); + + String absolutePath = file.getAbsolutePath(); + + PluginMockComponent component = new PluginMockComponent(tempDir); + system = component.getPlanSystem(); + + PlanConfig config = system.getConfigSystem().getConfig(); + + config.set(WebserverSettings.CERTIFICATE_PATH, absolutePath); + config.set(WebserverSettings.CERTIFICATE_KEYPASS, "test"); + config.set(WebserverSettings.CERTIFICATE_STOREPASS, "test"); + config.set(WebserverSettings.CERTIFICATE_ALIAS, "test"); + + config.set(WebserverSettings.PORT, TEST_PORT_NUMBER); + + system.enable(); + + User userLevel0 = new User("test0", "console", null, PassEncryptUtil.createHash("testPass"), 0, Collections.emptyList()); + User userLevel1 = new User("test1", "console", null, PassEncryptUtil.createHash("testPass"), 1, Collections.emptyList()); + User userLevel2 = new User("test2", TestConstants.PLAYER_ONE_NAME, TestConstants.PLAYER_ONE_UUID, PassEncryptUtil.createHash("testPass"), 2, Collections.emptyList()); + User userLevel100 = new User("test100", "console", null, PassEncryptUtil.createHash("testPass"), 100, Collections.emptyList()); + system.getDatabaseSystem().getDatabase().executeTransaction(new RegisterWebUserTransaction(userLevel0)); + system.getDatabaseSystem().getDatabase().executeTransaction(new RegisterWebUserTransaction(userLevel1)); + system.getDatabaseSystem().getDatabase().executeTransaction(new RegisterWebUserTransaction(userLevel2)); + system.getDatabaseSystem().getDatabase().executeTransaction(new RegisterWebUserTransaction(userLevel100)); + + system.getDatabaseSystem().getDatabase().executeTransaction(new PlayerRegisterTransaction(TestConstants.PLAYER_ONE_UUID, () -> 0L, TestConstants.PLAYER_ONE_NAME)); + system.getDatabaseSystem().getDatabase().executeTransaction(new StoreServerInformationTransaction(new Server( + TestConstants.SERVER_UUID, + TestConstants.SERVER_NAME, + address + ))); + + address = "https://localhost:" + TEST_PORT_NUMBER; + cookieLevel0 = login(address, userLevel0.getUsername()); + cookieLevel1 = login(address, userLevel1.getUsername()); + cookieLevel2 = login(address, userLevel2.getUsername()); + cookieLevel100 = login(address, userLevel100.getUsername()); + } + + @AfterAll + static void tearDownClass() { + if (system != null) { + system.disable(); + } + } + + static String login(String address, String username) throws IOException, KeyManagementException, NoSuchAlgorithmException { + HttpURLConnection loginConnection = null; + String cookie = ""; + try { + loginConnection = CONNECTOR.getConnection("GET", address + "/auth/login?user=" + username + "&password=testPass"); + try (InputStream in = loginConnection.getInputStream()) { + String responseBody = new String(IOUtils.toByteArray(in)); + assertTrue(responseBody.contains("\"success\":true"), () -> "Not successful: " + responseBody); + cookie = loginConnection.getHeaderField("Set-Cookie").split(";")[0]; + System.out.println("Got cookie: " + cookie); + } + } finally { + loginConnection.disconnect(); + } + return cookie; + } + + @ParameterizedTest + @CsvSource({ + "/,302", + "/server,302", + "/server/" + TestConstants.SERVER_UUID_STRING + ",200", + "/css/style.css,200", + "/js/color-selector.js,200", + "/vendor/bootstrap/js/bootstrap.min.js,200", + "/v1/serverOverview?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/onlineOverview?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/sessionsOverview?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/playerVersus?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/playerbaseOverview?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/performanceOverview?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=optimizedPerformance&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=aggregatedPing&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=worldPie&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=activity&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=joinAddressPie&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=geolocation&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=uniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=hourlyUniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=serverCalendar&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=punchCard&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/players?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/kills?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/pingTable?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/sessions?server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/network,302", + "/v1/network/overview,200", + "/v1/network/servers,200", + "/v1/network/sessionsOverview,200", + "/v1/network/playerbaseOverview,200", + "/v1/sessions,200", + "/v1/graph?type=playersOnline&server=" + TestConstants.SERVER_UUID_STRING + ",200", + "/v1/graph?type=uniqueAndNew,200", + "/v1/graph?type=hourlyUniqueAndNew,200", + "/v1/graph?type=serverPie,200", + "/v1/graph?type=joinAddressPie,200", + "/v1/graph?type=activity,200", + "/v1/graph?type=geolocation,200", + "/v1/network/pingTable,200", + "/player/" + TestConstants.PLAYER_ONE_NAME + ",200", + "/player/" + TestConstants.PLAYER_TWO_NAME + ",404", + "/v1/player?player=" + TestConstants.PLAYER_ONE_NAME + ",200", + "/v1/player?player=" + TestConstants.PLAYER_TWO_NAME + ",400", + "/players,200", + "/v1/players,200", + "/query,200", + "/v1/filters,200", + "/v1/query,400" + }) + void levelZeroCanAccess(String resource, String expectedResponseCode) throws NoSuchAlgorithmException, IOException, KeyManagementException { + int responseCode = access(resource, cookieLevel0); + assertEquals(Integer.parseInt(expectedResponseCode), responseCode, () -> "User level 0, Wrong response code for " + resource + ", expected " + expectedResponseCode + " but was " + responseCode); + } + + @ParameterizedTest + @CsvSource({ + "/,302", + "/server,403", + "/server/" + TestConstants.SERVER_UUID_STRING + ",403", + "/css/style.css,200", + "/js/color-selector.js,200", + "/vendor/bootstrap/js/bootstrap.min.js,200", + "/v1/serverOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/onlineOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/sessionsOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/playerVersus?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/playerbaseOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/performanceOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=optimizedPerformance&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=aggregatedPing&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=worldPie&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=activity&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=joinAddressPie&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=geolocation&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=uniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=hourlyUniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=serverCalendar&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=punchCard&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/players?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/kills?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/pingTable?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/sessions?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/network,403", + "/v1/network/overview,403", + "/v1/network/servers,403", + "/v1/network/sessionsOverview,403", + "/v1/network/playerbaseOverview,403", + "/v1/sessions,403", + "/v1/graph?type=playersOnline&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=uniqueAndNew,403", + "/v1/graph?type=hourlyUniqueAndNew,403", + "/v1/graph?type=serverPie,403", + "/v1/graph?type=joinAddressPie,403", + "/v1/graph?type=activity,403", + "/v1/graph?type=geolocation,403", + "/v1/network/pingTable,403", + "/player/" + TestConstants.PLAYER_ONE_NAME + ",200", + "/player/" + TestConstants.PLAYER_TWO_NAME + ",404", + "/v1/player?player=" + TestConstants.PLAYER_ONE_NAME + ",200", + "/v1/player?player=" + TestConstants.PLAYER_TWO_NAME + ",400", + "/players,200", + "/v1/players,200", + "/query,200", + "/v1/filters,200", + "/v1/query,400" + }) + void levelOneCanAccess(String resource, String expectedResponseCode) throws NoSuchAlgorithmException, IOException, KeyManagementException { + int responseCode = access(resource, cookieLevel1); + assertEquals(Integer.parseInt(expectedResponseCode), responseCode, () -> "User level 1, Wrong response code for " + resource + ", expected " + expectedResponseCode + " but was " + responseCode); + } + + @ParameterizedTest + @CsvSource({ + "/,302", + "/server,403", + "/server/" + TestConstants.SERVER_UUID_STRING + ",403", + "/css/style.css,200", + "/js/color-selector.js,200", + "/vendor/bootstrap/js/bootstrap.min.js,200", + "/v1/serverOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/onlineOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/sessionsOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/playerVersus?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/playerbaseOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/performanceOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=optimizedPerformance&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=aggregatedPing&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=worldPie&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=activity&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=joinAddressPie&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=geolocation&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=uniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=hourlyUniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=serverCalendar&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=punchCard&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/players?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/kills?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/pingTable?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/sessions?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/network,403", + "/v1/network/overview,403", + "/v1/network/servers,403", + "/v1/network/sessionsOverview,403", + "/v1/network/playerbaseOverview,403", + "/v1/sessions,403", + "/v1/graph?type=playersOnline&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=uniqueAndNew,403", + "/v1/graph?type=hourlyUniqueAndNew,403", + "/v1/graph?type=serverPie,403", + "/v1/graph?type=joinAddressPie,403", + "/v1/graph?type=activity,403", + "/v1/graph?type=geolocation,403", + "/v1/network/pingTable,403", + "/player/" + TestConstants.PLAYER_ONE_NAME + ",200", + "/player/" + TestConstants.PLAYER_TWO_NAME + ",403", + "/v1/player?player=" + TestConstants.PLAYER_ONE_NAME + ",200", + "/v1/player?player=" + TestConstants.PLAYER_TWO_NAME + ",403", + "/players,403", + "/v1/players,403", + "/query,403", + "/v1/filters,403", + "/v1/query,403" + }) + void levelTwoCanAccess(String resource, String expectedResponseCode) throws NoSuchAlgorithmException, IOException, KeyManagementException { + int responseCode = access(resource, cookieLevel2); + assertEquals(Integer.parseInt(expectedResponseCode), responseCode, () -> "User level 2, Wrong response code for " + resource + ", expected " + expectedResponseCode + " but was " + responseCode); + } + + @ParameterizedTest + @CsvSource({ + "/,403", + "/server,403", + "/server/" + TestConstants.SERVER_UUID_STRING + ",403", + "/css/style.css,200", + "/js/color-selector.js,200", + "/vendor/bootstrap/js/bootstrap.min.js,200", + "/v1/serverOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/onlineOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/sessionsOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/playerVersus?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/playerbaseOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/performanceOverview?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=optimizedPerformance&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=aggregatedPing&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=worldPie&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=activity&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=joinAddressPie&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=geolocation&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=uniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=hourlyUniqueAndNew&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=serverCalendar&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=punchCard&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/players?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/kills?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/pingTable?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/sessions?server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/network,403", + "/v1/network/overview,403", + "/v1/network/servers,403", + "/v1/network/sessionsOverview,403", + "/v1/network/playerbaseOverview,403", + "/v1/sessions,403", + "/v1/graph?type=playersOnline&server=" + TestConstants.SERVER_UUID_STRING + ",403", + "/v1/graph?type=uniqueAndNew,403", + "/v1/graph?type=hourlyUniqueAndNew,403", + "/v1/graph?type=serverPie,403", + "/v1/graph?type=joinAddressPie,403", + "/v1/graph?type=activity,403", + "/v1/graph?type=geolocation,403", + "/v1/network/pingTable,403", + "/player/" + TestConstants.PLAYER_ONE_NAME + ",403", + "/player/" + TestConstants.PLAYER_TWO_NAME + ",403", + "/v1/player?player=" + TestConstants.PLAYER_ONE_NAME + ",403", + "/v1/player?player=" + TestConstants.PLAYER_TWO_NAME + ",403", + "/players,403", + "/v1/players,403", + "/query,403", + "/v1/filters,403", + "/v1/query,403" + }) + void levelHundredCanNotAccess(String resource, String expectedResponseCode) throws NoSuchAlgorithmException, IOException, KeyManagementException { + int responseCode = access(resource, cookieLevel100); + assertEquals(Integer.parseInt(expectedResponseCode), responseCode, () -> "User level 100, Wrong response code for " + resource + ", expected " + expectedResponseCode + " but was " + responseCode); + } + + private int access(String resource, String cookie) throws IOException, KeyManagementException, NoSuchAlgorithmException { + HttpURLConnection connection = null; + try { + connection = CONNECTOR.getConnection("GET", address + resource); + connection.setRequestProperty("Cookie", cookie); + + return connection.getResponseCode(); + + } finally { + connection.disconnect(); + } + } + +} diff --git a/Plan/common/src/test/java/utilities/TestConstants.java b/Plan/common/src/test/java/utilities/TestConstants.java index 9afdbfedb..159b99ee5 100644 --- a/Plan/common/src/test/java/utilities/TestConstants.java +++ b/Plan/common/src/test/java/utilities/TestConstants.java @@ -35,7 +35,8 @@ public class TestConstants { public static final String SERVER_NAME = "ServerName"; public static final String SERVER_TWO_NAME = "ServerName2"; - public static final ServerUUID SERVER_UUID = ServerUUID.fromString("e4ec2edd-e0ed-3c58-a87d-8a9021899479"); + public static final String SERVER_UUID_STRING = "e4ec2edd-e0ed-3c58-a87d-8a9021899479"; + public static final ServerUUID SERVER_UUID = ServerUUID.fromString(SERVER_UUID_STRING); public static final ServerUUID SERVER_TWO_UUID = ServerUUID.fromString("c4ec2edd-e0ed-3c58-a87d-8a9024791899"); public static final UUID PLAYER_ONE_UUID = UUID.fromString("45b0dfdb-f71d-4cf3-8c21-27c9d4c651db"); public static final UUID PLAYER_TWO_UUID = UUID.fromString("ec94a954-1fa1-445b-b09b-9b698519af80");