/**
* =============================================================================
*
* ORCID (R) Open Source
* http://orcid.org
*
* Copyright (c) 2012-2014 ORCID, Inc.
* Licensed under an MIT-Style License (MIT)
* http://orcid.org/open-source-license
*
* This copyright and license information (including a link to the full license)
* shall be included in its entirety in all copies or substantial portion of
* the software.
*
* =============================================================================
*/
package org.orcid.api.common.security.filter.impl;
import java.io.InputStream;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.custommonkey.xmlunit.Diff;
import org.custommonkey.xmlunit.XMLTestCase;
import org.junit.Test;
import org.orcid.core.security.visibility.filter.impl.VisibilityFilterImpl;
import org.orcid.jaxb.model.message.ExternalIdentifier;
import org.orcid.jaxb.model.message.Keyword;
import org.orcid.jaxb.model.message.OrcidBio;
import org.orcid.jaxb.model.message.OrcidMessage;
import org.orcid.jaxb.model.message.OrcidSearchResult;
import org.orcid.jaxb.model.message.OtherName;
import org.orcid.jaxb.model.message.ResearcherUrl;
import org.orcid.jaxb.model.message.Visibility;
/**
* @author Declan Newman (declan) Date: 16/03/2012
*/
public class VisibilityFilterImplTest extends XMLTestCase {
private Unmarshaller unmarshaller;
private VisibilityFilterImpl visibilityFilter = new VisibilityFilterImpl();
private OrcidMessage protectedOrcidMessage;
private OrcidMessage publicOrcidMessage;
public VisibilityFilterImplTest() throws JAXBException {
super("Test Visibility Filter");
JAXBContext context = JAXBContext.newInstance(OrcidMessage.class);
unmarshaller = context.createUnmarshaller();
}
@Test
public void testFilterStripWithVisibilities() throws Exception {
protectedOrcidMessage = getOrcidMessage("/orcid-protected-full-message-latest.xml");
publicOrcidMessage = getOrcidMessage("/orcid-stripped-with-visibility-message-latest.xml");
OrcidMessage orcidMessage = visibilityFilter.filter(cascadeSectionPrivacyToItems(protectedOrcidMessage), Visibility.PUBLIC);
Diff myDiff = new Diff(publicOrcidMessage.toString(), orcidMessage.toString());
assertEquals(publicOrcidMessage.toString(), orcidMessage.toString());
assertTrue(myDiff.toString(), myDiff.similar());
}
@Test
public void testOrcidMessageWithNullOrcidProfile() throws JAXBException {
OrcidMessage orcidMessage = getOrcidMessage("/orcid-search-result-message.xml");
OrcidMessage filteredMessage = visibilityFilter.filter(orcidMessage, Visibility.PUBLIC);
assertNotNull(filteredMessage);
assertNull(filteredMessage.getOrcidProfile());
assertEquals(2, filteredMessage.getOrcidSearchResults().getNumFound());
for (int i = 0; i < filteredMessage.getOrcidSearchResults().getNumFound(); i++) {
OrcidSearchResult searchResult = filteredMessage.getOrcidSearchResults().getOrcidSearchResult().get(i);
OrcidBio orcidBio = searchResult.getOrcidProfile().getOrcidBio();
// check private emails stripped out
assertEquals(1, orcidBio.getContactDetails().getEmail().size());
}
}
private OrcidMessage getOrcidMessage(String s) throws JAXBException {
InputStream inputStream = VisibilityFilterImplTest.class.getResourceAsStream(s);
return (OrcidMessage) unmarshaller.unmarshal(inputStream);
}
/** Cascades section level privacy to items within that section that have null visibilities.
* Affects ResearcherUrl, Keyword, OtherName, ExternalIdentifier.
*
* Should be used before calling filter if the message was de-serialised from XML.
* Subsequent filtering will be safe but Will result in information loss.
* To avoid information loss, you should filter messages generated by manager classes instead.
*
* @param messageToModify
* @return
*/
private OrcidMessage cascadeSectionPrivacyToItems(OrcidMessage m){
for (Keyword k : m.getOrcidProfile().getOrcidBio().getKeywords().getKeyword())
k.setVisibility(m.getOrcidProfile().getOrcidBio().getKeywords().getVisibility());
for (ResearcherUrl r : m.getOrcidProfile().getOrcidBio().getResearcherUrls().getResearcherUrl())
r.setVisibility(m.getOrcidProfile().getOrcidBio().getResearcherUrls().getVisibility());
for (ExternalIdentifier id : m.getOrcidProfile().getOrcidBio().getExternalIdentifiers().getExternalIdentifier())
id.setVisibility(m.getOrcidProfile().getOrcidBio().getExternalIdentifiers().getVisibility());
for (OtherName on : m.getOrcidProfile().getOrcidBio().getPersonalDetails().getOtherNames().getOtherName())
on.setVisibility(m.getOrcidProfile().getOrcidBio().getPersonalDetails().getOtherNames().getVisibility());
return m;
}
}