leonroy · May 27, 2020 13:41
diff --git a/EndpointIntegrationTest.java b/EndpointIntegrationTest.java
 package com.boxpeg.brring.server.api;

 import com.boxpeg.brring.server.api.error.ErrorConstants;
 import com.boxpeg.brring.server.common.exception.ForbiddenException;
 import com.boxpeg.brring.server.common.exception.ResourceAlreadyExistsException;
 import com.boxpeg.brring.server.common.exception.ResourceNotFoundException;
 import com.boxpeg.brring.server.config.Constants;
 import com.boxpeg.brring.server.mail.verification.EmailVerificationService;
 import com.boxpeg.brring.server.security.AuthoritiesConstants;
 import com.boxpeg.brring.server.telephony.call.CallPropertyKeys;
 import com.boxpeg.brring.server.telephony.endpoint.EndpointController;
 import com.boxpeg.brring.server.telephony.endpoint.EndpointUtil;
 import com.boxpeg.brring.server.telephony.endpoint.dto.EndpointCreateDto;
 import com.boxpeg.brring.server.telephony.endpoint.dto.EndpointDto;
 import com.boxpeg.brring.server.telephony.endpoint.dto.EndpointUpdateDto;
 import com.boxpeg.brring.server.telephony.endpoint.service.EndpointService;
 import com.boxpeg.brring.server.test.ErrorUtil;
 import com.boxpeg.brring.server.test.OAuthUtil;
 import com.boxpeg.brring.server.test.RestUtil;
 import com.boxpeg.brring.server.test.TestConstants;
 import com.boxpeg.brring.server.user.User;
 import com.boxpeg.brring.server.user.service.DefaultUserService;
 import com.boxpeg.brring.server.user.service.UserService;
 import io.restassured.http.ContentType;
 import io.restassured.response.Response;
 import io.restassured.specification.RequestSpecification;
 import lombok.extern.slf4j.Slf4j;
 import org.hamcrest.CoreMatchers;
 import org.junit.After;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.modelmapper.ModelMapper;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.test.context.SpringBootTest;
 import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.boot.web.server.LocalServerPort;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringRunner;

 import java.util.Arrays;

 import static org.assertj.core.api.Assertions.assertThat;

 @RunWith(SpringRunner.class)
 @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
 @TestPropertySource({"classpath:application-test.properties", "classpath:email-test.properties"})
 @Slf4j
 public class EndpointIntegrationTest {

    @Autowired
    private UserService userService;

    @Autowired
    private EndpointService endpointService;

    private int port;

    @Value("${server.host}")
    private String host;

    private User admin;
    private User user;
    private User user2;

    private String adminPass = "Passw0rd1";
    private String userPass = "Passw0rd2";
    private String user2Pass = "Passw0rd2";

    @Autowired
    private ModelMapper modelMapper;

    @MockBean
    private EmailVerificationService emailVerificationService;

    private void setupTestUsers() {
        admin = userService.createEnabledUserWithEndpointAndRole("[email protected]", adminPass, true, AuthoritiesConstants.ADMIN, "Test Admin", "+441231234567", "Work", true);
        user = userService.createEnabledUserWithEndpointAndRole("[email protected]", userPass, true, AuthoritiesConstants.USER, "Test User", "+441231234567", "Work", false);
        user2 = userService.createEnabledUserWithRole("[email protected]", userPass, true, AuthoritiesConstants.USER);
    }

    @Before
    public void setUp() throws Exception {
        setupTestUsers();
    }

    @After
    public void tearDown() throws Exception {
        for (User u : userService.findAll()) {
            userService.deleteUser(u);
            ((DefaultUserService) userService).purgeUserAccountMarkedForDeletionNow(u);
        }
    }

    @LocalServerPort
    public void setPort(int port) {
        this.port = port;
    }

    public void findAll(User user, String password) {
        final EndpointDto[] response = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), password)
                .get(host + ":" + port + EndpointController.BASE_PATH)
                .then()
                .contentType(ContentType.JSON)
                .statusCode(HttpStatus.OK.value())
                .extract().response().as(EndpointDto[].class);
        EndpointUtil.validateEquivalentDtoAndEntity(Arrays.asList(response), user.getEndpoints());
    }

    @Test
    public void findAllAsAdmin() {
        this.findAll(admin, adminPass);
    }

    @Test
    public void findAllAsUser() {
        this.findAll(user, userPass);
    }

    public void findOne(User user, String password) {
        final EndpointDto response = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), password)
                .get(host + ":" + port + EndpointController.BASE_PATH + "/" + user.getEndpoints().stream().findFirst().get().getId())
                .then()
                .contentType(ContentType.JSON)
                .statusCode(HttpStatus.OK.value())
                .extract().response().as(EndpointDto.class);
        assertThat(response)
                .isNotNull()
                .isEqualToComparingFieldByField(user.getEndpoints().stream().findFirst().get());
    }

    @Test
    public void testFindOneAsAdmin() {
        this.findOne(admin, adminPass);
    }

    @Test
    public void testFindOneAsUser() {
        this.findOne(user, userPass);
    }

    @Test
    public void testFindOneAsAdminForbidden() {
        Long epId = user.getEndpoints().stream().findFirst().get().getId();
        Response response = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, admin.getEmail(), adminPass)
                .get(host + ":" + port + EndpointController.BASE_PATH + "/" + epId)
                .then().log().all()
                .contentType(ContentType.JSON)
                .statusCode(HttpStatus.FORBIDDEN.value())
                .extract().response();
        ErrorUtil.assertValidError(response, HttpStatus.FORBIDDEN, String.format(ForbiddenException.MESSAGE, admin.getEmail(), "ID", epId));
    }

    @Test
    public void testFindOneAsUserErrors() {
        Response response1 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
                .get(host + ":" + port + EndpointController.BASE_PATH + "/" + admin.getEndpoints().stream().findFirst().get().getId())
                .then().log().all()
                .contentType(ContentType.JSON)
                .statusCode(HttpStatus.FORBIDDEN.value())
                .extract().response();
        ErrorUtil.assertValidError(response1, HttpStatus.FORBIDDEN, String.format(ForbiddenException.MESSAGE, user.getEmail(), "ID", admin.getEndpoints().stream().findFirst().get().getId()));

        Response response3 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
                .get(host + ":" + port + EndpointController.BASE_PATH + "/" + Long.MAX_VALUE)
                .then().log().all()
                .contentType(ContentType.JSON)
                .statusCode(HttpStatus.NOT_FOUND.value())
                .extract().response();
        ErrorUtil.assertValidError(response3, HttpStatus.NOT_FOUND, String.format(ResourceNotFoundException.MESSAGE, "endpoint", "ID", Long.MAX_VALUE));

        EndpointDto response4 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
                .get(host + ":" + port + EndpointController.BASE_PATH + "/" + user.getEndpoints().stream().findFirst().get().getId())
                .then()
                .contentType(ContentType.JSON)
                .statusCode(HttpStatus.OK.value())
                .extract().response().as(EndpointDto.class);
        assertThat(response4).isNotNull();
        assertThat(response4.getUri()).isEqualTo(EndpointController.BASE_PATH + "/" + response4.getId());

        Response response5 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
                .get(host + ":" + port + EndpointController.BASE_PATH + "/" + "123123,123%20  123asdmasd")
                .then().log().all()
                .contentType(ContentType.JSON)
                .statusCode(HttpStatus.INTERNAL_SERVER_ERROR.value())
                .extract().response();
        ErrorUtil.assertValidError(response5, HttpStatus.INTERNAL_SERVER_ERROR, "The request was rejected because the URL contained a potentially malicious String");
    }

    @Test
    public void testCreateAsAdmin() {
        int initialEndpointCount = endpointService.findAll().size();

        EndpointCreateDto newEp = new EndpointCreateDto()
                .setCallerId("Hey You")
                .setPhoneNumber("+441614960992")
                .setLabel("Worky");

        RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, admin.getEmail(), adminPass);
        Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH, newEp, HttpStatus.CREATED.value());
        EndpointDto ep = response.as(EndpointDto.class);
        assertThat(ep)
                .isNotNull()
                .isEqualToComparingOnlyGivenFields(newEp, "phoneNumber", "callerId", CallPropertyKeys.PROPERTY_KEY_LABEL);

        assertThat(ep.isVerified()).isEqualTo(false);
        assertThat(response.header(HttpHeaders.LOCATION)).isEqualTo(host + ":" + port + EndpointController.BASE_PATH + "/" + ep.getId());
        assertThat(endpointService.findAll().size()).isEqualTo(initialEndpointCount + 1);
    }

    @Test
    public void testCreateAsUser() {
        RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

        // find all endpoints for user - mark that as n endpoints - could use controller.getAll.getSize too
        final EndpointDto[] response = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
        assertThat(response).isNotNull();
        int initialEndpointCount = response.length;

        // create one endpoint
        Response response1 = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
                new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
                HttpStatus.CREATED.value());
        EndpointDto ep = response1.as(EndpointDto.class);
        assertThat(response1.header(HttpHeaders.LOCATION)).isEqualTo(host + ":" + port + EndpointController.BASE_PATH + "/" + ep.getId());

        // find all endpoints for user - verify that == n +1 endpoints
        final Response response2 = rs.get(host + ":" + port + EndpointController.BASE_PATH)
                .then()
                .extract().response();
        EndpointDto[] endpoints = response2.as(EndpointDto[].class);
        assertThat(endpoints).hasSize(initialEndpointCount + 1);
        // delete new ep
        RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, ep, HttpStatus.NO_CONTENT.value());
        // find all endpoints for user - verify that == n endpoints
        final EndpointDto[] response3 = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
        assertThat(response).hasSize(response3.length);
    }

    @Test
    public void testCreateAsUserWithInvalidEndpoint() {
        RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

        // find all endpoints for user - mark that as n endpoints
        final EndpointDto[] response = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
        assertThat(response).hasSize(1);

        // 1
        Response response2 = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
                new EndpointCreateDto(), HttpStatus.BAD_REQUEST.value());
        ErrorUtil.assertValidError(response2, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The phone number supplied was null", ErrorConstants.PHONE_NUMBER_REQUIRED);

        // 2
        Response response3 = rs
                .contentType(ContentType.JSON)//.body()
                .when()
                .post(host + ":" + port + Constants.API_BASE_PATH + "/endpoints")
                .then().log().all()
                .statusCode(HttpStatus.BAD_REQUEST.value())
                .extract().response();
        Assert.assertNotNull(response3);
        ErrorUtil.assertValidError(response3, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, ErrorConstants.PHONE_NUMBER_REQUIRED, "The phone number supplied was null");

        // 3
        Response response4 = rs.contentType(ContentType.JSON)
                .body("{}")
                .when()
                .post(host + ":" + port + EndpointController.BASE_PATH)
                .then().log().all()
                .statusCode(HttpStatus.BAD_REQUEST.value())
                .extract().response();
        ErrorUtil.assertValidError(response4, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The phone number supplied was null", ErrorConstants.PHONE_NUMBER_REQUIRED);

        // find all endpoints for user - verify that == n +1 endpoints
        final EndpointDto[] responseFindAll = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
        Assert.assertThat(response.length, CoreMatchers.equalTo(responseFindAll.length));
    }

    @Test
    public void testCreateAsUserDuplicate() {
        RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);
        int initialEndpointCount = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class).length;

        // create one endpoint
        RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
                new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
                HttpStatus.CREATED.value()).then().log().all();
        assertThat(rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class)).hasSize(initialEndpointCount + 1);

        // create second endpoint
        Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
                new EndpointCreateDto().setCallerId("Me Again").setPhoneNumber("+441614960992"),
                HttpStatus.CONFLICT.value()).then().log().all().extract().response();
        ErrorUtil.assertValidError(response, HttpStatus.CONFLICT, String.format(ResourceAlreadyExistsException.MESSAGE, "endpoint", "phone number", "+441614960992"));

        assertThat(rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class)).hasSize(initialEndpointCount + 1);
    }

    @Test
    public void testDeleteAsAdmin() {
        int initialEndpointCount = endpointService.findAll().size();

        RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, admin.getEmail(), adminPass);
        Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
                new EndpointCreateDto().setCallerId("Hey You").setPhoneNumber("+441614960992"), HttpStatus.CREATED.value());
        EndpointDto epOut = response.as(EndpointDto.class);
        Assert.assertThat(epOut.getCallerId(), CoreMatchers.equalTo("Hey You"));
        Assert.assertThat(epOut.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
        Assert.assertTrue(epOut.getId() > 0);

        EndpointDto epDummy = new EndpointDto();
        epDummy.setId(-1L);
        Response responseDel = RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epDummy, HttpStatus.NOT_FOUND.value());
        ErrorUtil.assertValidError(responseDel, HttpStatus.NOT_FOUND, String.format(ResourceNotFoundException.MESSAGE, "endpoint", "ID", "-1"));

        RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epOut, HttpStatus.NO_CONTENT.value());

        final EndpointDto[] response2 = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
        Assert.assertThat(response2.length, CoreMatchers.equalTo(endpointService.findByUser(admin).size()));

        assertThat(endpointService.findAll().size()).isEqualTo(initialEndpointCount);
    }

    @Test
    public void testReplaceAsUser() {
        RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

        final Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
                new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
                HttpStatus.CREATED.value());

        EndpointDto epCreated = response.as(EndpointDto.class);
        try {
            Assert.assertThat(epCreated.getCallerId(), CoreMatchers.equalTo("It's Me"));
            Assert.assertThat(epCreated.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
            Assert.assertThat(epCreated.getLabel(), CoreMatchers.equalTo(null));
            Assert.assertTrue(epCreated.getId() > 0);

            EndpointUpdateDto updateDto = modelMapper.map(epCreated, EndpointUpdateDto.class);
 //            updateDto.setPhoneNumber("+441614960993");
 //            updateDto.setCallerId("It's No Longer Me");
            updateDto.setLabel("Worky");

            EndpointDto epReplaced = rs
                    .contentType(ContentType.JSON)
                    .body(updateDto)
                    .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
                    .then().log().all()
                    .statusCode(HttpStatus.OK.value())
                    .extract().as(EndpointDto.class);

 //            Assert.assertThat(epReplaced.getCallerId(), CoreMatchers.equalTo("It's No Longer Me"));
 //            Assert.assertThat(epReplaced.getPhoneNumber(), CoreMatchers.equalTo("+441614960993"));
            Assert.assertThat(epReplaced.getLabel(), CoreMatchers.equalTo("Worky"));
            Assert.assertThat(epReplaced.isVerified(), CoreMatchers.equalTo(false));
            Assert.assertTrue(epReplaced.getId() > 0);
        } finally {
            RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epCreated, HttpStatus.NO_CONTENT.value());
        }
    }

    @Test
    public void testReplaceAsUserWithInvalidEndpoint() {
        RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

        final Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
                new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
                HttpStatus.CREATED.value());

        EndpointDto epCreated = response.as(EndpointDto.class);
        try {
            Assert.assertThat(epCreated.getCallerId(), CoreMatchers.equalTo("It's Me"));
            Assert.assertThat(epCreated.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
            Assert.assertTrue(epCreated.getId() > 0);

            //1
 //            final Response response2 = rs
 //                    .contentType(ContentType.JSON)
 //                    .body(modelMapper.map(epCreated, EndpointUpdateDto.class).setPhoneNumber(""))
 //                    .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
 //                    .then().log().all()
 //                    .statusCode(HttpStatus.BAD_REQUEST.value())
 //                    .extract().response();
 //            ErrorUtil.assertValidError(response2, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The string supplied did not seem to be a phone number", ErrorConstants.PHONE_NUMBER_REQUIRED);

            //2
 //            final Response response3 = rs
 //                    .contentType(ContentType.JSON)
 //                    .body(modelMapper.map(epCreated, EndpointUpdateDto.class).setPhoneNumber(null))
 //                    .when()
 //                    .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
 //                    .then()
 //                    .statusCode(HttpStatus.BAD_REQUEST.value())
 //                    .extract().response();
 //            ErrorUtil.assertValidError(response3, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The phone number supplied was null", ErrorConstants.PHONE_NUMBER_REQUIRED);

            //3
 //            final EndpointDto response4 = rs
 //                    .contentType(ContentType.JSON)
 //                    .body(modelMapper.map(epCreated, EndpointUpdateDto.class).setPhoneNumber("+441614960992").setCallerId(""))
 //                    .when()
 //                    .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
 //                    .then().log().all()
 //                    .statusCode(HttpStatus.OK.value())
 //                    .extract().response().as(EndpointDto.class);

 //            Assert.assertNotNull(response4);
 //            Assert.assertThat(response4.getCallerId(), CoreMatchers.equalTo(""));
 //            Assert.assertThat(response4.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
 //            Assert.assertTrue(response4.getId() > 0);

            //2
            final Response response5 = rs
                    .contentType(ContentType.JSON)
                    .body(modelMapper.map(epCreated, EndpointUpdateDto.class).setLabel("Random Label").setId(1234L))
                    .when()
                    .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
                    .then().log().all()
                    .statusCode(HttpStatus.BAD_REQUEST.value())
                    .extract().response();
            ErrorUtil.assertValidError(response5, HttpStatus.BAD_REQUEST, ErrorConstants.ID_MISMATCH);

        } finally {
            RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epCreated, HttpStatus.NO_CONTENT.value());
        }
    }

 }
	package com.boxpeg.brring.server.api;

	import com.boxpeg.brring.server.api.error.ErrorConstants;
	import com.boxpeg.brring.server.common.exception.ForbiddenException;
	import com.boxpeg.brring.server.common.exception.ResourceAlreadyExistsException;
	import com.boxpeg.brring.server.common.exception.ResourceNotFoundException;
	import com.boxpeg.brring.server.config.Constants;
	import com.boxpeg.brring.server.mail.verification.EmailVerificationService;
	import com.boxpeg.brring.server.security.AuthoritiesConstants;
	import com.boxpeg.brring.server.telephony.call.CallPropertyKeys;
	import com.boxpeg.brring.server.telephony.endpoint.EndpointController;
	import com.boxpeg.brring.server.telephony.endpoint.EndpointUtil;
	import com.boxpeg.brring.server.telephony.endpoint.dto.EndpointCreateDto;
	import com.boxpeg.brring.server.telephony.endpoint.dto.EndpointDto;
	import com.boxpeg.brring.server.telephony.endpoint.dto.EndpointUpdateDto;
	import com.boxpeg.brring.server.telephony.endpoint.service.EndpointService;
	import com.boxpeg.brring.server.test.ErrorUtil;
	import com.boxpeg.brring.server.test.OAuthUtil;
	import com.boxpeg.brring.server.test.RestUtil;
	import com.boxpeg.brring.server.test.TestConstants;
	import com.boxpeg.brring.server.user.User;
	import com.boxpeg.brring.server.user.service.DefaultUserService;
	import com.boxpeg.brring.server.user.service.UserService;
	import io.restassured.http.ContentType;
	import io.restassured.response.Response;
	import io.restassured.specification.RequestSpecification;
	import lombok.extern.slf4j.Slf4j;
	import org.hamcrest.CoreMatchers;
	import org.junit.After;
	import org.junit.Assert;
	import org.junit.Before;
	import org.junit.Test;
	import org.junit.runner.RunWith;
	import org.modelmapper.ModelMapper;
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.beans.factory.annotation.Value;
	import org.springframework.boot.test.context.SpringBootTest;
	import org.springframework.boot.test.mock.mockito.MockBean;
	import org.springframework.boot.web.server.LocalServerPort;
	import org.springframework.http.HttpHeaders;
	import org.springframework.http.HttpStatus;
	import org.springframework.test.context.TestPropertySource;
	import org.springframework.test.context.junit4.SpringRunner;

	import java.util.Arrays;

	import static org.assertj.core.api.Assertions.assertThat;

	@RunWith(SpringRunner.class)
	@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
	@TestPropertySource({"classpath:application-test.properties", "classpath:email-test.properties"})
	@Slf4j
	public class EndpointIntegrationTest {

	@Autowired
	private UserService userService;

	@Autowired
	private EndpointService endpointService;

	private int port;

	@Value("${server.host}")
	private String host;

	private User admin;
	private User user;
	private User user2;

	private String adminPass = "Passw0rd1";
	private String userPass = "Passw0rd2";
	private String user2Pass = "Passw0rd2";

	@Autowired
	private ModelMapper modelMapper;

	@MockBean
	private EmailVerificationService emailVerificationService;

	private void setupTestUsers() {
	admin = userService.createEnabledUserWithEndpointAndRole("[email protected]", adminPass, true, AuthoritiesConstants.ADMIN, "Test Admin", "+441231234567", "Work", true);
	user = userService.createEnabledUserWithEndpointAndRole("[email protected]", userPass, true, AuthoritiesConstants.USER, "Test User", "+441231234567", "Work", false);
	user2 = userService.createEnabledUserWithRole("[email protected]", userPass, true, AuthoritiesConstants.USER);
	}

	@Before
	public void setUp() throws Exception {
	setupTestUsers();
	}

	@After
	public void tearDown() throws Exception {
	for (User u : userService.findAll()) {
	userService.deleteUser(u);
	((DefaultUserService) userService).purgeUserAccountMarkedForDeletionNow(u);
	}
	}

	@LocalServerPort
	public void setPort(int port) {
	this.port = port;
	}

	public void findAll(User user, String password) {
	final EndpointDto[] response = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), password)
	.get(host + ":" + port + EndpointController.BASE_PATH)
	.then()
	.contentType(ContentType.JSON)
	.statusCode(HttpStatus.OK.value())
	.extract().response().as(EndpointDto[].class);
	EndpointUtil.validateEquivalentDtoAndEntity(Arrays.asList(response), user.getEndpoints());
	}

	@Test
	public void findAllAsAdmin() {
	this.findAll(admin, adminPass);
	}

	@Test
	public void findAllAsUser() {
	this.findAll(user, userPass);
	}

	public void findOne(User user, String password) {
	final EndpointDto response = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), password)
	.get(host + ":" + port + EndpointController.BASE_PATH + "/" + user.getEndpoints().stream().findFirst().get().getId())
	.then()
	.contentType(ContentType.JSON)
	.statusCode(HttpStatus.OK.value())
	.extract().response().as(EndpointDto.class);
	assertThat(response)
	.isNotNull()
	.isEqualToComparingFieldByField(user.getEndpoints().stream().findFirst().get());
	}

	@Test
	public void testFindOneAsAdmin() {
	this.findOne(admin, adminPass);
	}

	@Test
	public void testFindOneAsUser() {
	this.findOne(user, userPass);
	}

	@Test
	public void testFindOneAsAdminForbidden() {
	Long epId = user.getEndpoints().stream().findFirst().get().getId();
	Response response = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, admin.getEmail(), adminPass)
	.get(host + ":" + port + EndpointController.BASE_PATH + "/" + epId)
	.then().log().all()
	.contentType(ContentType.JSON)
	.statusCode(HttpStatus.FORBIDDEN.value())
	.extract().response();
	ErrorUtil.assertValidError(response, HttpStatus.FORBIDDEN, String.format(ForbiddenException.MESSAGE, admin.getEmail(), "ID", epId));
	}

	@Test
	public void testFindOneAsUserErrors() {
	Response response1 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
	.get(host + ":" + port + EndpointController.BASE_PATH + "/" + admin.getEndpoints().stream().findFirst().get().getId())
	.then().log().all()
	.contentType(ContentType.JSON)
	.statusCode(HttpStatus.FORBIDDEN.value())
	.extract().response();
	ErrorUtil.assertValidError(response1, HttpStatus.FORBIDDEN, String.format(ForbiddenException.MESSAGE, user.getEmail(), "ID", admin.getEndpoints().stream().findFirst().get().getId()));

	Response response3 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
	.get(host + ":" + port + EndpointController.BASE_PATH + "/" + Long.MAX_VALUE)
	.then().log().all()
	.contentType(ContentType.JSON)
	.statusCode(HttpStatus.NOT_FOUND.value())
	.extract().response();
	ErrorUtil.assertValidError(response3, HttpStatus.NOT_FOUND, String.format(ResourceNotFoundException.MESSAGE, "endpoint", "ID", Long.MAX_VALUE));

	EndpointDto response4 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
	.get(host + ":" + port + EndpointController.BASE_PATH + "/" + user.getEndpoints().stream().findFirst().get().getId())
	.then()
	.contentType(ContentType.JSON)
	.statusCode(HttpStatus.OK.value())
	.extract().response().as(EndpointDto.class);
	assertThat(response4).isNotNull();
	assertThat(response4.getUri()).isEqualTo(EndpointController.BASE_PATH + "/" + response4.getId());

	Response response5 = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass)
	.get(host + ":" + port + EndpointController.BASE_PATH + "/" + "123123,123%20 123asdmasd")
	.then().log().all()
	.contentType(ContentType.JSON)
	.statusCode(HttpStatus.INTERNAL_SERVER_ERROR.value())
	.extract().response();
	ErrorUtil.assertValidError(response5, HttpStatus.INTERNAL_SERVER_ERROR, "The request was rejected because the URL contained a potentially malicious String");
	}

	@Test
	public void testCreateAsAdmin() {
	int initialEndpointCount = endpointService.findAll().size();

	EndpointCreateDto newEp = new EndpointCreateDto()
	.setCallerId("Hey You")
	.setPhoneNumber("+441614960992")
	.setLabel("Worky");

	RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, admin.getEmail(), adminPass);
	Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH, newEp, HttpStatus.CREATED.value());
	EndpointDto ep = response.as(EndpointDto.class);
	assertThat(ep)
	.isNotNull()
	.isEqualToComparingOnlyGivenFields(newEp, "phoneNumber", "callerId", CallPropertyKeys.PROPERTY_KEY_LABEL);

	assertThat(ep.isVerified()).isEqualTo(false);
	assertThat(response.header(HttpHeaders.LOCATION)).isEqualTo(host + ":" + port + EndpointController.BASE_PATH + "/" + ep.getId());
	assertThat(endpointService.findAll().size()).isEqualTo(initialEndpointCount + 1);
	}

	@Test
	public void testCreateAsUser() {
	RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

	// find all endpoints for user - mark that as n endpoints - could use controller.getAll.getSize too
	final EndpointDto[] response = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
	assertThat(response).isNotNull();
	int initialEndpointCount = response.length;

	// create one endpoint
	Response response1 = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
	new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
	HttpStatus.CREATED.value());
	EndpointDto ep = response1.as(EndpointDto.class);
	assertThat(response1.header(HttpHeaders.LOCATION)).isEqualTo(host + ":" + port + EndpointController.BASE_PATH + "/" + ep.getId());

	// find all endpoints for user - verify that == n +1 endpoints
	final Response response2 = rs.get(host + ":" + port + EndpointController.BASE_PATH)
	.then()
	.extract().response();
	EndpointDto[] endpoints = response2.as(EndpointDto[].class);
	assertThat(endpoints).hasSize(initialEndpointCount + 1);
	// delete new ep
	RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, ep, HttpStatus.NO_CONTENT.value());
	// find all endpoints for user - verify that == n endpoints
	final EndpointDto[] response3 = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
	assertThat(response).hasSize(response3.length);
	}

	@Test
	public void testCreateAsUserWithInvalidEndpoint() {
	RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

	// find all endpoints for user - mark that as n endpoints
	final EndpointDto[] response = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
	assertThat(response).hasSize(1);

	// 1
	Response response2 = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
	new EndpointCreateDto(), HttpStatus.BAD_REQUEST.value());
	ErrorUtil.assertValidError(response2, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The phone number supplied was null", ErrorConstants.PHONE_NUMBER_REQUIRED);

	// 2
	Response response3 = rs
	.contentType(ContentType.JSON)//.body()
	.when()
	.post(host + ":" + port + Constants.API_BASE_PATH + "/endpoints")
	.then().log().all()
	.statusCode(HttpStatus.BAD_REQUEST.value())
	.extract().response();
	Assert.assertNotNull(response3);
	ErrorUtil.assertValidError(response3, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, ErrorConstants.PHONE_NUMBER_REQUIRED, "The phone number supplied was null");

	// 3
	Response response4 = rs.contentType(ContentType.JSON)
	.body("{}")
	.when()
	.post(host + ":" + port + EndpointController.BASE_PATH)
	.then().log().all()
	.statusCode(HttpStatus.BAD_REQUEST.value())
	.extract().response();
	ErrorUtil.assertValidError(response4, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The phone number supplied was null", ErrorConstants.PHONE_NUMBER_REQUIRED);

	// find all endpoints for user - verify that == n +1 endpoints
	final EndpointDto[] responseFindAll = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
	Assert.assertThat(response.length, CoreMatchers.equalTo(responseFindAll.length));
	}

	@Test
	public void testCreateAsUserDuplicate() {
	RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);
	int initialEndpointCount = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class).length;

	// create one endpoint
	RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
	new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
	HttpStatus.CREATED.value()).then().log().all();
	assertThat(rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class)).hasSize(initialEndpointCount + 1);

	// create second endpoint
	Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
	new EndpointCreateDto().setCallerId("Me Again").setPhoneNumber("+441614960992"),
	HttpStatus.CONFLICT.value()).then().log().all().extract().response();
	ErrorUtil.assertValidError(response, HttpStatus.CONFLICT, String.format(ResourceAlreadyExistsException.MESSAGE, "endpoint", "phone number", "+441614960992"));

	assertThat(rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class)).hasSize(initialEndpointCount + 1);
	}

	@Test
	public void testDeleteAsAdmin() {
	int initialEndpointCount = endpointService.findAll().size();

	RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, admin.getEmail(), adminPass);
	Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
	new EndpointCreateDto().setCallerId("Hey You").setPhoneNumber("+441614960992"), HttpStatus.CREATED.value());
	EndpointDto epOut = response.as(EndpointDto.class);
	Assert.assertThat(epOut.getCallerId(), CoreMatchers.equalTo("Hey You"));
	Assert.assertThat(epOut.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
	Assert.assertTrue(epOut.getId() > 0);

	EndpointDto epDummy = new EndpointDto();
	epDummy.setId(-1L);
	Response responseDel = RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epDummy, HttpStatus.NOT_FOUND.value());
	ErrorUtil.assertValidError(responseDel, HttpStatus.NOT_FOUND, String.format(ResourceNotFoundException.MESSAGE, "endpoint", "ID", "-1"));

	RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epOut, HttpStatus.NO_CONTENT.value());

	final EndpointDto[] response2 = rs.get(host + ":" + port + EndpointController.BASE_PATH).as(EndpointDto[].class);
	Assert.assertThat(response2.length, CoreMatchers.equalTo(endpointService.findByUser(admin).size()));

	assertThat(endpointService.findAll().size()).isEqualTo(initialEndpointCount);
	}

	@Test
	public void testReplaceAsUser() {
	RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

	final Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
	new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
	HttpStatus.CREATED.value());

	EndpointDto epCreated = response.as(EndpointDto.class);
	try {
	Assert.assertThat(epCreated.getCallerId(), CoreMatchers.equalTo("It's Me"));
	Assert.assertThat(epCreated.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
	Assert.assertThat(epCreated.getLabel(), CoreMatchers.equalTo(null));
	Assert.assertTrue(epCreated.getId() > 0);

	EndpointUpdateDto updateDto = modelMapper.map(epCreated, EndpointUpdateDto.class);
	// updateDto.setPhoneNumber("+441614960993");
	// updateDto.setCallerId("It's No Longer Me");
	updateDto.setLabel("Worky");

	EndpointDto epReplaced = rs
	.contentType(ContentType.JSON)
	.body(updateDto)
	.put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
	.then().log().all()
	.statusCode(HttpStatus.OK.value())
	.extract().as(EndpointDto.class);

	// Assert.assertThat(epReplaced.getCallerId(), CoreMatchers.equalTo("It's No Longer Me"));
	// Assert.assertThat(epReplaced.getPhoneNumber(), CoreMatchers.equalTo("+441614960993"));
	Assert.assertThat(epReplaced.getLabel(), CoreMatchers.equalTo("Worky"));
	Assert.assertThat(epReplaced.isVerified(), CoreMatchers.equalTo(false));
	Assert.assertTrue(epReplaced.getId() > 0);
	} finally {
	RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epCreated, HttpStatus.NO_CONTENT.value());
	}
	}

	@Test
	public void testReplaceAsUserWithInvalidEndpoint() {
	RequestSpecification rs = OAuthUtil.givenAuth(this.host, this.port, TestConstants.CLIENT_ID, TestConstants.CLIENT_SECRET, user.getEmail(), userPass);

	final Response response = RestUtil.create(rs, host + ":" + port + EndpointController.BASE_PATH,
	new EndpointCreateDto().setCallerId("It's Me").setPhoneNumber("+441614960992"),
	HttpStatus.CREATED.value());

	EndpointDto epCreated = response.as(EndpointDto.class);
	try {
	Assert.assertThat(epCreated.getCallerId(), CoreMatchers.equalTo("It's Me"));
	Assert.assertThat(epCreated.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
	Assert.assertTrue(epCreated.getId() > 0);

	//1
	// final Response response2 = rs
	// .contentType(ContentType.JSON)
	// .body(modelMapper.map(epCreated, EndpointUpdateDto.class).setPhoneNumber(""))
	// .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
	// .then().log().all()
	// .statusCode(HttpStatus.BAD_REQUEST.value())
	// .extract().response();
	// ErrorUtil.assertValidError(response2, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The string supplied did not seem to be a phone number", ErrorConstants.PHONE_NUMBER_REQUIRED);

	//2
	// final Response response3 = rs
	// .contentType(ContentType.JSON)
	// .body(modelMapper.map(epCreated, EndpointUpdateDto.class).setPhoneNumber(null))
	// .when()
	// .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
	// .then()
	// .statusCode(HttpStatus.BAD_REQUEST.value())
	// .extract().response();
	// ErrorUtil.assertValidError(response3, HttpStatus.BAD_REQUEST, ErrorConstants.ERROR_DESC_400, "The phone number supplied was null", ErrorConstants.PHONE_NUMBER_REQUIRED);

	//3
	// final EndpointDto response4 = rs
	// .contentType(ContentType.JSON)
	// .body(modelMapper.map(epCreated, EndpointUpdateDto.class).setPhoneNumber("+441614960992").setCallerId(""))
	// .when()
	// .put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
	// .then().log().all()
	// .statusCode(HttpStatus.OK.value())
	// .extract().response().as(EndpointDto.class);

	// Assert.assertNotNull(response4);
	// Assert.assertThat(response4.getCallerId(), CoreMatchers.equalTo(""));
	// Assert.assertThat(response4.getPhoneNumber(), CoreMatchers.equalTo("+441614960992"));
	// Assert.assertTrue(response4.getId() > 0);

	//2
	final Response response5 = rs
	.contentType(ContentType.JSON)
	.body(modelMapper.map(epCreated, EndpointUpdateDto.class).setLabel("Random Label").setId(1234L))
	.when()
	.put(host + ":" + port + EndpointController.BASE_PATH + "/" + epCreated.getId())
	.then().log().all()
	.statusCode(HttpStatus.BAD_REQUEST.value())
	.extract().response();
	ErrorUtil.assertValidError(response5, HttpStatus.BAD_REQUEST, ErrorConstants.ID_MISMATCH);

	} finally {
	RestUtil.delete(rs, host + ":" + port + EndpointController.BASE_PATH, epCreated, HttpStatus.NO_CONTENT.value());
	}
	}

	}