Improving REST tests

idea.run.configuration/All Rest Services.run.xml

@@ -0,0 +1,22 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="All Rest Services" type="JUnit" factoryName="JUnit" folderName="Redback">
+    <module name="redback-rest-services" />
+    <useClassPathOnly />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.apache.archiva.redback.rest.services.v2.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.apache.archiva.redback.rest.services" />
+    <option name="MAIN_CLASS_NAME" value="" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="package" />
+    <option name="VM_PARAMETERS" value="-ea -Dbasedir=$MODULE_DIR$ -DldapPort=10389 -javaagent:$MAVEN_REPOSITORY$/org/apache/openjpa/openjpa/3.1.1/openjpa-3.1.1.jar" />
+    <option name="PARAMETERS" value="" />
+    <option name="WORKING_DIRECTORY" value="$MODULE_DIR$" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

idea.run.configuration/All V2 Rest Services.run.xml

@@ -0,0 +1,22 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="All V2 Rest Services" type="JUnit" factoryName="JUnit" folderName="Redback">
+    <module name="redback-rest-services" />
+    <useClassPathOnly />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.apache.archiva.redback.rest.services.v2.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.apache.archiva.redback.rest.services.v2" />
+    <option name="MAIN_CLASS_NAME" value="" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="package" />
+    <option name="VM_PARAMETERS" value="-ea -Dbasedir=$MODULE_DIR$ -DldapPort=10389 -javaagent:$MAVEN_REPOSITORY$/org/apache/openjpa/openjpa/3.1.1/openjpa-3.1.1.jar" />
+    <option name="PARAMETERS" value="" />
+    <option name="WORKING_DIRECTORY" value="$MODULE_DIR$" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

idea.run.configuration/All in archiva-rest-services JDK11.run.xml

@@ -0,0 +1,18 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="All in archiva-rest-services JDK11" type="JUnit" factoryName="JUnit" folderName="Archiva">
+    <module name="archiva-rest-services" />
+    <useClassPathOnly />
+    <option name="ALTERNATIVE_JRE_PATH_ENABLED" value="true" />
+    <option name="ALTERNATIVE_JRE_PATH" value="11" />
+    <option name="PACKAGE_NAME" value="" />
+    <option name="MAIN_CLASS_NAME" value="" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="package" />
+    <option name="VM_PARAMETERS" value="-ea -Dbasedir=$MODULE_DIR$ -DldapPort=10389 -javaagent:$MAVEN_REPOSITORY$/org/apache/openjpa/openjpa/3.1.1/openjpa-3.1.1.jar" />
+    <option name="PARAMETERS" value="" />
+    <option name="WORKING_DIRECTORY" value="$MODULE_DIR$" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

idea.run.configuration/V2 AuthenticationServiceTest.run.xml

@@ -0,0 +1,22 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="V2 AuthenticationServiceTest" type="JUnit" factoryName="JUnit">
+    <module name="redback-rest-services" />
+    <useClassPathOnly />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.apache.archiva.redback.rest.services.v2.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.apache.archiva.redback.rest.services.v2" />
+    <option name="MAIN_CLASS_NAME" value="org.apache.archiva.redback.rest.services.v2.AuthenticationServiceTest" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="class" />
+    <option name="VM_PARAMETERS" value="-ea -Dbasedir=$MODULE_DIR$ -DldapPort=10389 -javaagent:$MAVEN_REPOSITORY$/org/apache/openjpa/openjpa/3.1.1/openjpa-3.1.1.jar" />
+    <option name="PARAMETERS" value="" />
+    <option name="WORKING_DIRECTORY" value="$MODULE_DIR$" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

idea.run.configuration/org.apache.archiva.redback.rest.services.v2 in redback-rest-services.run.xml

@@ -0,0 +1,22 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="All V2 Rest Services" type="JUnit" factoryName="JUnit">
+    <module name="redback-rest-services" />
+    <useClassPathOnly />
+    <extension name="coverage">
+      <pattern>
+        <option name="PATTERN" value="org.apache.archiva.redback.rest.services.v2.*" />
+        <option name="ENABLED" value="true" />
+      </pattern>
+    </extension>
+    <option name="PACKAGE_NAME" value="org.apache.archiva.redback.rest.services.v2" />
+    <option name="MAIN_CLASS_NAME" value="" />
+    <option name="METHOD_NAME" value="" />
+    <option name="TEST_OBJECT" value="package" />
+    <option name="VM_PARAMETERS" value="-ea -Dbasedir=$MODULE_DIR$ -DldapPort=10389 -javaagent:$MAVEN_REPOSITORY$/org/apache/openjpa/openjpa/3.1.1/openjpa-3.1.1.jar" />
+    <option name="PARAMETERS" value="" />
+    <option name="WORKING_DIRECTORY" value="$MODULE_DIR$" />
+    <method v="2">
+      <option name="Make" enabled="true" />
+    </method>
+  </configuration>
+</component>

pom.xml

@@ -1033,6 +1033,7 @@
             <!-- IntelliJ IDEA files -->
             <exclude>.idea/**</exclude>
             <exclude>**/*.iml</exclude>
+            <exclude>idea.run.configuration/**</exclude>
             <!-- Eclipse files -->
             <exclude>.project</exclude>
             <exclude>.classpath</exclude>

redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/interceptors/PermissionsInterceptor.java

@@ -170,9 +170,11 @@ public class PermissionsInterceptor
                         return;
                     } else {
                         log.debug( "Path {} is protected and needs authentication. User not authenticated.", requestPath );
-                        containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
+                        containerRequestContext.abortWith( Response.status( Response.Status.UNAUTHORIZED ).build() );
+                        return;
                     }
                 }
+                log.warn( "No permissions defined for the REST method and noPermission=false" );
                 containerRequestContext.abortWith( Response.status( Response.Status.FORBIDDEN ).build() );
                 return;
             }

redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/AbstractNativeRestServices.java

@@ -23,7 +23,6 @@ import io.restassured.builder.RequestSpecBuilder;
 import io.restassured.specification.RequestSpecification;
 import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
 import org.apache.archiva.redback.rest.services.BaseSetup;
-import org.apache.archiva.redback.rest.services.FakeCreateAdminServiceImpl;
 import org.apache.archiva.redback.role.RoleManager;
 import org.apache.archiva.redback.role.RoleManagerException;
 import org.apache.archiva.redback.users.User;
@@ -49,8 +48,8 @@ import java.util.concurrent.atomic.AtomicReference;
 
 import static io.restassured.RestAssured.baseURI;
 import static io.restassured.RestAssured.port;
-import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.apache.archiva.redback.rest.services.BaseSetup.*;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 
 /**
  * Native REST tests do not use the JAX-RS client and can be used with a remote
@@ -75,13 +74,11 @@ public abstract class AbstractNativeRestServices
     private static AtomicInteger serverStarted = new AtomicInteger( STOPPED );
     private UserManager userManager;
     private RoleManager roleManager;
-    private String adminPwd;
-
 
 
     public AbstractNativeRestServices( )
     {
-        this.adminPwd = BaseSetup.getAdminPwd( );
+
     }
 
     protected abstract String getServicePath( );
@@ -313,15 +310,22 @@ public abstract class AbstractNativeRestServices
             RestAssured.baseURI = "http://localhost";
         }
         String basePath = getBasePath( );
-        RequestSpecBuilder builder = new RequestSpecBuilder( );
+        this.requestSpec = getRequestSpecBuilder().build( );
-        builder.setBaseUri( baseURI )
-            .setPort( port )
-            .setBasePath( basePath )
-            .addHeader( "Origin", RestAssured.baseURI + ":" + RestAssured.port );
-        this.requestSpec = builder.build( );
         RestAssured.basePath = basePath;
     }
 
+    protected RequestSpecBuilder getRequestSpecBuilder() {
+        return new RequestSpecBuilder().setBaseUri( baseURI )
+            .setPort( port )
+            .setBasePath( getBasePath() )
+            .addHeader( "Origin", RestAssured.baseURI + ":" + RestAssured.port );
+
+    }
+
+    protected RequestSpecification getRequestSpec(String bearerToken) {
+        return getRequestSpecBuilder( ).addHeader( "Authorization", "Bearer " + bearerToken ).build();
+    }
+
     protected void shutdownNative( ) throws Exception
     {
         stopServer( );

redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeAuthenticationServiceTest.java

@@ -90,6 +90,15 @@ public class NativeAuthenticationServiceTest extends AbstractNativeRestServices
         assertTrue( dateTime.toInstant( ).isBefore( afterCall ) );
     }
 
+    @Test
+    void authenticatedPing() {
+        Response result = given( ).spec( getRequestSpec() )
+            .contentType( JSON )
+            .when( ).get( "/ping/authenticated" ).then( ).statusCode( 401 )
+            .extract( ).response( );
+
+    }
+
     @Test
     void tokenLogin() {
         Map<String, Object> jsonAsMap = new HashMap<>();
@@ -101,8 +110,14 @@ public class NativeAuthenticationServiceTest extends AbstractNativeRestServices
             .body( jsonAsMap )
             .when( ).post( "/authenticate").then( ).statusCode( 200 )
             .extract( ).response( );
-        assertNotNull( result.body( ).jsonPath( ).getString( "access_token" ) );
+        String accessToken = result.body( ).jsonPath( ).getString( "access_token" );
+        assertNotNull( accessToken );
         assertNotNull( result.body( ).jsonPath( ).getString( "refresh_token" ) );
+
+        result = given( ).spec( getRequestSpec( accessToken ) )
+            .contentType( JSON )
+            .when( ).get( "/ping/authenticated" ).then( ).statusCode( 200 )
+            .extract( ).response( );
     }
 
     @Test