From 4b2d0b9c8525e3d3e15acb577d819df8b4a31def Mon Sep 17 00:00:00 2001 From: cd-rite <61710958+cd-rite@users.noreply.github.com> Date: Wed, 30 Mar 2022 13:34:13 -0400 Subject: [PATCH] mixed: Review History tests and fixes to structure and calculation dates (#631) --- api/source/service/mysql/CollectionService.js | 118 +- api/source/specification/stig-manager.yaml | 32 +- test/api/form-data-files/appdata.json | 175 +- test/api/postman_collection.json | 6005 ++++++++++++++--- 4 files changed, 5112 insertions(+), 1218 deletions(-) diff --git a/api/source/service/mysql/CollectionService.js b/api/source/service/mysql/CollectionService.js index 61302ef5d..27e42e43b 100644 --- a/api/source/service/mysql/CollectionService.js +++ b/api/source/service/mysql/CollectionService.js @@ -696,7 +696,7 @@ exports.createCollection = async function(body, projection, userObject) { /** * Delete a Collection * - * collectionId Integer A path parameter that indentifies a Collection + * collectionId Integer A path parameter that identifies a Collection * returns CollectionInfo **/ exports.deleteCollection = async function(collectionId, projection, elevate, userObject) { @@ -715,9 +715,9 @@ exports.deleteCollection = async function(collectionId, projection, elevate, use /** * Return the Checklist for the supplied Collection and STIG * - * collectionId Integer A path parameter that indentifies a Collection - * benchmarkId String A path parameter that indentifies a STIG - * revisionStr String A path parameter that indentifies a STIG revision [ V{version_num}R{release_num} | 'latest' ] + * collectionId Integer A path parameter that identifies a Collection + * benchmarkId String A path parameter that identifies a STIG + * revisionStr String A path parameter that identifies a STIG revision [ V{version_num}R{release_num} | 'latest' ] * returns CollectionChecklist **/ exports.getChecklistByCollectionStig = async function (collectionId, benchmarkId, revisionStr, userObject ) { @@ -852,7 +852,7 @@ exports.getChecklistByCollectionStig = async function (collectionId, benchmarkId /** * Return a Collection * - * collectionId Integer A path parameter that indentifies a Collection + * collectionId Integer A path parameter that identifies a Collection * returns CollectionInfo **/ exports.getCollection = async function(collectionId, projection, elevate, userObject) { @@ -1011,7 +1011,7 @@ exports.getStigsByCollection = async function( collectionId, labelIds, elevate, * Replace all properties of a Collection * * body CollectionAssign (optional) - * collectionId Integer A path parameter that indentifies a Collection + * collectionId Integer A path parameter that identifies a Collection * returns CollectionInfo **/ exports.replaceCollection = async function( collectionId, body, projection, userObject) { @@ -1038,7 +1038,7 @@ exports.setStigAssetsByCollectionUser = async function (collectionId, userId, st * Merge updates to a Collection * * body CollectionAssign (optional) - * collectionId Integer A path parameter that indentifies a Collection + * collectionId Integer A path parameter that identifies a Collection * returns CollectionInfo **/ exports.updateCollection = async function( collectionId, body, projection, userObject) { @@ -1163,7 +1163,7 @@ exports.deleteReviewHistoryByCollection = async function (collectionId, retentio INNER JOIN review r on rh.reviewId = r.reviewId INNER JOIN asset a on r.assetId = a.assetId WHERE a.collectionId = :collectionId - AND rh.ts < :retentionDate` + AND rh.touchTs < :retentionDate` if(assetId) { sql += ' AND a.assetId = :assetId' @@ -1199,40 +1199,60 @@ exports.getReviewHistoryByCollection = async function (collectionId, startDate, collectionId: collectionId } - let sql = ` - SELECT a.assetId, - (select coalesce( - (select json_arrayagg( - json_object - ( - 'ruleId', rv.ruleId, - 'ts', rh.ts, - 'result', result.api, - 'detail', rh.detail, - 'comment', rh.comment, - 'autoResult', rh.autoResult = 1, - 'status', status.api, - 'userId', rh.userId, - 'username', ud.username, - 'statusText', rh.statusText, - 'statusUserId', rh.statusUserId - ) - ) - FROM review_history rh - INNER JOIN review rv on rh.reviewId = rv.reviewId - INNER JOIN user_data ud on rh.userId = ud.userId - INNER JOIN result on rh.resultId = result.resultId - INNER JOIN status on rh.statusId = status.statusId - WHERE rv.assetId = a.assetId` +let sql = ` +select +CAST(innerQuery.assetId as char) as assetId, + json_arrayagg( + json_object( + 'ruleId', innerQuery.ruleId, + 'history', innerQuery.history + ) + ) as reviewHistories +from + (select + a.assetId, + rv.ruleId, + json_arrayagg( + json_object( + 'ts', rh.ts, + 'result', result.api, + 'detail', rh.detail, + 'comment', rh.comment, + 'autoResult', rh.autoResult = 1, + 'status', JSON_OBJECT( + 'label', status.api, + 'text', rh.statusText, + 'user', JSON_OBJECT( + 'userId', CAST(rh.statusUserId as char), + 'username', udStatus.username + ), + 'ts', DATE_FORMAT(rh.statusTs, '%Y-%m-%dT%TZ') + ), + 'userId', CAST(rh.userId as char), + 'username', ud.username, + 'touchTs', rh.touchTs + ) + ) as 'history' + FROM + review_history rh + INNER JOIN review rv on rh.reviewId = rv.reviewId + INNER JOIN user_data ud on rh.userId = ud.userId + left join user_data udStatus on udStatus.userId=rh.statusUserId + INNER JOIN result on rh.resultId = result.resultId + INNER JOIN status on rh.statusId = status.statusId + inner join asset a on a.assetId = rv.assetId + WHERE + rv.assetId = a.assetId + and a.collectionId = :collectionId` if (startDate) { binds.startDate = startDate - sql += " AND rh.ts >= :startDate" + sql += " AND rh.touchTs >= :startDate" } if (endDate) { binds.endDate = endDate - sql += " AND rh.ts <= :endDate" + sql += " AND rh.touchTs <= :endDate" } if(ruleId) { @@ -1242,22 +1262,22 @@ exports.getReviewHistoryByCollection = async function (collectionId, startDate, if(status) { binds.statusId = dbUtils.REVIEW_STATUS_API[status] - sql += ' AND rh.statusId = :statusId' + sql += " AND rh.statusId = :statusId" } - sql += ` - ), json_array() - ) - ) as history - FROM asset a - WHERE a.collectionId = :collectionId - ` if(assetId) { binds.assetId = assetId sql += " AND a.assetId = :assetId" } + sql += ` + group by + rv.ruleId, a.assetID) innerQuery +group by + innerQuery.assetId + ` + try { let [rows] = await dbUtils.pool.query(sql, binds) return (rows) @@ -1280,20 +1300,20 @@ exports.getReviewHistoryStatsByCollection = async function (collectionId, startD collectionId: collectionId } - let sql = 'SELECT COUNT(*) as collectionHistoryEntryCount, MIN(rh.ts) as oldestHistoryEntryDate' + let sql = 'SELECT COUNT(*) as collectionHistoryEntryCount, MIN(rh.touchTs) as oldestHistoryEntryDate' if (projection && projection.includes('asset')) { sql += `, coalesce( (SELECT json_arrayagg( json_object( - 'assetId', assetId, + 'assetId', CAST(assetId as char) , 'historyEntryCount', historyEntryCount, 'oldestHistoryEntry', oldestHistoryEntry ) ) FROM ( - SELECT a.assetId, COUNT(*) as historyEntryCount, MIN(rh.ts) as oldestHistoryEntry + SELECT a.assetId, COUNT(*) as historyEntryCount, MIN(rh.touchTs) as oldestHistoryEntry FROM review_history rh INNER JOIN review rv on rh.reviewId = rv.reviewId INNER JOIN asset a on rv.assetId = a.assetId @@ -1317,12 +1337,12 @@ exports.getReviewHistoryStatsByCollection = async function (collectionId, startD if (startDate) { binds.startDate = startDate - additionalPredicates += " AND rh.ts >= :startDate" + additionalPredicates += " AND rh.touchTs >= :startDate" } if (endDate) { binds.endDate = endDate - additionalPredicates += " AND rh.ts <= :endDate" + additionalPredicates += " AND rh.touchTs <= :endDate" } if(ruleId) { @@ -1502,7 +1522,7 @@ exports.deleteCollectionLabelById = async function (collectionId, labelId) { exports.getAssetsByCollectionLabelId = async function (collectionId, labelId, userObject) { const sqlGetAssets = ` select - a.assetId, + CAST(a.assetId as char) as assetId , a.name from collection_label cl diff --git a/api/source/specification/stig-manager.yaml b/api/source/specification/stig-manager.yaml index f5a7ff833..e9914ec23 100644 --- a/api/source/specification/stig-manager.yaml +++ b/api/source/specification/stig-manager.yaml @@ -1776,8 +1776,8 @@ paths: summary: Return history records for the specified Collection that meet the specified criteria operationId: getReviewHistoryByCollection parameters: - - $ref: '#/components/parameters/StartDateQuery' # Upper (most recent) bound of returned history entry timestamps - - $ref: '#/components/parameters/EndDateQuery' # Lower (earliest) bound of returned history entry timestamps + - $ref: '#/components/parameters/StartDateQuery' # Lower bound (earliest date) of returned history entry timestamps + - $ref: '#/components/parameters/EndDateQuery' # Upper bound (latest date) of returned history entry timestamps - $ref: '#/components/parameters/AssetIdQuery' # return review history entries for just the specified assetId, if provided. - $ref: '#/components/parameters/RuleIdQuery' # return review history entries for just the specified RuleId, if provided. - $ref: '#/components/parameters/ReviewStatusQuery' # return review history entries with the specified status @@ -1832,8 +1832,8 @@ paths: summary: Return history statistics for the specified Collection operationId: getReviewHistoryStatsByCollection parameters: - - $ref: '#/components/parameters/StartDateQuery' # Upper (most recent) bound of history entry timestamps - - $ref: '#/components/parameters/EndDateQuery' # Lower (earliest) bound of history entry timestamps + - $ref: '#/components/parameters/StartDateQuery' # Lower bound (earliest date) of returned history entry count + - $ref: '#/components/parameters/EndDateQuery' # Upper bound (latest date) of returned history entry count - $ref: '#/components/parameters/AssetIdQuery' # return review history stats for just the specified assetId, if provided. - $ref: '#/components/parameters/RuleIdQuery' # return review history stats for just the specified RuleId, if provided. - $ref: '#/components/parameters/ReviewStatusQuery' # return review history stats with the specified status @@ -4087,15 +4087,29 @@ components: type: object required: - assetId - - history + - reviewHistories additionalProperties: false properties: assetId: - type: string + $ref: '#/components/schemas/String255' + reviewHistories: + type: array + items: + $ref: '#/components/schemas/ReviewHistoryRule' + ReviewHistoryRule: + type: object + required: + - ruleId + - history + additionalProperties: false + properties: + ruleId: + $ref: '#/components/schemas/String255' history: type: array items: - $ref: '#/components/schemas/ReviewHistory' + $ref: '#/components/schemas/ReviewHistory' + ReviewHistoryDeleted: type: object required: @@ -4122,13 +4136,13 @@ components: ReviewHistoryStatsAsset: type: object required: - - ruleId + - assetId - historyEntryCount - oldestHistoryEntry additionalProperties: false properties: assetId: - type: string + $ref: '#/components/schemas/String255' historyEntryCount: type: integer oldestHistoryEntry: diff --git a/test/api/form-data-files/appdata.json b/test/api/form-data-files/appdata.json index 83f6785f7..d4d0bfc39 100644 --- a/test/api/form-data-files/appdata.json +++ b/test/api/form-data-files/appdata.json @@ -935,26 +935,103 @@ "metadata": { "testkey": "testvalue" }, - "history": [] + "history": [ + { + "ts": "2020-08-11T23:37:45Z", + "detail": "test\nvisible to lvl1", + "result": "pass", + "status": { + "ts": "2020-08-11T23:37:45Z", + "text": null, + "label": "submitted", + "userId": "1" + }, + "userId": "1", + "comment": null, + "touchTs": "2020-08-11T23:37:45Z", + "autoResult": false + }, + { + "ts": "2020-08-11T23:37:45Z", + "detail": "test\nvisible to lvl1", + "result": "pass", + "status": { + "ts": "2020-08-11T23:37:45Z", + "text": null, + "label": "saved", + "userId": "87" + }, + "userId": "1", + "comment": null, + "touchTs": "2020-08-11T23:37:45Z", + "autoResult": false + } + ] }, { "assetId": "42", "ruleId": "SV-106181r1_rule", "result": "notapplicable", - "detail": "test\nvisible to lvl1", + "detail": "test\nvisible to lvl1\nhas history", "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:26:50Z", - "touchTs": "2020-08-11T22:26:50Z", + "comment": "", + "userId": "87", + "ts": "2022-02-03T00:07:05Z", + "touchTs": "2022-02-03T00:07:07Z", "status": { - "ts": "2020-08-11T22:26:50Z", + "ts": "2022-02-03T00:07:07Z", "text": null, "label": "submitted", - "userId": "1" + "userId": "87" }, "metadata": {}, - "history": [] + "history": [ + { + "ts": "2020-08-11T22:26:50Z", + "detail": "test\nvisible to lvl1", + "result": "notapplicable", + "status": { + "ts": "2020-08-11T22:26:50Z", + "text": null, + "label": "submitted", + "userId": "1" + }, + "userId": "1", + "comment": null, + "touchTs": "2020-08-11T22:26:50Z", + "autoResult": false + }, + { + "ts": "2020-08-11T22:26:50Z", + "detail": "test\nvisible to lvl1", + "result": "notapplicable", + "status": { + "ts": "2020-08-11T22:26:50Z", + "text": null, + "label": "saved", + "userId": "87" + }, + "userId": "1", + "comment": null, + "touchTs": "2020-08-11T22:26:50Z", + "autoResult": false + }, + { + "ts": "2022-02-03T00:07:05Z", + "detail": "test\nvisible to lvl1\nhas history", + "result": "notapplicable", + "status": { + "ts": "2022-02-03T00:07:05Z", + "text": null, + "label": "saved", + "userId": "87" + }, + "userId": "87", + "comment": "", + "touchTs": "2022-02-03T00:07:05Z", + "autoResult": false + } + ] }, { "assetId": "42", @@ -1106,38 +1183,7 @@ "userId": "87" }, "metadata": {}, - "history": [ - { - "ts": "2020-08-11T23:37:45Z", - "detail": "test\nvisible to lvl1", - "result": "pass", - "status": { - "ts": "2020-08-11T23:37:45Z", - "text": null, - "label": "submitted", - "userId": "1" - }, - "userId": "1", - "comment": null, - "touchTs": "2020-08-11T23:37:45Z", - "autoResult": false - }, - { - "ts": "2020-08-11T23:37:45Z", - "detail": "test\nvisible to lvl1", - "result": "pass", - "status": { - "ts": "2022-01-26T01:22:58Z", - "text": null, - "label": "saved", - "userId": "87" - }, - "userId": "1", - "comment": null, - "touchTs": "2022-01-26T01:22:58Z", - "autoResult": false - } - ] + "history": [] }, { "assetId": "62", @@ -1200,20 +1246,51 @@ "assetId": "154", "ruleId": "SV-106179r1_rule", "result": "pass", - "detail": "test\nvisible to lvl1", + "detail": "test\nvisible to lvl1\nhas history", "autoResult": false, - "comment": null, - "userId": "1", - "ts": "2020-08-11T22:30:38Z", - "touchTs": "2020-08-11T22:30:38Z", + "comment": "", + "userId": "87", + "ts": "2022-02-02T20:20:18Z", + "touchTs": "2022-02-02T20:20:18Z", "status": { - "ts": "2020-08-11T22:30:38Z", + "ts": "2022-02-02T20:20:18Z", "text": null, "label": "submitted", - "userId": "1" + "userId": "87" }, "metadata": {}, - "history": [] + "history": [ + { + "ts": "2020-08-11T22:30:38Z", + "detail": "test\nvisible to lvl1", + "result": "pass", + "status": { + "ts": "2020-08-11T22:30:38Z", + "text": null, + "label": "submitted", + "userId": "1" + }, + "userId": "1", + "comment": null, + "touchTs": "2020-08-11T22:30:38Z", + "autoResult": false + }, + { + "ts": "2020-08-11T22:30:38Z", + "detail": "test\nvisible to lvl1", + "result": "pass", + "status": { + "ts": "2020-08-11T22:30:38Z", + "text": null, + "label": "saved", + "userId": "87" + }, + "userId": "1", + "comment": null, + "touchTs": "2020-08-11T22:30:38Z", + "autoResult": false + } + ] }, { "assetId": "154", diff --git a/test/api/postman_collection.json b/test/api/postman_collection.json index 7b8ff0553..21246805e 100644 --- a/test/api/postman_collection.json +++ b/test/api/postman_collection.json @@ -1,6 +1,6 @@ { "info": { - "_postman_id": "c9237e73-7a04-4fa1-ae51-606fe7383e17", + "_postman_id": "0895f99a-ad58-45ff-8d4b-5b7b55103e61", "name": "STIGMan OSS", "description": "An API for managing evaluations of Security Technical Implementation Guide (STIG) assessments.\n\nContact Support:\n Name: Carl Smigielski\n Email: carl.a.smigielski@saic.com", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" @@ -2869,6 +2869,2886 @@ } ] }, + { + "name": "Review History - various params", + "item": [ + { + "name": "History records - no query params", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "pm.test(\"history response has proper number of assets\", function () {\r", + " pm.expect(jsonData).to.have.length(2);\r", + "\r", + "});\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + "\r", + " if (assetItem.assetId == testAsset) {\r", + " console.log(\"test asset found\" );\r", + " pm.test(\"test asset has proper number of rule history sets\", function () {\r", + " pm.expect(assetItem.reviewHistories).to.have.length(2);\r", + " // pm.expect(Date.parse(history.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + " for (let history of assetItem.reviewHistories){\r", + " if (history.ruleId == testRuleId) {\r", + " pm.test(\"test rule has proper number of history entries\", function () {\r", + " pm.expect(history.history).to.have.length(2);\r", + " });\r", + " }\r", + "\r", + " }\r", + " }\r", + "\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}", + "disabled": true + }, + { + "key": "endDate", + "value": "", + "disabled": true + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - all params", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.reviewHistories){\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let historyEntry of history.history){\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + "\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + historyEntry.status.label );\r", + " console.log(\"status:\" + historyEntry.status.label );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " // pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " }\r", + "\r", + " \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?startDate={{testStartDate}}&endDate={{testEndDate}}&assetId={{testAsset}}&ruleId={{testRuleId}}&status={{testStatus}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "{{testEndDate}}" + }, + { + "key": "assetId", + "value": "{{testAsset}}" + }, + { + "key": "ruleId", + "value": "{{testRuleId}}" + }, + { + "key": "status", + "value": "{{testStatus}}" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - startDate only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.reviewHistories){\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let historyEntry of history.history){\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + "\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + historyEntry.status.label );\r", + " console.log(\"status:\" + historyEntry.status.label );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " // pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " }\r", + "\r", + " \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?startDate={{testStartDate}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "", + "disabled": true + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - endDate only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.reviewHistories){\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let historyEntry of history.history){\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + "\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + historyEntry.status.label );\r", + " console.log(\"status:\" + historyEntry.status.label );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " // pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " }\r", + "\r", + " \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?endDate={{testEndDate}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "2020-08-12", + "disabled": true + }, + { + "key": "endDate", + "value": "{{testEndDate}}" + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - start and end dates", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.reviewHistories){\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let historyEntry of history.history){\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + "\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + historyEntry.status.label );\r", + " console.log(\"status:\" + historyEntry.status.label );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " // pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " }\r", + "\r", + " \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?startDate={{testStartDate}}&endDate={{testEndDate}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "{{testEndDate}}" + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - asset only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.reviewHistories){\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let historyEntry of history.history){\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + "\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + historyEntry.status.label );\r", + " console.log(\"status:\" + historyEntry.status.label );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " // pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " }\r", + "\r", + " \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?assetId={{testAsset}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}", + "disabled": true + }, + { + "key": "endDate", + "value": "{{testEndDate}}", + "disabled": true + }, + { + "key": "assetId", + "value": "{{testAsset}}" + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - rule only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.reviewHistories){\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let historyEntry of history.history){\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + "\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + historyEntry.status.label );\r", + " console.log(\"status:\" + historyEntry.status.label );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " // pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " }\r", + "\r", + " \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?ruleId={{testRuleId}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}", + "disabled": true + }, + { + "key": "endDate", + "value": "{{testEndDate}}", + "disabled": true + }, + { + "key": "assetId", + "value": "{{testAsset}}", + "disabled": true + }, + { + "key": "ruleId", + "value": "{{testRuleId}}" + }, + { + "key": "status", + "value": "", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - status only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.reviewHistories){\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let historyEntry of history.history){\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + historyEntry.ts );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(historyEntry.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + "\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + historyEntry.status.label );\r", + " console.log(\"status:\" + historyEntry.status.label );\r", + " // console.log(\"touchTs:\" + historyEntry.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " // pm.expect(historyEntry.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " }\r", + "\r", + " \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?status={{testStatus}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}", + "disabled": true + }, + { + "key": "endDate", + "value": "{{testEndDate}}", + "disabled": true + }, + { + "key": "assetId", + "value": "{{testAsset}}", + "disabled": true + }, + { + "key": "ruleId", + "value": "{{testRuleId}}", + "disabled": true + }, + { + "key": "status", + "value": "{{testStatus}}" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Review History Stats - various params", + "item": [ + { + "name": "History stats - no query params", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}", + "disabled": true + }, + { + "key": "endDate", + "value": "{{testEndDate}}", + "disabled": true + }, + { + "key": "assetId", + "value": "{{testAsset}}", + "disabled": true + }, + { + "key": "ruleId", + "value": "{{testRuleId}}", + "disabled": true + }, + { + "key": "status", + "value": "{{testStatus}}", + "disabled": true + }, + { + "key": "projection", + "value": "asset", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - all params", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "// Combinations that are tested are specified in test request name.\r", + "// \"all\" params plus asset projection is tested as a special case in this test. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(1);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T23:37:45.000Z\"))\r", + "\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(1);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "// pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + "// if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + "// console.log(\"param assetId found\" );\r", + "// console.log(\"testAssetId:\" + testAssetId );\r", + "// pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + "// pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + "// }\r", + "// else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + "// console.log(\"param ruleId found\" );\r", + "// console.log(\"testRuleId:\" + testRuleId );\r", + "// pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + "// pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + "// }\r", + "// else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + "// console.log(\"param status found\" );\r", + "// console.log(\"testStatus:\" + testStatus );\r", + "// pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + "// pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "// } \r", + "// else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + "// console.log(\"param EndDate found\" );\r", + "// console.log(\"testEndDate:\" + testEndDate );\r", + "// pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + "// pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "// } \r", + "// else {\r", + "// pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + "// pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "// }\r", + "// });\r", + "\r", + "// if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + "// console.log(\"param projection=asset\" );\r", + "// pm.test(\"Response has array of asset history count objects\", function () {\r", + "// pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + "// });\r", + "\r", + "// }\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?startDate={{testStartDate}}&endDate={{testEndDate}}&assetId={{testAsset}}&ruleId={{testRuleId}}&status={{testStatus}}&projection=asset", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "{{testEndDate}}" + }, + { + "key": "assetId", + "value": "{{testAsset}}" + }, + { + "key": "ruleId", + "value": "{{testRuleId}}" + }, + { + "key": "status", + "value": "{{testStatus}}" + }, + { + "key": "projection", + "value": "asset" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - startDate only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?startDate={{testStartDate}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "", + "disabled": true + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + }, + { + "key": "projection", + "value": "asset", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - startDate - Asset Projection", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?startDate={{testStartDate}}&projection=asset", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "", + "disabled": true + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + }, + { + "key": "projection", + "value": "asset" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - endDate only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?endDate={{testEndDate}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "2020-08-12", + "disabled": true + }, + { + "key": "endDate", + "value": "{{testEndDate}}" + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + }, + { + "key": "projection", + "value": "asset", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - start and end dates", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?startDate={{testStartDate}}&endDate={{testEndDate}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "{{testEndDate}}" + }, + { + "key": "assetId", + "value": "", + "disabled": true + }, + { + "key": "ruleId", + "value": "", + "disabled": true + }, + { + "key": "status", + "value": "", + "disabled": true + }, + { + "key": "projection", + "value": "asset", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - asset only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?assetId={{testAsset}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "2020-08-12", + "disabled": true + }, + { + "key": "endDate", + "value": "2021-08-12", + "disabled": true + }, + { + "key": "assetId", + "value": "{{testAsset}}" + }, + { + "key": "ruleId", + "value": null, + "disabled": true + }, + { + "key": "status", + "value": null, + "disabled": true + }, + { + "key": "projection", + "value": "asset", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - rule only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?ruleId={{testRuleId}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "2020-08-12", + "disabled": true + }, + { + "key": "endDate", + "value": "2021-08-12", + "disabled": true + }, + { + "key": "assetId", + "value": "42", + "disabled": true + }, + { + "key": "ruleId", + "value": "{{testRuleId}}" + }, + { + "key": "status", + "value": null, + "disabled": true + }, + { + "key": "projection", + "value": "asset", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History stats - status only", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1, lvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAssetId = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + "});\r", + "\r", + "// if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + "// console.log(\"startdate:\" );\r", + "\r", + "// }\r", + "\r", + "//collectionHistoryEntryCount depending on provided parameters\r", + "// these tested totals apply only if only one parameter is provided. \r", + "pm.test(\"Response History Entry Count has proper value and oldest entry\", function () {\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"testAssetId:\" + testAssetId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(5);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/ruleId=/) ) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(4);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:30:38.000Z\"))\r", + "\r", + " }\r", + " else if (pm.request.url.getQueryString().match(/status=/) ) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(3);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else if (pm.request.url.getQueryString().match(/endDate=/) ) {\r", + " console.log(\"param EndDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(6);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " } \r", + " else {\r", + " pm.expect(jsonData.collectionHistoryEntryCount).to.equal(7);\r", + " pm.expect(Date.parse(jsonData.oldestHistoryEntryDate)).to.equal(Date.parse(\"2020-08-11T22:26:50.000Z\"))\r", + " }\r", + "});\r", + "\r", + "if (pm.request.url.getQueryString().match(/projection=asset/)) {\r", + " console.log(\"param projection=asset\" );\r", + " pm.test(\"Response has array of asset history count objects\", function () {\r", + " pm.expect(jsonData.assetHistoryEntryCounts.length).to.eql(2);\r", + " });\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "GET", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history/stats?status={{testStatus}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history", + "stats" + ], + "query": [ + { + "key": "startDate", + "value": "2020-08-12", + "disabled": true + }, + { + "key": "endDate", + "value": "2021-08-12", + "disabled": true + }, + { + "key": "assetId", + "value": "42", + "disabled": true + }, + { + "key": "ruleId", + "value": "{{testRuleId}}", + "disabled": true + }, + { + "key": "status", + "value": "{{testStatus}}" + }, + { + "key": "projection", + "value": "asset", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + } + ] + }, { "name": "Return a Collection", "event": [ @@ -9198,20 +12078,159 @@ } ] }, - "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" - }, - "response": [] - } - ] - }, - { - "name": "labels", - "item": [ - { - "name": "{labelId}", - "item": [ + "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" + }, + "response": [] + } + ] + }, + { + "name": "labels", + "item": [ + { + "name": "{labelId}", + "item": [ + { + "name": "Replace a Labels Asset Mappings in a Collection", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if ( user == \"collectioncreator\" || user == \"lvl1\" || user ==\"lvl2\" ) { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be 403 for collectioncreator\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 200 for all users but collectioncreator, lvl1, or lvl2. user=\" + user, function () {\r", + " pm.response.to.have.status(200);\r", + " });\r", + "}\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + " // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", + " pm.expect(jsonData).to.have.lengthOf(1);\r", + "\r", + "});\r", + "\r", + "\r", + "\r", + "// let requestToTest = JSON.parse(pm.request.body.raw)\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "\r", + "pm.test(\"Response matches request\", function () {\r", + " pm.expect(jsonData[0].assetId).to.equal(testAsset)\r", + "})\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "PUT", + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "[{{testAsset}}]" + }, + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/labels/:labelId/assets", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "labels", + ":labelId", + "assets" + ], + "query": [ + { + "key": "projection", + "value": "rule", + "description": "Additional properties to include in the response.\n", + "disabled": true + }, + { + "key": "projection", + "value": "history", + "description": "Additional properties to include in the response.\n", + "disabled": true + }, + { + "key": "projection", + "value": "stigs", + "disabled": true + }, + { + "key": "projection", + "value": "metadata", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}", + "description": "(Required) A path parameter that indentifies a Collection" + }, + { + "key": "labelId", + "value": "{{testLabel}}" + } + ] + }, + "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" + }, + "response": [] + }, { - "name": "Replace a Labels Asset Mappings in a Collection", + "name": "Update Label in a Collection", "event": [ { "listen": "test", @@ -9244,20 +12263,22 @@ "let jsonData = pm.response.json();\r", "\r", "\r", - "pm.test(\"Response JSON is an array\", function () {\r", - " pm.expect(jsonData).to.be.an('array');\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", " // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", - " pm.expect(jsonData).to.have.lengthOf(1);\r", + " // pm.expect(jsonData).to.have.lengthOf(1);\r", "\r", "});\r", "\r", "\r", "\r", - "// let requestToTest = JSON.parse(pm.request.body.raw)\r", - "let testAsset = pm.environment.get(\"testAsset\");\r", + "let requestToTest = JSON.parse(pm.request.body.raw)\r", "\r", "pm.test(\"Response matches request\", function () {\r", - " pm.expect(jsonData[0].assetId).to.equal(JSON.parse(testAsset))\r", + " pm.expect(jsonData.description)\r", + " .to.eql(requestToTest.description)\r", + " pm.expect(jsonData.color)\r", + " .to.eql(requestToTest.color)\r", "})\r", "\r", "\r", @@ -9286,7 +12307,7 @@ } ], "request": { - "method": "PUT", + "method": "PATCH", "header": [ { "key": "Content-Type", @@ -9295,10 +12316,10 @@ ], "body": { "mode": "raw", - "raw": "[{{testAsset}}]" + "raw": "{\n \"name\": \"test-label-full\",\n \"description\": \"test label patched\",\n \"color\": \"aa34cc\"\n}" }, "url": { - "raw": "{{baseUrl}}/collections/:collectionId/labels/:labelId/assets", + "raw": "{{baseUrl}}/collections/:collectionId/labels/:labelId", "host": [ "{{baseUrl}}" ], @@ -9306,8 +12327,7 @@ "collections", ":collectionId", "labels", - ":labelId", - "assets" + ":labelId" ], "query": [ { @@ -9350,7 +12370,7 @@ "response": [] }, { - "name": "Update Label in a Collection", + "name": "Delete Label in a Collection", "event": [ { "listen": "test", @@ -9371,35 +12391,35 @@ " return;\r", "}\r", "else {\r", - " pm.test(\"Status code is 200 for all users but collectioncreator, lvl1, or lvl2. user=\" + user, function () {\r", - " pm.response.to.have.status(200);\r", + " pm.test(\"Status code is 204 for all users but collectioncreator, lvl1, or lvl2. user=\" + user, function () {\r", + " pm.response.to.have.status(204);\r", " });\r", "}\r", "\r", - "if (pm.response.code !== 200) {\r", + "if (pm.response.code !== 204) {\r", " return;\r", "}\r", "\r", - "let jsonData = pm.response.json();\r", + "// let jsonData = pm.response.json();\r", "\r", "\r", - "pm.test(\"Response JSON is an object\", function () {\r", - " pm.expect(jsonData).to.be.an('object');\r", - " // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", - " // pm.expect(jsonData).to.have.lengthOf(1);\r", + "// pm.test(\"Response JSON is an object\", function () {\r", + "// pm.expect(jsonData).to.be.an('object');\r", + "// // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", + "// // pm.expect(jsonData).to.have.lengthOf(1);\r", "\r", - "});\r", + "// });\r", "\r", "\r", "\r", - "let requestToTest = JSON.parse(pm.request.body.raw)\r", + "// let requestToTest = JSON.parse(pm.request.body.raw)\r", "\r", - "pm.test(\"Response matches request\", function () {\r", - " pm.expect(jsonData.description)\r", - " .to.eql(requestToTest.description)\r", - " pm.expect(jsonData.color)\r", - " .to.eql(requestToTest.color)\r", - "})\r", + "// pm.test(\"Response matches request\", function () {\r", + "// pm.expect(jsonData.description)\r", + "// .to.eql(requestToTest.description)\r", + "// pm.expect(jsonData.color)\r", + "// .to.eql(requestToTest.color)\r", + "// })\r", "\r", "\r", "\r", @@ -9427,7 +12447,7 @@ } ], "request": { - "method": "PATCH", + "method": "DELETE", "header": [ { "key": "Content-Type", @@ -9436,7 +12456,7 @@ ], "body": { "mode": "raw", - "raw": "{\n \"name\": \"test-label-full\",\n \"description\": \"test label patched\",\n \"color\": \"aa34cc\"\n}" + "raw": "" }, "url": { "raw": "{{baseUrl}}/collections/:collectionId/labels/:labelId", @@ -9476,163 +12496,403 @@ "variable": [ { "key": "collectionId", - "value": "{{testCollection}}", + "value": "{{scrapCollection}}", "description": "(Required) A path parameter that indentifies a Collection" }, { "key": "labelId", - "value": "{{testLabel}}" + "value": "{{scrapLabel}}" } ] }, "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" }, "response": [] + } + ] + }, + { + "name": "Create Label in a Collection", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if ( user == \"collectioncreator\" || user == \"lvl1\" || user ==\"lvl2\" ) { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be 403 for collectioncreator\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 2001for all users but collectioncreator, lvl1, or lvl2. user=\" + user, function () {\r", + " pm.response.to.have.status(201);\r", + " });\r", + "}\r", + "\r", + "if (pm.response.code !== 201) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + " // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", + " // pm.expect(jsonData).to.have.lengthOf(1);\r", + "\r", + "});\r", + "\r", + "\r", + "\r", + "let requestToTest = JSON.parse(pm.request.body.raw)\r", + "\r", + "pm.test(\"Response matches request\", function () {\r", + " pm.expect(jsonData.name).to.eql(requestToTest.name)\r", + " pm.expect(jsonData.description).to.eql(requestToTest.description)\r", + " pm.expect(jsonData.color).to.eql(requestToTest.color)\r", + " pm.expect(jsonData.uses).to.eql(0)\r", + "})\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"test-label-POST\",\n \"description\": \"test label POSTED\",\n \"color\": \"aa34cc\"\n}" + }, + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/labels", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "labels" + ], + "query": [ + { + "key": "projection", + "value": "rule", + "description": "Additional properties to include in the response.\n", + "disabled": true + }, + { + "key": "projection", + "value": "history", + "description": "Additional properties to include in the response.\n", + "disabled": true + }, + { + "key": "projection", + "value": "stigs", + "disabled": true + }, + { + "key": "projection", + "value": "metadata", + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{scrapCollection}}", + "description": "(Required) A path parameter that indentifies a Collection" + } + ] + }, + "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" + }, + "response": [] + } + ] + }, + { + "name": "Review History - Delete", + "item": [ + { + "name": "Import and overwrite application data (as elevated Admin)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if (user == \"elevated\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 for elevated stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", + " });\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + "}\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", + "\r", + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"Commit successful\");\r", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "accessToken", + "value": "{{token.stigmanadmin}}", + "type": "string" + } + ] }, - { - "name": "Delete Label in a Collection", - "event": [ + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + } + ], + "body": { + "mode": "formdata", + "formdata": [ { - "listen": "test", - "script": { - "exec": [ - "let user = pm.environment.get(\"user\");\r", - "console.log(\"user: \" + user);\r", - "\r", - "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", - " user = \"elevated\";\r", - " console.log(\"setting user to 'elevated'\");\r", - "}\r", - "\r", - "if ( user == \"collectioncreator\" || user == \"lvl1\" || user ==\"lvl2\" ) { //placeholder for \"users\" that should fail\r", - " pm.test(\"Status should be 403 for collectioncreator\", function () {\r", - " pm.response.to.have.status(403);\r", - " });\r", - " return;\r", - "}\r", - "else {\r", - " pm.test(\"Status code is 204 for all users but collectioncreator, lvl1, or lvl2. user=\" + user, function () {\r", - " pm.response.to.have.status(204);\r", - " });\r", - "}\r", - "\r", - "if (pm.response.code !== 204) {\r", - " return;\r", - "}\r", - "\r", - "// let jsonData = pm.response.json();\r", - "\r", - "\r", - "// pm.test(\"Response JSON is an object\", function () {\r", - "// pm.expect(jsonData).to.be.an('object');\r", - "// // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", - "// // pm.expect(jsonData).to.have.lengthOf(1);\r", - "\r", - "// });\r", - "\r", - "\r", - "\r", - "// let requestToTest = JSON.parse(pm.request.body.raw)\r", - "\r", - "// pm.test(\"Response matches request\", function () {\r", - "// pm.expect(jsonData.description)\r", - "// .to.eql(requestToTest.description)\r", - "// pm.expect(jsonData.color)\r", - "// .to.eql(requestToTest.color)\r", - "// })\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "" - ], - "type": "text/javascript" - } + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{appDataFile}}" } + ] + }, + "url": { + "raw": "{{baseUrl}}/op/appdata?elevate=true", + "host": [ + "{{baseUrl}}" ], - "request": { - "method": "DELETE", - "header": [ - { - "key": "Content-Type", - "value": "application/json" - } + "path": [ + "op", + "appdata" + ], + "query": [ + { + "key": "elevate", + "value": "true", + "description": "Elevate the user context for this request if user is permitted (canAdmin)" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - date and asset", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\" || user == \"lvl2\" ) {\r", + " pm.test(\"Status should be is 403 for all users except lvl3 and lvl4 \", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object indicating 4 entries deleted\", function () {\r", + " pm.expect(jsonData.HistoryEntriesDeleted).to.equal(4);\r", + "});\r", + "\r", + "\r", + "\r", + "" ], - "body": { - "mode": "raw", - "raw": "" + "type": "text/javascript" + } + } + ], + "request": { + "method": "DELETE", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?retentionDate={{testEndDate}}&assetId={{testAsset}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "retentionDate", + "value": "{{testEndDate}}" }, - "url": { - "raw": "{{baseUrl}}/collections/:collectionId/labels/:labelId", - "host": [ - "{{baseUrl}}" - ], - "path": [ - "collections", - ":collectionId", - "labels", - ":labelId" - ], - "query": [ - { - "key": "projection", - "value": "rule", - "description": "Additional properties to include in the response.\n", - "disabled": true - }, - { - "key": "projection", - "value": "history", - "description": "Additional properties to include in the response.\n", - "disabled": true - }, - { - "key": "projection", - "value": "stigs", - "disabled": true - }, - { - "key": "projection", - "value": "metadata", - "disabled": true - } - ], - "variable": [ - { - "key": "collectionId", - "value": "{{scrapCollection}}", - "description": "(Required) A path parameter that indentifies a Collection" - }, - { - "key": "labelId", - "value": "{{scrapLabel}}" - } - ] + { + "key": "assetId", + "value": "{{testAsset}}" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] + } + }, + "response": [] + }, + { + "name": "History records - date", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\" || user == \"lvl2\" ) {\r", + " pm.test(\"Status should be is 403 for all users except lvl3 and lvl4 \", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object indicating remaining 2 entries before retentionDate were deleted\", function () {\r", + " pm.expect(jsonData.HistoryEntriesDeleted).to.equal(2);\r", + "});\r", + "\r", + "\r", + "\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "DELETE", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/review-history?retentionDate={{testEndDate}}", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "retentionDate", + "value": "{{testEndDate}}" }, - "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" - }, - "response": [] + { + "key": "assetId", + "value": null, + "disabled": true + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } + ] } - ] + }, + "response": [] }, { - "name": "Create Label in a Collection", + "name": "Import and overwrite application data (as elevated Admin)", "event": [ { "listen": "test", @@ -9646,123 +12906,77 @@ " console.log(\"setting user to 'elevated'\");\r", "}\r", "\r", - "if ( user == \"collectioncreator\" || user == \"lvl1\" || user ==\"lvl2\" ) { //placeholder for \"users\" that should fail\r", - " pm.test(\"Status should be 403 for collectioncreator\", function () {\r", - " pm.response.to.have.status(403);\r", + "if (user == \"elevated\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 for elevated stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", " });\r", - " return;\r", "}\r", "else {\r", - " pm.test(\"Status code is 2001for all users but collectioncreator, lvl1, or lvl2. user=\" + user, function () {\r", - " pm.response.to.have.status(201);\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", " });\r", "}\r", - "\r", - "if (pm.response.code !== 201) {\r", + "if (pm.response.code !== 200) {\r", " return;\r", "}\r", "\r", - "let jsonData = pm.response.json();\r", - "\r", - "\r", - "pm.test(\"Response JSON is an object\", function () {\r", - " pm.expect(jsonData).to.be.an('object');\r", - " // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", - " // pm.expect(jsonData).to.have.lengthOf(1);\r", - "\r", - "});\r", - "\r", - "\r", - "\r", - "let requestToTest = JSON.parse(pm.request.body.raw)\r", - "\r", - "pm.test(\"Response matches request\", function () {\r", - " pm.expect(jsonData.name).to.eql(requestToTest.name)\r", - " pm.expect(jsonData.description).to.eql(requestToTest.description)\r", - " pm.expect(jsonData.color).to.eql(requestToTest.color)\r", - " pm.expect(jsonData.uses).to.eql(0)\r", - "})\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", "\r", - "\r", - "\r", - "\r", - "\r", - "" + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"Commit successful\");\r", + "});" ], "type": "text/javascript" } } ], "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "accessToken", + "value": "{{token.stigmanadmin}}", + "type": "string" + } + ] + }, "method": "POST", "header": [ { "key": "Content-Type", - "value": "application/json" + "value": "multipart/form-data" } ], "body": { - "mode": "raw", - "raw": "{\n \"name\": \"test-label-POST\",\n \"description\": \"test label POSTED\",\n \"color\": \"aa34cc\"\n}" + "mode": "formdata", + "formdata": [ + { + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{appDataFile}}" + } + ] }, "url": { - "raw": "{{baseUrl}}/collections/:collectionId/labels", + "raw": "{{baseUrl}}/op/appdata?elevate=true", "host": [ "{{baseUrl}}" ], "path": [ - "collections", - ":collectionId", - "labels" + "op", + "appdata" ], "query": [ { - "key": "projection", - "value": "rule", - "description": "Additional properties to include in the response.\n", - "disabled": true - }, - { - "key": "projection", - "value": "history", - "description": "Additional properties to include in the response.\n", - "disabled": true - }, - { - "key": "projection", - "value": "stigs", - "disabled": true - }, - { - "key": "projection", - "value": "metadata", - "disabled": true - } - ], - "variable": [ - { - "key": "collectionId", - "value": "{{scrapCollection}}", - "description": "(Required) A path parameter that indentifies a Collection" + "key": "elevate", + "value": "true", + "description": "Elevate the user context for this request if user is permitted (canAdmin)" } ] - }, - "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" + } }, "response": [] } @@ -11419,7 +14633,7 @@ "name": "{rule Id}", "item": [ { - "name": "PUT Review: all projections", + "name": "PUT Review: stigs and rule projections", "event": [ { "listen": "test", @@ -11483,26 +14697,7 @@ " ruleId: \"SV-106179r1_rule\",\r", " version: \"SRG-NET-000019-VPN-000040\",\r", " severity: \"medium\"\r", - " },\r", - " history: [{\r", - " ts: \"2021-07-16T03:34:02Z\",\r", - " detail: \"test\\nvisible to lvl1\",\r", - " result: \"pass\",\r", - " status: {\r", - " ts: \"2021-07-16T03:34:02Z\",\r", - " text: null,\r", - " user: {\r", - " userId: \"1\",\r", - " username: \"stigmanadmin\"\r", - " },\r", - " label: \"submitted\"\r", - " },\r", - " userId: \"1\",\r", - " comment: \"idk\",\r", - " touchTs: \"2021-07-16T03:34:02Z\",\r", - " username: \"stigmanadmin\",\r", - " autoResult: false\r", - " }] \r", + " }\r", "}\r", "pm.test(\"Response matches expected response\", function () {\r", " try {\r", @@ -11532,7 +14727,7 @@ "raw": "{\n \"result\": \"pass\",\n \"detail\": \"test\\nvisible to lvl1\",\n \"comment\": \"sure\",\n \"autoResult\": false,\n \"status\": \"submitted\"\n}" }, "url": { - "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", + "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=stigs", "host": [ "{{baseUrl}}" ], @@ -11552,7 +14747,8 @@ { "key": "projection", "value": "history", - "description": "Additional properties to include in the response.\n" + "description": "Additional properties to include in the response.\n", + "disabled": true }, { "key": "projection", @@ -17744,12 +20940,137 @@ "value": "{{testAsset}}" } ] - } + } + }, + "response": [] + }, + { + "name": "Set all properties of a Review - lvl1 test - no Asset Access", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "pm.test(\"Status should be is 403 for lvl1 user\", function () {\r", + " pm.response.to.have.status(403);\r", + "});\r", + "\r", + "\r", + "// let baseUrl = pm.environment.get(\"baseUrl\");\r", + "// let assetId = pm.environment.get(\"testAsset-lvl1NoAccess\");\r", + "// let ruleId = pm.environment.get(\"testRuleId\");\r", + "// let collectionId = pm.environment.get(\"testCollection\");\r", + "// let stigmanadmin = pm.environment.get(\"token.stigmanadmin\");\r", + "// console.log(baseUrl)\r", + "\r", + "// const postRequest = {\r", + "// url: `${baseUrl}/collections/${collectionId}/reviews/${assetId}/${ruleId}`,\r", + "// method: 'GET',\r", + "// header: {\r", + "// 'Content-Type': 'application/json',\r", + "// 'X-Foo': 'bar',\r", + "// 'Authorization': `Bearer ${stigmanadmin}`\r", + "// }\r", + "// };\r", + "\r", + "// pm.sendRequest(postRequest, (error, response) => {\r", + "// if (error) {\r", + "// console.log(error);\r", + "// }\r", + "\r", + "// pm.test('admin requesting same review', () => {\r", + "// pm.expect(error).to.equal(null);\r", + "// pm.expect(response).to.have.property('code', 200);\r", + "// pm.expect(response).to.have.property('status', 'OK');\r", + "// });\r", + "\r", + "// let adminCheckJsonData = response.json();\r", + "\r", + "\r", + "// pm.test(\"admin user checking to see if this request altered review\", function () {\r", + "// pm.expect(adminCheckJsonData).to.be.an('object');\r", + "// pm.expect(adminCheckJsonData.detail).to.not.eql(\"LVL1 PUT THIS\");\r", + "\r", + "// });\r", + "\r", + "// });" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "PUT", + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"result\": \"pass\",\n \"detail\": \"LVL1 PUT THIS\",\n \"comment\": \"sure\",\n \"autoResult\": false,\n \"status\": \"submitted\"\n}" + }, + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "reviews", + ":assetId", + ":ruleId" + ], + "query": [ + { + "key": "projection", + "value": "rule", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "history", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "stigs" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}", + "description": "(Required) A path parameter that indentifies a Collection" + }, + { + "key": "assetId", + "value": "{{testAsset-lvl1NoAccess}}", + "description": "(Required) A path parameter that indentifies an Asset" + }, + { + "key": "ruleId", + "value": "{{testRuleId}}", + "description": "(Required) A path parameter that indentifies a Rule" + } + ] + }, + "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" }, "response": [] }, { - "name": "Set all properties of a Review - lvl1 test - no Asset Access", + "name": "Set all properties of a Review - lvl1 test - no STIG-Asset Access", "event": [ { "listen": "test", @@ -17769,8 +21090,8 @@ "\r", "\r", "// let baseUrl = pm.environment.get(\"baseUrl\");\r", - "// let assetId = pm.environment.get(\"testAsset-lvl1NoAccess\");\r", - "// let ruleId = pm.environment.get(\"testRuleId\");\r", + "// let assetId = pm.environment.get(\"testAsset\");\r", + "// let ruleId = pm.environment.get(\"testRuleId-lvl1NoAccess\");\r", "// let collectionId = pm.environment.get(\"testCollection\");\r", "// let stigmanadmin = pm.environment.get(\"token.stigmanadmin\");\r", "// console.log(baseUrl)\r", @@ -17859,12 +21180,12 @@ }, { "key": "assetId", - "value": "{{testAsset-lvl1NoAccess}}", + "value": "{{testAsset}}", "description": "(Required) A path parameter that indentifies an Asset" }, { "key": "ruleId", - "value": "{{testRuleId}}", + "value": "{{testRuleId-lvl1NoAccess}}", "description": "(Required) A path parameter that indentifies a Rule" } ] @@ -17874,7 +21195,7 @@ "response": [] }, { - "name": "Set all properties of a Review - lvl1 test - no STIG-Asset Access", + "name": "Delete a Review - lvl1 test - noAssetAccess", "event": [ { "listen": "test", @@ -17893,61 +21214,101 @@ "});\r", "\r", "\r", - "// let baseUrl = pm.environment.get(\"baseUrl\");\r", - "// let assetId = pm.environment.get(\"testAsset\");\r", - "// let ruleId = pm.environment.get(\"testRuleId-lvl1NoAccess\");\r", - "// let collectionId = pm.environment.get(\"testCollection\");\r", - "// let stigmanadmin = pm.environment.get(\"token.stigmanadmin\");\r", - "// console.log(baseUrl)\r", - "\r", - "// const postRequest = {\r", - "// url: `${baseUrl}/collections/${collectionId}/reviews/${assetId}/${ruleId}`,\r", - "// method: 'GET',\r", - "// header: {\r", - "// 'Content-Type': 'application/json',\r", - "// 'X-Foo': 'bar',\r", - "// 'Authorization': `Bearer ${stigmanadmin}`\r", - "// }\r", - "// };\r", - "\r", - "// pm.sendRequest(postRequest, (error, response) => {\r", - "// if (error) {\r", - "// console.log(error);\r", - "// }\r", - "\r", - "// pm.test('admin requesting same review', () => {\r", - "// pm.expect(error).to.equal(null);\r", - "// pm.expect(response).to.have.property('code', 200);\r", - "// pm.expect(response).to.have.property('status', 'OK');\r", - "// });\r", - "\r", - "// let adminCheckJsonData = response.json();\r", + "//GITHUB ISSUE 94, indicating deleting of reviews not yet implemented\r", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "DELETE", + "header": [], + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "reviews", + ":assetId", + ":ruleId" + ], + "query": [ + { + "key": "elevate", + "value": "{{elevated}}", + "description": "Elevate the user context for this request if user is permitted (canAdmin)", + "disabled": true + }, + { + "key": "projection", + "value": "rule", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "history", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "stigs" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}", + "description": "(Required) A path parameter that indentifies a Collection" + }, + { + "key": "assetId", + "value": "{{testAsset-lvl1NoAccess}}", + "description": "(Required) A path parameter that indentifies an Asset" + }, + { + "key": "ruleId", + "value": "{{testRuleId}}", + "description": "(Required) A path parameter that indentifies a Rule" + } + ] + } + }, + "response": [] + }, + { + "name": "Delete a Review - lvl1 test - no STIG-Asset Access", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", "\r", - "// pm.test(\"admin user checking to see if this request altered review\", function () {\r", - "// pm.expect(adminCheckJsonData).to.be.an('object');\r", - "// pm.expect(adminCheckJsonData.detail).to.not.eql(\"LVL1 PUT THIS\");\r", + "pm.test(\"Status should be is 403 for lvl1 user\", function () {\r", + " pm.response.to.have.status(403);\r", + "});\r", "\r", - "// });\r", "\r", - "// });" + "//GITHUB ISSUE 94, indicating deleting of reviews not yet implemented\r", + "" ], "type": "text/javascript" } } ], "request": { - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"result\": \"pass\",\n \"detail\": \"LVL1 PUT THIS\",\n \"comment\": \"sure\",\n \"autoResult\": false,\n \"status\": \"submitted\"\n}" - }, + "method": "DELETE", + "header": [], "url": { "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", "host": [ @@ -17960,263 +21321,586 @@ ":assetId", ":ruleId" ], - "query": [ - { - "key": "projection", - "value": "rule", - "description": "Additional properties to include in the response.\n" + "query": [ + { + "key": "elevate", + "value": "{{elevated}}", + "description": "Elevate the user context for this request if user is permitted (canAdmin)", + "disabled": true + }, + { + "key": "projection", + "value": "rule", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "history", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "stigs" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}", + "description": "(Required) A path parameter that indentifies a Collection" + }, + { + "key": "assetId", + "value": "{{testAsset}}", + "description": "(Required) A path parameter that indentifies an Asset" + }, + { + "key": "ruleId", + "value": "{{testRuleId-lvl1NoAccess}}", + "description": "(Required) A path parameter that indentifies a Rule" + } + ] + } + }, + "response": [] + } + ], + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{token.lvl1}}", + "type": "string" + } + ] + }, + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + " user = \"lvl1\";", + " elevate = false;", + " pm.environment.set(\"user\", user);", + " pm.environment.set(\"elevated\", elevate);", + " let token = pm.environment.get(\"token.\" + user)", + " pm.environment.set(\"token\", token);", + " console.log(`No iteration data. Setting: User: ${user} elevated: ${elevate} Bearer: ${token}`);", + "", + " return; // Just use whatever settings are currently left in the env.", + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ] + }, + { + "name": "Additional sundry tests", + "item": [ + { + "name": "LoadTestData", + "item": [ + { + "name": "Import a new STIG - VPN (as admin)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if (user == \"stigmanadmin\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 only for stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", + " });\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "\r", + "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", + "\r", + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"currentGroupRule\");\r", + "});" + ], + "type": "text/javascript" + } + } + ], + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "accessToken", + "value": "{{token.stigmanadmin}}", + "type": "string" + }, + { + "key": "addTokenTo", + "value": "header", + "type": "string" + } + ] }, - { - "key": "projection", - "value": "history", - "description": "Additional properties to include in the response.\n" + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + } + ], + "body": { + "mode": "formdata", + "formdata": [ + { + "key": "replace", + "value": "true", + "description": " (This can only be one of true,false)", + "type": "text" + }, + { + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{vpnStig}}" + } + ] }, + "url": { + "raw": "{{baseUrl}}/stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "stigs" + ] + } + }, + "response": [] + }, + { + "name": "Import a new STIG - Win 10 (as admin)", + "event": [ { - "key": "projection", - "value": "stigs" + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if (user == \"stigmanadmin\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 only for stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", + " });\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + "}\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", + "\r", + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"currentGroupRule\");\r", + "});" + ], + "type": "text/javascript" + } } ], - "variable": [ - { - "key": "collectionId", - "value": "{{testCollection}}", - "description": "(Required) A path parameter that indentifies a Collection" + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "accessToken", + "value": "{{token.stigmanadmin}}", + "type": "string" + }, + { + "key": "addTokenTo", + "value": "header", + "type": "string" + } + ] }, - { - "key": "assetId", - "value": "{{testAsset}}", - "description": "(Required) A path parameter that indentifies an Asset" + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + } + ], + "body": { + "mode": "formdata", + "formdata": [ + { + "key": "replace", + "value": "true", + "description": " (This can only be one of true,false)", + "type": "text" + }, + { + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{win10Stig}}" + } + ] }, - { - "key": "ruleId", - "value": "{{testRuleId-lvl1NoAccess}}", - "description": "(Required) A path parameter that indentifies a Rule" + "url": { + "raw": "{{baseUrl}}/stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "stigs" + ] } - ] + }, + "response": [] }, - "description": "Create a new Review, or update all properties of an existing Review, setting missing properties to null" - }, - "response": [] - }, - { - "name": "Delete a Review - lvl1 test - noAssetAccess", - "event": [ { - "listen": "test", - "script": { - "exec": [ - "let user = pm.environment.get(\"user\");\r", - "console.log(\"user: \" + user);\r", - "\r", - "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", - " user = \"elevated\";\r", - " console.log(\"setting user to 'elevated'\");\r", - "}\r", - "\r", - "pm.test(\"Status should be is 403 for lvl1 user\", function () {\r", - " pm.response.to.have.status(403);\r", - "});\r", - "\r", - "\r", - "//GITHUB ISSUE 94, indicating deleting of reviews not yet implemented\r", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "DELETE", - "header": [], - "url": { - "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", - "host": [ - "{{baseUrl}}" - ], - "path": [ - "collections", - ":collectionId", - "reviews", - ":assetId", - ":ruleId" + "name": "Import a new STIG - RHEL 7 (as admin)", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if (user == \"stigmanadmin\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 only for stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", + " });\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + "}\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", + "\r", + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"currentGroupRule\");\r", + "});" + ], + "type": "text/javascript" + } + } ], - "query": [ - { - "key": "elevate", - "value": "{{elevated}}", - "description": "Elevate the user context for this request if user is permitted (canAdmin)", - "disabled": true - }, - { - "key": "projection", - "value": "rule", - "description": "Additional properties to include in the response.\n" + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "accessToken", + "value": "{{token.stigmanadmin}}", + "type": "string" + }, + { + "key": "addTokenTo", + "value": "header", + "type": "string" + } + ] }, - { - "key": "projection", - "value": "history", - "description": "Additional properties to include in the response.\n" + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + } + ], + "body": { + "mode": "formdata", + "formdata": [ + { + "key": "replace", + "value": "true", + "description": " (This can only be one of true,false)", + "type": "text" + }, + { + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{rhel7Stig}}" + } + ] }, + "url": { + "raw": "{{baseUrl}}/stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "stigs" + ] + } + }, + "response": [] + }, + { + "name": "Import and overwrite application data (as elevated Admin)", + "event": [ { - "key": "projection", - "value": "stigs" + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if (user == \"elevated\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 for elevated stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", + " });\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + "}\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", + "\r", + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"Commit successful\");\r", + "});" + ], + "type": "text/javascript" + } } ], - "variable": [ - { - "key": "collectionId", - "value": "{{testCollection}}", - "description": "(Required) A path parameter that indentifies a Collection" + "request": { + "auth": { + "type": "oauth2", + "oauth2": [ + { + "key": "accessToken", + "value": "{{token.stigmanadmin}}", + "type": "string" + } + ] }, - { - "key": "assetId", - "value": "{{testAsset-lvl1NoAccess}}", - "description": "(Required) A path parameter that indentifies an Asset" + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + } + ], + "body": { + "mode": "formdata", + "formdata": [ + { + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{appDataFile}}" + } + ] }, - { - "key": "ruleId", - "value": "{{testRuleId}}", - "description": "(Required) A path parameter that indentifies a Rule" + "url": { + "raw": "{{baseUrl}}/op/appdata?elevate=true", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "op", + "appdata" + ], + "query": [ + { + "key": "elevate", + "value": "true", + "description": "Elevate the user context for this request if user is permitted (canAdmin)" + } + ] } - ] + }, + "response": [] } - }, - "response": [] + ] }, { - "name": "Delete a Review - lvl1 test - no STIG-Asset Access", - "event": [ + "name": "Check that \"informational\" results are represented as NotReviewed with Finding Details data in .ckls", + "item": [ { - "listen": "test", - "script": { - "exec": [ - "let user = pm.environment.get(\"user\");\r", - "console.log(\"user: \" + user);\r", - "\r", - "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", - " user = \"elevated\";\r", - " console.log(\"setting user to 'elevated'\");\r", - "}\r", - "\r", - "pm.test(\"Status should be is 403 for lvl1 user\", function () {\r", - " pm.response.to.have.status(403);\r", - "});\r", - "\r", - "\r", - "//GITHUB ISSUE 94, indicating deleting of reviews not yet implemented\r", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "DELETE", - "header": [], - "url": { - "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", - "host": [ - "{{baseUrl}}" - ], - "path": [ - "collections", - ":collectionId", - "reviews", - ":assetId", - ":ruleId" - ], - "query": [ - { - "key": "elevate", - "value": "{{elevated}}", - "description": "Elevate the user context for this request if user is permitted (canAdmin)", - "disabled": true - }, - { - "key": "projection", - "value": "rule", - "description": "Additional properties to include in the response.\n" - }, - { - "key": "projection", - "value": "history", - "description": "Additional properties to include in the response.\n" - }, + "name": "Set all properties of a Review - informational + result comment", + "event": [ { - "key": "projection", - "value": "stigs" + "listen": "test", + "script": { + "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if ( user == \"collectioncreator\" ) { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 403 for all users except stigmanAdmin(elevated), lvl3 and lvl4\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "else {\r", + " pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + " });\r", + "}\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "\r", + "pm.test(\"Response JSON is an object\", function () {\r", + " pm.expect(jsonData).to.be.an('object');\r", + " // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", + " // pm.expect(jsonData).to.have.lengthOf(1);\r", + "\r", + "});\r", + "" + ], + "type": "text/javascript" + } } ], - "variable": [ - { - "key": "collectionId", - "value": "{{testCollection}}", - "description": "(Required) A path parameter that indentifies a Collection" + "request": { + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{token.stigmanadmin}}", + "type": "string" + } + ] }, - { - "key": "assetId", - "value": "{{testAsset}}", - "description": "(Required) A path parameter that indentifies an Asset" + "method": "PUT", + "header": [ + { + "key": "Content-Type", + "value": "application/json" + } + ], + "body": { + "mode": "raw", + "raw": "{\n \"result\": \"informational\",\n \"detail\": \"test\\nvisible to lvl1, THIS REVIEW IS INFORMATIONAL (but comes back as Not_Reviewed in a ckl)\",\n \"comment\": \"sure\",\n \"autoResult\": false,\n \"status\": \"saved\"\n}" }, - { - "key": "ruleId", - "value": "{{testRuleId-lvl1NoAccess}}", - "description": "(Required) A path parameter that indentifies a Rule" + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "reviews", + ":assetId", + ":ruleId" + ], + "query": [ + { + "key": "projection", + "value": "rule", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "history", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "stigs" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "21", + "description": "(Required) A path parameter that indentifies a Collection" + }, + { + "key": "assetId", + "value": "42", + "description": "(Required) A path parameter that indentifies an Asset" + }, + { + "key": "ruleId", + "value": "SV-106179r1_rule", + "description": "(Required) A path parameter that indentifies a Rule" + } + ] } - ] - } - }, - "response": [] - } - ], - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token.lvl1}}", - "type": "string" - } - ] - }, - "event": [ - { - "listen": "prerequest", - "script": { - "type": "text/javascript", - "exec": [ - " user = \"lvl1\";", - " elevate = false;", - " pm.environment.set(\"user\", user);", - " pm.environment.set(\"elevated\", elevate);", - " let token = pm.environment.get(\"token.\" + user)", - " pm.environment.set(\"token\", token);", - " console.log(`No iteration data. Setting: User: ${user} elevated: ${elevate} Bearer: ${token}`);", - "", - " return; // Just use whatever settings are currently left in the env.", - "" - ] - } - }, - { - "listen": "test", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - } - ] - }, - { - "name": "Additional sundry tests", - "item": [ - { - "name": "LoadTestData", - "item": [ + }, + "response": [] + }, { - "name": "Import a new STIG - VPN (as admin)", + "name": "Return the Checklist for the supplied Asset and STIG XML (.ckl) - check that informational + detail exported as not_reviewed + finding_details", "event": [ { "listen": "test", @@ -18225,34 +21909,111 @@ "let user = pm.environment.get(\"user\");\r", "console.log(\"user: \" + user);\r", "\r", - "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", - " user = \"elevated\";\r", - " console.log(\"setting user to 'elevated'\");\r", - "}\r", + "const xml2js = require('xml2js');\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" ) {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "else if (user == \"collectioncreator\" ) {\r", + " pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + " pm.response.to.have.status(204);\r", + " });\r", + " return;\r", + "}\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "\r", + "let cklData;\r", + "\r", + " xml2js.parseString(pm.response.text(), function (err, result) {\r", + " cklData = result;\r", + " // console.log(result);\r", + " });\r", + "\r", + "\r", + "let cklHostName = cklData.CHECKLIST.ASSET[0].HOST_NAME[0]\r", + "let cklIStigs = cklData.CHECKLIST.STIGS[0].iSTIG\r", + "// let cklSiData = cklData.CHECKLIST.STIGS[0].iSTIG[0].STIG_INFO[0].SI_DATA\r", + "// console.log(cklSiData);\r", + "\r", + "\r", + "let assetMatchString = pm.environment.get(\"assetMatchString\");\r", + "\r", + "pm.test(\"Response has allowed asset\", function () {\r", + "\r", + " var regex = new RegExp(assetMatchString);\r", + " pm.expect(cklHostName).to.match(regex);\r", + "\r", + "});\r", + "\r", + "\r", + "let validStigs = JSON.parse(pm.environment.get(\"stigs.valid\"));\r", + "let currentStigId;\r", + "\r", + "pm.test(\"Check each iSTIG for STIG Info element with allowed stigId, as well as vulns array of proper length. Then check for Informational review masquerading as Not_Reviewed in the ckl.\", function () {\r", + "\r", + " for (let iStig of cklIStigs){\r", + "\r", + " for (let cklSiDatum of iStig.STIG_INFO[0].SI_DATA){\r", + " // console.log (cklSiDatum.SID_NAME[0])\r", + " if (cklSiDatum.SID_NAME[0] == 'stigid'){\r", + " console.log (cklSiDatum.SID_NAME[0])\r", + " console.log (cklSiDatum.SID_DATA[0])\r", + " currentStigId = cklSiDatum.SID_DATA[0]\r", + " pm.expect(currentStigId).to.be.oneOf(validStigs);\r", + "\r", + " }\r", + " }\r", + "\r", + " let cklVulns = iStig.VULN;\r", + "\r", + " pm.expect(cklVulns).to.be.an('array');\r", + "\r", + " // Right now, only VPN_SRG has a checklist length\r", + " if (currentStigId == 'VPN_SRG') {\r", + " let checklistLength = pm.environment.get(\"checklistLength\");\r", + " pm.expect(cklVulns).to.be.an('array').of.length(checklistLength);\r", + "\r", + " for (let thisVuln of cklVulns){\r", + " for (let stigData of thisVuln.STIG_DATA){\r", + " // console.log(stigData.VULN_ATTRIBUTE)\r", + " // if (stigData.VULN_ATTRIBUTE)\r", + " if (stigData.ATTRIBUTE_DATA[0] == 'SV-106179r1_rule'){\r", + " console.log(stigData.VULN_ATTRIBUTE)\r", + " console.log(thisVuln.FINDING_DETAILS[0])\r", + " // pm.expect(thisVuln.FINDING_DETAILS[0]).to.be.an('array').of.length(checklistLength);\r", + " var commentRegex = new RegExp(\"INFORMATIONAL\");\r", + " var statusRegex = new RegExp(\"Not_Reviewed\");\r", + " pm.expect(thisVuln.FINDING_DETAILS[0]).to.match(commentRegex);\r", + " pm.expect(thisVuln.STATUS[0]).to.match(statusRegex);\r", + " }\r", + "\r", + " }\r", + " }\r", + "\r", + " }\r", + " }\r", + "});\r", + "\r", "\r", - "if (user == \"stigmanadmin\") { //placeholder for \"users\" that should fail\r", - " pm.test(\"Status should be is 200 only for stigmanadmin user\", function () {\r", - " pm.response.to.have.status(200);\r", - " });\r", - "}\r", - "else {\r", - " pm.test(\"Status code is 403\", function () {\r", - " pm.response.to.have.status(403);\r", - " });\r", - " return;\r", - "}\r", - "if (pm.response.code !== 200) {\r", - " return;\r", - "}\r", "\r", "\r", "\r", - "let response = pm.response.text();\r", - "console.log(response)\r", "\r", - "pm.test(\"Body contains string\",() => {\r", - " pm.expect(response).to.include(\"currentGroupRule\");\r", - "});" + "\r", + "" ], "type": "text/javascript" } @@ -18260,91 +22021,69 @@ ], "request": { "auth": { - "type": "oauth2", - "oauth2": [ + "type": "bearer", + "bearer": [ { - "key": "accessToken", + "key": "token", "value": "{{token.stigmanadmin}}", "type": "string" - }, - { - "key": "addTokenTo", - "value": "header", - "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "value": "multipart/form-data" - } - ], - "body": { - "mode": "formdata", - "formdata": [ - { - "key": "replace", - "value": "true", - "description": " (This can only be one of true,false)", - "type": "text" - }, - { - "key": "importFile", - "type": "file", - "src": "./{{formDataFiles}}/{{vpnStig}}" } ] }, + "method": "GET", + "header": [], "url": { - "raw": "{{baseUrl}}/stigs", + "raw": "{{baseUrl}}/assets/:assetId/checklists/:benchmarkId/:revisionStr?format=ckl", "host": [ "{{baseUrl}}" ], "path": [ - "stigs" + "assets", + ":assetId", + "checklists", + ":benchmarkId", + ":revisionStr" + ], + "query": [ + { + "key": "format", + "value": "ckl", + "description": "The format of the response. Default if missing is 'json'" + } + ], + "variable": [ + { + "key": "assetId", + "value": "42", + "description": "(Required) A path parameter that indentifies an Asset" + }, + { + "key": "benchmarkId", + "value": "VPN_SRG", + "description": "(Required) A path parameter that indentifies a STIG" + }, + { + "key": "revisionStr", + "value": "V1R1", + "description": "(Required) A path parameter that indentifies a STIG revision [ V{version_num}R{release_num} | 'latest' ]" + } ] } }, "response": [] }, { - "name": "Import a new STIG - Win 10 (as admin)", + "name": "Set all properties of a Review - invalid result enum", "event": [ { "listen": "test", "script": { "exec": [ - "let user = pm.environment.get(\"user\");\r", - "console.log(\"user: \" + user);\r", - "\r", - "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", - " user = \"elevated\";\r", - " console.log(\"setting user to 'elevated'\");\r", - "}\r", "\r", - "if (user == \"stigmanadmin\") { //placeholder for \"users\" that should fail\r", - " pm.test(\"Status should be is 200 only for stigmanadmin user\", function () {\r", - " pm.response.to.have.status(200);\r", - " });\r", - "}\r", - "else {\r", - " pm.test(\"Status code is 403\", function () {\r", - " pm.response.to.have.status(403);\r", + " pm.test(\"Status should be is 400 for all users\", function () {\r", + " pm.response.to.have.status(400);\r", " });\r", - "}\r", - "if (pm.response.code !== 200) {\r", - " return;\r", - "}\r", - "\r", - "\r", - "let response = pm.response.text();\r", - "console.log(response)\r", - "\r", - "pm.test(\"Body contains string\",() => {\r", - " pm.expect(response).to.include(\"currentGroupRule\");\r", - "});" + " " ], "type": "text/javascript" } @@ -18352,57 +22091,253 @@ ], "request": { "auth": { - "type": "oauth2", - "oauth2": [ + "type": "bearer", + "bearer": [ { - "key": "accessToken", + "key": "token", "value": "{{token.stigmanadmin}}", "type": "string" - }, - { - "key": "addTokenTo", - "value": "header", - "type": "string" } ] }, - "method": "POST", + "method": "PUT", "header": [ { "key": "Content-Type", - "value": "multipart/form-data" + "value": "application/json" } ], "body": { - "mode": "formdata", - "formdata": [ + "mode": "raw", + "raw": "{\n \"result\": \"INVALID\",\n \"detail\": \"test\\nvisible to lvl1, test of invalid result enum\",\n \"comment\": \"sure\",\n \"autoResult\": false,\n \"status\": \"saved\"\n}" + }, + "url": { + "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections", + ":collectionId", + "reviews", + ":assetId", + ":ruleId" + ], + "query": [ { - "key": "replace", - "value": "true", - "description": " (This can only be one of true,false)", - "type": "text" + "key": "projection", + "value": "rule", + "description": "Additional properties to include in the response.\n" }, { - "key": "importFile", - "type": "file", - "src": "./{{formDataFiles}}/{{win10Stig}}" + "key": "projection", + "value": "history", + "description": "Additional properties to include in the response.\n" + }, + { + "key": "projection", + "value": "stigs" + } + ], + "variable": [ + { + "key": "collectionId", + "value": "21", + "description": "(Required) A path parameter that indentifies a Collection" + }, + { + "key": "assetId", + "value": "42", + "description": "(Required) A path parameter that indentifies an Asset" + }, + { + "key": "ruleId", + "value": "SV-106179r1_rule", + "description": "(Required) A path parameter that indentifies a Rule" + } + ] + } + }, + "response": [] + } + ] + }, + { + "name": "Collection settings", + "item": [ + { + "name": "Invalid fields.detail.required value", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status is 400 \", function () {", + " pm.response.to.have.status(400);", + "});", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"{{$timestamp}}\",\n \"description\": \"Collection TEST description\",\n \"settings\": {\n \"fields\": {\n \"detail\": {\n \"enabled\": \"findings\",\n \"required\": \"always\"\n },\n \"comment\": {\n \"enabled\": \"always\",\n \"required\": \"always\"\n }\n },\n \"status\": {\n \"canAccept\": true,\n \"minAcceptGrant\": 3,\n \"resetCriteria\": \"result\"\n }\n },\n \"metadata\": {},\n \"grants\": [\n {\n \"userId\": \"1\",\n \"accessLevel\": 4\n }\n ]\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "{{baseUrl}}/collections", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "collections" + ] + } + }, + "response": [] + }, + { + "name": "Missing settings", + "event": [ + { + "listen": "test", + "script": { + "exec": [ + "pm.test(\"Status is 400 \", function () {", + " pm.response.to.have.status(400);", + "});", + "" + ], + "type": "text/javascript" + } + } + ], + "request": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"name\": \"{{$timestamp}}\",\n \"description\": \"Collection TEST description\",\n \"metadata\": {},\n \"grants\": [\n {\n \"userId\": \"1\",\n \"accessLevel\": 4\n }\n ]\n}\n", + "options": { + "raw": { + "language": "json" } - ] + } }, "url": { - "raw": "{{baseUrl}}/stigs", + "raw": "{{baseUrl}}/collections", "host": [ "{{baseUrl}}" ], "path": [ - "stigs" + "collections" ] } }, "response": [] + } + ], + "auth": { + "type": "bearer", + "bearer": [ + { + "key": "token", + "value": "{{token.stigmanadmin}}", + "type": "string" + } + ] + }, + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } }, { - "name": "Import a new STIG - RHEL 7 (as admin)", + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ] + } + ], + "description": "These tests should be self contained, provide their own authorization, and repopulate test data if required.", + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ] + }, + { + "name": "History Tests", + "item": [ + { + "name": "LoadTestData", + "item": [] + } + ], + "description": "These tests should be self contained, provide their own authorization, and repopulate test data if required.", + "event": [ + { + "listen": "prerequest", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + }, + { + "listen": "test", + "script": { + "type": "text/javascript", + "exec": [ + "" + ] + } + } + ] + }, + { + "name": "Tests in Development - not expected to pass", + "item": [ + { + "name": "LoadTestData", + "item": [ + { + "name": "Import a new STIG - VPN (as admin)", "event": [ { "listen": "test", @@ -18425,11 +22360,14 @@ " pm.test(\"Status code is 403\", function () {\r", " pm.response.to.have.status(403);\r", " });\r", + " return;\r", "}\r", "if (pm.response.code !== 200) {\r", " return;\r", "}\r", "\r", + "\r", + "\r", "let response = pm.response.text();\r", "console.log(response)\r", "\r", @@ -18476,7 +22414,7 @@ { "key": "importFile", "type": "file", - "src": "./{{formDataFiles}}/{{rhel7Stig}}" + "src": "./{{formDataFiles}}/{{vpnStig}}" } ] }, @@ -18493,7 +22431,7 @@ "response": [] }, { - "name": "Import and overwrite application data (as elevated Admin)", + "name": "Import a new STIG - Win 10 (as admin)", "event": [ { "listen": "test", @@ -18507,8 +22445,8 @@ " console.log(\"setting user to 'elevated'\");\r", "}\r", "\r", - "if (user == \"elevated\") { //placeholder for \"users\" that should fail\r", - " pm.test(\"Status should be is 200 for elevated stigmanadmin user\", function () {\r", + "if (user == \"stigmanadmin\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 only for stigmanadmin user\", function () {\r", " pm.response.to.have.status(200);\r", " });\r", "}\r", @@ -18526,7 +22464,7 @@ "console.log(response)\r", "\r", "pm.test(\"Body contains string\",() => {\r", - " pm.expect(response).to.include(\"Commit successful\");\r", + " pm.expect(response).to.include(\"currentGroupRule\");\r", "});" ], "type": "text/javascript" @@ -18541,170 +22479,51 @@ "key": "accessToken", "value": "{{token.stigmanadmin}}", "type": "string" - } - ] - }, - "method": "POST", - "header": [ - { - "key": "Content-Type", - "value": "multipart/form-data" - } - ], - "body": { - "mode": "formdata", - "formdata": [ - { - "key": "importFile", - "type": "file", - "src": "./{{formDataFiles}}/{{appDataFile}}" - } - ] - }, - "url": { - "raw": "{{baseUrl}}/op/appdata?elevate=true", - "host": [ - "{{baseUrl}}" - ], - "path": [ - "op", - "appdata" - ], - "query": [ - { - "key": "elevate", - "value": "true", - "description": "Elevate the user context for this request if user is permitted (canAdmin)" - } - ] - } - }, - "response": [] - } - ] - }, - { - "name": "Check that \"informational\" results are represented as NotReviewed with Finding Details data in .ckls", - "item": [ - { - "name": "Set all properties of a Review - informational + result comment", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "let user = pm.environment.get(\"user\");\r", - "console.log(\"user: \" + user);\r", - "\r", - "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", - " user = \"elevated\";\r", - " console.log(\"setting user to 'elevated'\");\r", - "}\r", - "\r", - "if ( user == \"collectioncreator\" ) { //placeholder for \"users\" that should fail\r", - " pm.test(\"Status should be is 403 for all users except stigmanAdmin(elevated), lvl3 and lvl4\", function () {\r", - " pm.response.to.have.status(403);\r", - " });\r", - " return;\r", - "}\r", - "else {\r", - " pm.test(\"Status code is 200\", function () {\r", - " pm.response.to.have.status(200);\r", - " });\r", - "}\r", - "if (pm.response.code !== 200) {\r", - " return;\r", - "}\r", - "\r", - "\r", - "let jsonData = pm.response.json();\r", - "\r", - "\r", - "pm.test(\"Response JSON is an object\", function () {\r", - " pm.expect(jsonData).to.be.an('object');\r", - " // pm.expect(jsonData).to.have.lengthOf.at.least(1);\r", - " // pm.expect(jsonData).to.have.lengthOf(1);\r", - "\r", - "});\r", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token.stigmanadmin}}", - "type": "string" - } - ] - }, - "method": "PUT", - "header": [ - { - "key": "Content-Type", - "value": "application/json" - } - ], - "body": { - "mode": "raw", - "raw": "{\n \"result\": \"informational\",\n \"detail\": \"test\\nvisible to lvl1, THIS REVIEW IS INFORMATIONAL (but comes back as Not_Reviewed in a ckl)\",\n \"comment\": \"sure\",\n \"autoResult\": false,\n \"status\": \"saved\"\n}" - }, - "url": { - "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", - "host": [ - "{{baseUrl}}" - ], - "path": [ - "collections", - ":collectionId", - "reviews", - ":assetId", - ":ruleId" - ], - "query": [ - { - "key": "projection", - "value": "rule", - "description": "Additional properties to include in the response.\n" - }, - { - "key": "projection", - "value": "history", - "description": "Additional properties to include in the response.\n" }, { - "key": "projection", - "value": "stigs" + "key": "addTokenTo", + "value": "header", + "type": "string" } - ], - "variable": [ - { - "key": "collectionId", - "value": "21", - "description": "(Required) A path parameter that indentifies a Collection" - }, + ] + }, + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + } + ], + "body": { + "mode": "formdata", + "formdata": [ { - "key": "assetId", - "value": "42", - "description": "(Required) A path parameter that indentifies an Asset" + "key": "replace", + "value": "true", + "description": " (This can only be one of true,false)", + "type": "text" }, { - "key": "ruleId", - "value": "SV-106179r1_rule", - "description": "(Required) A path parameter that indentifies a Rule" + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{win10Stig}}" } ] + }, + "url": { + "raw": "{{baseUrl}}/stigs", + "host": [ + "{{baseUrl}}" + ], + "path": [ + "stigs" + ] } }, "response": [] }, { - "name": "Return the Checklist for the supplied Asset and STIG XML (.ckl) - check that informational + detail exported as not_reviewed + finding_details", + "name": "Import a new STIG - RHEL 7 (as admin)", "event": [ { "listen": "test", @@ -18713,111 +22532,31 @@ "let user = pm.environment.get(\"user\");\r", "console.log(\"user: \" + user);\r", "\r", - "const xml2js = require('xml2js');\r", - "\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", "\r", - "if (user == \"bizarroLvl1\" ) {\r", - " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", - " pm.response.to.have.status(403);\r", + "if (user == \"stigmanadmin\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 only for stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", " });\r", - " return;\r", "}\r", - "else if (user == \"collectioncreator\" ) {\r", - " pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", - " pm.response.to.have.status(204);\r", + "else {\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", " });\r", - " return;\r", "}\r", - "\r", - "\r", - "pm.test(\"Status code is 200\", function () {\r", - " pm.response.to.have.status(200);\r", - "});\r", - "\r", "if (pm.response.code !== 200) {\r", " return;\r", "}\r", "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", "\r", - "let cklData;\r", - "\r", - " xml2js.parseString(pm.response.text(), function (err, result) {\r", - " cklData = result;\r", - " // console.log(result);\r", - " });\r", - "\r", - "\r", - "let cklHostName = cklData.CHECKLIST.ASSET[0].HOST_NAME[0]\r", - "let cklIStigs = cklData.CHECKLIST.STIGS[0].iSTIG\r", - "// let cklSiData = cklData.CHECKLIST.STIGS[0].iSTIG[0].STIG_INFO[0].SI_DATA\r", - "// console.log(cklSiData);\r", - "\r", - "\r", - "let assetMatchString = pm.environment.get(\"assetMatchString\");\r", - "\r", - "pm.test(\"Response has allowed asset\", function () {\r", - "\r", - " var regex = new RegExp(assetMatchString);\r", - " pm.expect(cklHostName).to.match(regex);\r", - "\r", - "});\r", - "\r", - "\r", - "let validStigs = JSON.parse(pm.environment.get(\"stigs.valid\"));\r", - "let currentStigId;\r", - "\r", - "pm.test(\"Check each iSTIG for STIG Info element with allowed stigId, as well as vulns array of proper length. Then check for Informational review masquerading as Not_Reviewed in the ckl.\", function () {\r", - "\r", - " for (let iStig of cklIStigs){\r", - "\r", - " for (let cklSiDatum of iStig.STIG_INFO[0].SI_DATA){\r", - " // console.log (cklSiDatum.SID_NAME[0])\r", - " if (cklSiDatum.SID_NAME[0] == 'stigid'){\r", - " console.log (cklSiDatum.SID_NAME[0])\r", - " console.log (cklSiDatum.SID_DATA[0])\r", - " currentStigId = cklSiDatum.SID_DATA[0]\r", - " pm.expect(currentStigId).to.be.oneOf(validStigs);\r", - "\r", - " }\r", - " }\r", - "\r", - " let cklVulns = iStig.VULN;\r", - "\r", - " pm.expect(cklVulns).to.be.an('array');\r", - "\r", - " // Right now, only VPN_SRG has a checklist length\r", - " if (currentStigId == 'VPN_SRG') {\r", - " let checklistLength = pm.environment.get(\"checklistLength\");\r", - " pm.expect(cklVulns).to.be.an('array').of.length(checklistLength);\r", - "\r", - " for (let thisVuln of cklVulns){\r", - " for (let stigData of thisVuln.STIG_DATA){\r", - " // console.log(stigData.VULN_ATTRIBUTE)\r", - " // if (stigData.VULN_ATTRIBUTE)\r", - " if (stigData.ATTRIBUTE_DATA[0] == 'SV-106179r1_rule'){\r", - " console.log(stigData.VULN_ATTRIBUTE)\r", - " console.log(thisVuln.FINDING_DETAILS[0])\r", - " // pm.expect(thisVuln.FINDING_DETAILS[0]).to.be.an('array').of.length(checklistLength);\r", - " var commentRegex = new RegExp(\"INFORMATIONAL\");\r", - " var statusRegex = new RegExp(\"Not_Reviewed\");\r", - " pm.expect(thisVuln.FINDING_DETAILS[0]).to.match(commentRegex);\r", - " pm.expect(thisVuln.STATUS[0]).to.match(statusRegex);\r", - " }\r", - "\r", - " }\r", - " }\r", - "\r", - " }\r", - " }\r", - "});\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "\r", - "" + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"currentGroupRule\");\r", + "});" ], "type": "text/javascript" } @@ -18825,69 +22564,91 @@ ], "request": { "auth": { - "type": "bearer", - "bearer": [ + "type": "oauth2", + "oauth2": [ { - "key": "token", + "key": "accessToken", "value": "{{token.stigmanadmin}}", "type": "string" + }, + { + "key": "addTokenTo", + "value": "header", + "type": "string" + } + ] + }, + "method": "POST", + "header": [ + { + "key": "Content-Type", + "value": "multipart/form-data" + } + ], + "body": { + "mode": "formdata", + "formdata": [ + { + "key": "replace", + "value": "true", + "description": " (This can only be one of true,false)", + "type": "text" + }, + { + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{rhel7Stig}}" } ] }, - "method": "GET", - "header": [], "url": { - "raw": "{{baseUrl}}/assets/:assetId/checklists/:benchmarkId/:revisionStr?format=ckl", + "raw": "{{baseUrl}}/stigs", "host": [ "{{baseUrl}}" ], "path": [ - "assets", - ":assetId", - "checklists", - ":benchmarkId", - ":revisionStr" - ], - "query": [ - { - "key": "format", - "value": "ckl", - "description": "The format of the response. Default if missing is 'json'" - } - ], - "variable": [ - { - "key": "assetId", - "value": "42", - "description": "(Required) A path parameter that indentifies an Asset" - }, - { - "key": "benchmarkId", - "value": "VPN_SRG", - "description": "(Required) A path parameter that indentifies a STIG" - }, - { - "key": "revisionStr", - "value": "V1R1", - "description": "(Required) A path parameter that indentifies a STIG revision [ V{version_num}R{release_num} | 'latest' ]" - } + "stigs" ] } }, "response": [] }, { - "name": "Set all properties of a Review - invalid result enum", + "name": "Import and overwrite application data (as elevated Admin)", "event": [ { "listen": "test", "script": { "exec": [ + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", "\r", - " pm.test(\"Status should be is 400 for all users\", function () {\r", - " pm.response.to.have.status(400);\r", + "if (pm.request.url.getQueryString().match(/elevate=true/)) {\r", + " user = \"elevated\";\r", + " console.log(\"setting user to 'elevated'\");\r", + "}\r", + "\r", + "if (user == \"elevated\") { //placeholder for \"users\" that should fail\r", + " pm.test(\"Status should be is 200 for elevated stigmanadmin user\", function () {\r", + " pm.response.to.have.status(200);\r", " });\r", - " " + "}\r", + "else {\r", + " pm.test(\"Status code is 403\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + "}\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "\r", + "let response = pm.response.text();\r", + "console.log(response)\r", + "\r", + "pm.test(\"Body contains string\",() => {\r", + " pm.expect(response).to.include(\"Commit successful\");\r", + "});" ], "type": "text/javascript" } @@ -18895,69 +22656,46 @@ ], "request": { "auth": { - "type": "bearer", - "bearer": [ + "type": "oauth2", + "oauth2": [ { - "key": "token", + "key": "accessToken", "value": "{{token.stigmanadmin}}", "type": "string" } ] }, - "method": "PUT", + "method": "POST", "header": [ { "key": "Content-Type", - "value": "application/json" + "value": "multipart/form-data" } ], "body": { - "mode": "raw", - "raw": "{\n \"result\": \"INVALID\",\n \"detail\": \"test\\nvisible to lvl1, test of invalid result enum\",\n \"comment\": \"sure\",\n \"autoResult\": false,\n \"status\": \"saved\"\n}" + "mode": "formdata", + "formdata": [ + { + "key": "importFile", + "type": "file", + "src": "./{{formDataFiles}}/{{appDataFile}}" + } + ] }, "url": { - "raw": "{{baseUrl}}/collections/:collectionId/reviews/:assetId/:ruleId?projection=rule&projection=history&projection=stigs", + "raw": "{{baseUrl}}/op/appdata?elevate=true", "host": [ "{{baseUrl}}" ], "path": [ - "collections", - ":collectionId", - "reviews", - ":assetId", - ":ruleId" + "op", + "appdata" ], "query": [ { - "key": "projection", - "value": "rule", - "description": "Additional properties to include in the response.\n" - }, - { - "key": "projection", - "value": "history", - "description": "Additional properties to include in the response.\n" - }, - { - "key": "projection", - "value": "stigs" - } - ], - "variable": [ - { - "key": "collectionId", - "value": "21", - "description": "(Required) A path parameter that indentifies a Collection" - }, - { - "key": "assetId", - "value": "42", - "description": "(Required) A path parameter that indentifies an Asset" - }, - { - "key": "ruleId", - "value": "SV-106179r1_rule", - "description": "(Required) A path parameter that indentifies a Rule" + "key": "elevate", + "value": "true", + "description": "Elevate the user context for this request if user is permitted (canAdmin)" } ] } @@ -18967,18 +22705,129 @@ ] }, { - "name": "Collection settings", + "name": "History - review format", "item": [ { - "name": "Invalid fields.detail.required value", + "name": "History records - check review object format", "event": [ { "listen": "test", "script": { "exec": [ - "pm.test(\"Status is 400 \", function () {", - " pm.response.to.have.status(400);", - "});", + "let user = pm.environment.get(\"user\");\r", + "console.log(\"user: \" + user);\r", + "\r", + "\r", + "if (user == \"bizarroLvl1\" || user == \"lvl1\" || user == \"collectioncreator\") {\r", + " pm.test(\"Status should be is 403 for user collectioncreator, bizarroLvl1\", function () {\r", + " pm.response.to.have.status(403);\r", + " });\r", + " return;\r", + "}\r", + "// else if (user == \"collectioncreator\" ) {\r", + "// pm.test(\"Status should be is 204 for user collectioncreator\", function () {\r", + "// pm.response.to.have.status(204);\r", + "// });\r", + "// return;\r", + "// }\r", + "\r", + "\r", + "pm.test(\"Status code is 200\", function () {\r", + " pm.response.to.have.status(200);\r", + "});\r", + "\r", + "if (pm.response.code !== 200) {\r", + " return;\r", + "}\r", + "\r", + "let jsonData = pm.response.json();\r", + "\r", + "let testStartDate = pm.environment.get(\"testStartDate\");\r", + "// let startDate = new Date(pm.environment.get(\"testStartDate\"));\r", + "let testEndDate = pm.environment.get(\"testEndDate\");\r", + "let testAsset = pm.environment.get(\"testAsset\");\r", + "let testRuleId = pm.environment.get(\"testRuleId\");\r", + "let testStatus = pm.environment.get(\"testStatus\");\r", + "\r", + "let expectedArrayLength = 6;//history length variable from env.\r", + "\r", + "\r", + "\r", + "pm.test(\"Response JSON is an array\", function () {\r", + " pm.expect(jsonData).to.be.an('array');\r", + "});\r", + "\r", + "\r", + "\r", + "\r", + "for (let assetItem of jsonData){\r", + " if (pm.request.url.getQueryString().match(/assetId=/)) {\r", + " console.log(\"param assetId found\" );\r", + " console.log(\"assetId:\" + assetItem.assetId)\r", + " pm.test(\"Response matches proper assetId\", function () {\r", + "\r", + " pm.expect(assetItem.assetId).to.equal(testAsset);\r", + " });\r", + "\r", + " }\r", + "\r", + " for (let history of assetItem.history){\r", + "\r", + " if (pm.request.url.getQueryString().match(/startDate=/)) {\r", + " console.log(\"param startDate found\" );\r", + " console.log(\"testStartDate:\" + testStartDate );\r", + " console.log(\"ts:\" + history.ts );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper startDate\", function () {\r", + "\r", + " pm.expect(Date.parse(history.ts)).to.be.above(Date.parse(testStartDate));\r", + " });\r", + "\r", + " }\r", + " if (pm.request.url.getQueryString().match(/endDate=/)) {\r", + " console.log(\"param endDate found\" );\r", + " console.log(\"testEndDate:\" + testEndDate );\r", + " console.log(\"ts:\" + history.ts );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper endDate\", function () {\r", + "\r", + " pm.expect(Date.parse(history.ts)).to.be.below(Date.parse(testEndDate));\r", + " // pm.expect(Date.parse(history.ts)).to.be.below(Date.parse(testStartDate));\r", + " });\r", + " }\r", + "\r", + " if (pm.request.url.getQueryString().match(/ruleId=/)) {\r", + " console.log(\"param ruleId found\" );\r", + " console.log(\"testRuleId:\" + testRuleId );\r", + " console.log(\"ruleId-response:\" + history.ruleId );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper ruleId\", function () {\r", + "\r", + " pm.expect(history.ruleId).to.equal(testRuleId);\r", + " });\r", + "\r", + " }\r", + "\r", + " if (pm.request.url.getQueryString().match(/status=/)) {\r", + " console.log(\"param status found\" );\r", + " console.log(\"testStatus:\" + testStatus );\r", + " // console.log(\"status:\" + history.status.label );\r", + " console.log(\"status:\" + history.status );\r", + " // console.log(\"touchTs:\" + history.touchTs );\r", + " pm.test(\"Response has proper status\", function () {\r", + " pm.expect(history.status).to.equal(testStatus);\r", + " // pm.expect(history.status.label).to.equal(testStatus);\r", + " }); \r", + "\r", + " } \r", + " \r", + " }\r", + "\r", + "}\r", + "\r", + "\r", + "\r", + "\r", "" ], "type": "text/javascript" @@ -18986,122 +22835,56 @@ } ], "request": { - "method": "POST", + "method": "GET", "header": [], - "body": { - "mode": "raw", - "raw": "{\n \"name\": \"{{$timestamp}}\",\n \"description\": \"Collection TEST description\",\n \"settings\": {\n \"fields\": {\n \"detail\": {\n \"enabled\": \"findings\",\n \"required\": \"always\"\n },\n \"comment\": {\n \"enabled\": \"always\",\n \"required\": \"always\"\n }\n },\n \"status\": {\n \"canAccept\": true,\n \"minAcceptGrant\": 3,\n \"resetCriteria\": \"result\"\n }\n },\n \"metadata\": {},\n \"grants\": [\n {\n \"userId\": \"1\",\n \"accessLevel\": 4\n }\n ]\n}\n", - "options": { - "raw": { - "language": "json" - } - } - }, "url": { - "raw": "{{baseUrl}}/collections", + "raw": "{{baseUrl}}/collections/:collectionId/review-history?startDate={{testStartDate}}", "host": [ "{{baseUrl}}" ], "path": [ - "collections" - ] - } - }, - "response": [] - }, - { - "name": "Missing settings", - "event": [ - { - "listen": "test", - "script": { - "exec": [ - "pm.test(\"Status is 400 \", function () {", - " pm.response.to.have.status(400);", - "});", - "" - ], - "type": "text/javascript" - } - } - ], - "request": { - "method": "POST", - "header": [], - "body": { - "mode": "raw", - "raw": "{\n \"name\": \"{{$timestamp}}\",\n \"description\": \"Collection TEST description\",\n \"metadata\": {},\n \"grants\": [\n {\n \"userId\": \"1\",\n \"accessLevel\": 4\n }\n ]\n}\n", - "options": { - "raw": { - "language": "json" + "collections", + ":collectionId", + "review-history" + ], + "query": [ + { + "key": "startDate", + "value": "{{testStartDate}}" + }, + { + "key": "endDate", + "value": "{{testEndDate}}", + "disabled": true + }, + { + "key": "assetId", + "value": "{{testAsset}}", + "disabled": true + }, + { + "key": "ruleId", + "value": "{{testRuleId}}", + "disabled": true + }, + { + "key": "status", + "value": "{{testStatus}}", + "disabled": true } - } - }, - "url": { - "raw": "{{baseUrl}}/collections", - "host": [ - "{{baseUrl}}" ], - "path": [ - "collections" + "variable": [ + { + "key": "collectionId", + "value": "{{testCollection}}" + } ] } }, "response": [] } - ], - "auth": { - "type": "bearer", - "bearer": [ - { - "key": "token", - "value": "{{token.stigmanadmin}}", - "type": "string" - } - ] - }, - "event": [ - { - "listen": "prerequest", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - }, - { - "listen": "test", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - } ] } - ], - "description": "These tests should be self contained, provide their own authorization, and repopulate test data if required.", - "event": [ - { - "listen": "prerequest", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - }, - { - "listen": "test", - "script": { - "type": "text/javascript", - "exec": [ - "" - ] - } - } ] } ],