some of the existing clients expect writing secure data to accept PUT… (

#141)

* some of the existing clients expect writing secure data to accept PUT as well as POST, when we changed arch we made write only listen to POST

* update unit tests

gradle.properties

@@ -14,6 +14,6 @@
 # limitations under the License.
 #
 
-version=3.10.0
+version=3.10.1
 groupId=com.nike.cerberus
 artifactId=cms

src/main/java/com/nike/cerberus/SecureDataAction.java

@@ -21,39 +21,41 @@
 import io.netty.handler.codec.http.HttpMethod;
 
 import java.util.Arrays;
+import java.util.Set;
 
 import static com.nike.cerberus.record.RoleRecord.ROLE_OWNER;
 import static com.nike.cerberus.record.RoleRecord.ROLE_READ;
 import static com.nike.cerberus.record.RoleRecord.ROLE_WRITE;
 import static io.netty.handler.codec.http.HttpMethod.GET;
 import static io.netty.handler.codec.http.HttpMethod.POST;
+import static io.netty.handler.codec.http.HttpMethod.PUT;
 
 public enum SecureDataAction {
 
-    READ(GET, ImmutableSet.of(ROLE_OWNER, ROLE_WRITE, ROLE_READ)),
-    WRITE(POST, ImmutableSet.of(ROLE_OWNER, ROLE_WRITE)),
-    DELETE(HttpMethod.DELETE, ImmutableSet.of(ROLE_OWNER, ROLE_WRITE));
+    READ(ImmutableSet.of(GET), ImmutableSet.of(ROLE_OWNER, ROLE_WRITE, ROLE_READ)),
+    WRITE(ImmutableSet.of(POST, PUT), ImmutableSet.of(ROLE_OWNER, ROLE_WRITE)),
+    DELETE(ImmutableSet.of(HttpMethod.DELETE), ImmutableSet.of(ROLE_OWNER, ROLE_WRITE));
 
-    private final HttpMethod method;
+    private final Set<HttpMethod> methods;
 
     private final ImmutableSet<String> allowedRoles;
 
-    public HttpMethod getMethod() {
-        return method;
+    public Set<HttpMethod> getMethods() {
+        return methods;
     }
 
     public ImmutableSet<String> getAllowedRoles() {
         return allowedRoles;
     }
 
-    SecureDataAction(HttpMethod method, ImmutableSet<String> allowedRoles) {
-        this.method = method;
+    SecureDataAction(Set<HttpMethod> methods, ImmutableSet<String> allowedRoles) {
+        this.methods = methods;
         this.allowedRoles = allowedRoles;
     }
 
     public static SecureDataAction fromMethod(HttpMethod method) {
         SecureDataAction action = Arrays.stream(values())
-                .filter(e -> e.method.equals(method))
+                .filter(e -> e.methods.contains(method))
                 .findFirst()
                 .orElse(null);
 

src/main/java/com/nike/cerberus/endpoints/secret/WriteSecureData.java

@@ -89,7 +89,8 @@ public Matcher requestMatcher() {
                         String.format("%s/**", BASE_PATH),
                         BASE_PATH
                 ),
-                HttpMethod.POST
+                HttpMethod.POST,
+                HttpMethod.PUT
         );
     }
 }

src/test/java/com/nike/cerberus/SecureDataActionTest.java

@@ -16,6 +16,7 @@
 
 package com.nike.cerberus;
 
+import com.google.common.collect.ImmutableSet;
 import io.netty.handler.codec.http.HttpMethod;
 import org.junit.Test;
 
@@ -30,13 +31,14 @@ public class SecureDataActionTest {
     public void test_that_SecureDataAction_fromMethod_returns_proper_actions() {
         assertEquals(READ, SecureDataAction.fromMethod(HttpMethod.GET));
         assertEquals(WRITE, SecureDataAction.fromMethod(HttpMethod.POST));
+        assertEquals(WRITE, SecureDataAction.fromMethod(HttpMethod.PUT));
         assertEquals(DELETE, SecureDataAction.fromMethod(HttpMethod.DELETE));
     }
 
     @Test
     public void test_that_SecureDataAction_returns_expected_method() {
-        assertEquals(HttpMethod.GET, SecureDataAction.READ.getMethod());
-        assertEquals(HttpMethod.POST, SecureDataAction.WRITE.getMethod());
-        assertEquals(HttpMethod.DELETE, SecureDataAction.DELETE.getMethod());
+        assertEquals(ImmutableSet.of(HttpMethod.GET), SecureDataAction.READ.getMethods());
+        assertEquals(ImmutableSet.of(HttpMethod.POST, HttpMethod.PUT), SecureDataAction.WRITE.getMethods());
+        assertEquals(ImmutableSet.of(HttpMethod.DELETE), SecureDataAction.DELETE.getMethods());
     }
 }