Add WHERE support to N3 patches.

RubenVerborgh · RubenVerborgh · commit c463d73cf16a · 2017-07-02T16:10:48.000-04:00
diff --git a/lib/handlers/patch/n3-patcher.js b/lib/handlers/patch/n3-patcher.js
@@ -32,22 +32,22 @@ function parsePatchDocument (targetURI, patchURI, patchText, patchKB) {
 
   // Query the N3 document for insertions and deletions
   .then(patchGraph => queryForFirstResult(patchGraph, `${PREFIXES}
-    SELECT ?insert ?delete WHERE {
+    SELECT ?insert ?delete ?where WHERE {
       ?patch p:patches <${targetURI}>.
       OPTIONAL { ?patch p:insert ?insert. }
       OPTIONAL { ?patch p:delete ?delete. }
+      OPTIONAL { ?patch p:where  ?where.  }
     }`)
     .catch(err => { throw error(400, `No patch for ${targetURI} found.`, err) })
   )
 
   // Return the insertions and deletions as an rdflib patch document
   .then(result => {
-    const inserts = result['?insert']
-    const deletes = result['?delete']
-    if (!inserts && !deletes) {
+    const {'?insert': insert, '?delete': deleted, '?where': where} = result
+    if (!insert && !deleted) {
       throw error(400, 'Patch should at least contain inserts or deletes.')
     }
-    return {insert: inserts, delete: deletes}
+    return {insert, delete: deleted, where}
   })
 }
 
diff --git a/test/integration/patch.js b/test/integration/patch.js
@@ -180,6 +180,158 @@ describe('PATCH', () => {
     })
   })
 
+  describe('inserting (= append with WHERE)', () => {
+    describe('on a resource with read-only access', () => {
+      it('returns a 403', () =>
+        request.patch('/read-only.ttl')
+          .set('Authorization', `Bearer ${userCredentials}`)
+          .set('Content-Type', 'text/n3')
+          .send(n3Patch(`
+            <> p:patches <https://tim.localhost:7777/read-only.ttl>;
+               p:insert { ?a <y> <z>. };
+               p:where  { ?a <b> <c>. }.`
+          ))
+          .expect(403)
+          .then(response => {
+            assert.include(response.text, 'Access denied')
+          })
+      )
+
+      it('does not modify the file', () => {
+        assert.equal(read('patch/read-only.ttl'),
+          '<a> <b> <c>.\n<d> <e> <f>.\n')
+      })
+    })
+
+    describe('on a non-existing file', () => {
+      after(() => rm('patch/new.ttl'))
+
+      it('returns a 409', () =>
+        request.patch('/new.ttl')
+          .set('Authorization', `Bearer ${userCredentials}`)
+          .set('Content-Type', 'text/n3')
+          .send(n3Patch(`
+            <> p:patches <https://tim.localhost:7777/new.ttl>;
+               p:insert { ?a <y> <z>. };
+               p:where  { ?a <b> <c>. }.`
+          ))
+          .expect(409)
+          .then(response => {
+            assert.include(response.text, 'The patch could not be applied')
+          })
+      )
+
+      it('does not create the file', () => {
+        assert.isFalse(fs.existsSync('patch/new.ttl'))
+      })
+    })
+
+    describe.skip('on a resource with append-only access', () => {
+      before(() => backup('patch/append-only.ttl'))
+      after(() => restore('patch/append-only.ttl'))
+
+      it('returns a 403', () =>
+        request.patch('/append-only.ttl')
+          .set('Authorization', `Bearer ${userCredentials}`)
+          .set('Content-Type', 'text/n3')
+          .send(n3Patch(`
+            <> p:patches <https://tim.localhost:7777/append-only.ttl>;
+               p:insert { ?a <y> <z>. };
+               p:where  { ?a <b> <c>. }.`
+          ))
+          .expect(403)
+          .then(response => {
+            assert.include(response.text, 'Access denied')
+          })
+      )
+
+      it('does not modify the file', () => {
+        assert.equal(read('patch/append-only.ttl'),
+          '<a> <b> <c>.\n<d> <e> <f>.\n')
+      })
+    })
+
+    describe.skip('on a resource with write-only access', () => {
+      before(() => backup('patch/write-only.ttl'))
+      after(() => restore('patch/write-only.ttl'))
+
+      // Allowing the delete would either return 200 or 409,
+      // thereby incorrectly giving the user (guess-based) read access;
+      // therefore, we need to return 403.
+      it('returns a 403', () =>
+        request.patch('/write-only.ttl')
+          .set('Authorization', `Bearer ${userCredentials}`)
+          .set('Content-Type', 'text/n3')
+          .send(n3Patch(`
+            <> p:patches <https://tim.localhost:7777/write-only.ttl>;
+               p:insert { ?a <y> <z>. };
+               p:where  { ?a <b> <c>. }.`
+          ))
+          .expect(403)
+          .then(response => {
+            assert.include(response.text, 'Access denied')
+          })
+      )
+
+      it('does not modify the file', () => {
+        assert.equal(read('patch/append-only.ttl'),
+          '<a> <b> <c>.\n<d> <e> <f>.\n')
+      })
+    })
+
+    describe('on a resource with read-write access', () => {
+      describe('with a matching WHERE clause', () => {
+        before(() => backup('patch/read-write.ttl'))
+        after(() => restore('patch/read-write.ttl'))
+
+        it('returns a 200', () =>
+          request.patch('/read-write.ttl')
+            .set('Authorization', `Bearer ${userCredentials}`)
+            .set('Content-Type', 'text/n3')
+            .send(n3Patch(`
+              <> p:patches <https://tim.localhost:7777/read-write.ttl>;
+                 p:where  { ?a <b> <c>. };
+                 p:insert { ?a <y> <z>. }.`
+            ))
+            .expect(200)
+            .then(response => {
+              assert.include(response.text, 'Patch applied successfully')
+            })
+        )
+
+        it('patches the file', () => {
+          assert.equal(read('patch/read-write.ttl'),
+            '@prefix : </read-write.ttl#>.\n@prefix tim: </>.\n\ntim:a tim:b tim:c; tim:y tim:z.\n\ntim:d tim:e tim:f.\n\n')
+        })
+      })
+
+      describe('with a non-matching WHERE clause', () => {
+        before(() => backup('patch/read-write.ttl'))
+        after(() => restore('patch/read-write.ttl'))
+
+        it('returns a 409', () =>
+          request.patch('/read-write.ttl')
+            .set('Authorization', `Bearer ${userCredentials}`)
+            .set('Content-Type', 'text/n3')
+            .send(n3Patch(`
+              <> p:patches <https://tim.localhost:7777/read-write.ttl>;
+                 p:where  { ?a <y> <z>. };
+                 p:insert { ?a <s> <t>. }.`
+            ))
+            .expect(409)
+            .then(response => {
+              assert.include(response.text, 'The patch could not be applied')
+            })
+        )
+
+        it('does not change the file', () => {
+          assert.equal(read('patch/read-write.ttl'),
+            '<a> <b> <c>.\n<d> <e> <f>.\n')
+        })
+      })
+    })
+  })
+
   describe('deleting', () => {
     describe('on a resource with read-only access', () => {
       it('returns a 403', () =>
@@ -323,10 +475,60 @@ describe('PATCH', () => {
             '<a> <b> <c>.\n<d> <e> <f>.\n')
         })
       })
+
+      describe('with a matching WHERE clause', () => {
+        before(() => backup('patch/read-write.ttl'))
+        after(() => restore('patch/read-write.ttl'))
+
+        it('returns a 200', () =>
+          request.patch('/read-write.ttl')
+            .set('Authorization', `Bearer ${userCredentials}`)
+            .set('Content-Type', 'text/n3')
+            .send(n3Patch(`
+              <> p:patches <https://tim.localhost:7777/read-write.ttl>;
+                 p:where  { ?a <b> <c>. };
+                 p:delete { ?a <b> <c>. }.`
+            ))
+            .expect(200)
+            .then(response => {
+              assert.include(response.text, 'Patch applied successfully')
+            })
+        )
+
+        it('patches the file', () => {
+          assert.equal(read('patch/read-write.ttl'),
+            '@prefix : </read-write.ttl#>.\n@prefix tim: </>.\n\ntim:d tim:e tim:f.\n\n')
+        })
+      })
+
+      describe('with a non-matching WHERE clause', () => {
+        before(() => backup('patch/read-write.ttl'))
+        after(() => restore('patch/read-write.ttl'))
+
+        it('returns a 409', () =>
+          request.patch('/read-write.ttl')
+            .set('Authorization', `Bearer ${userCredentials}`)
+            .set('Content-Type', 'text/n3')
+            .send(n3Patch(`
+              <> p:patches <https://tim.localhost:7777/read-write.ttl>;
+                 p:where  { ?a <y> <z>. };
+                 p:delete { ?a <b> <c>. }.`
+            ))
+            .expect(409)
+            .then(response => {
+              assert.include(response.text, 'The patch could not be applied')
+            })
+        )
+
+        it('does not change the file', () => {
+          assert.equal(read('patch/read-write.ttl'),
+            '<a> <b> <c>.\n<d> <e> <f>.\n')
+        })
+      })
     })
   })
 
-  describe('deleting and inserting', () => {
+  describe('deleting and appending/inserting', () => {
     describe('on a resource with read-only access', () => {
       it('returns a 403', () =>
         request.patch('/read-only.ttl')
@@ -426,6 +628,21 @@ describe('PATCH', () => {
     })
 
     describe('on a resource with read-write access', () => {
+      it('executes deletes before inserts', () =>
+        request.patch('/read-write.ttl')
+          .set('Authorization', `Bearer ${userCredentials}`)
+          .set('Content-Type', 'text/n3')
+          .send(n3Patch(`
+            <> p:patches <https://tim.localhost:7777/read-write.ttl>;
+               p:insert { <x> <y> <z>. };
+               p:delete { <x> <y> <z>. }.`
+          ))
+          .expect(409)
+          .then(response => {
+            assert.include(response.text, 'The patch could not be applied')
+          })
+        )
+
       describe('with a patch for existing data', () => {
         before(() => backup('patch/read-write.ttl'))
         after(() => restore('patch/read-write.ttl'))
@@ -436,8 +653,8 @@ describe('PATCH', () => {
             .set('Content-Type', 'text/n3')
             .send(n3Patch(`
               <> p:patches <https://tim.localhost:7777/read-write.ttl>;
-               p:insert { <x> <y> <z>. };
-               p:delete { <a> <b> <c>. }.`
+                 p:insert { <x> <y> <z>. };
+                 p:delete { <a> <b> <c>. }.`
             ))
             .expect(200)
             .then(response => {
@@ -461,8 +678,8 @@ describe('PATCH', () => {
             .set('Content-Type', 'text/n3')
             .send(n3Patch(`
               <> p:patches <https://tim.localhost:7777/read-write.ttl>;
-               p:insert { <x> <y> <z>. };
-               p:delete { <q> <s> <s>. }.`
+                 p:insert { <x> <y> <z>. };
+                 p:delete { <q> <s> <s>. }.`
             ))
             .expect(409)
             .then(response => {
@@ -476,20 +693,57 @@ describe('PATCH', () => {
         })
       })
 
-      it('executes deletes before inserts', () =>
-        request.patch('/read-write.ttl')
-          .set('Authorization', `Bearer ${userCredentials}`)
-          .set('Content-Type', 'text/n3')
-          .send(n3Patch(`
-            <> p:patches <https://tim.localhost:7777/read-write.ttl>;
-             p:insert { <x> <y> <z>. };
-             p:delete { <x> <y> <z>. }.`
-          ))
-          .expect(409)
-          .then(response => {
-            assert.include(response.text, 'The patch could not be applied')
-          })
+      describe('with a matching WHERE clause', () => {
+        before(() => backup('patch/read-write.ttl'))
+        after(() => restore('patch/read-write.ttl'))
+
+        it('returns a 200', () =>
+          request.patch('/read-write.ttl')
+            .set('Authorization', `Bearer ${userCredentials}`)
+            .set('Content-Type', 'text/n3')
+            .send(n3Patch(`
+              <> p:patches <https://tim.localhost:7777/read-write.ttl>;
+                 p:where  { ?a <b> <c>. };
+                 p:insert { ?a <y> <z>. };
+                 p:delete { ?a <b> <c>. }.`
+            ))
+            .expect(200)
+            .then(response => {
+              assert.include(response.text, 'Patch applied successfully')
+            })
         )
+
+        it('patches the file', () => {
+          assert.equal(read('patch/read-write.ttl'),
+            '@prefix : </read-write.ttl#>.\n@prefix tim: </>.\n\ntim:a tim:y tim:z.\n\ntim:d tim:e tim:f.\n\n')
+        })
+      })
+
+      describe('with a non-matching WHERE clause', () => {
+        before(() => backup('patch/read-write.ttl'))
+        after(() => restore('patch/read-write.ttl'))
+
+        it('returns a 409', () =>
+          request.patch('/read-write.ttl')
+            .set('Authorization', `Bearer ${userCredentials}`)
+            .set('Content-Type', 'text/n3')
+            .send(n3Patch(`
+              <> p:patches <https://tim.localhost:7777/read-write.ttl>;
+                 p:where  { ?a <y> <z>. };
+                 p:insert { ?a <y> <z>. };
+                 p:delete { ?a <b> <c>. }.`
+            ))
+            .expect(409)
+            .then(response => {
+              assert.include(response.text, 'The patch could not be applied')
+            })
+        )
+
+        it('does not change the file', () => {
+          assert.equal(read('patch/read-write.ttl'),
+            '<a> <b> <c>.\n<d> <e> <f>.\n')
+        })
+      })
     })
   })
 })
