From 0151aeded599df5bacafff8289542471ff5f4ad2 Mon Sep 17 00:00:00 2001
From: Martin Stockhammer <martin_s@apache.org>
Date: Sun, 24 Feb 2019 21:50:30 +0100
Subject: [PATCH] Adding additional tests

---
 .../archiva-web/archiva-web-common/pom.xml    |   1 +
 .../archiva/upload/UploadArtifactsTest.java   | 217 +++++++++++++++---
 .../src/test/resources/archiva.xml            | 140 +++++++++++
 .../src/test/resources/log4j2-test.xml        |   3 +-
 .../resources/spring-context-test-upload.xml  |  94 ++++++++
 5 files changed, 420 insertions(+), 35 deletions(-)
 create mode 100644 archiva-modules/archiva-web/archiva-web-common/src/test/resources/archiva.xml
 create mode 100644 archiva-modules/archiva-web/archiva-web-common/src/test/resources/spring-context-test-upload.xml

diff --git a/archiva-modules/archiva-web/archiva-web-common/pom.xml b/archiva-modules/archiva-web/archiva-web-common/pom.xml
index beeaa3e6a..5b97fbcd4 100644
--- a/archiva-modules/archiva-web/archiva-web-common/pom.xml
+++ b/archiva-modules/archiva-web/archiva-web-common/pom.xml
@@ -525,6 +525,7 @@
         <configuration>
           <argLine>-Xmx1024m -Xms512m -XX:MaxPermSize=256m ${jacocoagent}</argLine>
           <systemPropertyVariables>
+            <org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH>true</org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH>
             <appserver.base>${project.build.directory}/appserver-base</appserver.base>
             <plexus.home>${project.build.directory}/appserver-base</plexus.home>
             <derby.system.home>${project.build.directory}/appserver-base</derby.system.home>
diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java
index d1fed7a0b..d0f63b1af 100644
--- a/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java
+++ b/archiva-modules/archiva-web/archiva-web-common/src/test/java/org/apache/archiva/upload/UploadArtifactsTest.java
@@ -20,8 +20,11 @@ package org.apache.archiva.upload;
 
 import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
 import org.apache.archiva.admin.model.beans.RemoteRepository;
+import org.apache.archiva.redback.rest.api.model.User;
 import org.apache.archiva.redback.rest.api.services.RoleManagementService;
+import org.apache.archiva.redback.rest.api.services.UserService;
 import org.apache.archiva.redback.rest.services.AbstractRestServicesTest;
+import org.apache.archiva.redback.rest.services.FakeCreateAdminService;
 import org.apache.archiva.remotedownload.AbstractDownloadTest;
 import org.apache.archiva.rest.api.services.ArchivaRestServiceException;
 import org.apache.archiva.security.common.ArchivaRoleConstants;
@@ -29,6 +32,11 @@ import org.apache.archiva.test.utils.ArchivaBlockJUnit4ClassRunner;
 import org.apache.archiva.web.api.FileUploadService;
 import org.apache.archiva.web.api.RuntimeInfoService;
 import org.apache.archiva.web.model.ApplicationRuntimeInfo;
+import org.apache.archiva.web.model.FileMetadata;
+import org.apache.catalina.Context;
+import org.apache.catalina.LifecycleException;
+import org.apache.catalina.deploy.ApplicationParameter;
+import org.apache.catalina.startup.Tomcat;
 import org.apache.commons.io.FileUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.SystemUtils;
@@ -38,6 +46,8 @@ import org.apache.cxf.jaxrs.ext.multipart.Attachment;
 import org.apache.cxf.jaxrs.ext.multipart.AttachmentBuilder;
 import org.apache.cxf.jaxrs.ext.multipart.ContentDisposition;
 import org.apache.cxf.jaxrs.ext.multipart.MultipartBody;
+import org.apache.cxf.message.Message;
+import org.apache.cxf.transport.servlet.CXFServlet;
 import org.apache.maven.wagon.providers.http.HttpWagon;
 import org.apache.maven.wagon.repository.Repository;
 import org.eclipse.jetty.server.Server;
@@ -51,6 +61,8 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.slf4j.bridge.SLF4JBridgeHandler;
+import org.springframework.web.context.ContextLoaderListener;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -75,80 +87,128 @@ import java.util.zip.ZipFile;
 public class UploadArtifactsTest
     extends AbstractRestServicesTest
 {
+    private Tomcat tomcat;
+
     @Override
     @Before
-    public void startServer()
+    public void startServer( )
         throws Exception
     {
-        File appServerBase = new File( System.getProperty( "appserver.base" ) );
-        File confDir = new File(appServerBase, "conf");
-        if (!confDir.exists()) {
-            confDir.mkdir();
+        System.setProperty( "org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH", "true" );
+        System.setProperty("appserver.base", Paths.get("target/appserver-base").toAbsolutePath().toString());
+        Path appServerBase = Paths.get("target/appserver-base");
+        FileUtils.deleteDirectory(appServerBase.toAbsolutePath().toFile());
+        Path confDir = appServerBase.resolve( "conf" );
+        if ( !Files.exists(confDir))
+        {
+            Files.createDirectories(confDir);
         }
-        Path log4jCfg = Paths.get("src/test/resources/log4j2-test.xml");
-        Path log4jCfgDst = confDir.toPath().resolve(log4jCfg.getFileName());
+        Path log4jCfg = Paths.get( "src/test/resources/log4j2-test.xml" );
+        Path log4jCfgDst = confDir.resolve( log4jCfg.getFileName( ) );
+
         Files.copy( log4jCfg, log4jCfgDst, StandardCopyOption.REPLACE_EXISTING );
 
-        File jcrDirectory = new File( appServerBase, "jcr" );
+        Path archivaCfg = Paths.get( "src/test/resources/archiva.xml" );
+        Files.copy( archivaCfg, confDir.resolve( archivaCfg.getFileName( ) ), StandardCopyOption.REPLACE_EXISTING );
+
+        Path jcrDirectory = appServerBase.resolve("jcr" );
 
-        if ( jcrDirectory.exists() )
+        if ( Files.exists(jcrDirectory) )
         {
-            FileUtils.deleteDirectory( jcrDirectory );
+            FileUtils.deleteDirectory( jcrDirectory.toAbsolutePath().toFile() );
         }
         // We have to activate this to verify the bad path traversal protection. We cannot rely on
         // the application server only.
-        System.setProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH","true");
 
-        super.startServer();
+        SLF4JBridgeHandler.removeHandlersForRootLogger();
+        SLF4JBridgeHandler.install();
+        this.tomcat = new Tomcat();
+        this.tomcat.setBaseDir(System.getProperty("java.io.tmpdir"));
+        this.tomcat.setPort(0);
+        this.tomcat.setSilent(false);
+        Context context = this.tomcat.addContext("", System.getProperty("java.io.tmpdir"));
+        ApplicationParameter applicationParameter = new ApplicationParameter();
+        applicationParameter.setName("contextConfigLocation");
+        applicationParameter.setValue(this.getSpringConfigLocation());
+        context.addApplicationParameter(applicationParameter);
+        context.addApplicationListener(ContextLoaderListener.class.getName());
+        Tomcat.addServlet(context, "cxf", new CXFServlet());
+        context.addServletMapping("/" + this.getRestServicesPath() + "/*", "cxf");
+        this.tomcat.start();
+        this.port = this.tomcat.getConnector().getLocalPort();
+        this.log.info("start server on port {}", this.port);
+        UserService userService = this.getUserService();
+        User adminUser = new User();
+        adminUser.setUsername("admin");
+        adminUser.setPassword("rose210208");
+        adminUser.setFullName("the admin user");
+        adminUser.setEmail("toto@toto.fr");
+        userService.createAdminUser(adminUser);
+        FakeCreateAdminService fakeCreateAdminService = this.getFakeCreateAdminService();
+        // super.startServer( );
     }
 
     @After
-    public void stop() {
-        System.clearProperty("org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH" );
+    public void stop( ) {
+        if (this.tomcat != null) {
+            try {
+                this.tomcat.stop();
+            } catch (LifecycleException e) {
+                //
+            }
+        }
+        System.clearProperty( "org.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH" );
     }
 
     @Override
-    protected String getSpringConfigLocation()
+    protected String getSpringConfigLocation( )
     {
-        return "classpath*:META-INF/spring-context.xml,classpath:/spring-context-with-jcr.xml";
+        return "classpath*:META-INF/spring-context.xml,classpath:/spring-context-test-upload.xml";
     }
 
     @Override
-    protected String getRestServicesPath()
+    protected String getRestServicesPath( )
     {
         return "restServices";
     }
 
-    protected String getBaseUrl()
+    protected String getBaseUrl( )
     {
         String baseUrlSysProps = System.getProperty( "archiva.baseRestUrl" );
         return StringUtils.isBlank( baseUrlSysProps ) ? "http://localhost:" + port : baseUrlSysProps;
     }
 
-    private FileUploadService getUploadService()
+    private FileUploadService getUploadService( )
     {
         FileUploadService service =
             JAXRSClientFactory.create( getBaseUrl( ) + "/" + getRestServicesPath( ) + "/archivaUiServices/",
                 FileUploadService.class,
                 Collections.singletonList( new JacksonJaxbJsonProvider( ) ) );
-
+        log.debug( "Service class {}", service.getClass( ).getName( ) );
         WebClient.client( service ).header( "Authorization", authorizationHeader );
         WebClient.client( service ).header( "Referer", "http://localhost:" + port );
 
         WebClient.client( service ).header( "Referer", "http://localhost" );
+        WebClient.getConfig( service ).getRequestContext( ).put( Message.MAINTAIN_SESSION, true );
+        WebClient.getConfig( service).getRequestContext().put(Message.EXCEPTION_MESSAGE_CAUSE_ENABLED, true);
+        WebClient.getConfig( service).getRequestContext().put(Message.FAULT_STACKTRACE_ENABLED, true);
+        WebClient.getConfig( service).getRequestContext().put(Message.PROPOGATE_EXCEPTION, true);
+        WebClient.getConfig( service).getRequestContext().put("org.apache.cxf.transport.no_io_exceptions", true);
+
+        // WebClient.client( service ).
         return service;
     }
 
     @Test
-    public void clearUploadedFiles()
+    public void clearUploadedFiles( )
         throws Exception
     {
         FileUploadService service = getUploadService( );
-        service.clearUploadedFiles();
+        service.clearUploadedFiles( );
     }
 
     @Test
-    public void uploadFile() throws IOException, ArchivaRestServiceException
+    public void uploadFile( ) throws IOException, ArchivaRestServiceException
     {
         FileUploadService service = getUploadService( );
         try
@@ -157,14 +217,40 @@ public class UploadArtifactsTest
             final Attachment fileAttachment = new AttachmentBuilder( ).object( Files.newInputStream( file ) ).contentDisposition( new ContentDisposition( "form-data; filename=\"" + file.getFileName( ).toString( ) + "\"; name=\"files[]\"" ) ).build( );
             MultipartBody body = new MultipartBody( fileAttachment );
             service.post( body );
-        } finally
+        }
+        finally
+        {
+            service.clearUploadedFiles( );
+        }
+    }
+
+    @Test
+    public void failUploadFileWithBadFileName( ) throws IOException, ArchivaRestServiceException
+    {
+        FileUploadService service = getUploadService( );
+        try
+        {
+            Path file = Paths.get( "src/test/repositories/snapshot-repo/org/apache/archiva/archiva-model/1.4-M4-SNAPSHOT/archiva-model-1.4-M4-20130425.081822-1.jar" );
+            final Attachment fileAttachment = new AttachmentBuilder( ).object( Files.newInputStream( file ) ).contentDisposition( new ContentDisposition( "form-data; filename=\"/../TestFile.testext\"; name=\"files[]\"" ) ).build( );
+            MultipartBody body = new MultipartBody( fileAttachment );
+            try
+            {
+                service.post( body );
+                fail( "FileNames with path contents should not be allowed." );
+            }
+            catch ( ArchivaRestServiceException e )
+            {
+                // OK
+            }
+        }
+        finally
         {
             service.clearUploadedFiles( );
         }
     }
 
     @Test
-    public void uploadAndDeleteFile() throws IOException, ArchivaRestServiceException
+    public void uploadAndDeleteFile( ) throws IOException, ArchivaRestServiceException
     {
         FileUploadService service = getUploadService( );
         try
@@ -174,14 +260,15 @@ public class UploadArtifactsTest
             MultipartBody body = new MultipartBody( fileAttachment );
             service.post( body );
             service.deleteFile( file.getFileName( ).toString( ) );
-        } finally
+        }
+        finally
         {
-            service.clearUploadedFiles();
+            service.clearUploadedFiles( );
         }
     }
 
     @Test
-    public void uploadAndDeleteWrongFile() throws IOException, ArchivaRestServiceException
+    public void failUploadAndDeleteWrongFile( ) throws IOException, ArchivaRestServiceException
     {
         FileUploadService service = getUploadService( );
         try
@@ -191,13 +278,15 @@ public class UploadArtifactsTest
             MultipartBody body = new MultipartBody( fileAttachment );
             service.post( body );
             assertFalse( service.deleteFile( "file123" + file.getFileName( ).toString( ) ) );
-        } finally {
-            service.clearUploadedFiles();
+        }
+        finally
+        {
+            service.clearUploadedFiles( );
         }
     }
 
     @Test
-    public void uploadAndDeleteFileInOtherDir() throws IOException, ArchivaRestServiceException
+    public void failUploadAndDeleteFileInOtherDir( ) throws IOException, ArchivaRestServiceException
     {
         Path testFile = null;
         try
@@ -205,7 +294,7 @@ public class UploadArtifactsTest
             FileUploadService service = getUploadService( );
             Path file = Paths.get( "src/test/repositories/snapshot-repo/org/apache/archiva/archiva-model/1.4-M4-SNAPSHOT/archiva-model-1.4-M4-20130425.081822-1.jar" );
             Path targetDir = Paths.get( "target/testDelete" ).toAbsolutePath( );
-            if ( !Files.exists( targetDir ) ) Files.createDirectory( targetDir );
+            if ( !Files.exists( targetDir ) ) Files.createDirectories( targetDir );
             Path tempDir = SystemUtils.getJavaIoTmpDir( ).toPath( );
             testFile = Files.createTempFile( targetDir, "TestFile", ".txt" );
             log.debug( "Test file {}", testFile.toAbsolutePath( ) );
@@ -226,11 +315,71 @@ public class UploadArtifactsTest
                 // Expected exception
             }
             assertTrue( "File in another directory may not be deleted", Files.exists( testFile ) );
-        } finally
+        }
+        finally
         {
-            if (testFile!=null) {
+            if ( testFile != null )
+            {
                 Files.deleteIfExists( testFile );
             }
         }
     }
+
+    @Test
+    public void failSaveFileWithBadParams( ) throws IOException, ArchivaRestServiceException
+    {
+        FileUploadService service = getUploadService( );
+        Path targetFile = Paths.get( "target/test/test-testSave.4" );
+        Path targetPom = Paths.get( "target/test/test-testSave.pom" );
+        try
+        {
+            Path file = Paths.get( "src/test/repositories/snapshot-repo/org/apache/archiva/archiva-model/1.4-M4-SNAPSHOT/archiva-model-1.4-M4-20130425.081822-1.jar" );
+
+            Path targetDir = Paths.get( "target/appserver-base/test/testSave" ).toAbsolutePath( );
+            Path repoDir = Paths.get("target/appserver-base/repositories/internal/org");
+            log.info("Repo dir {}", repoDir.toAbsolutePath());
+            if (!Files.exists(repoDir)) Files.createDirectories(repoDir);
+            assertTrue(Files.exists(repoDir));
+            if ( !Files.exists( targetDir ) ) Files.createDirectories( targetDir );
+            Files.deleteIfExists( targetFile );
+            Files.deleteIfExists( targetPom );
+            Attachment fileAttachment = new AttachmentBuilder( ).object( Files.newInputStream( file ) ).contentDisposition( new ContentDisposition( "form-data; filename=\"archiva-model-1.2.jar\"; name=\"files[]\"" ) ).build( );
+            MultipartBody body = new MultipartBody( fileAttachment );
+            FileMetadata meta = service.post( body );
+            log.debug( "Metadata {}", meta.toString( ) );
+            assertTrue( service.save( "internal", "org.archiva", "archiva-model", "1.2", "jar", true ) );
+
+            fileAttachment = new AttachmentBuilder( ).object( Files.newInputStream( file ) ).contentDisposition( new ContentDisposition( "form-data; filename=\"/../TestFile.FileExt\"; name=\"files[]\"" ) ).build( );
+            body = new MultipartBody( fileAttachment );
+            meta = service.post( body );
+            log.debug( "Metadata {}", meta.toString( ) );
+            try {
+                service.save("internal", "org", URLEncoder.encode("../../../test", "UTF-8"), URLEncoder.encode("testSave", "UTF-8"), "4", true);
+                fail("Error expected, if the content contains bad characters.");
+            } catch (ArchivaRestServiceException e) {
+                // OK
+            }
+            assertFalse( Files.exists( Paths.get( "target/test-testSave.4" ) ) );
+        }
+        finally
+        {
+            // service.clearUploadedFiles( );
+            Files.deleteIfExists( targetFile );
+            Files.deleteIfExists( targetPom );
+        }
+    }
+
+    @Test
+    public void saveFile( ) throws IOException, ArchivaRestServiceException
+    {
+
+        Path path = Paths.get("target/appserver-base/repositories/internal/data/repositories/internal/org/apache/archiva/archiva-model/1.2/archiva-model-1.2.jar");
+        Files.deleteIfExists( path );
+        FileUploadService service = getUploadService( );
+        Path file = Paths.get( "src/test/repositories/snapshot-repo/org/apache/archiva/archiva-model/1.4-M4-SNAPSHOT/archiva-model-1.4-M4-20130425.081822-1.jar" );
+        final Attachment fileAttachment = new AttachmentBuilder( ).object( Files.newInputStream( file ) ).contentDisposition( new ContentDisposition( "form-data; filename=\"archiva-model.jar\"; name=\"files[]\"" ) ).build( );
+        MultipartBody body = new MultipartBody( fileAttachment );
+        service.post( body );
+        service.save( "internal", "org.apache.archiva", "archiva-model", "1.2", "jar", true );
+    }
 }
diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/resources/archiva.xml b/archiva-modules/archiva-web/archiva-web-common/src/test/resources/archiva.xml
new file mode 100644
index 000000000..fddd0af97
--- /dev/null
+++ b/archiva-modules/archiva-web/archiva-web-common/src/test/resources/archiva.xml
@@ -0,0 +1,140 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements.  See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership.  The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License.  You may obtain a copy of the License at
+  ~
+  ~   http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied.  See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  -->
+
+<configuration>
+
+  <version>2</version>
+
+  <managedRepositories>
+    <managedRepository>
+      <id>internal</id>
+      <name>Archiva Managed Internal Repository</name>
+      <location>${appserver.base}/repositories/internal</location>
+      <indexDir>${appserver.base}/repositories/internal/.indexer</indexDir>
+      <layout>default</layout>
+      <releases>true</releases>
+      <snapshots>false</snapshots>
+      <blockRedeployments>false</blockRedeployments>
+      <scanned>true</scanned>
+      <refreshCronExpression>0 0 * * * ?</refreshCronExpression>
+      <daysOlder>30</daysOlder>
+    </managedRepository>
+    <managedRepository>
+      <id>snapshots</id>
+      <name>Archiva Managed Snapshot Repository</name>
+      <location>${appserver.base}/repositories/snapshots</location>
+      <indexDir>${appserver.base}/repositories/snapshots/.indexer</indexDir>
+      <layout>default</layout>
+      <releases>false</releases>
+      <snapshots>true</snapshots>
+      <blockRedeployments>false</blockRedeployments>
+      <scanned>true</scanned>
+      <refreshCronExpression>0 0\,30 * * * ?</refreshCronExpression>
+      <daysOlder>30</daysOlder>
+    </managedRepository>
+  </managedRepositories>
+
+  <repositoryScanning>
+    <fileTypes>
+      <fileType>
+        <id>artifacts</id>
+        <patterns>
+          <pattern>**/*.pom</pattern>
+          <pattern>**/*.jar</pattern>
+          <pattern>**/*.ear</pattern>
+          <pattern>**/*.war</pattern>
+          <pattern>**/*.car</pattern>
+          <pattern>**/*.sar</pattern>
+          <pattern>**/*.mar</pattern>
+          <pattern>**/*.rar</pattern>
+          <pattern>**/*.dtd</pattern>
+          <pattern>**/*.tld</pattern>
+          <pattern>**/*.tar.gz</pattern>
+          <pattern>**/*.tar.bz2</pattern>
+          <pattern>**/*.zip</pattern>
+        </patterns>
+      </fileType>
+      <fileType>
+        <id>indexable-content</id>
+        <patterns>
+          <pattern>**/*.txt</pattern>
+          <pattern>**/*.TXT</pattern>
+          <pattern>**/*.block</pattern>
+          <pattern>**/*.config</pattern>
+          <pattern>**/*.pom</pattern>
+          <pattern>**/*.xml</pattern>
+          <pattern>**/*.xsd</pattern>
+          <pattern>**/*.dtd</pattern>
+          <pattern>**/*.tld</pattern>
+        </patterns>
+      </fileType>
+      <fileType>
+        <id>auto-remove</id>
+        <patterns>
+          <pattern>**/*.bak</pattern>
+          <pattern>**/*~</pattern>
+          <pattern>**/*-</pattern>
+        </patterns>
+      </fileType>
+      <fileType>
+        <id>ignored</id>
+        <patterns>
+          <pattern>**/.htaccess</pattern>
+          <pattern>**/KEYS</pattern>
+          <pattern>**/*.rb</pattern>
+          <pattern>**/*.sh</pattern>
+          <pattern>**/.svn/**</pattern>
+          <pattern>**/.DAV/**</pattern>
+        </patterns>
+      </fileType>
+    </fileTypes>
+    <knownContentConsumers>
+      <knownContentConsumer>update-db-artifact</knownContentConsumer>
+      <knownContentConsumer>create-missing-checksums</knownContentConsumer>
+      <knownContentConsumer>update-db-repository-metadata</knownContentConsumer>
+      <knownContentConsumer>validate-checksum</knownContentConsumer>
+      <knownContentConsumer>validate-signature</knownContentConsumer>
+      <knownContentConsumer>index-content</knownContentConsumer>
+      <knownContentConsumer>auto-remove</knownContentConsumer>
+      <knownContentConsumer>auto-rename</knownContentConsumer>
+    </knownContentConsumers>
+    <invalidContentConsumers>
+      <invalidContentConsumer>update-db-bad-content</invalidContentConsumer>
+    </invalidContentConsumers>
+  </repositoryScanning>
+
+  <databaseScanning>
+    <cronExpression>0 0 * * * ?</cronExpression>
+    <unprocessedConsumers>
+      <unprocessedConsumer>index-artifact</unprocessedConsumer>
+      <unprocessedConsumer>update-db-project</unprocessedConsumer>
+      <unprocessedConsumer>validate-repository-metadata</unprocessedConsumer>
+      <unprocessedConsumer>index-archive-toc</unprocessedConsumer>
+      <unprocessedConsumer>update-db-bytecode-stats</unprocessedConsumer>
+      <unprocessedConsumer>index-public-methods</unprocessedConsumer>
+    </unprocessedConsumers>
+    <cleanupConsumers>
+      <cleanupConsumer>not-present-remove-db-artifact</cleanupConsumer>
+      <cleanupConsumer>not-present-remove-db-project</cleanupConsumer>
+      <cleanupConsumer>not-present-remove-indexed</cleanupConsumer>
+    </cleanupConsumers>
+  </databaseScanning>
+
+</configuration>
diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/resources/log4j2-test.xml b/archiva-modules/archiva-web/archiva-web-common/src/test/resources/log4j2-test.xml
index b80c0b0fa..3aa00098f 100644
--- a/archiva-modules/archiva-web/archiva-web-common/src/test/resources/log4j2-test.xml
+++ b/archiva-modules/archiva-web/archiva-web-common/src/test/resources/log4j2-test.xml
@@ -36,7 +36,8 @@
     <logger name="org.apache.archiva.scheduler.indexing" level="debug"/>
 
     <logger name="org.apache.archiva.remotedownload" level="debug"/>
-
+    <logger name="org.apache.archiva.upload" level="debug" />
+    <logger name="org.apache.archiva.web.api" level="debug" />
     <root level="info">
       <appender-ref ref="console"/>
     </root>
diff --git a/archiva-modules/archiva-web/archiva-web-common/src/test/resources/spring-context-test-upload.xml b/archiva-modules/archiva-web/archiva-web-common/src/test/resources/spring-context-test-upload.xml
new file mode 100644
index 000000000..0e2e156e7
--- /dev/null
+++ b/archiva-modules/archiva-web/archiva-web-common/src/test/resources/spring-context-test-upload.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0"?>
+
+<!--
+  ~ Licensed to the Apache Software Foundation (ASF) under one
+  ~ or more contributor license agreements.  See the NOTICE file
+  ~ distributed with this work for additional information
+  ~ regarding copyright ownership.  The ASF licenses this file
+  ~ to you under the Apache License, Version 2.0 (the
+  ~ "License"); you may not use this file except in compliance
+  ~ with the License.  You may obtain a copy of the License at
+  ~
+  ~   http://www.apache.org/licenses/LICENSE-2.0
+  ~
+  ~ Unless required by applicable law or agreed to in writing,
+  ~ software distributed under the License is distributed on an
+  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+  ~ KIND, either express or implied.  See the License for the
+  ~ specific language governing permissions and limitations
+  ~ under the License.
+  -->
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:context="http://www.springframework.org/schema/context"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+           http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
+           http://www.springframework.org/schema/context
+           http://www.springframework.org/schema/context/spring-context-3.0.xsd"
+       default-lazy-init="true">
+
+  <context:annotation-config/>
+  <context:component-scan
+      base-package="org.apache.archiva.rest.services.utils"/>
+
+  <bean name="scheduler" class="org.apache.archiva.redback.components.scheduler.DefaultScheduler">
+    <property name="properties">
+      <props>
+        <prop key="org.quartz.scheduler.instanceName">scheduler1</prop>
+        <prop key="org.quartz.threadPool.class">org.quartz.simpl.SimpleThreadPool</prop>
+        <prop key="org.quartz.threadPool.threadCount">2</prop>
+        <prop key="org.quartz.threadPool.threadPriority">4</prop>
+        <prop key="org.quartz.jobStore.class">org.quartz.simpl.RAMJobStore</prop>
+      </props>
+    </property>
+  </bean>
+
+  <!-- wire up more basic configuration so it doesn't overwrite any config files -->
+  <bean name="archivaConfiguration#default" class="org.apache.archiva.configuration.DefaultArchivaConfiguration">
+    <property name="registry" ref="registry#default"/>
+  </bean>
+
+  <alias name="archivaConfiguration#default" alias="archivaConfiguration"/>
+
+  <bean name="registry#default" class="org.apache.archiva.redback.components.registry.commons.CommonsConfigurationRegistry">
+    <property name="properties">
+      <value>
+        <![CDATA[
+        <configuration>
+          <system/>
+          <xml fileName="${appserver.base}/conf/archiva.xml" config-forceCreate="true"
+               config-optional="true"
+               config-name="org.apache.archiva.base" config-at="org.apache.archiva"/>
+        </configuration>
+        ]]>
+      </value>
+    </property>
+  </bean>
+
+
+  <bean name="TestRepositorySessionFactoryBean" class="org.apache.archiva.TestRepositorySessionFactoryBean">
+    <constructor-arg>
+      <value>jcr</value>
+    </constructor-arg>
+  </bean>
+
+  <bean name="taskQueueExecutor#repository-scanning"
+        class="org.apache.archiva.redback.components.taskqueue.execution.ThreadedTaskQueueExecutor" lazy-init="false">
+    <property name="name" value="repository-scanning"/>
+    <property name="executor" ref="taskExecutor#repository-scanning"/>
+    <property name="queue" ref="taskQueue#repository-scanning"/>
+  </bean>
+
+  <bean id="repository" class="org.apache.jackrabbit.core.RepositoryImpl" destroy-method="shutdown">
+    <constructor-arg ref="config"/>
+  </bean>
+  <bean id="config" class="org.apache.jackrabbit.core.config.RepositoryConfig" factory-method="create">
+    <constructor-arg value="${basedir}/src/test/repository.xml"/>
+    <constructor-arg value="${appserver.base}/jcr"/>
+  </bean>
+
+  <alias name="repositorySessionFactory#jcr" alias="repositorySessionFactory"/>
+  <alias name="userConfiguration#archiva" alias="userConfiguration#default"/>
+  <alias name="authorizer#rbac" alias="authorizer#default"/>
+  <alias name="userManager#configurable" alias="userManager#default"/>
+</beans>
\ No newline at end of file
-- 
2.39.5