TestCases
This commit is contained in:
ranjani2412
@@ -71,6 +71,14 @@
|
||||
<artifactId>problem-spring-web</artifactId>
|
||||
<version>0.27.0</version>
|
||||
</dependency>
|
||||
<!-- https://mvnrepository.com/artifact/org.hamcrest/hamcrest-library -->
|
||||
<dependency>
|
||||
<groupId>org.hamcrest</groupId>
|
||||
<artifactId>hamcrest-library</artifactId>
|
||||
<version>2.2</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@@ -9,6 +9,7 @@ import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
server:
|
||||
port: 8083
|
||||
|
||||
#spring:
|
||||
spring:
|
||||
#security:
|
||||
#user:
|
||||
#name: admin
|
||||
|
||||
@@ -0,0 +1,119 @@
|
||||
package com.reflectoring.security.web;
|
||||
|
||||
import com.reflectoring.security.config.BasicAuthProperties;
|
||||
import org.junit.jupiter.api.Test;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
||||
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.security.test.context.support.WithMockUser;
|
||||
import org.springframework.security.test.context.support.WithUserDetails;
|
||||
import org.springframework.test.context.ActiveProfiles;
|
||||
import org.springframework.test.context.jdbc.Sql;
|
||||
import org.springframework.test.context.jdbc.SqlGroup;
|
||||
import org.springframework.test.web.servlet.MockMvc;
|
||||
|
||||
import static org.hamcrest.Matchers.hasSize;
|
||||
import static org.springframework.test.context.jdbc.Sql.ExecutionPhase.BEFORE_TEST_METHOD;
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
|
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
|
||||
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
|
||||
|
||||
@SpringBootTest
|
||||
@AutoConfigureMockMvc
|
||||
@SqlGroup({
|
||||
@Sql(value = "classpath:init/first.sql", executionPhase = BEFORE_TEST_METHOD),
|
||||
@Sql(value = "classpath:init/second.sql", executionPhase = BEFORE_TEST_METHOD)
|
||||
})
|
||||
public class BookControllerTest {
|
||||
|
||||
@Autowired
|
||||
private MockMvc mockMvc;
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "bookadmin", roles = {"USER"})
|
||||
void successIfSecurityApplies() throws Exception {
|
||||
mockMvc.perform(get("/library/books")
|
||||
.param("genre", "Fiction")
|
||||
.param("user", "bookadmin")
|
||||
.header("X-Application-Name", "Library"))
|
||||
.andDo(print())
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$", hasSize(3)))
|
||||
;
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "bookadmin", roles = {"ADMIN"})
|
||||
void failsForWrongAuthorization() throws Exception {
|
||||
mockMvc.perform(get("/library/books")
|
||||
.param("genre", "Fiction")
|
||||
.param("user", "bookadmin")
|
||||
.header("X-Application-Name", "Library"))
|
||||
.andDo(print())
|
||||
.andExpect(status().isForbidden())
|
||||
;
|
||||
}
|
||||
|
||||
@Test
|
||||
void failsIfSecurityApplies() throws Exception {
|
||||
mockMvc.perform(get("/library/books")
|
||||
.param("genre", "Fiction")
|
||||
.param("user", "bookadmin")
|
||||
.header("X-Application-Name", "Library"))
|
||||
.andDo(print())
|
||||
.andExpect(status().isUnauthorized())
|
||||
;
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
|
||||
void testBookWithConfiguredUserDetails() throws Exception {
|
||||
mockMvc.perform(get("/library/books")
|
||||
.param("genre", "Fantasy")
|
||||
.param("user", "bookadmin")
|
||||
.header("X-Application-Name", "Library"))
|
||||
.andDo(print())
|
||||
.andExpect(status().isOk())
|
||||
.andExpect(jsonPath("$", hasSize(1)))
|
||||
;
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
|
||||
void failsIfMandatoryHeaderIsMissing() throws Exception {
|
||||
mockMvc.perform(get("/library/books")
|
||||
.param("genre", "Fantasy")
|
||||
.param("user", "bookadmin"))
|
||||
//.header("X-Application-Name", "Library"))
|
||||
.andDo(print())
|
||||
.andExpect(status().isForbidden())
|
||||
;
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
|
||||
void failsIfPreAuthorizeConditionFails() throws Exception {
|
||||
mockMvc.perform(get("/library/books")
|
||||
.param("genre", "Fantasy")
|
||||
.param("user", "bookuser")
|
||||
.header("X-Application-Name", "Library"))
|
||||
.andDo(print())
|
||||
.andExpect(status().isForbidden())
|
||||
;
|
||||
}
|
||||
|
||||
@Test
|
||||
//@WithUserDetails(value="bookadmin", userDetailsServiceBeanName="userDetailsService")
|
||||
void testBookWithWrongCredentialsUserDetails() throws Exception {
|
||||
mockMvc.perform(get("/library/books")
|
||||
.param("genre", "Fantasy")
|
||||
.param("user", "bookadmin")
|
||||
.header("X-Application-Name", "Library")
|
||||
.with(httpBasic("bookadmin", "password")))
|
||||
.andDo(print())
|
||||
.andExpect(status().isUnauthorized());
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,21 @@
|
||||
spring:
|
||||
datasource:
|
||||
driver-class-name: org.hsqldb.jdbc.JDBCDriver
|
||||
url: jdbc:hsqldb:mem:testdb;DB_CLOSE_DELAY=-1;DB_CLOSE_ON_EXIT=FALSE
|
||||
username: sa
|
||||
password:
|
||||
jpa:
|
||||
hibernate:
|
||||
ddl-auto: create-drop
|
||||
defer-datasource-initialization: true
|
||||
show-sql: true
|
||||
properties:
|
||||
hibernate:
|
||||
dialect: H2Dialect
|
||||
format_sql: true
|
||||
|
||||
logging:
|
||||
level:
|
||||
org:
|
||||
hibernate:
|
||||
sql: info
|
||||
@@ -0,0 +1,3 @@
|
||||
TRUNCATE TABLE AUTHOR_BOOK RESTART IDENTITY;
|
||||
TRUNCATE TABLE BOOK RESTART IDENTITY;
|
||||
TRUNCATE TABLE AUTHOR RESTART IDENTITY;
|
||||
@@ -0,0 +1,5 @@
|
||||
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (1, 'The Kite Runner', 'Riverhead books', '2003', 'Fiction');
|
||||
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (2, 'Exiles', 'Pan Macmillan', '2022', 'Fiction');
|
||||
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (3, 'A Game of Thrones', 'Bantam Spectra', '1996', 'Fiction');
|
||||
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (4, 'American Gods', 'Headline', '2001', 'Fantasy');
|
||||
INSERT INTO BOOK (id, name, publisher, publication_year, genre) VALUES (5, 'The Passenger', 'Knopf', '2022', 'Mystery');
|
||||
Reference in New Issue
Block a user