diff --git a/src/test/java/com/example/springsecuritystudy/note/NoteControllerTest.java b/src/test/java/com/example/springsecuritystudy/note/NoteControllerTest.java new file mode 100644 index 0000000..c7fe089 --- /dev/null +++ b/src/test/java/com/example/springsecuritystudy/note/NoteControllerTest.java @@ -0,0 +1,120 @@ +package com.example.springsecuritystudy.note; + +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.MediaType; +import org.springframework.test.web.servlet.MockMvc; +import org.springframework.test.web.servlet.setup.MockMvcBuilders; +import org.springframework.web.context.WebApplicationContext; + +import com.example.springsecuritystudy.helper.TestConfig; +import com.example.springsecuritystudy.user.User; +import com.example.springsecuritystudy.user.UserRepository; + +import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*; +import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*; +import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*; +import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.*; +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; + +class NoteControllerTest extends TestConfig { + + @Autowired + private UserRepository userRepository; + @Autowired + private NoteRepository noteRepository; + private MockMvc mvc; + private User user; + private User admin; + + @BeforeEach + public void setUp(@Autowired WebApplicationContext applicationContext) { + this.mvc = MockMvcBuilders.webAppContextSetup(applicationContext) + .apply(springSecurity()) + .alwaysDo(print()) + .build(); + User user2 = User.builder() + .username("user") + .password("user") + .authority("ROLE_USER") + .build(); + User admin2 = User.builder() + .username("admin") + .password("admin") + .authority("ROLE_ADMIN") + .build(); + this.user = userRepository.save(user2); + this.admin = userRepository.save(admin2); + } + + @Test + void getNote_인증없음() throws Exception { + mvc.perform( + get("/note") + ).andExpect(status().is3xxRedirection()); + } + + @Test + void getNote_인증있음() throws Exception { + mvc.perform( + get("/note").with(user(user)) + ).andExpect(status().isOk()); + } + + @Test + void postNote_인증없음() throws Exception { + mvc.perform( + post("/note").with(csrf()) + .contentType(MediaType.APPLICATION_FORM_URLENCODED) + .param("title", "제목") + .param("content", "내용") + ).andExpect(status().is3xxRedirection()); + } + + @Test + void postNote_어드민인증있음() throws Exception { + mvc.perform( + post("/note").with(csrf()).with(user(admin)) + .contentType(MediaType.APPLICATION_FORM_URLENCODED) + .param("title", "제목") + .param("content", "내용") + ).andExpect(status().isForbidden()); + } + + @Test + void postNote_유저인증있음() throws Exception { + mvc.perform( + post("/note").with(csrf()).with(user(user)) + .contentType(MediaType.APPLICATION_FORM_URLENCODED) + .param("title", "제목") + .param("content", "내용") + ).andExpect(redirectedUrl("note")) + .andExpect(status().is3xxRedirection()); + } + + @Test + void deleteNote_인증없음() throws Exception { + Note note = noteRepository.save(new Note("제목", "내용", user)); + mvc.perform( + delete("/note?id=" + note.getId()).with(csrf()) + ).andExpect(status().is3xxRedirection()); + } + + @Test + void deleteNote_인증있음() throws Exception { + Note note = noteRepository.save(new Note("제목", "내용", user)); + mvc.perform( + delete("/note?id=" + note.getId()).with(csrf()).with(user(user)) + ).andExpect(redirectedUrl("note")).andExpect(status().is3xxRedirection()); + } + + @Test + void deleteNote_어드민계정있음() throws Exception { + Note note = noteRepository.save(new Note("제목", "내용", user)); + mvc.perform( + delete("/note?id=" + note.getId()).with(csrf()).with(user(admin)) + ).andExpect(status().is4xxClientError()); + } + +}