From b531d2ac0e0da4d49bbe44c7295a2edfd4c5c478 Mon Sep 17 00:00:00 2001
From: Daeil Choi <daeil.choi@classact.co.kr>
Date: Fri, 3 Feb 2023 16:27:30 +0900
Subject: [PATCH] =?UTF-8?q?Add=20Noticecontroller=20Security=20test=20?=
 =?UTF-8?q?=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../SampleControllerTest.java                 |   2 +-
 .../notice/NoticeControllerTest.java          | 108 ++++++++++++++++++
 2 files changed, 109 insertions(+), 1 deletion(-)
 create mode 100644 src/test/java/com/example/springsecuritystudy/notice/NoticeControllerTest.java

diff --git a/src/test/java/com/example/springsecuritystudy/SampleControllerTest.java b/src/test/java/com/example/springsecuritystudy/SampleControllerTest.java
index 0dba731..0d0b46c 100644
--- a/src/test/java/com/example/springsecuritystudy/SampleControllerTest.java
+++ b/src/test/java/com/example/springsecuritystudy/SampleControllerTest.java
@@ -59,7 +59,7 @@ class SampleControllerTest {
 	@WithMockUser
 	void access_user() throws Exception {
 		mvc.perform(
-				get("/user")
+				get("/post")
 		).andExpect(status().isOk());
 	}
 
diff --git a/src/test/java/com/example/springsecuritystudy/notice/NoticeControllerTest.java b/src/test/java/com/example/springsecuritystudy/notice/NoticeControllerTest.java
new file mode 100644
index 0000000..60ad050
--- /dev/null
+++ b/src/test/java/com/example/springsecuritystudy/notice/NoticeControllerTest.java
@@ -0,0 +1,108 @@
+package com.example.springsecuritystudy.notice;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.context.WebApplicationContext;
+
+import com.example.springsecuritystudy.WithMockAdmin;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.*;
+import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
+
+@SpringBootTest
+@Transactional
+class NoticeControllerTest {
+
+	@Autowired
+	private NoticeRepository noticeRepository;
+	@Autowired
+	private ObjectMapper objectMapper;
+	private MockMvc mvc;
+
+	@BeforeEach
+	public void setUp(@Autowired WebApplicationContext applicationContext) {
+		this.mvc = MockMvcBuilders.webAppContextSetup(applicationContext)
+				.apply(springSecurity())
+				.alwaysDo(print())
+				.build();
+	}
+
+	@Test
+	void getNotice_인증없음() throws Exception {
+		mvc.perform(get("/notice"))
+				.andExpect(status().is3xxRedirection());
+	}
+
+	@Test
+	@WithMockUser
+	void getNotice_인증있음() throws Exception {
+		mvc.perform(get("/notice"))
+				.andExpect(status().isOk());
+	}
+
+	@Test
+	void postNotice_인증없음() throws Exception {
+		String content = objectMapper.writeValueAsString(new Notice("제목", "내용"));
+		mvc.perform(post("/notice")
+						.content(content))
+				.andExpect(status().is4xxClientError());
+	}
+
+	@Test
+	@WithMockUser(roles = "USER", username = "user", password = "user")
+	void postNotice_유저인증있음() throws Exception {
+		String content = objectMapper.writeValueAsString(new Notice("제목", "내용"));
+		mvc.perform(post("/notice")
+						.with(csrf())
+						.content(content))
+				.andExpect(status().is4xxClientError());
+	}
+
+	@Test
+	@WithMockAdmin
+	void postNotice_어드민인증있음() throws Exception {
+		String content = objectMapper.writeValueAsString(new Notice("제목", "내용"));
+		mvc.perform(post("/notice")
+						.with(csrf())
+						.content(content))
+				.andExpect(redirectedUrl("notice"))
+				.andExpect(status().is3xxRedirection());
+	}
+
+	@Test
+	void deleteNotice_인증없음() throws Exception {
+		Notice notice = noticeRepository.save(new Notice("제목", "내용"));
+		mvc.perform(delete("/notice/" + notice.getId()))
+				.andExpect(status().is4xxClientError());
+	}
+
+	@Test
+	@WithMockUser(roles = "USER", username = "user", password = "user")
+	void deleteNotice_유저인증있음() throws Exception {
+		Notice notice = noticeRepository.save(new Notice("제목", "내용"));
+		mvc.perform(delete("/notice/" + notice.getId())
+						.with(csrf()))
+				.andExpect(status().is4xxClientError());
+	}
+
+	@Test
+	@WithMockAdmin
+	void deleteNotice_어드민인증있음() throws Exception {
+		Notice notice = noticeRepository.save(new Notice("제목", "내용"));
+		mvc.perform(delete("/notice/" + notice.getId())
+						.with(csrf()))
+				.andExpect(status().is4xxClientError());
+	}
+
+
+}