[tlinh2110-BAEL1382] Add Security in SI (#3593)

* [tlinh2110-BAEL1382] Add Security in SI

* [tlinh2110-BAEL1382] Upgrade to Spring 5 & add Logger

spring-integration/src/test/java/com/baeldung/si/TestSpringIntegrationSecurity.java

@@ -0,0 +1,81 @@
+package com.baeldung.si;
+
+import static org.junit.Assert.*;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.messaging.SubscribableChannel;
+import org.springframework.messaging.support.GenericMessage;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.baeldung.si.security.MessageConsumer;
+import com.baeldung.si.security.SecuredDirectChannel;
+import com.baeldung.si.security.SecurityConfig;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(classes = { SecurityConfig.class, SecuredDirectChannel.class, MessageConsumer.class })
+public class TestSpringIntegrationSecurity {
+
+    @Autowired
+    SubscribableChannel startDirectChannel;
+
+    @Autowired
+    MessageConsumer messageConsumer;
+
+    final String DIRECT_CHANNEL_MESSAGE = "Direct channel message";
+
+    @Test(expected = AuthenticationCredentialsNotFoundException.class)
+    public void givenNoUser_whenSendToDirectChannel_thenCredentialNotFound() {
+        startDirectChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(username = "jane", roles = { "LOGGER" })
+    public void givenRoleLogger_whenSendMessageToDirectChannel_thenAccessDenied() throws Throwable {
+        try {
+            startDirectChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+        } catch (Exception e) {
+            throw e.getCause();
+        }
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(username = "jane")
+    public void givenJane_whenSendMessageToDirectChannel_thenAccessDenied() throws Throwable {
+        try {
+            startDirectChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+        } catch (Exception e) {
+            throw e.getCause();
+        }
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(roles = { "VIEWER" })
+    public void givenRoleViewer_whenSendToDirectChannel_thenAccessDenied() throws Throwable {
+        try {
+            startDirectChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+        } catch (Exception e) {
+            throw e.getCause();
+        }
+    }
+
+    @Test
+    @WithMockUser(roles = { "LOGGER", "VIEWER", "EDITOR" })
+    public void givenRoleLoggerAndUser_whenSendMessageToDirectChannel_thenFlowCompletedSuccessfully() {
+        startDirectChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+        assertEquals(DIRECT_CHANNEL_MESSAGE, messageConsumer.getMessageContent());
+    }
+
+    @Test
+    @WithMockUser(username = "jane", roles = { "LOGGER", "EDITOR" })
+    public void givenJaneLoggerEditor_whenSendToDirectChannel_thenFlowCompleted() {
+        startDirectChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+        assertEquals(DIRECT_CHANNEL_MESSAGE, messageConsumer.getMessageContent());
+    }
+
+}

spring-integration/src/test/java/com/baeldung/si/TestSpringIntegrationSecurityExecutor.java

@@ -0,0 +1,68 @@
+package com.baeldung.si;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.TimeUnit;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.messaging.SubscribableChannel;
+import org.springframework.messaging.support.GenericMessage;
+import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.baeldung.si.security.MessageConsumer;
+import com.baeldung.si.security.SecurityConfig;
+import com.baeldung.si.security.SecurityPubSubChannel;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(classes = { SecurityPubSubChannel.class, MessageConsumer.class, SecurityConfig.class })
+public class TestSpringIntegrationSecurityExecutor {
+
+    @Autowired
+    SubscribableChannel startPSChannel;
+
+    @Autowired
+    MessageConsumer messageConsumer;
+
+    @Autowired
+    ThreadPoolTaskExecutor executor;
+
+    final String DIRECT_CHANNEL_MESSAGE = "Direct channel message";
+
+    @Before
+    public void clearData() {
+        messageConsumer.setMessagePSContent(new ConcurrentHashMap<>());
+        executor.setWaitForTasksToCompleteOnShutdown(true);
+    }
+
+    @Test
+    @WithMockUser(username = "user", roles = { "VIEWER" })
+    public void givenRoleUser_whenSendMessageToPSChannel_thenNoMessageArrived() throws IllegalStateException, InterruptedException {
+        startPSChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+
+        executor.getThreadPoolExecutor().awaitTermination(2, TimeUnit.SECONDS);
+
+        assertEquals(1, messageConsumer.getMessagePSContent().size());
+        assertTrue(messageConsumer.getMessagePSContent().values().contains("user"));
+    }
+
+    @Test
+    @WithMockUser(username = "user", roles = { "LOGGER", "VIEWER" })
+    public void givenRoleUserAndLogger_whenSendMessageToPSChannel_then2GetMessages() throws IllegalStateException, InterruptedException {
+        startPSChannel.send(new GenericMessage<String>(DIRECT_CHANNEL_MESSAGE));
+
+        executor.getThreadPoolExecutor().awaitTermination(2, TimeUnit.SECONDS);
+
+        assertEquals(2, messageConsumer.getMessagePSContent().size());
+        assertTrue(messageConsumer.getMessagePSContent().values().contains("user"));
+        assertTrue(messageConsumer.getMessagePSContent().values().contains("ROLE_LOGGER,ROLE_VIEWER"));
+    }
+
+}