[tlinh2110@gmail.com] Add resource for Testing Method Security

2017-12-14 23:38:56 +08:00
parent 5014f5088e
commit 778177333f
15 changed files with 447 additions and 0 deletions
@@ -0,0 +1,41 @@
+package org.baeldung.testmethodsecurity;
+
+import static org.junit.Assert.assertEquals;
+
+import org.baeldung.testmethodsecurity.service.UserRoleService;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class TestCustomSecurityContext {
+    
+    @Autowired
+    UserRoleService userRoleService;
+    
+    @Configuration
+    @ComponentScan("org.baeldung.testmethodsecurity.*")
+    public static class SpringConfig {
+
+    }
+    
+    @Test
+    @WithMockSysUser(systemUserName="jane")
+    public void whenJane_callGetUserName_thenOK(){
+        String userName = userRoleService.getUserName();
+        assertEquals("jane",userName);
+    }
+    
+    @Test(expected=AccessDeniedException.class)
+    @WithMockSysUser(systemUserName="john")
+    public void whenJohn_callGetUserName_thenFail(){
+        userRoleService.getUserName();
+    }
+
+}
@@ -0,0 +1,57 @@
+package org.baeldung.testmethodsecurity;
+
+import static org.junit.Assert.assertEquals;
+
+import org.baeldung.testmethodsecurity.service.UserRoleService;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.test.context.support.WithAnonymousUser;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class TestMethodSecurity{
+    
+    @Autowired
+    UserRoleService userRoleService;
+    
+    @Configuration
+    @ComponentScan("org.baeldung.testmethodsecurity.*")
+    public static class SpringConfig {
+
+    }
+    
+    @Test
+    @WithMockUser(username="john",roles={"VIEWER"})
+    public void whenRoleViewer_callGetUserName_thenOK(){
+        String userName = userRoleService.getUserName();
+        assertEquals("john", userName);
+    }
+    
+    @Test
+    @WithMockUser(username="john",authorities={"SYS_ADMIN"})
+    public void whenSysAdmin_callGetUserName_thenOK(){
+        String userName = userRoleService.getUserName();
+        assertEquals("john", userName);
+    }
+    
+    @Test(expected=AccessDeniedException.class)
+    @WithAnonymousUser
+    public void whenAnomynous_callGetUserName_thenFail(){
+        userRoleService.getUserName();
+    }
+    
+    @Test
+    @WithMockJohnViewer
+    public void whenJohnViewer_callGetUserName_thenOK(){
+        String userName = userRoleService.getUserName();
+        assertEquals("john", userName);
+    }
+    
+}
@@ -0,0 +1,54 @@
+package org.baeldung.testmethodsecurity;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.lang.reflect.Proxy;
+
+import org.baeldung.testmethodsecurity.service.SystemPropImpl;
+import org.baeldung.testmethodsecurity.service.SystemPropInterface;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class TestSystemProp{
+    
+    @Autowired
+    SystemPropInterface systemProp;
+    
+    @Test
+    @WithMockUser(username="test")
+    public void checkSystemPropInstance(){
+       assertFalse(systemProp instanceof SystemPropImpl);
+       assertTrue(systemProp instanceof SystemPropInterface);
+       assertTrue(systemProp instanceof Proxy);
+       
+       assertEquals("Method Security", systemProp.getSystemName());
+    }
+    
+    @Test
+    public void whenNotAuthentication_callSayHello_thenOK(){
+        String hello = systemProp.sayHello();
+        assertEquals("Hi", hello);
+    }
+    
+    @Test(expected=AuthenticationCredentialsNotFoundException.class)
+    public void whenNotAuthentication_callSayHi_thenFailed(){
+        systemProp.sayHi();
+    }
+    
+    @Configuration
+    @ComponentScan("org.baeldung.testmethodsecurity.*")
+    public static class SpringConfig {
+
+    }
+}
@@ -0,0 +1,34 @@
+package org.baeldung.testmethodsecurity;
+
+import static org.junit.Assert.assertEquals;
+
+import org.baeldung.testmethodsecurity.service.UserRoleService;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+@WithMockUser(username="john",roles={"VIEWER"})
+public class TestWithMockUserAtClassLevel {
+    
+    @Test
+    public void whenRoleViewerLogged_callGetUserName_thenOK(){
+        String currentUserName = userService.getUserName();
+        assertEquals("john",currentUserName);
+    }
+    
+    @Autowired
+    UserRoleService userService;
+    
+    @Configuration
+    @ComponentScan("org.baeldung.testmethodsecurity.*")
+    public static class SpringConfig {
+
+    }
+}
@@ -0,0 +1,35 @@
+package org.baeldung.testmethodsecurity;
+
+import static org.junit.Assert.assertEquals;
+
+import org.baeldung.testmethodsecurity.entity.CustomUser;
+import org.baeldung.testmethodsecurity.service.UserRoleService;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class TestWithUserDetails {
+    
+    @Autowired
+    UserRoleService userService;
+    
+    @Configuration
+    @ComponentScan("org.baeldung.testmethodsecurity.*")
+    public static class SpringConfig {
+
+    }
+    
+    @Test
+    @WithUserDetails(value="john",userDetailsServiceBeanName="userDetailService")
+    public void whenJohn_callLoadUserDetail_thenOK(){
+        CustomUser user = userService.loadUserDetail("jane");
+        assertEquals("jane",user.getNickName());
+    }
+}
@@ -0,0 +1,10 @@
+package org.baeldung.testmethodsecurity;
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+import org.springframework.security.test.context.support.WithMockUser;
+
+@Retention(RetentionPolicy.RUNTIME)
+@WithMockUser(value="john",roles="VIEWER")
+public @interface WithMockJohnViewer { }
@@ -0,0 +1,12 @@
+package org.baeldung.testmethodsecurity;
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+import org.springframework.security.test.context.support.WithSecurityContext;
+
+@Retention(RetentionPolicy.RUNTIME)
+@WithSecurityContext(factory = WithMockSysUserSecurityContextFactory.class)
+public @interface WithMockSysUser {
+	String systemUserName();
+}
@@ -0,0 +1,28 @@
+package org.baeldung.testmethodsecurity;
+
+import org.baeldung.testmethodsecurity.entity.CustomUser;
+import org.baeldung.testmethodsecurity.repository.UserRoleRepository;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.test.context.support.WithSecurityContextFactory;
+
+public class WithMockSysUserSecurityContextFactory
+	implements WithSecurityContextFactory<WithMockSysUser> {
+    
+	@Override
+	public SecurityContext createSecurityContext(WithMockSysUser customUser) {
+		SecurityContext context = SecurityContextHolder.createEmptyContext();
+		UserRoleRepository userRoleRepo = new UserRoleRepository();
+		
+		CustomUser user = userRoleRepo.loadUserByUserName(customUser.systemUserName());
+		
+		Authentication auth =
+			new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities());
+		
+		context.setAuthentication(auth);
+		return context;
+	}
+	
+}