[BAEL-9552] - Create spring-security-modules folder

spring-security-modules/spring-security-core/src/test/java/com/baeldung/SpringContextTest.java

@@ -0,0 +1,17 @@
+package com.baeldung;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import com.baeldung.app.App;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(classes = App.class)
+public class SpringContextTest {
+
+    @Test
+    public void whenSpringContextIsBootstrapped_thenNoExceptions() {
+    }
+}

spring-security-modules/spring-security-core/src/test/java/com/baeldung/methodsecurity/ClassLevelSecurityIntegrationTest.java

@@ -0,0 +1,50 @@
+package com.baeldung.methodsecurity;
+
+import static org.junit.Assert.*;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import com.baeldung.methodsecurity.service.SystemService;
+
+@RunWith(SpringRunner.class)
+@ContextConfiguration
+public class ClassLevelSecurityIntegrationTest {
+    
+    @Autowired
+    SystemService systemService;
+    
+    @Configuration
+    @ComponentScan("com.baeldung.methodsecurity.*")
+    public static class SpringConfig {
+
+    }
+    
+    @Test
+    @WithMockUser(username="john",roles={"ADMIN"})
+    public void givenRoleAdmin_whenCallGetSystemYear_return2017(){
+        String systemYear = systemService.getSystemYear();
+        assertEquals("2017",systemYear);
+    }
+    
+    @Test(expected=AccessDeniedException.class)
+    @WithMockUser(username="john",roles={"VIEWER"})
+    public void givenRoleViewer_whenCallGetSystemYear_returnAccessDenied(){
+        String systemYear = systemService.getSystemYear();
+        assertEquals("2017",systemYear);
+    }
+    
+    @Test
+    @WithMockUser(username="john",roles={"ADMIN"})
+    public void givenRoleAdmin_whenCallGetSystemDate_returnDate(){
+        String systemYear = systemService.getSystemDate();
+        assertEquals("31-12-2017",systemYear);
+    }
+}

spring-security-modules/spring-security-core/src/test/java/com/baeldung/methodsecurity/MethodSecurityIntegrationTest.java

@@ -0,0 +1,177 @@
+package com.baeldung.methodsecurity;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
+import org.springframework.security.test.context.support.WithAnonymousUser;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import com.baeldung.methodsecurity.service.UserRoleService;
+
+@RunWith(SpringRunner.class)
+@ContextConfiguration
+public class MethodSecurityIntegrationTest {
+
+    @Autowired
+    UserRoleService userRoleService;
+
+    @Configuration
+    @ComponentScan("com.baeldung.methodsecurity.*")
+    public static class SpringConfig {
+
+    }
+
+    @Test(expected = AuthenticationCredentialsNotFoundException.class)
+    public void givenNoSecurity_whenCallGetUsername_thenReturnException() {
+        String userName = userRoleService.getUsername();
+        assertEquals("john", userName);
+    }
+
+    @Test
+    @WithMockUser(username = "john", roles = { "VIEWER" })
+    public void givenRoleViewer_whenCallGetUsername_thenReturnUsername() {
+        String userName = userRoleService.getUsername();
+        assertEquals("john", userName);
+    }
+
+    @Test
+    @WithMockUser(username = "john", roles = { "EDITOR" })
+    public void givenUsernameJohn_whenCallIsValidUsername_thenReturnTrue() {
+        boolean isValid = userRoleService.isValidUsername("john");
+        assertEquals(true, isValid);
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(username = "john", roles = { "ADMIN" })
+    public void givenRoleAdmin_whenCallGetUsername_thenReturnAccessDenied() {
+        userRoleService.getUsername();
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(username = "john", roles = { "USER" })
+    public void givenRoleUser_whenCallGetUsername2_thenReturnAccessDenied() {
+        userRoleService.getUsername2();
+    }
+
+    @Test
+    @WithMockUser(username = "john", roles = { "VIEWER", "EDITOR" })
+    public void givenRoleViewer_whenCallGetUsername2_thenReturnUsername() {
+        String userName = userRoleService.getUsername2();
+        assertEquals("john", userName);
+    }
+
+    @Test
+    @WithMockUser(username = "john", roles = { "VIEWER" })
+    public void givenUsernameJerry_whenCallIsValidUsername2_thenReturnFalse() {
+        boolean isValid = userRoleService.isValidUsername2("jerry");
+        assertEquals(false, isValid);
+    }
+
+    @Test
+    @WithMockUser(username = "JOHN", authorities = { "SYS_ADMIN" })
+    public void givenAuthoritySysAdmin_whenCallGetUsernameLC_thenReturnUsername() {
+        String username = userRoleService.getUsernameLC();
+        assertEquals("john", username);
+    }
+
+    @Test
+    @WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
+    public void givenUserJohn_whenCallGetMyRolesWithJohn_thenReturnRoles() {
+        String roles = userRoleService.getMyRoles("john");
+        assertEquals("ROLE_ADMIN,ROLE_USER,ROLE_VIEWER", roles);
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
+    public void givenUserJane_whenCallGetMyRolesWithJane_thenAccessDenied() {
+        userRoleService.getMyRoles("jane");
+    }
+    
+    @Test
+    @WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
+    public void givenUserJohn_whenCallGetMyRoles2WithJohn_thenReturnRoles() {
+        String roles = userRoleService.getMyRoles2("john");
+        assertEquals("ROLE_ADMIN,ROLE_USER,ROLE_VIEWER", roles);
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
+    public void givenUserJane_whenCallGetMyRoles2WithJane_thenAccessDenied() {
+        userRoleService.getMyRoles2("jane");
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithAnonymousUser
+    public void givenAnomynousUser_whenCallGetUsername_thenAccessDenied() {
+        userRoleService.getUsername();
+    }
+
+    @Test
+    @WithMockJohnViewer
+    public void givenMockedJohnViewer_whenCallGetUsername_thenReturnUsername() {
+        String userName = userRoleService.getUsername();
+        assertEquals("john", userName);
+    }
+
+    @Test
+    @WithMockUser(username = "jane")
+    public void givenListContainCurrentUsername_whenJoinUsernames_thenReturnUsernames() {
+        List<String> usernames = new ArrayList<>();
+        usernames.add("jane");
+        usernames.add("john");
+        usernames.add("jack");
+        String containCurrentUser = userRoleService.joinUsernames(usernames);
+        assertEquals("john;jack", containCurrentUser);
+    }
+
+    @Test
+    @WithMockUser(username = "john")
+    public void givenListContainCurrentUsername_whenCallJoinUsernamesAndRoles_thenReturnUsernameAndRoles() {
+        List<String> usernames = new ArrayList<>();
+        usernames.add("jane");
+        usernames.add("john");
+        usernames.add("jack");
+
+        List<String> roles = new ArrayList<>();
+        roles.add("ROLE_ADMIN");
+        roles.add("ROLE_TEST");
+
+        String containCurrentUser = userRoleService.joinUsernamesAndRoles(usernames, roles);
+        assertEquals("jane;jack:ROLE_ADMIN;ROLE_TEST", containCurrentUser);
+    }
+
+    @Test
+    @WithMockUser(username = "john")
+    public void givenUserJohn_whenCallGetAllUsernamesExceptCurrent_thenReturnOtherusernames() {
+        List<String> others = userRoleService.getAllUsernamesExceptCurrent();
+        assertEquals(2, others.size());
+        assertTrue(others.contains("jane"));
+        assertTrue(others.contains("jack"));
+    }
+
+    @Test
+    @WithMockUser(username = "john", roles = { "VIEWER" })
+    public void givenRoleViewer_whenCallGetUsername4_thenReturnUsername() {
+        String userName = userRoleService.getUsername4();
+        assertEquals("john", userName);
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithMockUser(username = "john")
+    public void givenDefaultRole_whenCallGetUsername4_thenAccessDenied() {
+        userRoleService.getUsername4();
+    }
+
+}

spring-security-modules/spring-security-core/src/test/java/com/baeldung/methodsecurity/MockUserAtClassLevelIntegrationTest.java

@@ -0,0 +1,35 @@
+package com.baeldung.methodsecurity;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import com.baeldung.methodsecurity.service.UserRoleService;
+
+@RunWith(SpringRunner.class)
+@ContextConfiguration
+@WithMockUser(username = "john", roles = { "VIEWER" })
+public class MockUserAtClassLevelIntegrationTest {
+
+    @Test
+    public void givenRoleViewer_whenCallGetUsername_thenReturnUsername() {
+        String currentUserName = userService.getUsername();
+        assertEquals("john", currentUserName);
+    }
+
+    @Autowired
+    UserRoleService userService;
+
+    @Configuration
+    @ComponentScan("com.baeldung.methodsecurity.*")
+    public static class SpringConfig {
+
+    }
+}

spring-security-modules/spring-security-core/src/test/java/com/baeldung/methodsecurity/UserDetailsIntegrationTest.java

@@ -0,0 +1,57 @@
+package com.baeldung.methodsecurity;
+
+import static org.junit.Assert.assertEquals;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import com.baeldung.methodsecurity.entity.CustomUser;
+import com.baeldung.methodsecurity.service.UserRoleService;
+
+@RunWith(SpringRunner.class)
+@ContextConfiguration
+public class UserDetailsIntegrationTest {
+
+    @Autowired
+    UserRoleService userService;
+
+    @Configuration
+    @ComponentScan("com.baeldung.methodsecurity.*")
+    public static class SpringConfig {
+
+    }
+
+    @Test
+    @WithUserDetails(value = "john", userDetailsServiceBeanName = "userDetailService")
+    public void whenJohn_callLoadUserDetail_thenOK() {
+        CustomUser user = userService.loadUserDetail("jane");
+        assertEquals("jane", user.getNickName());
+    }
+
+    @Test
+    @WithUserDetails(value = "jane", userDetailsServiceBeanName = "userDetailService")
+    public void givenJane_callSecuredLoadUserDetailWithJane_thenOK() {
+        CustomUser user = userService.securedLoadUserDetail("jane");
+        assertEquals("jane", user.getNickName());
+        assertEquals("jane", user.getUsername());
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithUserDetails(value = "john", userDetailsServiceBeanName = "userDetailService")
+    public void givenJohn_callSecuredLoadUserDetailWithJane_thenAccessDenied() {
+        userService.securedLoadUserDetail("jane");
+    }
+
+    @Test(expected = AccessDeniedException.class)
+    @WithUserDetails(value = "john", userDetailsServiceBeanName = "userDetailService")
+    public void givenJohn_callSecuredLoadUserDetailWithJohn_thenAccessDenied() {
+        userService.securedLoadUserDetail("john");
+    }
+}

spring-security-modules/spring-security-core/src/test/java/com/baeldung/methodsecurity/WithMockJohnViewer.java

@@ -0,0 +1,10 @@
+package com.baeldung.methodsecurity;
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+import org.springframework.security.test.context.support.WithMockUser;
+
+@Retention(RetentionPolicy.RUNTIME)
+@WithMockUser(value="john",roles="VIEWER")
+public @interface WithMockJohnViewer { }

spring-security-modules/spring-security-core/src/test/java/com/baeldung/test/LiveTest.java

@@ -0,0 +1,72 @@
+package com.baeldung.test;
+
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import org.junit.Before;
+import org.junit.FixMethodOrder;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.MethodSorters;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.http.MediaType;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import org.springframework.web.context.WebApplicationContext;
+
+import com.baeldung.app.App;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@SpringBootTest(classes = App.class, webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
+@FixMethodOrder(MethodSorters.NAME_ASCENDING)
+public class LiveTest {
+
+    @Autowired
+    private WebApplicationContext context;
+    private MockMvc mockMvc;
+
+    @Before
+    public void setUp() {
+        mockMvc = MockMvcBuilders.webAppContextSetup(context).dispatchOptions(true).build();
+    }
+
+    @Test
+    @WithMockUser(roles = "MANAGER")
+    public void givenUserIsManager_whenGetTasks_thenAllTasks() throws Exception {
+        String allTasks = "[{'id':1,'description':'Send a fax','assignee':'pam'}," + "{'id':2,'description':'Print a document','assignee':'pam'}," + "{'id':3,'description':'Answer the phone','assignee':'pam'},"
+                + "{'id':4,'description':'Call a client','assignee':'jim'}," + "{'id':5,'description':'Organize a meeting','assignee':'michael'}]";
+
+        mockMvc.perform(get("/api/tasks")).andExpect(status().isOk()).andExpect(content().json(allTasks));
+    }
+
+    @Test
+    @WithMockUser(username = "jim")
+    public void givenUserNotManager_whenGetTasks_thenReturnAssignedToMe() throws Exception {
+        String myTasks = "[{'id':4,'description':'Call a client','assignee':'jim'}]";
+
+        mockMvc.perform(get("/api/tasks")).andExpect(status().isOk()).andExpect(content().json(myTasks));
+    }
+
+    @Test
+    @WithMockUser(roles = "MANAGER")
+    public void givenUserIsManager_whenPostTasks_thenIncludeAllTasks() throws Exception {
+        String newTasks = "[{\"description\":\"New to Michael\",\"assignee\":\"michael\"}," + "{\"description\":\"New to Pam\",\"assignee\":\"pam\"}]";
+
+        mockMvc.perform(post("/api/tasks").contentType(MediaType.APPLICATION_JSON).content(newTasks)).andExpect(status().isOk())
+                .andExpect(content().json("[{'id': 6,'description':'New to Michael','assignee':'michael'}, {'id': 7,'description':'New to Pam','assignee':'pam'}]"));
+    }
+
+    @Test
+    @WithMockUser(username = "jim")
+    public void givenUserNotManager_whenPostTasks_thenIncludeOnlyAssignedToMe() throws Exception {
+        String newTasks = "[{\"description\":\"New to Jim\",\"assignee\":\"jim\"}," + "{\"description\":\"New to Pam\",\"assignee\":\"pam\"}]";
+
+        mockMvc.perform(post("/api/tasks").contentType(MediaType.APPLICATION_JSON).content(newTasks)).andExpect(status().isOk()).andExpect(content().json("[{'id': 8,'description':'New to Jim','assignee':'jim'}]"));
+    }
+
+}

spring-security-modules/spring-security-core/src/test/resources/.gitignore

@@ -0,0 +1,13 @@
+*.class
+
+#folders#
+/target
+/neoDb*
+/data
+/src/main/webapp/WEB-INF/classes
+*/META-INF/*
+
+# Packaged files #
+*.jar
+*.war
+*.ear