From a2b90b0a3645cdc90db49b77a2a4ad14820d9fc0 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Fri, 10 May 2019 17:21:50 +0200 Subject: [PATCH] separated MockSecurityContext into SecurityContextMock+SecurityContextMock --- .../accessfilter/JSonAccessFilter.java | 8 +- .../JSonDeserializationWithAccessFilter.java | 6 +- .../JSonSerializationWithAccessFilter.java | 2 +- .../hsadminng/service/accessfilter/Role.java | 2 +- .../UserRoleAssignmentServiceUnitTest.java | 6 +- ...serializationWithAccessFilterUnitTest.java | 32 ++++--- ...SerializationWithAccessFilterUnitTest.java | 6 +- .../accessfilter/MockSecurityContext.java | 96 ------------------- .../service/accessfilter/RoleUnitTest.java | 16 ++++ .../accessfilter/SecurityContextDouble.java | 57 +++++++++++ .../accessfilter/SecurityContextFake.java | 18 ++++ .../accessfilter/SecurityContextMock.java | 47 +++++++++ .../service/dto/AssetDTOIntTest.java | 18 ++-- .../service/dto/CustomerDTOUnitTest.java | 9 +- .../service/dto/MembershipDTOUnitTest.java | 9 +- .../service/dto/SepaMandateDTOIntTest.java | 13 +-- .../service/dto/ShareDTOIntTest.java | 13 +-- .../web/rest/AssetResourceIntTest.java | 10 +- .../web/rest/CustomerResourceIntTest.java | 10 +- .../web/rest/MembershipResourceIntTest.java | 10 +- .../web/rest/SepaMandateResourceIntTest.java | 17 ++-- .../web/rest/ShareResourceIntTest.java | 10 +- 22 files changed, 236 insertions(+), 179 deletions(-) delete mode 100644 src/test/java/org/hostsharing/hsadminng/service/accessfilter/MockSecurityContext.java create mode 100644 src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextDouble.java create mode 100644 src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextFake.java create mode 100644 src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextMock.java diff --git a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilter.java b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilter.java index 93d67f04..8a29f645 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilter.java +++ b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonAccessFilter.java @@ -4,7 +4,7 @@ package org.hostsharing.hsadminng.service.accessfilter; import static com.google.common.base.Verify.verify; import static com.google.common.collect.Sets.union; import static java.util.Collections.EMPTY_SET; -import static org.thymeleaf.util.SetUtils.singletonSet; +import static java.util.Collections.emptySet; import org.hostsharing.hsadminng.security.SecurityUtils; import org.hostsharing.hsadminng.service.IdToDtoResolver; @@ -71,7 +71,7 @@ abstract class JSonAccessFilter { final Field parentIdField = determineFieldWithAnnotation(dto.getClass(), ParentId.class); if (parentIdField == null) { - return singletonSet(Role.ANYBODY); + return emptySet(); } final ParentId parentIdAnnot = parentIdField.getAnnotation(ParentId.class); @@ -88,12 +88,12 @@ abstract class JSonAccessFilter { private Set getLoginUserDirectRolesFor(final Class dtoClass, final Long id) { if (!SecurityUtils.isAuthenticated()) { - return singletonSet(Role.ANYBODY); + return emptySet(); } final EntityTypeId entityTypeId = dtoClass.getAnnotation(EntityTypeId.class); if (entityTypeId == null) { - return singletonSet(Role.ANYBODY); // TODO mhoennig: all of such singletonSets -> emptySet + return emptySet(); } return userRoleAssignmentService.getEffectiveRoleOfCurrentUser(entityTypeId.value(), id); diff --git a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilter.java b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilter.java index c79f4809..b7f25f39 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilter.java +++ b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilter.java @@ -160,13 +160,13 @@ public class JSonDeserializationWithAccessFilter extends JSonAccessFilter if (!field.equals(parentIdField)) { throw new BadRequestAlertException( "Initialization of field " + toDisplay(field) - + " prohibited for current user roles " + + " prohibited for current user role(s): " + Joiner.on("+").join(roles), toDisplay(field), "initializationProhibited"); } else { throw new BadRequestAlertException( - "Referencing field " + toDisplay(field) + " prohibited for current user roles " + "Referencing field " + toDisplay(field) + " prohibited for current user role(s): " + Joiner.on("+").join(roles), toDisplay(field), "referencingProhibited"); @@ -174,7 +174,7 @@ public class JSonDeserializationWithAccessFilter extends JSonAccessFilter } } else if (!Role.toBeIgnoredForUpdates(field) && !isAllowedToUpdate(getLoginUserRoles(), field)) { throw new BadRequestAlertException( - "Update of field " + toDisplay(field) + " prohibited for current user roles " + "Update of field " + toDisplay(field) + " prohibited for current user role(s): " + Joiner.on("+").join(roles), toDisplay(field), "updateProhibited"); diff --git a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilter.java b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilter.java index 904660e8..cf8b7a07 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilter.java +++ b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilter.java @@ -86,7 +86,7 @@ public class JSonSerializationWithAccessFilter extends JSonAccessFilter { return true; } } - return false; + return Role.ANYBODY.isAllowedToRead(field); } } diff --git a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java index a6e62ed1..0c98c322 100644 --- a/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java +++ b/src/main/java/org/hostsharing/hsadminng/service/accessfilter/Role.java @@ -139,7 +139,7 @@ public enum Role { * @return true if this role is independent of a target object, false otherwise. */ public boolean isIndependent() { - return this != NOBODY && covers(Role.SUPPORTER); + return this != NOBODY && (this == ANYBODY || covers(Role.SUPPORTER)); } /** diff --git a/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java index 11fb276b..684f0933 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/UserRoleAssignmentServiceUnitTest.java @@ -7,8 +7,8 @@ import static org.mockito.BDDMockito.given; import org.hostsharing.hsadminng.domain.UserRoleAssignment; import org.hostsharing.hsadminng.repository.UserRoleAssignmentRepository; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextFake; import com.google.common.base.VerifyException; @@ -45,7 +45,7 @@ public class UserRoleAssignmentServiceUnitTest { @Test public void getEffectiveRoleOfCurrentUserReturnsEmptySetIfUserAuthenticatedButNoRolesAssigned() { // given - new MockSecurityContext().havingAuthenticatedUser(); + SecurityContextFake.havingAuthenticatedUser(); // when final Set actual = userRoleAssignmentService.getEffectiveRoleOfCurrentUser("test.Something", 1L); @@ -58,7 +58,7 @@ public class UserRoleAssignmentServiceUnitTest { public void getEffectiveRoleOfCurrentUserReturnsExactlyAssignedRoles() { // given final String givenUserLogin = "someUser"; - new MockSecurityContext().havingAuthenticatedUser(givenUserLogin); + SecurityContextFake.havingAuthenticatedUser(givenUserLogin); final long givenEntityObjectId = 2L; final String givenEntityTypeId = "test.Something"; given(userRoleAssignmentRepository.findByLogin(givenUserLogin)).willReturn( diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java index a68b16a1..df90f81d 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonDeserializationWithAccessFilterUnitTest.java @@ -8,6 +8,7 @@ import static org.hostsharing.hsadminng.service.accessfilter.JSonAccessFilterTes import static org.hostsharing.hsadminng.service.accessfilter.JSonBuilder.asJSon; import static org.mockito.BDDMockito.given; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException; @@ -71,13 +72,13 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Mock private GivenCustomerService givenCustomerService; - - private MockSecurityContext givenSecurityContext; + private SecurityContextMock securityContext; @Before public void init() { - givenSecurityContext = new MockSecurityContext(userRoleAssignmentService); - givenSecurityContext.havingAuthenticatedUser().withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER); + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService) + .havingAuthenticatedUser() + .withRole(GivenDto.class, 1234L, Role.ACTUAL_CUSTOMER_USER); given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory); given(autowireCapableBeanFactory.createBean(GivenService.class)).willReturn(givenService); @@ -261,7 +262,8 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldDeserializeStringFieldIfRequiredRoleIsCoveredByUser() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); + securityContext.havingAuthenticatedUser() + .withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("id", 1234L), @@ -283,7 +285,8 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldDeserializeUnchangedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER); + securityContext.havingAuthenticatedUser() + .withRole(GivenCustomerDto.class, 888L, Role.FINANCIAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("id", 1234L), @@ -305,7 +308,8 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldNotDeserializeUpatedStringFieldIfRequiredRoleIsNotCoveredByUser() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER); + securityContext.havingAuthenticatedUser() + .withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER); givenJSonTree( asJSon( ImmutablePair.of("customerId", 888L), @@ -330,7 +334,8 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldInitializeFieldIfRequiredRoleIsNotCoveredByUser() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER); + securityContext.havingAuthenticatedUser() + .withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER); givenJSonTree( asJSon( ImmutablePair.of("customerId", 888L), @@ -355,7 +360,8 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldNotCreateIfRoleRequiredByParentEntityIsNotCoveredByUser() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT); + securityContext.havingAuthenticatedUser() + .withRole(GivenCustomerDto.class, 9999L, Role.CONTRACTUAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("parentId", 1234L))); @@ -379,7 +385,8 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldCreateIfRoleRequiredByReferencedEntityIsCoveredByUser() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT); + securityContext.havingAuthenticatedUser() + .withRole(GivenCustomerDto.class, 888L, Role.CONTRACTUAL_CONTACT); givenJSonTree( asJSon( ImmutablePair.of("parentId", 1234L))); @@ -400,7 +407,8 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldNotUpdateFieldIfRequiredRoleIsNotCoveredByUser() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER); + securityContext.havingAuthenticatedUser() + .withRole(GivenCustomerDto.class, 888L, Role.ACTUAL_CUSTOMER_USER); givenJSonTree( asJSon( ImmutablePair.of("id", 1234L), @@ -446,7 +454,7 @@ public class JSonDeserializationWithAccessFilterUnitTest { @Test public void shouldDetectUnknownFieldType() throws IOException { // given - givenSecurityContext.havingAuthenticatedUser().withRole(Role.ADMIN); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN); givenJSonTree(asJSon(ImmutablePair.of("unknown", new Arbitrary()))); // when diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java index 97c7eb3e..fe63f9aa 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/JSonSerializationWithAccessFilterUnitTest.java @@ -45,13 +45,14 @@ public class JSonSerializationWithAccessFilterUnitTest { @Mock private GivenCustomerService givenCustomerService; - private MockSecurityContext securityContext; + private SecurityContextMock securityContext; private final GivenDto givenDTO = createSampleDto(); @Before public void init() { - securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser() + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService) + .havingAuthenticatedUser() .withRole(GivenCustomerDto.class, 888L, Role.ANY_CUSTOMER_USER); given(ctx.getAutowireCapableBeanFactory()).willReturn(autowireCapableBeanFactory); @@ -190,6 +191,7 @@ public class JSonSerializationWithAccessFilterUnitTest { Arbitrary fieldWithUnimplementedType = new Arbitrary(); } final GivenDtoWithUnimplementedFieldType givenDtoWithUnimplementedFieldType = new GivenDtoWithUnimplementedFieldType(); + SecurityContextFake.havingAuthenticatedUser(); // when final Throwable actual = catchThrowable( diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/MockSecurityContext.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/MockSecurityContext.java deleted file mode 100644 index 4c1adfaa..00000000 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/MockSecurityContext.java +++ /dev/null @@ -1,96 +0,0 @@ -// Licensed under Apache-2.0 -package org.hostsharing.hsadminng.service.accessfilter; - -import static org.assertj.core.api.Assumptions.assumeThat; -import static org.mockito.BDDMockito.given; - -import org.hostsharing.hsadminng.security.SecurityUtils; -import org.hostsharing.hsadminng.service.UserRoleAssignmentService; - -import org.mockito.Mockito; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.context.SecurityContext; -import org.springframework.security.core.context.SecurityContextHolder; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collection; -import java.util.HashSet; - -public class MockSecurityContext { - - private final UserRoleAssignmentService userRoleAssignmentService; - private final Collection authorities; - - // TODO mhoennig: refactor this ctor to method withMock(...) returning a subclass to avoid null checks - public MockSecurityContext(final UserRoleAssignmentService userRoleAssignmentService) { - this.userRoleAssignmentService = userRoleAssignmentService; - this.authorities = new ArrayList<>(); - } - - public MockSecurityContext() { - this(null); - } - - public MockSecurityContext havingAuthenticatedUser() { - return havingAuthenticatedUser("dummyUser"); - } - - public MockSecurityContext havingAuthenticatedUser(final String login) { - SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); - - securityContext.setAuthentication(new UsernamePasswordAuthenticationToken(login, "dummyPassword") { - - @Override - public Collection getAuthorities() { - return authorities; - } - }); - SecurityContextHolder.setContext(securityContext); - - assumeThat(SecurityUtils.getCurrentUserLogin()).hasValue(login); - if (userRoleAssignmentService != null) { - Mockito.reset(userRoleAssignmentService); - } - authorities.clear(); - return this; - } - - public MockSecurityContext withRole(final Class onClass, final Long onId, final Role... roles) { - if (userRoleAssignmentService == null) { - throw new IllegalStateException("mock not registered for: " + UserRoleAssignmentService.class.getSimpleName()); - } - final EntityTypeId entityTypeId = onClass.getAnnotation(EntityTypeId.class); - assumeThat(entityTypeId).as("@" + EntityTypeId.class.getSimpleName() + " missing on class " + onClass.toString()) - .isNotNull(); - given(userRoleAssignmentService.getEffectiveRoleOfCurrentUser(entityTypeId.value(), onId)) - .willReturn(new HashSet(Arrays.asList(roles))); - return this; - } - - public MockSecurityContext withRole(final Role role) { - authorities.add(new GrantedAuthority() { - - @Override - public String getAuthority() { - return role.asAuthority(); - } - }); - return this; - } - - private static class FakePrincipal { - - private final String username; - - public FakePrincipal(final String username) { - this.username = username; - } - - @Override - public String toString() { - return username; - } - } -} diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java index 267e31b5..9fe65dae 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/RoleUnitTest.java @@ -95,6 +95,22 @@ public class RoleUnitTest { assertThat(catchThrowable(() -> Role.HOSTMASTER.coversAny((Role[]) null))).isInstanceOf(VerifyException.class); } + @Test + public void isNdependend() { + assertThat(Role.NOBODY.isIndependent()).isFalse(); + + assertThat(Role.HOSTMASTER.isIndependent()).isTrue(); + assertThat(Role.ADMIN.isIndependent()).isTrue(); + assertThat(Role.SUPPORTER.isIndependent()).isTrue(); + + assertThat(Role.CONTRACTUAL_CONTACT.isIndependent()).isFalse(); + assertThat(Role.FINANCIAL_CONTACT.isIndependent()).isFalse(); + assertThat(Role.ACTUAL_CUSTOMER_USER.isIndependent()).isFalse(); + assertThat(Role.ANY_CUSTOMER_USER.isIndependent()).isFalse(); + + assertThat(Role.ANYBODY.isIndependent()).isTrue(); + } + @Test public void isIgnored() { for (Role role : Role.values()) { diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextDouble.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextDouble.java new file mode 100644 index 00000000..c88015fc --- /dev/null +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextDouble.java @@ -0,0 +1,57 @@ +// Licensed under Apache-2.0 +package org.hostsharing.hsadminng.service.accessfilter; + +import static org.assertj.core.api.Assumptions.assumeThat; + +import org.hostsharing.hsadminng.security.SecurityUtils; + +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; + +import java.util.ArrayList; +import java.util.Collection; + +abstract class SecurityContextDouble { + + private final Collection authorities = new ArrayList<>(); + + protected SecurityContextDouble() { + } + + protected SecurityContextDouble withAuthenticatedUser(final String login) { + SecurityContext securityContext = SecurityContextHolder.createEmptyContext(); + + securityContext.setAuthentication(new UsernamePasswordAuthenticationToken(login, "dummyPassword") { + + @Override + public Collection getAuthorities() { + return authorities; + } + }); + SecurityContextHolder.setContext(securityContext); + assumeThat(SecurityUtils.getCurrentUserLogin()).hasValue(login); + return this; + } + + public T withAuthority(final String authority) { + authorities.add((GrantedAuthority) () -> authority); + return (T) this; + } + + private static class FakePrincipal { + + private final String username; + + public FakePrincipal(final String username) { + this.username = username; + } + + @Override + public String toString() { + return username; + } + } + +} diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextFake.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextFake.java new file mode 100644 index 00000000..742e0b06 --- /dev/null +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextFake.java @@ -0,0 +1,18 @@ +// Licensed under Apache-2.0 +package org.hostsharing.hsadminng.service.accessfilter; + +public class SecurityContextFake extends SecurityContextDouble { + + public static SecurityContextFake havingAuthenticatedUser() { + return havingAuthenticatedUser("dummyUser"); + } + + public static SecurityContextFake havingAuthenticatedUser(final String login) { + final SecurityContextFake securityContext = new SecurityContextFake(); + securityContext.withAuthenticatedUser(login); + return securityContext; + } + + protected SecurityContextFake() { + } +} diff --git a/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextMock.java b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextMock.java new file mode 100644 index 00000000..402df6f8 --- /dev/null +++ b/src/test/java/org/hostsharing/hsadminng/service/accessfilter/SecurityContextMock.java @@ -0,0 +1,47 @@ +// Licensed under Apache-2.0 +package org.hostsharing.hsadminng.service.accessfilter; + +import static org.assertj.core.api.Assumptions.assumeThat; +import static org.mockito.BDDMockito.given; + +import org.hostsharing.hsadminng.service.UserRoleAssignmentService; + +import org.mockito.Mockito; + +import java.util.Arrays; +import java.util.HashSet; + +public class SecurityContextMock extends SecurityContextDouble { + + private final UserRoleAssignmentService userRoleAssignmentService; + + public static SecurityContextMock usingMock(final UserRoleAssignmentService userRoleAssignmentService) { + return new SecurityContextMock(userRoleAssignmentService); + } + + public SecurityContextMock(final UserRoleAssignmentService userRoleAssignmentService) { + this.userRoleAssignmentService = userRoleAssignmentService; + } + + public SecurityContextMock havingAuthenticatedUser() { + return havingAuthenticatedUser("dummyUser"); + } + + public SecurityContextMock havingAuthenticatedUser(final String login) { + super.withAuthenticatedUser(login); + Mockito.reset(userRoleAssignmentService); + return this; + } + + public SecurityContextMock withRole(final Class onClass, final long onId, final Role... roles) { + if (userRoleAssignmentService == null) { + throw new IllegalStateException("mock not registered for: " + UserRoleAssignmentService.class.getSimpleName()); + } + final EntityTypeId entityTypeId = onClass.getAnnotation(EntityTypeId.class); + assumeThat(entityTypeId).as("@" + EntityTypeId.class.getSimpleName() + " missing on class " + onClass.toString()) + .isNotNull(); + given(userRoleAssignmentService.getEffectiveRoleOfCurrentUser(entityTypeId.value(), onId)) + .willReturn(new HashSet(Arrays.asList(roles))); + return this; + } +} diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java index 37c985e0..1b9994cd 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/AssetDTOIntTest.java @@ -13,13 +13,14 @@ import org.hostsharing.hsadminng.domain.enumeration.AssetAction; import org.hostsharing.hsadminng.repository.AssetRepository; import org.hostsharing.hsadminng.repository.CustomerRepository; import org.hostsharing.hsadminng.repository.MembershipRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.AssetService; import org.hostsharing.hsadminng.service.AssetValidator; import org.hostsharing.hsadminng.service.MembershipValidator; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.mapper.AssetMapper; import org.hostsharing.hsadminng.service.mapper.AssetMapperImpl; import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl; @@ -113,22 +114,23 @@ public class AssetDTOIntTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; + private SecurityContextMock securityContext; @Before public void init() { given(customerRepository.findById(SOME_CUSTOMER_ID)).willReturn(Optional.of(SOME_CUSTOMER)); given(membershipRepository.findById(SOME_MEMBERSHIP_ID)).willReturn(Optional.of(SOME_MEMBERSHIP)); given(assetRepository.findById(SOME_ASSET_ID)).willReturn((Optional.of(SOME_ASSET))); - - securityContext = new MockSecurityContext(userRoleAssignmentService); + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService); } @Test public void shouldSerializePartiallyForFinancialCustomerContact() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); + securityContext.havingAuthenticatedUser() + .withRole(CustomerDTO.class, SOME_CUSTOMER_ID, Role.FINANCIAL_CONTACT); + final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID); // when @@ -143,7 +145,7 @@ public class AssetDTOIntTest { public void shouldSerializeCompletelyForSupporter() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER); final AssetDTO given = createSomeAssetDTO(SOME_ASSET_ID); // when @@ -170,13 +172,13 @@ public class AssetDTOIntTest { BadRequestAlertException.class, bre -> assertThat(bre.getMessage()) .isEqualTo( - "Update of field AssetDTO.remark prohibited for current user roles CONTRACTUAL_CONTACT+ANYBODY")); + "Update of field AssetDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); } @Test public void shouldDeserializeForAdminIfRemarkIsChanged() throws IOException { // given - securityContext.havingAuthenticatedUser().withRole(Role.ADMIN); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN); final String json = new JSonBuilder() .withFieldValue("id", SOME_ASSET_ID) .withFieldValue("remark", "Updated Remark") diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java index 1494561e..a1d47fb5 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/CustomerDTOUnitTest.java @@ -9,11 +9,12 @@ import org.hostsharing.hsadminng.domain.Customer; import org.hostsharing.hsadminng.domain.enumeration.CustomerKind; import org.hostsharing.hsadminng.domain.enumeration.VatRegion; import org.hostsharing.hsadminng.repository.CustomerRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.CustomerService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.mapper.CustomerMapper; import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl; @@ -64,11 +65,11 @@ public class CustomerDTOUnitTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; + private SecurityContextMock securityContext; @Before public void init() { - securityContext = new MockSecurityContext(userRoleAssignmentService); + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService); } @Test @@ -111,7 +112,7 @@ public class CustomerDTOUnitTest { public void testSerializationAsSupporter() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER); CustomerDTO given = createSomeCustomerDTO(1234L); // when diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java index c21845b5..59065852 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/MembershipDTOUnitTest.java @@ -6,12 +6,13 @@ import static org.assertj.core.api.Assertions.catchThrowable; import static org.hostsharing.hsadminng.service.accessfilter.JSonBuilder.asJSon; import static org.mockito.BDDMockito.given; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.CustomerService; import org.hostsharing.hsadminng.service.MembershipService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; import org.hostsharing.hsadminng.service.accessfilter.JSonDeserializationWithAccessFilter; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.web.rest.errors.BadRequestAlertException; import com.fasterxml.jackson.core.JsonParser; @@ -61,7 +62,7 @@ public class MembershipDTOUnitTest { @Mock private CustomerService customerService; - private MockSecurityContext securityContext; + private SecurityContextMock securityContext; @Before public void init() { @@ -75,12 +76,12 @@ public class MembershipDTOUnitTest { new CustomerDTO() .with(dto -> dto.setId(1234L)))); - securityContext = new MockSecurityContext(userRoleAssignmentService); + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService); } @Test public void adminShouldHaveRightToCreate() throws IOException { - securityContext.havingAuthenticatedUser().withRole(Role.ADMIN); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN); givenJSonTree(asJSon(ImmutablePair.of("customerId", 1234L))); // when diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOIntTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOIntTest.java index f85a64ab..0de98bb9 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/SepaMandateDTOIntTest.java @@ -12,12 +12,13 @@ import org.hostsharing.hsadminng.domain.SepaMandate; import org.hostsharing.hsadminng.repository.CustomerRepository; import org.hostsharing.hsadminng.repository.MembershipRepository; import org.hostsharing.hsadminng.repository.SepaMandateRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.MembershipValidator; import org.hostsharing.hsadminng.service.SepaMandateService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl; import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl; import org.hostsharing.hsadminng.service.mapper.SepaMandateMapper; @@ -101,14 +102,14 @@ public class SepaMandateDTOIntTest { @MockBean public UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; + private SecurityContextMock securityContext; @Before public void init() { given(customerRepository.findById(SOME_CUSTOMER_ID)).willReturn(Optional.of(SOME_CUSTOMER)); given(sepaMandateRepository.findById(SOME_SEPA_MANDATE_ID)).willReturn((Optional.of(SOME_SEPA_MANDATE))); - securityContext = new MockSecurityContext(userRoleAssignmentService); + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService); } @Test @@ -130,7 +131,7 @@ public class SepaMandateDTOIntTest { public void shouldSerializeCompletelyForSupporter() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER); final SepaMandateDTO given = createSampleDTO(SOME_SEPA_MANDATE_ID, SOME_CUSTOMER_ID); // when @@ -156,13 +157,13 @@ public class SepaMandateDTOIntTest { assertThat(actual).isInstanceOfSatisfying( BadRequestAlertException.class, bre -> assertThat(bre.getMessage()).isEqualTo( - "Update of field SepaMandateDTO.remark prohibited for current user roles CONTRACTUAL_CONTACT+ANYBODY")); + "Update of field SepaMandateDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); } @Test public void shouldDeserializeForAdminIfRemarkIsChanged() throws IOException { // given - securityContext.havingAuthenticatedUser().withRole(Role.ADMIN); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN); final String json = new JSonBuilder() .withFieldValue("id", SOME_SEPA_MANDATE_ID) .withFieldValue("remark", "Updated Remark") diff --git a/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOIntTest.java b/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOIntTest.java index f646edf3..5b411ace 100644 --- a/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/service/dto/ShareDTOIntTest.java @@ -13,13 +13,14 @@ import org.hostsharing.hsadminng.domain.enumeration.ShareAction; import org.hostsharing.hsadminng.repository.CustomerRepository; import org.hostsharing.hsadminng.repository.MembershipRepository; import org.hostsharing.hsadminng.repository.ShareRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.MembershipValidator; import org.hostsharing.hsadminng.service.ShareService; import org.hostsharing.hsadminng.service.ShareValidator; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; import org.hostsharing.hsadminng.service.accessfilter.JSonBuilder; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.mapper.CustomerMapperImpl; import org.hostsharing.hsadminng.service.mapper.MembershipMapperImpl; import org.hostsharing.hsadminng.service.mapper.ShareMapper; @@ -112,7 +113,7 @@ public class ShareDTOIntTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; + private SecurityContextMock securityContext; @Before public void init() { @@ -120,7 +121,7 @@ public class ShareDTOIntTest { given(membershipRepository.findById(SOME_MEMBERSHIP_ID)).willReturn(Optional.of(SOME_MEMBERSHIP)); given(shareRepository.findById(SOME_SHARE_ID)).willReturn((Optional.of(SOME_SHARE))); - securityContext = new MockSecurityContext(userRoleAssignmentService); + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService); } @Test @@ -142,7 +143,7 @@ public class ShareDTOIntTest { public void shouldSerializeCompletelyForSupporter() throws JsonProcessingException { // given - securityContext.havingAuthenticatedUser().withRole(Role.SUPPORTER); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.SUPPORTER); final ShareDTO given = createSomeShareDTO(SOME_SHARE_ID); // when @@ -169,13 +170,13 @@ public class ShareDTOIntTest { BadRequestAlertException.class, bre -> assertThat(bre.getMessage()) .isEqualTo( - "Update of field ShareDTO.remark prohibited for current user roles CONTRACTUAL_CONTACT+ANYBODY")); + "Update of field ShareDTO.remark prohibited for current user role(s): CONTRACTUAL_CONTACT")); } @Test public void shouldDeserializeForAdminIfRemarkIsChanged() throws IOException { // given - securityContext.havingAuthenticatedUser().withRole(Role.ADMIN); + securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN); final String json = new JSonBuilder() .withFieldValue("id", SOME_SHARE_ID) .withFieldValue("remark", "Updated Remark") diff --git a/src/test/java/org/hostsharing/hsadminng/web/rest/AssetResourceIntTest.java b/src/test/java/org/hostsharing/hsadminng/web/rest/AssetResourceIntTest.java index d82927a4..de0cf46b 100644 --- a/src/test/java/org/hostsharing/hsadminng/web/rest/AssetResourceIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/web/rest/AssetResourceIntTest.java @@ -12,11 +12,11 @@ import org.hostsharing.hsadminng.domain.Asset; import org.hostsharing.hsadminng.domain.Membership; import org.hostsharing.hsadminng.domain.enumeration.AssetAction; import org.hostsharing.hsadminng.repository.AssetRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.AssetQueryService; import org.hostsharing.hsadminng.service.AssetService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; -import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.dto.AssetDTO; import org.hostsharing.hsadminng.service.mapper.AssetMapper; import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator; @@ -99,15 +99,15 @@ public class AssetResourceIntTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; - private MockMvc restAssetMockMvc; private Asset asset; @Before public void setup() { - securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN); + SecurityContextMock.usingMock(userRoleAssignmentService) + .havingAuthenticatedUser() + .withAuthority(AuthoritiesConstants.ADMIN); MockitoAnnotations.initMocks(this); final AssetResource assetResource = new AssetResource(assetService, assetQueryService); diff --git a/src/test/java/org/hostsharing/hsadminng/web/rest/CustomerResourceIntTest.java b/src/test/java/org/hostsharing/hsadminng/web/rest/CustomerResourceIntTest.java index 4c1ec4e6..0b3f1356 100644 --- a/src/test/java/org/hostsharing/hsadminng/web/rest/CustomerResourceIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/web/rest/CustomerResourceIntTest.java @@ -14,11 +14,11 @@ import org.hostsharing.hsadminng.domain.SepaMandate; import org.hostsharing.hsadminng.domain.enumeration.CustomerKind; import org.hostsharing.hsadminng.domain.enumeration.VatRegion; import org.hostsharing.hsadminng.repository.CustomerRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.CustomerQueryService; import org.hostsharing.hsadminng.service.CustomerService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; -import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.dto.CustomerDTO; import org.hostsharing.hsadminng.service.mapper.CustomerMapper; import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator; @@ -144,8 +144,6 @@ public class CustomerResourceIntTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; - private MockMvc restCustomerMockMvc; private Customer customer; @@ -153,7 +151,9 @@ public class CustomerResourceIntTest { @Before public void setup() { MockitoAnnotations.initMocks(this); - securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN); + SecurityContextMock.usingMock(userRoleAssignmentService) + .havingAuthenticatedUser() + .withAuthority(AuthoritiesConstants.ADMIN); final CustomerResource customerResource = new CustomerResource(customerService, customerQueryService); this.restCustomerMockMvc = MockMvcBuilders.standaloneSetup(customerResource) diff --git a/src/test/java/org/hostsharing/hsadminng/web/rest/MembershipResourceIntTest.java b/src/test/java/org/hostsharing/hsadminng/web/rest/MembershipResourceIntTest.java index ead3d339..dd03fe7b 100644 --- a/src/test/java/org/hostsharing/hsadminng/web/rest/MembershipResourceIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/web/rest/MembershipResourceIntTest.java @@ -13,11 +13,11 @@ import org.hostsharing.hsadminng.domain.Customer; import org.hostsharing.hsadminng.domain.Membership; import org.hostsharing.hsadminng.domain.Share; import org.hostsharing.hsadminng.repository.MembershipRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.MembershipQueryService; import org.hostsharing.hsadminng.service.MembershipService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; -import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.dto.MembershipDTO; import org.hostsharing.hsadminng.service.mapper.MembershipMapper; import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator; @@ -105,7 +105,7 @@ public class MembershipResourceIntTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; + private SecurityContextMock securityContext; private MockMvc restMembershipMockMvc; @@ -113,7 +113,9 @@ public class MembershipResourceIntTest { @Before public void setup() { - securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN); + securityContext = SecurityContextMock.usingMock(userRoleAssignmentService) + .havingAuthenticatedUser() + .withAuthority(AuthoritiesConstants.ADMIN); MockitoAnnotations.initMocks(this); final MembershipResource membershipResource = new MembershipResource(membershipService, membershipQueryService); diff --git a/src/test/java/org/hostsharing/hsadminng/web/rest/SepaMandateResourceIntTest.java b/src/test/java/org/hostsharing/hsadminng/web/rest/SepaMandateResourceIntTest.java index 3c5b464a..565b058d 100644 --- a/src/test/java/org/hostsharing/hsadminng/web/rest/SepaMandateResourceIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/web/rest/SepaMandateResourceIntTest.java @@ -11,12 +11,11 @@ import org.hostsharing.hsadminng.HsadminNgApp; import org.hostsharing.hsadminng.domain.Customer; import org.hostsharing.hsadminng.domain.SepaMandate; import org.hostsharing.hsadminng.repository.SepaMandateRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.SepaMandateQueryService; import org.hostsharing.hsadminng.service.SepaMandateService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; -import org.hostsharing.hsadminng.service.accessfilter.Role; -import org.hostsharing.hsadminng.service.dto.CustomerDTO; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.dto.SepaMandateDTO; import org.hostsharing.hsadminng.service.mapper.SepaMandateMapper; import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator; @@ -109,15 +108,15 @@ public class SepaMandateResourceIntTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; - private MockMvc restSepaMandateMockMvc; private SepaMandate sepaMandate; @Before public void setup() { - securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN); + SecurityContextMock.usingMock(userRoleAssignmentService) + .havingAuthenticatedUser() + .withAuthority(AuthoritiesConstants.ADMIN); MockitoAnnotations.initMocks(this); final SepaMandateResource sepaMandateResource = new SepaMandateResource(sepaMandateService, sepaMandateQueryService); @@ -132,7 +131,7 @@ public class SepaMandateResourceIntTest { /** * Create an entity for this test. - * + *

* This is a static method, as tests for other entities might also need it, * if they test an entity which requires the current entity. */ @@ -157,7 +156,7 @@ public class SepaMandateResourceIntTest { /** * Create an entity for tests with a specific customer. - * + *

* This is a static method, as tests for other entities might also need it, * if they test an entity which requires the current entity. */ @@ -193,8 +192,6 @@ public class SepaMandateResourceIntTest { sepaMandateDTO.setRemark(null); sepaMandateDTO.setRevokationDocumentDate(null); sepaMandateDTO.setLastUsedDate(null); - securityContext.havingAuthenticatedUser() - .withRole(CustomerDTO.class, sepaMandateDTO.getCustomerId(), Role.FINANCIAL_CONTACT); restSepaMandateMockMvc.perform( post("/api/sepa-mandates") diff --git a/src/test/java/org/hostsharing/hsadminng/web/rest/ShareResourceIntTest.java b/src/test/java/org/hostsharing/hsadminng/web/rest/ShareResourceIntTest.java index b70dc6ec..d37fd45f 100644 --- a/src/test/java/org/hostsharing/hsadminng/web/rest/ShareResourceIntTest.java +++ b/src/test/java/org/hostsharing/hsadminng/web/rest/ShareResourceIntTest.java @@ -12,11 +12,11 @@ import org.hostsharing.hsadminng.domain.Membership; import org.hostsharing.hsadminng.domain.Share; import org.hostsharing.hsadminng.domain.enumeration.ShareAction; import org.hostsharing.hsadminng.repository.ShareRepository; +import org.hostsharing.hsadminng.security.AuthoritiesConstants; import org.hostsharing.hsadminng.service.ShareQueryService; import org.hostsharing.hsadminng.service.ShareService; import org.hostsharing.hsadminng.service.UserRoleAssignmentService; -import org.hostsharing.hsadminng.service.accessfilter.MockSecurityContext; -import org.hostsharing.hsadminng.service.accessfilter.Role; +import org.hostsharing.hsadminng.service.accessfilter.SecurityContextMock; import org.hostsharing.hsadminng.service.dto.ShareDTO; import org.hostsharing.hsadminng.service.mapper.ShareMapper; import org.hostsharing.hsadminng.web.rest.errors.ExceptionTranslator; @@ -97,15 +97,15 @@ public class ShareResourceIntTest { @MockBean private UserRoleAssignmentService userRoleAssignmentService; - private MockSecurityContext securityContext; - private MockMvc restShareMockMvc; private Share share; @Before public void setup() { - securityContext = new MockSecurityContext(userRoleAssignmentService).havingAuthenticatedUser().withRole(Role.ADMIN); + SecurityContextMock.usingMock(userRoleAssignmentService) + .havingAuthenticatedUser() + .withAuthority(AuthoritiesConstants.ADMIN); MockitoAnnotations.initMocks(this); final ShareResource shareResource = new ShareResource(shareService, shareQueryService);