Add DDI Server PreAuthorize enabled test (#1506)
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
@@ -21,7 +21,6 @@ import org.eclipse.hawkbit.repository.test.util.JUnitTestLoggerExtension;
|
|||||||
import org.eclipse.hawkbit.repository.test.util.SharedSqlTestDatabaseExtension;
|
import org.eclipse.hawkbit.repository.test.util.SharedSqlTestDatabaseExtension;
|
||||||
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||||
import org.eclipse.hawkbit.rest.RestConfiguration;
|
import org.eclipse.hawkbit.rest.RestConfiguration;
|
||||||
import org.eclipse.hawkbit.rest.util.FilterHttpResponse;
|
|
||||||
import org.eclipse.hawkbit.rest.util.MockMvcResultPrinter;
|
import org.eclipse.hawkbit.rest.util.MockMvcResultPrinter;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
import org.junit.jupiter.api.extension.ExtendWith;
|
import org.junit.jupiter.api.extension.ExtendWith;
|
||||||
@@ -42,7 +41,6 @@ import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder;
|
|||||||
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
|
||||||
import org.springframework.util.Base64Utils;
|
import org.springframework.util.Base64Utils;
|
||||||
import org.springframework.web.context.WebApplicationContext;
|
import org.springframework.web.context.WebApplicationContext;
|
||||||
import org.springframework.web.filter.CharacterEncodingFilter;
|
|
||||||
|
|
||||||
import static org.hamcrest.CoreMatchers.equalTo;
|
import static org.hamcrest.CoreMatchers.equalTo;
|
||||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||||
@@ -72,7 +70,6 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
|||||||
@ContextConfiguration(classes = { MgmtApiConfiguration.class, RestConfiguration.class,
|
@ContextConfiguration(classes = { MgmtApiConfiguration.class, RestConfiguration.class,
|
||||||
RepositoryApplicationConfiguration.class, TestConfiguration.class,
|
RepositoryApplicationConfiguration.class, TestConfiguration.class,
|
||||||
TestSupportBinderAutoConfiguration.class })
|
TestSupportBinderAutoConfiguration.class })
|
||||||
//@TestPropertySource(locations = "classpath:/mgmt-test.properties")
|
|
||||||
@Feature("Component Tests - Management API")
|
@Feature("Component Tests - Management API")
|
||||||
@Story("Basic auth Userinfo Resource")
|
@Story("Basic auth Userinfo Resource")
|
||||||
public class MgmtBasicAuthResourceTest {
|
public class MgmtBasicAuthResourceTest {
|
||||||
@@ -83,10 +80,6 @@ public class MgmtBasicAuthResourceTest {
|
|||||||
@Autowired
|
@Autowired
|
||||||
MockMvc defaultMock;
|
MockMvc defaultMock;
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private FilterHttpResponse filterHttpResponse;
|
|
||||||
@Autowired
|
|
||||||
private CharacterEncodingFilter characterEncodingFilter;
|
|
||||||
@Autowired
|
@Autowired
|
||||||
protected WebApplicationContext webApplicationContext;
|
protected WebApplicationContext webApplicationContext;
|
||||||
|
|
||||||
@@ -120,8 +113,6 @@ public class MgmtBasicAuthResourceTest {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private DefaultMockMvcBuilder createMvcWebAppContext(final WebApplicationContext context) {
|
private DefaultMockMvcBuilder createMvcWebAppContext(final WebApplicationContext context) {
|
||||||
final DefaultMockMvcBuilder createMvcWebAppContext = MockMvcBuilders.webAppContextSetup(context);
|
return MockMvcBuilders.webAppContextSetup(context);
|
||||||
|
|
||||||
return createMvcWebAppContext;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -29,7 +29,7 @@ public class HttpResponseFactoryBean implements FactoryBean<HttpServletResponse>
|
|||||||
private ApplicationContext applicationContext;
|
private ApplicationContext applicationContext;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public HttpServletResponse getObject() throws Exception {
|
public HttpServletResponse getObject() {
|
||||||
return applicationContext.getBean(FilterHttpResponse.class).getHttpServletReponse();
|
return applicationContext.getBean(FilterHttpResponse.class).getHttpServletReponse();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -10,6 +10,7 @@
|
|||||||
package org.eclipse.hawkbit.app.ddi;
|
package org.eclipse.hawkbit.app.ddi;
|
||||||
|
|
||||||
import org.eclipse.hawkbit.repository.test.util.SharedSqlTestDatabaseExtension;
|
import org.eclipse.hawkbit.repository.test.util.SharedSqlTestDatabaseExtension;
|
||||||
|
import org.eclipse.hawkbit.rest.util.FilterHttpResponse;
|
||||||
import org.junit.jupiter.api.BeforeEach;
|
import org.junit.jupiter.api.BeforeEach;
|
||||||
import org.junit.jupiter.api.extension.ExtendWith;
|
import org.junit.jupiter.api.extension.ExtendWith;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
@@ -26,6 +27,8 @@ public abstract class AbstractSecurityTest {
|
|||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private WebApplicationContext context;
|
private WebApplicationContext context;
|
||||||
|
@Autowired
|
||||||
|
private FilterHttpResponse filterHttpResponse;
|
||||||
|
|
||||||
protected MockMvc mvc;
|
protected MockMvc mvc;
|
||||||
|
|
||||||
@@ -33,6 +36,7 @@ public abstract class AbstractSecurityTest {
|
|||||||
public void setup() {
|
public void setup() {
|
||||||
final DefaultMockMvcBuilder builder = MockMvcBuilders.webAppContextSetup(context)
|
final DefaultMockMvcBuilder builder = MockMvcBuilders.webAppContextSetup(context)
|
||||||
.apply(SecurityMockMvcConfigurers.springSecurity()).dispatchOptions(true);
|
.apply(SecurityMockMvcConfigurers.springSecurity()).dispatchOptions(true);
|
||||||
|
builder.addFilter(filterHttpResponse);
|
||||||
mvc = builder.build();
|
mvc = builder.build();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,45 @@
|
|||||||
|
/**
|
||||||
|
* Copyright (c) 2023 Bosch.IO GmbH and others
|
||||||
|
*
|
||||||
|
* This program and the accompanying materials are made
|
||||||
|
* available under the terms of the Eclipse Public License 2.0
|
||||||
|
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||||
|
*
|
||||||
|
* SPDX-License-Identifier: EPL-2.0
|
||||||
|
*/
|
||||||
|
package org.eclipse.hawkbit.app.ddi;
|
||||||
|
|
||||||
|
import io.qameta.allure.Description;
|
||||||
|
import io.qameta.allure.Feature;
|
||||||
|
import io.qameta.allure.Story;
|
||||||
|
import org.eclipse.hawkbit.im.authentication.SpPermission;
|
||||||
|
import org.eclipse.hawkbit.repository.test.util.WithUser;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.test.context.TestPropertySource;
|
||||||
|
|
||||||
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
|
||||||
|
|
||||||
|
@Feature("Integration Test - Security")
|
||||||
|
@Story("PreAuthorized enabled")
|
||||||
|
@TestPropertySource(properties = {"spring.flyway.enabled=true"})
|
||||||
|
public class PreAuthorizeEnabledTest extends AbstractSecurityTest {
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Description("Tests whether request fail if a role is forbidden for the user")
|
||||||
|
@WithUser(authorities = { SpPermission.READ_TARGET } )
|
||||||
|
public void failIfNoRole() throws Exception {
|
||||||
|
mvc.perform(get("/DEFAULT/controller/v1/controllerId")).andExpect(result ->
|
||||||
|
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.FORBIDDEN.value()));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
@Description("Tests whether request succeed if a role is granted for the user")
|
||||||
|
@WithUser(authorities = { SpPermission.SpringEvalExpressions.CONTROLLER_ROLE })
|
||||||
|
public void successIfHasRole() throws Exception {
|
||||||
|
mvc.perform(get("/DEFAULT/controller/v1/controllerId")).andExpect(result -> {
|
||||||
|
assertThat(result.getResponse().getStatus()).isEqualTo(HttpStatus.OK.value());
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user