Add @PreAuthorize enabled check for applications (#1503)

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2023-12-07 22:23:40 +02:00
committed by GitHub
parent c0f8a8c848
commit aa1bad91e1
8 changed files with 173 additions and 12 deletions

View File

@@ -13,15 +13,41 @@ import io.qameta.allure.Description;
import io.qameta.allure.Feature;
import io.qameta.allure.Story;
import org.eclipse.hawkbit.mgmt.rest.api.MgmtRestConstants;
import org.eclipse.hawkbit.repository.jpa.RepositoryApplicationConfiguration;
import org.eclipse.hawkbit.repository.test.TestConfiguration;
import org.eclipse.hawkbit.repository.test.matcher.EventVerifier;
import org.eclipse.hawkbit.repository.test.util.CleanupTestExecutionListener;
import org.eclipse.hawkbit.repository.test.util.JUnitTestLoggerExtension;
import org.eclipse.hawkbit.repository.test.util.SharedSqlTestDatabaseExtension;
import org.eclipse.hawkbit.repository.test.util.WithSpringAuthorityRule;
import org.eclipse.hawkbit.repository.test.util.WithUser;
import org.eclipse.hawkbit.rest.RestConfiguration;
import org.eclipse.hawkbit.rest.filter.ExcludePathAwareShallowETagFilter;
import org.eclipse.hawkbit.rest.util.FilterHttpResponse;
import org.eclipse.hawkbit.rest.util.MockMvcResultPrinter;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.stream.test.binder.TestSupportBinderAutoConfiguration;
import org.springframework.hateoas.MediaTypes;
import org.springframework.http.HttpHeaders;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.TestExecutionListeners;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.web.WebAppConfiguration;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.DefaultMockMvcBuilder;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.util.Base64Utils;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.filter.CharacterEncodingFilter;
import static org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions.CONTROLLER_ROLE;
import static org.eclipse.hawkbit.im.authentication.SpPermission.SpringEvalExpressions.SYSTEM_ROLE;
import static org.hamcrest.CoreMatchers.equalTo;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
@@ -30,24 +56,49 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
/**
* Test for {@link MgmtBasicAuthResource}.
*
*/
@ActiveProfiles({ "test" })
@ExtendWith({ JUnitTestLoggerExtension.class, SharedSqlTestDatabaseExtension.class })
@SpringBootTest
// destroy the context after each test class because otherwise we get problem
// when context is
// refreshed we e.g. get two instances of CacheManager which leads to very
// strange test failures.
@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
// Cleaning repository will fire "delete" events. We won't count them to the
// test execution. So, the order execution between EventVerifier and Cleanup is
// important!
@TestExecutionListeners(listeners = { EventVerifier.class, CleanupTestExecutionListener.class },
mergeMode = TestExecutionListeners.MergeMode.MERGE_WITH_DEFAULTS)
@TestPropertySource(properties = "spring.main.allow-bean-definition-overriding=true")
@WebAppConfiguration
@AutoConfigureMockMvc
@ContextConfiguration(classes = { MgmtApiConfiguration.class, RestConfiguration.class,
RepositoryApplicationConfiguration.class, TestConfiguration.class,
TestSupportBinderAutoConfiguration.class })
//@TestPropertySource(locations = "classpath:/mgmt-test.properties")
@Feature("Component Tests - Management API")
@Story("Basic auth Userinfo Resource")
public class MgmtBasicAuthResourceTest extends AbstractManagementApiIntegrationTest{
public class MgmtBasicAuthResourceTest {
private static final String TEST_USER = "testUser";
private static final String DEFAULT = "default";
// Need another mockMvc to bypass the default Basic auth security
@Autowired
MockMvc mockMvcWithSecurity;
MockMvc defaultMock;
@Autowired
private FilterHttpResponse filterHttpResponse;
@Autowired
private CharacterEncodingFilter characterEncodingFilter;
@Autowired
protected WebApplicationContext webApplicationContext;
@Test
@Description("Test of userinfo api with basic auth validation")
@WithUser(principal = TEST_USER)
public void validateBasicAuthWithUserDetails() throws Exception {
mvc.perform(get(MgmtRestConstants.AUTH_V1_REQUEST_MAPPING)).andDo(MockMvcResultPrinter.print())
withSecurityMock().perform(get(MgmtRestConstants.AUTH_V1_REQUEST_MAPPING)).andDo(MockMvcResultPrinter.print())
.andDo(MockMvcResultPrinter.print())
.andExpect(status().isOk())
.andExpect(content().contentType(MediaTypes.HAL_JSON_VALUE))
@@ -58,7 +109,7 @@ public class MgmtBasicAuthResourceTest extends AbstractManagementApiIntegrationT
@Test
@Description("Test of userinfo api with invalid basic auth fails")
public void validateBasicAuthFailsWithInvalidCredentials() throws Exception {
mockMvcWithSecurity.perform(get(MgmtRestConstants.AUTH_V1_REQUEST_MAPPING)
defaultMock.perform(get(MgmtRestConstants.AUTH_V1_REQUEST_MAPPING)
.header(HttpHeaders.AUTHORIZATION, getBasicAuth("wrongUser", "wrongSecret")))
.andDo(MockMvcResultPrinter.print())
.andExpect(status().isUnauthorized());
@@ -67,4 +118,14 @@ public class MgmtBasicAuthResourceTest extends AbstractManagementApiIntegrationT
private String getBasicAuth(final String username, final String password) {
return "Basic " + Base64Utils.encodeToString((username + ":" + password).getBytes());
}
private MockMvc withSecurityMock() throws Exception {
return createMvcWebAppContext(webApplicationContext).build();
}
private DefaultMockMvcBuilder createMvcWebAppContext(final WebApplicationContext context) {
final DefaultMockMvcBuilder createMvcWebAppContext = MockMvcBuilders.webAppContextSetup(context);
return createMvcWebAppContext;
}
}