fix unit test

Signed-off-by: Michael Hirsch <michael.hirsch@bosch-si.com>
This commit is contained in:
Michael Hirsch
2016-08-03 09:49:57 +02:00
parent fca7ecbce4
commit cd39f32c21

View File

@@ -14,6 +14,7 @@ import java.io.File;
import java.io.IOException;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
import java.util.ArrayList;
@@ -51,6 +52,10 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
for (final Class<?> interfaceToCheck : findInterfacesInPackage) {
assertDeclaredMethodsContainsPreAuthorizeAnnotaions(interfaceToCheck);
}
// all exclusion should be used, otherwise the method exlusion should be
// cleaned up again
assertThat(METHOD_SECURITY_EXCLUSION).isEmpty();
}
/**
@@ -65,14 +70,17 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
private static void assertDeclaredMethodsContainsPreAuthorizeAnnotaions(final Class<?> clazz) {
final Method[] declaredMethods = clazz.getDeclaredMethods();
for (final Method method : declaredMethods) {
if (!METHOD_SECURITY_EXCLUSION.contains(method) && !method.isSynthetic()
&& Modifier.isPublic(method.getModifiers())) {
final boolean methodExcluded = METHOD_SECURITY_EXCLUSION.contains(method);
if (methodExcluded || method.isSynthetic() || Modifier.isPublic(method.getModifiers())) {
// skip method because it should be excluded
METHOD_SECURITY_EXCLUSION.remove(method);
continue;
}
final PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
assertThat(annotation).as("The public method " + method.getName() + " in class " + clazz.getName()
+ " is not annoated with @PreAuthorize, security leak?").isNotNull();
}
}
}
/**
* Finds all interfaces in a given packages which matches the given filter.
@@ -93,7 +101,9 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
final Enumeration<URL> resources = classLoader.getResources(p.getName().replace(".", "/"));
while (resources.hasMoreElements()) {
final File packageDirectory = new File(resources.nextElement().getFile());
final String uriPath = new URI(resources.nextElement().toString()).getPath();
if (uriPath != null) {
final File packageDirectory = new File(uriPath);
final File[] filesInPackage = packageDirectory.listFiles();
for (final File classFile : filesInPackage) {
final String classNameWithExtension = classFile.getName();
@@ -101,7 +111,8 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
if (indexOfExtension > 0) {
final String classNameWithoutExtension = classNameWithExtension.substring(0, indexOfExtension);
if (includeFilter.matcher(classNameWithoutExtension).matches()) {
final Class<?> classInPackage = Class.forName(p.getName() + "." + classNameWithoutExtension);
final Class<?> classInPackage = Class
.forName(p.getName() + "." + classNameWithoutExtension);
if (classInPackage.isInterface()) {
interfacesToReturn.add(classInPackage);
}
@@ -109,6 +120,7 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
}
}
}
}
return interfacesToReturn;
}