Skip to content

Commit

Permalink
Update Tests and Formatting
Browse files Browse the repository at this point in the history
  • Loading branch information
jzheaux committed Apr 18, 2024
1 parent c73ce75 commit ff55102
Show file tree
Hide file tree
Showing 5 changed files with 28 additions and 26 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,10 @@

@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@PreAuthorize(value = "hasAuthority('{value}:read')")
@PreAuthorize("hasAuthority('{value}:read')")
@HandleAuthorizationDenied(handlerClass = Null.class)
public @interface AuthorizeRead {

String value();

}
Original file line number Diff line number Diff line change
Expand Up @@ -49,17 +49,16 @@ static PrePostTemplateDefaults templateDefaults() {
@Bean
public UserDetailsService userDetailsService() {
return new InMemoryUserDetailsManager(
User.withDefaultPasswordEncoder()
.username("rob")
.password("password")
.authorities("message:read", "user:read")
.build(),
User.withDefaultPasswordEncoder()
.username("luke")
.password("password")
.authorities("message:read")
.build()
);
User.withDefaultPasswordEncoder()
.username("rob")
.password("password")
.authorities("message:read", "user:read")
.build(),
User.withDefaultPasswordEncoder()
.username("luke")
.password("password")
.authorities("message:read")
.build());
}

public static void main(String[] args) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@

@RestController
public class MessageController {

private final MessageRepository messages;

public MessageController(MessageRepository messages) {
Expand Down
2 changes: 2 additions & 0 deletions servlet/spring-boot/java/data/src/main/java/example/Null.java
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,10 @@

@Component
public class Null implements MethodAuthorizationDeniedHandler {

@Override
public Object handleDeniedInvocation(MethodInvocation methodInvocation, AuthorizationResult authorizationResult) {
return null;
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -22,12 +22,9 @@

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.test.context.support.WithMockUser;

import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.assertj.core.api.Assertions.assertThatNoException;

/**
* @author Rob Winch
Expand All @@ -44,43 +41,44 @@ void findAllOnlyToCurrentUserCantReadMessage() {
List<Message> messages = this.repository.findAll();
assertThat(messages).hasSize(3);
for (Message message : messages) {
assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(message::getSummary);
assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(message::getText);
assertThat(message.getSummary()).isNull();
assertThat(message.getText()).isNull();
}
}

@Test
@WithMockUser(username="rob", authorities="message:read")
@WithMockUser(username = "rob", authorities = "message:read")
void findAllOnlyToCurrentUserCanReadMessage() {
List<Message> messages = this.repository.findAll();
assertThat(messages).hasSize(3);
for (Message message : messages) {
assertThatNoException().isThrownBy(message::getSummary);
assertThatNoException().isThrownBy(message::getText);
assertThat(message.getSummary()).isNotNull();
assertThat(message.getText()).isNotNull();
}
}

@Test
@WithMockUser(username="rob", authorities="message:read")
@WithMockUser(username = "rob", authorities = "message:read")
void findAllOnlyToCurrentUserCantReadUserDetails() {
List<Message> messages = this.repository.findAll();
assertThat(messages).hasSize(3);
for (Message message : messages) {
User user = message.getTo();
assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(user::getFirstName);
assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(user::getLastName);
assertThat(user.getFirstName()).isNull();
assertThat(user.getLastName()).isNull();
}
}

@Test
@WithMockUser(username="rob", authorities={ "message:read", "user:read" })
@WithMockUser(username = "rob", authorities = { "message:read", "user:read" })
void findAllOnlyToCurrentUserCanReadUserDetails() {
List<Message> messages = this.repository.findAll();
assertThat(messages).hasSize(3);
for (Message message : messages) {
User user = message.getTo();
assertThatNoException().isThrownBy(user::getFirstName);
assertThatNoException().isThrownBy(user::getLastName);
assertThat(user.getFirstName()).isNotNull();
assertThat(user.getLastName()).isNotNull();
}
}

}

0 comments on commit ff55102

Please sign in to comment.