Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-07 03:02:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-2355: Add test to validate intercept-url PATCH works

Browse Source
This commit is contained in:
Rob Winch 2013-11-15 11:57:47 -06:00
parent 85cd5627b6
commit 6382b6341a
1 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
config/src/test/groovy/org/springframework/security/config/http/InterceptUrlConfigTests.groovy
View File

@ -17,7 +17,10 @@ package org.springframework.security.config.http;
import java.security.Principal import java.security.Principal
import javax.servlet.Filter import javax.servlet.Filter
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.BeansException import org.springframework.beans.BeansException
import org.springframework.beans.factory.BeanCreationException import org.springframework.beans.factory.BeanCreationException
import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer import org.springframework.beans.factory.config.PropertyPlaceholderConfigurer
@ -98,4 +101,27 @@ class InterceptUrlConfigTests extends AbstractHttpConfigTests {
attrsPost.size() == 1 attrsPost.size() == 1
attrsPost.contains(new SecurityConfig("ROLE_USER")) attrsPost.contains(new SecurityConfig("ROLE_USER"))
} }
def "SEC-2355: intercept-url support patch"() {
setup:
MockHttpServletRequest request = new MockHttpServletRequest(method:'GET')
MockHttpServletResponse response = new MockHttpServletResponse()
MockFilterChain chain = new MockFilterChain()
xml.http() {
'http-basic'()
'intercept-url'(pattern: '/**', 'method':'PATCH',access: 'ROLE_ADMIN')
}
createAppContext()
when: 'Method other than PATCH is used'
springSecurityFilterChain.doFilter(request,response,chain)
then: 'The response is OK'
response.status == HttpServletResponse.SC_OK
when: 'Method of PATCH is used'
request = new MockHttpServletRequest(method:'PATCH')
response = new MockHttpServletResponse()
chain = new MockFilterChain()
springSecurityFilterChain.doFilter(request, response, chain)
then: 'The response is unauthorized'
response.status == HttpServletResponse.SC_UNAUTHORIZED
}
} }