Add Testing

Issue gh-12540
This commit is contained in:
Josh Cummings 2023-03-23 09:03:07 -06:00
parent 9ec9e77c6b
commit aea13b656e
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
1 changed files with 94 additions and 0 deletions

View File

@ -0,0 +1,94 @@
/*
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.messaging.access.intercept;
import java.util.Map;
import java.util.function.Supplier;
import org.junit.jupiter.api.Test;
import org.springframework.messaging.Message;
import org.springframework.messaging.MessageHeaders;
import org.springframework.messaging.simp.SimpMessageHeaderAccessor;
import org.springframework.messaging.simp.SimpMessageType;
import org.springframework.messaging.support.GenericMessage;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.core.Authentication;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
/**
* Tests for {@link MessageMatcherDelegatingAuthorizationManager}
*/
public final class MessageMatcherDelegatingAuthorizationManagerTests {
@Test
void checkWhenPermitAllThenPermits() {
AuthorizationManager<Message<?>> authorizationManager = builder().anyMessage().permitAll().build();
Message<?> message = new GenericMessage<>(new Object());
assertThat(authorizationManager.check(mock(Supplier.class), message).isGranted()).isTrue();
}
@Test
void checkWhenAnyMessageHasRoleThenRequires() {
AuthorizationManager<Message<?>> authorizationManager = builder().anyMessage().hasRole("USER").build();
Message<?> message = new GenericMessage<>(new Object());
Authentication user = new TestingAuthenticationToken("user", "password", "ROLE_USER");
assertThat(authorizationManager.check(() -> user, message).isGranted()).isTrue();
Authentication admin = new TestingAuthenticationToken("user", "password", "ROLE_ADMIN");
assertThat(authorizationManager.check(() -> admin, message).isGranted()).isFalse();
}
@Test
void checkWhenSimpDestinationMatchesThenUses() {
AuthorizationManager<Message<?>> authorizationManager = builder().simpDestMatchers("destination").permitAll()
.anyMessage().denyAll().build();
MessageHeaders headers = new MessageHeaders(
Map.of(SimpMessageHeaderAccessor.DESTINATION_HEADER, "destination"));
Message<?> message = new GenericMessage<>(new Object(), headers);
assertThat(authorizationManager.check(mock(Supplier.class), message).isGranted()).isTrue();
}
@Test
void checkWhenNullDestinationHeaderMatchesThenUses() {
AuthorizationManager<Message<?>> authorizationManager = builder().nullDestMatcher().permitAll().anyMessage()
.denyAll().build();
Message<?> message = new GenericMessage<>(new Object());
assertThat(authorizationManager.check(mock(Supplier.class), message).isGranted()).isTrue();
MessageHeaders headers = new MessageHeaders(
Map.of(SimpMessageHeaderAccessor.DESTINATION_HEADER, "destination"));
message = new GenericMessage<>(new Object(), headers);
assertThat(authorizationManager.check(mock(Supplier.class), message).isGranted()).isFalse();
}
@Test
void checkWhenSimpTypeMatchesThenUses() {
AuthorizationManager<Message<?>> authorizationManager = builder().simpTypeMatchers(SimpMessageType.CONNECT)
.permitAll().anyMessage().denyAll().build();
MessageHeaders headers = new MessageHeaders(
Map.of(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.CONNECT));
Message<?> message = new GenericMessage<>(new Object(), headers);
assertThat(authorizationManager.check(mock(Supplier.class), message).isGranted()).isTrue();
}
private MessageMatcherDelegatingAuthorizationManager.Builder builder() {
return MessageMatcherDelegatingAuthorizationManager.builder();
}
}