BAEL-649 changing test content and some security changes to make all the tests work.

This commit is contained in:
tschiman 2017-02-02 21:18:06 -07:00
parent 2ca092923c
commit fb950e2dfa
2 changed files with 9 additions and 9 deletions

View File

@ -14,12 +14,12 @@ public class GatewayApplicationLiveTest {
TestRestTemplate testRestTemplate = new TestRestTemplate(); TestRestTemplate testRestTemplate = new TestRestTemplate();
String testUrl = "http://localhost:8080"; String testUrl = "http://localhost:8080";
ResponseEntity<String> response = testRestTemplate.getForEntity(testUrl + "/resource/hello/cloud", String.class); ResponseEntity<String> response = testRestTemplate.getForEntity(testUrl + "/book-service/books", String.class);
Assert.assertEquals(HttpStatus.OK, response.getStatusCode()); Assert.assertEquals(HttpStatus.OK, response.getStatusCode());
Assert.assertEquals("hello cloud", response.getBody()); Assert.assertNotNull(response.getBody());
//try the protected resource and confirm the redirect to login //try the protected resource and confirm the redirect to login
response = testRestTemplate.getForEntity(testUrl + "/resource/hello/user", String.class); response = testRestTemplate.getForEntity(testUrl + "/book-service/books/1", String.class);
Assert.assertEquals(HttpStatus.FOUND, response.getStatusCode()); Assert.assertEquals(HttpStatus.FOUND, response.getStatusCode());
Assert.assertEquals("http://localhost:8080/login", response.getHeaders().get("Location").get(0)); Assert.assertEquals("http://localhost:8080/login", response.getHeaders().get("Location").get(0));
@ -36,12 +36,12 @@ public class GatewayApplicationLiveTest {
HttpEntity<String> httpEntity = new HttpEntity<>(headers); HttpEntity<String> httpEntity = new HttpEntity<>(headers);
//request the protected resource //request the protected resource
response = testRestTemplate.exchange(testUrl + "/resource/hello/user", HttpMethod.GET, httpEntity, String.class); response = testRestTemplate.exchange(testUrl + "/book-service/books/1", HttpMethod.GET, httpEntity, String.class);
Assert.assertEquals(HttpStatus.OK, response.getStatusCode()); Assert.assertEquals(HttpStatus.OK, response.getStatusCode());
Assert.assertEquals("hello cloud user", response.getBody()); Assert.assertNotNull(response.getBody());
//request the admin protected resource to determine it is still protected //request the admin protected resource to determine it is still protected
response = testRestTemplate.exchange(testUrl + "/resource/hello/admin", HttpMethod.GET, httpEntity, String.class); response = testRestTemplate.exchange(testUrl + "/rating-service/ratings/all", HttpMethod.GET, httpEntity, String.class);
Assert.assertEquals(HttpStatus.FORBIDDEN, response.getStatusCode()); Assert.assertEquals(HttpStatus.FORBIDDEN, response.getStatusCode());
//login as the admin //login as the admin
@ -57,9 +57,9 @@ public class GatewayApplicationLiveTest {
httpEntity = new HttpEntity<>(headers); httpEntity = new HttpEntity<>(headers);
//request the protected resource //request the protected resource
response = testRestTemplate.exchange(testUrl + "/resource/hello/admin", HttpMethod.GET, httpEntity, String.class); response = testRestTemplate.exchange(testUrl + "/rating-service/ratings/all", HttpMethod.GET, httpEntity, String.class);
Assert.assertEquals(HttpStatus.OK, response.getStatusCode()); Assert.assertEquals(HttpStatus.OK, response.getStatusCode());
Assert.assertEquals("hello cloud admin", response.getBody()); Assert.assertNotNull(response.getBody());
//request the discovery resources as the admin //request the discovery resources as the admin
response = testRestTemplate.exchange(testUrl + "/discovery", HttpMethod.GET, httpEntity, String.class); response = testRestTemplate.exchange(testUrl + "/discovery", HttpMethod.GET, httpEntity, String.class);

View File

@ -23,7 +23,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.disable() .disable()
.authorizeRequests() .authorizeRequests()
.antMatchers("/ratings").hasRole("USER") .antMatchers("/ratings").hasRole("USER")
.antMatchers("/ratings/all").hasAnyRole("USER", "ADMIN") .antMatchers("/ratings/all").hasRole("ADMIN")
.anyRequest().authenticated() .anyRequest().authenticated()
.and() .and()
.csrf() .csrf()