Merge pull request #3336 from linhvovn/BAEL-1411
[Bael 1411-tlinh2110] Add resources for Method Security
This commit is contained in:
commit
fc8e9ae24a
|
@ -0,0 +1,14 @@
|
|||
package org.baeldung.methodsecurity.annotation;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
|
||||
@Target(ElementType.METHOD)
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@PreAuthorize("hasRole('VIEWER')")
|
||||
public @interface IsViewer {
|
||||
}
|
|
@ -1,11 +1,11 @@
|
|||
package org.baeldung.testmethodsecurity.config;
|
||||
package org.baeldung.methodsecurity.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
|
||||
|
||||
@Configuration
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
|
||||
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
|
||||
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.testmethodsecurity.entity;
|
||||
package org.baeldung.methodsecurity.entity;
|
||||
|
||||
import java.util.Collection;
|
||||
|
|
@ -0,0 +1,57 @@
|
|||
package org.baeldung.methodsecurity.repository;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.baeldung.methodsecurity.entity.CustomUser;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class UserRoleRepository {
|
||||
|
||||
static Map<String, CustomUser> DB_BASED_USER_MAPPING;
|
||||
|
||||
static {
|
||||
DB_BASED_USER_MAPPING = new LinkedHashMap<>();
|
||||
DB_BASED_USER_MAPPING.put("jane", new CustomUser("jane", "1234", getGrantedAuthorities("ROLE_USER", "ROLE_VIEWER"), "jane"));
|
||||
DB_BASED_USER_MAPPING.put("john", new CustomUser("john", "1234", getGrantedAuthorities("ROLE_EDITOR", "ROLE_ADMIN"), "jane"));
|
||||
DB_BASED_USER_MAPPING.put("jack", new CustomUser("jack", "1234", getGrantedAuthorities("ROLE_USER", "ROLE_REVIEWER"), "jane"));
|
||||
}
|
||||
|
||||
private static List<GrantedAuthority> getGrantedAuthorities(String... roles) {
|
||||
ArrayList<GrantedAuthority> authorities = new ArrayList<>();
|
||||
for (String role : roles) {
|
||||
authorities.add(new SimpleGrantedAuthority(role));
|
||||
}
|
||||
return authorities;
|
||||
}
|
||||
|
||||
public CustomUser loadUserByUserName(String username) {
|
||||
if (DB_BASED_USER_MAPPING.containsKey(username)) {
|
||||
return DB_BASED_USER_MAPPING.get(username);
|
||||
}
|
||||
throw new UsernameNotFoundException("User " + username + " cannot be found");
|
||||
}
|
||||
|
||||
public boolean isValidUsername(String username) {
|
||||
return DB_BASED_USER_MAPPING.containsKey(username);
|
||||
}
|
||||
|
||||
public boolean isValidRole(String roleName) {
|
||||
return roleName.startsWith("ROLE_");
|
||||
}
|
||||
|
||||
public List<String> getAllUsernames() {
|
||||
List<String> usernames = new ArrayList<>();
|
||||
usernames.add("jane");
|
||||
usernames.add("john");
|
||||
usernames.add("jack");
|
||||
return usernames;
|
||||
}
|
||||
|
||||
}
|
|
@ -1,6 +1,6 @@
|
|||
package org.baeldung.testmethodsecurity.service;
|
||||
package org.baeldung.methodsecurity.service;
|
||||
|
||||
import org.baeldung.testmethodsecurity.repository.UserRoleRepository;
|
||||
import org.baeldung.methodsecurity.repository.UserRoleRepository;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
@ -0,0 +1,18 @@
|
|||
package org.baeldung.methodsecurity.service;
|
||||
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN')")
|
||||
public class SystemService {
|
||||
|
||||
public String getSystemYear(){
|
||||
return "2017";
|
||||
}
|
||||
|
||||
public String getSystemDate(){
|
||||
return "31-12-2017";
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,108 @@
|
|||
package org.baeldung.methodsecurity.service;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import javax.annotation.security.RolesAllowed;
|
||||
|
||||
import org.baeldung.methodsecurity.annotation.IsViewer;
|
||||
import org.baeldung.methodsecurity.entity.CustomUser;
|
||||
import org.baeldung.methodsecurity.repository.UserRoleRepository;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.annotation.Secured;
|
||||
import org.springframework.security.access.prepost.PostAuthorize;
|
||||
import org.springframework.security.access.prepost.PostFilter;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.access.prepost.PreFilter;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class UserRoleService {
|
||||
|
||||
@Autowired
|
||||
UserRoleRepository userRoleRepository;
|
||||
|
||||
@Secured("ROLE_VIEWER")
|
||||
public String getUsername() {
|
||||
SecurityContext securityContext = SecurityContextHolder.getContext();
|
||||
return securityContext.getAuthentication().getName();
|
||||
}
|
||||
|
||||
@Secured({ "ROLE_VIEWER", "ROLE_EDITOR" })
|
||||
public boolean isValidUsername(String username) {
|
||||
return userRoleRepository.isValidUsername(username);
|
||||
}
|
||||
|
||||
@RolesAllowed("ROLE_VIEWER")
|
||||
public String getUsername2() {
|
||||
SecurityContext securityContext = SecurityContextHolder.getContext();
|
||||
return securityContext.getAuthentication().getName();
|
||||
}
|
||||
|
||||
@RolesAllowed({ "ROLE_VIEWER", "ROLE_EDITOR" })
|
||||
public boolean isValidUsername2(String username) {
|
||||
return userRoleRepository.isValidUsername(username);
|
||||
}
|
||||
|
||||
@PreAuthorize("hasRole('ROLE_VIEWER')")
|
||||
public String getUsernameInUpperCase() {
|
||||
return getUsername().toUpperCase();
|
||||
}
|
||||
|
||||
@PreAuthorize("hasAuthority('SYS_ADMIN')")
|
||||
public String getUsernameLC() {
|
||||
return getUsername().toLowerCase();
|
||||
}
|
||||
|
||||
@PreAuthorize("hasRole('ROLE_VIEWER') or hasRole('ROLE_EDITOR')")
|
||||
public boolean isValidUsername3(String username) {
|
||||
return userRoleRepository.isValidUsername(username);
|
||||
}
|
||||
|
||||
@PreAuthorize("#username == authentication.principal.username")
|
||||
public String getMyRoles(String username) {
|
||||
SecurityContext securityContext = SecurityContextHolder.getContext();
|
||||
return securityContext.getAuthentication().getAuthorities().stream().map(auth -> auth.getAuthority()).collect(Collectors.joining(","));
|
||||
}
|
||||
|
||||
@PostAuthorize("#username == authentication.principal.username")
|
||||
public String getMyRoles2(String username) {
|
||||
SecurityContext securityContext = SecurityContextHolder.getContext();
|
||||
return securityContext.getAuthentication().getAuthorities().stream().map(auth -> auth.getAuthority()).collect(Collectors.joining(","));
|
||||
}
|
||||
|
||||
@PostAuthorize("returnObject.username == authentication.principal.nickName")
|
||||
public CustomUser loadUserDetail(String username) {
|
||||
return userRoleRepository.loadUserByUserName(username);
|
||||
}
|
||||
|
||||
@PreFilter("filterObject != authentication.principal.username")
|
||||
public String joinUsernames(List<String> usernames) {
|
||||
return usernames.stream().collect(Collectors.joining(";"));
|
||||
}
|
||||
|
||||
@PreFilter(value = "filterObject != authentication.principal.username", filterTarget = "usernames")
|
||||
public String joinUsernamesAndRoles(List<String> usernames, List<String> roles) {
|
||||
return usernames.stream().collect(Collectors.joining(";")) + ":" + roles.stream().collect(Collectors.joining(";"));
|
||||
}
|
||||
|
||||
@PostFilter("filterObject != authentication.principal.username")
|
||||
public List<String> getAllUsernamesExceptCurrent() {
|
||||
return userRoleRepository.getAllUsernames();
|
||||
}
|
||||
|
||||
@IsViewer
|
||||
public String getUsername4() {
|
||||
SecurityContext securityContext = SecurityContextHolder.getContext();
|
||||
return securityContext.getAuthentication().getName();
|
||||
}
|
||||
|
||||
@PreAuthorize("#username == authentication.principal.username")
|
||||
@PostAuthorize("returnObject.username == authentication.principal.nickName")
|
||||
public CustomUser securedLoadUserDetail(String username) {
|
||||
return userRoleRepository.loadUserByUserName(username);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,41 +0,0 @@
|
|||
package org.baeldung.testmethodsecurity.repository;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.baeldung.testmethodsecurity.entity.CustomUser;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class UserRoleRepository {
|
||||
|
||||
static Map<String,CustomUser> DB_BASED_USER_MAPPING;
|
||||
|
||||
static{
|
||||
DB_BASED_USER_MAPPING = new LinkedHashMap<>();
|
||||
DB_BASED_USER_MAPPING.put("jane", new CustomUser("jane","1234", getGrantedAuthorities("ROLE_USER","ROLE_VIEWER"),"jane"));
|
||||
DB_BASED_USER_MAPPING.put("john", new CustomUser("john","1234", getGrantedAuthorities("ROLE_EDITOR","ROLE_ADMIN"),"jane"));
|
||||
DB_BASED_USER_MAPPING.put("jack", new CustomUser("jack","1234", getGrantedAuthorities("ROLE_USER","ROLE_REVIEWER"),"jane"));
|
||||
}
|
||||
|
||||
private static List<GrantedAuthority> getGrantedAuthorities(String...roles){
|
||||
ArrayList<GrantedAuthority> authorities = new ArrayList<>();
|
||||
for (String role : roles){
|
||||
authorities.add(new SimpleGrantedAuthority(role));
|
||||
}
|
||||
return authorities;
|
||||
}
|
||||
|
||||
public CustomUser loadUserByUserName(String username){
|
||||
if (DB_BASED_USER_MAPPING.containsKey(username)){
|
||||
return DB_BASED_USER_MAPPING.get(username);
|
||||
}
|
||||
throw new UsernameNotFoundException("User "+username+" cannot be found");
|
||||
}
|
||||
|
||||
}
|
|
@ -1,29 +0,0 @@
|
|||
package org.baeldung.testmethodsecurity.service;
|
||||
|
||||
import org.baeldung.testmethodsecurity.entity.CustomUser;
|
||||
import org.baeldung.testmethodsecurity.repository.UserRoleRepository;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PostAuthorize;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class UserRoleService {
|
||||
|
||||
@Autowired
|
||||
UserRoleRepository userRoleRepository;
|
||||
|
||||
@PreAuthorize("hasRole('ROLE_VIEWER') or hasAuthority('SYS_ADMIN')")
|
||||
public String getUsername(){
|
||||
SecurityContext securityContext = SecurityContextHolder.getContext();
|
||||
return securityContext.getAuthentication().getName();
|
||||
}
|
||||
|
||||
@PostAuthorize("returnObject.username == authentication.principal.nickName")
|
||||
public CustomUser loadUserDetail(String username){
|
||||
return userRoleRepository.loadUserByUserName(username);
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,49 @@
|
|||
package org.baeldung.methodsecurity;
|
||||
|
||||
import static org.junit.Assert.*;
|
||||
|
||||
import org.baeldung.methodsecurity.service.SystemService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.test.context.support.WithMockUser;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration
|
||||
public class TestClassLevelSecurity {
|
||||
|
||||
@Autowired
|
||||
SystemService systemService;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.methodsecurity.*")
|
||||
public static class SpringConfig {
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username="john",roles={"ADMIN"})
|
||||
public void givenRoleAdmin_whenCallGetSystemYear_return2017(){
|
||||
String systemYear = systemService.getSystemYear();
|
||||
assertEquals("2017",systemYear);
|
||||
}
|
||||
|
||||
@Test(expected=AccessDeniedException.class)
|
||||
@WithMockUser(username="john",roles={"VIEWER"})
|
||||
public void givenRoleViewer_whenCallGetSystemYear_returnAccessDenied(){
|
||||
String systemYear = systemService.getSystemYear();
|
||||
assertEquals("2017",systemYear);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username="john",roles={"ADMIN"})
|
||||
public void givenRoleAdmin_whenCallGetSystemDate_returnDate(){
|
||||
String systemYear = systemService.getSystemDate();
|
||||
assertEquals("31-12-2017",systemYear);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,176 @@
|
|||
package org.baeldung.methodsecurity;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.baeldung.methodsecurity.service.UserRoleService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
||||
import org.springframework.security.test.context.support.WithAnonymousUser;
|
||||
import org.springframework.security.test.context.support.WithMockUser;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration
|
||||
public class TestMethodSecurity {
|
||||
|
||||
@Autowired
|
||||
UserRoleService userRoleService;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.methodsecurity.*")
|
||||
public static class SpringConfig {
|
||||
|
||||
}
|
||||
|
||||
@Test(expected = AuthenticationCredentialsNotFoundException.class)
|
||||
public void givenNoSecurity_whenCallGetUsername_thenReturnException() {
|
||||
String userName = userRoleService.getUsername();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john", roles = { "VIEWER" })
|
||||
public void givenRoleViewer_whenCallGetUsername_thenReturnUsername() {
|
||||
String userName = userRoleService.getUsername();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john", roles = { "EDITOR" })
|
||||
public void givenUsernameJohn_whenCallIsValidUsername_thenReturnTrue() {
|
||||
boolean isValid = userRoleService.isValidUsername("john");
|
||||
assertEquals(true, isValid);
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithMockUser(username = "john", roles = { "ADMIN" })
|
||||
public void givenRoleAdmin_whenCallGetUsername_thenReturnAccessDenied() {
|
||||
userRoleService.getUsername();
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithMockUser(username = "john", roles = { "USER" })
|
||||
public void givenRoleUser_whenCallGetUsername2_thenReturnAccessDenied() {
|
||||
userRoleService.getUsername2();
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john", roles = { "VIEWER", "EDITOR" })
|
||||
public void givenRoleViewer_whenCallGetUsername2_thenReturnUsername() {
|
||||
String userName = userRoleService.getUsername2();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john", roles = { "VIEWER" })
|
||||
public void givenUsernameJerry_whenCallIsValidUsername2_thenReturnFalse() {
|
||||
boolean isValid = userRoleService.isValidUsername2("jerry");
|
||||
assertEquals(false, isValid);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "JOHN", authorities = { "SYS_ADMIN" })
|
||||
public void givenAuthoritySysAdmin_whenCallGetUsernameInLowerCase_thenReturnUsername() {
|
||||
String username = userRoleService.getUsernameLC();
|
||||
assertEquals("john", username);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
|
||||
public void givenUserJohn_whenCallGetMyRolesWithJohn_thenReturnRoles() {
|
||||
String roles = userRoleService.getMyRoles("john");
|
||||
assertEquals("ROLE_ADMIN,ROLE_USER,ROLE_VIEWER", roles);
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
|
||||
public void givenUserJane_whenCallGetMyRolesWithJane_thenAccessDenied() {
|
||||
userRoleService.getMyRoles("jane");
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
|
||||
public void givenUserJohn_whenCallGetMyRoles2WithJohn_thenReturnRoles() {
|
||||
String roles = userRoleService.getMyRoles2("john");
|
||||
assertEquals("ROLE_ADMIN,ROLE_USER,ROLE_VIEWER", roles);
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithMockUser(username = "john", roles = { "ADMIN", "USER", "VIEWER" })
|
||||
public void givenUserJane_whenCallGetMyRoles2WithJane_thenAccessDenied() {
|
||||
userRoleService.getMyRoles2("jane");
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithAnonymousUser
|
||||
public void givenAnomynousUser_whenCallGetUsername_thenAccessDenied() {
|
||||
userRoleService.getUsername();
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockJohnViewer
|
||||
public void givenMockedJohnViewer_whenCallGetUsername_thenReturnUsername() {
|
||||
String userName = userRoleService.getUsername();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "jane")
|
||||
public void givenListContainCurrentUsername_whenJoinUsernames_thenReturnUsernames() {
|
||||
List<String> usernames = new ArrayList<>();
|
||||
usernames.add("jane");
|
||||
usernames.add("john");
|
||||
usernames.add("jack");
|
||||
String containCurrentUser = userRoleService.joinUsernames(usernames);
|
||||
assertEquals("john;jack", containCurrentUser);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john")
|
||||
public void givenListContainCurrentUsername_whenCallJoinUsernamesAndRoles_thenReturnUsernameAndRoles() {
|
||||
List<String> usernames = new ArrayList<>();
|
||||
usernames.add("jane");
|
||||
usernames.add("john");
|
||||
usernames.add("jack");
|
||||
|
||||
List<String> roles = new ArrayList<>();
|
||||
roles.add("ROLE_ADMIN");
|
||||
roles.add("ROLE_TEST");
|
||||
|
||||
String containCurrentUser = userRoleService.joinUsernamesAndRoles(usernames, roles);
|
||||
assertEquals("jane;jack:ROLE_ADMIN;ROLE_TEST", containCurrentUser);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john")
|
||||
public void givenUserJohn_whenCallGetAllUsernamesExceptCurrent_thenReturnOtherusernames() {
|
||||
List<String> others = userRoleService.getAllUsernamesExceptCurrent();
|
||||
assertEquals(2, others.size());
|
||||
assertTrue(others.contains("jane"));
|
||||
assertTrue(others.contains("jack"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username = "john", roles = { "VIEWER" })
|
||||
public void givenRoleViewer_whenCallGetUsername4_thenReturnUsername() {
|
||||
String userName = userRoleService.getUsername4();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithMockUser(username = "john")
|
||||
public void givenDefaultRole_whenCallGetUsername4_thenAccessDenied() {
|
||||
userRoleService.getUsername4();
|
||||
}
|
||||
|
||||
}
|
|
@ -1,8 +1,8 @@
|
|||
package org.baeldung.testmethodsecurity;
|
||||
package org.baeldung.methodsecurity;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import org.baeldung.testmethodsecurity.service.UserRoleService;
|
||||
import org.baeldung.methodsecurity.service.UserRoleService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
@ -27,7 +27,7 @@ public class TestWithMockUserAtClassLevel {
|
|||
UserRoleService userService;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.testmethodsecurity.*")
|
||||
@ComponentScan("org.baeldung.methodsecurity.*")
|
||||
public static class SpringConfig {
|
||||
|
||||
}
|
|
@ -0,0 +1,56 @@
|
|||
package org.baeldung.methodsecurity;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import org.baeldung.methodsecurity.entity.CustomUser;
|
||||
import org.baeldung.methodsecurity.service.UserRoleService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.test.context.support.WithUserDetails;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration
|
||||
public class TestWithUserDetails {
|
||||
|
||||
@Autowired
|
||||
UserRoleService userService;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.methodsecurity.*")
|
||||
public static class SpringConfig {
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUserDetails(value = "john", userDetailsServiceBeanName = "userDetailService")
|
||||
public void whenJohn_callLoadUserDetail_thenOK() {
|
||||
CustomUser user = userService.loadUserDetail("jane");
|
||||
assertEquals("jane", user.getNickName());
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUserDetails(value = "jane", userDetailsServiceBeanName = "userDetailService")
|
||||
public void givenJane_callSecuredLoadUserDetailWithJane_thenOK() {
|
||||
CustomUser user = userService.securedLoadUserDetail("jane");
|
||||
assertEquals("jane", user.getNickName());
|
||||
assertEquals("jane", user.getUsername());
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithUserDetails(value = "john", userDetailsServiceBeanName = "userDetailService")
|
||||
public void givenJohn_callSecuredLoadUserDetailWithJane_thenAccessDenied() {
|
||||
userService.securedLoadUserDetail("jane");
|
||||
}
|
||||
|
||||
@Test(expected = AccessDeniedException.class)
|
||||
@WithUserDetails(value = "john", userDetailsServiceBeanName = "userDetailService")
|
||||
public void givenJohn_callSecuredLoadUserDetailWithJohn_thenAccessDenied() {
|
||||
userService.securedLoadUserDetail("john");
|
||||
}
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
package org.baeldung.testmethodsecurity;
|
||||
package org.baeldung.methodsecurity;
|
||||
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
|
@ -1,57 +0,0 @@
|
|||
package org.baeldung.testmethodsecurity;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import org.baeldung.testmethodsecurity.service.UserRoleService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.test.context.support.WithAnonymousUser;
|
||||
import org.springframework.security.test.context.support.WithMockUser;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration
|
||||
public class TestMethodSecurity{
|
||||
|
||||
@Autowired
|
||||
UserRoleService userRoleService;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.testmethodsecurity.*")
|
||||
public static class SpringConfig {
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username="john",roles={"VIEWER"})
|
||||
public void givenRoleViewer_whenCallGetUsername_thenReturnUsername(){
|
||||
String userName = userRoleService.getUsername();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockUser(username="john",authorities={"SYS_ADMIN"})
|
||||
public void givenAuthoritySysAdmin_whenCallGetUsername_thenReturnUsername(){
|
||||
String userName = userRoleService.getUsername();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
@Test(expected=AccessDeniedException.class)
|
||||
@WithAnonymousUser
|
||||
public void givenAnomynousUser_whenCallGetUsername_thenAccessDenied(){
|
||||
userRoleService.getUsername();
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithMockJohnViewer
|
||||
public void givenMockedJohnViewer_whenCallGetUsername_thenReturnUsername(){
|
||||
String userName = userRoleService.getUsername();
|
||||
assertEquals("john", userName);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,35 +0,0 @@
|
|||
package org.baeldung.testmethodsecurity;
|
||||
|
||||
import static org.junit.Assert.assertEquals;
|
||||
|
||||
import org.baeldung.testmethodsecurity.entity.CustomUser;
|
||||
import org.baeldung.testmethodsecurity.service.UserRoleService;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.ComponentScan;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.test.context.support.WithUserDetails;
|
||||
import org.springframework.test.context.ContextConfiguration;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@ContextConfiguration
|
||||
public class TestWithUserDetails {
|
||||
|
||||
@Autowired
|
||||
UserRoleService userService;
|
||||
|
||||
@Configuration
|
||||
@ComponentScan("org.baeldung.testmethodsecurity.*")
|
||||
public static class SpringConfig {
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
@WithUserDetails(value="john",userDetailsServiceBeanName="userDetailService")
|
||||
public void whenJohn_callLoadUserDetail_thenOK(){
|
||||
CustomUser user = userService.loadUserDetail("jane");
|
||||
assertEquals("jane",user.getNickName());
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue