Examples with Book com.aidanwhiteley.books.domain.Book used on opensource projects

Example 16 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class BookSecureControllerTest method tryUpdateActionWhenNoCsrfTokenInRequestHeaders.

@Test
public void tryUpdateActionWhenNoCsrfTokenInRequestHeaders() {
    User user = BookControllerTestUtils.getTestUser();
    String token = jwtUtils.createTokenForUser(user);
    String xsrfToken = BookControllerTestUtils.getXsrfToken(testRestTemplate);
    // Check all works OK when xsrf token is supplied
    Book testBook = BookRepositoryTest.createTestBook();
    HttpEntity<Book> request = BookControllerTestUtils.getBookHttpEntity(testBook, user, token, xsrfToken);
    ResponseEntity<Book> response = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
    assertEquals(HttpStatus.CREATED, response.getStatusCode());
    // And now check the action is forbidden when no xsrf token is supplied
    request = BookControllerTestUtils.getBookHttpEntity(testBook, user, token, null);
    response = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
    // In actual fact, what happens is that the request is re-directed to the "logon page", A 403 would have been preferable
    assertEquals(HttpStatus.FOUND, response.getStatusCode());
    assertTrue(response.getHeaders().getLocation().getPath().equals(WebSecurityConfiguration.API_LOGIN));
}

Example 17 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class BookSecureControllerTest method createAndDeleteBook.

@Test
public void createAndDeleteBook() {
    // Create book
    ResponseEntity<Book> response = BookControllerTestUtils.postBookToServer(jwtUtils, testRestTemplate);
    assertEquals(HttpStatus.CREATED, response.getStatusCode());
    // Get location of created book
    String location = response.getHeaders().getLocation().toString();
    assertNotNull("Location of newly created book should have been provided", location);
    String id = location.substring(location.lastIndexOf("/") + 1);
    // Get an admin user and required tokens and then delete the book
    User user = BookControllerTestUtils.getTestUser();
    String token = jwtUtils.createTokenForUser(user);
    String xsrfToken = BookControllerTestUtils.getXsrfToken(testRestTemplate);
    HttpEntity<Book> request = BookControllerTestUtils.getBookHttpEntity(null, user, token, xsrfToken);
    response = testRestTemplate.exchange("/secure/api/books/" + id, HttpMethod.DELETE, request, Book.class);
    assertEquals(HttpStatus.NO_CONTENT, response.getStatusCode());
    // Now check that the book can no longer be found
    Book deletedBook = testRestTemplate.getForObject(location, Book.class);
    assertEquals(null, deletedBook.getId());
}

Example 18 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class BookSecureControllerTest method tryToCreateBookWithNoPermissions.

@Test
public void tryToCreateBookWithNoPermissions() {
    Book testBook = BookRepositoryTest.createTestBook();
    HttpEntity<Book> request = new HttpEntity<>(testBook);
    ResponseEntity<Book> response = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
    // Spring security will issue a 302 to redirect to the logon page.
    // For GETs this would be automatically followed and the "logon page"
    // responds with a 403 Forbidden.
    // However, POSTs, PUTs etc the client shouldnt automatically follow the
    // 302 redirect. Hence this test looks for the 302.
    // The test is still successful as the client code is
    // prevented (via the 302 to a logon page) from doing what is doesnt have the
    // required permissions to do.
    assertEquals(HttpStatus.FOUND, response.getStatusCode());
}

Example 19 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class BookRepositoryTest method addCommentToBook.

@Test
public void addCommentToBook() {
    Book book = createTestBook();
    Book savedBook = bookRepository.insert(book);
    Comment comment = new Comment(A_COMMENT, new Owner());
    // Returned book holds just the Book's comments - no other data other than the book id.
    Book updatedBook = bookRepository.addCommentToBook(savedBook.getId(), comment);
    assertEquals(1, updatedBook.getComments().size());
    assertEquals(A_COMMENT, updatedBook.getComments().get(0).getCommentText());
}

Example 20 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class GoogleBookDaoAsyncTest method testBookUpdatedWithGoogleBookDetails.

@Test
public void testBookUpdatedWithGoogleBookDetails() {
    GoogleBooksDaoAsync async = new GoogleBooksDaoAsync(bookRepository);
    async.setBooksGoogleBooksApiGetByIdUrl("https://www.googleapis.com/books/v1/volumes/");
    async.setBooksGoogleBooksApiCountryCode("country=GB");
    async.updateBookWithGoogleBookDetails(new Book(), "mM8qDwAAQBAJ");
}