Examples with User com.aidanwhiteley.books.domain.User used on opensource projects

Search in sources :

Example 46 with User

use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.

the class BookSecureControllerTest method tryToCreateBookWithInsufficientPermissions.

@Test
void tryToCreateBookWithInsufficientPermissions() {
    Book testBook = BookRepositoryTest.createTestBook();
    // Set up user with just the ROLE_USER role
    User user = BookControllerTestUtils.getTestUser();
    user.removeRole(Role.ROLE_ADMIN);
    user.removeRole(Role.ROLE_EDITOR);
    String token = jwtUtils.createTokenForUser(user);
    HttpEntity<Book> putData = BookControllerTestUtils.getBookHttpEntity(testBook, token);
    ResponseEntity<Book> postResponse = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, putData, Book.class);
    assertEquals(HttpStatus.FORBIDDEN, postResponse.getStatusCode());
}
Also used : User(com.aidanwhiteley.books.domain.User) Book(com.aidanwhiteley.books.domain.Book) BookRepositoryTest(com.aidanwhiteley.books.repository.BookRepositoryTest) Test(org.junit.jupiter.api.Test) IntegrationTest(com.aidanwhiteley.books.util.IntegrationTest)

Example 47 with User

use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.

the class BookSecureControllerTest method testDebugHeaders.

@Test
void testDebugHeaders() {
    User user = BookControllerTestUtils.getTestUser();
    String token = jwtUtils.createTokenForUser(user);
    // Re-using "book related" code to get required headers easily set up
    Book testBook = BookRepositoryTest.createTestBook();
    HttpEntity<Book> request = BookControllerTestUtils.getBookHttpEntity(testBook, token, null);
    ResponseEntity<String> response = testRestTemplate.exchange("/secure/api/debugheaders", HttpMethod.GET, request, String.class);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertTrue(response.getBody().contains(JwtAuthenticationService.JWT_COOKIE_NAME));
}
Also used : User(com.aidanwhiteley.books.domain.User) Book(com.aidanwhiteley.books.domain.Book) BookRepositoryTest(com.aidanwhiteley.books.repository.BookRepositoryTest) Test(org.junit.jupiter.api.Test) IntegrationTest(com.aidanwhiteley.books.util.IntegrationTest)

Example 48 with User

use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.

the class BookSecureControllerTest method createAndDeleteBook.

@Test
void createAndDeleteBook() {
    // Create book
    ResponseEntity<Book> response = BookControllerTestUtils.postBookToServer(jwtUtils, testRestTemplate);
    assertEquals(HttpStatus.CREATED, response.getStatusCode());
    // Get location of created book
    String location = response.getHeaders().getLocation().toString();
    assertTrue(location.length() > 0, "Location of newly created book should have been provided");
    String id = location.substring(location.lastIndexOf("/") + 1);
    // Get an admin user and required tokens and then delete the book
    User user = BookControllerTestUtils.getTestUser();
    String token = jwtUtils.createTokenForUser(user);
    String xsrfToken = BookControllerTestUtils.getXsrfToken(testRestTemplate);
    HttpEntity<Book> request = BookControllerTestUtils.getBookHttpEntity(null, token, xsrfToken);
    response = testRestTemplate.exchange("/secure/api/books/" + id, HttpMethod.DELETE, request, Book.class);
    assertEquals(HttpStatus.NO_CONTENT, response.getStatusCode());
    // Now check that the book can no longer be found
    Book deletedBook = testRestTemplate.getForObject(location, Book.class);
    assertNull(deletedBook.getId());
}
Also used : User(com.aidanwhiteley.books.domain.User) Book(com.aidanwhiteley.books.domain.Book) BookRepositoryTest(com.aidanwhiteley.books.repository.BookRepositoryTest) Test(org.junit.jupiter.api.Test) IntegrationTest(com.aidanwhiteley.books.util.IntegrationTest)

Example 49 with User

use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.

the class BookSecureControllerTest method tryUpdateActionWhenNoCsrfTokenInRequestHeaders.

@Test
void tryUpdateActionWhenNoCsrfTokenInRequestHeaders() {
    User user = BookControllerTestUtils.getTestUser();
    String token = jwtUtils.createTokenForUser(user);
    String xsrfToken = BookControllerTestUtils.getXsrfToken(testRestTemplate);
    // Check all works OK when xsrf token is supplied
    Book testBook = BookRepositoryTest.createTestBook();
    HttpEntity<Book> request = BookControllerTestUtils.getBookHttpEntity(testBook, token, xsrfToken);
    ResponseEntity<Book> response = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
    assertEquals(HttpStatus.CREATED, response.getStatusCode());
    // And now check the action is forbidden when no xsrf token is supplied
    request = BookControllerTestUtils.getBookHttpEntity(testBook, token, null);
    response = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
    assertEquals(HttpStatus.FORBIDDEN, response.getStatusCode());
}
Also used : User(com.aidanwhiteley.books.domain.User) Book(com.aidanwhiteley.books.domain.Book) BookRepositoryTest(com.aidanwhiteley.books.repository.BookRepositoryTest) Test(org.junit.jupiter.api.Test) IntegrationTest(com.aidanwhiteley.books.util.IntegrationTest)

Example 50 with User

use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.

the class JwtUtilsTest method testExpiredToken.

@Test
void testExpiredToken() {
    JwtUtils jwt = new JwtUtils();
    jwt.setIssuer("A test issuer");
    jwt.setExpiryInMilliSeconds(-1);
    jwt.setSecretKey("A test secret key");
    User testUser = BookControllerTestUtils.getTestUser();
    String token = jwt.createTokenForUser(testUser);
    Assertions.assertThrows(ExpiredJwtException.class, () -> jwt.getUserFromToken(token));
}
Also used : User(com.aidanwhiteley.books.domain.User) Test(org.junit.jupiter.api.Test)

Aggregations

User (com.aidanwhiteley.books.domain.User)61 Test (org.junit.jupiter.api.Test)35 Book (com.aidanwhiteley.books.domain.Book)25 IntegrationTest (com.aidanwhiteley.books.util.IntegrationTest)24 BookRepositoryTest (com.aidanwhiteley.books.repository.BookRepositoryTest)13 URI (java.net.URI)5 DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)4 OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)4 Principal (java.security.Principal)3 HttpHeaders (org.springframework.http.HttpHeaders)3 Comment (com.aidanwhiteley.books.domain.Comment)2 Around (org.aspectj.lang.annotation.Around)2 LoggerContext (ch.qos.logback.classic.LoggerContext)1 ClientRoles (com.aidanwhiteley.books.controller.dtos.ClientRoles)1 NotAuthorisedException (com.aidanwhiteley.books.controller.exceptions.NotAuthorisedException)1 Owner (com.aidanwhiteley.books.domain.Owner)1 Item (com.aidanwhiteley.books.domain.googlebooks.Item)1 Claims (io.jsonwebtoken.Claims)1 ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)1 LocalDateTime (java.time.LocalDateTime)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial