Example 11 with User
use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.
the class BookControllerTest method testSensitiveDataIsReturnedToAdminUser.
@Test
public void testSensitiveDataIsReturnedToAdminUser() {
Book testBook = BookRepositoryTest.createTestBook();
User user = BookControllerTestUtils.getTestUser();
String token = jwtUtils.createTokenForUser(user);
String xsrfToken = BookControllerTestUtils.getXsrfToken(testRestTemplate);
HttpEntity<Book> request = BookControllerTestUtils.getBookHttpEntity(testBook, user, token, xsrfToken);
ResponseEntity<Book> response = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
String location = response.getHeaders().getLocation().toString();
Book book = testRestTemplate.exchange(location, HttpMethod.GET, request, Book.class).getBody();
// Title should be available to everyone
assertEquals(J_UNIT_TESTING_FOR_BEGINNERS, book.getTitle());
// Email should only be available to admins
assertEquals(BookControllerTestUtils.DUMMY_EMAIL, book.getCreatedBy().getEmail());
}
Also used :
User(com.aidanwhiteley.books.domain.User)
Book(com.aidanwhiteley.books.domain.Book)
BookRepositoryTest(com.aidanwhiteley.books.repository.BookRepositoryTest)
Test(org.junit.Test)
IntegrationTest(com.aidanwhiteley.books.util.IntegrationTest)
Example 12 with User
use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.
the class BookControllerTest method testUserDataIsReturnedToEditorUser.
@Test
public void testUserDataIsReturnedToEditorUser() {
Book testBook = BookRepositoryTest.createTestBook();
User user = BookControllerTestUtils.getEditorTestUser();
String token = jwtUtils.createTokenForUser(user);
String xsrfToken = BookControllerTestUtils.getXsrfToken(testRestTemplate);
HttpEntity<Book> request = BookControllerTestUtils.getBookHttpEntity(testBook, user, token, xsrfToken);
ResponseEntity<Book> response = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
String location = response.getHeaders().getLocation().toString();
Book book = testRestTemplate.exchange(location, HttpMethod.GET, request, Book.class).getBody();
// Title should be available to everyone
assertEquals(J_UNIT_TESTING_FOR_BEGINNERS, book.getTitle());
// Email should only be available to admins - not editors
assertEquals("", book.getCreatedBy().getEmail());
// But the name of the person who created the Book should be available
assertEquals(BookControllerTestUtils.USER_WITH_EDITOR_ROLE_FULL_NAME, book.getCreatedBy().getFullName());
}
Also used :
User(com.aidanwhiteley.books.domain.User)
Book(com.aidanwhiteley.books.domain.Book)
BookRepositoryTest(com.aidanwhiteley.books.repository.BookRepositoryTest)
Test(org.junit.Test)
IntegrationTest(com.aidanwhiteley.books.util.IntegrationTest)
Example 13 with User
use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.
the class BookControllerTestUtils method getEditorTestUser.
public static User getEditorTestUser() {
User user = new User();
user.setFullName(USER_WITH_EDITOR_ROLE_FULL_NAME);
user.setAuthenticationServiceId(USER_WITH_EDITOR_ROLE);
user.setAuthProvider(PROVIDER_EDITOR_USER);
user.addRole(User.Role.ROLE_USER);
user.addRole(User.Role.ROLE_EDITOR);
return user;
}
Also used :
User(com.aidanwhiteley.books.domain.User)
Example 14 with User
use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.
the class BookControllerTestUtils method postBookToServer.
public static ResponseEntity<Book> postBookToServer(JwtUtils jwtUtils, TestRestTemplate testRestTemplate) {
String xsrfToken = getXsrfToken(testRestTemplate);
Book testBook = BookRepositoryTest.createTestBook();
User user = getTestUser();
String token = jwtUtils.createTokenForUser(user);
HttpEntity<Book> request = getBookHttpEntity(testBook, user, token, xsrfToken);
ResponseEntity<Book> book = testRestTemplate.exchange("/secure/api/books", HttpMethod.POST, request, Book.class);
assertNotNull(book);
assertEquals(HttpStatus.CREATED, book.getStatusCode());
LOGGER.debug("postBookToServer posted book to server successfully");
return book;
}Example 15 with User
use of com.aidanwhiteley.books.domain.User in project books by aidanwhiteley.
the class BookControllerTestUtils method getTestUser.
public static User getTestUser() {
User user = new User();
user.setFullName(USER_WITH_ALL_ROLES_FULL_NAME);
user.setAuthProvider(PROVIDER_ALL_ROLES_USER);
user.setFirstLogon(LocalDateTime.now());
user.setLastLogon(LocalDateTime.now());
user.setEmail(DUMMY_EMAIL);
user.setAuthenticationServiceId(USER_WITH_ALL_ROLES);
user.addRole(User.Role.ROLE_USER);
user.addRole(User.Role.ROLE_EDITOR);
user.addRole(User.Role.ROLE_ADMIN);
return user;
}
Also used :
User(com.aidanwhiteley.books.domain.User)
Aggregations
User (com.aidanwhiteley.books.domain.User)36
Test (org.junit.Test)19
IntegrationTest (com.aidanwhiteley.books.util.IntegrationTest)16
Book (com.aidanwhiteley.books.domain.Book)15
BookRepositoryTest (com.aidanwhiteley.books.repository.BookRepositoryTest)9
URI (java.net.URI)3
DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)3
OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)3
Principal (java.security.Principal)2
Around (org.aspectj.lang.annotation.Around)2
HttpHeaders (org.springframework.http.HttpHeaders)2
ClientRoles (com.aidanwhiteley.books.controller.dtos.ClientRoles)1
AccessForbiddenException (com.aidanwhiteley.books.controller.exceptions.AccessForbiddenException)1
Comment (com.aidanwhiteley.books.domain.Comment)1
Owner (com.aidanwhiteley.books.domain.Owner)1
Claims (io.jsonwebtoken.Claims)1
ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)1
LocalDateTime (java.time.LocalDateTime)1
List (java.util.List)1
Cookie (javax.servlet.http.Cookie)1
