use of dev.hilla.auth.EndpointAccessChecker in project flow by vaadin.
the class EndpointInvoker method getAccessChecker.
EndpointAccessChecker getAccessChecker(ServletContext servletContext) {
VaadinServletContext vaadinServletContext = new VaadinServletContext(servletContext);
VaadinConnectAccessCheckerWrapper wrapper = vaadinServletContext.getAttribute(VaadinConnectAccessCheckerWrapper.class, () -> {
EndpointAccessChecker accessChecker = applicationContext.getBean(EndpointAccessChecker.class);
return new VaadinConnectAccessCheckerWrapper(accessChecker);
});
return wrapper.accessChecker;
}
use of dev.hilla.auth.EndpointAccessChecker in project flow by vaadin.
the class EndpointControllerTest method should_CallMethodAnonymously_When_AnonymousOverridesRoles.
@Test
public void should_CallMethodAnonymously_When_AnonymousOverridesRoles() {
EndpointController vaadinController = createVaadinController(TEST_ENDPOINT, new EndpointAccessChecker(new AccessAnnotationChecker()));
ResponseEntity<String> response = vaadinController.serveEndpoint(TEST_ENDPOINT_NAME, "anonymousOverrides", createRequestParameters("{}"), requestMock);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertEquals("\"Hello, no user!\"", response.getBody());
}
use of dev.hilla.auth.EndpointAccessChecker in project flow by vaadin.
the class EndpointControllerTest method createVaadinController.
private <T> EndpointController createVaadinController(T endpoint, ObjectMapper vaadinEndpointMapper, EndpointAccessChecker accessChecker, EndpointNameChecker endpointNameChecker, ExplicitNullableTypeChecker explicitNullableTypeChecker, CsrfChecker csrfChecker) {
ServletContext servletContext = Mockito.mock(ServletContext.class);
Lookup lookup = Mockito.mock(Lookup.class);
Mockito.when(servletContext.getAttribute(Lookup.class.getName())).thenReturn(lookup);
if (vaadinEndpointMapper == null) {
vaadinEndpointMapper = new ObjectMapper();
}
if (accessChecker == null) {
accessChecker = mock(EndpointAccessChecker.class);
when(accessChecker.check(TEST_METHOD, requestMock)).thenReturn(null);
}
if (csrfChecker == null) {
csrfChecker = new CsrfChecker(servletContext);
}
if (endpointNameChecker == null) {
endpointNameChecker = mock(EndpointNameChecker.class);
when(endpointNameChecker.check(TEST_ENDPOINT_NAME)).thenReturn(null);
}
if (explicitNullableTypeChecker == null) {
explicitNullableTypeChecker = mock(ExplicitNullableTypeChecker.class);
when(explicitNullableTypeChecker.checkValueForType(any(), any())).thenReturn(null);
}
ApplicationContext mockApplicationContext = mockApplicationContext(endpoint);
EndpointRegistry registry = new EndpointRegistry(endpointNameChecker);
EndpointInvoker invoker = Mockito.spy(new EndpointInvoker(mockApplicationContext, vaadinEndpointMapper, explicitNullableTypeChecker, registry));
Mockito.doReturn(accessChecker).when(invoker).getAccessChecker(any());
EndpointController connectController = Mockito.spy(new EndpointController(mockApplicationContext, registry, invoker, csrfChecker));
return connectController;
}
use of dev.hilla.auth.EndpointAccessChecker in project flow by vaadin.
the class EndpointControllerTest method should_bePossibeToGetPrincipalInEndpoint.
@Test
public void should_bePossibeToGetPrincipalInEndpoint() {
when(principal.getName()).thenReturn("foo");
EndpointController vaadinController = createVaadinController(TEST_ENDPOINT, new EndpointAccessChecker(new AccessAnnotationChecker()));
ResponseEntity<String> response = vaadinController.serveEndpoint(TEST_ENDPOINT_NAME, "getUserName", createRequestParameters("{}"), requestMock);
assertEquals("\"foo\"", response.getBody());
}
use of dev.hilla.auth.EndpointAccessChecker in project flow by vaadin.
the class EndpointControllerTest method should_CallMethodAnonymously_When_UserPrincipalIsInRole.
@Test
public void should_CallMethodAnonymously_When_UserPrincipalIsInRole() {
when(requestMock.isUserInRole("FOO_ROLE")).thenReturn(true);
EndpointController vaadinController = createVaadinController(TEST_ENDPOINT, new EndpointAccessChecker(new AccessAnnotationChecker()));
ResponseEntity<String> response = vaadinController.serveEndpoint(TEST_ENDPOINT_NAME, "testRoleAllowed", createRequestParameters("{}"), requestMock);
assertEquals(HttpStatus.OK, response.getStatusCode());
assertEquals("\"Hello, user in role!\"", response.getBody());
}
Aggregations