[英]Integration tests with spring security
I need to send a get request to the API, but despite having placed the administrator annotation get error
@WithMockUser(roles="ADMINISTRADOR")
. 我需要向API发送一个get请求,但是尽管已经放置了管理员注释 ,但
获取错误
@WithMockUser(roles="ADMINISTRADOR")
。
How do I send a request? 我如何发送请求?
API API
@RequestMapping(value = "/{id}", method = RequestMethod.GET)
@PostAuthorize("returnObject.instancia == principal.instancia.instancia")
public Validacao retrieve(@PathVariable("id") String id) {
return validacaoService.retrieve(id);
}
Test 测试
@Test
@WithMockUser(roles = "ADMINISTRADOR")
public void testCRetrieve() throws Exception {
this.mockMvc
.perform(get("/api/validacao/" + id).with(user("daniela.morais@sofist.com.br")))
.andExpect(status().isOk())
.andReturn();
}
Log 日志
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext
Test Class 测试类
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes = {ValidacaoAPITest.TestConfiguration.class, WithSecurityConfig.class})
@WebAppConfiguration
public class ValidacaoAPITest {
@EnableWebMvc
@Configuration
public static class TestConfiguration {
Fongo fongo = new Fongo("new server 1");
DB db = fongo.getDB("oknok");
@Bean
ValidacaoAPI getValidacaoAPI() {
return new ValidacaoAPI();
}
@Bean
ActiveUser getActiveUser() {
ActiveUser mock = Mockito.mock(ActiveUser.class);
when(mock.getUser()).thenReturn(new User().setEmail("email@email.com"));
when(mock.getInstancia()).thenReturn(new Instancia().setInstancia("instancia"));
return mock;
}
@Bean
ValidacaoService getValidacaoService() {
return new ValidacaoService();
}
@Bean
MatchService getMatchService() {
return new MatchService();
}
@Bean
PlanilhaReader getPlanilhaReader() {
return new PlanilhaReader();
}
@Bean
AtributoReader getAtributoReader() {
return new AtributoReader();
}
@Bean
AtributoDAO getAtributoDAO() {
return new AtributoDAO();
}
@Bean
UploadService getUploadService() {
return new UploadService();
}
@Bean
ValidacaoResultadoDAO getValidacaoResultadoDAO() {
return new ValidacaoResultadoDAO(db);
}
@Bean
Mapper getMapper() {
return new Mapper(db);
}
@Bean
UploadDAO getUploadDAO() {
return new UploadDAO(db);
}
@Bean
MatchDAO getMatchDAO() {
return new MatchDAO(db);
}
@Bean
ValidacaoDAO getValidacaoDAO() {
return new ValidacaoDAO(db);
}
@Bean
UploadOriginalsDAO getUploadOriginalsDAO() {
return new UploadOriginalsDAO(db);
}
@Bean
AtributoValidator getAtributoValidator() {
return new AtributoValidator();
}
}
@Autowired
MatchService matchService;
@Autowired
private WebApplicationContext context;
private MockMvc mockMvc;
private static String id;
@Before
public void setup() {
mockMvc = MockMvcBuilders.webAppContextSetup(context).build();
}
@Test
public void testACreateValidation() throws Exception {
MvcResult result = this.mockMvc
.perform(post("/api/validacao"))
.andExpect(status().isOk())
.andExpect(jsonPath("$.id", notNullValue()))
.andReturn();
this.id = ((BasicDBObject) JSON.parse(result.getResponse().getContentAsString())).getString("id");
}
@Test
public void testBRetrieveAll() throws Exception {
MvcResult result = this.mockMvc
.perform(get("/api/validacao"))
.andExpect(status().isOk())
.andExpect(jsonPath("$.[0].id", notNullValue()))
.andReturn();
BasicDBList list = (BasicDBList) JSON.parse(result.getResponse().getContentAsString());
this.id = (String) ((BasicDBObject) JSON.parse(list.get(0).toString())).get("id");
}
//FIXME
@Test
@WithMockUser(roles = "ADMINISTRADOR")
public void testCRetrieve() throws Exception {
this.mockMvc
.perform(get("/api/validacao/" + id).with(user("daniela.morais@sofist.com.br")))
.andExpect(status().isOk())
.andReturn();
}
}
In the Spring security Reference, section 10.1 states that in order to be able to test the spring security features, you need to integrate the security filter chain in your MockMvc object, as shown in this example in the @Before setup method. 在Spring安全性参考中,第10.1节规定,为了能够测试Spring安全性功能,您需要在MockMvc对象中集成安全性过滤器链,如@Before安装方法中的此示例所示。
import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*;
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration
@WebAppConfiguration
public class CsrfShowcaseTests {
@Autowired
private WebApplicationContext context;
private MockMvc mvc;
@Before
public void setup() {
mvc = MockMvcBuilders
.webAppContextSetup(context)
.apply(springSecurity())
.build();
}
...
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.