dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #21285
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 10026: FRED-API: wip, mocking of spring security context
------------------------------------------------------------
revno: 10026
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2013-03-07 10:40:16 +0300
message:
FRED-API: wip, mocking of spring security context
modified:
dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/FredSpringWebTest.java
dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/webapi/v1/controller/FacilityController.java
dhis-2/dhis-web/dhis-web-api-fred/src/test/java/org/hisp/dhis/web/webapi/v1/controller/FacilityControllerTest.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/FredSpringWebTest.java'
--- dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/FredSpringWebTest.java 2013-03-07 06:17:19 +0000
+++ dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/FredSpringWebTest.java 2013-03-07 07:40:16 +0000
@@ -30,6 +30,14 @@
import org.junit.Before;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpSession;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.web.FilterChainProxy;
+import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import org.springframework.test.context.web.WebAppConfiguration;
@@ -39,6 +47,8 @@
import org.springframework.web.context.WebApplicationContext;
import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.List;
/**
* @author Morten Olav Hansen <mortenoh@xxxxxxxxx>
@@ -50,17 +60,55 @@
)
@WebAppConfiguration
@Transactional
-public class FredSpringWebTest
+public abstract class FredSpringWebTest extends DhisConvenienceTest
{
@Autowired
+ protected FilterChainProxy filterChainProxy;
+
+ @Autowired
protected WebApplicationContext wac;
protected MockMvc mvc;
+ public MockHttpSession getSession( String... authorities )
+ {
+ SecurityContextHolder.getContext().setAuthentication( getPrincipal( authorities ) );
+ MockHttpSession session = new MockHttpSession();
+
+ session.setAttribute(
+ HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY,
+ SecurityContextHolder.getContext() );
+
+ return session;
+ }
+
+ public UsernamePasswordAuthenticationToken getPrincipal( String... authorities )
+ {
+ List<SimpleGrantedAuthority> grantedAuthorities = new ArrayList<SimpleGrantedAuthority>();
+
+ for ( String authority : authorities )
+ {
+ grantedAuthorities.add( new SimpleGrantedAuthority( authority ) );
+ }
+
+ UserDetails userDetails = new User( "admin", "district", true, true, true, true, grantedAuthorities );
+
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
+ userDetails,
+ userDetails.getPassword(),
+ userDetails.getAuthorities()
+ );
+
+ return authenticationToken;
+ }
+
@Before
public void setup() throws Exception
{
- mvc = MockMvcBuilders.webAppContextSetup( wac ).build();
+ mvc = MockMvcBuilders.webAppContextSetup( wac )
+ .addFilter( filterChainProxy )
+ .build();
+
executeStartupRoutines();
setUpTest();
=== modified file 'dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/webapi/v1/controller/FacilityController.java'
--- dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/webapi/v1/controller/FacilityController.java 2013-03-07 06:24:46 +0000
+++ dhis-2/dhis-web/dhis-web-api-fred/src/main/java/org/hisp/dhis/web/webapi/v1/controller/FacilityController.java 2013-03-07 07:40:16 +0000
@@ -386,12 +386,23 @@
private void setAccessRights( Model model )
{
- Set<String> authorities = currentUserService.getCurrentUser().getUserCredentials().getAllAuthorities();
+ // TODO fix this, a proper mock currentuserservice should be implemented
+ if ( currentUserService != null && currentUserService.getCurrentUser() != null )
+ {
+ Set<String> authorities = currentUserService.getCurrentUser().getUserCredentials().getAllAuthorities();
- model.addAttribute( "canCreate", authorities.contains( "F_FRED_CREATE" ) || currentUserService.currentUserIsSuper() );
- model.addAttribute( "canRead", authorities.contains( "M-dhis-web-api-fred" ) || currentUserService.currentUserIsSuper() );
- model.addAttribute( "canUpdate", authorities.contains( "F_FRED_UPDATE" ) || currentUserService.currentUserIsSuper() );
- model.addAttribute( "canDelete", authorities.contains( "F_FRED_DELETE" ) || currentUserService.currentUserIsSuper() );
+ model.addAttribute( "canCreate", authorities.contains( "F_FRED_CREATE" ) || currentUserService.currentUserIsSuper() );
+ model.addAttribute( "canRead", authorities.contains( "M-dhis-web-api-fred" ) || currentUserService.currentUserIsSuper() );
+ model.addAttribute( "canUpdate", authorities.contains( "F_FRED_UPDATE" ) || currentUserService.currentUserIsSuper() );
+ model.addAttribute( "canDelete", authorities.contains( "F_FRED_DELETE" ) || currentUserService.currentUserIsSuper() );
+ }
+ else
+ {
+ model.addAttribute( "canCreate", false );
+ model.addAttribute( "canRead", false );
+ model.addAttribute( "canUpdate", false );
+ model.addAttribute( "canDelete", false );
+ }
}
private void addHierarchyPropertyToFacility( List<OrganisationUnitLevel> organisationUnitLevels, OrganisationUnit organisationUnit, Facility facility )
=== modified file 'dhis-2/dhis-web/dhis-web-api-fred/src/test/java/org/hisp/dhis/web/webapi/v1/controller/FacilityControllerTest.java'
--- dhis-2/dhis-web/dhis-web-api-fred/src/test/java/org/hisp/dhis/web/webapi/v1/controller/FacilityControllerTest.java 2013-03-07 06:17:19 +0000
+++ dhis-2/dhis-web/dhis-web-api-fred/src/test/java/org/hisp/dhis/web/webapi/v1/controller/FacilityControllerTest.java 2013-03-07 07:40:16 +0000
@@ -30,9 +30,10 @@
import org.hisp.dhis.web.FredSpringWebTest;
import org.junit.Test;
import org.springframework.http.MediaType;
+import org.springframework.mock.web.MockHttpSession;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
-import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.*;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
/**
@@ -43,22 +44,18 @@
@Test
public void testRedirectedToV1() throws Exception
{
- mvc.perform( get( "/api-fred" ) ).andExpect( redirectedUrl( "/api-fred/v1" ) );
- mvc.perform( get( "/api-fred/" ) ).andExpect( redirectedUrl( "/api-fred/v1" ) );
+ MockHttpSession session = getSession( "ALL" );
+
+ mvc.perform( get( "/api-fred" ).session( session ) ).andExpect( redirectedUrl( "/api-fred/v1" ) );
+ mvc.perform( get( "/api-fred/" ).session( session ) ).andExpect( redirectedUrl( "/api-fred/v1" ) );
}
@Test
public void testGetFacilities() throws Exception
{
- // TODO auth issues
- //mvc.perform( get( "/v1" ) )
- // .andDo( print() )
- // .andReturn();
- }
+ MockHttpSession session = getSession( "ALL" );
- @Test
- public void testBogusIsNotFound() throws Exception
- {
- mvc.perform( get( "/bogus" ).accept( MediaType.ALL ) ).andExpect( status().isNotFound() );
+ mvc.perform( get( "/v1/facilities" ).session( session ).accept( MediaType.APPLICATION_JSON ) )
+ .andExpect( status().isOk() );
}
}
