From 475680d35be2d32ecd613f34568bf92418e133ad Mon Sep 17 00:00:00 2001 From: CChemin Date: Tue, 8 Feb 2022 10:25:59 +0100 Subject: [PATCH 1/3] [TEST] :white_check_mark: Improve Controller tests Signed-off-by: CChemin --- .../core/service/PermissionServiceTests.java | 21 + ...AppManagedUserAttributeControllerTest.java | 255 +++--- .../controller/ApplicationControllerTest.java | 733 +++++++++--------- .../controller/GroupControllerTest.java | 646 ++++++++------- .../OrganizationControllerTest.java | 664 ++++++++-------- .../controller/UserControllerTest.java | 663 ++++++++-------- 6 files changed, 1418 insertions(+), 1564 deletions(-) diff --git a/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java b/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java index c04a048b..bc5a2ecc 100644 --- a/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java +++ b/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java @@ -157,4 +157,25 @@ public void testgetAllowedAttributePattern() { fail(); } } + + @Test + public void testIsValidAttribute() { + SugoiUser sugoiUser = + new SugoiUser("toto", List.of("role_Asi_appli1", "role_reader_realm1_sugoi")); + String attributeValue = "toto_appli1"; + String pattern_of_attribute = "(.*)_$(APPLICATION)"; + + assertThat( + "Should be able to write toto_appli1", + permissions.isValidAttributeAccordingAttributePattern( + sugoiUser, "domaine1", "storage", pattern_of_attribute, attributeValue)); + assertThat( + "Should not be able to write toto_appli2", + !permissions.isValidAttributeAccordingAttributePattern( + sugoiUser, "domaine1", "storage", pattern_of_attribute, "toto_appli2")); + assertThat( + "Should not be able to write appli1_toto", + !permissions.isValidAttributeAccordingAttributePattern( + sugoiUser, "domaine1", "storage", pattern_of_attribute, "appli1_toto")); + } } diff --git a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/AppManagedUserAttributeControllerTest.java b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/AppManagedUserAttributeControllerTest.java index ed8b3726..30c4c954 100644 --- a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/AppManagedUserAttributeControllerTest.java +++ b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/AppManagedUserAttributeControllerTest.java @@ -15,20 +15,19 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.is; -import static org.junit.jupiter.api.Assertions.fail; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import com.fasterxml.jackson.databind.ObjectMapper; import fr.insee.sugoi.commons.services.controller.technics.SugoiAdviceController; import fr.insee.sugoi.core.configuration.GlobalKeysConfig; +import fr.insee.sugoi.core.model.ProviderRequest; import fr.insee.sugoi.core.model.ProviderResponse; import fr.insee.sugoi.core.model.ProviderResponse.ProviderResponseStatus; import fr.insee.sugoi.core.service.ConfigService; -import fr.insee.sugoi.core.service.PermissionService; import fr.insee.sugoi.core.service.UserService; +import fr.insee.sugoi.core.service.impl.PermissionServiceImpl; import fr.insee.sugoi.model.Realm; import fr.insee.sugoi.model.User; -import java.util.List; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.mockito.Mockito; @@ -45,7 +44,11 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; @SpringBootTest( - classes = {AppManagedUserAttributeController.class, SugoiAdviceController.class}, + classes = { + AppManagedUserAttributeController.class, + SugoiAdviceController.class, + PermissionServiceImpl.class + }, properties = "spring.config.location=classpath:/permissions/test-regexp-permissions.properties") @AutoConfigureMockMvc @EnableWebMvc @@ -54,8 +57,6 @@ public class AppManagedUserAttributeControllerTest { @MockBean private UserService userService; - @MockBean private PermissionService permissionService; - @MockBean private ConfigService configService; ObjectMapper objectMapper = new ObjectMapper(); @@ -72,171 +73,101 @@ public void setup() { @Test @WithMockUser(username = "reader_realm1", roles = "ADMIN_SUGOI") - public void get200WhenAddCorrectAttributes() { - try { - - Mockito.when(configService.getRealm(Mockito.anyString())).thenReturn(realm); - Mockito.when(permissionService.getUserRealmAppManager(Mockito.any())) - .thenReturn(List.of("*\\appA", "*\\appB")); - Mockito.doReturn(true) - .when(permissionService) - .isWriter(Mockito.any(), Mockito.anyString(), Mockito.anyString()); - Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) - .when(userService) - .addAppManagedAttribute( - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.patch( - "/realms/domaine1/storages/test/users/Toto/my-attribute-key/prop_role_appA") - .contentType(MediaType.APPLICATION_JSON) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - assertThat("Response must be 200 OK", response.getStatus(), is(204)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } - } - - @Test - @WithMockUser - public void get200WhenAddCorrectAttributesWhenAdminOrWriter() { - try { - - Mockito.when(configService.getRealm(Mockito.anyString())).thenReturn(realm); - Mockito.doReturn(true) - .when(permissionService) - .isWriter(Mockito.any(), Mockito.anyString(), Mockito.anyString()); - Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) - .when(userService) - .addAppManagedAttribute( - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.patch( - "/realms/domaine1/storages/test/users/Toto/my-attribute-key/prop_role_appA") - .contentType(MediaType.APPLICATION_JSON) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - assertThat("Response must be 200 OK", response.getStatus(), is(204)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get200WhenAddCorrectAttributes() throws Exception { + + Mockito.when(configService.getRealm("test")).thenReturn(realm); + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) + .when(userService) + .addAppManagedAttribute( + Mockito.eq("test"), + Mockito.eq("test"), + Mockito.eq("Toto"), + Mockito.eq("my-attribute-key"), + Mockito.eq("prop_role_appA"), + Mockito.any(ProviderRequest.class)); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.patch( + "/realms/test/storages/test/users/Toto/my-attribute-key/prop_role_appA") + .contentType(MediaType.APPLICATION_JSON) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + assertThat("Response must be 200 OK", response.getStatus(), is(204)); } @Test - @WithMockUser(username = "reader_realm1", roles = "ASI_SUGOI") - public void get200WhenAddCorrectAttributesWhenAppManager() { - try { - - Mockito.when( - permissionService.isWriter(Mockito.any(), Mockito.anyString(), Mockito.anyString())) - .thenReturn(false); - Mockito.doReturn(true) - .when(permissionService) - .isValidAttributeAccordingAttributePattern( - Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()); - Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) - .when(userService) - .addAppManagedAttribute( - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any(), - Mockito.any()); - Mockito.when(configService.getRealm(Mockito.anyString())).thenReturn(realm); - Mockito.when( - permissionService.getAllowedAttributePattern( - Mockito.any(), Mockito.anyString(), Mockito.any(), Mockito.anyString())) - .thenReturn(List.of("(.*)_appA", "(.*)_appB")); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.patch( - "/realms/domaine1/storages/test/users/Toto/my-attribute-key/prop_role_appA") - .contentType(MediaType.APPLICATION_JSON) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - assertThat("Response must be 200 OK", response.getStatus(), is(204)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(username = "reader_realm1", roles = "ASI_APPA") + public void get200WhenAddCorrectAttributesWhenAppManager() throws Exception { + + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) + .when(userService) + .addAppManagedAttribute( + Mockito.eq("test"), + Mockito.eq("test"), + Mockito.eq("Toto"), + Mockito.eq("my-attribute-key"), + Mockito.eq("prop_role_appA"), + Mockito.any(ProviderRequest.class)); + Mockito.when(configService.getRealm("test")).thenReturn(realm); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.patch( + "/realms/test/storages/test/users/Toto/my-attribute-key/prop_role_appA") + .contentType(MediaType.APPLICATION_JSON) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + assertThat("Response must be 200 OK", response.getStatus(), is(204)); } @Test - @WithMockUser(username = "reader_realm1", roles = "ASI_SUGOI") - public void get403WhenAddIncorrectAttributes() { - try { - - Mockito.when( - permissionService.isWriter(Mockito.any(), Mockito.anyString(), Mockito.anyString())) - .thenReturn(false); - Mockito.when(configService.getRealm(Mockito.anyString())).thenReturn(realm); - Mockito.when( - permissionService.getAllowedAttributePattern( - Mockito.any(), Mockito.anyString(), Mockito.any(), Mockito.anyString())) - .thenReturn(List.of("(.*)_appA", "(.*)_appB")); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.patch( - "/realms/domaine1/storages/test/users/Toto/my-attribute-key2/prop_role_appA") - .contentType(MediaType.APPLICATION_JSON) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - assertThat("Response must be 403", response.getStatus(), is(403)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(username = "reader_realm1", roles = "ASI_APPA") + public void get403WhenAddIncorrectAttributes() throws Exception { + + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) + .when(userService) + .addAppManagedAttribute( + Mockito.eq("test"), + Mockito.eq("test"), + Mockito.eq("Toto"), + Mockito.eq("my-attribute-key2"), + Mockito.eq("prop_role_appA"), + Mockito.any(ProviderRequest.class)); + Mockito.when(configService.getRealm("test")).thenReturn(realm); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.patch( + "/realms/test/storages/test/users/Toto/my-attribute-key2/prop_role_appA") + .contentType(MediaType.APPLICATION_JSON) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + assertThat("Response must be 403", response.getStatus(), is(403)); } @Test @WithMockUser(username = "reader_realm1", roles = "ASI_SUGOI") - public void get403WhenNoRightIncorrectAttributes() { - try { - - Mockito.when( - permissionService.isWriter(Mockito.any(), Mockito.anyString(), Mockito.anyString())) - .thenReturn(false); - Mockito.when(configService.getRealm(Mockito.anyString())).thenReturn(realm); - Mockito.when( - permissionService.getAllowedAttributePattern( - Mockito.any(), Mockito.anyString(), Mockito.any(), Mockito.anyString())) - .thenReturn(List.of("(.*)_sugoi")); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.patch( - "/realms/domaine1/storages/test/users/Toto/my-attribute-key/prop_role_appA") - .contentType(MediaType.APPLICATION_JSON) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - assertThat("Response must be 403", response.getStatus(), is(403)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get403WhenNoRightIncorrectAttributes() throws Exception { + + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) + .when(userService) + .addAppManagedAttribute( + Mockito.eq("test"), + Mockito.eq("test"), + Mockito.eq("Toto"), + Mockito.eq("my-attribute-key"), + Mockito.eq("prop_role_appA"), + Mockito.any(ProviderRequest.class)); + Mockito.when(configService.getRealm(Mockito.anyString())).thenReturn(realm); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.patch( + "/realms/test/storages/test/users/Toto/my-attribute-key/prop_role_appA") + .contentType(MediaType.APPLICATION_JSON) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + assertThat("Response must be 403", response.getStatus(), is(403)); } } diff --git a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java index 39ec5eba..d31c9597 100644 --- a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java +++ b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java @@ -15,25 +15,29 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.is; -import static org.junit.jupiter.api.Assertions.fail; import static org.mockito.Mockito.verify; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; +import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.type.TypeReference; +import com.fasterxml.jackson.databind.JsonMappingException; import com.fasterxml.jackson.databind.ObjectMapper; import fr.insee.sugoi.commons.services.controller.technics.SugoiAdviceController; import fr.insee.sugoi.core.exceptions.ApplicationAlreadyExistException; import fr.insee.sugoi.core.exceptions.ApplicationNotFoundException; +import fr.insee.sugoi.core.model.ProviderRequest; import fr.insee.sugoi.core.model.ProviderResponse; import fr.insee.sugoi.core.model.ProviderResponse.ProviderResponseStatus; import fr.insee.sugoi.core.service.ApplicationService; import fr.insee.sugoi.model.Application; import fr.insee.sugoi.model.paging.PageResult; -import java.util.ArrayList; +import fr.insee.sugoi.model.paging.PageableResult; +import java.io.UnsupportedEncodingException; import java.util.List; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; +import org.junit.jupiter.api.DisplayName; import org.junit.jupiter.api.Test; +import org.mockito.ArgumentMatcher; import org.mockito.Mockito; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; @@ -59,438 +63,427 @@ public class ApplicationControllerTest { @MockBean private ApplicationService applicationService; ObjectMapper objectMapper = new ObjectMapper(); - Application application1, application2, application1Updated; - PageResult pageResult; + + class ApplicationMatcher implements ArgumentMatcher { + + private String name; + + public ApplicationMatcher(String name) { + this.name = name; + } + + @Override + public boolean matches(Application application) { + return application.getName() != null && application.getName().equals(name); + } + } + + class PageableResultMatcher implements ArgumentMatcher { + + private int size; + + public PageableResultMatcher(int size) { + this.size = size; + } + + @Override + public boolean matches(PageableResult pageableResult) { + return pageableResult.getSize() == size; + } + } @BeforeEach public void setup() { - application1 = new Application(); + + Application application1 = new Application(); application1.setName("SuperAppli"); application1.setOwner("Amoi"); - application2 = new Application(); + Mockito.when(applicationService.findById("domaine1", "SuperAppli")).thenReturn(application1); + Mockito.when(applicationService.findById("domaine1", "dontexist")) + .thenThrow(ApplicationNotFoundException.class); + + Application application2 = new Application(); application2.setName("SuperAppli2"); application2.setOwner("Amoi2"); - application1Updated = new Application(); - application1Updated.setName("SuperAppli"); - application1Updated.setOwner("NewOwner"); + Application application3 = new Application(); + application3.setName("Application3"); - List applications = new ArrayList<>(); - applications.add(application1); - applications.add(application2); - pageResult = new PageResult(); + List applications = List.of(application1, application2, application3); + PageResult pageResult = new PageResult(); pageResult.setResults(applications); - pageResult.setSearchToken("mySearchToken"); + + Mockito.when( + applicationService.findByProperties( + Mockito.eq("domaine1"), + Mockito.any(Application.class), + Mockito.any(PageableResult.class))) + .thenReturn(pageResult); + + PageResult pageResultMoreResults = new PageResult(); + pageResultMoreResults.setSearchToken("mySearchToken"); + pageResultMoreResults.setResults(applications); + pageResultMoreResults.setHasMoreResult(true); + + Mockito.when( + applicationService.findByProperties( + Mockito.eq("domaine1"), + Mockito.any(Application.class), + Mockito.argThat(new PageableResultMatcher(2)))) + .thenReturn(pageResultMoreResults); + + PageResult onlyAppli2PageResult = new PageResult<>(); + onlyAppli2PageResult.setResults(List.of(application2)); + + Mockito.when( + applicationService.findByProperties( + Mockito.eq("domaine1"), + Mockito.argThat(new ApplicationMatcher("Appli2")), + Mockito.any(PageableResult.class))) + .thenReturn(onlyAppli2PageResult); + + Application newAppli = new Application(); + newAppli.setName("NewAppli"); + + Mockito.doReturn( + new ProviderResponse( + "NewAppli", "requestId", ProviderResponseStatus.OK, newAppli, null)) + .when(applicationService) + .create( + Mockito.eq("domaine1"), + Mockito.argThat(new ApplicationMatcher("NewAppli")), + Mockito.any(ProviderRequest.class)); + + Mockito.when( + applicationService.create( + Mockito.anyString(), + Mockito.argThat(new ApplicationMatcher("ExistingApp")), + Mockito.any())) + .thenThrow( + new ApplicationAlreadyExistException( + "Application ExistingApp already exist in realm domaine1")); + + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) + .when(applicationService) + .delete( + Mockito.eq("domaine1"), Mockito.eq("supprimemoi"), Mockito.any(ProviderRequest.class)); + + Mockito.doThrow(new ApplicationNotFoundException("domaine1", "dontexist")) + .when(applicationService) + .delete(Mockito.anyString(), Mockito.anyString(), Mockito.any()); + + Application applicationToUpdate = new Application(); + applicationToUpdate.setName("ToUpdate"); + applicationToUpdate.setOwner("OldOwner"); + Application applicationUpdated = new Application(); + applicationUpdated.setName("ToUpdate"); + applicationUpdated.setOwner("NewOwner"); + + Mockito.when(applicationService.findById("domaine1", "ToUpdate")) + .thenReturn(applicationToUpdate) + .thenReturn(applicationUpdated); + Mockito.doReturn( + new ProviderResponse( + "", "requestId", ProviderResponseStatus.OK, applicationUpdated, null)) + .when(applicationService) + .update( + Mockito.eq("domaine1"), + Mockito.argThat(new ApplicationMatcher("ToUpdate")), + Mockito.any(ProviderRequest.class)); + + Mockito.doThrow(new ApplicationNotFoundException("domaine1", "dontexist")) + .when(applicationService) + .update( + Mockito.eq("domaine1"), + Mockito.argThat(new ApplicationMatcher("dontexist")), + Mockito.any()); } - // Test read requests on good query + // Test on search applications @Test - @WithMockUser - public void retrieveAllApplications() { - try { - - Mockito.when( - applicationService.findByProperties( - Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenReturn(pageResult); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/applications") - .accept(MediaType.APPLICATION_JSON); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - TypeReference> mapType = - new TypeReference>() {}; - PageResult appRes = - objectMapper.readValue(response.getContentAsString(), mapType); - - assertThat( - "First element should be SuperAppli", - appRes.getResults().get(0).getName(), - is("SuperAppli")); - assertThat( - "SuperAppli should have owner Amoi", appRes.getResults().get(0).getOwner(), is("Amoi")); - assertThat( - "Second element should be SuperAppli2", - appRes.getResults().get(1).getName(), - is("SuperAppli2")); - assertThat( - "SuperAppli2 should have owner Amoi2", - appRes.getResults().get(1).getOwner(), - is("Amoi2")); - assertThat("Response code should be 200", response.getStatus(), is(200)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(roles = "SUGOI_ADMIN") + public void searchAllApplications() throws Exception { + + MockHttpServletResponse response = searchAllApplicationOnDomaine1(); + PageResult appRes = convertResponseToAppPageResult(response); + + assertThat("Response code should be 200", response.getStatus(), is(200)); + assertThat( + "Retrieving all applications should retrieve SuperAppli", + appRes.getResults().stream().anyMatch(app -> app.getName().equalsIgnoreCase("SuperAppli"))); + assertThat( + "The application SuperAppli should have its own data", + appRes.getResults().stream() + .filter(app -> app.getName().equalsIgnoreCase("SuperAppli")) + .findFirst() + .get() + .getOwner(), + is("Amoi")); + assertThat( + "Retrieving all applications should retrieve SuperAppli2", + appRes.getResults().stream().anyMatch(app -> app.getName().equalsIgnoreCase("SuperAppli"))); + assertThat( + "The application SuperAppli2 should have its own data", + appRes.getResults().stream() + .filter(app -> app.getName().equalsIgnoreCase("SuperAppli2")) + .findFirst() + .get() + .getOwner(), + is("Amoi2")); } - @Disabled @Test - @WithMockUser - public void shouldRetrieveSomeApplications() {} + public void searchAllApplicationsNotAuthenticatedLeadsTo401() throws Exception { + assertThat( + "Response code should be 401", searchAllApplicationOnDomaine1().getStatus(), is(401)); + } @Test - @WithMockUser - public void shouldGetApplicationByID() { - try { + @WithMockUser(roles = "SUGOI_ADMIN") + public void searchApplicationsByNameCriteria() throws Exception { - Mockito.when(applicationService.findById("domaine1", "SuperAppli")).thenReturn(application1); + PageResult appRes = + convertResponseToAppPageResult(searchApplicationOnDomaine1ByName("Appli2")); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/applications/SuperAppli") - .accept(MediaType.APPLICATION_JSON); + assertThat("Only contains one application SuperAppli2", appRes.getResults().size(), is(1)); + assertThat( + "Only element should be SuperAppli2", + appRes.getResults().get(0).getName(), + is("SuperAppli2")); + } - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - Application res = objectMapper.readValue(response.getContentAsString(), Application.class); + @Test + @WithMockUser(roles = "SUGOI_ADMIN") + @DisplayName( + "Given there is more resuls than the number of result required, " + + "then the location header should give the next page location") + public void getNextLocationInSearchResponse() throws Exception { + assertThat( + "Location header gives next page", + searchApplicationOnDomaine1Uncomplete().getHeader("Location"), + is("http://localhost/realms/domaine1/applications?size=2&searchToken=mySearchToken")); + } - verify(applicationService).findById("domaine1", "SuperAppli"); - assertThat("Application returned should be SuperAppli", res.getName(), is("SuperAppli")); - assertThat("Application returned should be owned by Amoi", res.getOwner(), is("Amoi")); + // tests on get application - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @Test + @WithMockUser(roles = "SUGOI_ADMIN") + public void getApplicationById() throws Exception { + + Application res = convertResponseToApplication(getApplicationOnDomaine1ByName("SuperAppli")); + + verify(applicationService).findById("domaine1", "SuperAppli"); + assertThat("Application returned should be SuperAppli", res.getName(), is("SuperAppli")); + assertThat("Application returned should be owned by Amoi", res.getOwner(), is("Amoi")); } - // Test write requests + @Test + @WithMockUser(roles = "SUGOI_ADMIN") + public void get404WhenNoApplicationIsFoundWhenGetById() throws Exception { + assertThat( + "Should respond 404", getApplicationOnDomaine1ByName("dontexist").getStatus(), is(404)); + } + + // Test create applications @Test - @WithMockUser - public void deleteShouldCallDeleteService() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/applications/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) - .when(applicationService) - .delete(Mockito.any(), Mockito.any(), Mockito.any()); - mockMvc.perform(requestBuilder).andReturn(); - verify(applicationService).delete(Mockito.anyString(), Mockito.anyString(), Mockito.any()); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(roles = "SUGOI_ADMIN") + public void postShouldCallPostServiceAndReturnNewApp() throws Exception { + + Application application = new Application(); + application.setName("NewAppli"); + MockHttpServletResponse response = createApplicationOnDomaine1(application); + verify(applicationService) + .create( + Mockito.eq("domaine1"), + Mockito.argThat(new ApplicationMatcher("NewAppli")), + Mockito.any(ProviderRequest.class)); + assertThat( + "Should get new application", + objectMapper.readValue(response.getContentAsString(), Application.class).getName(), + is("NewAppli")); } @Test - @WithMockUser - public void updateShouldCallUpdateServiceAndReturnNewApp() { - try { - - Mockito.when(applicationService.findById("domaine1", "SuperAppli")) - .thenReturn(application1Updated); - Mockito.doReturn( - new ProviderResponse( - "", "requestId", ProviderResponseStatus.OK, application1Updated, null)) - .when(applicationService) - .update(Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/applications/SuperAppli") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1Updated)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - verify(applicationService).update(Mockito.anyString(), Mockito.any(), Mockito.any()); - assertThat( - "Should get updated application", - objectMapper.readValue(response.getContentAsString(), Application.class).getOwner(), - is("NewOwner")); - - assertThat( - "Should get location", - response.getHeader("Location"), - is("http://localhost/realms/domaine1/applications/SuperAppli")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(roles = "SUGOI_ADMIN") + public void getObjectLocationInApplicationCreationResponse() throws Exception { + Application application = new Application(); + application.setName("NewAppli"); + assertThat( + "Location header gives get uri", + createApplicationOnDomaine1(application).getHeader("Location"), + is("http://localhost/realms/domaine1/applications/NewAppli")); } @Test - @WithMockUser - public void postShouldCallPostServiceAndReturnNewApp() { - - try { - Mockito.doReturn( - new ProviderResponse("", "requestId", ProviderResponseStatus.OK, application1, null)) - .when(applicationService) - .create(Mockito.any(), Mockito.any(), Mockito.any()); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/applications") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - verify(applicationService).create(Mockito.any(), Mockito.any(), Mockito.any()); - assertThat( - "Should get new application", - objectMapper.readValue(response.getContentAsString(), Application.class).getName(), - is("SuperAppli")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(roles = "SUGOI_ADMIN") + public void get409WhenCreatingAlreadyExistingApplication() throws Exception { + Application application = new Application(); + application.setName("ExistingApp"); + assertThat("Should respond 409", createApplicationOnDomaine1(application).getStatus(), is(409)); } - // Test location headers @Test - @WithMockUser - public void getNextLocationInSearchResponse() { - try { - - pageResult.setHasMoreResult(true); - - Mockito.when( - applicationService.findByProperties( - Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenReturn(pageResult); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/applications?size=2") - .accept(MediaType.APPLICATION_JSON); - - assertThat( - "Location header gives next page", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is("http://localhost/realms/domaine1/applications?size=2&searchToken=mySearchToken")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnCreateApplicationWhenNotAuhtenticated() throws Exception { + assertThat( + "Should respond 401", createApplicationOnDomaine1(new Application()).getStatus(), is(401)); } + // Test delete application + @Test - @WithMockUser - public void getObjectLocationInApplicationCreationResponse() { - try { - - Mockito.when(applicationService.create(Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenReturn( - new ProviderResponse( - application1.getName(), null, ProviderResponseStatus.OK, application1, null)); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/applications") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Location header gives get uri", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is("http://localhost/realms/domaine1/applications/SuperAppli")); - - } catch (Exception e1) { - e1.printStackTrace(); - fail(); - } + @WithMockUser(roles = "SUGOI_ADMIN") + public void deleteShouldCallDeleteService() throws Exception { + + deleteApplicationOnDomaine1("supprimemoi"); + verify(applicationService) + .delete( + Mockito.eq("domaine1"), Mockito.eq("supprimemoi"), Mockito.any(ProviderRequest.class)); } - // Test response codes on error @Test - public void get401OnCreateApplicationWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/domaine1/applications") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnDeleteApplicationWhenNotAuhtenticated() throws Exception { + assertThat( + "Should respond 401", deleteApplicationOnDomaine1("supprimemoi").getStatus(), is(401)); } @Test - public void get401OnDeleteApplicationWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/applications/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(roles = "SUGOI_ADMIN") + public void get404WhenNoApplicationIsFoundWhenDelete() throws Exception { + + assertThat( + "Should respond 404", deleteApplicationOnDomaine1("supprimemoi").getStatus(), is(404)); } + // Test update application + @Test - public void get401OnUpdateApplicationWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/applications/SuperAppli") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + @WithMockUser(roles = "SUGOI_ADMIN") + public void updateShouldCallUpdateServiceAndReturnNewApp() throws Exception { + + Application toUpdate = new Application(); + toUpdate.setName("ToUpdate"); + toUpdate.setOwner("OldOwner"); + + MockHttpServletResponse response = updateApplicationOnDomaine1("ToUpdate", toUpdate); + + verify(applicationService) + .update( + Mockito.eq("domaine1"), + Mockito.argThat(new ApplicationMatcher("ToUpdate")), + Mockito.any(ProviderRequest.class)); + assertThat( + "Should get updated application", + convertResponseToApplication(response).getOwner(), + is("NewOwner")); + + assertThat( + "Should get location", + response.getHeader("Location"), + is("http://localhost/realms/domaine1/applications/ToUpdate")); } @Test - @WithMockUser - public void get409WhenCreatingAlreadyExistingApplication() { - try { - - Mockito.when(applicationService.create(Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenThrow( - new ApplicationAlreadyExistException( - "Application " - + application1.getName() - + " already exist in realm " - + "domaine1")); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/applications") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 409", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(409)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnUpdateApplicationWhenNotAuhtenticated() throws Exception { + assertThat( + "Should respond 401", + updateApplicationOnDomaine1("toUpdate", new Application()).getStatus(), + is(401)); } @Test - @WithMockUser - public void get404WhenNoApplicationIsFoundWhenGetById() { - try { + @WithMockUser(roles = "SUGOI_ADMIN") + public void get400WhenApplicationIdDoesntMatchBody() throws Exception { + Application toUpdateAppli = new Application(); + toUpdateAppli.setName("toUpdate"); + assertThat( + "Should respond 400", + updateApplicationOnDomaine1("Toto", toUpdateAppli).getStatus(), + is(400)); + } - Mockito.when(applicationService.findById("domaine1", "dontexist")) - .thenThrow(ApplicationNotFoundException.class); + @Test + @WithMockUser(roles = "SUGOI_ADMIN") + public void get404WhenNoApplicationIsFoundWhenUpdate() throws Exception { + Application dontexist = new Application(); + dontexist.setName("dontexist"); + assertThat( + "Should respond 404", + updateApplicationOnDomaine1("dontexist", dontexist).getStatus(), + is(404)); + } - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/applications/dontexist") - .accept(MediaType.APPLICATION_JSON); + private MockHttpServletResponse searchAllApplicationOnDomaine1() throws Exception { + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications") + .accept(MediaType.APPLICATION_JSON); + return mockMvc.perform(requestBuilder).andReturn().getResponse(); + } - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); + private MockHttpServletResponse searchApplicationOnDomaine1ByName(String name) throws Exception { + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications") + .param("name", name) + .accept(MediaType.APPLICATION_JSON); + return mockMvc.perform(requestBuilder).andReturn().getResponse(); + } - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + private MockHttpServletResponse searchApplicationOnDomaine1Uncomplete() throws Exception { + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications?size=2") + .accept(MediaType.APPLICATION_JSON); + return mockMvc.perform(requestBuilder).andReturn().getResponse(); } - @Test - @WithMockUser - public void get400WhenNoApplicationIdDoesntMatchBody() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/applications/dontexist") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(400)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + private MockHttpServletResponse getApplicationOnDomaine1ByName(String name) throws Exception { + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications/" + name) + .accept(MediaType.APPLICATION_JSON); + return mockMvc.perform(requestBuilder).andReturn().getResponse(); } - @Test - @WithMockUser - public void get404WhenNoApplicationIsFoundWhenUpdate() { - try { - Mockito.doThrow(new ApplicationNotFoundException("domaine1", "SuperAppli")) - .when(applicationService) - .update(Mockito.anyString(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/applications/SuperAppli") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(application1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + private MockHttpServletResponse createApplicationOnDomaine1(Application application) + throws Exception { + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post("/realms/domaine1/applications") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(application)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + return mockMvc.perform(requestBuilder).andReturn().getResponse(); } - @Test - @WithMockUser - public void get404WhenNoApplicationIsFoundWhenDelete() { - try { - - Mockito.doThrow(new ApplicationNotFoundException("domaine1", "dontexist")) - .when(applicationService) - .delete(Mockito.anyString(), Mockito.anyString(), Mockito.any()); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/applications/dontexist") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + private MockHttpServletResponse deleteApplicationOnDomaine1(String applicationName) + throws Exception { + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete("/realms/domaine1/applications/supprimemoi") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + return mockMvc.perform(requestBuilder).andReturn().getResponse(); + } + ; + + private MockHttpServletResponse updateApplicationOnDomaine1( + String applicationName, Application application) throws Exception { + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/applications/" + applicationName) + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(application)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + return mockMvc.perform(requestBuilder).andReturn().getResponse(); + } + + private PageResult convertResponseToAppPageResult(MockHttpServletResponse response) + throws JsonMappingException, JsonProcessingException, UnsupportedEncodingException { + return objectMapper.readValue( + response.getContentAsString(), new TypeReference>() {}); + } + + private Application convertResponseToApplication(MockHttpServletResponse response) + throws Exception { + return objectMapper.readValue(response.getContentAsString(), Application.class); } } diff --git a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/GroupControllerTest.java b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/GroupControllerTest.java index 63a2b62a..b099d1f7 100644 --- a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/GroupControllerTest.java +++ b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/GroupControllerTest.java @@ -15,25 +15,27 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.is; -import static org.junit.jupiter.api.Assertions.fail; import static org.mockito.Mockito.verify; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.ObjectMapper; import fr.insee.sugoi.commons.services.controller.technics.SugoiAdviceController; +import fr.insee.sugoi.commons.services.view.ErrorView; import fr.insee.sugoi.core.exceptions.GroupAlreadyExistException; import fr.insee.sugoi.core.exceptions.GroupNotFoundException; +import fr.insee.sugoi.core.model.ProviderRequest; import fr.insee.sugoi.core.model.ProviderResponse; import fr.insee.sugoi.core.model.ProviderResponse.ProviderResponseStatus; import fr.insee.sugoi.core.service.GroupService; import fr.insee.sugoi.model.Group; import fr.insee.sugoi.model.paging.PageResult; +import fr.insee.sugoi.model.paging.PageableResult; import java.util.ArrayList; import java.util.List; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; +import org.mockito.ArgumentMatcher; import org.mockito.Mockito; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; @@ -62,6 +64,20 @@ public class GroupControllerTest { Group group1, group2, group2Updated; PageResult pageResult; + class GroupDescriptionMatcher implements ArgumentMatcher { + + private String description; + + public GroupDescriptionMatcher(String description) { + this.description = description; + } + + @Override + public boolean matches(Group group) { + return group.getDescription().equals(description); + } + } + @BeforeEach public void setup() { group1 = new Group(); @@ -88,405 +104,365 @@ public void setup() { @Test @WithMockUser - public void retrieveAllGroups() { - try { - - Mockito.when( - groupService.findByProperties( - Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenReturn(pageResult); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups") - .accept(MediaType.APPLICATION_JSON); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - TypeReference> mapType = new TypeReference>() {}; - PageResult appRes = objectMapper.readValue(response.getContentAsString(), mapType); - - assertThat( - "First element should be Group1", appRes.getResults().get(0).getName(), is("Group1")); - assertThat( - "Second element should be Group2", appRes.getResults().get(1).getName(), is("Group2")); - assertThat("Response code should be 200", response.getStatus(), is(200)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void retrieveAllGroups() throws Exception { + + Mockito.when( + groupService.findByProperties( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.any(Group.class), + Mockito.any(PageableResult.class))) + .thenReturn(pageResult); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups") + .accept(MediaType.APPLICATION_JSON); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + TypeReference> mapType = new TypeReference>() {}; + PageResult appRes = objectMapper.readValue(response.getContentAsString(), mapType); + + assertThat( + "First element should be Group1", appRes.getResults().get(0).getName(), is("Group1")); + assertThat( + "Second element should be Group2", appRes.getResults().get(1).getName(), is("Group2")); + assertThat("Response code should be 200", response.getStatus(), is(200)); } - @Disabled @Test @WithMockUser - public void shouldRetrieveSomeGroups() {} + public void shouldRetrieveSomeGroups() throws Exception { + + PageResult onlySuperPageResult = new PageResult<>(); + onlySuperPageResult.setResults(List.of(group1)); + + Mockito.when( + groupService.findByProperties( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.argThat(new GroupDescriptionMatcher("super")), + Mockito.any(PageableResult.class))) + .thenReturn(onlySuperPageResult); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups") + .param("description", "super") + .accept(MediaType.APPLICATION_JSON); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + TypeReference> mapType = new TypeReference>() {}; + PageResult appRes = objectMapper.readValue(response.getContentAsString(), mapType); + + assertThat("Should be only super description", appRes.getResults().size(), is(1)); + } @Test @WithMockUser - public void shouldGetGroupByID() { - try { - - Mockito.when(groupService.findById("domaine1", "monApplication", "Group1")) - .thenReturn(group1); + public void shouldGetGroupByID() throws Exception { - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups/Group1") - .accept(MediaType.APPLICATION_JSON); + Mockito.when(groupService.findById("domaine1", "monApplication", "Group1")).thenReturn(group1); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - Group res = objectMapper.readValue(response.getContentAsString(), Group.class); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups/Group1") + .accept(MediaType.APPLICATION_JSON); - verify(groupService).findById("domaine1", "monApplication", "Group1"); - assertThat("Group returned should be Group1", res.getName(), is("Group1")); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + Group res = objectMapper.readValue(response.getContentAsString(), Group.class); - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + verify(groupService).findById("domaine1", "monApplication", "Group1"); + assertThat("Group returned should be Group1", res.getName(), is("Group1")); } // Test write requests @Test @WithMockUser - public void deleteShouldCallDeleteService() { - try { - Mockito.doReturn( - new ProviderResponse("", "requestId", ProviderResponseStatus.OK, group1, null)) - .when(groupService) - .delete(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete( - "/realms/domaine1/applications/monApplication/groups/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - mockMvc.perform(requestBuilder).andReturn(); - verify(groupService) - .delete(Mockito.anyString(), Mockito.anyString(), Mockito.anyString(), Mockito.any()); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void deleteShouldCallDeleteService() throws Exception { + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, group1, null)) + .when(groupService) + .delete( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.eq("supprimemoi"), + Mockito.any(ProviderRequest.class)); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete( + "/realms/domaine1/applications/monApplication/groups/supprimemoi") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + mockMvc.perform(requestBuilder).andReturn(); + verify(groupService) + .delete( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.eq("supprimemoi"), + Mockito.any(ProviderRequest.class)); } @Test @WithMockUser - public void updateShouldCallUpdateServiceAndReturnNewApp() { - try { - - Mockito.when(groupService.findById("domaine1", "monApplication", "Group2")) - .thenReturn(group2Updated); - Mockito.doReturn( - new ProviderResponse( - "Group2", "requestId", ProviderResponseStatus.OK, group2Updated, null)) - .when(groupService) - .update(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/applications/monApplication/groups/Group2") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group2Updated)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - verify(groupService) - .update(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); - assertThat( - "Should get updated group", - objectMapper.readValue(response.getContentAsString(), Group.class).getDescription(), - is("groupe pas fou")); - - assertThat( - "Should get location", - response.getHeader("Location"), - is("http://localhost/realms/domaine1/applications/monApplication/groups/Group2")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void updateShouldCallUpdateServiceAndReturnNewApp() throws Exception { + + Mockito.when(groupService.findById("domaine1", "monApplication", "Group2")) + .thenReturn(group2Updated); + Mockito.doReturn( + new ProviderResponse( + "Group2", "requestId", ProviderResponseStatus.OK, group2Updated, null)) + .when(groupService) + .update( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.argThat(new GroupDescriptionMatcher("groupe pas fou")), + Mockito.any(ProviderRequest.class)); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/applications/monApplication/groups/Group2") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group2Updated)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + verify(groupService) + .update( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.argThat(new GroupDescriptionMatcher("groupe pas fou")), + Mockito.any(ProviderRequest.class)); + assertThat( + "Should get updated group", + objectMapper.readValue(response.getContentAsString(), Group.class).getDescription(), + is("groupe pas fou")); + + assertThat( + "Should get location", + response.getHeader("Location"), + is("http://localhost/realms/domaine1/applications/monApplication/groups/Group2")); } @Test @WithMockUser - public void postShouldCallPostServiceAndReturnNewApp() { - - try { - Mockito.doReturn( - new ProviderResponse("", "requestId", ProviderResponseStatus.OK, group1, null)) - .when(groupService) - .create(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - verify(groupService) - .create(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); - assertThat( - "Should get new group", - objectMapper.readValue(response.getContentAsString(), Group.class).getName(), - is("Group1")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void postShouldCallPostServiceAndReturnNewApp() throws Exception { + + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, group1, null)) + .when(groupService) + .create( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.argThat(new GroupDescriptionMatcher("super groupe")), + Mockito.any()); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + verify(groupService) + .create( + Mockito.eq("domaine1"), + Mockito.eq("monApplication"), + Mockito.argThat(new GroupDescriptionMatcher("super groupe")), + Mockito.any()); + assertThat( + "Should get new group", + objectMapper.readValue(response.getContentAsString(), Group.class).getName(), + is("Group1")); } // Test location headers @Test @WithMockUser - public void getNextLocationInSearchResponse() { - try { - - pageResult.setHasMoreResult(true); - - Mockito.when( - groupService.findByProperties( - Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenReturn(pageResult); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups?size=2") - .accept(MediaType.APPLICATION_JSON); - - assertThat( - "Location header gives next page", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is( - "http://localhost/realms/domaine1/applications/monApplication/groups?size=2&searchToken=mySearchToken")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void getNextLocationInSearchResponse() throws Exception { + + pageResult.setHasMoreResult(true); + + Mockito.when( + groupService.findByProperties( + Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any())) + .thenReturn(pageResult); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups?size=2") + .accept(MediaType.APPLICATION_JSON); + + assertThat( + "Location header gives next page", + mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), + is( + "http://localhost/realms/domaine1/applications/monApplication/groups?size=2&searchToken=mySearchToken")); } @Test @WithMockUser - public void getObjectLocationInGroupCreationResponse() { - try { - - Mockito.when( - groupService.create( - Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenReturn( - new ProviderResponse(group1.getName(), null, ProviderResponseStatus.OK, null, null)); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Location header gives get uri", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is("http://localhost/realms/domaine1/applications/monApplication/groups/Group1")); - - } catch (Exception e1) { - e1.printStackTrace(); - fail(); - } + public void getObjectLocationInGroupCreationResponse() throws Exception { + + Mockito.when( + groupService.create( + Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any())) + .thenReturn( + new ProviderResponse(group1.getName(), null, ProviderResponseStatus.OK, null, null)); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Location header gives get uri", + mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), + is("http://localhost/realms/domaine1/applications/monApplication/groups/Group1")); } // Test response codes on error @Test - public void get401OnCreateGroupWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnCreateGroupWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test - public void get401OnDeleteGroupWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete( - "/realms/domaine1/applications/monApplication/groups/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnDeleteGroupWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete( + "/realms/domaine1/applications/monApplication/groups/supprimemoi") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test - public void get401OnUpdateGroupWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/application/monApplication/groups/Group1") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnUpdateGroupWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/application/monApplication/groups/Group1") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test @WithMockUser - public void get409WhenCreatingAlreadyExistingGroup() { - try { - - Mockito.when( - groupService.create( - Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenThrow(new GroupAlreadyExistException("")); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 409", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(409)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get409WhenCreatingAlreadyExistingGroup() throws Exception { + + Mockito.when( + groupService.create( + Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any())) + .thenThrow(new GroupAlreadyExistException("")); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post("/realms/domaine1/applications/monApplication/groups") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 409", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(409)); } @Test @WithMockUser - public void get404WhenNoGroupIsFoundWhenGetById() { - try { - - Mockito.when(groupService.findById("domaine1", "monApplication", "dontexist")) - .thenThrow(new GroupNotFoundException("domaine1", "monApplication", "dontexist")); + public void get404WhenNoGroupIsFoundWhenGetById() throws Exception { - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/application/monApplication/groups/dontexist") - .accept(MediaType.APPLICATION_JSON); + Mockito.when(groupService.findById("domaine1", "monApplication", "dontexist")) + .thenThrow(new GroupNotFoundException("domaine1", "monApplication", "dontexist")); - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/applications/monApplication/groups/dontexist") + .accept(MediaType.APPLICATION_JSON); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + assertThat("Should respond 404", response.getStatus(), is(404)); + assertThat( + "Body should be error view", + objectMapper.readValue(response.getContentAsString(), ErrorView.class).getMessage(), + is("Group dontexist of application monApplication does not exist in realm domaine1")); } @Test @WithMockUser - public void get400WhenNoGroupIdDoesntMatchBody() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put( - "/realms/domaine1/applications/monApplication/groups/dontexist") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(400)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get400WhenGroupIdDoesntMatchBody() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/applications/monApplication/groups/dontexist") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 400", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(400)); } @Test @WithMockUser - public void get404WhenNoGroupIsFoundWhenUpdate() { - try { - - Mockito.doThrow(new GroupNotFoundException("domaine1", "monApplication", "Group1")) - .when(groupService) - .update(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/applications/monApplication/groups/Group1") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(group1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get404WhenNoGroupIsFoundWhenUpdate() throws Exception { + + Mockito.doThrow(new GroupNotFoundException("domaine1", "monApplication", "Group1")) + .when(groupService) + .update(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/applications/monApplication/groups/Group1") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(group1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + assertThat("Should respond 404", response.getStatus(), is(404)); + assertThat( + "Response should be an ErrorView", + objectMapper.readValue(response.getContentAsString(), ErrorView.class).getMessage(), + is("Group Group1 of application monApplication does not exist in realm domaine1")); } @Test @WithMockUser - public void get404WhenNoGroupIsFoundWhenDelete() { - try { - - Mockito.doThrow(new GroupNotFoundException("domaine1", "monApplication", "dontexist")) - .when(groupService) - .delete(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete( - "/realms/domaine1/groups/application/monApplication/dontexist") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get404WhenNoGroupIsFoundWhenDelete() throws Exception { + + Mockito.doThrow(new GroupNotFoundException("domaine1", "monApplication", "dontexist")) + .when(groupService) + .delete(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete( + "/realms/domaine1/applications/monApplication/groups/dontexist") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + assertThat("Should respond 404", response.getStatus(), is(404)); + assertThat( + "Response should be an ErrorView", + objectMapper.readValue(response.getContentAsString(), ErrorView.class).getMessage(), + is("Group dontexist of application monApplication does not exist in realm domaine1")); } } diff --git a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/OrganizationControllerTest.java b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/OrganizationControllerTest.java index 8fe26466..938b7f32 100644 --- a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/OrganizationControllerTest.java +++ b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/OrganizationControllerTest.java @@ -15,7 +15,6 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.is; -import static org.junit.jupiter.api.Assertions.fail; import static org.mockito.Mockito.verify; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; @@ -24,16 +23,19 @@ import fr.insee.sugoi.commons.services.controller.technics.SugoiAdviceController; import fr.insee.sugoi.core.exceptions.OrganizationAlreadyExistException; import fr.insee.sugoi.core.exceptions.OrganizationNotFoundException; +import fr.insee.sugoi.core.model.ProviderRequest; import fr.insee.sugoi.core.model.ProviderResponse; import fr.insee.sugoi.core.model.ProviderResponse.ProviderResponseStatus; import fr.insee.sugoi.core.service.OrganizationService; import fr.insee.sugoi.model.Organization; import fr.insee.sugoi.model.paging.PageResult; +import fr.insee.sugoi.model.paging.PageableResult; +import fr.insee.sugoi.model.paging.SearchType; import java.util.ArrayList; import java.util.List; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; +import org.mockito.ArgumentMatcher; import org.mockito.Mockito; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; @@ -62,6 +64,20 @@ public class OrganizationControllerTest { Organization organization1, organization2, organization2Updated; PageResult pageResult; + class OrganizationMatcher implements ArgumentMatcher { + + private String id; + + public OrganizationMatcher(String id) { + this.id = id; + } + + @Override + public boolean matches(Organization organization) { + return organization.getIdentifiant().equals(id); + } + } + @BeforeEach public void setup() { organization1 = new Organization(); @@ -86,421 +102,367 @@ public void setup() { @Test @WithMockUser - public void retrieveAllOrganizations() { - try { - - Mockito.when( - organizationService.findByProperties( - Mockito.anyString(), - Mockito.isNull(), - Mockito.any(), - Mockito.any(), - Mockito.any())) - .thenReturn(pageResult); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/organizations") - .accept(MediaType.APPLICATION_JSON); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - TypeReference> mapType = - new TypeReference>() {}; - PageResult appRes = - objectMapper.readValue(response.getContentAsString(), mapType); - - assertThat( - "First element should be BigOrga", - appRes.getResults().get(0).getIdentifiant(), - is("BigOrga")); - assertThat( - "Second element should be SimpleOrga", - appRes.getResults().get(1).getIdentifiant(), - is("SimpleOrga")); - assertThat("Response code should be 200", response.getStatus(), is(200)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void retrieveAllOrganizations() throws Exception { + + Mockito.when( + organizationService.findByProperties( + Mockito.eq("domaine1"), + Mockito.isNull(), + Mockito.any(Organization.class), + Mockito.any(PageableResult.class), + Mockito.any(SearchType.class))) + .thenReturn(pageResult); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/organizations") + .accept(MediaType.APPLICATION_JSON); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + TypeReference> mapType = + new TypeReference>() {}; + PageResult appRes = + objectMapper.readValue(response.getContentAsString(), mapType); + + assertThat( + "First element should be BigOrga", + appRes.getResults().get(0).getIdentifiant(), + is("BigOrga")); + assertThat( + "Second element should be SimpleOrga", + appRes.getResults().get(1).getIdentifiant(), + is("SimpleOrga")); + assertThat("Response code should be 200", response.getStatus(), is(200)); } - @Disabled @Test @WithMockUser - public void shouldRetrieveSomeOrganizations() {} + public void shouldRetrieveSomeOrganizations() throws Exception { + + PageResult onlySimpleOrgaPageResult = new PageResult<>(); + onlySimpleOrgaPageResult.setResults(List.of(organization1)); + + Mockito.when( + organizationService.findByProperties( + Mockito.eq("domaine1"), + Mockito.isNull(), + Mockito.argThat(new OrganizationMatcher("Simple")), + Mockito.any(PageableResult.class), + Mockito.any(SearchType.class))) + .thenReturn(onlySimpleOrgaPageResult); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/organizations") + .param("identifiant", "Simple") + .accept(MediaType.APPLICATION_JSON); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + TypeReference> mapType = + new TypeReference>() {}; + PageResult appRes = + objectMapper.readValue(response.getContentAsString(), mapType); + + assertThat("Should have one result", appRes.getResults().size(), is(1)); + assertThat("Response code should be 200", response.getStatus(), is(200)); + } @Test @WithMockUser - public void shouldGetOrganizationByID() { - try { + public void shouldGetOrganizationByID() throws Exception { - Mockito.when(organizationService.findById("domaine1", null, "BigOrga")) - .thenReturn(organization1); + Mockito.when(organizationService.findById("domaine1", null, "BigOrga")) + .thenReturn(organization1); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/organizations/BigOrga") - .accept(MediaType.APPLICATION_JSON); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/organizations/BigOrga") + .accept(MediaType.APPLICATION_JSON); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - Organization res = objectMapper.readValue(response.getContentAsString(), Organization.class); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + Organization res = objectMapper.readValue(response.getContentAsString(), Organization.class); - verify(organizationService).findById("domaine1", null, "BigOrga"); - assertThat("Organization returned should be BigOrga", res.getIdentifiant(), is("BigOrga")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + verify(organizationService).findById("domaine1", null, "BigOrga"); + assertThat("Organization returned should be BigOrga", res.getIdentifiant(), is("BigOrga")); } // Test write requests @Test @WithMockUser - public void deleteShouldCallDeleteService() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/storages/toto/organizations/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - mockMvc.perform(requestBuilder).andReturn(); - verify(organizationService) - .delete(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void deleteShouldCallDeleteService() throws Exception { + + Mockito.when( + organizationService.delete( + Mockito.eq("domaine1"), + Mockito.eq("toto"), + Mockito.eq("supprimemoi"), + Mockito.any(ProviderRequest.class))) + .thenReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete("/realms/domaine1/storages/toto/organizations/supprimemoi") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + mockMvc.perform(requestBuilder).andReturn(); + verify(organizationService) + .delete( + Mockito.eq("domaine1"), + Mockito.eq("toto"), + Mockito.eq("supprimemoi"), + Mockito.any(ProviderRequest.class)); } @Test @WithMockUser - public void updateShouldCallUpdateServiceAndReturnNewApp() { - try { - - Mockito.when(organizationService.findById("domaine1", null, "SimpleOrga")) - .thenReturn(organization2) - .thenReturn(organization2Updated); - Mockito.doReturn( - new ProviderResponse( - "", "requestId", ProviderResponseStatus.OK, organization2Updated, null)) - .when(organizationService) - .update(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/organizations/SimpleOrga") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization2Updated)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - verify(organizationService) - .update(Mockito.anyString(), Mockito.isNull(), Mockito.any(), Mockito.any()); - assertThat( - "Should get updated organization", - objectMapper - .readValue(response.getContentAsString(), Organization.class) - .getOrganization() - .getIdentifiant(), - is("BigOrga")); - - assertThat( - "Should get location", - response.getHeader("Location"), - is("http://localhost/realms/domaine1/organizations/SimpleOrga")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void updateShouldCallUpdateServiceAndReturnNewApp() throws Exception { + + Mockito.when(organizationService.findById("domaine1", null, "SimpleOrga")) + .thenReturn(organization2) + .thenReturn(organization2Updated); + Mockito.doReturn( + new ProviderResponse( + "", "requestId", ProviderResponseStatus.OK, organization2Updated, null)) + .when(organizationService) + .update( + Mockito.eq("domaine1"), + Mockito.isNull(), + Mockito.argThat(new OrganizationMatcher("SimpleOrga")), + Mockito.any(ProviderRequest.class)); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/organizations/SimpleOrga") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization2Updated)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + assertThat( + "Should get updated organization", + objectMapper + .readValue(response.getContentAsString(), Organization.class) + .getOrganization() + .getIdentifiant(), + is("BigOrga")); + + assertThat( + "Should get location", + response.getHeader("Location"), + is("http://localhost/realms/domaine1/organizations/SimpleOrga")); } @Test @WithMockUser - public void postShouldCallPostServiceAndReturnNewApp() { - - try { - - Mockito.doReturn( - new ProviderResponse("", "requestId", ProviderResponseStatus.OK, organization1, null)) - .when(organizationService) - .create(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post( - "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - verify(organizationService) - .create(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); - System.out.println(response.getContentAsString()); - assertThat( - "Should get new organization", - objectMapper - .readValue(response.getContentAsString(), Organization.class) - .getIdentifiant(), - is("BigOrga")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void postShouldCallPostServiceAndReturnNewApp() throws Exception { + + Mockito.doReturn( + new ProviderResponse("", "requestId", ProviderResponseStatus.OK, organization1, null)) + .when(organizationService) + .create( + Mockito.eq("domaine1"), + Mockito.eq("Profil_domaine1_WebServiceLdap"), + Mockito.argThat(new OrganizationMatcher("BigOrga")), + Mockito.any(ProviderRequest.class)); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post( + "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + assertThat( + "Should get new organization", + objectMapper.readValue(response.getContentAsString(), Organization.class).getIdentifiant(), + is("BigOrga")); } // Test location headers @Test @WithMockUser - public void getNextLocationInSearchResponse() { - try { - - pageResult.setHasMoreResult(true); - - Mockito.when( - organizationService.findByProperties( - Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())) - .thenReturn(pageResult); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/organizations?size=2") - .accept(MediaType.APPLICATION_JSON); - - assertThat( - "Location header gives next page", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is("http://localhost/realms/domaine1/organizations?size=2&searchToken=mySearchToken")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void getNextLocationInSearchResponse() throws Exception { + + pageResult.setHasMoreResult(true); + + Mockito.when( + organizationService.findByProperties( + Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())) + .thenReturn(pageResult); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/organizations?size=2") + .accept(MediaType.APPLICATION_JSON); + + assertThat( + "Location header gives next page", + mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), + is("http://localhost/realms/domaine1/organizations?size=2&searchToken=mySearchToken")); } @Test @WithMockUser - public void getObjectLocationInOrganizationCreationResponse() { - try { - - Mockito.when(organizationService.findById(Mockito.any(), Mockito.any(), Mockito.any())) - .thenThrow(OrganizationNotFoundException.class) - .thenReturn(organization1); - Mockito.when( - organizationService.create( - Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any())) - .thenReturn( - new ProviderResponse( - organization1.getIdentifiant(), null, ProviderResponseStatus.OK, null, null)); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post( - "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Location header gives get uri", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is( - "http://localhost/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations/BigOrga")); - - } catch (Exception e1) { - e1.printStackTrace(); - fail(); - } + public void getObjectLocationInOrganizationCreationResponse() throws Exception { + + Mockito.when(organizationService.findById(Mockito.any(), Mockito.any(), Mockito.any())) + .thenThrow(OrganizationNotFoundException.class) + .thenReturn(organization1); + Mockito.when( + organizationService.create( + Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any())) + .thenReturn( + new ProviderResponse( + organization1.getIdentifiant(), null, ProviderResponseStatus.OK, null, null)); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post( + "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Location header gives get uri", + mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), + is( + "http://localhost/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations/BigOrga")); } // Test response codes on error @Test - public void get401OnCreateOrganizationWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post("/realms/domaine1/organizations") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnCreateOrganizationWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post("/realms/domaine1/organizations") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test - public void get401OnDeleteOrganizationWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/organizations/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnDeleteOrganizationWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete("/realms/domaine1/organizations/supprimemoi") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test - public void get401OnUpdateOrganizationWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/organizations/BigOrga") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnUpdateOrganizationWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/organizations/BigOrga") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test @WithMockUser - public void get409WhenCreatingAlreadyExistingOrganization() { - try { - - Mockito.when( - organizationService.create( - Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())) - .thenThrow(new OrganizationAlreadyExistException("")); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post( - "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 409", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(409)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get409WhenCreatingAlreadyExistingOrganization() throws Exception { + + Mockito.when( + organizationService.create(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())) + .thenThrow(new OrganizationAlreadyExistException("")); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post( + "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/organizations") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 409", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(409)); } @Test @WithMockUser - public void get404WhenNoOrganizationIsFoundWhenGetById() { - try { + public void get404WhenNoOrganizationIsFoundWhenGetById() throws Exception { - Mockito.when(organizationService.findById("domaine1", null, "dontexist")) - .thenThrow(new OrganizationNotFoundException("domaine1", "dontexist")); + Mockito.when(organizationService.findById("domaine1", null, "dontexist")) + .thenThrow(new OrganizationNotFoundException("domaine1", "dontexist")); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/organizations/dontexist") - .accept(MediaType.APPLICATION_JSON); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/organizations/dontexist") + .accept(MediaType.APPLICATION_JSON); - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + assertThat( + "Should respond 404", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(404)); } @Test @WithMockUser - public void get400WhenNoOrganizationIdDoesntMatchBody() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/organizations/dontexist") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(400)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get400WhenNoOrganizationIdDoesntMatchBody() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/organizations/dontexist") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 404", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(400)); } @Test @WithMockUser - public void get404WhenNoOrganizationIsFoundWhenUpdate() { - try { - Mockito.doThrow(new OrganizationNotFoundException("")) - .when(organizationService) - .update(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/userstorage/us/organizations/BigOrga") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(organization1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get404WhenNoOrganizationIsFoundWhenUpdate() throws Exception { + + Mockito.doThrow(new OrganizationNotFoundException("")) + .when(organizationService) + .update(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/userstorage/us/organizations/BigOrga") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(organization1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 404", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(404)); } @Test @WithMockUser - public void get404WhenNoOrganizationIsFoundWhenDelete() { - try { - - Mockito.doThrow(new OrganizationNotFoundException("")) - .when(organizationService) - .delete(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/userstorage/us/organizations/dontexist") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get404WhenNoOrganizationIsFoundWhenDelete() throws Exception { + + Mockito.doThrow(new OrganizationNotFoundException("")) + .when(organizationService) + .delete(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete("/realms/domaine1/userstorage/us/organizations/dontexist") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 404", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(404)); } } diff --git a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/UserControllerTest.java b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/UserControllerTest.java index 66abc7e8..58661eaf 100644 --- a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/UserControllerTest.java +++ b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/UserControllerTest.java @@ -15,7 +15,6 @@ import static org.hamcrest.MatcherAssert.assertThat; import static org.hamcrest.Matchers.is; -import static org.junit.jupiter.api.Assertions.fail; import static org.mockito.Mockito.verify; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; @@ -24,6 +23,7 @@ import fr.insee.sugoi.commons.services.controller.technics.SugoiAdviceController; import fr.insee.sugoi.core.exceptions.UserAlreadyExistException; import fr.insee.sugoi.core.exceptions.UserNotFoundException; +import fr.insee.sugoi.core.model.ProviderRequest; import fr.insee.sugoi.core.model.ProviderResponse; import fr.insee.sugoi.core.model.ProviderResponse.ProviderResponseStatus; import fr.insee.sugoi.core.service.CertificateService; @@ -31,11 +31,13 @@ import fr.insee.sugoi.core.service.UserService; import fr.insee.sugoi.model.User; import fr.insee.sugoi.model.paging.PageResult; +import fr.insee.sugoi.model.paging.PageableResult; +import fr.insee.sugoi.model.paging.SearchType; import java.util.ArrayList; import java.util.List; import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Disabled; import org.junit.jupiter.api.Test; +import org.mockito.ArgumentMatcher; import org.mockito.Mockito; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc; @@ -69,6 +71,20 @@ public class UserControllerTest { User user1, user2, user1Updated; PageResult pageResult; + class UserMailMatcher implements ArgumentMatcher { + + private String mail; + + public UserMailMatcher(String mail) { + this.mail = mail; + } + + @Override + public boolean matches(User user) { + return user.getMail().equals(mail); + } + } + @BeforeEach public void setup() { user1 = new User(); @@ -95,420 +111,375 @@ public void setup() { @Test @WithMockUser - public void retrieveAllUsers() { - try { - - Mockito.when( - userService.findByProperties( - Mockito.anyString(), - Mockito.isNull(), - Mockito.any(), - Mockito.any(), - Mockito.any())) - .thenReturn(pageResult); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/users").accept(MediaType.APPLICATION_JSON); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - TypeReference> mapType = new TypeReference>() {}; - PageResult appRes = objectMapper.readValue(response.getContentAsString(), mapType); - - assertThat( - "First element should be Toto", appRes.getResults().get(0).getUsername(), is("Toto")); - assertThat( - "Toto should have mail toto@insee.fr", - appRes.getResults().get(0).getMail(), - is("toto@insee.fr")); - assertThat( - "Second element should be Tata", appRes.getResults().get(1).getUsername(), is("Tata")); - assertThat( - "Tata should have mail tata@insee.fr", - appRes.getResults().get(1).getMail(), - is("tata@insee.fr")); - assertThat("Response code should be 200", response.getStatus(), is(200)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void retrieveAllUsers() throws Exception { + + Mockito.when( + userService.findByProperties( + Mockito.eq("domaine1"), + Mockito.isNull(), + Mockito.any(User.class), + Mockito.any(PageableResult.class), + Mockito.any(SearchType.class))) + .thenReturn(pageResult); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/users").accept(MediaType.APPLICATION_JSON); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + TypeReference> mapType = new TypeReference>() {}; + PageResult appRes = objectMapper.readValue(response.getContentAsString(), mapType); + + assertThat( + "First element should be Toto", appRes.getResults().get(0).getUsername(), is("Toto")); + assertThat( + "Toto should have mail toto@insee.fr", + appRes.getResults().get(0).getMail(), + is("toto@insee.fr")); + assertThat( + "Second element should be Tata", appRes.getResults().get(1).getUsername(), is("Tata")); + assertThat( + "Tata should have mail tata@insee.fr", + appRes.getResults().get(1).getMail(), + is("tata@insee.fr")); + assertThat("Response code should be 200", response.getStatus(), is(200)); } - @Disabled @Test @WithMockUser - public void shouldRetrieveSomeUsers() {} + public void shouldRetrieveSomeUsers() throws Exception { + + List users = new ArrayList<>(); + users.add(user1); + users.add(user1Updated); + PageResult pageResultWithTotoMailUser = new PageResult(); + pageResultWithTotoMailUser.setResults(users); + pageResultWithTotoMailUser.setSearchToken("mySearchToken"); + + Mockito.when( + userService.findByProperties( + Mockito.eq("domaine1"), + Mockito.isNull(), + Mockito.argThat(new UserMailMatcher("toto")), + Mockito.any(PageableResult.class), + Mockito.any(SearchType.class))) + .thenReturn(pageResultWithTotoMailUser); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/users") + .param("mail", "toto") + .accept(MediaType.APPLICATION_JSON); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + TypeReference> mapType = new TypeReference>() {}; + PageResult appRes = objectMapper.readValue(response.getContentAsString(), mapType); + + assertThat( + "First element should be Toto", appRes.getResults().get(0).getUsername(), is("Toto")); + assertThat( + "Second element should be Toto as well", + appRes.getResults().get(1).getUsername(), + is("Toto")); + assertThat("Response code should be 200", response.getStatus(), is(200)); + } @Test @WithMockUser - public void shouldGetUserByID() { - try { - - Mockito.when(userService.findById("domaine1", null, "Toto")).thenReturn(user1); + public void shouldGetUserByID() throws Exception { - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/users/Toto") - .accept(MediaType.APPLICATION_JSON); + Mockito.when(userService.findById("domaine1", null, "Toto")).thenReturn(user1); - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - User res = objectMapper.readValue(response.getContentAsString(), User.class); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/users/Toto") + .accept(MediaType.APPLICATION_JSON); - verify(userService).findById("domaine1", null, "Toto"); - assertThat("User returned should be Toto", res.getUsername(), is("Toto")); - assertThat( - "User returned should have toto@insee.fr as mail", res.getMail(), is("toto@insee.fr")); + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + User res = objectMapper.readValue(response.getContentAsString(), User.class); - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + verify(userService).findById("domaine1", null, "Toto"); + assertThat("User returned should be Toto", res.getUsername(), is("Toto")); + assertThat( + "User returned should have toto@insee.fr as mail", res.getMail(), is("toto@insee.fr")); } // Test write requests @Test @WithMockUser - public void deleteShouldCallDeleteService() { - try { - - Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) - .when(userService) - .delete(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()); + public void deleteShouldCallDeleteService() throws Exception { - Mockito.when(userService.findById(Mockito.anyString(), Mockito.isNull(), Mockito.anyString())) - .thenReturn(user1) - .thenReturn(user1); + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, null, null)) + .when(userService) + .delete(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/storages/toto/users/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); + Mockito.when(userService.findById("domaine1", null, "supprimemoi")) + .thenReturn(user1) + .thenReturn(user1); - mockMvc.perform(requestBuilder).andReturn(); - verify(userService).delete(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete("/realms/domaine1/storages/toto/users/supprimemoi") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + mockMvc.perform(requestBuilder).andReturn(); + verify(userService).delete(Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any()); } @Test @WithMockUser - public void updateShouldCallUpdateServiceAndReturnNewApp() { - try { - - Mockito.when(userService.findById(Mockito.anyString(), Mockito.any(), Mockito.any())) - .thenReturn(user1) - .thenReturn(user1Updated); - - Mockito.doReturn( - new ProviderResponse("", "requestId", ProviderResponseStatus.OK, user1Updated, null)) - .when(userService) - .update(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/storages/domaine1/users/Toto") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1Updated)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - - verify(userService).update(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - assertThat( - "Should get updated user", - objectMapper.readValue(response.getContentAsString(), User.class).getMail(), - is("new.toto@insee.fr")); - - assertThat( - "Should get location", - response.getHeader("Location"), - is("http://localhost/realms/domaine1/storages/domaine1/users/Toto")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void updateShouldCallUpdateServiceAndReturnNewApp() throws Exception { + + Mockito.when(userService.findById("domaine1", "storage", "Toto")) + .thenReturn(user1) + .thenReturn(user1Updated); + + Mockito.doReturn( + new ProviderResponse("", "requestId", ProviderResponseStatus.OK, user1Updated, null)) + .when(userService) + .update( + Mockito.eq("domaine1"), + Mockito.eq("storage"), + Mockito.argThat(new UserMailMatcher("new.toto@insee.fr")), + Mockito.any(ProviderRequest.class)); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/storages/storage/users/Toto") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1Updated)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + + verify(userService) + .update( + Mockito.eq("domaine1"), + Mockito.eq("storage"), + Mockito.argThat(new UserMailMatcher("new.toto@insee.fr")), + Mockito.any(ProviderRequest.class)); + assertThat( + "Should get updated user", + objectMapper.readValue(response.getContentAsString(), User.class).getMail(), + is("new.toto@insee.fr")); + + assertThat( + "Should get location", + response.getHeader("Location"), + is("http://localhost/realms/domaine1/storages/storage/users/Toto")); } @Test @WithMockUser - public void postShouldCallPostServiceAndReturnNewApp() { - - try { - Mockito.doReturn( - new ProviderResponse("", "requestId", ProviderResponseStatus.OK, user1, null)) - .when(userService) - .create(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post( - "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); - verify(userService) - .create(Mockito.anyString(), Mockito.anyString(), Mockito.any(), Mockito.any()); - assertThat( - "Should get new user", - objectMapper.readValue(response.getContentAsString(), User.class).getUsername(), - is("Toto")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void postShouldCallPostServiceAndReturnNewUser() throws Exception { + + Mockito.doReturn(new ProviderResponse("", "requestId", ProviderResponseStatus.OK, user1, null)) + .when(userService) + .create( + Mockito.eq("domaine1"), + Mockito.eq("Profil_domaine1_WebServiceLdap"), + Mockito.argThat(new UserMailMatcher("toto@insee.fr")), + Mockito.any(ProviderRequest.class)); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post( + "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + MockHttpServletResponse response = mockMvc.perform(requestBuilder).andReturn().getResponse(); + verify(userService) + .create( + Mockito.eq("domaine1"), + Mockito.eq("Profil_domaine1_WebServiceLdap"), + Mockito.argThat(new UserMailMatcher("toto@insee.fr")), + Mockito.any(ProviderRequest.class)); + assertThat( + "Should get new user", + objectMapper.readValue(response.getContentAsString(), User.class).getUsername(), + is("Toto")); } // Test location headers @Test @WithMockUser - public void getNextLocationInSearchResponse() { - try { - - pageResult.setHasMoreResult(true); - - Mockito.when( - userService.findByProperties( - Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())) - .thenReturn(pageResult); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/users?size=2") - .accept(MediaType.APPLICATION_JSON); - - assertThat( - "Location header gives next page", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is("http://localhost/realms/domaine1/users?size=2&searchToken=mySearchToken")); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void getNextLocationInSearchResponse() throws Exception { + + pageResult.setHasMoreResult(true); + + Mockito.when( + userService.findByProperties( + Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any(), Mockito.any())) + .thenReturn(pageResult); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/users?size=2") + .accept(MediaType.APPLICATION_JSON); + + assertThat( + "Location header gives next page", + mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), + is("http://localhost/realms/domaine1/users?size=2&searchToken=mySearchToken")); } @Test @WithMockUser - public void getObjectLocationInUserCreationResponse() { - try { - - Mockito.when( - userService.create(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any())) - .thenReturn( - new ProviderResponse( - user1.getUsername(), null, ProviderResponseStatus.OK, null, null)); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post( - "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Location header gives get uri", - mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), - is( - "http://localhost/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users/Toto")); - - } catch (Exception e1) { - e1.printStackTrace(); - fail(); - } + public void getObjectLocationInUserCreationResponse() throws Exception { + + Mockito.when( + userService.create(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any())) + .thenReturn( + new ProviderResponse(user1.getUsername(), null, ProviderResponseStatus.OK, null, null)); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post( + "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Location header gives get uri", + mockMvc.perform(requestBuilder).andReturn().getResponse().getHeader("Location"), + is("http://localhost/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users/Toto")); } // Test response codes on error @Test - public void get401OnCreateUserWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post( - "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnCreateUserWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post( + "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test - public void get401OnDeleteUserWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/users/supprimemoi") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnDeleteUserWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete("/realms/domaine1/users/supprimemoi") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test - public void get401OnUpdateUserWhenNotAuhtenticated() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/users/Toto") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 401", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(401)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get401OnUpdateUserWhenNotAuhtenticated() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/users/Toto") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 401", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(401)); } @Test @WithMockUser - public void get409WhenCreatingAlreadyExistingUser() { - try { - - Mockito.doThrow(new UserAlreadyExistException("")) - .when(userService) - .create(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.post( - "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 409", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(409)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get409WhenCreatingAlreadyExistingUser() throws Exception { + + Mockito.doThrow(new UserAlreadyExistException("")) + .when(userService) + .create(Mockito.anyString(), Mockito.any(), Mockito.any(), Mockito.any()); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.post( + "/realms/domaine1/storages/Profil_domaine1_WebServiceLdap/users") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 409", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(409)); } @Test @WithMockUser - public void get404WhenNoUserIsFoundWhenGetById() { - try { + public void get404WhenNoUserIsFoundWhenGetById() throws Exception { - Mockito.when(userService.findById(Mockito.anyString(), Mockito.isNull(), Mockito.anyString())) - .thenThrow(new UserNotFoundException("domaine1", "dontexist")); + Mockito.when(userService.findById(Mockito.anyString(), Mockito.isNull(), Mockito.anyString())) + .thenThrow(new UserNotFoundException("domaine1", "dontexist")); - RequestBuilder requestBuilder = - MockMvcRequestBuilders.get("/realms/domaine1/users/dontexist") - .accept(MediaType.APPLICATION_JSON); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.get("/realms/domaine1/users/dontexist") + .accept(MediaType.APPLICATION_JSON); - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + assertThat( + "Should respond 404", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(404)); } @Test @WithMockUser - public void get400WhenNoUserIdDoesntMatchBody() { - try { - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/users/dontexist") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(400)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get400WhenUserIdDoesntMatchBody() throws Exception { + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/users/dontexist") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + assertThat( + "Should respond 400", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(400)); } @Test @WithMockUser - public void get404WhenNoUserIsFoundWhenUpdate() { - try { - - Mockito.doThrow(new UserNotFoundException("domaine1", "Toto")) - .when(userService) - .findById("domaine1", null, "Toto"); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.put("/realms/domaine1/users/Toto") - .contentType(MediaType.APPLICATION_JSON) - .content(objectMapper.writeValueAsString(user1)) - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(404)); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get404WhenNoUserIsFoundWhenUpdate() throws Exception { + + Mockito.doThrow(new UserNotFoundException("domaine1", "Toto")) + .when(userService) + .findById("domaine1", null, "Toto"); + RequestBuilder requestBuilder = + MockMvcRequestBuilders.put("/realms/domaine1/users/Toto") + .contentType(MediaType.APPLICATION_JSON) + .content(objectMapper.writeValueAsString(user1)) + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 404", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(404)); } @Test @WithMockUser - public void get404WhenNoUserIsFoundWhenDelete() { - try { - - Mockito.doThrow(new UserNotFoundException("domaine1", "dontexist")) - .when(userService) - .findById("domaine1", null, "dontexist"); - - RequestBuilder requestBuilder = - MockMvcRequestBuilders.delete("/realms/domaine1/users/dontexist") - .accept(MediaType.APPLICATION_JSON) - .with(csrf()); - - assertThat( - "Should respond 404", - mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), - is(HttpStatus.NOT_FOUND.value())); - - } catch (Exception e) { - e.printStackTrace(); - fail(); - } + public void get404WhenNoUserIsFoundWhenDelete() throws Exception { + + Mockito.doThrow(new UserNotFoundException("domaine1", "dontexist")) + .when(userService) + .findById("domaine1", null, "dontexist"); + + RequestBuilder requestBuilder = + MockMvcRequestBuilders.delete("/realms/domaine1/users/dontexist") + .accept(MediaType.APPLICATION_JSON) + .with(csrf()); + + assertThat( + "Should respond 404", + mockMvc.perform(requestBuilder).andReturn().getResponse().getStatus(), + is(HttpStatus.NOT_FOUND.value())); } } From 9134b48402a1d0812e849cee30380cf6cb143800 Mon Sep 17 00:00:00 2001 From: CChemin Date: Thu, 10 Feb 2022 14:41:43 +0100 Subject: [PATCH 2/3] [CONF] :wrench: preauthorize is enabled by default Signed-off-by: CChemin --- docs/configuration.md | 2 +- .../fr/insee/sugoi/services/decider/AuthorizeMethodDecider.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/configuration.md b/docs/configuration.md index 6084d4cf..a5a23237 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -112,7 +112,7 @@ Sugoi-api implements spring security with full customization allowed | fr.insee.sugoi.api.regexp.role.admin | | | | | fr.insee.sugoi.api.regexp.role.app.manager | | | | | fr.insee.sugoi.api.regexp.role.password.manager | | | | -| fr.insee.sugoi.api.enable.preauthorize | | | | +| fr.insee.sugoi.api.enable.preauthorize | Set to false to disable role validation on sugoi. Should not false on production. | true | | #### Password configuration diff --git a/sugoi-api-rest-services/src/main/java/fr/insee/sugoi/services/decider/AuthorizeMethodDecider.java b/sugoi-api-rest-services/src/main/java/fr/insee/sugoi/services/decider/AuthorizeMethodDecider.java index 39c1b81b..e0f778ad 100644 --- a/sugoi-api-rest-services/src/main/java/fr/insee/sugoi/services/decider/AuthorizeMethodDecider.java +++ b/sugoi-api-rest-services/src/main/java/fr/insee/sugoi/services/decider/AuthorizeMethodDecider.java @@ -31,7 +31,7 @@ public class AuthorizeMethodDecider { private static final Logger logger = LoggerFactory.getLogger(AuthorizeMethodDecider.class); - @Value("${fr.insee.sugoi.api.enable.preauthorize}") + @Value("${fr.insee.sugoi.api.enable.preauthorize:true}") private boolean enable; @Autowired PermissionService permissionService; From f79f82e3f25cd0982827c959a06711d30b640e8d Mon Sep 17 00:00:00 2001 From: CChemin Date: Thu, 10 Feb 2022 14:42:57 +0100 Subject: [PATCH 3/3] =?UTF-8?q?[BUG]=20=F0=9F=90=9B=20$(userStorage)=20sho?= =?UTF-8?q?uld=20not=20be=20accepted=20in=20role=20name=20when=20us=20is?= =?UTF-8?q?=20null?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: CChemin --- .../service/impl/PermissionServiceImpl.java | 1 + .../core/service/PermissionServiceTests.java | 13 +++ .../test-regexp-permissions.properties | 2 +- .../controller/ApplicationControllerTest.java | 86 +++++++++++++------ .../controller/application.properties | 7 +- 5 files changed, 80 insertions(+), 29 deletions(-) diff --git a/sugoi-api-core/src/main/java/fr/insee/sugoi/core/service/impl/PermissionServiceImpl.java b/sugoi-api-core/src/main/java/fr/insee/sugoi/core/service/impl/PermissionServiceImpl.java index 3f9dcaaf..c2d07178 100644 --- a/sugoi-api-core/src/main/java/fr/insee/sugoi/core/service/impl/PermissionServiceImpl.java +++ b/sugoi-api-core/src/main/java/fr/insee/sugoi/core/service/impl/PermissionServiceImpl.java @@ -191,6 +191,7 @@ private List getSearchRoleList( } return regexpList.stream() .map(regexp -> StrSubstitutor.replace(regexp, valueMap, "$(", ")")) + .filter(role -> !role.matches(".*\\$\\(.*\\).*")) .collect(Collectors.toList()); } diff --git a/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java b/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java index bc5a2ecc..d01dd190 100644 --- a/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java +++ b/sugoi-api-core/src/test/java/fr/insee/sugoi/core/service/PermissionServiceTests.java @@ -85,6 +85,19 @@ public void testUserStorageNull() { } } + @Test + public void testPatternAreRemoved() { + SugoiUser sugoiUser = + new SugoiUser( + "toto", + List.of("role_$reader_realm2_sugoi", "role_reader_realm1_$(userstorage)_sugoi")); + assertThat( + "User cannot read realm1 with fake pattern role", + !permissions.isReader(sugoiUser, "realm1", null)); + assertThat( + "User can read realm2 even with $ symbol", permissions.isReader(sugoiUser, "realm2", null)); + } + @Test public void testAppManager() { try { diff --git a/sugoi-api-core/src/test/resources/permissions/test-regexp-permissions.properties b/sugoi-api-core/src/test/resources/permissions/test-regexp-permissions.properties index e9214247..548c2293 100644 --- a/sugoi-api-core/src/test/resources/permissions/test-regexp-permissions.properties +++ b/sugoi-api-core/src/test/resources/permissions/test-regexp-permissions.properties @@ -1,5 +1,5 @@ fr.insee.sugoi.api.regexp.role.writer=ROLE_WRITER_$(realm)_SUGOI -fr.insee.sugoi.api.regexp.role.reader=ROLE_READER_$(realm)_SUGOI +fr.insee.sugoi.api.regexp.role.reader=ROLE_READER_$(realm)_SUGOI,ROLE_$READER_$(realm)_SUGOI,ROLE_READER_$(realm)_$(userstorage)_SUGOI fr.insee.sugoi.api.regexp.role.admin=ROLE_ADMIN_SUGOI, ROLE_*_Admin diff --git a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java index d31c9597..74bdcfed 100644 --- a/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java +++ b/sugoi-api-rest-services/src/test/java/fr/insee/sugoi/services/controller/ApplicationControllerTest.java @@ -22,6 +22,7 @@ import com.fasterxml.jackson.core.type.TypeReference; import com.fasterxml.jackson.databind.JsonMappingException; import com.fasterxml.jackson.databind.ObjectMapper; +import fr.insee.sugoi.commons.services.configuration.SecurityConfiguration; import fr.insee.sugoi.commons.services.controller.technics.SugoiAdviceController; import fr.insee.sugoi.core.exceptions.ApplicationAlreadyExistException; import fr.insee.sugoi.core.exceptions.ApplicationNotFoundException; @@ -29,9 +30,11 @@ import fr.insee.sugoi.core.model.ProviderResponse; import fr.insee.sugoi.core.model.ProviderResponse.ProviderResponseStatus; import fr.insee.sugoi.core.service.ApplicationService; +import fr.insee.sugoi.core.service.impl.PermissionServiceImpl; import fr.insee.sugoi.model.Application; import fr.insee.sugoi.model.paging.PageResult; import fr.insee.sugoi.model.paging.PageableResult; +import fr.insee.sugoi.services.decider.AuthorizeMethodDecider; import java.io.UnsupportedEncodingException; import java.util.List; import org.junit.jupiter.api.BeforeEach; @@ -52,7 +55,13 @@ import org.springframework.web.servlet.config.annotation.EnableWebMvc; @SpringBootTest( - classes = {ApplicationController.class, SugoiAdviceController.class}, + classes = { + ApplicationController.class, + SugoiAdviceController.class, + AuthorizeMethodDecider.class, + PermissionServiceImpl.class, + SecurityConfiguration.class + }, properties = "spring.config.location=classpath:/controller/application.properties") @AutoConfigureMockMvc @EnableWebMvc @@ -234,12 +243,6 @@ public void searchAllApplications() throws Exception { is("Amoi2")); } - @Test - public void searchAllApplicationsNotAuthenticatedLeadsTo401() throws Exception { - assertThat( - "Response code should be 401", searchAllApplicationOnDomaine1().getStatus(), is(401)); - } - @Test @WithMockUser(roles = "SUGOI_ADMIN") public void searchApplicationsByNameCriteria() throws Exception { @@ -325,12 +328,6 @@ public void get409WhenCreatingAlreadyExistingApplication() throws Exception { assertThat("Should respond 409", createApplicationOnDomaine1(application).getStatus(), is(409)); } - @Test - public void get401OnCreateApplicationWhenNotAuhtenticated() throws Exception { - assertThat( - "Should respond 401", createApplicationOnDomaine1(new Application()).getStatus(), is(401)); - } - // Test delete application @Test @@ -343,12 +340,6 @@ public void deleteShouldCallDeleteService() throws Exception { Mockito.eq("domaine1"), Mockito.eq("supprimemoi"), Mockito.any(ProviderRequest.class)); } - @Test - public void get401OnDeleteApplicationWhenNotAuhtenticated() throws Exception { - assertThat( - "Should respond 401", deleteApplicationOnDomaine1("supprimemoi").getStatus(), is(401)); - } - @Test @WithMockUser(roles = "SUGOI_ADMIN") public void get404WhenNoApplicationIsFoundWhenDelete() throws Exception { @@ -385,14 +376,6 @@ public void updateShouldCallUpdateServiceAndReturnNewApp() throws Exception { is("http://localhost/realms/domaine1/applications/ToUpdate")); } - @Test - public void get401OnUpdateApplicationWhenNotAuhtenticated() throws Exception { - assertThat( - "Should respond 401", - updateApplicationOnDomaine1("toUpdate", new Application()).getStatus(), - is(401)); - } - @Test @WithMockUser(roles = "SUGOI_ADMIN") public void get400WhenApplicationIdDoesntMatchBody() throws Exception { @@ -415,6 +398,55 @@ public void get404WhenNoApplicationIsFoundWhenUpdate() throws Exception { is(404)); } + // tests on rights + + @Test + @WithMockUser(roles = "SUGOI_domaine2_Reader") + public void badRealmShouldNotBeAuthorized() throws Exception { + assertThat( + "should not be authorized", + getApplicationOnDomaine1ByName("SuperAppli").getStatus(), + is(403)); + } + + @Test + @WithMockUser(roles = "SUGOI_domaine1_Reader") + public void readerOnGoodRealmShouldBeAuthorized() throws Exception { + assertThat( + "A reader on the entire realm should read the applications", + getApplicationOnDomaine1ByName("SuperAppli").getStatus(), + is(200)); + } + + @Test + @WithMockUser(roles = "SUGOI_domaine1_$(userStorage)_Reader") + public void readerOnSubUSShouldNotBeAuthorized() throws Exception { + assertThat( + "User having rights to read on a sub userstorage should not be able to read applications", + getApplicationOnDomaine1ByName("SuperAppli").getStatus(), + is(403)); + } + + @Test + @WithMockUser(roles = "SUGOI_domaine1_$(userStorage)_Writer") + public void writerOnSubUSShouldNotBeAuthorized() throws Exception { + assertThat( + "User having rights to write on a sub userstorage should not be able to modify applications", + getApplicationOnDomaine1ByName("SuperAppli").getStatus(), + is(403)); + } + + @Test + @WithMockUser(roles = {"ASI_ELSE", "SUGOI_domaine1_domaine1_Reader"}) + public void appManagerOnBadAppShouldNotBeAuthorized() throws Exception { + Application newApp = new Application(); + newApp.setName("toto"); + assertThat( + "User having write on application Else should not have rights on application toto", + updateApplicationOnDomaine1("toto", newApp).getStatus(), + is(403)); + } + private MockHttpServletResponse searchAllApplicationOnDomaine1() throws Exception { RequestBuilder requestBuilder = MockMvcRequestBuilders.get("/realms/domaine1/applications") diff --git a/sugoi-api-rest-services/src/test/resources/controller/application.properties b/sugoi-api-rest-services/src/test/resources/controller/application.properties index f9a2c3df..8b9d0305 100644 --- a/sugoi-api-rest-services/src/test/resources/controller/application.properties +++ b/sugoi-api-rest-services/src/test/resources/controller/application.properties @@ -1,2 +1,7 @@ -logging.level.fr.insee.sugoi=debug \ No newline at end of file +logging.level.fr.insee.sugoi=debug +fr.insee.sugoi.api.regexp.role.reader=ROLE_SUGOI_$(realm)_READER,ROLE_SUGOI_$(realm)_$(userStorage)_READER +fr.insee.sugoi.api.regexp.role.writer=ROLE_SUGOI_$(realm)_WRITER,ROLE_SUGOI_$(realm)_$(userStorage)_WRITER +fr.insee.sugoi.api.regexp.role.admin=ROLE_SUGOI_ADMIN,ROLE_ADMINISTRATEURS_SUGOI +fr.insee.sugoi.api.regexp.role.application.manager=ROLE_ASI_$(application) +fr.insee.sugoi.api.regexp.role.password.manager=ROLE_PASSWORDMANAGER_$(realm)_$(userstorage)_SUGOI,ROLE_PASSWORDMANAGER_$(realm)_SUGOI \ No newline at end of file