I'm learning how to Test my SpringBoot Apps.
Right now I'm trying to learn by creating test for an existing working project.
I started with my AdminHomeController that manages the Home when admins login:
@Controller
@RequestMapping("/admin/home")
public class AdminHomeController {
private UsuarioService usuarioService;
@Autowired
public AdminHomeController(UsuarioService usuarioService) {
this.usuarioService = usuarioService;
}
@RequestMapping(value={"", "/"}, method = RequestMethod.GET)
public ModelAndView admin_home(){
ModelAndView modelAndView = new ModelAndView();
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
Usuario loggedUser = usuarioService.findUsuarioByUsername(auth.getName());
modelAndView.addObject("userFullName", loggedUser.getNombre() + " " + loggedUser.getApellido());
modelAndView.addObject("userGravatar", Utils.getGravatarImageLink(loggedUser.getEmail()));
modelAndView.addObject("totalUsuarios", usuarioService.getUsuariosCount());
modelAndView.setViewName("admin/home");
return modelAndView;
}
}
And this is my test:
@RunWith(SpringRunner.class)
@ContextConfiguration(classes = MyOwnProperties.class)
@WebMvcTest(AdminHomeController.class)
@Import(SecurityConfigurationGlobal.class)
public class AdminHomeControllerUnitTest {
@Autowired
private MockMvc mockMvc;
@MockBean
UsuarioService usuarioService;
@Autowired
MyOwnProperties myOwnProperties;
@MockBean
FacebookProfileService facebookProfileService;
@MockBean
MobileDeviceService mobileDeviceService;
@MockBean
PasswordEncoder passwordEncoder;
@MockBean
CustomAuthenticationProvider customAuthenticationProvider;
@Test
@WithMockUser(username = "user1", password = "pwd", authorities = "ADMIN")
public void shouldAllowAdminAccess() throws Exception{
when(usuarioService.findUsuarioByUsername("user1")).thenReturn(new Usuario());
mockMvc.perform(get("/admin/home"))
.andDo(print())
.andExpect(status().isOk())
.andExpect(view().name("admin/home"));
}
}
And I think that the relevan part of my SecurityConfig would be:
@Override
protected void configure(HttpSecurity http) throws Exception {
http.
authorizeRequests()
.antMatchers("/", "/login", "/error/**", "/home").permitAll()
.antMatchers(
myOwnProperties.getSecurity().getJwtLoginURL(),
myOwnProperties.getSecurity().getFacebookLoginURL()).permitAll()
.antMatchers("/registration", "/registrationConfirm/**").permitAll()
.antMatchers("/resetPass", "/resetPassConfirm/**", "/updatePass").permitAll()
.antMatchers("/admin/**").hasAuthority(AUTHORITY_ADMIN)
.antMatchers("/user/**").hasAuthority(AUTHORITY_USER)
.anyRequest().authenticated()
.and()
.csrf().disable()
.formLogin()
.loginPage("/login")
.failureUrl("/login?error=true")
.successHandler(new CustomUrlAuthenticationSuccessHandler())
.usernameParameter("username")
.passwordParameter("password")
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/")
.and()
.exceptionHandling().accessDeniedPage("/403");
}
And AUTHORITY_ADMIN is a static final definition of "ADMIN".
What I can not understand due to my lack of experience are my test results.
- If I remove the @WithMockUser I get a 401 as expected
- If I use the @WithMockUser with ANY other authority than "ADMIN" I get a 403 that would also be the expected response
- And finally if I use the @WithMockUser with "ADMIN" authority then I get a 404
As said, my app is working and I can only access /admin/home if logged in as ADMIN.
UPDATE
Running this other similiar test works fine, but this one requieres the FULL SpringBoot app to load. I think it would be an integration test and I only want to test the controller "alone". Only a slice using @WebMvcTest
@SpringBootTest
@AutoConfigureMockMvc
public class AdminHomeControllerTest {
@Autowired
private MockMvc mockMvc;
@MockBean
private UsuarioService usuarioService;
@Test
@WithMockUser(username = "user1", password = "pwd", authorities = "ADMIN")
public void shouldAllowAdminAccess() throws Exception{
when(usuarioService.findUsuarioByUsername(anyString())).thenReturn(new Usuario());
mockMvc.perform(get("/admin/home"))
.andDo(print())
.andExpect(status().isOk())
.andExpect(view().name("admin/home"));
}
}
Aucun commentaire:
Enregistrer un commentaire