Consider the following integration test. Java is used just as an example.
@Test
@WithMockUser
public void givenUnauthorized_whenGettingPeople_thenReturnStatus403() throws Exception {
mvc.perform(get("/v1/api/people"))
.andExpect(status().is(403))
.andExpect(jsonPath("$.success").value(false)) // 1
.andExpect(jsonPath("$.message").value("Access is denied")); // 2
}
Do you think commented lines 1 and 2 are actually helping or not? I am wondering whether or not should I keep them.
And here is similiar test:
@Test
public void givenUnauthenticated_whenGettingPeople_thenReturnStatus401() throws Exception {
mvc.perform(get("/v1/api/people"))
.andExpect(status().is(401))
.andExpect(status().reason(containsString("Full authentication is required to access this resource")));
}
I start to think that verifying just the 401/403 statuses should be sufficient. Am I right?
Aucun commentaire:
Enregistrer un commentaire