rest tests

build.gradle

@@ -118,6 +118,7 @@ dependencies {
     compile 'com.github.ziplet:ziplet:2.3.0'
     //testing
     testCompile 'org.springframework.boot:spring-boot-starter-test'
+    testCompile 'org.springframework.security:spring-security-test'
     testCompile 'com.h2database:h2'
     testCompile files('libs/ojdbc6.jar')
 }

src/main/java/com/faendir/acra/rest/RestConfiguration.java

@@ -40,7 +40,7 @@ public class RestConfiguration {
 
     @Bean
     @Order(Ordered.HIGHEST_PRECEDENCE)
-    public Filter gzipFilter() {
+    public static Filter gzipFilter() {
         return new CompressingFilter();
     }
 }

src/main/java/com/faendir/acra/rest/RestReportInterface.java

@@ -55,6 +55,7 @@ public class RestReportInterface {
     public static final String PARAM_ID = "id";
     public static final String PARAM_MAIL = "mail";
     public static final String REPORT_PATH = "report";
+    public static final String MULTIPART_MIXED = "multipart/mixed";
     @NonNull private final DataService dataService;
 
     @Autowired
@@ -71,7 +72,7 @@ public class RestReportInterface {
     }
 
     @PreAuthorize("hasRole(T(com.faendir.acra.model.User$Role).REPORTER)")
-    @RequestMapping(value = REPORT_PATH, consumes = "multipart/mixed", method = RequestMethod.POST)
+    @RequestMapping(value = REPORT_PATH, consumes = MULTIPART_MIXED, method = RequestMethod.POST)
     public ResponseEntity report(@NonNull MultipartHttpServletRequest request, @NonNull Principal principal) throws IOException {
         String content = null;
         List<MultipartFile> attachments = new ArrayList<>();
@@ -94,12 +95,11 @@ public class RestReportInterface {
     @PreAuthorize("hasRole(T(com.faendir.acra.model.User$Role).USER)")
     @RequestMapping(value = EXPORT_PATH, produces = MediaType.APPLICATION_JSON_VALUE, method = RequestMethod.GET)
     public ResponseEntity<String> export(@RequestParam(name = PARAM_APP) String appId, @RequestParam(name = PARAM_ID, required = false) String id,
-            @RequestParam(name = PARAM_MAIL, required = false) String mail, @NonNull Principal principal) {
+            @RequestParam(name = PARAM_MAIL, required = false) String mail) {
         Optional<App> app = dataService.findApp(appId);
         if (!app.isPresent()) {
             return ResponseEntity.notFound().build();
         }
-        principal.getName();
         BooleanExpression where = report.stacktrace.bug.app.eq(app.get());
         String name = "";
         if (mail != null && !mail.isEmpty()) {

src/main/java/com/faendir/acra/security/SecurityConfiguration.java

@@ -37,7 +37,6 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
@@ -55,9 +54,6 @@ import java.util.stream.Stream;
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true)
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
-    static {
-        SecurityContextHolder.setStrategyName(VaadinSessionSecurityContextHolderStrategy.class.getName());
-    }
 
     @NonNull private final UserService userService;
 

src/main/java/com/faendir/acra/security/VaadinSessionSecurityContextHolderStrategy.java

@@ -13,21 +13,36 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-
 package com.faendir.acra.security;
 
 import com.vaadin.server.VaadinService;
 import com.vaadin.server.VaadinSession;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.lang.NonNull;
 import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.context.SecurityContextHolderStrategy;
 import org.springframework.security.core.context.SecurityContextImpl;
 
 /**
  * A custom {@link SecurityContextHolderStrategy} that stores the {@link SecurityContext} in the Vaadin Session.
  */
+@Configuration
 @SuppressWarnings("WeakerAccess")
 public class VaadinSessionSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
+    static {
+        SecurityContextHolder.setStrategyName(VaadinSessionSecurityContextHolderStrategy.class.getName());
+    }
+
+    private static VaadinSession getSession() {
+        VaadinSession session = VaadinSession.getCurrent();
+        if (session == null) {
+            session = new VaadinSession(VaadinService.getCurrent());
+            VaadinSession.setCurrent(session);
+        }
+        return session;
+    }
+
     @Override
     public void clearContext() {
         getSession().setAttribute(SecurityContext.class, null);
@@ -54,13 +69,4 @@ public class VaadinSessionSecurityContextHolderStrategy implements SecurityConte
     public SecurityContext createEmptyContext() {
         return new SecurityContextImpl();
     }
-
-    private static VaadinSession getSession() {
-        VaadinSession session = VaadinSession.getCurrent();
-        if (session == null) {
-            session = new VaadinSession(VaadinService.getCurrent());
-            VaadinSession.setCurrent(session);
-        }
-        return session;
-    }
 }

src/test/java/com/faendir/acra/liquibase/LiquibaseTest.java

@@ -13,8 +13,9 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package com.faendir.acra;
+package com.faendir.acra.liquibase;
 
+import com.faendir.acra.BackendApplication;
 import com.faendir.acra.liquibase.ChangeAwareSpringLiquibase;
 import com.faendir.acra.liquibase.LiquibaseChangePostProcessor;
 import liquibase.exception.LiquibaseException;

src/test/java/com/faendir/acra/liquibase/MySQLTest.java

@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package com.faendir.acra;
+package com.faendir.acra.liquibase;
 
 import org.springframework.test.context.TestPropertySource;
 

src/test/java/com/faendir/acra/liquibase/OracleTest.java

@@ -13,7 +13,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package com.faendir.acra;
+package com.faendir.acra.liquibase;
 
 import org.springframework.test.context.TestPropertySource;
 

src/test/java/com/faendir/acra/rest/RestReportInterfaceTest.java

@@ -0,0 +1,111 @@
+/*
+ * (C) Copyright 2018 Lukas Morawietz (https://github.com/F43nd1r)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.faendir.acra.rest;
+
+import com.faendir.acra.model.App;
+import com.faendir.acra.service.DataService;
+import com.faendir.acra.service.UserService;
+import junit.framework.AssertionFailedError;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
+import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.mock.web.MockMultipartFile;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.test.context.support.WithMockUser;
+import org.springframework.test.context.junit4.SpringRunner;
+import org.springframework.test.web.servlet.MockMvc;
+
+import java.util.Arrays;
+import java.util.Optional;
+
+import static com.faendir.acra.rest.RestReportInterface.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.*;
+import static org.springframework.http.MediaType.APPLICATION_JSON;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.multipart;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+/**
+ * @author lukas
+ * @since 26.06.18
+ */
+@RunWith(SpringRunner.class)
+@WebMvcTest(controllers = RestReportInterface.class, includeFilters = @ComponentScan.Filter(classes = EnableWebSecurity.class))
+@WithMockUser(roles = {"REPORTER", "USER"})
+public class RestReportInterfaceTest {
+    @MockBean UserService userService;
+    @MockBean DataService dataService;
+    @Autowired RestReportInterface restReportInterface;
+    @Autowired MockMvc mvc;
+    private final String TEST_STRING = "TEST";
+
+    @Before
+    public void setUp() throws Exception {
+        App app = mock(App.class);
+        when(dataService.findApp(TEST_STRING)).thenReturn(Optional.of(app));
+        when(dataService.getFromReports(any(), any(), any())).thenReturn(Arrays.asList("{\"name\":\"a\"}", "{\"name\":\"b\"}"));
+    }
+
+    @Test
+    public void report() throws Exception {
+        mvc.perform(post("/" + REPORT_PATH).contentType(APPLICATION_JSON).content(TEST_STRING)).andExpect(status().isOk());
+        verify(dataService, times(1)).createNewReport(any(), any(), any());
+    }
+
+    @Test
+    public void report2() throws Exception {
+        MockMultipartFile file = spy(new MockMultipartFile(TEST_STRING, TEST_STRING.getBytes()));
+        when(file.getName()).thenReturn(null).thenReturn("");
+        mvc.perform(multipart("/" + REPORT_PATH).file(file).contentType(MULTIPART_MIXED)).andExpect(status().isOk());
+        verify(dataService, times(1)).createNewReport(any(), any(), any());
+    }
+
+    @Test
+    public void exportWithId() throws Exception {
+        mvc.perform(get("/" + EXPORT_PATH).param(PARAM_APP, TEST_STRING).param(PARAM_ID, TEST_STRING)).andExpect(status().isOk()).andExpect(m -> {
+            JSONArray array = new JSONArray(m.getResponse().getContentAsString());
+            if (array.length() != 2 || !(array.get(0) instanceof JSONObject)) {
+                throw new AssertionFailedError();
+            }
+        });
+    }
+
+    @Test
+    public void exportWithMail() throws Exception {
+        mvc.perform(get("/" + EXPORT_PATH).param(PARAM_APP, TEST_STRING).param(PARAM_MAIL, TEST_STRING)).andExpect(status().isOk()).andExpect(m -> {
+            JSONArray array = new JSONArray(m.getResponse().getContentAsString());
+            if (array.length() != 2 || !(array.get(0) instanceof JSONObject)) {
+                throw new AssertionFailedError();
+            }
+        });
+    }
+
+    @Test
+    public void exportInvalid() throws Exception {
+        mvc.perform(get("/" + EXPORT_PATH).param(PARAM_APP, TEST_STRING)).andExpect(status().is4xxClientError());
+        mvc.perform(get("/" + EXPORT_PATH).param(PARAM_ID, TEST_STRING)).andExpect(status().is4xxClientError());
+        mvc.perform(get("/" + EXPORT_PATH).param(PARAM_MAIL, TEST_STRING)).andExpect(status().is4xxClientError());
+        mvc.perform(get("/" + EXPORT_PATH)).andExpect(status().is4xxClientError());
+    }
+}