UserHostPageFilterTest.java example

Explorer
errai-master
/*
 * Copyright 2016 Red Hat, Inc. and/or its affiliates.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.jboss.errai.security.server.servlet;

import com.google.gson.JsonParser;
import com.google.gson.JsonSyntaxException;
import org.jboss.errai.marshalling.server.MappingContextSingleton;
import org.jboss.errai.security.shared.api.Group;
import org.jboss.errai.security.shared.api.GroupImpl;
import org.jboss.errai.security.shared.api.Role;
import org.jboss.errai.security.shared.api.RoleImpl;
import org.jboss.errai.security.shared.api.identity.UserImpl;
import org.junit.Before;
import org.junit.Test;

import java.util.Arrays;
import java.util.Collection;
import java.util.List;
import java.util.function.Function;
import java.util.stream.Collectors;

import static org.junit.Assert.assertTrue;

public class UserHostPageFilterTest {

  private UserHostPageFilter filter = new UserHostPageFilter();

  @Before
  public void setup() {
    MappingContextSingleton.get();
  }

  @Test
  public void testSecurityContextJsonWhenAGroupHasAnApostrophe() throws Exception {
    final UserImpl user = new UserImpl("Mary", roles("admin"), groups("girls'", "programmer", "admin"));

    final String json = filter.securityContextJson(user);

    assertTrue(isValid(json));
  }

  @Test
  public void testSecurityContextJsonWhenAGroupHasAQuote() throws Exception {
    final UserImpl user = new UserImpl("Mary", roles("admin"), groups("girls\"", "programmer", "admin"));

    final String json = filter.securityContextJson(user);

    assertTrue(isValid(json));
  }

  private Collection<Group> groups(String... groups) {
    return listOf(groups, GroupImpl::new);
  }

  private Collection<Role> roles(String... roles) {
    return listOf(roles, RoleImpl::new);
  }

  private <T> List<T> listOf(final String[] list,
                             final Function<String, T> mapper) {
    return Arrays
            .stream(list)
            .map(mapper)
            .collect(Collectors.toList());
  }

  private boolean isValid(String json) {
    try {
      new JsonParser().parse(json);
    } catch (JsonSyntaxException jse) {
      return false;
    }
    return true;
  }
}