HeaderConstraintTest.java

package com.thoughtworks.go.server.security;

import com.thoughtworks.go.util.SystemEnvironment;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;

import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;

public class HeaderConstraintTest {

    @Test
    public void shouldBeSatisfiedIfAPISafeModeIsTurnedOff() {
        SystemEnvironment systemEnvironment = mock(SystemEnvironment.class);
        MockHttpServletRequest request = new MockHttpServletRequest();

        when(systemEnvironment.isApiSafeModeEnabled()).thenReturn(false);
        request.addHeader("Confirm", "false");

        assertTrue(new HeaderConstraint(systemEnvironment).isSatisfied(request));
    }

    @Test
    public void shouldBeSatisfiedInPresenceOfRequiredHeader() {
        SystemEnvironment systemEnvironment = mock(SystemEnvironment.class);
        MockHttpServletRequest request = new MockHttpServletRequest();

        when(systemEnvironment.isApiSafeModeEnabled()).thenReturn(true);
        request.addHeader("Confirm", "True");

        assertTrue(new HeaderConstraint(systemEnvironment).isSatisfied(request));
    }

    @Test
    public void shouldBeUnsatisfiedIfRequiredHeadersAreAbsent() {
        SystemEnvironment systemEnvironment = mock(SystemEnvironment.class);
        MockHttpServletRequest request = new MockHttpServletRequest();

        when(systemEnvironment.isApiSafeModeEnabled()).thenReturn(true);

        assertFalse(new HeaderConstraint(systemEnvironment).isSatisfied(request));
    }
}