UserAccountServiceImplTest.java

package org.molgenis.security.user;

import org.molgenis.auth.User;
import org.molgenis.security.user.UserAccountServiceImplTest.Config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.testng.AbstractTestNGSpringContextTests;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

import static org.mockito.Mockito.*;
import static org.testng.Assert.*;

@ContextConfiguration(classes = { Config.class })
public class UserAccountServiceImplTest extends AbstractTestNGSpringContextTests
{
	@Configuration
	static class Config
	{
		@Bean
		public UserAccountServiceImpl userAccountServiceImpl()
		{
			return new UserAccountServiceImpl();
		}

		@Bean
		public PasswordEncoder passwordEncoder()
		{
			return mock(PasswordEncoder.class);
		}

		@Bean
		public UserService molgenisUserService()
		{
			return mock(UserService.class);
		}
	}

	private static final String USERNAME_USER = "username";
	private static Authentication AUTHENTICATION_PREVIOUS;
	private Authentication authentication;

	@Autowired
	private UserAccountServiceImpl userAccountServiceImpl;

	@Autowired
	private UserService userService;

	@Autowired
	private PasswordEncoder passwordEncoder;

	@BeforeClass
	public void setUpBeforeClass()
	{
		AUTHENTICATION_PREVIOUS = SecurityContextHolder.getContext().getAuthentication();
		authentication = mock(Authentication.class);
		when(authentication.getPrincipal()).thenReturn(USERNAME_USER);
		SecurityContextHolder.getContext().setAuthentication(authentication);
	}

	@AfterClass
	public static void tearDownAfterClass()
	{
		SecurityContextHolder.getContext().setAuthentication(AUTHENTICATION_PREVIOUS);
	}

	@Test
	public void getCurrentUser()
	{
		when(authentication.getPrincipal()).thenReturn(USERNAME_USER);

		User existingUser = mock(User.class);
		when(userService.getUser(USERNAME_USER)).thenReturn(existingUser);
		assertEquals(userAccountServiceImpl.getCurrentUser(), existingUser);
	}

	@Test
	public void updateCurrentUser()
	{
		User existingUser = mock(User.class);
		when(existingUser.getId()).thenReturn("1");
		when(existingUser.getUsername()).thenReturn(USERNAME_USER);
		when(existingUser.getPassword()).thenReturn("encrypted-password");

		when(userService.getUser(USERNAME_USER)).thenReturn(existingUser);

		User updatedUser = mock(User.class);
		when(updatedUser.getId()).thenReturn("1");
		when(updatedUser.getUsername()).thenReturn("username");
		when(updatedUser.getPassword()).thenReturn("encrypted-password");

		userAccountServiceImpl.updateCurrentUser(updatedUser);
		verify(passwordEncoder, never()).encode("encrypted-password");
	}

	@Test(expectedExceptions = RuntimeException.class)
	public void updateCurrentUser_wrongUser()
	{
		User existingUser = mock(User.class);
		when(existingUser.getId()).thenReturn("1");
		when(existingUser.getPassword()).thenReturn("encrypted-password");

		when(userService.getUser(USERNAME_USER)).thenReturn(existingUser);

		User updatedUser = mock(User.class);
		when(updatedUser.getId()).thenReturn("1");
		when(updatedUser.getUsername()).thenReturn("wrong-username");
		when(updatedUser.getPassword()).thenReturn("encrypted-password");

		userAccountServiceImpl.updateCurrentUser(updatedUser);
	}

	@Test
	public void updateCurrentUser_changePassword()
	{
		when(passwordEncoder.matches("new-password", "encrypted-password")).thenReturn(true);
		User existingUser = mock(User.class);
		when(existingUser.getId()).thenReturn("1");
		when(existingUser.getPassword()).thenReturn("encrypted-password");
		when(existingUser.getUsername()).thenReturn("username");

		when(userService.getUser(USERNAME_USER)).thenReturn(existingUser);

		User updatedUser = mock(User.class);
		when(updatedUser.getId()).thenReturn("1");
		when(updatedUser.getPassword()).thenReturn("new-password");
		when(updatedUser.getUsername()).thenReturn("username");

		userAccountServiceImpl.updateCurrentUser(updatedUser);
	}

	@Test
	public void validateCurrentUserPassword()
	{
		User existingUser = mock(User.class);
		when(existingUser.getId()).thenReturn("1");
		when(existingUser.getPassword()).thenReturn("encrypted-password");
		when(existingUser.getUsername()).thenReturn("username");
		when(passwordEncoder.matches("password", "encrypted-password")).thenReturn(true);
		assertTrue(userAccountServiceImpl.validateCurrentUserPassword("password"));
		assertFalse(userAccountServiceImpl.validateCurrentUserPassword("wrong-password"));
	}
}