/*
* Copyright 2016 Hammock and its contributors
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
* implied.
*
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package ws.ament.hammock.security.test;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.EmptyAsset;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
import org.junit.Test;
import org.junit.runner.RunWith;
import ws.ament.hammock.security.api.HasAllRoles;
import ws.ament.hammock.security.api.Identity;
import ws.ament.hammock.security.api.MissingRolesException;
import ws.ament.hammock.security.impl.HasAllRolesInterceptor;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Inject;
import java.util.ArrayList;
import java.util.List;
import static java.util.Arrays.asList;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
@RunWith(Arquillian.class)
public class HasAllRolesTest {
private static final String SUCCESS = "success";
@Inject
private RoleBasedIdentity roleBasedIdentity;
@Inject
private Controller controller;
@Deployment
public static Archive<?> deployment() {
return ShrinkWrap.create(JavaArchive.class)
.addAsManifestResource(EmptyAsset.INSTANCE, "beans.xml")
.addClasses(HasAllRoles.class, HasAllRolesInterceptor.class);
}
@Test
public void shouldFailWithNoRoles() {
roleBasedIdentity.addRoles();
assertThatThrownBy(() -> controller.doWork())
.isInstanceOf(MissingRolesException.class)
.hasMessageContaining("jane, bob, ralph");
}
@Test
public void shouldSucceedWithAllRoles() {
roleBasedIdentity.addRoles("jane","bob","ralph");
String s = controller.doWork();
assertThat(s).isEqualTo(SUCCESS);
}
@ApplicationScoped
public static class RoleBasedIdentity implements Identity {
private List<String> roles = new ArrayList<>();
@Override
public boolean isLoggedIn() {
return false;
}
@Override
public boolean hasRole(String x) {
return roles.indexOf(x) >= 0;
}
public void addRoles(String... newRoles) {
roles.clear();
roles.addAll(asList(newRoles));
}
}
@HasAllRoles({"jane","bob","ralph"})
@ApplicationScoped
public static class Controller {
String doWork() {
return SUCCESS;
}
}
}