View Javadoc
1   package com.atlassian.refapp.auth.internal;
2   
3   import com.atlassian.refapp.auth.external.WebSudoSessionManager;
4   import org.junit.After;
5   import org.junit.Before;
6   import org.junit.Test;
7   import org.junit.runner.RunWith;
8   import org.mockito.Mock;
9   import org.mockito.runners.MockitoJUnit44Runner;
10  
11  import javax.servlet.http.HttpServletRequest;
12  import javax.servlet.http.HttpSession;
13  import java.util.concurrent.TimeUnit;
14  
15  import static org.hamcrest.core.Is.is;
16  import static org.junit.Assert.assertThat;
17  import static org.mockito.Mockito.verify;
18  import static org.mockito.Mockito.when;
19  
20  @RunWith(MockitoJUnit44Runner.class)
21  public class DefaultWebSudoSessionManagerTest {
22      private static final long CURRENT_MILLIS = 1234L;
23      private static final String SESS_KEY = DefaultWebSudoSessionManager.class.getName() + "-session";
24  
25      private WebSudoSessionManager webSudoSessionManager;
26  
27      @Mock
28      private HttpServletRequest httpServletRequest;
29  
30      @Mock
31      private HttpSession session;
32  
33      @Before
34      public void setUp() throws Exception {
35  
36          when(httpServletRequest.getSession(true)).thenReturn(session);
37          when(httpServletRequest.getSession(false)).thenReturn(session);
38          when(httpServletRequest.getSession()).thenReturn(session);
39  
40          webSudoSessionManager = new DefaultWebSudoSessionManager() {
41              @Override
42              long currentTimeMillis() {
43                  return CURRENT_MILLIS;
44              }
45          };
46      }
47  
48      @After
49      public void tearDown() throws Exception {
50          webSudoSessionManager = null;
51      }
52  
53      @Test
54      public void isWebSudoSession() throws Exception {
55          assertThat(webSudoSessionManager.isWebSudoSession(httpServletRequest), is(false));
56      }
57  
58      @Test
59      public void isWebSudoSessionExpired() throws Exception {
60          when(session.getAttribute(SESS_KEY)).thenReturn(CURRENT_MILLIS - 2);
61          assertThat(webSudoSessionManager.isWebSudoSession(httpServletRequest), is(true));
62      }
63  
64      @Test
65      public void isWebSudoSessionTrue() throws Exception {
66          webSudoSessionManager = new DefaultWebSudoSessionManager() {
67              @Override
68              long currentTimeMillis() {
69                  return CURRENT_MILLIS + TimeUnit.SECONDS.toMillis(12 * 60);
70              }
71          };
72          when(session.getAttribute(SESS_KEY)).thenReturn(CURRENT_MILLIS);
73          assertThat(webSudoSessionManager.isWebSudoSession(httpServletRequest), is(false));
74      }
75  
76      @Test
77      public void createWebSudoSession() throws Exception {
78          webSudoSessionManager.createWebSudoSession(httpServletRequest);
79          verify(session).setAttribute(SESS_KEY, CURRENT_MILLIS);
80      }
81  
82      @Test
83      public void removeWebSudoSession() throws Exception {
84          webSudoSessionManager.removeWebSudoSession(httpServletRequest);
85          verify(session).removeAttribute(SESS_KEY);
86      }
87  
88      @Test
89      public void disableWebSudoSession() {
90          System.setProperty(DefaultWebSudoSessionManager.WEB_SUDO_CHECKING_DISABLED_PROPERTY,"true");
91          assertThat(webSudoSessionManager.isWebSudoSession(httpServletRequest), is(true));
92          System.setProperty(DefaultWebSudoSessionManager.WEB_SUDO_CHECKING_DISABLED_PROPERTY,"false");
93      }
94  }