1 package com.atlassian.plugins.rest.common.security.jersey;
2
3 import java.lang.annotation.Annotation;
4 import java.util.List;
5
6 import com.atlassian.plugin.PluginAccessor;
7 import com.atlassian.plugin.event.PluginEventManager;
8 import com.atlassian.plugins.rest.common.security.CorsAllowed;
9 import com.atlassian.plugins.rest.common.security.jersey.test.ResourceClassWithCorsAllowed;
10 import com.atlassian.plugins.rest.common.security.jersey.test.ResourceClassWithoutCorsAllowed;
11
12 import com.sun.jersey.api.model.AbstractMethod;
13 import com.sun.jersey.api.model.AbstractResource;
14 import com.sun.jersey.spi.container.ResourceFilter;
15
16 import org.junit.Before;
17 import org.junit.Test;
18 import org.junit.runner.RunWith;
19 import org.mockito.Mock;
20 import org.mockito.runners.MockitoJUnitRunner;
21
22 import static org.hamcrest.Matchers.empty;
23 import static org.hamcrest.Matchers.instanceOf;
24 import static org.hamcrest.Matchers.is;
25 import static org.junit.Assert.assertThat;
26 import static org.mockito.Mockito.when;
27
28 @RunWith(MockitoJUnitRunner.class)
29 public class TestCorsResourceFilterFactory
30 {
31 @Mock
32 private PluginEventManager pluginEventManager;
33
34 @Mock
35 private PluginAccessor pluginAccessor;
36
37 @Mock
38 private AbstractMethod jerseyMethod;
39
40 private CorsResourceFilterFactory corsResourceFilterFactory;
41
42 private static final Annotation[] EMPTY_ANNOTATIONS_ARRAY = new Annotation[0];
43
44 @Before
45 public void setup()
46 {
47 corsResourceFilterFactory = new CorsResourceFilterFactory(pluginAccessor, pluginEventManager);
48 }
49
50 @Test
51 public void testThatCorsAllowedIsDetectedOnMethod()
52 {
53 when(jerseyMethod.isAnnotationPresent(CorsAllowed.class)).thenReturn(true);
54 when(jerseyMethod.getAnnotations()).thenReturn(EMPTY_ANNOTATIONS_ARRAY);
55
56 List<ResourceFilter> resourceFilters = corsResourceFilterFactory.create(jerseyMethod);
57
58 assertContainsASingleCorsResourceFilter(resourceFilters);
59 }
60
61 @Test
62 public void testThatCorsAllowedIsDetectedOnJerseyResource()
63 {
64 when(jerseyMethod.getResource()).thenReturn(new AbstractResource(ResourceClassWithCorsAllowed.class));
65 when(jerseyMethod.getAnnotations()).thenReturn(EMPTY_ANNOTATIONS_ARRAY);
66
67 List<ResourceFilter> resourceFilters = corsResourceFilterFactory.create(jerseyMethod);
68
69 assertContainsASingleCorsResourceFilter(resourceFilters);
70 }
71
72 @Test
73 public void testThatCorsAllowedIsDetectedOnResourcePackage() throws ClassNotFoundException
74 {
75 when(jerseyMethod.getResource()).thenReturn(new AbstractResource(ResourceClassWithoutCorsAllowed.class));
76 when(jerseyMethod.getAnnotations()).thenReturn(EMPTY_ANNOTATIONS_ARRAY);
77
78 List<ResourceFilter> resourceFilters = corsResourceFilterFactory.create(jerseyMethod);
79
80 assertContainsASingleCorsResourceFilter(resourceFilters);
81 }
82
83 @Test
84 public void testThatNoCorsAllowedAnnotationsResultsInEmptyFilters() throws ClassNotFoundException
85 {
86 when(jerseyMethod.getResource()).thenReturn(new AbstractResource(this.getClass()));
87
88 List<ResourceFilter> resourceFilters = corsResourceFilterFactory.create(jerseyMethod);
89 assertThat(resourceFilters, is(empty()));
90 }
91
92 @Test
93 public void testThatResourceInDefaultPackageIsTolerated() throws ClassNotFoundException
94 {
95 when(jerseyMethod.getResource()).thenReturn(new AbstractResource(Class.forName("ClassInDefaultPackageForTesting")));
96
97 List<ResourceFilter> resourceFilters = corsResourceFilterFactory.create(jerseyMethod);
98 assertThat(resourceFilters.size(), is(0));
99 }
100
101 private static void assertContainsASingleCorsResourceFilter(List<ResourceFilter> resourceFilters)
102 {
103 assertThat(resourceFilters.size(), is(1));
104 assertThat(resourceFilters.get(0), is(instanceOf(CorsResourceFilter.class)));
105 }
106 }