1 package com.atlassian.plugins.rest.common.security.jersey;
2
3 import com.atlassian.plugins.rest.common.security.AuthenticationRequiredException;
4 import com.atlassian.plugins.rest.common.security.AuthorisationException;
5 import com.atlassian.sal.api.user.UserManager;
6 import com.sun.jersey.spi.container.ContainerRequest;
7 import org.junit.Before;
8 import org.junit.Test;
9 import org.mockito.Mock;
10
11 import static org.junit.Assert.assertSame;
12 import static org.junit.Assert.fail;
13 import static org.mockito.Mockito.verify;
14 import static org.mockito.Mockito.when;
15 import static org.mockito.MockitoAnnotations.initMocks;
16
17 public class TestAdminOnlyResourceFilter {
18 private AdminOnlyResourceFilter adminOnlyResourceFilter;
19 @Mock
20 private UserManager mockUserManager;
21 @Mock
22 private ContainerRequest containerRequest;
23
24 @Before
25 public void setUp() {
26 initMocks(this);
27 adminOnlyResourceFilter = new AdminOnlyResourceFilter(mockUserManager);
28 }
29
30 @Test
31 public void filterPassed() {
32 when(mockUserManager.getRemoteUsername()).thenReturn("dusan");
33 when(mockUserManager.isAdmin("dusan")).thenReturn(true);
34 assertSame(containerRequest, adminOnlyResourceFilter.getRequestFilter().filter(containerRequest));
35 verify(mockUserManager).isAdmin("dusan");
36 }
37
38 @Test(expected = AuthenticationRequiredException.class)
39 public void filterRejectedNoLogin() {
40 adminOnlyResourceFilter.getRequestFilter().filter(containerRequest);
41 }
42
43
44 @Test
45 public void filterRejectedNotAdmin() {
46 when(mockUserManager.getRemoteUsername()).thenReturn("dusan");
47 try {
48 adminOnlyResourceFilter.getRequestFilter().filter(containerRequest);
49 fail("AuthorisationException not thrown");
50 } catch (AuthorisationException ae) {
51 verify(mockUserManager).isAdmin("dusan");
52 }
53 }
54
55 }