1 package com.atlassian.plugins.rest.common.sal.websudo;
2
3 import static org.junit.Assert.assertNotNull;
4 import static org.junit.Assert.fail;
5 import static org.mockito.Mockito.when;
6 import static org.mockito.MockitoAnnotations.initMocks;
7
8 import com.atlassian.plugins.rest.common.sal.websudo.nopackageprotection.ClassNoAnnotation;
9 import com.atlassian.plugins.rest.common.sal.websudo.nopackageprotection.ClassProtectedByClassAnnotation;
10 import com.atlassian.plugins.rest.common.sal.websudo.nopackageprotection.MethodProtectedByMethodAnnotation;
11 import com.atlassian.plugins.rest.common.sal.websudo.packageannotationnotrequired.MethodOverridesPackage;
12 import com.atlassian.plugins.rest.common.sal.websudo.packageannotationrequired.ClassProtectedByPackageAnnotation;
13 import com.atlassian.plugins.rest.common.sal.websudo.packageannotationrequired.ClassWebSudoNotRequiredAnnotation;
14 import com.atlassian.plugins.rest.common.sal.websudo.packageannotationrequired.MethodWebSudoNotRequiredAnnotation;
15 import com.sun.jersey.api.model.AbstractMethod;
16 import com.sun.jersey.api.model.AbstractResource;
17 import com.sun.jersey.api.model.AbstractResourceMethod;
18 import com.sun.jersey.api.model.PathValue;
19 import com.sun.jersey.spi.container.ContainerRequest;
20 import org.junit.After;
21 import org.junit.Before;
22 import org.junit.Test;
23 import org.mockito.Mock;
24
25 import java.lang.annotation.Annotation;
26
27
28
29
30
31
32
33
34
35
36
37 public final class TestWebSudoResourceFilter
38 {
39 private static final String METHOD_ONE = "aMethod";
40 private static final String METHOD_TWO = "bMethod";
41
42 private WebSudoResourceFilter webSudoResourceFilter;
43
44 @Mock
45 private WebSudoResourceContext webSudoResourceContext;
46
47 @Mock
48 private ContainerRequest containerRequest;
49
50 @Before
51 public void setUp()
52 {
53 initMocks(this);
54
55 when(webSudoResourceContext.shouldEnforceWebSudoProtection()).thenReturn(true);
56 }
57
58 @After
59 public void teardown()
60 {
61 webSudoResourceFilter = null;
62 webSudoResourceContext = null;
63 containerRequest = null;
64 }
65
66 @Test
67 public void filterPassesWithWebSudoProtectionOn()
68 {
69 setupResourceFilter(ClassProtectedByPackageAnnotation.class, METHOD_ONE);
70 when(webSudoResourceContext.shouldEnforceWebSudoProtection()).thenReturn(false);
71 assertNotNull(webSudoResourceFilter.filter(containerRequest));
72 }
73
74 @Test
75 public void filterPassesWithWebSudoProtectionOnNoAnnotations()
76 {
77 setupResourceFilter(ClassNoAnnotation.class, METHOD_ONE);
78 when(webSudoResourceContext.shouldEnforceWebSudoProtection()).thenReturn(false);
79 assertNotNull(webSudoResourceFilter.filter(containerRequest));
80 }
81
82 @Test
83 public void filterPasses()
84 {
85 setupResourceFilter(MethodProtectedByMethodAnnotation.class, METHOD_ONE);
86 webSudoResourceFilter.filter(containerRequest);
87 }
88
89 @Test
90 public void filterPassesWithWebSudoNotRequiredClassAnnotation()
91 {
92 setupResourceFilter(ClassWebSudoNotRequiredAnnotation.class, METHOD_ONE);
93 webSudoResourceFilter.filter(containerRequest);
94 }
95
96 @Test
97 public void filterPassesWithWebSudoNotRequiredMethodAnnotation()
98 {
99 setupResourceFilter(MethodWebSudoNotRequiredAnnotation.class, METHOD_ONE);
100 webSudoResourceFilter.filter(containerRequest);
101 }
102
103 @Test(expected = WebSudoRequiredException.class)
104 public void filterRejectedWithPackageAnnotation()
105 {
106 setupResourceFilter(ClassProtectedByPackageAnnotation.class, METHOD_ONE);
107 webSudoResourceFilter.filter(containerRequest);
108 }
109
110 @Test(expected = WebSudoRequiredException.class)
111 public void filterRejectedWithClassAnnotation()
112 {
113 setupResourceFilter(ClassProtectedByClassAnnotation.class, METHOD_ONE);
114 assertNotNull(webSudoResourceFilter.filter(containerRequest));
115 }
116
117 @Test(expected = WebSudoRequiredException.class)
118 public void filterRejectedWithMethodAnnotation()
119 {
120 setupResourceFilter(MethodProtectedByMethodAnnotation.class, METHOD_TWO);
121 webSudoResourceFilter.filter(containerRequest);
122 }
123
124 @Test(expected = WebSudoRequiredException.class)
125 public void filterRejectedMethodAnnotationOverridesClassAnnotation()
126 {
127 setupResourceFilter(ClassWebSudoNotRequiredAnnotation.class, METHOD_TWO);
128 webSudoResourceFilter.filter(containerRequest);
129 }
130
131 @Test(expected = WebSudoRequiredException.class)
132 public void filterRejectedMethodAnnotationOverridesPackageAnnotation()
133 {
134 setupResourceFilter(MethodOverridesPackage.class, METHOD_ONE);
135 webSudoResourceFilter.filter(containerRequest);
136 }
137
138 private void setupResourceFilter(final Class clazz, final String methodName, final Annotation... annotations)
139 {
140 try
141 {
142 AbstractMethod m = new AbstractResourceMethod(new AbstractResource(clazz, new PathValue("/")),
143 clazz.getMethod(methodName), clazz, clazz, "test", annotations);
144 webSudoResourceFilter = new WebSudoResourceFilter(m, webSudoResourceContext);
145 } catch (NoSuchMethodException nsme)
146 {
147 fail("Test setup failed due to " + nsme.getMessage());
148 }
149 }
150 }