View Javadoc

1   package com.atlassian.plugins.rest.common.sal.websudo;
2   
3   import static org.junit.Assert.assertNotNull;
4   import static org.junit.Assert.fail;
5   import static org.mockito.Mockito.when;
6   import static org.mockito.MockitoAnnotations.initMocks;
7   
8   import com.atlassian.plugins.rest.common.sal.websudo.nopackageprotection.ClassNoAnnotation;
9   import com.atlassian.plugins.rest.common.sal.websudo.nopackageprotection.ClassProtectedByClassAnnotation;
10  import com.atlassian.plugins.rest.common.sal.websudo.nopackageprotection.MethodProtectedByMethodAnnotation;
11  import com.atlassian.plugins.rest.common.sal.websudo.packageannotationnotrequired.MethodOverridesPackage;
12  import com.atlassian.plugins.rest.common.sal.websudo.packageannotationrequired.ClassProtectedByPackageAnnotation;
13  import com.atlassian.plugins.rest.common.sal.websudo.packageannotationrequired.ClassWebSudoNotRequiredAnnotation;
14  import com.atlassian.plugins.rest.common.sal.websudo.packageannotationrequired.MethodWebSudoNotRequiredAnnotation;
15  import com.sun.jersey.api.model.AbstractMethod;
16  import com.sun.jersey.api.model.AbstractResource;
17  import com.sun.jersey.api.model.AbstractResourceMethod;
18  import com.sun.jersey.api.model.PathValue;
19  import com.sun.jersey.spi.container.ContainerRequest;
20  import org.junit.After;
21  import org.junit.Before;
22  import org.junit.Test;
23  import org.mockito.Mock;
24  
25  import java.lang.annotation.Annotation;
26  
27  /*
28   * Test the WebSudoResourceFilter
29   * <p>
30   *
31   * Annotations on more specific types override annotations on less specific element types.
32   *
33   *      Package > Class > Method
34   *
35   * E.g. A method with a @WebSudoNotRequired annotation vetoes the @WebSudoRequired annotation on a class
36   */
37  public final class TestWebSudoResourceFilter
38  {
39      private static final String METHOD_ONE = "aMethod";
40      private static final String METHOD_TWO = "bMethod";
41  
42      private WebSudoResourceFilter webSudoResourceFilter;
43  
44      @Mock
45      private WebSudoResourceContext webSudoResourceContext;
46  
47      @Mock
48      private ContainerRequest containerRequest;
49  
50      @Before
51      public void setUp()
52      {
53          initMocks(this);
54  
55          when(webSudoResourceContext.shouldEnforceWebSudoProtection()).thenReturn(true);
56      }
57  
58      @After
59      public void teardown()
60      {
61          webSudoResourceFilter = null;
62          webSudoResourceContext = null;
63          containerRequest = null;
64      }
65  
66      @Test
67      public void filterPassesWithWebSudoProtectionOn()
68      {
69          setupResourceFilter(ClassProtectedByPackageAnnotation.class, METHOD_ONE);
70          when(webSudoResourceContext.shouldEnforceWebSudoProtection()).thenReturn(false);
71          assertNotNull(webSudoResourceFilter.filter(containerRequest));
72      }
73  
74      @Test
75      public void filterPassesWithWebSudoProtectionOnNoAnnotations()
76      {
77          setupResourceFilter(ClassNoAnnotation.class, METHOD_ONE);
78          when(webSudoResourceContext.shouldEnforceWebSudoProtection()).thenReturn(false);
79          assertNotNull(webSudoResourceFilter.filter(containerRequest));
80      }
81  
82      @Test
83      public void filterPasses()
84      {
85          setupResourceFilter(MethodProtectedByMethodAnnotation.class, METHOD_ONE);
86          webSudoResourceFilter.filter(containerRequest);
87      }
88  
89      @Test
90      public void filterPassesWithWebSudoNotRequiredClassAnnotation()
91      {
92          setupResourceFilter(ClassWebSudoNotRequiredAnnotation.class, METHOD_ONE);
93          webSudoResourceFilter.filter(containerRequest);
94      }
95  
96      @Test
97      public void filterPassesWithWebSudoNotRequiredMethodAnnotation()
98      {
99          setupResourceFilter(MethodWebSudoNotRequiredAnnotation.class, METHOD_ONE);
100         webSudoResourceFilter.filter(containerRequest);
101     }
102 
103     @Test(expected = WebSudoRequiredException.class)
104     public void filterRejectedWithPackageAnnotation()
105     {
106         setupResourceFilter(ClassProtectedByPackageAnnotation.class, METHOD_ONE);
107         webSudoResourceFilter.filter(containerRequest);
108     }
109 
110     @Test(expected = WebSudoRequiredException.class)
111     public void filterRejectedWithClassAnnotation()
112     {
113         setupResourceFilter(ClassProtectedByClassAnnotation.class, METHOD_ONE);
114         assertNotNull(webSudoResourceFilter.filter(containerRequest));
115     }
116 
117     @Test(expected = WebSudoRequiredException.class)
118     public void filterRejectedWithMethodAnnotation()
119     {
120         setupResourceFilter(MethodProtectedByMethodAnnotation.class, METHOD_TWO);
121         webSudoResourceFilter.filter(containerRequest);
122     }
123 
124     @Test(expected = WebSudoRequiredException.class)
125     public void filterRejectedMethodAnnotationOverridesClassAnnotation()
126     {
127         setupResourceFilter(ClassWebSudoNotRequiredAnnotation.class, METHOD_TWO);
128         webSudoResourceFilter.filter(containerRequest);
129     }
130 
131     @Test(expected = WebSudoRequiredException.class)
132     public void filterRejectedMethodAnnotationOverridesPackageAnnotation()
133     {
134         setupResourceFilter(MethodOverridesPackage.class, METHOD_ONE);
135         webSudoResourceFilter.filter(containerRequest);
136     }
137 
138     private void setupResourceFilter(final Class clazz, final String methodName, final Annotation... annotations)
139     {
140         try
141         {
142             AbstractMethod m = new AbstractResourceMethod(new AbstractResource(clazz, new PathValue("/")),
143                     clazz.getMethod(methodName), clazz, clazz, "test", annotations);
144             webSudoResourceFilter = new WebSudoResourceFilter(m, webSudoResourceContext);
145         } catch (NoSuchMethodException nsme)
146         {
147             fail("Test setup failed due to " + nsme.getMessage());
148         }
149     }
150 }