View Javadoc

1   package com.atlassian.plugins.rest.common.security.jersey;
2   
3   import com.atlassian.plugins.rest.common.security.XsrfCheckFailedException;
4   import com.sun.jersey.spi.container.ContainerRequest;
5   import org.junit.Before;
6   import org.junit.Test;
7   import org.junit.runner.RunWith;
8   import org.mockito.Mock;
9   import org.mockito.runners.MockitoJUnitRunner;
10  
11  import javax.ws.rs.core.MediaType;
12  
13  import static org.junit.Assert.assertEquals;
14  import static org.mockito.Mockito.when;
15  
16  /**
17   */
18  @RunWith (MockitoJUnitRunner.class)
19  public class TestXsrfResourceFilter
20  {
21      private XsrfResourceFilter xsrfResourceFilter;
22      @Mock
23      private ContainerRequest request;
24  
25      @Before
26      public void setUp()
27      {
28          xsrfResourceFilter = new XsrfResourceFilter();
29      }
30  
31      @Test(expected = XsrfCheckFailedException.class)
32      public void testGetBlocked()
33      {
34          when(request.getMethod()).thenReturn("GET");
35          xsrfResourceFilter.filter(request);
36      }
37  
38      @Test
39      public void testGetSuccess()
40      {
41          when(request.getMethod()).thenReturn("GET");
42          when(request.getHeaderValue("X-Atlassian-Token")).thenReturn("nocheck");
43          assertEquals(request, xsrfResourceFilter.filter(request));
44      }
45  
46      @Test(expected = XsrfCheckFailedException.class)
47      public void testPostBlocked()
48      {
49          when(request.getMethod()).thenReturn("POST");
50          when(request.getMediaType()).thenReturn(MediaType.APPLICATION_FORM_URLENCODED_TYPE);
51          xsrfResourceFilter.filter(request);
52      }
53  
54      @Test
55      public void testPostSuccess()
56      {
57          when(request.getMethod()).thenReturn("POST");
58          when(request.getMediaType()).thenReturn(MediaType.APPLICATION_FORM_URLENCODED_TYPE);
59          when(request.getHeaderValue("X-Atlassian-Token")).thenReturn("nocheck");
60          assertEquals(request, xsrfResourceFilter.filter(request));
61      }
62  
63      @Test
64      public void testPostJsonSuccess()
65      {
66          when(request.getMethod()).thenReturn("POST");
67          when(request.getMediaType()).thenReturn(MediaType.APPLICATION_JSON_TYPE);
68          assertEquals(request, xsrfResourceFilter.filter(request));
69      }
70  
71      @Test
72      public void testPutFormSuccess()
73      {
74          when(request.getMethod()).thenReturn("PUT");
75          when(request.getMediaType()).thenReturn(MediaType.APPLICATION_FORM_URLENCODED_TYPE);
76          assertEquals(request, xsrfResourceFilter.filter(request));
77      }
78  
79  }