1 package com.atlassian.plugins.rest.common.security.jersey;
2
3 import com.atlassian.plugins.rest.common.security.AuthenticationRequiredException;
4 import com.atlassian.sal.api.user.UserManager;
5 import com.sun.jersey.spi.container.ContainerRequest;
6 import org.junit.Before;
7 import org.junit.Test;
8 import org.mockito.Mock;
9
10 import static org.junit.Assert.assertSame;
11 import static org.mockito.Mockito.verify;
12 import static org.mockito.Mockito.when;
13 import static org.mockito.MockitoAnnotations.initMocks;
14
15 public class TestAdminOnlyResourceFilter
16 {
17 private AdminOnlyResourceFilter adminOnlyResourceFilter;
18 @Mock
19 private UserManager mockUserManager;
20 @Mock
21 private ContainerRequest containerRequest;
22
23 @Before
24 public void setUp()
25 {
26 initMocks(this);
27 adminOnlyResourceFilter = new AdminOnlyResourceFilter(mockUserManager);
28 }
29
30 @Test
31 public void filterPassed()
32 {
33 when(mockUserManager.getRemoteUsername()).thenReturn("dusan");
34 when(mockUserManager.isAdmin("dusan")).thenReturn(true);
35 assertSame(containerRequest, adminOnlyResourceFilter.getRequestFilter().filter(containerRequest));
36 verify(mockUserManager).isAdmin("dusan");
37 }
38
39 @Test(expected = AuthenticationRequiredException.class)
40 public void filterRejectedNoLogin()
41 {
42 adminOnlyResourceFilter.getRequestFilter().filter(containerRequest);
43 }
44
45
46 @Test(expected = SecurityException.class)
47 public void filterRejectedNotAdmin()
48 {
49 when(mockUserManager.getRemoteUsername()).thenReturn("dusan");
50 adminOnlyResourceFilter.getRequestFilter().filter(containerRequest);
51 verify(mockUserManager).isAdmin("dusan");
52 }
53
54 }