From 81e78a354936f51ee33e9072d8554d663f4f4bd3 Mon Sep 17 00:00:00 2001 From: Cyril Dubuisson Date: Mon, 9 Mar 2020 10:17:39 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=85=20:=20fix=20tests=20after=20security?= =?UTF-8?q?=20process=20rework?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../modules/controller/ModuleRestControllerIT.java | 10 +++++++++- .../gaia/stacks/controller/StackRestControllerIT.java | 11 ++++++++++- .../gaia/teams/controller/UsersRestControllerIT.java | 5 ++++- .../codeka/gaia/teams/repository/UserRepositoryIT.kt | 2 +- 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/src/test/java/io/codeka/gaia/modules/controller/ModuleRestControllerIT.java b/src/test/java/io/codeka/gaia/modules/controller/ModuleRestControllerIT.java index ea645ebf3..76eeacf39 100644 --- a/src/test/java/io/codeka/gaia/modules/controller/ModuleRestControllerIT.java +++ b/src/test/java/io/codeka/gaia/modules/controller/ModuleRestControllerIT.java @@ -14,6 +14,7 @@ import org.testcontainers.junit.jupiter.Testcontainers; import static org.hamcrest.Matchers.*; +import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*; import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; @@ -95,6 +96,7 @@ void findModule_shouldReturnModulesOfOtherTeams_forAdmin() throws Exception { @WithMockUser("Mary J") void saveModule_shouldNotBeAccessible_forStandardUsers() throws Exception { mockMvc.perform(put("/api/modules/e01f9925-a559-45a2-8a55-f93dc434c676") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) .content("{\"name\":\"module-test\"," + "\"terraformImage\":{\"repository\":\"hashicorp/terraform\",\"tag\":\"latest\"}," + @@ -105,6 +107,7 @@ void saveModule_shouldNotBeAccessible_forStandardUsers() throws Exception { @Test void saveModule_shouldBeAccessible_forAdmin() throws Exception { mockMvc.perform(put("/api/modules/e01f9925-a559-45a2-8a55-f93dc434c676") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) .content("{\"name\":\"module-test\"," + "\"terraformImage\":{\"repository\":\"hashicorp/terraform\",\"tag\":\"latest\"}," + @@ -117,6 +120,7 @@ void saveModule_shouldBeAccessible_forAdmin() throws Exception { @Test void saveModule_shouldValidateModuleContent_forBlankFields() throws Exception { mockMvc.perform(put("/api/modules/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty module .content("{}")) @@ -128,6 +132,7 @@ void saveModule_shouldValidateModuleContent_forBlankFields() throws Exception { @Test void saveModule_shouldValidateModuleVariables_forBlankFields() throws Exception { mockMvc.perform(put("/api/modules/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty variable name .content("{\"variables\":[{\"name\":\" \"}]}")) @@ -138,6 +143,7 @@ void saveModule_shouldValidateModuleVariables_forBlankFields() throws Exception @Test void saveModule_shouldValidateTerraformImage_forBlankFields() throws Exception { mockMvc.perform(put("/api/modules/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty terraform image .content("{\"terraformImage\":{\"repository\":\" \",\"tag\":\" \"}}")) @@ -149,6 +155,7 @@ void saveModule_shouldValidateTerraformImage_forBlankFields() throws Exception { @Test void saveModule_shouldValidateTerraformImage_forWrongRepositoryName() throws Exception { mockMvc.perform(put("/api/modules/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty terraform image .content("{\"terraformImage\":{\"repository\":\"wrong+pattern+image\",\"tag\":\"shame\"}}")) @@ -160,6 +167,7 @@ void saveModule_shouldValidateTerraformImage_forWrongRepositoryName() throws Exc @Test void createModule_shouldSaveAModule() throws Exception { mockMvc.perform(post("/api/modules") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty variable name .content("{\"name\":\"new-module\"}")) @@ -167,4 +175,4 @@ void createModule_shouldSaveAModule() throws Exception { .andExpect(jsonPath("$.name", is("new-module"))); } -} \ No newline at end of file +} diff --git a/src/test/java/io/codeka/gaia/stacks/controller/StackRestControllerIT.java b/src/test/java/io/codeka/gaia/stacks/controller/StackRestControllerIT.java index 3807218a7..43cd07511 100644 --- a/src/test/java/io/codeka/gaia/stacks/controller/StackRestControllerIT.java +++ b/src/test/java/io/codeka/gaia/stacks/controller/StackRestControllerIT.java @@ -14,6 +14,7 @@ import org.testcontainers.junit.jupiter.Testcontainers; import static org.hamcrest.Matchers.*; +import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; @@ -92,6 +93,7 @@ void getStacks_shouldReturnStack_forAdmin() throws Exception { @WithMockUser("Mary J") void saveStack_shouldBeAccessible_forStandardUser() throws Exception { mockMvc.perform(post("/api/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) .content("{\"name\":\"stack-test\", \"moduleId\": \"e01f9925-a559-45a2-8a55-f93dc434c676\"}")) .andExpect(status().isOk()) @@ -105,6 +107,7 @@ void saveStack_shouldBeAccessible_forStandardUser() throws Exception { @WithMockUser("Mary J") void updateStack_shouldBeAccessible_forStandardUser() throws Exception { mockMvc.perform(put("/api/stacks/test") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) .content("{\"name\":\"stack-test\", \"moduleId\": \"e01f9925-a559-45a2-8a55-f93dc434c676\"}")) .andExpect(status().isOk()) @@ -115,6 +118,7 @@ void updateStack_shouldBeAccessible_forStandardUser() throws Exception { @Test void saveStack_shouldValidateStackContent() throws Exception { mockMvc.perform(post("/api/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty name and module id .content("{}")) @@ -126,6 +130,7 @@ void saveStack_shouldValidateStackContent() throws Exception { @Test void saveStack_shouldValidateStackContent_forBlankFields() throws Exception { mockMvc.perform(post("/api/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty name and module id .content("{\"name\":\" \",\"moduleId\":\" \"}")) @@ -137,6 +142,7 @@ void saveStack_shouldValidateStackContent_forBlankFields() throws Exception { @Test void updateStack_shouldValidateStackContent() throws Exception { mockMvc.perform(put("/api/stacks/test") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty name and module id .content("{\"name\":\"\", \"moduleId\": \"\"}")) @@ -148,6 +154,7 @@ void updateStack_shouldValidateStackContent() throws Exception { @Test void saveStack_shouldValidateStackVariables() throws Exception { mockMvc.perform(post("/api/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // null variable .content("{\"name\":\"stack-test\", \"moduleId\": \"b39ccd07-80f5-455f-a6b3-b94f915738c4\", \"variableValues\":{}}")) @@ -158,6 +165,7 @@ void saveStack_shouldValidateStackVariables() throws Exception { @Test void saveStack_shouldWork_stackIsValid() throws Exception { mockMvc.perform(post("/api/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // empty name .content("{\"name\":\"stack-test\", \"moduleId\": \"b39ccd07-80f5-455f-a6b3-b94f915738c4\", \"variableValues\":{\"mongo_container_name\":\"someContainerName\"}}")) @@ -167,6 +175,7 @@ void saveStack_shouldWork_stackIsValid() throws Exception { @Test void saveStack_shouldValidateStackVariablesRegex() throws Exception { mockMvc.perform(post("/api/stacks") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) // null variable .content("{\"name\":\"stack-test\", \"moduleId\": \"b39ccd07-80f5-455f-a6b3-b94f915738c4\", \"variableValues\":{\"mongo_container_name\":\"someContainerName\",\"mongo_exposed_port\":\"toto\"}}")) @@ -174,4 +183,4 @@ void saveStack_shouldValidateStackVariablesRegex() throws Exception { .andExpect(jsonPath("$.message", is("variables should match the regex"))); } -} \ No newline at end of file +} diff --git a/src/test/java/io/codeka/gaia/teams/controller/UsersRestControllerIT.java b/src/test/java/io/codeka/gaia/teams/controller/UsersRestControllerIT.java index ade38353b..fd99686a2 100644 --- a/src/test/java/io/codeka/gaia/teams/controller/UsersRestControllerIT.java +++ b/src/test/java/io/codeka/gaia/teams/controller/UsersRestControllerIT.java @@ -20,6 +20,7 @@ import static org.hamcrest.Matchers.*; import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put; import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; @@ -74,6 +75,7 @@ void users_shouldBeExposed_atSpecificUrl() throws Exception { @Test void saveUser_shouldBeExposed_atSpecificUrl() throws Exception { mockMvc.perform(put("/api/users/test") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) .content("{\"username\":\"Bob\"}")) .andExpect(status().isOk()) @@ -94,6 +96,7 @@ void users_canBeChangedOfTeam() throws Exception { // when mockMvc.perform(put("/api/users/Darth Vader") + .with(csrf()) .contentType(MediaType.APPLICATION_JSON) .content("{\"username\": \"Darth Vader\",\"team\": {\"id\": \"Sith\"}}")) .andDo(print()) @@ -111,4 +114,4 @@ void users_canBeChangedOfTeam() throws Exception { mongoContainer.resetDatabase(); } -} \ No newline at end of file +} diff --git a/src/test/java/io/codeka/gaia/teams/repository/UserRepositoryIT.kt b/src/test/java/io/codeka/gaia/teams/repository/UserRepositoryIT.kt index cc8d78630..b828cbdfe 100644 --- a/src/test/java/io/codeka/gaia/teams/repository/UserRepositoryIT.kt +++ b/src/test/java/io/codeka/gaia/teams/repository/UserRepositoryIT.kt @@ -37,7 +37,7 @@ class UserRepositoryIT { assertThat(result) .isNotNull .isPresent - .hasValueSatisfying { assertThat(it).isEqualTo("Samantha Carter") } + .hasValueSatisfying { assertThat(it.username).isEqualTo("Samantha Carter") } } }