aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2016-11-27 17:13:27 +0300
committerGravatar Vitaly Takmazov2016-11-27 17:13:27 +0300
commita1dfdabfa7a43b28d827458a0b4c5f6a2a1a9013 (patch)
tree301d1637666efdb05ef6ae390df4ca92f4233039
parente741ce2ec74765e49b9c279264afdddf5a1122f6 (diff)
juick-api: red tests for cors and hash authentication
-rw-r--r--juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java3
-rw-r--r--juick-api/src/main/java/com/juick/api/controllers/Messages.java8
-rw-r--r--juick-api/src/test/java/com/juick/api/tests/MessagesTests.java10
3 files changed, 15 insertions, 6 deletions
diff --git a/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java b/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java
index 8e0087d7..e3a49c6c 100644
--- a/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java
+++ b/juick-api/src/main/java/com/juick/api/configuration/ApiMvcConfiguration.java
@@ -42,6 +42,7 @@ public class ApiMvcConfiguration extends WebMvcConfigurationSupport {
@Override
protected void addCorsMappings(CorsRegistry registry) {
- registry.addMapping("/**");
+ registry.addMapping("/**")
+ .allowedOrigins("*");
}
}
diff --git a/juick-api/src/main/java/com/juick/api/controllers/Messages.java b/juick-api/src/main/java/com/juick/api/controllers/Messages.java
index 78c8ecc6..f8e892e7 100644
--- a/juick-api/src/main/java/com/juick/api/controllers/Messages.java
+++ b/juick-api/src/main/java/com/juick/api/controllers/Messages.java
@@ -17,10 +17,7 @@ import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.*;
import rocks.xmpp.addr.Jid;
import rocks.xmpp.core.stanza.model.Message;
@@ -34,6 +31,7 @@ import java.util.List;
* @author ugnich
*/
@Controller
+@CrossOrigin
@RequestMapping(method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
public class Messages {
private static final Logger logger = LoggerFactory.getLogger(Messages.class);
@@ -78,6 +76,7 @@ public class Messages {
@RequestMapping("/messages")
public ResponseEntity<List<com.juick.Message>> getMessages(
HttpServletRequest request,
+ @RequestParam(required = false) String hash,
@RequestParam(required = false) String uname,
@RequestParam(defaultValue = "0") int before_mid,
@RequestParam(required = false) String popular,
@@ -90,7 +89,6 @@ public class Messages {
return FORBIDDEN;
if (vuid == 0) {
- String hash = request.getParameter("hash");
if (hash != null && hash.length() == 16)
vuid = userService.getUIDbyHash(hash);
}
diff --git a/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java b/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java
index 788582a0..6996adb9 100644
--- a/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java
+++ b/juick-api/src/test/java/com/juick/api/tests/MessagesTests.java
@@ -9,6 +9,7 @@ import com.juick.api.configuration.ApiSecurityConfig;
import com.juick.configuration.DataConfiguration;
import com.juick.service.MessagesService;
import com.juick.service.UserService;
+import org.apache.commons.lang3.RandomStringUtils;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -72,6 +73,7 @@ public class MessagesTests {
public void setUp() {
mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext)
.apply(SecurityMockMvcConfigurers.springSecurity())
+ .dispatchOptions(true)
.build();
}
@@ -107,9 +109,17 @@ public class MessagesTests {
mockMvc.perform(get("/home").with(httpBasic(ugnichName, uginchPassword)))
.andExpect(status().isOk())
+ .andExpect(header().string("Access-Control-Allow-Origin", "*"))
+ .andExpect(header().string("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE"))
+ .andExpect(header().string("Access-Control-Allow-Headers", "*"))
.andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8))
.andExpect(jsonPath("$", hasSize(1)))
.andExpect(jsonPath("$[0].mid", is(1)))
.andExpect(jsonPath("$[0].body", is(msgText)));
+ String hash = RandomStringUtils.random(16);
+ when(userService.getHashByUID(1)).thenReturn(hash);
+ mockMvc.perform(get("/messages")
+ .param("hash", hash))
+ .andExpect(status().isOk());
}
}