diff options
author | Vitaly Takmazov | 2019-04-26 16:40:58 +0300 |
---|---|---|
committer | Vitaly Takmazov | 2019-04-26 16:40:58 +0300 |
commit | a34350b62784d4332243ba40ffe928afd91f67d3 (patch) | |
tree | 55923327b759122d784ca1443337e94e337e095a /src/test/java/com/juick/server | |
parent | b3a514931460eb495538cdc49902bc083c5c147d (diff) |
Authorization checks are in spring-security for a while
Diffstat (limited to 'src/test/java/com/juick/server')
-rw-r--r-- | src/test/java/com/juick/server/tests/ServerTests.java | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java index 32e9929e0..770c7e7c3 100644 --- a/src/test/java/com/juick/server/tests/ServerTests.java +++ b/src/test/java/com/juick/server/tests/ServerTests.java @@ -2043,4 +2043,13 @@ public class ServerTests { Pair<Integer, Integer> replyId = messagesService.findMessageByProperty("tg_id", "hrhr").orElseThrow(); assertThat(replyId.getRight(), is(rid)); } + @Test + public void forbiddenForAnonymousEndpoints() throws Exception { + mockMvc.perform(post("/api/comment")).andExpect(status().isUnauthorized()); + mockMvc.perform(post("/api/like")).andExpect(status().isUnauthorized()); + mockMvc.perform(post("/api/subscribe")).andExpect(status().isUnauthorized()); + mockMvc.perform(post("/api/react")).andExpect(status().isUnauthorized()); + mockMvc.perform(get("/api/notifications")).andExpect(status().isUnauthorized()); + mockMvc.perform(delete("/api/notifications")).andExpect(status().isUnauthorized()); + } } |