aboutsummaryrefslogtreecommitdiff
path: root/src/test/java/com/juick/server/tests
diff options
context:
space:
mode:
Diffstat (limited to 'src/test/java/com/juick/server/tests')
-rw-r--r--src/test/java/com/juick/server/tests/ServerTests.java9
1 files changed, 9 insertions, 0 deletions
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index 32e9929e..770c7e7c 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -2043,4 +2043,13 @@ public class ServerTests {
Pair<Integer, Integer> replyId = messagesService.findMessageByProperty("tg_id", "hrhr").orElseThrow();
assertThat(replyId.getRight(), is(rid));
}
+ @Test
+ public void forbiddenForAnonymousEndpoints() throws Exception {
+ mockMvc.perform(post("/api/comment")).andExpect(status().isUnauthorized());
+ mockMvc.perform(post("/api/like")).andExpect(status().isUnauthorized());
+ mockMvc.perform(post("/api/subscribe")).andExpect(status().isUnauthorized());
+ mockMvc.perform(post("/api/react")).andExpect(status().isUnauthorized());
+ mockMvc.perform(get("/api/notifications")).andExpect(status().isUnauthorized());
+ mockMvc.perform(delete("/api/notifications")).andExpect(status().isUnauthorized());
+ }
}