package com.juick.api.tests; import com.juick.Message; import com.juick.Tag; import com.juick.User; import com.juick.api.configuration.ApiAppConfiguration; import com.juick.api.configuration.ApiMvcConfiguration; import com.juick.api.configuration.ApiSecurityConfig; import com.juick.configuration.DataConfiguration; import com.juick.service.MessagesService; import com.juick.service.UserService; import org.apache.commons.lang3.RandomStringUtils; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.Mockito; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Primary; import org.springframework.http.MediaType; import org.springframework.security.crypto.codec.Base64; import org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import org.springframework.test.context.web.WebAppConfiguration; import org.springframework.test.web.servlet.MockMvc; import org.springframework.test.web.servlet.setup.MockMvcBuilders; import org.springframework.web.context.WebApplicationContext; import javax.inject.Inject; import javax.servlet.http.Cookie; import java.util.*; import static org.hamcrest.Matchers.hasSize; import static org.hamcrest.Matchers.is; import static org.mockito.Mockito.when; import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.options; import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*; /** * Created by vitalyster on 25.11.2016. */ @RunWith(SpringJUnit4ClassRunner.class) @ContextConfiguration @WebAppConfiguration public class MessagesTests { @Configuration @Import(value = {ApiMvcConfiguration.class, ApiAppConfiguration.class, ApiSecurityConfig.class, DataConfiguration.class}) static class Config { @Bean @Primary MessagesService messagesService() { return Mockito.mock(MessagesService.class); } @Bean @Primary UserService userService() { return Mockito.mock(UserService.class); } } private MockMvc mockMvc; @Inject private WebApplicationContext webApplicationContext; @Inject private MessagesService messagesService; @Inject private UserService userService; private static Message getMessage(final User user, final String messageText) { Message msg = new Message(); msg.setMid(1); msg.setUser(user); msg.setText(messageText == null ? RandomStringUtils.randomAlphanumeric(24) : messageText); msg.setTags(Collections.singletonList(new Tag(RandomStringUtils.randomAlphabetic(4)))); return msg; } private static User getUser(final int uid, final String name, final String password) { User user = new User(); user.setName(name); user.setUid(uid); user.setCredentials(password); user.setBanned(false); return user; } @Before public void setUp() { mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext) .apply(SecurityMockMvcConfigurers.springSecurity()) .dispatchOptions(true) .build(); } @Test public void testAllUnAuthorized() throws Exception { when(userService.getUserByName(null)) .thenReturn(new User()); mockMvc.perform(get("/")) .andExpect(status().is4xxClientError()); mockMvc.perform(get("/home")) .andExpect(status().is4xxClientError()); mockMvc.perform(get("/messages/recommended")) .andExpect(status().is4xxClientError()); mockMvc.perform(get("/messages/set_privacy")) .andExpect(status().is4xxClientError()); } @Test public void homeTestWithMessages() throws Exception { String ugnichName = "ugnich"; String uginchPassword = "MyPassw0rd!"; String msgText = "Привет, я - Угнич"; User user = getUser(1, ugnichName, uginchPassword); Message msg = getMessage(user, msgText); when(userService.getUserByName(ugnichName)) .thenReturn(user); when(userService.getFullyUserByName(ugnichName)) .thenReturn(user); when(messagesService.getMyFeed(1, 0)) .thenReturn(Collections.singletonList(1)); when(messagesService.getMessages(Collections.singletonList(1))) .thenReturn(Collections.singletonList(msg)); mockMvc.perform( get("/home") .with(httpBasic(ugnichName, uginchPassword))) .andExpect(status().isOk()) .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8)) .andExpect(jsonPath("$", hasSize(1))) .andExpect(jsonPath("$[0].mid", is(1))) .andExpect(jsonPath("$[0].body", is(msgText))); } @Test public void homeTestWithMessagesAndRememberMe() throws Exception { String ugnichName = "ugnich"; String uginchPassword = "MyPassw0rd!"; String msgText = "Привет, я - Угнич"; String hash = "12345678"; User user = getUser(1, ugnichName, uginchPassword); Message msg = getMessage(user, msgText); when(userService.getUserByName(ugnichName)) .thenReturn(user); when(userService.getUserByUID(1)) .thenReturn(Optional.of(user)); when(userService.getFullyUserByName(ugnichName)) .thenReturn(user); when(messagesService.getMyFeed(1, 0)) .thenReturn(Collections.singletonList(1)); when(messagesService.getMessages(Collections.singletonList(1))) .thenReturn(Collections.singletonList(msg)); when(userService.getUIDbyHash(hash)) .thenReturn(1); Cookie cookie = new Cookie("hash", new String(Base64.encode(hash.getBytes()))); cookie.setDomain("juick.com"); cookie.setMaxAge(100); mockMvc.perform( get("/home").cookie(cookie)) .andExpect(status().isOk()); } @Test public void homeTestWithMEssagesAndSimpleCors() throws Exception { String ugnichName = "ugnich"; String uginchPassword = "MyPassw0rd!"; User user = getUser(1, ugnichName, uginchPassword); Message msg = getMessage(user, null); when(userService.getFullyUserByName(ugnichName)) .thenReturn(user); when(userService.getUserByName(ugnichName)) .thenReturn(user); when(messagesService.getMyFeed(1, 0)) .thenReturn(Collections.singletonList(1)); when(messagesService.getMessages(Collections.singletonList(1))) .thenReturn(Collections.singletonList(msg)); mockMvc.perform( get("/home") .with(httpBasic(ugnichName, uginchPassword)) .header("Origin", "http://api.example.net")) .andExpect(status().isOk()) .andExpect(header().string("Access-Control-Allow-Origin", "*")); } @Test public void homeTestWithPreflightCors() throws Exception { String ugnichName = "ugnich"; String uginchPassword = "MyPassw0rd!"; User user = getUser(1, ugnichName, uginchPassword); when(userService.getFullyUserByName(ugnichName)) .thenReturn(user); mockMvc.perform( options("/home") .with(httpBasic(ugnichName, uginchPassword)) .header("Origin", "http://api.example.net") .header("Access-Control-Request-Method", "POST") .header("Access-Control-Request-Headers", "X-PINGOTHER, Content-Type")) .andExpect(status().isOk()) .andExpect(header().string("Access-Control-Allow-Origin", "*")) .andExpect(header().string("Access-Control-Allow-Methods", "POST,GET,PUT,OPTIONS,DELETE")) .andExpect(header().string("Access-Control-Allow-Headers", "X-PINGOTHER, Content-Type")); } @Test public void anonymousApis() throws Exception { String ugnichName = "ugnich"; String uginchPassword = "MyPassw0rd!"; String freefdName = "freefd"; String freefdPassword = "MyPassw0rd!"; User ugnich = getUser(1, ugnichName, uginchPassword); User freefd = getUser(2, freefdName, freefdPassword); List users = new ArrayList<>(2); users.add(ugnichName); users.add(freefdName); when(userService.getUsersByName(users)) .thenReturn(Arrays.asList(ugnich, freefd)); mockMvc.perform(get("/messages")) .andExpect(status().isOk()); mockMvc.perform(get("/users") .param("uname", "ugnich") .param("uname", "freefd")) .andExpect(status().isOk()) .andExpect(content().contentType(MediaType.APPLICATION_JSON_UTF8)) .andExpect(jsonPath("$", hasSize(2))); } }