test: tests on operation customizer for roles

InseeFr · Dec 5, 2023 · 44a12f0 · 44a12f0
1 parent 1e7cf2f
commit 44a12f0
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 1 deletion.
diff --git a/src/main/java/fr/insee/queen/api/configuration/swagger/role/DisplayRolesOnSwaggerUI.java b/src/main/java/fr/insee/queen/api/configuration/swagger/role/DisplayRolesOnSwaggerUI.java
@@ -8,6 +8,7 @@
 
 @Component
 public class DisplayRolesOnSwaggerUI implements OperationCustomizer {
+    public static final String AUTHORIZED_ROLES = "Authorized roles: ";
 
     /**
      * Display roles allowed to use an endpoint in the description field
@@ -27,7 +28,7 @@ public Operation customize(Operation operation, HandlerMethod handlerMethod) {
                     .append(operation.getDescription())
                     .append("\n");
         }
-        description.append("Authorized roles: ");
+        description.append(AUTHORIZED_ROLES);
         String roles = preAuthorizeAnnotation.value();
         for(RoleUIMapper roleUIMapper : RoleUIMapper.values()) {
             if(roles.contains(roleUIMapper.getRoleExpression())) {

diff --git a/src/test/java/fr/insee/queen/api/configuration/springdoc/DisplayRolesOnSwaggerUITest.java b/src/test/java/fr/insee/queen/api/configuration/springdoc/DisplayRolesOnSwaggerUITest.java
@@ -0,0 +1,74 @@
+package fr.insee.queen.api.configuration.springdoc;
+
+import fr.insee.queen.api.configuration.swagger.role.DisplayRolesOnSwaggerUI;
+import fr.insee.queen.api.configuration.swagger.role.RoleUIMapper;
+import io.swagger.v3.oas.models.Operation;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.DisplayName;
+import org.junit.jupiter.api.Test;
+import org.springframework.web.method.HandlerMethod;
+
+import java.lang.reflect.Method;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class DisplayRolesOnSwaggerUITest {
+
+    private DummyController controller;
+    private Operation operation;
+    private DisplayRolesOnSwaggerUI operationCustomizer;
+    @BeforeEach
+    void init() {
+        controller = new DummyController();
+        operation = new Operation();
+        operationCustomizer = new DisplayRolesOnSwaggerUI();
+    }
+
+    @Test
+    @DisplayName("on generate operation, when preauthorize annotation is not set do nothing")
+    void testOperation01() throws NoSuchMethodException {
+        Method method = controller.getClass().getMethod("testMethodNoPreauthorize");
+        HandlerMethod handlerMethod = new HandlerMethod(controller, method);
+        Operation resultOperation = operationCustomizer.customize(operation, handlerMethod);
+
+        assertThat(resultOperation)
+                .isEqualTo(operation);
+    }
+
+    @Test
+    @DisplayName("on generate operation, when preauthorize annotation is set return roles in operation description")
+    void testOperation02() throws NoSuchMethodException {
+        Method method = controller.getClass().getMethod("testMethodHasAnyRole");
+        HandlerMethod handlerMethod = new HandlerMethod(controller, method);
+        Operation resultOperation = operationCustomizer.customize(operation, handlerMethod);
+
+        assertThat(resultOperation.getDescription())
+                .isEqualTo(DisplayRolesOnSwaggerUI.AUTHORIZED_ROLES + RoleUIMapper.AUTHENTICATED + " / ");
+
+    }
+
+    @Test
+    @DisplayName("on generate operation, when description is set return it before roles")
+    void testOperation03() throws NoSuchMethodException {
+        String description = "description";
+        operation.setDescription(description);
+        Method method = controller.getClass().getMethod("testMethodHasAnyRole");
+        HandlerMethod handlerMethod = new HandlerMethod(controller, method);
+        Operation resultOperation = operationCustomizer.customize(operation, handlerMethod);
+
+        assertThat(resultOperation.getDescription())
+                .startsWith(description +"\n");
+    }
+
+    @Test
+    @DisplayName("on generate operation, when preauthorize annotation with multiples roles is set return roles in operation description")
+    void testOperation04() throws NoSuchMethodException {
+        Method method = controller.getClass().getMethod("testMethodAdminOrInterviewer");
+        HandlerMethod handlerMethod = new HandlerMethod(controller, method);
+        Operation resultOperation = operationCustomizer.customize(operation, handlerMethod);
+
+        assertThat(resultOperation.getDescription())
+                .isEqualTo(DisplayRolesOnSwaggerUI.AUTHORIZED_ROLES + RoleUIMapper.ADMIN + " / " + RoleUIMapper.INTERVIEWER + " / ");
+
+    }
+}
diff --git a/src/test/java/fr/insee/queen/api/configuration/springdoc/DummyController.java b/src/test/java/fr/insee/queen/api/configuration/springdoc/DummyController.java
@@ -0,0 +1,15 @@
+package fr.insee.queen.api.configuration.springdoc;
+
+import fr.insee.queen.api.configuration.auth.AuthorityRole;
+import org.springframework.security.access.prepost.PreAuthorize;
+
+public class DummyController {
+
+    @PreAuthorize(AuthorityRole.HAS_ANY_ROLE)
+    public void testMethodHasAnyRole() {}
+
+    @PreAuthorize(AuthorityRole.HAS_ADMIN_PRIVILEGES + "||" + AuthorityRole.HAS_ROLE_INTERVIEWER)
+    public void testMethodAdminOrInterviewer() {}
+
+    public void testMethodNoPreauthorize() {}
+}