@Test public void shouldRejectUserThatHasNotRequiredRole() throws ServletException, IOException { // given final LdapProperties ldapProperties = mockLdapPropertiesWithRequiredRole("roleX"); final LdapRoleAuthenticationFilter filter = new LdapRoleAuthenticationFilter(ldapProperties); final HttpServletRequest request = mockRequestWithAvailableRoles("roleA", "roleB"); final HttpServletResponse response = mockResponse(); final FilterChain filterChain = mockFilterChain(); // when filter.doFilterInternal(request, response, filterChain); // then verifyZeroInteractions(filterChain); verify(response).setStatus(HttpServletResponse.SC_UNAUTHORIZED); }
@Test public void shouldInvokeFilterLogicWhenRequestIsForSecuredPath() throws ServletException { // given final LdapProperties ldapProperties = mockLdapPropertiesWithProtecedAndWhiteListedPath("/internal", "/internal/public"); final LdapRoleAuthenticationFilter filter = new LdapRoleAuthenticationFilter(ldapProperties); final HttpServletRequest request = mockRequestWithPath("/internal"); // when final boolean shouldInvokeFilterLogic = !filter.shouldNotFilter(request); // then assertTrue(shouldInvokeFilterLogic); }
@Test public void shouldNotInvokeFilterLogicWhenRequestIsForWhitelistedPath() throws ServletException { // given final LdapProperties ldapProperties = mockLdapPropertiesWithProtecedAndWhiteListedPath("/internal", "/internal/public"); final LdapRoleAuthenticationFilter filter = new LdapRoleAuthenticationFilter(ldapProperties); final HttpServletRequest request = mockRequestWithPath("/internal/public"); // when final boolean shouldInvokeFilterLogic = !filter.shouldNotFilter(request); // then assertFalse(shouldInvokeFilterLogic); }
@Test public void shouldContinueFilterChainWhenUserHasRequiredRole() throws ServletException, IOException { // given final LdapProperties ldapProperties = mockLdapPropertiesWithRequiredRole("roleB"); final LdapRoleAuthenticationFilter filter = new LdapRoleAuthenticationFilter(ldapProperties); final HttpServletRequest request = mockRequestWithAvailableRoles("roleA", "roleB", "roleC"); final HttpServletResponse response = mockResponse(); final FilterChain filterChain = mockFilterChain(); // when filter.doFilterInternal(request, response, filterChain); // then verify(filterChain).doFilter(request, response); verifyZeroInteractions(response); }