Java Spring@WithMockUser和request.IsUserInRole()
我正在使用:Java Spring@WithMockUser和request.IsUserInRole(),java,spring,spring-mvc,mockito,Java,Spring,Spring Mvc,Mockito,我正在使用: request.IsUserInRole("ADMIN") 在我的一个控制器中,确定对请求的响应。我试图在测试中模拟该请求,如: @Mock private HttpServletRequest httpRequest; 要使用Springs注释@和MockUser: @Test @WithMockUser(roles={"USER, ADMIN"}) public void getAccountsTest() throws Exception {...} 两个都不起作用 问
request.IsUserInRole("ADMIN")
在我的一个控制器中,确定对请求的响应。我试图在测试中模拟该请求,如:
@Mock
private HttpServletRequest httpRequest;
要使用Springs注释@和MockUser
:
@Test
@WithMockUser(roles={"USER, ADMIN"})
public void getAccountsTest() throws Exception {...}
两个都不起作用
问题1:如何在JUnit测试中模拟request.IsUserInRole(“ADMIN”)
问题2:WithMockUser对请求和请求有什么影响
谢谢并致以最良好的问候
----编辑----
“不起作用”表示我有一个测试方法:
@Test
@WithMockUser(username = "user", roles={"USER"})
public void getAccountsReturnForbiddenTest() throws Exception {
mockMvc.perform(get("/accounts/"))
.andExpect(status().isForbidden());
}
应返回403,由于控制器原因不允许:
@RequestMapping(method=RequestMethod.GET)
@PreAuthorize("hasRole('ADMIN')")
public ResponseEntity<PagedResources<AccountResource>> getAccounts(...){...}
使用AbstractControllerTest:
@WebAppConfiguration
public abstract class AbstractControllerTest extends AbstractTest {
protected MockMvc mockMvc;
@Autowired
protected WebApplicationContext wac;
protected void setup() {
mockMvc = MockMvcBuilders.webAppContextSetup(wac).build();
}
protected void setup(BaseController controller) {
mockMvc = MockMvcBuilders.standaloneSetup(controller))
.build();
}
}
@WebAppConfiguration
public abstract class AbstractControllerTest extends AbstractTest {
protected MockMvc mockMvc;
@Autowired
protected WebApplicationContext wac;
@Autowired
FilterChainProxy springSecurityFilterChain;
protected void setup() {
mockMvc = MockMvcBuilders
.webAppContextSetup(wac)
.addFilters(springSecurityFilterChain)
.build();
}
protected void setup(BaseController controller) {
mockMvc = MockMvcBuilders.standaloneSetup(controller))
.build();
}
}
和测试:
@RunWith(SpringJUnit4ClassRunner.class)
@SpringBootTest
public abstract class AbstractTest {
protected Logger LOG = LoggerFactory.getLogger(this.getClass());
}
----解决方案----
MockMvc
standaloneSetup
不知道web应用程序上下文,因此不知道安全过滤器链。必须使用web应用程序上下文和安全过滤器链设置MockMvc
,才能测试安全方面
这是我现在正在工作的解决方案,我编辑了AbstractControllerTest:
@WebAppConfiguration
public abstract class AbstractControllerTest extends AbstractTest {
protected MockMvc mockMvc;
@Autowired
protected WebApplicationContext wac;
protected void setup() {
mockMvc = MockMvcBuilders.webAppContextSetup(wac).build();
}
protected void setup(BaseController controller) {
mockMvc = MockMvcBuilders.standaloneSetup(controller))
.build();
}
}
@WebAppConfiguration
public abstract class AbstractControllerTest extends AbstractTest {
protected MockMvc mockMvc;
@Autowired
protected WebApplicationContext wac;
@Autowired
FilterChainProxy springSecurityFilterChain;
protected void setup() {
mockMvc = MockMvcBuilders
.webAppContextSetup(wac)
.addFilters(springSecurityFilterChain)
.build();
}
protected void setup(BaseController controller) {
mockMvc = MockMvcBuilders.standaloneSetup(controller))
.build();
}
}
在创建
MockMvc
protected MockMvc mockMvc;
@Autowired
protected WebApplicationContext wac;
@Autowired
protected Filter springSecurityFilterChain;
protected void setup() {
mockMvc = MockMvcBuilders
.webAppContextSetup(wac)
.addFilters(springSecurityFilterChain)
.build();
}
“未工作”的意思是…对不起,“未工作”的意思是我正在一个没有管理员角色的安全方法上运行get请求,返回状态不是预期的403(未授权),而是200(正常)。请说明您如何设置
mockMvc
。我有一个类似的案例,这对我来说很有效。谢谢您的回答!关于MockMvc独立安装的更多背景信息,我在最初的帖子中添加了解决方案。