SteffenN
/
Multi-Chess
1
1
Fork 1
Code Issues 2 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30 Commits
13 Branches
0 Tags
1.3 MiB
Tree: 06811f5ced
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '06811f5ced'
${ noResults }
Multi-Chess/fh.fd.ci.server/src/test/java/de/fd/fh/server/access/AccessServiceTest.java

244 lines
8.7 KiB
Raw Normal View History

Add AccessService
3 years ago
  1. package de.fd.fh.server.access;
  3. import com.mongodb.WriteResult;
  4. import de.fd.fh.server.user.UserId;
  5. import de.fd.fh.shared.network.messages.LoginRequest;
  6. import de.fd.fh.shared.network.messages.RegistrateRequest;
  7. import org.junit.jupiter.api.BeforeEach;
  8. import org.junit.jupiter.api.Test;
  9. import org.mockito.ArgumentCaptor;
  10. import spark.HaltException;
  12. import java.time.LocalDateTime;
  13. import java.util.Base64;
  14. import java.util.Observable;
  15. import java.util.Observer;
  17. import static org.hamcrest.MatcherAssert.assertThat;
  18. import static org.hamcrest.Matchers.notNullValue;
  19. import static org.junit.jupiter.api.Assertions.*;
  20. import static org.mockito.ArgumentMatchers.any;
  21. import static org.mockito.BDDMockito.then;
  22. import static org.mockito.Mockito.*;
  24. class AccessServiceTest implements Observer
  25. {
  26. private Object event;
  28. @BeforeEach
  29. void before()
  30. {
  31. this.event = null;
  32. }
  34. @Test
  35. void given_authenticatedUser_when_serverAuthenticateUser_should_authenticateUser()
  36. {
  37. final Access access = new Access(
  38. "testId",
  39. "testName",
  40. "testPwd",
  41. UserId.of("12345"),
  42. new AccessToken(
  43. "testToken",
  44. LocalDateTime.now(),
  45. Role.USER,
  46. UserId.of("12345")
  47. ),
  48. Role.USER);
  50. final AccessRepository repository = mock(AccessRepository.class);
  51. when(repository.findByToken(any()))
  52. .thenReturn(access);
  53. final String path = "/test/path";
  54. final String token = "testToken";
  56. final AccessToken result = new AccessService(repository).before(path, token);
  58. assertThat("User is not authenticated", result, notNullValue());
  59. then(repository).should().findByToken(any());
  60. then(repository).shouldHaveNoMoreInteractions();
  61. }
  63. @Test
  64. void given_notAuthenticatedUser_when_serverAuthenticateUser_should_denyUser()
  65. {
  66. final Access access = new Access(
  67. "testId",
  68. "testName",
  69. "testPwd",
  70. UserId.of("12345"),
  71. null,
  72. Role.USER);
  74. final AccessRepository repository = mock(AccessRepository.class);
  75. when(repository.findByToken(any()))
  76. .thenReturn(access);
  77. final String path = "/test/path";
  78. final String token = "testToken";
  80. assertThrows(HaltException.class, () ->new AccessService(repository).before(path, token));
  82. then(repository).should().findByToken(any());
  83. then(repository).shouldHaveNoMoreInteractions();
  84. }
  86. @Test
  87. void given_newUser_when_createUser_should_storeNewUser()
  88. {
  89. final RegistrateRequest request =
  90. RegistrateRequest.of("testUser", "testPwd");
  92. final AccessRepository repository = mock(AccessRepository.class);
  93. when(repository.findByUserName(any()))
  94. .thenReturn(null);
  95. ArgumentCaptor<Access> accessCaptor = ArgumentCaptor.forClass(Access.class);
  97. final AccessService service = new AccessService(repository);
  98. service.addObserver(this);
  100. final boolean result = service.createPlayer(request);
  102. assertTrue(result);
  103. assertThat("No event thrown", this.event, notNullValue());
  105. verify(repository).save(accessCaptor.capture());
  106. final Access createdAccess = accessCaptor.getValue();
  108. assertNotNull(createdAccess, "No Access created");
  109. assertNotNull(createdAccess.get_id(), "No Id created");
  110. assertNotNull(createdAccess.getUserId(), "No UserId created");
  111. assertEquals("testUser", createdAccess.getName(), "Wrong Username");
  112. assertEquals("testPwd", createdAccess.getPassword(), "Wrong Password");
  113. assertEquals(Role.USER.name(), createdAccess.getRole().name(), "Should be USER");
  114. assertNull(createdAccess.getToken(), "User should not be logged in");
  116. then(repository).should().findByUserName(any());
  117. then(repository).should().save(any(Access.class));
  118. then(repository).shouldHaveNoMoreInteractions();
  119. }
  121. @Test
  122. void given_loggedInUser_when_logout_should_logoutUser()
  123. {
  124. final Access access = new Access(
  125. "testId",
  126. "testName",
  127. "testPwd",
  128. UserId.of("12345"),
  129. null,
  130. Role.USER
  131. );
  132. final AccessToken token = AccessToken.of(access);
  133. access.setToken(token);
  135. final AccessRepository repository = mock(AccessRepository.class);
  136. when(repository.findByToken(any()))
  137. .thenReturn(access);
  138. ArgumentCaptor<Access> accessCaptor = ArgumentCaptor.forClass(Access.class);
  140. final AccessService service = new AccessService(repository);
  142. final boolean result = service.logout("testToken");
  144. assertTrue(result);
  146. verify(repository).save(accessCaptor.capture());
  147. final Access createdAccess = accessCaptor.getValue();
  149. assertNotNull(createdAccess, "No Access created");
  150. assertNotNull(createdAccess.get_id(), "No Id created");
  151. assertNotNull(createdAccess.getUserId(), "No UserId created");
  152. assertEquals("testName", createdAccess.getName(), "Wrong Username");
  153. assertEquals("testPwd", createdAccess.getPassword(), "Wrong Password");
  154. assertEquals(Role.USER.name(), createdAccess.getRole().name(), "Should be USER");
  155. assertNull(createdAccess.getToken(), "User should logged out");
  157. then(repository).should().findByToken(any());
  158. then(repository).should().save(any(Access.class));
  159. then(repository).shouldHaveNoMoreInteractions();
  160. }
  162. @Test
  163. void given_storedUser_when_loginUser_should_returnLoginRequest()
  164. {
  165. final byte[] message = Base64.getEncoder().encode("testName:testPassword".getBytes());
  166. final String header = "Basic " + new String(message);
  167. final Access access = new Access(
  168. "testId",
  169. "testName",
  170. "testPassword",
  171. UserId.of("12345"),
  172. null,
  173. Role.USER
  174. );
  175. final AccessRepository repository = mock(AccessRepository.class);
  176. when(repository.findByUserName(any()))
  177. .thenReturn(access);
  179. final LoginRequest result = new AccessService(repository).authorization(header);
  181. assertNotNull(result);
  182. assertEquals(result.getName(), "testName", "Wrong UserName");
  183. assertEquals(result.getUserId(), "12345", "Wrong Password");
  184. assertNotNull(result.getToken(), "Not logged in");
  185. }
  187. @Test
  188. void given_storedUserWithWrongPassword_when_loginUser_should_returnAccessDeny()
  189. {
  190. final byte[] message = Base64.getEncoder().encode("testName:testPassword".getBytes());
  191. final String header = "Basic " + new String(message);
  192. final AccessRepository repository = mock(AccessRepository.class);
  194. final LoginRequest result = new AccessService(repository).authorization(header);
  196. assertNull(result, "Return LoginRequest but wrong permissions");
  197. }
  199. @Test
  200. void given_storedUser_when_deleteUser_should_deleteUser()
  201. {
  202. final UserId userId = UserId.of("12345");
  203. final AccessToken token = new AccessToken(null, null, null, UserId.of("12345"));
  204. final AccessRepository repository = mock(AccessRepository.class);
  205. when(repository.deleteLoginByUserId(any(UserId.class)))
  206. .thenReturn(new WriteResult(1, false, null));
  208. final AccessService service = new AccessService(repository);
  209. service.addObserver(this);
  211. final boolean result = service.deleteAccount(userId, token);
  213. assertTrue(result);
  214. assertNotNull(event);
  216. then(repository).should().deleteLoginByUserId(any(UserId.class));
  217. then(repository).shouldHaveNoMoreInteractions();
  218. }
  220. @Test
  221. void given_storedUser_when_deleteUserWithWrongPermission_should_doNothing()
  222. {
  223. final UserId userId = UserId.of("12345");
  224. final AccessToken token = new AccessToken(null, null, null, UserId.of("98765"));
  225. final AccessRepository repository = mock(AccessRepository.class);
  226. when(repository.deleteLoginByUserId(any(UserId.class)))
  227. .thenReturn(new WriteResult(1, false, null));
  229. final AccessService service = new AccessService(repository);
  230. service.addObserver(this);
  232. final boolean result = service.deleteAccount(userId, token);
  234. assertFalse(result);
  235. assertNull(event);
  237. then(repository).shouldHaveNoInteractions();
  238. }
  240. @Override
  241. public void update(Observable o, Object arg)
  242. {
  243. this.event = arg;
  244. }
  245. }