问题描述

我需要向API发送get请求，但是尽管已经放置管理员注释获取错误 @WithMockUser（roles =ADMINISTRADOR）。

如何发送请求？


API

I need to send a get request to the API, but despite having placed the administrator annotation get error @WithMockUser(roles="ADMINISTRADOR").
How do I send a request?

API

@RequestMapping(value = "/{id}", method = RequestMethod.GET)
@PostAuthorize("returnObject.instancia == principal.instancia.instancia")
public Validacao retrieve(@PathVariable("id") String id) {
    return validacaoService.retrieve(id);
}

测试

@Test
@WithMockUser(roles = "ADMINISTRADOR")
public void testCRetrieve() throws Exception {
        this.mockMvc
                .perform(get("/api/validacao/" + id).with(user("[email protected]")))
                .andExpect(status().isOk())
                .andReturn();
}

日志

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.springframework.security.authentication.AuthenticationCredentialsNotFoundException: An Authentication object was not found in the SecurityContext

测试类

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(classes = {ValidacaoAPITest.TestConfiguration.class, WithSecurityConfig.class})
@WebAppConfiguration
public class ValidacaoAPITest {
    @EnableWebMvc
    @Configuration
    public static class TestConfiguration {
        Fongo fongo = new Fongo("new server 1");
        DB db = fongo.getDB("oknok");

        @Bean
        ValidacaoAPI getValidacaoAPI() {
            return new ValidacaoAPI();
        }

        @Bean
        ActiveUser getActiveUser() {
            ActiveUser mock = Mockito.mock(ActiveUser.class);

            when(mock.getUser()).thenReturn(new User().setEmail("[email protected]"));
            when(mock.getInstancia()).thenReturn(new Instancia().setInstancia("instancia"));
            return mock;
        }

        @Bean
        ValidacaoService getValidacaoService() {
            return new ValidacaoService();
        }

        @Bean
        MatchService getMatchService() {
            return new MatchService();
        }

        @Bean
        PlanilhaReader getPlanilhaReader() {
            return new PlanilhaReader();
        }


        @Bean
        AtributoReader getAtributoReader() {
            return new AtributoReader();
        }

        @Bean
        AtributoDAO getAtributoDAO() {
            return new AtributoDAO();
        }

        @Bean
        UploadService getUploadService() {
            return new UploadService();
        }


        @Bean
        ValidacaoResultadoDAO getValidacaoResultadoDAO() {
            return new ValidacaoResultadoDAO(db);
        }


        @Bean
        Mapper getMapper() {
            return new Mapper(db);
        }

        @Bean
        UploadDAO getUploadDAO() {
            return new UploadDAO(db);
        }

        @Bean
        MatchDAO getMatchDAO() {
            return new MatchDAO(db);
        }

        @Bean
        ValidacaoDAO getValidacaoDAO() {
            return new ValidacaoDAO(db);
        }

        @Bean
        UploadOriginalsDAO getUploadOriginalsDAO() {
            return new UploadOriginalsDAO(db);
        }

        @Bean
        AtributoValidator getAtributoValidator() {
            return new AtributoValidator();
        }

    }

    @Autowired
    MatchService matchService;

    @Autowired
    private WebApplicationContext context;

    private MockMvc mockMvc;

    private static String id;

    @Before
    public void setup() {
        mockMvc = MockMvcBuilders.webAppContextSetup(context).build();
    }

    @Test
    public void testACreateValidation() throws Exception {
        MvcResult result = this.mockMvc
                .perform(post("/api/validacao"))
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.id", notNullValue()))
                .andReturn();
        this.id = ((BasicDBObject) JSON.parse(result.getResponse().getContentAsString())).getString("id");
    }

    @Test
    public void testBRetrieveAll() throws Exception {
        MvcResult result = this.mockMvc
                .perform(get("/api/validacao"))
                .andExpect(status().isOk())
                .andExpect(jsonPath("$.[0].id", notNullValue()))
                .andReturn();

        BasicDBList list = (BasicDBList) JSON.parse(result.getResponse().getContentAsString());
        this.id = (String) ((BasicDBObject) JSON.parse(list.get(0).toString())).get("id");
    }

    //FIXME
    @Test
    @WithMockUser(roles = "ADMINISTRADOR")
    public void testCRetrieve() throws Exception {
            this.mockMvc
                    .perform(get("/api/validacao/" + id).with(user("[email protected]")))
                    .andExpect(status().isOk())
                    .andReturn();
    }

}

推荐答案

在Spring安全性指出，为了能够测试Spring安全功能，您需要在MockMvc对象中集成安全过滤器链，如@Before安装方法中的示例所示。

In the Spring security Reference, section 10.1 states that in order to be able to test the spring security features, you need to integrate the security filter chain in your MockMvc object, as shown in this example in the @Before setup method.

import static org.springframework.security.test.web.servlet.setup.SecurityMockMvcConfigurers.*;

@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration
@WebAppConfiguration
public class CsrfShowcaseTests {

    @Autowired
    private WebApplicationContext context;
    private MockMvc mvc;

    @Before
    public void setup() {
        mvc = MockMvcBuilders
            .webAppContextSetup(context)
            .apply(springSecurity())
            .build();
    }

...

}

这篇关于使用spring security进行集成测试的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！