Added ControllerTest and RestDoc Tests #3583

mercedes-benz · Feb 4, 2025 · 9c32b97 · 9c32b97
1 parent 1226a27
commit 9c32b97
Show file tree

Hide file tree

Showing 8 changed files with 32 additions and 26 deletions.
diff --git a/...c/main/java/com/mercedesbenz/sechub/domain/administration/AdministrationAPIConstants.java b/...c/main/java/com/mercedesbenz/sechub/domain/administration/AdministrationAPIConstants.java
@@ -80,7 +80,7 @@ private AdministrationAPIConstants() {
     /**
      * API anonymous user verifies his new email address.
      */
-    public static final String API_ANONYMOUS_USER_VERIFY_EMAIL_BUILD = API_ANONYMOUS + "email/verify/";
+    public static final String API_ANONYMOUS_USER_VERIFY_EMAIL_BUILD = API_ANONYMOUS + "email/verify";
 
     /* +-----------------------------------------------------------------------+ */
     /* +............................ Users (Admin) ............................+ */

diff --git a/.../java/com/mercedesbenz/sechub/domain/administration/user/AnonymousUserRestController.java b/.../java/com/mercedesbenz/sechub/domain/administration/user/AnonymousUserRestController.java
@@ -1,6 +1,5 @@
 package com.mercedesbenz.sechub.domain.administration.user;
 
-import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RestController;
@@ -10,7 +9,6 @@
 import com.mercedesbenz.sechub.sharedkernel.usecases.admin.user.UseCaseAnonymousUserVerifiesEmailAddress;
 
 @RestController
-@EnableAutoConfiguration
 public class AnonymousUserRestController {
 
     private final UserEmailAddressUpdateService emailAddressUpdateService;

diff --git a/...a/com/mercedesbenz/sechub/domain/administration/user/AnonymousUserRestControllerTest.java b/...a/com/mercedesbenz/sechub/domain/administration/user/AnonymousUserRestControllerTest.java
@@ -1,28 +1,33 @@
 package com.mercedesbenz.sechub.domain.administration.user;
 
-import static com.mercedesbenz.sechub.test.RestDocPathParameter.EMAIL_ADDRESS;
+import static com.mercedesbenz.sechub.test.RestDocPathParameter.ONE_TIME_TOKEN;
 import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.https;
-import static org.mockito.Mockito.*;
-import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.doNothing;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 
-import org.junit.jupiter.api.Test;
+import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest;
 import org.springframework.boot.test.mock.mockito.MockBean;
+import org.springframework.context.annotation.Import;
+import org.springframework.security.test.context.support.WithAnonymousUser;
 import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
 import org.springframework.test.web.servlet.MockMvc;
 
+import com.mercedesbenz.sechub.domain.administration.TestAdministrationSecurityConfiguration;
 import com.mercedesbenz.sechub.sharedkernel.Profiles;
 import com.mercedesbenz.sechub.test.TestPortProvider;
 
 @RunWith(SpringRunner.class)
 @WebMvcTest
 @ContextConfiguration(classes = { AnonymousUserRestController.class })
 @ActiveProfiles({ Profiles.TEST })
+@Import(TestAdministrationSecurityConfiguration.class)
 public class AnonymousUserRestControllerTest {
 
     private static final int PORT_USED = TestPortProvider.DEFAULT_INSTANCE.getWebMVCTestHTTPSPort();
@@ -33,15 +38,16 @@ public class AnonymousUserRestControllerTest {
     private UserEmailAddressUpdateService userEmailAddressUpdateService;
 
     @Test
-    void verifyEmailAddress() throws Exception {
+    @WithAnonymousUser
+    public void anonymous_user_verifies_new_mail_address_with_one_time_token() throws Exception {
         /* prepare */
-        String token = "token1";
-        doNothing().when(userEmailAddressUpdateService).userVerifiesUserEmailAddress(EMAIL_ADDRESS.pathElement());
+        String apiEndpoint = https(PORT_USED).buildAnonymousUserVerifiesMailAddress(ONE_TIME_TOKEN.pathElement());
+        doNothing().when(userEmailAddressUpdateService).userVerifiesUserEmailAddress(anyString());
 
         /* @formatter:off */
         /* execute + test */
         this.mockMvc.perform(
-                get(https(PORT_USED).buildUnauthenticatedUserVerifyEmailAddressUrl(token)))
+                        get(apiEndpoint,"token1"))
                 .andExpect(status().isOk());
     }
 

diff --git a/.../test/java/com/mercedesbenz/sechub/domain/administration/user/UserRestControllerTest.java b/.../test/java/com/mercedesbenz/sechub/domain/administration/user/UserRestControllerTest.java
@@ -1,9 +1,11 @@
 // SPDX-License-Identifier: MIT
 package com.mercedesbenz.sechub.domain.administration.user;
 
+import static com.mercedesbenz.sechub.test.RestDocPathParameter.EMAIL_ADDRESS;
 import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.https;
 import static org.hamcrest.CoreMatchers.equalTo;
 import static org.mockito.Mockito.*;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -82,13 +84,14 @@ public void fetchUserDetailInformation__is_not_accessible_by_unauthenticated_use
     public void updateUserEmailAddress__is_accessible_by_authenticated_user() throws Exception {
         /* prepare */
         String newEmailAddress = "[email protected]";
-        String apiEndpoint = https(PORT_USED).buildUserUpdatesEmailUrl(newEmailAddress);
+        String apiEndpoint = https(PORT_USED).buildUserRequestUpdatesEmailUrl(EMAIL_ADDRESS.pathElement());
         doNothing().when(emailAddressUpdateService).userRequestUpdateMailAddress(newEmailAddress);
 
         /* execute + test */
         /* @formatter:off */
         this.mockMvc.perform(
-                        post(apiEndpoint))
+                        post(apiEndpoint, newEmailAddress)
+                                .with(csrf()))
                 .andExpect(status().isOk());
         /* @formatter:on */
 
@@ -98,13 +101,14 @@ public void updateUserEmailAddress__is_accessible_by_authenticated_user() throws
     @Test
     public void updateUserEmailAddress__is_not_accessible_by_unauthenticated_user() throws Exception {
         /* prepare */
-        String newEmailAddress = "test-user[email protected]";
-        String apiEndpoint = https(PORT_USED).buildUserUpdatesEmailUrl(newEmailAddress);
+        String newEmailAddress = "testuser[email protected]";
+        String apiEndpoint = https(PORT_USED).buildUserRequestUpdatesEmailUrl(EMAIL_ADDRESS.pathElement());
 
         /* execute + test */
         /* @formatter:off */
         this.mockMvc.perform(
-                        post(apiEndpoint))
+                        post(apiEndpoint, newEmailAddress)
+                                .with(csrf()))
                 .andExpect(status().isUnauthorized());
         /* @formatter:on */
     }

diff --git a/...c/test/java/com/mercedesbenz/sechub/restdoc/AnonymousSignupRestControllerRestDocTest.java b/...c/test/java/com/mercedesbenz/sechub/restdoc/AnonymousSignupRestControllerRestDocTest.java
@@ -17,7 +17,6 @@
 import org.springframework.boot.test.mock.mockito.MockBean;
 import org.springframework.context.annotation.Import;
 import org.springframework.http.MediaType;
-import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringRunner;
@@ -42,7 +41,6 @@
 @ContextConfiguration(classes = { AnonymousSignupRestController.class, SignupJsonInputValidator.class, UserIdValidationImpl.class,
         ApiVersionValidationFactory.class, EmailValidationImpl.class })
 @Import(TestRestDocSecurityConfiguration.class)
-@WithMockUser
 @ActiveProfiles(Profiles.TEST)
 @AutoConfigureRestDocs(uriScheme = "https", uriHost = ExampleConstants.URI_SECHUB_SERVER, uriPort = 443)
 public class AnonymousSignupRestControllerRestDocTest implements TestIsNecessaryForDocumentation {

diff --git a/...doc/src/test/java/com/mercedesbenz/sechub/restdoc/AnonymousUserControllerRestDocTest.java b/...doc/src/test/java/com/mercedesbenz/sechub/restdoc/AnonymousUserControllerRestDocTest.java
@@ -1,10 +1,10 @@
 package com.mercedesbenz.sechub.restdoc;
 
-import static com.mercedesbenz.sechub.restdoc.RestDocumentationTest.defineRestService;
+import static com.mercedesbenz.sechub.restdoc.RestDocumentationTest.*;
 import static com.mercedesbenz.sechub.test.RestDocPathParameter.ONE_TIME_TOKEN;
-import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.https;
-import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.get;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static com.mercedesbenz.sechub.test.SecHubTestURLBuilder.*;
+import static org.springframework.restdocs.mockmvc.RestDocumentationRequestBuilders.*;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
 
 import java.lang.annotation.Annotation;
 
@@ -49,7 +49,7 @@ public class AnonymousUserControllerRestDocTest implements TestIsNecessaryForDoc
     @UseCaseRestDoc(useCase = UseCaseAnonymousUserVerifiesEmailAddress.class)
     public void restDoc__anonymousUserVerifiesEmailAddress() throws Exception {
         /* prepare */
-        String apiEndpoint = https(PORT_USED).buildUnauthenticatedUserVerifyEmailAddressUrl(ONE_TIME_TOKEN.pathElement());
+        String apiEndpoint = https(PORT_USED).buildAnonymousUserVerifiesMailAddress(ONE_TIME_TOKEN.pathElement());
         Class<? extends Annotation> useCase = UseCaseAnonymousUserVerifiesEmailAddress.class;
 
         /* @formatter:off */

diff --git a/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/UserRestControllerRestDocTest.java b/sechub-doc/src/test/java/com/mercedesbenz/sechub/restdoc/UserRestControllerRestDocTest.java
@@ -80,7 +80,7 @@ public void restDoc__userFetchesUserDetailInformation() throws Exception {
     public void restDoc__userUpdatesEmailAddress() throws Exception {
         /* prepare */
         String newMailAddress = "[email protected]";
-        String apiEndpoint = https(PORT_USED).buildUserUpdatesEmailUrl(EMAIL_ADDRESS.pathElement());
+        String apiEndpoint = https(PORT_USED).buildUserRequestUpdatesEmailUrl(EMAIL_ADDRESS.pathElement());
 
         Class<? extends Annotation> useCase = UseCaseUserUpdatesEmailAddress.class;
 

diff --git a/sechub-testframework/src/main/java/com/mercedesbenz/sechub/test/SecHubTestURLBuilder.java b/sechub-testframework/src/main/java/com/mercedesbenz/sechub/test/SecHubTestURLBuilder.java
@@ -122,7 +122,7 @@ public String buildUserCancelJob(String jobUUID) {
         return buildUrl(API_MANAGEMENT, "jobs/", jobUUID, "/cancel");
     }
 
-    public String buildUnauthenticatedUserVerifyEmailAddressUrl(String token) {
+    public String buildAnonymousUserVerifiesMailAddress(String token) {
         return buildUrl(API_ANONYMOUS, "email/verify/", token);
     }
 
@@ -531,7 +531,7 @@ public String buildFetchUserDetailInformationUrl() {
         return buildUrl(API_MANAGEMENT + "/user");
     }
 
-    public String buildUserUpdatesEmailUrl(String emailAddress) {
+    public String buildUserRequestUpdatesEmailUrl(String emailAddress) {
         return buildUrl(API_MANAGEMENT, "user/email", emailAddress);
     }