Entrar Ainda não tem acesso?
1
resposta

erro ao fazer teste de controller

Referente ao curso Spring Boot e Teste: Profiles, Testes e Deploy

por kaique silva grangeiro
| 163.7k xp | 72 posts

eu tentei criar um teste da controller porém mes tentando com anotações tipo @withmockuser, sempre recebo 403, já não sei mais como vou testar isso: teste

    @Test
    void delete() throws Exception {
        var url = RECIPE_BASE_URL + "1";
        when(recipeService.findByFilter(any())).thenReturn(getRecipeListPageTestTemplate());


        PerformRequest.delete(mockMvc, url)
                .andExpect(status().isNoContent())
                .andReturn();
    }

configs do teste:

@AutoConfigureMockMvc
@WebAppConfiguration
@RequiredArgsConstructor
@SpringBootTest(classes = RecipeController.class)
@ContextConfiguration(classes = {
        Message.class,
        ApiExceptionHandler.class,
        ModelMapper.class,
        RecipeMapper.class})
class RecipeControllerTest {

websecurity:

@Configuration
@EnableWebSecurity
@AllArgsConstructor
@ConditionalOnWebApplication
@Profile("prod")
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private final UserDetailsService userDetailsService;

    private final TokenService tokenService;

    private final UserMapper mapper;

    private final UserDbRepository userDbRepository;


    @Override
    @Bean
    protected AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }

    //Authorization
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService)
                .passwordEncoder(new BCryptPasswordEncoder());
    }

    //Authorization
    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()
                .antMatchers(HttpMethod.GET, PUBLIC_MATCHERS_GET).permitAll()
                .antMatchers(HttpMethod.POST, PUBLIC_MATCHERS_POST).permitAll()

                .antMatchers(HttpMethod.POST, ADMIN_MATCHERS_POST).hasAnyRole("ADMIN", "TECH")
                .antMatchers(HttpMethod.PUT, ADMIN_MATCHERS_PUT).hasAnyRole("ADMIN", "TECH")
                .antMatchers(HttpMethod.PATCH, ADMIN_MATCHERS_PATCH).hasAnyRole("ADMIN", "TECH")
                .antMatchers(HttpMethod.DELETE, ADMIN_MATCHERS_DELETE).hasAnyRole("ADMIN", "TECH")


                .antMatchers(HttpMethod.PUT, "/cht/order-services").hasAnyRole(ROLES)
                .antMatchers(HttpMethod.GET, ANY_ROLE_GET_MATCHER).hasAnyRole(ROLES)
                .antMatchers(HttpMethod.POST, ANY_ROLE_POST_MATCHER).hasAnyRole(ROLES)
                .antMatchers(HttpMethod.DELETE, ANY_ROLE_DELETE_MATCHER).hasAnyRole(ROLES)


//                .antMatchers(HttpMethod.POST, "/cht/users/**").permitAll()
//                .antMatchers(HttpMethod.GET, "/cht/users/**").permitAll()
                .anyRequest().authenticated()
                .and().cors()
                .and().csrf().disable()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and().addFilterBefore(new AuthViaTokenFilter(tokenService, userDbRepository, mapper), UsernamePasswordAuthenticationFilter.class);
    }


}

a classe de security pro profile dev, tem tudo liberado

1 resposta
por Rodrigo da Silva Ferreira Caneppele
| 4863.8k xp | 8467 posts
Instrutor Instrutor

Oi!

Vou fechar o tópico, pois esse curso foi desabilitado e tem uma nova versão. Qualquer coisa você pode abrir um novo tópico no novo curso.

Bons estudos!