1
|
package cz.zcu.kiv.backendapi.user;
|
2
|
|
3
|
import cz.zcu.kiv.backendapi.exception.ApiRequestException;
|
4
|
import cz.zcu.kiv.backendapi.user.password.PasswordDto;
|
5
|
import cz.zcu.kiv.backendapi.user.permission.PermissionDto;
|
6
|
import org.junit.jupiter.api.BeforeEach;
|
7
|
import org.junit.jupiter.api.Test;
|
8
|
import org.junit.jupiter.api.extension.ExtendWith;
|
9
|
import org.mockito.ArgumentCaptor;
|
10
|
import org.mockito.Mock;
|
11
|
import org.mockito.junit.jupiter.MockitoExtension;
|
12
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
13
|
import org.springframework.security.core.Authentication;
|
14
|
import org.springframework.security.core.context.SecurityContext;
|
15
|
import org.springframework.security.core.context.SecurityContextHolder;
|
16
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
17
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
18
|
|
19
|
import java.util.Collections;
|
20
|
import java.util.List;
|
21
|
import java.util.Optional;
|
22
|
|
23
|
import static org.assertj.core.api.AssertionsForClassTypes.assertThat;
|
24
|
import static org.assertj.core.api.AssertionsForClassTypes.assertThatThrownBy;
|
25
|
import static org.junit.jupiter.api.Assertions.assertTrue;
|
26
|
import static org.mockito.BDDMockito.given;
|
27
|
import static org.mockito.Mockito.*;
|
28
|
|
29
|
@ExtendWith(MockitoExtension.class)
|
30
|
class UserServiceImplTest {
|
31
|
|
32
|
@Mock
|
33
|
private UserRepository userRepository;
|
34
|
|
35
|
@Mock
|
36
|
private BCryptPasswordEncoder bCryptPasswordEncoder;
|
37
|
|
38
|
private UserServiceImpl underTest;
|
39
|
|
40
|
@BeforeEach
|
41
|
void setUp() {
|
42
|
underTest = new UserServiceImpl(userRepository, bCryptPasswordEncoder);
|
43
|
}
|
44
|
|
45
|
@Test
|
46
|
void testCanLoadUserByUsername() {
|
47
|
// given
|
48
|
String email = "test@test.com";
|
49
|
UserEntity userEntity = new UserEntity("John Doe", email, "password", (byte) 1, false);
|
50
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
51
|
|
52
|
// when
|
53
|
UserEntity user = (UserEntity) underTest.loadUserByUsername(email);
|
54
|
|
55
|
// then
|
56
|
verify(userRepository).findByEmail(email);
|
57
|
assertThat(user).isEqualTo(userEntity);
|
58
|
}
|
59
|
|
60
|
@Test
|
61
|
void testCanNotLoadUserByUsername() {
|
62
|
String email = "test@test.com";
|
63
|
|
64
|
// when
|
65
|
// then
|
66
|
assertThatThrownBy(() -> underTest.loadUserByUsername(email))
|
67
|
.isInstanceOf(UsernameNotFoundException.class)
|
68
|
.hasMessageContaining("User with username " + email + " not found");
|
69
|
|
70
|
verify(userRepository).findByEmail(email);
|
71
|
}
|
72
|
|
73
|
@Test
|
74
|
void testCanGetUserByName() {
|
75
|
// given
|
76
|
String email = "test@test.com";
|
77
|
UserEntity userEntity = new UserEntity("John Doe", email, "password", (byte) 1, false);
|
78
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
79
|
|
80
|
// when
|
81
|
UserEntity user = underTest.getUserByName(email);
|
82
|
|
83
|
// then
|
84
|
verify(userRepository).findByEmail(email);
|
85
|
assertThat(user).isEqualTo(userEntity);
|
86
|
}
|
87
|
|
88
|
@Test
|
89
|
void testCanNotGetUserByName() {
|
90
|
String email = "test@test.com";
|
91
|
|
92
|
// when
|
93
|
// then
|
94
|
assertThatThrownBy(() -> underTest.getUserByName(email))
|
95
|
.isInstanceOf(UsernameNotFoundException.class)
|
96
|
.hasMessageContaining("User with username " + email + " not found");
|
97
|
|
98
|
verify(userRepository).findByEmail(email);
|
99
|
}
|
100
|
|
101
|
@Test
|
102
|
void canRegisterNewUser() {
|
103
|
// given
|
104
|
String email = "test@test.com";
|
105
|
String password = "password";
|
106
|
UserDto userDto = new UserDto("John Doe", email, new PermissionDto(), new PasswordDto(password, password));
|
107
|
UserEntity userEntity = new UserEntity(userDto.getName(), userDto.getEmail(), bCryptPasswordEncoder.encode(password), (byte) 0, false);
|
108
|
// when
|
109
|
underTest.registerNewUser(userDto);
|
110
|
|
111
|
// then
|
112
|
ArgumentCaptor<UserEntity> argumentCaptor = ArgumentCaptor.forClass(UserEntity.class);
|
113
|
|
114
|
verify(userRepository).save(argumentCaptor.capture());
|
115
|
|
116
|
UserEntity capturedUser = argumentCaptor.getValue();
|
117
|
|
118
|
assertThat(capturedUser).isEqualTo(userEntity);
|
119
|
}
|
120
|
|
121
|
@Test
|
122
|
void canNotRegisterNewUser() {
|
123
|
// given
|
124
|
String email = "test@test.com";
|
125
|
String password = "password";
|
126
|
UserDto userDto = new UserDto("John Doe", email, new PermissionDto(), new PasswordDto(password, password));
|
127
|
|
128
|
|
129
|
given(userRepository.findByEmail(anyString())).willReturn(Optional.of(new UserEntity()));
|
130
|
|
131
|
// when
|
132
|
// then
|
133
|
assertThatThrownBy(() -> underTest.registerNewUser(userDto))
|
134
|
.isInstanceOf(ApiRequestException.class)
|
135
|
.hasMessageContaining("User with username " + email + " already exists");
|
136
|
|
137
|
verify(userRepository, never()).save(any());
|
138
|
}
|
139
|
|
140
|
@Test
|
141
|
void testCanUpdatePermissions() {
|
142
|
// given
|
143
|
String email = "test@test.com";
|
144
|
String password = "password";
|
145
|
UserEntity userEntity = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(password), (byte) 0, false);
|
146
|
UserEntity userEntityWithChangedPermissions = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(password), (byte) 7, false);
|
147
|
PermissionDto permissionDto = new PermissionDto(true, true, true);
|
148
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
149
|
|
150
|
// when
|
151
|
underTest.updatePermissions(email, permissionDto);
|
152
|
|
153
|
// then
|
154
|
ArgumentCaptor<UserEntity> argumentCaptor = ArgumentCaptor.forClass(UserEntity.class);
|
155
|
|
156
|
verify(userRepository).save(argumentCaptor.capture());
|
157
|
|
158
|
UserEntity capturedUser = argumentCaptor.getValue();
|
159
|
|
160
|
assertThat(capturedUser).isEqualTo(userEntityWithChangedPermissions);
|
161
|
}
|
162
|
|
163
|
@Test
|
164
|
void testCanNotUpdatePermissions() {
|
165
|
// given
|
166
|
String email = "test@test.com";
|
167
|
PermissionDto permissionDto = new PermissionDto();
|
168
|
given(userRepository.findByEmail(anyString())).willReturn(Optional.empty());
|
169
|
|
170
|
// when
|
171
|
// then
|
172
|
assertThatThrownBy(() -> underTest.updatePermissions(email, permissionDto))
|
173
|
.isInstanceOf(UsernameNotFoundException.class)
|
174
|
.hasMessageContaining("User with username " + email + " not found");
|
175
|
|
176
|
verify(userRepository, never()).save(any());
|
177
|
}
|
178
|
|
179
|
@Test
|
180
|
void testCanNotUpdatePermissionsAdmin() {
|
181
|
// given
|
182
|
String email = "test@test.com";
|
183
|
UserEntity userEntity = new UserEntity("John Doe", email, "", (byte) 0, true);
|
184
|
PermissionDto permissionDto = new PermissionDto();
|
185
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
186
|
|
187
|
// when
|
188
|
assertThatThrownBy(() -> underTest.updatePermissions(email, permissionDto))
|
189
|
.isInstanceOf(ApiRequestException.class)
|
190
|
.hasMessageContaining("Permissions for user with ADMIN rights can not be changed");
|
191
|
|
192
|
// then
|
193
|
verify(userRepository, never()).delete(any());
|
194
|
}
|
195
|
|
196
|
@Test
|
197
|
void testCanResetPassword() {
|
198
|
// given
|
199
|
String email = "test@test.com";
|
200
|
String password = "password";
|
201
|
String newPassword = "password123";
|
202
|
UserEntity userEntity = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(password), (byte) 0, false);
|
203
|
UserEntity userEntityWithChangedPassword = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(newPassword), (byte) 0, false);
|
204
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
205
|
|
206
|
// when
|
207
|
underTest.resetPassword(email, newPassword);
|
208
|
|
209
|
// then
|
210
|
ArgumentCaptor<UserEntity> argumentCaptor = ArgumentCaptor.forClass(UserEntity.class);
|
211
|
|
212
|
verify(userRepository).save(argumentCaptor.capture());
|
213
|
|
214
|
UserEntity capturedUser = argumentCaptor.getValue();
|
215
|
|
216
|
assertThat(capturedUser).isEqualTo(userEntityWithChangedPassword);
|
217
|
}
|
218
|
|
219
|
@Test
|
220
|
void testCanNotResetPassword() {
|
221
|
// given
|
222
|
String email = "test@test.com";
|
223
|
String newPassword = "password123";
|
224
|
given(userRepository.findByEmail(anyString())).willReturn(Optional.empty());
|
225
|
|
226
|
// when
|
227
|
// then
|
228
|
assertThatThrownBy(() -> underTest.resetPassword(email, newPassword))
|
229
|
.isInstanceOf(UsernameNotFoundException.class)
|
230
|
.hasMessageContaining("User with username " + email + " not found");
|
231
|
|
232
|
verify(userRepository, never()).save(any());
|
233
|
}
|
234
|
|
235
|
@Test
|
236
|
void testCanNotResetSuperAdminPassword() {
|
237
|
// given
|
238
|
String email = "admin@admin.com";
|
239
|
String newPassword = "password123";
|
240
|
|
241
|
// when
|
242
|
// then
|
243
|
assertThatThrownBy(() -> underTest.resetPassword(email, newPassword))
|
244
|
.isInstanceOf(ApiRequestException.class)
|
245
|
.hasMessageContaining("Password for SUPER ADMIN can not be changed");
|
246
|
|
247
|
verify(userRepository, never()).save(any());
|
248
|
verify(userRepository, never()).findByEmail(any());
|
249
|
}
|
250
|
|
251
|
@Test
|
252
|
void testCanDeleteUser() {
|
253
|
// given
|
254
|
String email = "test@test.com";
|
255
|
UserEntity userEntity = new UserEntity("John Doe", email, "", (byte) 0, false);
|
256
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
257
|
|
258
|
// when
|
259
|
underTest.deleteUser(email);
|
260
|
|
261
|
// then
|
262
|
verify(userRepository).delete(userEntity);
|
263
|
}
|
264
|
|
265
|
@Test
|
266
|
void testCanNotDeleteUser() {
|
267
|
// given
|
268
|
String email = "test@test.com";
|
269
|
given(userRepository.findByEmail(email)).willReturn(Optional.empty());
|
270
|
|
271
|
// when
|
272
|
assertThatThrownBy(() -> underTest.deleteUser(email))
|
273
|
.isInstanceOf(UsernameNotFoundException.class)
|
274
|
.hasMessageContaining("User with username " + email + " not found");
|
275
|
|
276
|
// then
|
277
|
verify(userRepository, never()).delete(any());
|
278
|
}
|
279
|
|
280
|
@Test
|
281
|
void testCanNotDeleteUserAdmin() {
|
282
|
// given
|
283
|
String email = "test@test.com";
|
284
|
UserEntity userEntity = new UserEntity("John Doe", email, "", (byte) 0, true);
|
285
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
286
|
|
287
|
// when
|
288
|
assertThatThrownBy(() -> underTest.deleteUser(email))
|
289
|
.isInstanceOf(ApiRequestException.class)
|
290
|
.hasMessageContaining("User with ADMIN rights can not be deleted");
|
291
|
|
292
|
// then
|
293
|
verify(userRepository, never()).delete(any());
|
294
|
}
|
295
|
|
296
|
@Test
|
297
|
void getAllUsers() {
|
298
|
// given
|
299
|
UserEntity userEntity1 = new UserEntity("first", "first@test.com", "password", (byte) 0, false);
|
300
|
UserEntity userEntity2 = new UserEntity("second", "second@test.com", "password2", (byte) 1, false);
|
301
|
UserEntity userEntity3 = new UserEntity("third", "third@test.com", "password3", (byte) 7, true);
|
302
|
UserEntity userEntity4 = new UserEntity("SuperAdmin", "admin@admin.com", "password3", (byte) 7, true);
|
303
|
|
304
|
UserDto userDto1 = new UserDto("first", "first@test.com", new PermissionDto(), null);
|
305
|
UserDto userDto2 = new UserDto("second", "second@test.com", new PermissionDto(true, false, false), null);
|
306
|
UserDto userDto3 = new UserDto("third", "third@test.com", new PermissionDto(true, true, true), null);
|
307
|
|
308
|
given(userRepository.findAll()).willReturn(List.of(userEntity1, userEntity2, userEntity3, userEntity4));
|
309
|
|
310
|
// when
|
311
|
List<UserDto> allUsers = underTest.getAllUsers();
|
312
|
|
313
|
// then
|
314
|
assertThat(allUsers.size()).isEqualTo(3);
|
315
|
assertTrue(allUsers.contains(userDto1));
|
316
|
assertTrue(allUsers.contains(userDto2));
|
317
|
assertTrue(allUsers.contains(userDto3));
|
318
|
|
319
|
|
320
|
verify(userRepository).findAll();
|
321
|
}
|
322
|
|
323
|
@Test
|
324
|
void testCanChangePassword() {
|
325
|
// given
|
326
|
String email = "test@test.com";
|
327
|
String oldPassword = "password";
|
328
|
String newPassword = "password123";
|
329
|
given(bCryptPasswordEncoder.encode(oldPassword)).willReturn("encodedOldPassword");
|
330
|
given(bCryptPasswordEncoder.encode(newPassword)).willReturn("encodedNewPassword");
|
331
|
UserEntity userEntity = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(oldPassword), (byte) 0, false);
|
332
|
UserEntity userEntityWithChangedPassword = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(newPassword), (byte) 0, false);
|
333
|
given(bCryptPasswordEncoder.matches(any(), any())).willReturn(true);
|
334
|
SecurityContext securityContext = mock(SecurityContext.class);
|
335
|
Authentication authentication = mock(Authentication.class);
|
336
|
given(securityContext.getAuthentication()).willReturn(authentication);
|
337
|
SecurityContextHolder.setContext(securityContext);
|
338
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(email, null, Collections.emptySet());
|
339
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
340
|
given(SecurityContextHolder.getContext().getAuthentication().getPrincipal()).willReturn(email);
|
341
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
342
|
// when
|
343
|
underTest.changePassword(oldPassword, newPassword);
|
344
|
|
345
|
// then
|
346
|
ArgumentCaptor<UserEntity> argumentCaptor = ArgumentCaptor.forClass(UserEntity.class);
|
347
|
|
348
|
verify(userRepository).save(argumentCaptor.capture());
|
349
|
|
350
|
UserEntity capturedUser = argumentCaptor.getValue();
|
351
|
|
352
|
assertThat(capturedUser).isEqualTo(userEntityWithChangedPassword);
|
353
|
}
|
354
|
|
355
|
@Test
|
356
|
void testCanNotChangePassword() {
|
357
|
// given
|
358
|
String email = "test@test.com";
|
359
|
String oldPassword = "password";
|
360
|
String newPassword = "password123";
|
361
|
UserEntity userEntity = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(oldPassword), (byte) 0, false);
|
362
|
given(bCryptPasswordEncoder.matches(any(), any())).willReturn(false);
|
363
|
SecurityContext securityContext = mock(SecurityContext.class);
|
364
|
Authentication authentication = mock(Authentication.class);
|
365
|
given(securityContext.getAuthentication()).willReturn(authentication);
|
366
|
SecurityContextHolder.setContext(securityContext);
|
367
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(email, null, Collections.emptySet());
|
368
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
369
|
given(SecurityContextHolder.getContext().getAuthentication().getPrincipal()).willReturn(email);
|
370
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
371
|
|
372
|
// when
|
373
|
// then
|
374
|
assertThatThrownBy(() -> underTest.changePassword(oldPassword, newPassword))
|
375
|
.isInstanceOf(ApiRequestException.class)
|
376
|
.hasMessageContaining("Old password does not match");
|
377
|
|
378
|
verify(userRepository, never()).save(any());
|
379
|
}
|
380
|
|
381
|
@Test
|
382
|
void testCanNotChangePasswordSuperAdmin() {
|
383
|
// given
|
384
|
String email = "admin@admin.com";
|
385
|
String oldPassword = "password";
|
386
|
String newPassword = "password123";
|
387
|
UserEntity userEntity = new UserEntity("John Doe", email, bCryptPasswordEncoder.encode(oldPassword), (byte) 7, true);
|
388
|
SecurityContext securityContext = mock(SecurityContext.class);
|
389
|
Authentication authentication = mock(Authentication.class);
|
390
|
given(securityContext.getAuthentication()).willReturn(authentication);
|
391
|
SecurityContextHolder.setContext(securityContext);
|
392
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(email, null, Collections.emptySet());
|
393
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
394
|
given(SecurityContextHolder.getContext().getAuthentication().getPrincipal()).willReturn(email);
|
395
|
given(userRepository.findByEmail(email)).willReturn(Optional.of(userEntity));
|
396
|
|
397
|
// when
|
398
|
// then
|
399
|
assertThatThrownBy(() -> underTest.changePassword(oldPassword, newPassword))
|
400
|
.isInstanceOf(ApiRequestException.class)
|
401
|
.hasMessageContaining("Can not change password for SUPER ADMIN");
|
402
|
|
403
|
verify(userRepository, never()).save(any());
|
404
|
}
|
405
|
}
|