Deserializer: improved test code coverage for entity associations
This commit is contained in:
Michael Hoennig
@@ -109,6 +109,11 @@ public class JSonAccessFilterTestFixture {
|
||||
|
||||
@AccessFor(init = IGNORED, update = IGNORED, read = ANYBODY)
|
||||
String displayLabel;
|
||||
|
||||
@Override
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
}
|
||||
|
||||
static abstract class GivenService implements IdToDtoResolver<GivenDto> {
|
||||
@@ -134,6 +139,11 @@ public class JSonAccessFilterTestFixture {
|
||||
|
||||
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
|
||||
String restrictedField;
|
||||
|
||||
@Override
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
}
|
||||
|
||||
public static class GivenDtoWithMultipleSelfId implements AccessMappings {
|
||||
@@ -146,6 +156,10 @@ public class JSonAccessFilterTestFixture {
|
||||
@AccessFor(read = Role.ANY_CUSTOMER_USER)
|
||||
Long id2;
|
||||
|
||||
@Override
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
}
|
||||
|
||||
public static class GivenDtoWithUnknownFieldType implements AccessMappings {
|
||||
@@ -157,8 +171,53 @@ public class JSonAccessFilterTestFixture {
|
||||
@AccessFor(init = Role.ANYBODY, read = Role.ANYBODY)
|
||||
Arbitrary unknown;
|
||||
|
||||
@Override
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
}
|
||||
|
||||
public static class Arbitrary {
|
||||
}
|
||||
|
||||
@EntityTypeId("givenParent")
|
||||
public static class GivenParent implements AccessMappings, FluentBuilder<GivenParent> {
|
||||
|
||||
@SelfId(resolver = GivenParentService.class)
|
||||
@AccessFor(read = Role.ANY_CUSTOMER_USER)
|
||||
Long id;
|
||||
|
||||
@Override
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public GivenParent id(final long id) {
|
||||
this.id = id;
|
||||
return this;
|
||||
}
|
||||
}
|
||||
|
||||
public static class GivenChild implements AccessMappings, FluentBuilder<GivenChild> {
|
||||
|
||||
@SelfId(resolver = GivenChildService.class)
|
||||
@AccessFor(read = Role.ANY_CUSTOMER_USER)
|
||||
Long id;
|
||||
|
||||
@AccessFor(init = Role.CONTRACTUAL_CONTACT, update = Role.CONTRACTUAL_CONTACT, read = ACTUAL_CUSTOMER_USER)
|
||||
@ParentId(resolver = GivenParentService.class)
|
||||
GivenParent parent;
|
||||
|
||||
@AccessFor(init = { TECHNICAL_CONTACT, FINANCIAL_CONTACT }, update = { TECHNICAL_CONTACT, FINANCIAL_CONTACT })
|
||||
String restrictedField;
|
||||
|
||||
@Override
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
}
|
||||
|
||||
static abstract class GivenParentService implements IdToDtoResolver<GivenParent> {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -31,6 +31,7 @@ import org.springframework.beans.factory.config.AutowireCapableBeanFactory;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.math.BigDecimal;
|
||||
import java.time.LocalDate;
|
||||
import java.util.Arrays;
|
||||
@@ -71,6 +72,9 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
@Mock
|
||||
private GivenChildService givenChildService;
|
||||
|
||||
@Mock
|
||||
private GivenParentService givenParentService;
|
||||
|
||||
@Mock
|
||||
private GivenCustomerService givenCustomerService;
|
||||
private SecurityContextMock securityContext;
|
||||
@@ -106,6 +110,9 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
new GivenCustomerDto()
|
||||
.with(dto -> dto.id = 888L)));
|
||||
|
||||
given(autowireCapableBeanFactory.createBean(GivenChildService.class)).willReturn(givenChildService);
|
||||
given(autowireCapableBeanFactory.createBean(GivenParentService.class)).willReturn(givenParentService);
|
||||
|
||||
given(jsonParser.getCodec()).willReturn(codec);
|
||||
}
|
||||
|
||||
@@ -346,6 +353,26 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
assertThat(actualDto.parentId).isEqualTo(1234L);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldResolveParentIdFromIdOfSerializedSubEntity() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser()
|
||||
.withRole(GivenParent.class, 1234L, Role.CONTRACTUAL_CONTACT);
|
||||
givenJSonTree(
|
||||
asJSon(
|
||||
ImmutablePair.of(
|
||||
"parent",
|
||||
asJSon(
|
||||
ImmutablePair.of("id", 1234L)))));
|
||||
given(givenParentService.findOne(1234L)).willReturn(Optional.of(new GivenParent().id(1234)));
|
||||
|
||||
// when
|
||||
final GivenChild actualDto = deserializerFor(GivenChild.class).deserialize(jsonParser, null);
|
||||
|
||||
// then
|
||||
assertThat(actualDto.parent.id).isEqualTo(1234L);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldNotUpdateFieldIfRequiredRoleIsNotCoveredByUser() throws IOException {
|
||||
// given
|
||||
@@ -417,6 +444,34 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
});
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldNotDeserializeArrayValue() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
|
||||
givenJSonTree(asJSon(ImmutablePair.of("openStringField", Arrays.asList(1, 2))));
|
||||
|
||||
// when
|
||||
final Throwable exception = catchThrowable(
|
||||
() -> deserializerFor(GivenDto.class).deserialize(jsonParser, null));
|
||||
|
||||
// then
|
||||
assertThat(exception).isInstanceOf(NotImplementedException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldNotDeserializeObjectValue() throws IOException {
|
||||
// given
|
||||
securityContext.havingAuthenticatedUser().withAuthority(AuthoritiesConstants.ADMIN);
|
||||
givenJSonTree("{ \"openStringField\": {\"a\": 1, \"b\": 2 } }");
|
||||
|
||||
// when
|
||||
final Throwable exception = catchThrowable(
|
||||
() -> deserializerFor(GivenDto.class).deserialize(jsonParser, null));
|
||||
|
||||
// then
|
||||
assertThat(exception).isInstanceOf(NotImplementedException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldIgnorePropertyToIgnoreForInit() throws IOException {
|
||||
// given
|
||||
@@ -496,4 +551,28 @@ public class JSonDeserializationWithAccessFilterUnitTest {
|
||||
// no need to overload any method here
|
||||
};
|
||||
}
|
||||
|
||||
public JsonDeserializerWithAccessFilter<GivenChild> deserializerFor(
|
||||
final Class<GivenChild> clazz,
|
||||
final GivenChild... qualifier) {
|
||||
return new JsonDeserializerWithAccessFilter<GivenChild>(ctx, userRoleAssignmentService) {
|
||||
|
||||
@Override
|
||||
protected JSonFieldReader<GivenChild> jsonFieldReader(final TreeNode treeNode, final Field field) {
|
||||
if ("parent".equals(field.getName())) {
|
||||
return (final GivenChild target) -> {
|
||||
final long id = getSubNode(treeNode, "id").asLong();
|
||||
target.parent = givenParentService.findOne(id)
|
||||
.orElseThrow(
|
||||
() -> new BadRequestAlertException(
|
||||
GivenParent.class.getSimpleName() + "#" + id + " not found",
|
||||
String.valueOf(id),
|
||||
"idNotFound"));
|
||||
};
|
||||
}
|
||||
return super.jsonFieldReader(treeNode, field);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -190,6 +190,11 @@ public class JSonSerializationWithAccessFilterUnitTest {
|
||||
|
||||
@AccessFor(read = Role.ANYBODY)
|
||||
Arbitrary fieldWithUnimplementedType = new Arbitrary();
|
||||
|
||||
@Override
|
||||
public Long getId() {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
final GivenDtoWithUnimplementedFieldType givenDtoWithUnimplementedFieldType = new GivenDtoWithUnimplementedFieldType();
|
||||
SecurityContextFake.havingAuthenticatedUser();
|
||||
|
||||
Reference in New Issue
Block a user