First commit

81104415 · Arnaud LABOUREL · 81104415 · 81104415 · 81104415
Commit 81104415 authored 9 months ago by Arnaud LABOUREL
--- a/src/main/java/fr/univ_amu/m1info/service/mockito/SimpleAccessService.java
+++ b/src/main/java/fr/univ_amu/m1info/service/mockito/SimpleAccessService.java
+package fr.univ_amu.m1info.service.mockito;
+
+import fr.univ_amu.m1info.service.*;
+
+import java.util.Optional;
+
+public class SimpleAccessService implements AccessService {
+    private final AuthenticationService authenticationService;
+    private final SecurityPolicyService securityPolicyService;
+    private final StorageService storageService;
+
+    public SimpleAccessService(SecurityPolicyService securityPolicyService,
+                               AuthenticationService authenticationService,
+                               StorageService storageService) {
+        this.securityPolicyService = securityPolicyService;
+        this.authenticationService = authenticationService;
+        this.storageService = storageService;
+    }
+
+    @Override
+    public Response getResource(String login, String pwd, int key) {
+        if(login == null || login.isEmpty() || pwd == null || pwd.isEmpty())
+            return new Response(null, Response.HttpCode.UNAUTHORIZED);
+        Optional<AuthToken> authToken = authenticationService.getAuthToken(login, pwd);
+        if (authToken.isEmpty())
+            return new Response(null, Response.HttpCode.UNAUTHORIZED);
+        if (!securityPolicyService.accessIsGrantedForResource(authToken.get(), key))
+            return new Response(null, Response.HttpCode.FORBIDDEN);
+        Optional<String> resource = storageService.get(key);
+        return resource.map(s -> new Response(s, Response.HttpCode.OK))
+                .orElseGet(() -> new Response(null, Response.HttpCode.NOT_FOUND));
+    }
+}
--- a/src/test/java/fr/univ_amu/m1info/service/guice/GuiceSimpleAccessServiceTest.java
+++ b/src/test/java/fr/univ_amu/m1info/service/guice/GuiceSimpleAccessServiceTest.java
+package fr.univ_amu.m1info.service.guice;
+
+import com.google.inject.Guice;
+import com.google.inject.Injector;
+import fr.univ_amu.m1info.service.AccessService;
+import fr.univ_amu.m1info.service.Response;
+import org.junit.jupiter.api.Test;
+
+import static org.assertj.core.api.Assertions.*;
+
+public class GuiceSimpleAccessServiceTest {
+    @Test
+    public void testAllowedAccess() {
+        Injector injector = Guice.createInjector(new AccessModuleConfiguration());
+        AccessService accessService = injector.getInstance(AccessService.class);
+        assertThat(accessService.getResource("alaboure", "password", 1))
+                .isEqualTo(new Response("resource", Response.HttpCode.OK));
+    }
+}
--- a/src/test/java/fr/univ_amu/m1info/service/mockito/MockitoSimpleAccessServiceTest.java
+++ b/src/test/java/fr/univ_amu/m1info/service/mockito/MockitoSimpleAccessServiceTest.java
+package fr.univ_amu.m1info.service.mockito;
+
+import fr.univ_amu.m1info.service.*;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.junit.jupiter.MockitoExtension;
+import java.util.Optional;
+import static org.assertj.core.api.Assertions.assertThat;
+
+@ExtendWith(MockitoExtension.class)
+public class MockitoSimpleAccessServiceTest {
+    public static final String PASSWORD = "password";
+    @Mock
+    AuthenticationService authentication;
+    @Mock
+    StorageService storage;
+    @Mock
+    SecurityPolicyService policy;
+    static final int KEY = 1;
+    static final String LOGIN = "alaboure";
+    static final String RESOURCE = "resource";
+    AccessService accessService;
+
+    @BeforeEach
+    void setUp() {
+        accessService = new SimpleAccessService(policy, authentication, storage);
+    }
+
+    @Test
+    public void testAllowedAccessToResource() {
+        AuthToken authToken = Mockito.mock(AuthToken.class);
+        Mockito.doReturn(Optional.of(authToken)).when(authentication)
+                .getAuthToken(LOGIN, PASSWORD);
+        Mockito.doReturn(Boolean.TRUE).when(policy)
+                .accessIsGrantedForResource(authToken, KEY);
+        Mockito.doReturn(Optional.of(RESOURCE)).when(storage)
+                .get(KEY);
+        assertThat(accessService.getResource(LOGIN, PASSWORD, KEY))
+                .isEqualTo(new Response(RESOURCE, Response.HttpCode.OK));
+        Mockito.verify(authentication).getAuthToken(LOGIN, PASSWORD);
+        Mockito.verify(policy).accessIsGrantedForResource(authToken, KEY);
+        Mockito.verify(storage).get(KEY);
+    }
+
+    @Test
+    public void testNoCorrectLoginPassword() {
+        assertThat(accessService.getResource(null, PASSWORD, KEY))
+                .isEqualTo(new Response(null, Response.HttpCode.UNAUTHORIZED));
+        assertThat(accessService.getResource("", PASSWORD, KEY))
+                .isEqualTo(new Response(null, Response.HttpCode.UNAUTHORIZED));
+        assertThat(accessService.getResource(LOGIN, "", KEY))
+                .isEqualTo(new Response(null, Response.HttpCode.UNAUTHORIZED));
+        assertThat(accessService.getResource(LOGIN, null, KEY))
+                .isEqualTo(new Response(null, Response.HttpCode.UNAUTHORIZED));
+        Mockito.verify(authentication, Mockito.never()).getAuthToken(Mockito.any(String.class), Mockito.any(String.class));
+        Mockito.verify(policy, Mockito.never()).accessIsGrantedForResource(Mockito.any(AuthToken.class), Mockito.anyInt());
+        Mockito.verify(storage, Mockito.never()).get(Mockito.anyInt());
+    }
+    @Test
+    public void testNoAuthentication() {
+        AuthToken authToken = Mockito.mock(AuthToken.class);
+        Mockito.doReturn(Optional.of(authToken)).when(authentication)
+                .getAuthToken(LOGIN, PASSWORD);
+        Mockito.doReturn(Boolean.FALSE).when(policy)
+                .accessIsGrantedForResource(authToken, KEY);
+        assertThat(accessService.getResource(LOGIN, PASSWORD, KEY))
+                .isEqualTo(new Response(null, Response.HttpCode.FORBIDDEN));
+        Mockito.verify(authentication).getAuthToken(LOGIN, PASSWORD);
+        Mockito.verify(policy).accessIsGrantedForResource(authToken, KEY);
+        Mockito.verify(storage, Mockito.never()).get(Mockito.anyInt());
+    }
+
+    @Test
+    public void testNoData() {
+        AuthToken authToken = Mockito.mock(AuthToken.class);
+        Mockito.doReturn(Optional.of(authToken)).when(authentication)
+                .getAuthToken(LOGIN, PASSWORD);
+        Mockito.doReturn(Boolean.TRUE).when(policy)
+                .accessIsGrantedForResource(authToken, KEY);
+        Mockito.doReturn(Optional.empty()).when(storage)
+                .get(KEY);
+        assertThat(accessService.getResource(LOGIN, PASSWORD, KEY))
+                .isEqualTo(new Response(null, Response.HttpCode.NOT_FOUND));
+        Mockito.verify(authentication).getAuthToken(LOGIN, PASSWORD);
+        Mockito.verify(policy).accessIsGrantedForResource(authToken, KEY);
+        Mockito.verify(storage).get(KEY);
+    }
+
+    @Test
+    public void testNoAccessRightToResource() {
+        Mockito.doReturn(Optional.empty()).when(authentication)
+                .getAuthToken(LOGIN, PASSWORD);
+        assertThat(accessService.getResource(LOGIN, PASSWORD, KEY))
+                .isEqualTo(new Response(null, Response.HttpCode.UNAUTHORIZED));
+        Mockito.verify(authentication).getAuthToken(LOGIN, PASSWORD);
+        Mockito.verify(policy, Mockito.never()).accessIsGrantedForResource(Mockito.any(AuthToken.class), Mockito.anyInt());
+        Mockito.verify(storage, Mockito.never()).get(Mockito.anyInt());
+    }
+
+    @AfterEach
+    public void tearDown() {
+        Mockito.reset(authentication, storage, policy);
+    }
+}