* ============LICENSE_START=======================================================
* Copyright (C) 2020 Pantheon.tech
* Copyright (C) 2021 Nordix Foundation
+ * Modifications Copyright (C) 2021 Bell Canada.
* ================================================================================
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
import org.onap.cps.api.CpsDataService
import org.onap.cps.api.CpsModuleService
import org.onap.cps.api.CpsQueryService
+import org.onap.cps.rest.controller.RestControllerSpecification
import org.onap.cps.spi.exceptions.AnchorAlreadyDefinedException
import org.onap.cps.spi.exceptions.CpsException
import org.onap.cps.spi.exceptions.DataInUseException
import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest
import org.springframework.test.web.servlet.MockMvc
import spock.lang.Shared
-import spock.lang.Specification
import spock.lang.Unroll
import static org.springframework.http.HttpStatus.BAD_REQUEST
import static org.springframework.http.HttpStatus.CONFLICT
import static org.springframework.http.HttpStatus.INTERNAL_SERVER_ERROR
import static org.springframework.http.HttpStatus.NOT_FOUND
+import static org.springframework.http.HttpStatus.UNAUTHORIZED
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get
@WebMvcTest
-class CpsRestExceptionHandlerSpec extends Specification {
+class CpsRestExceptionHandlerSpec extends RestControllerSpecification {
@SpringBean
CpsAdminService mockCpsAdminService = Mock()
new SchemaSetInUseException(dataspaceName, existingObjectName)]
}
+ def 'Get request without authentication is not authorized'() {
+ when: 'request is sent without authentication'
+ def response =
+ mvc.perform(get("$basePath/v1/dataspaces/dataspace-name/anchors")).andReturn().response
+ then: 'HTTP Unauthorized status code is returned'
+ assert UNAUTHORIZED.value() == response.status
+ }
+
+ def 'Get request with invalid authentication is not authorized'() {
+ when: 'request is sent with invalid authentication'
+ def response =
+ mvc.perform(
+ get("$basePath/v1/dataspaces/dataspace-name/anchors")
+ .header("Authorization", 'Basic invalid auth'))
+ .andReturn().response
+ then: 'HTTP Unauthorized status code is returned'
+ assert UNAUTHORIZED.value() == response.status
+ }
+
/*
* NB. The test uses 'get JSON by id' endpoint and associated service method invocation
* to test the exception handling. The endpoint chosen is not a subject of test.
}
def performTestRequest() {
- return mvc.perform(get("$basePath/v1/dataspaces/dataspace-name/anchors")).andReturn().response
+ return mvc.perform(
+ get("$basePath/v1/dataspaces/dataspace-name/anchors")
+ .header("Authorization", getAuthorizationHeader()))
+ .andReturn().response
}
void assertTestResponse(response, expectedStatus,
Code Review / cps.git / blobdiff