3 回答

TA貢獻1789條經驗 獲得超8個贊
用注釋你的測試類
@RunWith(SpringRunner.class)
@ContextConfiguration
你的方法應該是這樣的
@Test(expected = AccessDeniedException.class)
@WithAnonymousUser
@Test
public void findByIdWithoutAccessRightTest() {
Study study = studyService.findById(STUDY_ID);
}
如果不至少加載安全上下文,您將無法測試安全性。
你可能想看看這個例子:
public ApplicationUser getApplicationUser() {
ApplicationUser applicationUser = (ApplicationUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
return applicationUser;
}
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import static org.mockito.Mockito.when;
import static org.mockito.Mockito.mock;
import org.mockito.MockitoAnnotations;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import com.arpit.security.user.ApplicationUser;
public class BaseTest {
@Before
public void setupMock() {
MockitoAnnotations.initMocks(this);
}
@Test
public void mockApplicationUser() {
ApplicationUser applicationUser = mock(ApplicationUser.class);
Authentication authentication = mock(Authentication.class);
SecurityContext securityContext = mock(SecurityContext.class);
when(securityContext.getAuthentication()).thenReturn(authentication);
SecurityContextHolder.setContext(securityContext);
when(SecurityContextHolder.getContext().getAuthentication().getPrincipal()).thenReturn(applicationUser);
}
}
取自:https ://www.javacodegeeks.com/2017/05/mocking-spring-security-context-unit-testing.html
而且我想您的服務方法故意有語法錯誤?(缺少括號和錯誤的引號?)

TA貢獻1806條經驗 獲得超5個贊
這就是我讓它工作的方式:
@RunWith(SpringRunner.class)
@SpringBootTest
@EnableGlobalMethodSecurity(prePostEnabled = true)
@ActiveProfiles("test")
public class StudySecurityTest {
@Autowired
private StudyService service;
@MockBean
private StudyRepository repository;
@Test
@WithAnonymousUser
public void testAsAnonymous() {
...
}
@Test
@WithMockKeycloakUser(id = LOGGED_USER_ID, username = LOGGED_USER_USERNAME, authorities = { "ROLE_USER" })
public void testAsUser() {
...
}
}
如果你有興趣@WithMockKeycloakUser,問我。

TA貢獻1803條經驗 獲得超6個贊
如果要測試 Spring Security 注釋,則需要使用SpringRunner
它將創建 Spring Context 并將 Spring Security 代碼注入代理類。
如何測試 Spring Security 你可以在這里找到。
添加回答
舉報