feat: add integration tests for backend security

hotungkhanh · Oct 7, 2024 · e7cc231 · e7cc231
1 parent cdf3679
commit e7cc231
Show file tree

Hide file tree

Showing 2 changed files with 80 additions and 1 deletion.
diff --git a/backend/src/main/resources/application.properties b/backend/src/main/resources/application.properties
@@ -3,7 +3,7 @@ quarkus.http.port=${PORT:8080}
 # The solver runs only for 5 seconds to avoid a HTTP timeout in this simple implementation.
 # It's recommended to run for at least 5 minutes ("5m") otherwise.
 
-quarkus.timefold.solver.termination.spent-limit=60s
+quarkus.timefold.solver.termination.spent-limit=30s
 
 quarkus.http.cors=true
 quarkus.http.cors.origins=*

diff --git a/backend/src/test/java/org/acme/security/jpa/JpaSecurityRealmTest.java b/backend/src/test/java/org/acme/security/jpa/JpaSecurityRealmTest.java
@@ -0,0 +1,79 @@
+package org.acme.security.jpa;
+
+import io.quarkus.test.junit.QuarkusTest;
+import jakarta.inject.Inject;
+import org.apache.http.HttpStatus;
+import org.eclipse.microprofile.config.Config;
+import org.junit.jupiter.api.Test;
+
+import static io.restassured.RestAssured.get;
+import static io.restassured.RestAssured.given;
+import static org.hamcrest.core.Is.is;
+
+@QuarkusTest
+public class JpaSecurityRealmTest {
+    @Inject
+    Config config;
+
+    @Test
+    void shouldNotAccessLoginWhenAnonymous() {
+        get("/login")
+                .then()
+                .statusCode(HttpStatus.SC_UNAUTHORIZED);
+    }
+
+    @Test
+    void shouldNotAccessRoomsWhenAnonymous() {
+        get("/rooms")
+                .then()
+                .statusCode(HttpStatus.SC_UNAUTHORIZED);
+    }
+
+    @Test
+    void shouldNotAccessUnitsWhenAnonymous() {
+        get("/units")
+                .then()
+                .statusCode(HttpStatus.SC_UNAUTHORIZED);
+    }
+
+    @Test
+    void shouldAccessLoginWhenUserAuthenticated() {
+        String username = config.getValue("frontend.username", String.class);
+        String password = config.getValue("frontend.password", String.class);
+
+        given()
+                .auth().preemptive().basic(username, password)
+                .when()
+                .get("/login")
+                .then()
+                .statusCode(HttpStatus.SC_OK)
+                .body(is(username));
+    }
+
+    @Test
+    void shouldAccessRoomsWhenUserAuthenticated() {
+        String username = config.getValue("frontend.username", String.class);
+        String password = config.getValue("frontend.password", String.class);
+
+        given()
+                .auth().preemptive().basic(username, password)
+                .when()
+                .get("/rooms")
+                .then()
+                .statusCode(HttpStatus.SC_OK);
+    }
+
+    @Test
+    void shouldAccessUnitsWhenUserAuthenticated() {
+        String username = config.getValue("frontend.username", String.class);
+        String password = config.getValue("frontend.password", String.class);
+
+        given()
+                .auth().preemptive().basic(username, password)
+                .when()
+                .get("/units")
+                .then()
+                .statusCode(HttpStatus.SC_OK);
+    }
+
+}