juneau-rest/juneau-rest-server-utest/src/test/java/org/apache/juneau/rest/annotation/RestMethodGuardsTest.java

// ***************************************************************************************************************************
// * Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements.  See the NOTICE file *
// * distributed with this work for additional information regarding copyright ownership.  The ASF licenses this file        *
// * to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance            *
// * with the License.  You may obtain a copy of the License at                                                              *
// *                                                                                                                         *
// *  http://www.apache.org/licenses/LICENSE-2.0                                                                             *
// *                                                                                                                         *
// * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an  *
// * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the License for the        *
// * specific language governing permissions and limitations under the License.                                              *
// ***************************************************************************************************************************
package org.apache.juneau.rest.annotation;

import org.apache.juneau.rest.*;
import org.apache.juneau.rest.mock2.*;
import org.junit.*;
import org.junit.runners.*;

/**
 * Tests that validate the behavior of @RestMethod(guards).
 */
@SuppressWarnings({})
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
public class RestMethodGuardsTest {

	//=================================================================================================================
	// Overlapping guards
	//=================================================================================================================

	@Rest
	public static class A {
		@RestMethod(guards=Test1Guard.class)
		public String a01() {
			return "OK1";
		}
		@RestMethod(guards={Test1Guard.class,Test2Guard.class})
		public String a02() {
			return "OK2";
		}
		public static class Test1Guard extends RestGuard {
			@Override /* RestGuard */
			public boolean isRequestAllowed(RestRequest req) {
				return req.getQuery().getString("t1","").equals("1");
			}
		}
		public static class Test2Guard extends RestGuard {
			@Override /* RestGuard */
			public boolean isRequestAllowed(RestRequest req) {
				return req.getQuery().getString("t2","").equals("2");
			}
		}
	}
	static MockRest a = MockRest.build(A.class, null);

	@Test
	public void a01_overlappingOneGuard() throws Exception {
		a.get("/a01?t1=1").execute().assertBody("OK1");
		a.get("/a01?noTrace=true").execute().assertStatus(403).assertBodyContains("Access denied by guard");
	}

	@Test
	public void a02_overlappingTwoGuards() throws Exception {
		a.get("/a02?noTrace=true").execute().assertStatus(403).assertBodyContains("Access denied by guard");
		a.get("/a02?noTrace=true&t1=1").execute().assertStatus(403).assertBodyContains("Access denied by guard");
		a.get("/a02?noTrace=true&t2=2").execute().assertStatus(403).assertBodyContains("Access denied by guard");
		a.get("/a02?t1=1&t2=2").execute().assertBody("OK2");
	}
}