Stefan Kendall
Reputation: 67832
Integration testing grails spring security plugin?
I have this:
@Secured(['ROLE_USER', 'ROLE_HELPDESK', 'ROLE_ADMIN'])
class MyController {
def edit = {
}
@Secured(['ROLE_ADMIN'])
def uploadForUser = {
params.userId = params.id
forward(controller: 'someController', action: 'someAction', params: params)
}
}
and an integration test I think should fail:
public void test_uploadForUser_unauthenticated(){
myController.params.id = "testUser"
myController.uploadForUser()
}
And yet the tests pass. Is there any way to test controllers annotated with the spring security plugin?
Upvotes: 4
Views: 2120
Answers (1)
Artur Nowak
Reputation: 5354
These annotations are analyzed by SpringSecurityFilter, so they don't work if you don't have an actual HTTP request performed.
Thus, you need either to switch to checking the roles by conditionals inside the actions, like being done here, or test it with WebDriver/Geb or some simpler framework -- very nice approach is presented in Grails Security Plugin itself.
Upvotes: 9
Related Questions
- Grails Spring Security Login Controller Testing
- Grails 2.4.4 coverage springSecurityService
- Spring security grails plugin
- Spring Security Core Plugin with grails
- Applying Spring Security to a plugin
- In Grails, how do I test @Secured annotations in automated tests?
- Grails Spring Security Testing
- Grails Security Plugin
- UI Integration sample required of Spring Security Plugin of Grails
- Testing Grails Spring Integration