This version is still in development and is not considered stable yet. For the latest stable version, please use Spring Security 6.4.2! |
Testing Method Security
For example, we can test our example from EnableReactiveMethodSecurity by using the same setup and annotations that we used in Testing Method Security. The following minimal sample shows what we can do:
-
Java
-
Kotlin
@ExtendWith(SpringExtension.class)
@ContextConfiguration(classes = HelloWebfluxMethodApplication.class)
public class HelloWorldMessageServiceTests {
@Autowired
HelloWorldMessageService messages;
@Test
public void messagesWhenNotAuthenticatedThenDenied() {
StepVerifier.create(this.messages.findMessage())
.expectError(AccessDeniedException.class)
.verify();
}
@Test
@WithMockUser
public void messagesWhenUserThenDenied() {
StepVerifier.create(this.messages.findMessage())
.expectError(AccessDeniedException.class)
.verify();
}
@Test
@WithMockUser(roles = "ADMIN")
public void messagesWhenAdminThenOk() {
StepVerifier.create(this.messages.findMessage())
.expectNext("Hello World!")
.verifyComplete();
}
}
@ExtendWith(SpringExtension.class)
@ContextConfiguration(classes = [HelloWebfluxMethodApplication::class])
class HelloWorldMessageServiceTests {
@Autowired
lateinit var messages: HelloWorldMessageService
@Test
fun messagesWhenNotAuthenticatedThenDenied() {
StepVerifier.create(messages.findMessage())
.expectError(AccessDeniedException::class.java)
.verify()
}
@Test
@WithMockUser
fun messagesWhenUserThenDenied() {
StepVerifier.create(messages.findMessage())
.expectError(AccessDeniedException::class.java)
.verify()
}
@Test
@WithMockUser(roles = ["ADMIN"])
fun messagesWhenAdminThenOk() {
StepVerifier.create(messages.findMessage())
.expectNext("Hello World!")
.verifyComplete()
}
}