How to simulate a logged-in user in an application with Demoiselle 2.4.2?

Asked

Viewed 304 times

6

I have an app Demoiselle 2.4.2 already in operation that needs to use the SecurityContext to obtain the User currently logged in and make some decisions. The time now is to write the unit tests using Junit 4 for this application (were not made in the genesis of the application, but we want to do now). At this time arises the problem of there being no process of logon which anticipates the execution of test cases.

By which technique it is possible to simulate the process of logon, so that when instances of SecurityContext are injected along the controllers of the application (nay in test cases), these respond with the user I need?

Update 1

To make the situation easier to understand, follow code of the class that implements the unit test:

@RunWith(DemoiselleRunner.class)
public class CaixaOperacaoTests {

    @Inject
    static private Credentials credentials;

    @Inject
    private CaixaOperacaoBC caixaOperacao;

    @Before
    public void setUp() throws Exception {
        credentials.setUsername("meususario");
        credentials.setPassword("minhasenha");
    }

    @Test
    public void shouldAbrirCaixaComUsuarioLogado() {
        // Arrange
        BigDecimal valorAbertura = new BigDecimal(10.50);

        // Act
        CaixaSessao sessao = caixaOperacao.abrirCaixa(valorAbertura, null);

        // Assert
        assertThat(sessao, notNullValue());
    }
}

The problem occurs even before the unit test starts, during the injection of caixaOperacao, because this instance depends on the existing credential in an auxiliary class that we have called SecurityServices, which is injected into CaixaOperacaoBC.

Follows the code of `Securityservices:

@ApplicationScoped
public class SecurityServices {
    @Inject
    SecurityContext securityContext;
    @Inject
    PessoaBC pessoaBC;

    public Long idPessoaFisicaDoUsuarioLogado(){
        Long idPessoa = (Long) securityContext.getUser().getAttribute(UsuarioSession.Fields.PESSOA_ID);
        return idPessoa;
    }

    public Pessoa pessoaFisicaDoUsuarioLogado(){
        Long idPessoa = idPessoaFisicaDoUsuarioLogado();
        return pessoaBC.load(idPessoa);
    }

    SecurityContext getContext() {
        return securityContext;
    }
}

Note that in the method idPessoaFisicaDoUsuarioLogado() there is the use of securityContext, which has value. However, the method getUser() returns null where all my problems come from.

Of course, the definition of credential cannot occur in the unit test class, it has to occur before, but where?

  • Hello, have you seen doc? http://demoiselle.sourceforge.net/docs/framework/reference/2.5.0-RC1/html/security.html#d0e2765

1 answer

0

Demoiselle has a very effective authentication and authorization scheme. I advise you to check the doc, as you use version 2.4.2, the link is as follows:

Desmoiselle - Security

Attention the injection of the following class:

    @Inject
    private Credentials credentials; 

In it you can put the user logged in and access from anywhere in the system only with the injection of this class.

Here at the company we use the Demoiselle Authentication and Authorization strategy, but we create our own Credentials class with section scope.

But check the manual, there you will find everything, and any doubt comments there!

  • I updated the question to provide more data. I believe the tip is correct, but I still lack some detail to definitively solve the problem.

  • And then boy, did you solve the problem?

  • Sorry for the delay in responding. I was able to resolve, but not using the suggested mechanism. I interfered with the active credential otherwise because our classes implement an auxiliary security service.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.