Add tests for RoleController

src/test/java/nl/tudelft/labracore/controller/RoleControllerTest.java

+/*
+ * Labracore - A connecting core service for Labrador products
+ * Copyright (C) 2020-  Delft University of Technology
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <https://www.gnu.org/licenses/>.
+ */
+package nl.tudelft.labracore.controller;
+
+import static nl.tudelft.labracore.model.RoleType.*;
+import static nl.tudelft.labracore.test.JsonContentMatcher.jsonContent;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import java.util.List;
+
+import javax.transaction.Transactional;
+
+import nl.tudelft.labracore.dto.create.RoleCreateDTO;
+import nl.tudelft.labracore.dto.id.EditionIdDTO;
+import nl.tudelft.labracore.dto.id.PersonIdDTO;
+import nl.tudelft.labracore.dto.patch.RolePatchDTO;
+import nl.tudelft.labracore.model.Edition;
+import nl.tudelft.labracore.model.Role;
+import nl.tudelft.labracore.repository.EditionRepository;
+import nl.tudelft.labracore.repository.RoleRepository;
+import nl.tudelft.labracore.test.RestControllerTest;
+import nl.tudelft.labracore.test.TestDatabaseLoader;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.MethodSource;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+
+@Transactional
+@SpringBootTest
+@AutoConfigureMockMvc
+public class RoleControllerTest extends RestControllerTest {
+
+	@Autowired
+	private MockMvc mvc;
+
+	@Autowired
+	private TestDatabaseLoader db;
+
+	@Autowired
+	private RoleRepository rr;
+
+	@Autowired
+	private EditionRepository er;
+
+	private Role r;
+	private Edition e;
+
+	@BeforeEach
+	void setup() {
+		r = rr.getOne(db.getPantherRoleCW().getId());
+		e = er.getOne(db.getNewYork().getId());
+	}
+
+	@Test
+	@WithUserDetails("All-access Key")
+	void addRoleValidatesDTO() throws Exception {
+		mvc.perform(postJson("/api/role", new RoleCreateDTO()))
+				.andExpect(status().isUnprocessableEntity());
+	}
+
+	@Test
+	@WithUserDetails("All-access Key")
+	void addRoleReturnsIdOfSavedRole() throws Exception {
+		mvc.perform(postJson("/api/role", RoleCreateDTO.builder()
+				.person(new PersonIdDTO(r.getPerson().getId()))
+				.edition(new EditionIdDTO(e.getId()))
+				.type(TEACHER_RO)
+				.build()))
+				.andExpect(status().isOk())
+				.andExpect(jsonContent(Role.Id.class)
+						.predicate(id -> id != null && id.getEditionId() > 0
+								&& id.getPersonId() > 0 && rr.findById(id).isPresent()))
+				.andDo(print());
+	}
+
+	@Test
+	@WithUserDetails("All-access Key")
+	void patchRolePerformsUpdate() throws Exception {
+		mvc.perform(patchJson("/api/role/" + r.getId().getPersonId() + "/" + r.getId().getEditionId(),
+				RolePatchDTO.builder()
+						.type(TEACHER).build()));
+
+		assertThat(rr.findByIdOrThrow(r.getId()).getType())
+				.isEqualTo(TEACHER);
+	}
+
+	@Test
+	@WithUserDetails("All-access Key")
+	void patchRoleReturnsSameId() throws Exception {
+		mvc.perform(patchJson("/api/role/" + r.getId().getPersonId() + "/" + r.getId().getEditionId(),
+				RolePatchDTO.builder()
+						.type(STUDENT).build()))
+				.andExpect(status().isOk())
+				.andExpect(jsonContent(Role.Id.class).isEqualTo(r.getId()));
+	}
+
+	@WithUserDetails("No-access Key")
+	@MethodSource("protectedEndpoints")
+	@ParameterizedTest
+	void endpointsShouldBeKeyProtected(MockHttpServletRequestBuilder request) throws Exception {
+		mvc.perform(request.with(csrf()))
+				.andExpect(status().isForbidden());
+	}
+
+	private static List<MockHttpServletRequestBuilder> protectedEndpoints() throws JsonProcessingException {
+		return List.of(
+				postJson("/api/role", new RoleCreateDTO()),
+				patchJson("/api/role/1/1", new RolePatchDTO()));
+	}
+}