| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- = SecurityMockMvcResultHandlers
- Spring Security provides a few ``ResultHandler``s implementations.
- In order to use Spring Security's ``ResultHandler``s implementations ensure the following static import is used:
- [source,java]
- ----
- import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultHandlers.*;
- ----
- == Exporting the SecurityContext
- Often times we want to query a repository to see if some `MockMvc` request actually persisted in the database.
- In some cases our repository query uses the xref:features/integrations/data.adoc[Spring Data Integration] to filter the results based on current user's username or any other property.
- Let's see an example:
- A repository interface:
- [source,java]
- ----
- private interface MessageRepository extends JpaRepository<Message, Long> {
- @Query("SELECT m.content FROM Message m WHERE m.sentBy = ?#{ principal?.name }")
- List<String> findAllUserMessages();
- }
- ----
- Our test scenario:
- [source,java]
- ----
- mvc
- .perform(post("/message")
- .content("New Message")
- .contentType(MediaType.TEXT_PLAIN)
- )
- .andExpect(status().isOk());
- List<String> userMessages = messageRepository.findAllUserMessages();
- assertThat(userMessages).hasSize(1);
- ----
- This test won't pass because after our request finishes, the `SecurityContextHolder` will be cleared out by the filter chain.
- We can then export the `TestSecurityContextHolder` to our `SecurityContextHolder` and use it as we want:
- [source,java]
- ----
- mvc
- .perform(post("/message")
- .content("New Message")
- .contentType(MediaType.TEXT_PLAIN)
- )
- .andDo(exportTestSecurityContext())
- .andExpect(status().isOk());
- List<String> userMessages = messageRepository.findAllUserMessages();
- assertThat(userMessages).hasSize(1);
- ----
- [NOTE]
- ====
- Remember to clear the `SecurityContextHolder` between your tests, or it may leak amongst them
- ====
|
