If you can't read please download the document
Upload
burt-beckwith
View
3.431
Download
4
Embed Size (px)
Citation preview
Testing the Grails Spring Security Plugins
Testing the Grails Spring Security Plugins
Burt Beckwith, SpringSource@burtbeckwithhttp://burtbeckwith.com/blog/
Unit tests are not an option
Unit Tests
Spring Security is implemented as a filter chainIf you use unit testing, mocks, etc. you only test the mocks
Ok, so what about integration tests?
Integration Tests
Spring Security is implemented as a filter chainIf you use integration testing, mock request, response, etc. you still don't have a real filter chain
But there are uses for integration tests
Integration Tests
Grails integration tests are unit tests + Spring + DB + pluginsSo you can test the configuration
There's no servlet container, but you can test servicesSo ACL testing (both Spring Security and Shiro) is a good fit here
Damn, so I have to use functional tests?
Yes.
Functional tests
Ideal for security testingMake many real requests against a real, properly configured web server
Test authentication, authorization, configuration - everything
Functional tests
Functional test pluginsI use http://grails.org/plugin/functional-test (version 1.2.7)
Geb is a great option - http://www.gebish.org/Webdriver/Selenium
jQuery selector syntax
Spock, JUnit & TestNG
Actively developed, active mailing list
Grails functional-test plugin
Apache Commons HttpClient to make GET/POST requests
HtmlUnit to parse responses
JUnit 3 base class with helper methods
2.0 is in development, but I still use 1.2.7NEVER RUN create-functional-test script will overwrite grails-app/conf files
Grails functional-test plugin
UsageAdd plugin dependency in BuildConfig.groovytest ':functional-test:1.2.7'
Will fail to resolve dependencies on first compileFatal error during compilation org.apache.tools.ant.BuildException: java.lang.NoClassDefFoundError: Lcom/gargoylesoftware/htmlunit/html/HTMLParser$HtmlUnitDOMBuilder
Just run grails compile again
Grails functional-test plugin
Creating test classesNEVER RUN create-functional-test script will overwrite grails-app/conf files
Just create a class in test/functional that extends functionaltestplugin.FunctionalTestCase
Grails functional-test plugin
import functionaltestplugin.FunctionalTestCase
class LoginTests extends FunctionalTestCase {
void testSomeWebsiteFeature() { // Here call get(uri) or post(uri) to start // the session and then use the custom // assertXXXX calls etc to check the response // // get('/something') // assertStatus 200 // assertContentContains 'the expected text' }}
How to find all controller actions?
import grails.web.Action
...
def data = []
for (controller in grailsApplication.controllerClasses) {
List actions = controller.clazz.methods.findAll( { it.getAnnotation(Action) })*.name
data