0

I have a basic SpringBoot app. using Spring Initializer, embedded Tomcat, Thymeleaf template engine, and package as an executable JAR file.

I have this test:

@RunWith(SpringRunner.class)
@WebAppConfiguration
@WebMvcTest
public class MockMvcTests {

    // Pull in the application context created by @ContextConfiguration
    @Autowired
    private WebApplicationContext wac;

    private MockMvc mockMvc;

    @MockBean
    private I18NService i18NService;

    @MockBean
    private EmailService emailService;

    @MockBean
    private PasswordResetTokenService passwordResetTokenService;

    @MockBean
    private UserService userService;

    @MockBean
    private CompanyService companyService;

    @MockBean
    private UserSecurityService userSecurityService;

    @Before
    public void setup() {
        // Setup MockMVC to use our Spring Configuration
        this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac).build();
    }

    /**
     * 
     * @throws Exception
     *             If anything fails.
     */
    @Test
    public void getDeviceEventsTest() throws Exception {
        this.mockMvc
                .perform(get("/deviceevent/list") //
                .accept(MediaType.parseMediaType("text/html;charset=UTF-8")))
                .andExpect(status().isOk()) //
                .andExpect(model().size(1)); //
    }

But running the Test I got this Exception

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is org.thymeleaf.exceptions.TemplateProcessingException: Exception evaluating SpringEL expression: "#authorization.expression('hasRole(''ROLE_ADMIN'')')" (tdk/common/menu:62)

Is there a way to bypass the authorization ?

Nuñito Calzada
  • 4,394
  • 47
  • 174
  • 301
  • How about adding authentication header? `.perform(get("/deviceevent/list").header("Authorization", "your auth type header value"))` – zakaria amine May 13 '17 at 13:15

1 Answers1

0

I see first possible problem in strange expression in hasRole(''ROLE_ADMIN''), looks like two single quotes instead of double quotes here, but maybe it looks strange just in log.

Anyway, to bypass auth mechanism for tests you need to disable Spring Security in test mode, there are some working ways described here

I usually use this way with configuration and profiles setting, because it takes more flexibility then other described ways.

Community
  • 1
  • 1
Alarmwolf
  • 158
  • 1
  • 6