Integration testing grails spring security plugin?

Question

Integration testing grails spring security plugin?

I have it:

@Secured(['ROLE_USER', 'ROLE_HELPDESK', 'ROLE_ADMIN']) class MyController { def edit = { } @Secured(['ROLE_ADMIN']) def uploadForUser = { params.userId = params.id forward(controller: 'someController', action: 'someAction', params: params) } }

and an integration test, which, it seems to me, should fail:

 public void test_uploadForUser_unauthenticated(){ myController.params.id = "testUser" myController.uploadForUser() }

Nevertheless, the tests pass. Is there any way to check controllers annotated with spring security plugin?

+4

spring security spring-security plugins grails

Stefan kendall Aug 08 '11 at 20:16

source share

1 answer

Artur nowak · Accepted Answer · 2011-08-08T20:43:26+0000

These annotations are parsed using SpringSecurityFilter , so they do not work unless you have an actual HTTP request.

Thus, you need to either switch to checking roles using conditional expressions inside actions, for example, do it here , or check it using WebDriver / Geb or some simpler frameworks - a very good approach is presented in the Grails security plugin itself .

Integration testing grails spring security plugin?

More articles: