What is the best way for unit test methods annotated using Spring Security ACL Annotations?

Question

What is the best way for unit test methods annotated using Spring Security ACL Annotations?

Let's say I have a method similar to the following:

@PreAuthorize("hasPermission(#obj, 'READ')")
public void requiresReadPermission(Object obj) {}

Is there an easy way to mock / grant / deny "READ" permission for authentication?

+4

spring spring-security spring-test

Jwk Oct 10 '13 at 17:34

source share

1 answer

pgiecek · Answer 1 · 2014-01-14T09:00:34+0000

Since this is a unit test method, not a given interceptor, you do not need to worry about authentication and ACL infrastructure. If you want to check what is AccessDeniedExceptionthrown when the user is not granted access to the object, the unit test is an interceptor itself. In your case, just check that your method executes / returns what is expected to be done / returned.

, Spring ACL AccessDeniedException, , AccessDeniedHandler, catch , . , .

unit test , , AccessDeniedException. .

What is the best way for unit test methods annotated using Spring Security ACL Annotations?

More articles: