servlet-test-mockmvc-result-handlers.md 1.9 KB
Newer Older
茶陵後's avatar
茶陵後 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58
### SecurityMockMvcResultHandlers

Spring Security provides a few `ResultHandler`s implementations.
In order to use Spring Security’s `ResultHandler`s implementations ensure the following static import is used:

```
import static org.springframework.security.test.web.servlet.response.SecurityMockMvcResultHandlers.*;
```

#### Exporting the SecurityContext

Often times we want to query a repository to see if some `MockMvc` request actually persisted in the database.
In some cases our repository query uses the [Spring Data Integration](../../../features/integrations/data.html) to filter the results based on current user’s username or any other property.
Let’s see an example:

A repository interface:

```
private interface MessageRepository extends JpaRepository<Message, Long> {
	@Query("SELECT m.content FROM Message m WHERE m.sentBy = ?#{ principal?.name }")
	List<String> findAllUserMessages();
}
```

Our test scenario:

```
mvc
	.perform(post("/message")
		.content("New Message")
		.contentType(MediaType.TEXT_PLAIN)
	)
	.andExpect(status().isOk());

List<String> userMessages = messageRepository.findAllUserMessages();
assertThat(userMessages).hasSize(1);
```

This test won’t pass because after our request finishes, the `SecurityContextHolder` will be cleared out by the filter chain.
We can then export the `TestSecurityContextHolder` to our `SecurityContextHolder` and use it as we want:

```
mvc
	.perform(post("/message")
		.content("New Message")
		.contentType(MediaType.TEXT_PLAIN)
	)
	.andDo(exportTestSecurityContext())
	.andExpect(status().isOk());

List<String> userMessages = messageRepository.findAllUserMessages();
assertThat(userMessages).hasSize(1);
```

|   |Remember to clear the `SecurityContextHolder` between your tests, or it may leak amongst them|
|---|---------------------------------------------------------------------------------------------|

[Security ResultMatchers](result-matchers.html)[Appendix](../../appendix/index.html)