/**
   * Testet den Fall, dass der Benutzer in der Rolle der geschützten Web-Ressource ist. Ergebnis
   * Zugriff erlaubt.
   *
   * @throws Exception
   */
  @Test
  public void testEvaluateHasAuthorityConfigAttributeUserIsInRole() throws Exception {
    // Testfix erstellen
    List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
    grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_JUNIT_TEST"));
    Authentication authenticationToken =
        new UsernamePasswordAuthenticationToken("JUnit", "JUnit", grantedAuthorities);

    FilterInvocation filterInvocation = new FilterInvocation("/junit", "GET");

    Authority authority = new Authority();
    authority.setSystemName("ROLE_JUNIT_TEST");

    WebResourceAccessRule rule = new WebResourceAccessRule();
    rule.setAuthority(authority);

    HasAuthorityConfigAttribute configAttribute = new HasAuthorityConfigAttribute(rule);

    // Das Testobjekt erstellen
    WebResourceAccessEvaluator webResourceAccessEvaluator = new WebResourceAccessEvaluator();

    // Test und Auswertung
    assertTrue(
        webResourceAccessEvaluator.evaluate(
            authenticationToken, filterInvocation, configAttribute));
  }
  @Test(expected = IllegalArgumentException.class)
  public void testEvaluateFlagConfigAttributeAllFlagsAreFalseException() {
    // Testfix erstellen
    Authentication authenticationToken = newAnonymousAuthenticationToken();

    FilterInvocation filterInvocation = new FilterInvocation("/junit", "GET");

    WebResourceAccessRule rule = new WebResourceAccessRule();
    /// Alle Flags sind per Default FALSE

    FlagConfigAttribute configAttribute = new FlagConfigAttribute(rule);

    // Das Testobjekt erstellen
    WebResourceAccessEvaluator webResourceAccessEvaluator = new WebResourceAccessEvaluator();

    // Test und Auswertung
    webResourceAccessEvaluator.evaluate(authenticationToken, filterInvocation, configAttribute);
  }
  @Test
  public void testEvaluateFlagConfigAttributeIsFullyAuthenticatedGrantedAsUser() throws Exception {
    // Testfix erstellen
    Authentication authenticationToken = newUserAuthenticationToken();

    FilterInvocation filterInvocation = new FilterInvocation("/junit", "GET");

    WebResourceAccessRule rule = new WebResourceAccessRule();
    rule.setFullyAuthenticated(true);

    FlagConfigAttribute configAttribute = new FlagConfigAttribute(rule);

    // Das Testobjekt erstellen
    WebResourceAccessEvaluator webResourceAccessEvaluator = new WebResourceAccessEvaluator();

    // Test und Auswertung
    assertTrue(
        webResourceAccessEvaluator.evaluate(
            authenticationToken, filterInvocation, configAttribute));
  }
  @Test
  public void testEvaluateFlagConfigAttributeIsRememberMeDeniedAsAnonymous() throws Exception {
    // Testfix erstellen
    Authentication authenticationToken = newAnonymousAuthenticationToken();

    FilterInvocation filterInvocation = new FilterInvocation("/junit", "GET");

    WebResourceAccessRule rule = new WebResourceAccessRule();
    rule.setRememberMe(true);

    FlagConfigAttribute configAttribute = new FlagConfigAttribute(rule);

    // Das Testobjekt erstellen
    WebResourceAccessEvaluator webResourceAccessEvaluator = new WebResourceAccessEvaluator();

    // Test und Auswertung
    assertFalse(
        webResourceAccessEvaluator.evaluate(
            authenticationToken, filterInvocation, configAttribute));
  }
  @Test
  public void testEvaluateFlagConfigAttributeIsDenyAll() throws Exception {
    // Fall 1: Nutzer ist Anonym //////////////////////////////////////////
    // Testfix erstellen
    Authentication authenticationToken = newAnonymousAuthenticationToken();

    FilterInvocation filterInvocation = new FilterInvocation("/junit", "GET");

    WebResourceAccessRule rule = new WebResourceAccessRule();
    rule.setDenyAll(true);

    FlagConfigAttribute configAttribute = new FlagConfigAttribute(rule);

    // Das Testobjekt erstellen
    WebResourceAccessEvaluator webResourceAccessEvaluator = new WebResourceAccessEvaluator();

    // Test und Auswertung
    assertFalse(
        webResourceAccessEvaluator.evaluate(
            authenticationToken, filterInvocation, configAttribute));

    // Fall 2: Nutzer ist angemeldet //////////////////////////////////////
    // Testfix erstellen
    List<GrantedAuthority> grantedAuthorities = new ArrayList<GrantedAuthority>();
    grantedAuthorities.add(new SimpleGrantedAuthority("ROLE_JUNIT_TEST"));
    authenticationToken =
        new UsernamePasswordAuthenticationToken("JUnit", "JUnit", grantedAuthorities);

    rule = new WebResourceAccessRule();
    rule.setDenyAll(true);

    configAttribute = new FlagConfigAttribute(rule);

    // Das Testobjekt erstellen
    webResourceAccessEvaluator = new WebResourceAccessEvaluator();

    // Test und Auswertung
    assertFalse(
        webResourceAccessEvaluator.evaluate(
            authenticationToken, filterInvocation, configAttribute));
  }
  /**
   * Test den Fall, dass der Benutzer nicht in der Rolle der geschützten Web-Ressource ist. Ergebnis
   * Zugriff verweigert.
   *
   * @throws Exception
   */
  @Test
  public void testEvaluateHasAuthorityConfigAttributeUserIsNotInRole() throws Exception {
    // Testfix erstellen
    Authentication authenticationToken = newUserAuthenticationToken();

    FilterInvocation filterInvocation = new FilterInvocation("/junit", "GET");

    Authority authority = new Authority();
    authority.setSystemName("ROLE_JUNIT_TEST");

    WebResourceAccessRule rule = new WebResourceAccessRule();
    rule.setAuthority(authority);

    HasAuthorityConfigAttribute configAttribute = new HasAuthorityConfigAttribute(rule);

    // Das Testobjekt erstellen
    WebResourceAccessEvaluator webResourceAccessEvaluator = new WebResourceAccessEvaluator();

    // Test und Auswertung
    assertFalse(
        webResourceAccessEvaluator.evaluate(
            authenticationToken, filterInvocation, configAttribute));
  }