Пример #1
0
 @Test
 public void itThrowsAn401() throws Exception {
   try {
     creds.buildSession(userDAO, "whee");
     fail("should have thrown an auth challenge, but didn't");
   } catch (WebApplicationException e) {
     assertThat(e.getResponse().getStatus()).isEqualTo(Status.FORBIDDEN.getStatusCode());
   }
 }
 @Test
 public void gettingAResourceByAnUnauthorizedUser() {
   denieAuthorizationToUsers();
   try {
     getAt(aResourceURI(), getWebEntityClass());
     fail("An unauthorized user shouldn't access the resource");
   } catch (WebApplicationException ex) {
     int receivedStatus = ex.getResponse().getStatus();
     int forbidden = Status.FORBIDDEN.getStatusCode();
     assertThat(receivedStatus, is(forbidden));
   }
 }
 @Test
 public void updateOfResourceByANonAuthorizedUser() {
   denieAuthorizationToUsers();
   try {
     putAt(aResourceURI(), aResource());
     fail("An unauthorized user shouldn't update a resource");
   } catch (WebApplicationException ex) {
     int receivedStatus = ex.getResponse().getStatus();
     int forbidden = Status.FORBIDDEN.getStatusCode();
     assertThat(receivedStatus, is(forbidden));
   }
 }