RoleUserInterceptor.java

package edu.ucsb.cs156.happiercows.interceptors;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import edu.ucsb.cs156.happiercows.repositories.UserRepository;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.core.user.OAuth2User;

import java.util.Optional;
import java.util.HashSet;
import java.util.Set;
import java.util.Collection;
import edu.ucsb.cs156.happiercows.entities.User;



@Component
public class RoleUserInterceptor implements HandlerInterceptor {

   @Autowired
   UserRepository userRepository;

   @Override
   public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // Update user's security context on server each time the user makes HTTP request to the backend
        // If user has admin status in database we will keep ROLE_ADMIN in security context
        // Otherwise interceptor will remove ROLE_ADMIN before the incoming request is processed by backend API
        SecurityContext securityContext = SecurityContextHolder.getContext();
        Authentication authentication = securityContext.getAuthentication();

        if (authentication instanceof OAuth2AuthenticationToken ) {
            OAuth2User oAuthUser = ((OAuth2AuthenticationToken) authentication).getPrincipal();
            String email = oAuthUser.getAttribute("email");
            Optional<User> optionalUser = userRepository.findByEmail(email);
            if (optionalUser.isPresent()){
                User user = optionalUser.get();

                if(user.isSuspended()) {
                    response.sendError(HttpServletResponse.SC_FORBIDDEN, "Your account has been suspended. Contact an administrator to restore your account");
                    SecurityContextHolder.clearContext();
                    return false;
                }

                Set<GrantedAuthority> newAuthorities = new HashSet<>();
                Collection<? extends GrantedAuthority> currentAuthorities = authentication.getAuthorities();
                currentAuthorities.stream()
                .filter(authority -> !authority.getAuthority().equals("ROLE_ADMIN"))
                .forEach(authority -> {
                    newAuthorities.add(authority);
                });

                if (user.isAdmin()){
                    newAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
                }
                
                Authentication newAuth = new OAuth2AuthenticationToken(oAuthUser, newAuthorities,(((OAuth2AuthenticationToken)authentication).getAuthorizedClientRegistrationId()));
                SecurityContextHolder.getContext().setAuthentication(newAuth);
            }
        }

      return true;
   }
    
}













Active mutators

CONDITIONALS_BOUNDARY
EMPTY_RETURNS
FALSE_RETURNS
INCREMENTS
INVERT_NEGS
MATH
NEGATE_CONDITIONALS
NULL_RETURNS
PRIMITIVE_RETURNS
TRUE_RETURNS
VOID_METHOD_CALLS

Tests examined

edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:users__admin_logged_in()] (31 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCanPostAnnouncementWithoutStartAndEndTime()] (32 ms)
edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests]/[method:test_get_all_csv()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:createCommonsTest_withBoundaryParameters()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotEditAnnouncementToHaveEmptyStringAsAnnouncement()] (33 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_BuyCow_commons_exists_user_has_exact_amount_needed()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:updateCommonsTest()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:UpdateCommonsTest_withIllegalParameters()] (19 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_set_cow_health_job()] (44 ms)
edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests]/[method:systemInfo__user_logged_in()] (8 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_SellCow_commons_exists_no_cow_to_sell()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests]/[method:currentUser__logged_in()] (753 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_SellCow_commons_exists()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:UpdateCommonsTest_withBoundaryParameters()] (670 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCanInteractWithChatIfShowChatIsFalse()] (24 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_record_common_stats_job()] (39 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCanGetHiddenChatMessages()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests]/[method:get_reports_headers_commonId()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:regular_user_cannot_suspend_user()] (11 ms)
edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:user_not_present_in_db_and_no_role_update_by_interceptor()] (8 ms)
edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests]/[method:get_profits_all_commons_nonexistent_using_commons_id()] (10 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userInCommonsCanPostChatMessages()] (33 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:admin_user_can_restore_user()] (664 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_launch_test_job_with_boundary_parameter()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:deleteCommons_test_admin_nonexists()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCanGetAnnouncementById()] (29 ms)
edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_removes_admin_role_when_admin_field_in_db_is_false()] (6 ms)
edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests]/[method:test_get_csv()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userNotInCommonsCannotPostAnnouncements()] (55 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userInCommonsCanGetChatMessages()] (71 ms)
edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests]/[method:admin_get_profits_all_commons_using_commons_id()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_BuyCow_commons_exists()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getCommonsPlusByIdTest_valid()] (16 ms)
edu.ucsb.cs156.happiercows.integration.CommonsIT.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.integration.CommonsIT]/[method:getCommonsTest()] (3355 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userInCommonsCanPostAnnouncements()] (78 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userCannotUseAdminGetAPIEndpoint()] (26 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:deleteCommons_test_admin_exists()] (19 ms)
edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests]/[method:get_all_common_stats()] (706 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:createCommonsTest_zeroDegradation()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_sellCow_commons_does_not_exist()] (11 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_sellCow_for_user_not_in_commons()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests]/[method:get_all_report_headers()] (770 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:joinCommonsTest()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userNotInCommonsCannotPostChatMessages()] (23 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCanGetChatMessages()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:createCommonsTest_withIllegalParameters()] (21 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getDefaultCommonsValuesTest()] (10 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotGetAnnouncementByIdThatDoesNotExist()] (39 ms)
edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_adds_admin_role_when_user_is_admin()] (1014 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:createCommonsTest_withNoCowHealthUpdateStrategies()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_launch_set_cow_health_job_with_invalid_parameter()] (10 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_getUserCommonsById_exists()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getCommonsByIdTest_valid()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotPostAnnouncementWithEndBeforeStart()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_instructor_report_single_commons_job()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_get_all_jobs_paged()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_milk_the_cows_individual_job()] (39 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:createCommonsTest()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:users__logged_out()] (10 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:adminCanPostAnnouncements()] (25 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:deleteUserFromCommons_when_not_joined()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:updateCommonsTest_withDegradationRate_Zero()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_instructor_report_job()] (18 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:already_joined_common_test()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests]/[method:get_reports_lines_commonId()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_Admin_getAllUserCommonsById_exists()] (613 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_test_job_that_fails()] (4043 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_update_cow_health_job_individual()] (11 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:admin_user_cannot_suspend_invalid_user()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_getUserCommonsById_exists_admin()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_launch_set_cow_health_job_with_boundary_parameter()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_BuyCow_not_enough_money()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userCanDeleteTheirOwnChatMessages()] (22 ms)
edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests]/[method:get_profits_all_commons_using_commons_id_with_pagination_2()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotEditAnnouncementThatDoesNotExist()] (34 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotGetAllAnnouncementsIfNotInCommons()] (38 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:createCommonsTest_withIllegalDegradationRate()] (11 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_buyCow_commons_does_not_exist()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_milk_the_cows_job()] (23 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userCannotInteractWithChatIfShowChatIsFalse()] (34 ms)
edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests]/[method:systemInfo__admin_logged_in()] (678 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userCannotGetHiddenChatMessages()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCanPostChatMessages()] (18 ms)
edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests]/[method:get_profits_all_commons_using_commons_id()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCanEditAnnouncementWithoutStart()] (35 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:regular_user_cannot_restore_user()] (9 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:updateCommonsTest_withNoCowHealthUpdateStrategy()] (48 ms)
edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests]/[method:systemInfo__logged_out()] (8 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:adminCanEditAnnouncement()] (57 ms)
edu.ucsb.cs156.happiercows.controllers.CSRFControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CSRFControllerTests]/[method:csrf_returns_ok()] (1209 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotPostAnnouncementWithEmptyString()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCannotHideChatMessagesThatDontExist()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:adminCanDeleteAnnouncements()] (851 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotEditAnnouncementIfNotInCommons()] (29 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_get_all_jobs()] (816 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:join_when_commons_with_id_does_not_exist()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests]/[method:admin_get_profits_all_commons_nonexistent_using_commons_id()] (832 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getCommonsPlusTest()] (18 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_launch_test_job_with_invalid_parameter()] (41 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCanGetAllChatMessages()] (18 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:admin_user_cannot_restore_invalid_user()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_buyCow_for_user_not_in_commons()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_BuyCow_commons_exists_not_enough_money()] (27 ms)
edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests]/[method:get_specific_report_header()] (16 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:adminCanGetAllAnnouncements()] (34 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:adminCannotDeleteAnnouncementsThatDontExist()] (26 ms)
edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ReportsControllerTests]/[method:test_get_csv()] (23 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCanDeleteOtherUsersChatMessages()] (756 ms)
edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests]/[method:currentUser__logged_out()] (7 ms)
edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_logs_out_user_when_suspended_field_in_db_is_true()] (8 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userCannotDeleteOtherUsersChatMessages()] (20 ms)
edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests]/[method:get_profits_all_commons_nonexistent_using_commons_id_with_pagination()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:deleteUserFromCommonsTest()] (45 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:userNotInCommonsCannotGetChatMessages()] (30 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getCommonsTest()] (12 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_getUserCommonsById_nonexists()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ProfitsControllerTests]/[method:get_profits_all_commons_using_commons_id_with_pagination()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:admin_user_can_suspend_user()] (11 ms)
edu.ucsb.cs156.happiercows.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UsersControllerTests]/[method:users__user_logged_in()] (9 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCannotEditAnnouncementToHaveEndBeforeStart()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_test_job()] (2060 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getHealthUpdateStrategiesTest()] (14 ms)
edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonStatsControllerTests]/[method:get_stats_by_commonsId()] (17 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_getAllUserCommonsById_exists()] (11 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:updateCommonsTest_withIllegalDegradationRate()] (47 ms)
edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserCommonsControllerTests]/[method:test_getUserCommonsById_nonexists_admin()] (11 ms)
edu.ucsb.cs156.happiercows.controllers.JobsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.JobsControllerTests]/[method:admin_can_launch_update_cow_health_job()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests]/[method:currentUser__update_last_online()] (9 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getCommonsByIdTest_invalid()] (15 ms)
edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.CommonsControllerTests]/[method:getCommonsPlusByIdTest_invalid()] (13 ms)
edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.ChatMessageControllerTests]/[method:adminCanHideChatMessages()] (18 ms)
edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.AnnouncementsControllerTests]/[method:userCanGetAllAnnouncements()] (27 ms)

Report generated by PIT 1.7.3

1		package edu.ucsb.cs156.happiercows.interceptors;
2
3		import javax.servlet.http.HttpServletRequest;
4		import javax.servlet.http.HttpServletResponse;
5
6		import org.springframework.beans.factory.annotation.Autowired;
7		import org.springframework.stereotype.Component;
8		import org.springframework.web.servlet.HandlerInterceptor;
9
10		import edu.ucsb.cs156.happiercows.repositories.UserRepository;
11		import org.springframework.security.core.authority.SimpleGrantedAuthority;
12		import org.springframework.security.core.Authentication;
13		import org.springframework.security.core.GrantedAuthority;
14		import org.springframework.security.core.context.SecurityContext;
15		import org.springframework.security.core.context.SecurityContextHolder;
16		import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
17		import org.springframework.security.oauth2.core.user.OAuth2User;
18
19		import java.util.Optional;
20		import java.util.HashSet;
21		import java.util.Set;
22		import java.util.Collection;
23		import edu.ucsb.cs156.happiercows.entities.User;
24
25
26
27		@Component
28		public class RoleUserInterceptor implements HandlerInterceptor {
29
30		@Autowired
31		UserRepository userRepository;
32
33		@Override
34		public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
35		// Update user's security context on server each time the user makes HTTP request to the backend
36		// If user has admin status in database we will keep ROLE_ADMIN in security context
37		// Otherwise interceptor will remove ROLE_ADMIN before the incoming request is processed by backend API
38		SecurityContext securityContext = SecurityContextHolder.getContext();
39		Authentication authentication = securityContext.getAuthentication();
40
41	1 1. preHandle : negated conditional → KILLED	if (authentication instanceof OAuth2AuthenticationToken ) {
42		OAuth2User oAuthUser = ((OAuth2AuthenticationToken) authentication).getPrincipal();
43		String email = oAuthUser.getAttribute("email");
44		Optional<User> optionalUser = userRepository.findByEmail(email);
45	1 1. preHandle : negated conditional → KILLED	if (optionalUser.isPresent()){
46		User user = optionalUser.get();
47
48	1 1. preHandle : negated conditional → KILLED	if(user.isSuspended()) {
49	1 1. preHandle : removed call to javax/servlet/http/HttpServletResponse::sendError → KILLED	response.sendError(HttpServletResponse.SC_FORBIDDEN, "Your account has been suspended. Contact an administrator to restore your account");
50	1 1. preHandle : removed call to org/springframework/security/core/context/SecurityContextHolder::clearContext → KILLED	SecurityContextHolder.clearContext();
51	1 1. preHandle : replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::preHandle → KILLED	return false;
52		}
53
54		Set<GrantedAuthority> newAuthorities = new HashSet<>();
55		Collection<? extends GrantedAuthority> currentAuthorities = authentication.getAuthorities();
56		currentAuthorities.stream()
57	2 1. lambda$preHandle$0 : negated conditional → KILLED 2. lambda$preHandle$0 : replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::lambda$preHandle$0 → KILLED	.filter(authority -> !authority.getAuthority().equals("ROLE_ADMIN"))
58	1 1. preHandle : removed call to java/util/stream/Stream::forEach → KILLED	.forEach(authority -> {
59		newAuthorities.add(authority);
60		});
61
62	1 1. preHandle : negated conditional → KILLED	if (user.isAdmin()){
63		newAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
64		}
65
66		Authentication newAuth = new OAuth2AuthenticationToken(oAuthUser, newAuthorities,(((OAuth2AuthenticationToken)authentication).getAuthorizedClientRegistrationId()));
67	1 1. preHandle : removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED	SecurityContextHolder.getContext().setAuthentication(newAuth);
68		}
69		}
70
71	1 1. preHandle : replaced boolean return with false for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::preHandle → KILLED	return true;
72		}
73
74		}
		Mutations
41		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests]/[method:currentUser__logged_out()] negated conditional → KILLED
45		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:user_not_present_in_db_and_no_role_update_by_interceptor()] negated conditional → KILLED
48		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_logs_out_user_when_suspended_field_in_db_is_true()] negated conditional → KILLED
49		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_logs_out_user_when_suspended_field_in_db_is_true()] removed call to javax/servlet/http/HttpServletResponse::sendError → KILLED
50		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_logs_out_user_when_suspended_field_in_db_is_true()] removed call to org/springframework/security/core/context/SecurityContextHolder::clearContext → KILLED
51		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_logs_out_user_when_suspended_field_in_db_is_true()] replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::preHandle → KILLED
57		1.1 Location : lambda$preHandle$0 Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_removes_admin_role_when_admin_field_in_db_is_false()] negated conditional → KILLED 2.2 Location : lambda$preHandle$0 Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_removes_admin_role_when_admin_field_in_db_is_false()] replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::lambda$preHandle$0 → KILLED
58		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_removes_admin_role_when_admin_field_in_db_is_false()] removed call to java/util/stream/Stream::forEach → KILLED
62		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_removes_admin_role_when_admin_field_in_db_is_false()] negated conditional → KILLED
67		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleUserInterceptorTests]/[method:interceptor_removes_admin_role_when_admin_field_in_db_is_false()] removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED
71		1.1 Location : preHandle Killed by : edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.UserInfoControllerTests]/[method:currentUser__logged_out()] replaced boolean return with false for edu/ucsb/cs156/happiercows/interceptors/RoleUserInterceptor::preHandle → KILLED

RoleUserInterceptor.java

Mutations

Active mutators

Tests examined