Inline authorization roles

wolfiabot · Dec 17, 2023 · 088b630 · 088b630
1 parent 752e8cc
commit 088b630
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 13 deletions.
diff --git a/src/main/java/space/npstr/wolfia/webapi/Authorization.kt b/src/main/java/space/npstr/wolfia/webapi/Authorization.kt
@@ -20,8 +20,6 @@ import org.springframework.security.core.GrantedAuthority
 import org.springframework.security.core.authority.SimpleGrantedAuthority
 
 object Authorization {
-	const val ROLE_USER = "ROLE_USER"
-	const val ROLE_OWNER = "ROLE_OWNER"
-	val USER: GrantedAuthority = SimpleGrantedAuthority(ROLE_USER)
-	val OWNER: GrantedAuthority = SimpleGrantedAuthority(ROLE_OWNER)
+	val USER: GrantedAuthority = SimpleGrantedAuthority("ROLE_USER")
+	val OWNER: GrantedAuthority = SimpleGrantedAuthority("ROLE_OWNER")
 }
diff --git a/src/test/java/space/npstr/wolfia/webapi/TogglzEndpointTest.kt b/src/test/java/space/npstr/wolfia/webapi/TogglzEndpointTest.kt
@@ -26,7 +26,7 @@ import org.springframework.http.HttpMethod
 import org.springframework.http.HttpStatus
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 import org.springframework.security.core.Authentication
-import org.springframework.security.core.authority.SimpleGrantedAuthority
+import org.springframework.security.core.GrantedAuthority
 import org.springframework.security.core.context.SecurityContext
 import org.springframework.security.core.context.SecurityContextImpl
 import org.springframework.security.core.userdetails.User
@@ -56,7 +56,7 @@ internal class TogglzEndpointTest<T : Session> : ApplicationTest() {
 	@Test
 	fun whenGet_withUserAuthority_returnUnauthorized() {
 		val headers = HttpHeaders()
-		headers.add(HttpHeaders.COOKIE, sessionCookie(generateHttpSession(Authorization.ROLE_USER)))
+		headers.add(HttpHeaders.COOKIE, sessionCookie(generateHttpSession(Authorization.USER)))
 
 		val response = restTemplate.exchange(
 			"/$togglzConsolePath",
@@ -71,7 +71,7 @@ internal class TogglzEndpointTest<T : Session> : ApplicationTest() {
 	@Test
 	fun whenGet_withOwnerAuthority_returnOk() {
 		val headers = HttpHeaders()
-		headers.add(HttpHeaders.COOKIE, sessionCookie(generateHttpSession(Authorization.ROLE_OWNER)))
+		headers.add(HttpHeaders.COOKIE, sessionCookie(generateHttpSession(Authorization.OWNER)))
 
 		val response = restTemplate.exchange(
 			"/$togglzConsolePath",
@@ -87,19 +87,15 @@ internal class TogglzEndpointTest<T : Session> : ApplicationTest() {
 		return "SESSION=" + Base64.getEncoder().encodeToString(session.id.toByteArray())
 	}
 
-	private fun generateHttpSession(vararg requestedAuthorities: String): T {
-		val authorities = requestedAuthorities
-			.map { SimpleGrantedAuthority(it) }
-			.toSet()
-
+	private fun generateHttpSession(vararg requestedAuthorities: GrantedAuthority): T {
 		val userDetails: UserDetails = User(
 			"foo",
 			"bar",
 			true,
 			true,
 			true,
 			true,
-			authorities
+			requestedAuthorities.toSet()
 		)
 		val authentication: Authentication = UsernamePasswordAuthenticationToken(
 			userDetails, userDetails.password, userDetails.authorities