void "test saveSupervisor action"() {
setup:
def testUser = new User()
controller.userAuthService = [currentUser: testUser]
expect:
//User supervisor= new User()
User supervisor= new User(username: "sp123456",password: "pwd")
supervisor.save()
println "spv************ : "+ supervisor
when:"When User NAME Given"
controller.params.username = "sp123456"
controller.saveSupervisor()
then:
response.redirectUrl.endsWith '/showsupervisor/id'
}`---controller code----`
@Secured("hasRole('ROLE_ADMIN') and (hasRole('ROLE_SUPERVISOR') )")
@Transactional
def saveSupervisor(User userInstance) {
if (userInstance == null) {
notFound()
return
}
if (userInstance.hasErrors()) {
respond userInstance.errors, view:'create'
return
}
userInstance.save flush:true
def spvRole = Role.findByAuthority('ROLE_SUPERVISOR')
UserRole.create userInstance, spvRole , true
}
但我认为我做错了 我有这些用户角色,ROLE_SUPERVISOR,ROLE_ADMIN 当具有role_supervisor和role_admin的用户登录到应用程序时,只有他被授予访问操作savSupervisor()的权限。如何在spock测试中捕获登录用户的角色?我想测试用户是否使用角色ROLE_SUPERVISOR"和"然后,只有ROLE_ADMIN才能访问saveSupervisor()方法。我正在使用春季保安,请帮助我。