RoleInterceptor.java

1
package edu.ucsb.cs156.happiercows.interceptors;
2
3
import org.springframework.beans.factory.annotation.Autowired;
4
import org.springframework.security.core.Authentication;
5
import org.springframework.security.core.GrantedAuthority;
6
import org.springframework.security.core.authority.SimpleGrantedAuthority;
7
import org.springframework.security.core.context.SecurityContextHolder;
8
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
9
import org.springframework.security.oauth2.core.user.OAuth2User;
10
import org.springframework.stereotype.Component;
11
import org.springframework.web.servlet.HandlerInterceptor;
12
13
import javax.servlet.http.HttpServletRequest;
14
import javax.servlet.http.HttpServletResponse;
15
import java.io.IOException;
16
import java.util.Collection;
17
import java.util.Optional;
18
import java.util.Set;
19
import java.util.stream.Collectors;
20
21
import edu.ucsb.cs156.happiercows.entities.User;
22
import edu.ucsb.cs156.happiercows.repositories.UserRepository;
23
import lombok.extern.slf4j.Slf4j;
24
25
@Slf4j
26
@Component
27
public class RoleInterceptor implements HandlerInterceptor {
28
29
    @Autowired
30
    UserRepository userRepository;
31
32
    @Override
33
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
34
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
35
36 1 1. preHandle : negated conditional → KILLED
        if (authentication instanceof OAuth2AuthenticationToken) {
37
            OAuth2User principal = ((OAuth2AuthenticationToken) authentication).getPrincipal();
38
            String email = principal.getAttribute("email");
39
            Optional<User> optionalUser = userRepository.findByEmail(email);
40
41 1 1. preHandle : negated conditional → KILLED
            if (optionalUser.isPresent()) {
42
                User user = optionalUser.get();
43 1 1. preHandle : negated conditional → KILLED
                if (Boolean.TRUE.equals(user.getSuspended())) {
44
                    // Log out suspended user
45 1 1. preHandle : removed call to org/springframework/security/core/context/SecurityContextHolder::clearContext → KILLED
                    SecurityContextHolder.clearContext();
46 1 1. preHandle : removed call to javax/servlet/http/HttpServletResponse::sendError → KILLED
                    response.sendError(HttpServletResponse.SC_FORBIDDEN, "You have been suspended from using this site; please contact the site administrator for details.");
47 1 1. preHandle : replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleInterceptor::preHandle → KILLED
                    return false;
48
                }
49
50
                Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
51
                Set<GrantedAuthority> revisedAuthorities = authorities.stream()
52 2 1. lambda$preHandle$0 : negated conditional → KILLED
2. lambda$preHandle$0 : replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleInterceptor::lambda$preHandle$0 → KILLED
                    .filter(grantedAuth -> !grantedAuth.getAuthority().equals("ROLE_ADMIN"))
53
                    .collect(Collectors.toSet());
54
55 1 1. preHandle : negated conditional → KILLED
                if (user.isAdmin()) {
56
                    revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
57
                }
58
59
                Authentication newAuth = new OAuth2AuthenticationToken(principal, revisedAuthorities, ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId());
60 1 1. preHandle : removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED
                SecurityContextHolder.getContext().setAuthentication(newAuth);
61
            }
62
        }
63 1 1. preHandle : replaced boolean return with false for edu/ucsb/cs156/happiercows/interceptors/RoleInterceptor::preHandle → KILLED
        return true;
64
    }
65
}

Mutations

36

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests]/[method:systemInfo__logged_out()]
negated conditional → KILLED

41

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:noChangeWhenUserNotPresent()]
negated conditional → KILLED

43

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:logsOutSuspendedUser()]
negated conditional → KILLED

45

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:logsOutSuspendedUser()]
removed call to org/springframework/security/core/context/SecurityContextHolder::clearContext → KILLED

46

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:logsOutSuspendedUser()]
removed call to javax/servlet/http/HttpServletResponse::sendError → KILLED

47

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:logsOutSuspendedUser()]
replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleInterceptor::preHandle → KILLED

52

1.1
Location : lambda$preHandle$0
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:updatesAdminRoleWhenUserIsAdmin()]
negated conditional → KILLED

2.2
Location : lambda$preHandle$0
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:removesAdminRoleWhenUserIsNotAdmin()]
replaced boolean return with true for edu/ucsb/cs156/happiercows/interceptors/RoleInterceptor::lambda$preHandle$0 → KILLED

55

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:updatesAdminRoleWhenUserIsAdmin()]
negated conditional → KILLED

60

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.interceptors.RoleInterceptorTests]/[method:removesAdminRoleWhenUserIsNotAdmin()]
removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED

63

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.happiercows.controllers.SystemInfoControllerTests]/[method:systemInfo__logged_out()]
replaced boolean return with false for edu/ucsb/cs156/happiercows/interceptors/RoleInterceptor::preHandle → KILLED

Active mutators

Tests examined


Report generated by PIT 1.7.3