RoleInterceptor.java

1 
package edu.ucsb.cs156.rec.interceptors;
2
3 
import jakarta.servlet.http.HttpServletRequest;
4 
import jakarta.servlet.http.HttpServletResponse;
5
6 
import org.springframework.beans.factory.annotation.Autowired;
7 
import org.springframework.stereotype.Component;
8 
import org.springframework.web.servlet.HandlerInterceptor;
9 
import org.springframework.web.servlet.ModelAndView;
10
11 
import edu.ucsb.cs156.rec.repositories.UserRepository;
12 
import lombok.extern.slf4j.Slf4j;
13
14 
import org.springframework.security.core.authority.SimpleGrantedAuthority;
15 
import org.springframework.beans.factory.annotation.Autowired;
16 
import org.springframework.beans.factory.annotation.Value;
17 
import org.springframework.security.core.Authentication;
18 
import org.springframework.security.core.GrantedAuthority;
19 
import org.springframework.security.core.context.SecurityContext;
20 
import org.springframework.security.core.context.SecurityContextHolder;
21 
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
22 
import org.springframework.security.oauth2.core.user.OAuth2User;
23
24 
import java.util.Optional;
25 
import java.util.HashSet;
26 
import java.util.Set;
27 
import java.util.Collection;
28 
import java.util.stream.Collectors;
29 
import edu.ucsb.cs156.rec.entities.User;
30
31 
import org.slf4j.Logger;
32 
import org.slf4j.LoggerFactory;
33
34 
@Slf4j
35 
@Component
36 
public class RoleInterceptor implements HandlerInterceptor {
37
38 
    @Autowired
39 
    UserRepository userRepository;
40
41 
    @Override
42 
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
43 
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
44
45 
        // only process for users logged in using OAuth2
46 1 1. preHandle : negated conditional → KILLED
 
        if(authentication.getClass() == OAuth2AuthenticationToken.class){
47 
            // extract principle (aka. email, name, etc...)
48 
            OAuth2User principle =  ((OAuth2AuthenticationToken) authentication).getPrincipal();
49 
            String email = principle.getAttribute("email");
50
51 
            Optional<User> optionalUser = userRepository.findByEmail(email);
52
53 
            // continue only if user is in db
54 1 1. preHandle : negated conditional → KILLED
 
            if(optionalUser.isPresent()){
55 
                User user = optionalUser.get();
56
57 
                // Retrieve currently assigned ROLES for this user
58 
                Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
59
60 
                // Strip user's current roles
61 
                Set<GrantedAuthority> revisedAuthorities = authorities.stream().filter(
62 2 1. lambda$preHandle$0 : negated conditional → KILLED
2. lambda$preHandle$0 : replaced boolean return with true for edu/ucsb/cs156/rec/interceptors/RoleInterceptor::lambda$preHandle$0 → KILLED
 
                    grantedAuth -> !grantedAuth.getAuthority().equals("ROLE_ADMIN")
63 1 1. lambda$preHandle$0 : negated conditional → KILLED
 
                                && !grantedAuth.getAuthority().equals("ROLE_PROFESSOR")
64 1 1. lambda$preHandle$0 : negated conditional → KILLED
 
                                && !grantedAuth.getAuthority().equals("ROLE_STUDENT"))
65 
                    .collect(Collectors.toSet());
66
67 
                // Dynamically assign roles based on user's role in the database
68 1 1. preHandle : negated conditional → KILLED
 
                if (user.getAdmin()) {
69 
                    revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
70 
                }
71 1 1. preHandle : negated conditional → KILLED
 
                if (user.getProfessor()) {
72 
                    revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_PROFESSOR"));
73 
                }
74 1 1. preHandle : negated conditional → KILLED
 
                if (user.getStudent()) {
75 
                    revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_STUDENT"));
76 
                }
77
78 
                // Create new authentication object with revised roles
79 
                Authentication newAuthentication = new OAuth2AuthenticationToken( principle, revisedAuthorities, ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId());
80
81 
                // Replace the current oauth2 object with the new one, updated with new roles.
82 
                SecurityContextHolder.getContext().setAuthentication(newAuthentication);
83 
            }
84 
        }
85 1 1. preHandle : replaced boolean return with false for edu/ucsb/cs156/rec/interceptors/RoleInterceptor::preHandle → KILLED
 
        return true;
86 
    }
87 
}

Mutations

46

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.rec.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.controllers.UsersControllerTests]/[method:users__user_logged_in()] negated conditional → KILLED

54

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_nothing_when_user_not_present()] negated conditional → KILLED

62

1.1
Location : lambda$preHandle$0
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_admin_role_when_user_admin_false()] negated conditional → KILLED

2.2
Location : lambda$preHandle$0
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_admin_role_when_user_admin_false()] replaced boolean return with true for edu/ucsb/cs156/rec/interceptors/RoleInterceptor::lambda$preHandle$0 → KILLED

63

1.1
Location : lambda$preHandle$0
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_professor_role_when_user_professor_false()] negated conditional → KILLED

64

1.1
Location : lambda$preHandle$0
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_professor_role_when_user_professor_false()] negated conditional → KILLED

68

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_admin_role_when_user_admin_false()] negated conditional → KILLED

71

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_admin_role_when_user_admin_false()] negated conditional → KILLED

74

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.interceptors.RoleInterceptorTests]/[method:updates_admin_role_when_user_admin_false()] negated conditional → KILLED

85

1.1
Location : preHandle
Killed by : edu.ucsb.cs156.rec.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.controllers.UsersControllerTests]/[method:users__user_logged_in()] replaced boolean return with false for edu/ucsb/cs156/rec/interceptors/RoleInterceptor::preHandle → KILLED

Active mutators

Tests examined


Report generated by PIT 1.17.0