RoleInterceptor.java

package edu.ucsb.cs156.dining.interceptors;

import edu.ucsb.cs156.dining.repositories.AdminRepository;
import edu.ucsb.cs156.dining.repositories.ModeratorRepository;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

@Slf4j
@Component
public class RoleInterceptor implements HandlerInterceptor {

  private final AdminRepository adminRepository;

  private final ModeratorRepository moderatorRepository;

  @Value("#{'${app.admin.emails}'.split(',')}")
  private final List<String> adminEmails = new ArrayList<>();

  public RoleInterceptor(AdminRepository adminRepository, ModeratorRepository moderatorRepository) {
    this.adminRepository = adminRepository;
    this.moderatorRepository = moderatorRepository;
  }

  @Override
  public boolean preHandle(
      HttpServletRequest request, HttpServletResponse response, Object handler) {
    SecurityContext securityContext = SecurityContextHolder.getContext();
    Authentication authentication = securityContext.getAuthentication();

    if (authentication instanceof OAuth2AuthenticationToken oauthToken) {
      OAuth2User oauthUser = oauthToken.getPrincipal();
      String email =
          oauthUser instanceof OidcUser oidcUser
              ? oidcUser.getEmail()
              : oauthUser.getAttribute("email");
      Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
      Set<GrantedAuthority> revisedAuthorities = new HashSet<>();

      authorities.stream()
          .filter(
              grantedAuth ->
                  !grantedAuth.getAuthority().equals("ROLE_ADMIN")
                      && !grantedAuth.getAuthority().equals("ROLE_MODERATOR"))
          .forEach(revisedAuthorities::add);

      if (adminEmails.contains(email) || adminRepository.existsByEmail(email)) {
        revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
      }
      if (moderatorRepository.existsByEmail(email)) {
        revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_MODERATOR"));
      }

      Authentication newAuth =
          new OAuth2AuthenticationToken(
              oauthUser, revisedAuthorities, oauthToken.getAuthorizedClientRegistrationId());

      securityContext.setAuthentication(newAuth);
    }
    return true;
  }
}











Active mutators

CONDITIONALS_BOUNDARY
EMPTY_RETURNS
FALSE_RETURNS
INCREMENTS
INVERT_NEGS
MATH
NEGATE_CONDITIONALS
NULL_RETURNS
PRIMITIVE_RETURNS
TRUE_RETURNS
VOID_METHOD_CALLS

Tests examined

edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] (2 ms)
edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:keeps_admin_role_when_user_is_in_admin_emails()] (2 ms)
edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_admin_role_when_user_not_in_admin_repository()] (3 ms)
edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:keeps_admin_and_moderator_roles_when_user_is_in_both_repositories()] (2 ms)
edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:gets_email_from_oidc_user()] (5 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:users__user_logged_in()] (2 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests]/[method:returns_204_when_dining_commons_closed_empty_string()] (2 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:logged_out_users_cannot_get_commons_averages()] (2 ms)
edu.ucsb.cs156.dining.controllers.ModeratorControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ModeratorControllerTests]/[method:logged_in_users_cannot_get()] (3 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:users__logged_out()] (3 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests]/[method:returns_204_when_dining_commons_closed_null()] (3 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:logged_out_users_cannot_get_commons_averages_over_time()] (3 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:non_admin_cannot_get_aliases_needing_moderation()] (3 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:logged_out_users_cannot_get_commons_meal_averages()] (3 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests]/[method:users_can_see_meal_times()] (3 ms)
edu.ucsb.cs156.dining.controllers.ModeratorControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ModeratorControllerTests]/[method:logged_out_users_cannot_get()] (4 ms)
edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests]/[method:api_DiningCommons_all__user_logged_in__returns_200()] (5 ms)
edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests]/[method:api_DiningCommons_all__logged_out__returns_200()] (5 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:logged_in_users_cannot_get_all()] (6 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_gets_empty_list_if_no_aliases_need_moderation()] (4 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests]/[method:get_menu_item_by_id_success()] (3 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_averages_returns_empty_when_no_reviews()] (3 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:worst_items_returns_bad_request_for_negative_limit()] (5 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:logged_out_users_cannot_get_worst_items()] (8 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_cannot_toggle_moderator_of_nonexistent_user()] (3 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests]/[method:get_menu_item_by_id_not_found()] (6 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:logged_out_users_cannot_get_best_items()] (8 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:logged_out_users_cannot_get_all()] (4 ms)
edu.ucsb.cs156.dining.controllers.ApiControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ApiControllerTests]/[method:test_dummy_controller_returns_unsupported_operation()] (8 ms)
edu.ucsb.cs156.dining.controllers.ModeratorControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ModeratorControllerTests]/[method:logged_in_admins_can_get()] (6 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_cannot_toggle_admin_of_nonexistent_user()] (4 ms)
edu.ucsb.cs156.dining.controllers.ApiControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ApiControllerTests]/[method:test_that_dummy_controller_returns_Exception_when_1_is_not_passed()] (8 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_cannot_approve_nonexistent_user()] (5 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_returns_bad_request_for_negative_limit()] (8 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:worst_items_returns_empty_when_no_reviews()] (3 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_can_get_aliases_needing_moderation()] (4 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_can_get_all_users_with_proposed_alias()] (4 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_returns_empty_list_when_no_reviews()] (4 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_accepts_zero_limit()] (4 ms)
edu.ucsb.cs156.dining.controllers.ModeratorControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ModeratorControllerTests]/[method:logged_in_admins_can_delete()] (7 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:admin_can_delete_duplicate_admin_emails()] (7 ms)
edu.ucsb.cs156.dining.controllers.ModeratorControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ModeratorControllerTests]/[method:logged_in_admins_can_post()] (6 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:logged_out_users_cannot_get_all()] (13 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:admin_nonexistent_cannot_approve()] (4 ms)
edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:does_nothing_when_authentication_is_not_oauth2()] (2 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_cannot_toggle_admin_of_super_admin()] (3 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:logged_in_user_cant_get_all()] (9 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:logged_in_admin_can_get_all()] (9 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:admin_tries_to_delete_an_ADMIN_EMAIL_and_gets_right_error_message()] (10 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:admin_tries_to_delete_non_existant_admin_and_gets_right_error_message()] (11 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:logged_in_admin_can_get_all_admins()] (10 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:allApprovedReviewsForItem_returns_not_found_for_nonexistent_item()] (6 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:logged_in_admin_can_get_all()] (15 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_can_remove_user_from_moderator_table()] (3 ms)
edu.ucsb.cs156.dining.controllers.ModeratorControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ModeratorControllerTests]/[method:admin_try_to_delete_a_moderator_not_found()] (13 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_meal_averages_returns_empty_for_unknown_commons()] (7 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_can_remove_user_from_admin_table()] (3 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:not_found_throws_exception()] (5 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:getReviewById_not_found_returns_404()] (10 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:user_cannot_post_existing_alias()] (6 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_can_approve_proposed_alias()] (3 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_can_add_user_to_admin_table()] (3 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_drops_items_whose_reviews_are_all_starless()] (5 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests]/[method:approved_reviews_are_included_in_menu_items_response()] (8 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_averages_groups_by_commons_and_sorts_alphabetically()] (4 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_averages_ignores_reviews_missing_required_fields()] (4 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_approves_alias()] (4 ms)
edu.ucsb.cs156.dining.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UserInfoControllerTests]/[method:currentUser__admin_from_admin_emails__not_moderator()] (3 ms)
edu.ucsb.cs156.dining.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UserInfoControllerTests]/[method:currentUser__admin_from_repository__not_moderator()] (3 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_rating_below_1_throws_exception()] (12 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_meal_averages_ignores_reviews_missing_required_fields()] (5 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_meal_averages_returns_only_matching_commons_and_groups_by_meal()] (5 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_averages_sorts_alphabetically_when_data_arrives_unsorted()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:moderator_get_needs_moderation_returns_moderation_needed()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:moderator_nonexistent_cannot_approve()] (13 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_averages_over_time_ignores_reviews_missing_required_fields()] (3 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:admin_get_needs_moderation_returns_moderation_needed()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_rating_above_5_throws_exception()] (14 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_drops_reviews_with_null_served_date_when_period_set()] (11 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_can_add_user_to_moderator_table()] (8 ms)
edu.ucsb.cs156.dining.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UserInfoControllerTests]/[method:currentUser__logged_out()] (9 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:nonexistent_cannot_delete()] (16 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:allApprovedReviewsForItem_returns_approved_reviews_for_existing_item()] (12 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_ignores_reviews_with_null_stars()] (4 ms)
edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests]/[method:api_DiningCommons_all__admin_logged_in__returns_200()] (13 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_default_limit_returns_at_most_five()] (5 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_breaks_ties_using_review_count_then_id()] (4 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:an_admin_user_can_post_a_new_admin()] (21 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_returns_all_when_below_limit()] (6 ms)
edu.ucsb.cs156.dining.controllers.CSRFControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.CSRFControllerTests]/[method:csrf_returns_ok()] (13 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:wrong_user_cannot_delete()] (5 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:a_user_can_post_a_new_alias()] (4 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:worst_items_filters_by_period()] (4 ms)
edu.ucsb.cs156.dining.controllers.ApiControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ApiControllerTests]/[method:test_that_dummy_controller_returns_String1_when_1_is_passed()] (15 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_ignores_reviews_with_null_item()] (6 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:worst_items_breaks_ties_using_review_count_then_id()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:user_can_delete()] (6 ms)
edu.ucsb.cs156.dining.controllers.SystemInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.SystemInfoControllerTests]/[method:systemInfo__admin_logged_in()] (12 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:getReviewById_owner_can_view()] (5 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:getReviewById_moderator_can_view()] (5 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_filters_by_period_1M()] (6 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:worst_items_accepts_zero_limit()] (22 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:users__admin_logged_in()] (4 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_filters_by_period_1W()] (7 ms)
edu.ucsb.cs156.dining.controllers.UserInfoControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UserInfoControllerTests]/[method:currentUser__logged_in()] (12 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:a_logged_in_admin_can_get_all()] (9 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:worst_items_returns_all_when_below_limit()] (11 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_filters_by_period_6M()] (9 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:admin_can_moderate_a_review()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:testItemIdIsInvalid_NotFound()] (19 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:getReviewById_admin_can_view()] (9 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_ranks_highest_average_first_and_respects_limit()] (8 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuControllerTests]/[method:returns_204_when_dining_commons_closed_empty_array()] (19 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:wrong_user_cannot_edit()] (9 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:can_set_stars_at_high_boundary()] (7 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:best_items_keeps_reviews_with_null_served_date_for_period_all()] (13 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:getReviewById_non_owner_user_forbidden()] (14 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:can_set_stars_at_low_boundary()] (9 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:moderator_can_moderate_a_review()] (12 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:getReviewById_logged_out_forbidden()] (11 ms)
edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.DiningCommonsControllerTests]/[method:api_DiningCommons_test_get()] (30 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:commons_averages_over_time_groups_by_month_and_sorts()] (17 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:postReview_ShouldAcceptRatingAtBoundaries()] (14 ms)
edu.ucsb.cs156.dining.controllers.StatisticsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.StatisticsControllerTests]/[method:worst_items_ranks_lowest_first_and_respects_limit()] (15 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:admin_can_delete()] (16 ms)
edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UCSBDiningMenuItemsControllerTests]/[method:meal_item_created_and_found()] (20 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:edit_works_correctly()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:cannot_set_stars_over_boundaries()] (19 ms)
edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:admin_does_not_approve_alias()] (16 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:trim_works_correctly()] (12 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:user_reviews_response_includes_item_field()] (20 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_emptyString_on_creating_new_review()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_whitespaceString_on_creating_new_review()] (8 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:a_logged_in_user_can_get_own_reviews_list()] (24 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_no_string_on_creating_new_review()] (12 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:a_user_can_post_a_new_review()] (15 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:null_works_correctly()] (23 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:getReviewById_response_includes_item_field()] (38 ms)
edu.ucsb.cs156.dining.controllers.AdminControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.AdminControllerTests]/[method:admin_can_delete_an_admin()] (136 ms)

Report generated by PIT 1.17.0

1		package edu.ucsb.cs156.dining.interceptors;
2
3		import edu.ucsb.cs156.dining.repositories.AdminRepository;
4		import edu.ucsb.cs156.dining.repositories.ModeratorRepository;
5		import jakarta.servlet.http.HttpServletRequest;
6		import jakarta.servlet.http.HttpServletResponse;
7		import java.util.ArrayList;
8		import java.util.Collection;
9		import java.util.HashSet;
10		import java.util.List;
11		import java.util.Set;
12		import lombok.extern.slf4j.Slf4j;
13		import org.springframework.beans.factory.annotation.Value;
14		import org.springframework.security.core.Authentication;
15		import org.springframework.security.core.GrantedAuthority;
16		import org.springframework.security.core.authority.SimpleGrantedAuthority;
17		import org.springframework.security.core.context.SecurityContext;
18		import org.springframework.security.core.context.SecurityContextHolder;
19		import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
20		import org.springframework.security.oauth2.core.oidc.user.OidcUser;
21		import org.springframework.security.oauth2.core.user.OAuth2User;
22		import org.springframework.stereotype.Component;
23		import org.springframework.web.servlet.HandlerInterceptor;
24
25		@Slf4j
26		@Component
27		public class RoleInterceptor implements HandlerInterceptor {
28
29		private final AdminRepository adminRepository;
30
31		private final ModeratorRepository moderatorRepository;
32
33		@Value("#{'${app.admin.emails}'.split(',')}")
34		private final List<String> adminEmails = new ArrayList<>();
35
36		public RoleInterceptor(AdminRepository adminRepository, ModeratorRepository moderatorRepository) {
37		this.adminRepository = adminRepository;
38		this.moderatorRepository = moderatorRepository;
39		}
40
41		@Override
42		public boolean preHandle(
43		HttpServletRequest request, HttpServletResponse response, Object handler) {
44		SecurityContext securityContext = SecurityContextHolder.getContext();
45		Authentication authentication = securityContext.getAuthentication();
46
47	1 1. preHandle : negated conditional → KILLED	if (authentication instanceof OAuth2AuthenticationToken oauthToken) {
48		OAuth2User oauthUser = oauthToken.getPrincipal();
49		String email =
50	1 1. preHandle : negated conditional → KILLED	oauthUser instanceof OidcUser oidcUser
51		? oidcUser.getEmail()
52		: oauthUser.getAttribute("email");
53		Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
54		Set<GrantedAuthority> revisedAuthorities = new HashSet<>();
55
56		authorities.stream()
57		.filter(
58		grantedAuth ->
59	2 1. lambda$preHandle$0 : replaced boolean return with true for edu/ucsb/cs156/dining/interceptors/RoleInterceptor::lambda$preHandle$0 → KILLED 2. lambda$preHandle$0 : negated conditional → KILLED	!grantedAuth.getAuthority().equals("ROLE_ADMIN")
60	1 1. lambda$preHandle$0 : negated conditional → KILLED	&& !grantedAuth.getAuthority().equals("ROLE_MODERATOR"))
61	1 1. preHandle : removed call to java/util/stream/Stream::forEach → KILLED	.forEach(revisedAuthorities::add);
62
63	2 1. preHandle : negated conditional → KILLED 2. preHandle : negated conditional → KILLED	if (adminEmails.contains(email) \|\| adminRepository.existsByEmail(email)) {
64		revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
65		}
66	1 1. preHandle : negated conditional → KILLED	if (moderatorRepository.existsByEmail(email)) {
67		revisedAuthorities.add(new SimpleGrantedAuthority("ROLE_MODERATOR"));
68		}
69
70		Authentication newAuth =
71		new OAuth2AuthenticationToken(
72		oauthUser, revisedAuthorities, oauthToken.getAuthorizedClientRegistrationId());
73
74	1 1. preHandle : removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED	securityContext.setAuthentication(newAuth);
75		}
76	1 1. preHandle : replaced boolean return with false for edu/ucsb/cs156/dining/interceptors/RoleInterceptor::preHandle → KILLED	return true;
77		}
78		}
		Mutations
47		1.1 Location : preHandle Killed by : edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:users__user_logged_in()] negated conditional → KILLED
50		1.1 Location : preHandle Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] negated conditional → KILLED
59		1.1 Location : lambda$preHandle$0 Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] replaced boolean return with true for edu/ucsb/cs156/dining/interceptors/RoleInterceptor::lambda$preHandle$0 → KILLED 2.2 Location : lambda$preHandle$0 Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] negated conditional → KILLED
60		1.1 Location : lambda$preHandle$0 Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] negated conditional → KILLED
61		1.1 Location : preHandle Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] removed call to java/util/stream/Stream::forEach → KILLED
63		1.1 Location : preHandle Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] negated conditional → KILLED 2.2 Location : preHandle Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] negated conditional → KILLED
66		1.1 Location : preHandle Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] negated conditional → KILLED
74		1.1 Location : preHandle Killed by : edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.interceptors.RoleInterceptorTests]/[method:removes_moderator_role_when_user_not_in_moderator_repository()] removed call to org/springframework/security/core/context/SecurityContext::setAuthentication → KILLED
76		1.1 Location : preHandle Killed by : edu.ucsb.cs156.dining.controllers.UsersControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.UsersControllerTests]/[method:users__user_logged_in()] replaced boolean return with false for edu/ucsb/cs156/dining/interceptors/RoleInterceptor::preHandle → KILLED

RoleInterceptor.java

Mutations

Active mutators

Tests examined