From 4a782db1fa104212bf50876b8a4cbec755a3190d Mon Sep 17 00:00:00 2001
From: Rene Pfeuffer <rene.pfeuffer@cloudogu.com>
Date: Fri, 6 Dec 2019 14:44:50 +0100
Subject: [PATCH] Implement test

---
 .../AuthorizationExceptionMapperTest.java     | 46 ++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

diff --git a/scm-webapp/src/test/java/sonia/scm/api/rest/AuthorizationExceptionMapperTest.java b/scm-webapp/src/test/java/sonia/scm/api/rest/AuthorizationExceptionMapperTest.java
index f546a7cf34..cd56d966ef 100644
--- a/scm-webapp/src/test/java/sonia/scm/api/rest/AuthorizationExceptionMapperTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/api/rest/AuthorizationExceptionMapperTest.java
@@ -1,5 +1,49 @@
 package sonia.scm.api.rest;
 
+import org.apache.shiro.authz.AuthorizationException;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.subject.support.SubjectThreadState;
+import org.apache.shiro.util.ThreadContext;
+import org.apache.shiro.util.ThreadState;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
 class AuthorizationExceptionMapperTest {
-// TODO verify differentiation between normal user and anonymous
+
+  private final Subject subject = mock(Subject.class);
+  private final ThreadState subjectThreadState = new SubjectThreadState(subject);
+
+  @BeforeEach
+  public void init() {
+    subjectThreadState.bind();
+    ThreadContext.bind(subject);
+  }
+
+  @AfterEach
+  public void unbindSubject() {
+    ThreadContext.unbindSubject();
+  }
+
+  @Test
+  void shouldMapNormalUserToForbidden() {
+    when(subject.getPrincipal()).thenReturn("someone");
+
+    assertThat(
+      new AuthorizationExceptionMapper().toResponse(new AuthorizationException()).getStatus()
+    ).isEqualTo(403);
+  }
+
+  @Test
+  void shouldMapAnonymousUserToUnauthorized() {
+    when(subject.getPrincipal()).thenReturn("_anonymous");
+
+    assertThat(
+      new AuthorizationExceptionMapper().toResponse(new AuthorizationException()).getStatus()
+    ).isEqualTo(401);
+  }
 }