Grails 7 - Spring Security - Cleanup

.github/workflows/gradle.yml

@@ -15,7 +15,6 @@ env:
 
 jobs:
   core-tests:
-    if: github.event_name == 'pull_request'
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -30,12 +29,12 @@ jobs:
           arguments: |
             check 
             --refresh-dependencies
-            -Dgeb.env=chromeHeadless
+            --continue
 
   functional-test:
-    if: github.event_name == 'pull_request'
     runs-on: ubuntu-latest
     strategy:
+      fail-fast: false
       matrix:
         test-config: [ 'static', 'annotation', 'requestmap', 'basic', 'basicCacheUsers', 'misc', 'putWithParams', 'bcrypt', 'issue503' ]
     steps:
@@ -49,7 +48,6 @@ jobs:
         with:
           arguments: |
             examples-functional-test-app:check 
-            -Dgeb.env=chromeHeadless 
             -DTESTCONFIG=${{ matrix.test-config }}
 
   build:
@@ -69,7 +67,6 @@ jobs:
           arguments: |
             spring-security-core:build 
             --refresh-dependencies
-            -Dgeb.env=chromeHeadless
             -x javadoc
 
       - name: Publish Snapshot artifacts to Artifactory (repo.grails.org)

build.gradle

@@ -25,6 +25,8 @@ if (isReleaseVersion) {
     }
 }
 subprojects {
+    apply plugin: 'groovy'
+
     version = rootProject.version
     repositories {
         mavenCentral()
@@ -36,6 +38,9 @@ subprojects {
             }
         }
     }
+    dependencies {
+        implementation platform(libs.grails.bom)
+    }
 }
 
 // Do not generate extra load on Nexus with new staging repository if signing fails

buildSrc/build.gradle

@@ -12,8 +12,6 @@ dependencies {
         // which is causes a version conflict for Gradle
         exclude group: 'org.apache.groovy', module: 'groovy-xml'
     }
-    implementation buildsrcLibs.webdriver.binaries.gradle.plugin
-
     testImplementation buildsrcLibs.spock.core
 }
 

examples/functional-test-app/build.gradle

@@ -8,12 +8,6 @@ plugins {
 
 group = 'examples.test'
 
-configurations {
-    all {
-        exclude group: 'io.micronaut', module:'micronaut-inject-groovy'
-    }
-}
-
 dependencies {
 
     implementation project(':spring-security-core')

examples/functional-test-app/src/integration-test/groovy/specs/AbstractHyphenatedSecuritySpec.groovy

@@ -1,5 +1,8 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
+
+@Integration
 abstract class AbstractHyphenatedSecuritySpec extends AbstractSecuritySpec {
 
 	protected void resetDatabase() {
@@ -11,10 +14,6 @@ abstract class AbstractHyphenatedSecuritySpec extends AbstractSecuritySpec {
 		getContent 'hack/get-session-value?name=' + name
 	}
 
-	protected void login(String username) {
-		super.login username, 'password'
-	}
-
 	protected String getUserProperty(String user, String propertyName) {
 		getContent "hack/get-user-property?user=$user&propName=$propertyName"
 	}

examples/functional-test-app/src/integration-test/groovy/specs/AbstractSecuritySpec.groovy

@@ -1,33 +1,26 @@
 package specs
 
 import com.testapp.TestDataService
+import functional.test.app.Application
 import geb.driver.CachingDriverFactory
-import geb.spock.GebReportingSpec
+import grails.plugin.geb.ContainerGebSpec
 import grails.plugin.springsecurity.SpringSecurityCoreGrailsPlugin
 import grails.plugin.springsecurity.SpringSecurityUtils
 import grails.testing.mixin.integration.Integration
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.security.crypto.password.MessageDigestPasswordEncoder
 import pages.LoginPage
 import spock.lang.Shared
-import spock.lang.Stepwise
 
-@Integration(applicationClass = functional.test.app.Application)
-@Stepwise
-abstract class AbstractSecuritySpec extends GebReportingSpec {
+@Integration(applicationClass = Application)
+abstract class AbstractSecuritySpec extends ContainerGebSpec {
 
 	private @Shared boolean databaseReset = false
 
 	@Autowired
 	TestDataService testDataService
 
-	void setup() {
-		if ( hasProperty('serverPort') ) {
-			browser.baseUrl = "http://localhost:${getProperty('serverPort')}/"
-		} else {
-			browser.baseUrl = 'http://localhost:8080/'
-		}
-
+	def setup() {
 		logout()
 
 		// call resetDatabase() once per suite, before the first test; would
@@ -63,7 +56,7 @@ abstract class AbstractSecuritySpec extends GebReportingSpec {
 		browser.driver.pageSource
 	}
 
-	protected void login(String user, String pwd, boolean remember = false) {
+	protected void login(String user, String pwd = 'password', boolean remember = false) {
 		to LoginPage
 		username = user
 		password = pwd
@@ -76,6 +69,7 @@ abstract class AbstractSecuritySpec extends GebReportingSpec {
 	protected void logout() {
 		go SpringSecurityUtils.securityConfig.logout.filterProcessesUrl
 		browser.clearCookies()
+		browser.go("/")
 	}
 
 	protected void assertContentContains(String expected) {

examples/functional-test-app/src/integration-test/groovy/specs/AnnotationSecuritySpec.groovy

@@ -1,5 +1,6 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import pages.IndexPage
 import pages.LoginPage
 import pages.role.CreateRolePage
@@ -10,6 +11,7 @@ import pages.user.ListUserPage
 import pages.user.ShowUserPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'annotation' })
 class AnnotationSecuritySpec extends AbstractSecuritySpec {
 
@@ -354,7 +356,6 @@ class AnnotationSecuritySpec extends AbstractSecuritySpec {
 		action << ['thing', 'thing/index', 'thing/show/1', 'thing/create', 'thing/edit', 'thing/delete']
 	}
 
-	@IgnoreIf({ !System.getProperty('geb.env') })
 	void 'authenticated user can access secured restful domain'() {
 		given:
 		login 'admin1', 'password1'
@@ -366,7 +367,6 @@ class AnnotationSecuritySpec extends AbstractSecuritySpec {
 		$().text() == '[]'
 	}
 
-	@IgnoreIf({ !System.getProperty('geb.env') })
 	void 'generated Resource controllers can have inherited secured actions'() {
 		when:
 		go 'customer/index'

examples/functional-test-app/src/integration-test/groovy/specs/BCryptSpec.groovy

@@ -1,10 +1,12 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import pages.user.CreateUserPage
 import pages.user.ListUserPage
 import pages.user.ShowUserPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'bcrypt' })
 class BCryptSpec extends AbstractSecuritySpec {
 

examples/functional-test-app/src/integration-test/groovy/specs/BasicAuthCacheUsersSecuritySpec.groovy

@@ -1,5 +1,6 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import org.springframework.security.core.userdetails.UserCache
 import pages.LoginPage
 import pages.role.CreateRolePage
@@ -10,6 +11,7 @@ import pages.user.ListUserPage
 import pages.user.ShowUserPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'basicCacheUsers' })
 class BasicAuthCacheUsersSecuritySpec extends AbstractSecuritySpec {
 
@@ -115,7 +117,6 @@ class BasicAuthCacheUsersSecuritySpec extends AbstractSecuritySpec {
 		userRows.size() == 2
 	}
 
-	@IgnoreIf({ !System.getProperty('geb.env') })
 	void 'check userDetails caching'() {
 
 		when:

examples/functional-test-app/src/integration-test/groovy/specs/BasicAuthSecuritySpec.groovy

@@ -1,5 +1,6 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import pages.LoginPage
 import pages.role.CreateRolePage
 import pages.role.ListRolePage
@@ -9,6 +10,7 @@ import pages.user.ListUserPage
 import pages.user.ShowUserPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'basic' })
 class BasicAuthSecuritySpec extends AbstractSecuritySpec {
 
@@ -172,7 +174,6 @@ class BasicAuthSecuritySpec extends AbstractSecuritySpec {
 		401 == connection.responseCode
 	}
 
-	@IgnoreIf({ !System.getProperty('geb.env') })
 	void 'check allowed for admin1'() {
 
 		// Check with admin1 auth, some @Secure actions are accessible
@@ -244,7 +245,6 @@ class BasicAuthSecuritySpec extends AbstractSecuritySpec {
 		assertContentContains 'Error 403 Forbidden'
 	}
 
-	@IgnoreIf({ System.getProperty('geb.env') == "htmlUnit" })
 	void 'check allowed for admin2'() {
 
 		// Check that with admin2 auth, some @Secure actions are accessible
@@ -329,8 +329,6 @@ class BasicAuthSecuritySpec extends AbstractSecuritySpec {
 	}
 
 	private void getWithoutAuth(String uri) {
-		def url = new URI(getBaseUrlRequired()).resolve(new URI(uri)).toURL()
-		connection = url.openConnection()
-		connection.instanceFollowRedirects = false
+		connection = download("/${uri}")
 	}
 }

examples/functional-test-app/src/integration-test/groovy/specs/DisableSpec.groovy

@@ -1,8 +1,11 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import pages.IndexPage
 import spock.lang.IgnoreIf
 
+
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'misc' })
 class DisableSpec extends AbstractHyphenatedSecuritySpec {
 

examples/functional-test-app/src/integration-test/groovy/specs/InheritanceSecuritySpec.groovy

@@ -1,9 +1,11 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import pages.IndexPage
 import pages.LoginPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'annotation' })
 class InheritanceSecuritySpec extends AbstractSecuritySpec {
 

examples/functional-test-app/src/integration-test/groovy/specs/MiscSpec.groovy

@@ -1,11 +1,13 @@
 package specs
 
 import geb.module.TextInput
+import grails.testing.mixin.integration.Integration
 import org.springframework.security.crypto.password.PasswordEncoder
 import pages.IndexPage
 import spock.lang.IgnoreIf
 import spock.lang.Issue
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'misc' })
 class MiscSpec extends AbstractHyphenatedSecuritySpec {
 

examples/functional-test-app/src/integration-test/groovy/specs/NamespaceSecuritySpec.groovy

@@ -1,11 +1,13 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import groovy.json.JsonSlurper
 import pages.IndexPage
 import pages.LoginPage
 import spock.lang.IgnoreIf
 import spock.lang.Unroll
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'annotation' })
 class NamespaceSecuritySpec extends AbstractSecuritySpec {
 

examples/functional-test-app/src/integration-test/groovy/specs/RequestmapSecuritySpec.groovy

@@ -1,6 +1,7 @@
 package specs
 
 import com.testapp.TestDataService
+import grails.testing.mixin.integration.Integration
 import pages.IndexPage
 import pages.LoginPage
 import pages.requestmap.CreateRequestmapPage
@@ -14,6 +15,7 @@ import pages.user.ListUserPage
 import pages.user.ShowUserPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'requestmap' })
 class RequestmapSecuritySpec extends AbstractSecuritySpec {
 

examples/functional-test-app/src/integration-test/groovy/specs/RequestmapSpec.groovy

@@ -1,12 +1,14 @@
 package specs
 
 import com.testapp.TestDataService
+import grails.testing.mixin.integration.Integration
 import pages.requestmap.CreateRequestmapPage
 import pages.requestmap.EditRequestmapPage
 import pages.requestmap.ListRequestmapPage
 import pages.requestmap.ShowRequestmapPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'requestmap' })
 class RequestmapSpec extends AbstractSecuritySpec {
 
@@ -75,7 +77,6 @@ class RequestmapSpec extends AbstractSecuritySpec {
 		configAttribute == 'ROLE_ADMINX'
 	}
 
-	@IgnoreIf({ !System.getProperty('geb.env') })
 	void 'delete requestmap'() {
 		when:
 		go 'testRequestmap/list?max=100'

examples/functional-test-app/src/integration-test/groovy/specs/RoleSpec.groovy

@@ -1,11 +1,13 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import pages.role.CreateRolePage
 import pages.role.EditRolePage
 import pages.role.ListRolePage
 import pages.role.ShowRolePage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ !(
 		System.getProperty('TESTCONFIG') == 'annotation' ||
         System.getProperty('TESTCONFIG') == 'basic' ||
@@ -80,7 +82,6 @@ class RoleSpec extends AbstractSecuritySpec {
 		at ShowRolePage
 	}
 
-	@IgnoreIf({ !System.getProperty('geb.env') })
 	void 'delete role'() {
 		when:
 		to ListRolePage

examples/functional-test-app/src/integration-test/groovy/specs/StaticSecuritySpec.groovy

@@ -1,5 +1,6 @@
 package specs
 
+import grails.testing.mixin.integration.Integration
 import pages.IndexPage
 import pages.role.CreateRolePage
 import pages.role.ListRolePage
@@ -9,6 +10,7 @@ import pages.user.ListUserPage
 import pages.user.ShowUserPage
 import spock.lang.IgnoreIf
 
+@Integration
 @IgnoreIf({ System.getProperty('TESTCONFIG') != 'static' })
 class StaticSecuritySpec extends AbstractSecuritySpec {