apache
diff --git a/‎shenyu-admin/src/test/java/org/apache/shenyu/admin/aspect/controller/SuperAdminPasswordSafeAdviceTest.java‎
Lines changed: 174 additions & 0 deletions b/‎shenyu-admin/src/test/java/org/apache/shenyu/admin/aspect/controller/SuperAdminPasswordSafeAdviceTest.java‎
Lines changed: 174 additions & 0 deletions
diff --git a/‎shenyu-admin/src/test/java/org/apache/shenyu/admin/config/properties/DashboardPropertiesTest.java‎
Lines changed: 83 additions & 4 deletions b/‎shenyu-admin/src/test/java/org/apache/shenyu/admin/config/properties/DashboardPropertiesTest.java‎
Lines changed: 83 additions & 4 deletions
@@ -0,0 +1,174 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.shenyu.admin.aspect.controller;
+
+import com.google.common.base.Stopwatch;
+import org.apache.shenyu.admin.config.properties.DashboardProperties;
+import org.apache.shenyu.admin.model.custom.UserInfo;
+import org.apache.shenyu.admin.service.DashboardUserService;
+import org.apache.shenyu.admin.utils.SessionUtil;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.MockedStatic;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.core.annotation.AnnotatedElementUtils;
+
+import java.lang.reflect.Method;
+import java.util.Arrays;
+import java.util.List;
+
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.mockStatic;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+/**
+ * Test cases for {@link SuperAdminPasswordSafeAdvice}.
+ */
+@ExtendWith(MockitoExtension.class)
+public class SuperAdminPasswordSafeAdviceTest {
+
+    @Mock
+    private DashboardProperties properties;
+
+    @Mock
+    private DashboardUserService userService;
+
+    @InjectMocks
+    private SuperAdminPasswordSafeAdvice advice;
+
+    private Object bean;
+
+    private Method method;
+
+    private Stopwatch stopwatch;
+
+    @BeforeEach
+    void setUp() throws Exception {
+        bean = new Object();
+        method = Object.class.getMethod("toString");
+        stopwatch = Stopwatch.createUnstarted();
+    }
+
+    @Test
+    void testDoPreProcessWhenEnableOnlySuperAdminPermissionIsFalseShouldSkip() {
+        when(properties.getEnableOnlySuperAdminPermission()).thenReturn(false);
+
+        advice.doPreProcess(bean, method, stopwatch);
+
+        verify(properties, never()).getEnableSuperAdminPasswordSafe();
+        verify(userService, never()).checkUserPassword(anyString());
+    }
+
+    @Test
+    void testDoPreProcessWhenEnableSuperAdminPasswordSafeIsFalseShouldSkip() {
+        when(properties.getEnableOnlySuperAdminPermission()).thenReturn(true);
+        when(properties.getEnableSuperAdminPasswordSafe()).thenReturn(false);
+
+        advice.doPreProcess(bean, method, stopwatch);
+
+        verify(userService, never()).checkUserPassword(anyString());
+    }
+
+    @Test
+    void testDoPreProcessWhenNotAdminShouldSkip() {
+        when(properties.getEnableOnlySuperAdminPermission()).thenReturn(true);
+        when(properties.getEnableSuperAdminPasswordSafe()).thenReturn(true);
+
+        try (MockedStatic<SessionUtil> sessionUtilMock = mockStatic(SessionUtil.class)) {
+            sessionUtilMock.when(SessionUtil::isAdmin).thenReturn(false);
+
+            advice.doPreProcess(bean, method, stopwatch);
+
+            verify(userService, never()).checkUserPassword(anyString());
+        }
+    }
+
+    @Test
+    void testDoPreProcessWhenNoRequiresPermissionsShouldSkip() {
+        when(properties.getEnableOnlySuperAdminPermission()).thenReturn(true);
+        when(properties.getEnableSuperAdminPasswordSafe()).thenReturn(true);
+
+        try (MockedStatic<SessionUtil> sessionUtilMock = mockStatic(SessionUtil.class)) {
+            sessionUtilMock.when(SessionUtil::isAdmin).thenReturn(true);
+
+            advice.doPreProcess(bean, method, stopwatch);
+
+            verify(userService, never()).checkUserPassword(anyString());
+        }
+    }
+
+    @Test
+    void testDoPreProcessWhenPermissionNotInListShouldSkip() throws Exception {
+        when(properties.getEnableOnlySuperAdminPermission()).thenReturn(true);
+        when(properties.getEnableSuperAdminPasswordSafe()).thenReturn(true);
+
+        Method methodWithAnnotation = TestController.class.getMethod("testMethod");
+        UserInfo user = mock(UserInfo.class);
+
+        try (MockedStatic<SessionUtil> sessionUtilMock = mockStatic(SessionUtil.class);
+             MockedStatic<AnnotatedElementUtils> annotatedElementUtilsMock = mockStatic(AnnotatedElementUtils.class)) {
+            sessionUtilMock.when(SessionUtil::isAdmin).thenReturn(true);
+            sessionUtilMock.when(SessionUtil::visitor).thenReturn(user);
+            annotatedElementUtilsMock.when(() -> AnnotatedElementUtils.findMergedAnnotation(methodWithAnnotation, org.apache.shiro.authz.annotation.RequiresPermissions.class))
+                    .thenReturn(mock(org.apache.shiro.authz.annotation.RequiresPermissions.class));
+
+            advice.doPreProcess(bean, methodWithAnnotation, stopwatch);
+
+            verify(userService, never()).checkUserPassword(anyString());
+        }
+    }
+
+    @Test
+    void testDoPreProcessWhenPermissionInListShouldCheckPassword() throws Exception {
+        when(properties.getEnableOnlySuperAdminPermission()).thenReturn(true);
+        when(properties.getEnableSuperAdminPasswordSafe()).thenReturn(true);
+        List<String> permissions = Arrays.asList("admin:permission", "other:permission");
+        when(properties.getOnlySuperAdminPermission()).thenReturn(permissions);
+
+        Method methodWithAnnotation = TestController.class.getMethod("testMethod");
+        org.apache.shiro.authz.annotation.RequiresPermissions requiresPermissions = mock(org.apache.shiro.authz.annotation.RequiresPermissions.class);
+        when(requiresPermissions.value()).thenReturn(new String[]{"admin:permission"});
+        UserInfo user = mock(UserInfo.class);
+        when(user.getUserId()).thenReturn("userId");
+
+        try (MockedStatic<SessionUtil> sessionUtilMock = mockStatic(SessionUtil.class);
+             MockedStatic<AnnotatedElementUtils> annotatedElementUtilsMock = mockStatic(AnnotatedElementUtils.class)) {
+            sessionUtilMock.when(SessionUtil::isAdmin).thenReturn(true);
+            sessionUtilMock.when(SessionUtil::visitor).thenReturn(user);
+            annotatedElementUtilsMock.when(() -> AnnotatedElementUtils.findMergedAnnotation(methodWithAnnotation, org.apache.shiro.authz.annotation.RequiresPermissions.class))
+                    .thenReturn(requiresPermissions);
+
+            advice.doPreProcess(bean, methodWithAnnotation, stopwatch);
+
+            verify(userService).checkUserPassword("userId");
+        }
+    }
+
+    private static class TestController {
+        @org.apache.shiro.authz.annotation.RequiresPermissions("admin:permission")
+        public void testMethod() {
+            throw new UnsupportedOperationException("testMethod() used for unit test.");
+        }
+    }
+}
@@ -17,22 +17,101 @@
 
 package org.apache.shenyu.admin.config.properties;
 
+import org.apache.shenyu.admin.AbstractConfigurationTest;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.ArrayList;
+import java.util.List;
 
 /**
  * Test cases for {@link DashboardProperties}.
  */
-public class DashboardPropertiesTest {
+@ExtendWith(MockitoExtension.class)
+public class DashboardPropertiesTest extends AbstractConfigurationTest {
 
     @Test
     public void dashboardPropertiesTest() {
         final DashboardProperties dashboardProperties = new DashboardProperties();
         dashboardProperties.setOnlyCleanDays(0);
         dashboardProperties.setEnablePrintApiLog(true);
         dashboardProperties.setRecordLogLimit(0);
-        Assertions.assertEquals(dashboardProperties.getOnlyCleanDays(), 0);
-        Assertions.assertEquals(dashboardProperties.getEnablePrintApiLog(), true);
-        Assertions.assertEquals(dashboardProperties.getRecordLogLimit(), 0);
+        dashboardProperties.setEnableOnlySuperAdminPermission(false);
+        dashboardProperties.setEnableSuperAdminPasswordSafe(false);
+        dashboardProperties.setSuperAdminPasswordValidDuration(0L);
+
+        Assertions.assertEquals(0, dashboardProperties.getOnlyCleanDays());
+        Assertions.assertEquals(true, dashboardProperties.getEnablePrintApiLog());
+        Assertions.assertEquals(0, dashboardProperties.getRecordLogLimit());
+        Assertions.assertEquals(false, dashboardProperties.getEnableOnlySuperAdminPermission());
+        Assertions.assertEquals(false, dashboardProperties.getEnableSuperAdminPasswordSafe());
+        Assertions.assertEquals(0, dashboardProperties.getSuperAdminPasswordValidDuration());
+    }
+
+    @Test
+    public void testSpecified() {
+        load(DashboardPropertiesTest.DashboardPropertiesConfiguration.class,
+                "shenyu.dashboard.core.recordLogLimit=10",
+                "shenyu.dashboard.core.onlyCleanDays=1",
+                "shenyu.dashboard.core.enablePrintApiLog=true",
+                "shenyu.dashboard.core.enableOnlySuperAdminPermission=false",
+                "shenyu.dashboard.core.enableSuperAdminPasswordSafe=false",
+                "shenyu.dashboard.core.superAdminPasswordValidDuration=0");
+
+        List<String> onlySuperAdminPermission = new ArrayList<>();
+        onlySuperAdminPermission.add("1");
+        DashboardProperties dashboardProperties = getContext().getBean(DashboardProperties.class);
+        dashboardProperties.setOnlySuperAdminPermission(onlySuperAdminPermission);
+
+        Assertions.assertEquals(10, dashboardProperties.getRecordLogLimit());
+        Assertions.assertEquals(1, dashboardProperties.getOnlyCleanDays());
+        Assertions.assertTrue(dashboardProperties.getEnablePrintApiLog());
+        Assertions.assertFalse(dashboardProperties.getEnableOnlySuperAdminPermission());
+        Assertions.assertFalse(dashboardProperties.getEnableSuperAdminPasswordSafe());
+        Assertions.assertEquals(0L, dashboardProperties.getSuperAdminPasswordValidDuration());
+        Assertions.assertEquals(1, dashboardProperties.getOnlySuperAdminPermission().size());
+        Assertions.assertEquals("1", dashboardProperties.getOnlySuperAdminPermission().get(0));
+    }
+
+    @Test
+    public void testOnlySuperAdminPermission() {
+        final DashboardProperties dashboardProperties = new DashboardProperties();
+        dashboardProperties.afterPropertiesSet();
+        Assertions.assertEquals(12, dashboardProperties.getOnlySuperAdminPermission().size());
+        // Check user permissions
+        Assertions.assertEquals("system:manager:add", dashboardProperties.getOnlySuperAdminPermission().get(0));
+        Assertions.assertEquals("system:manager:edit", dashboardProperties.getOnlySuperAdminPermission().get(1));
+        Assertions.assertEquals("system:manager:delete", dashboardProperties.getOnlySuperAdminPermission().get(2));
+
+        // Check role permissions
+        Assertions.assertEquals("system:role:edit", dashboardProperties.getOnlySuperAdminPermission().get(3));
+        Assertions.assertEquals("system:role:add", dashboardProperties.getOnlySuperAdminPermission().get(4));
+        Assertions.assertEquals("system:role:delete", dashboardProperties.getOnlySuperAdminPermission().get(5));
+
+        // Check resource permissions
+        Assertions.assertEquals("system:resource:addButton", dashboardProperties.getOnlySuperAdminPermission().get(6));
+        Assertions.assertEquals("system:resource:addMenu", dashboardProperties.getOnlySuperAdminPermission().get(7));
+        Assertions.assertEquals("system:resource:editButton", dashboardProperties.getOnlySuperAdminPermission().get(8));
+        Assertions.assertEquals("system:resource:editMenu", dashboardProperties.getOnlySuperAdminPermission().get(9));
+        Assertions.assertEquals("system:resource:deleteMenu", dashboardProperties.getOnlySuperAdminPermission().get(10));
+        Assertions.assertEquals("system:resource:deleteButton", dashboardProperties.getOnlySuperAdminPermission().get(11));
+
+        List<String> onlySuperAdminPermission = new ArrayList<>();
+        onlySuperAdminPermission.add("1");
+        dashboardProperties.setOnlySuperAdminPermission(onlySuperAdminPermission);
+        Assertions.assertEquals(1, dashboardProperties.getOnlySuperAdminPermission().size());
+
+        dashboardProperties.setEnableOnlySuperAdminPermission(false);
+        dashboardProperties.afterPropertiesSet();
+        Assertions.assertEquals(0, dashboardProperties.getOnlySuperAdminPermission().size());
+    }
+
+    @Configuration
+    @EnableConfigurationProperties(DashboardProperties.class)
+    static class DashboardPropertiesConfiguration {
     }
 }