Add unit tests

src/main/java/com/podzilla/auth/service/AuthenticationService.java

@@ -65,10 +65,21 @@ public String login(final LoginRequest loginRequest,
     }
 
     public void registerAccount(final SignupRequest signupRequest) {
-        if (signupRequest.getPassword().isEmpty()) {
+        if (signupRequest.getPassword() == null
+                || signupRequest.getPassword().isEmpty()) {
             throw new ValidationException("Password cannot be empty.");
         }
 
+        if (signupRequest.getName() == null
+                || signupRequest.getName().isEmpty()) {
+            throw new ValidationException("Name cannot be empty.");
+        }
+
+        if (signupRequest.getEmail() == null
+                || signupRequest.getEmail().isEmpty()) {
+            throw new ValidationException("Email cannot be empty.");
+        }
+
         if (userRepository.existsByEmail(signupRequest.getEmail())) {
             throw new ValidationException("Email already in use.");
         }
@@ -82,6 +93,11 @@ public void registerAccount(final SignupRequest signupRequest) {
                                         signupRequest.getPassword()))
                         .build();
         Role role = roleRepository.findByErole(ERole.ROLE_USER).orElse(null);
+
+        if (role == null) {
+            throw new ValidationException("Role_USER not found.");
+        }
+
         account.setRoles(Collections.singleton(role));
         userRepository.save(account);
     }

src/main/java/com/podzilla/auth/service/CustomUserDetailsService.java

@@ -2,6 +2,7 @@
 
 import com.podzilla.auth.dto.CustomUserDetails;
 import com.podzilla.auth.exception.NotFoundException;
+import com.podzilla.auth.exception.ValidationException;
 import com.podzilla.auth.model.User;
 import com.podzilla.auth.repository.UserRepository;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -33,6 +34,10 @@ public UserDetails loadUserByUsername(final String email) {
                         new NotFoundException(
                                 email + " not found."));
 
+        if (user.getRoles() == null || user.getRoles().isEmpty()) {
+            throw new ValidationException("User has no roles assigned.");
+        }
+
         Set<GrantedAuthority> authorities = user
                 .getRoles()
                 .stream()

src/main/resources/application.properties

@@ -19,7 +19,7 @@ spring.datasource.password=1234
 spring.datasource.driver-class-name=org.postgresql.Driver
 
 spring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect
-spring.jpa.hibernate.ddl-auto=create-drop
+spring.jpa.hibernate.ddl-auto=update
 spring.jpa.generate-ddl=true
 spring.jpa.show-sql=true
 spring.jpa.properties.hibernate.format_sql=true

src/test/java/com/podzilla/auth/service/AdminServiceTest.java

@@ -0,0 +1,42 @@
+package com.podzilla.auth.service;
+
+import com.podzilla.auth.model.User;
+import com.podzilla.auth.repository.UserRepository;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+
+import java.util.Arrays;
+import java.util.List;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+@ExtendWith(MockitoExtension.class)
+class AdminServiceTest {
+
+    @Mock
+    private UserRepository userRepository;
+
+    @InjectMocks
+    private AdminService adminService;
+
+    @Test
+    void getUsers_shouldReturnListOfUsers() {
+        User user1 = User.builder().id(1L).email("user1@example.com").name("User One").build();
+        User user2 = User.builder().id(2L).email("user2@example.com").name("User Two").build();
+        List<User> expectedUsers = Arrays.asList(user1, user2);
+
+        when(userRepository.findAll()).thenReturn(expectedUsers);
+
+        List<User> actualUsers = adminService.getUsers();
+
+        assertEquals(expectedUsers.size(), actualUsers.size());
+        assertEquals(expectedUsers, actualUsers);
+
+        verify(userRepository).findAll();
+    }
+}

src/test/java/com/podzilla/auth/service/AuthenticationServiceTest.java

@@ -0,0 +1,287 @@
+package com.podzilla.auth.service;
+
+import com.podzilla.auth.dto.LoginRequest;
+import com.podzilla.auth.dto.SignupRequest;
+import com.podzilla.auth.exception.ValidationException;
+import com.podzilla.auth.model.ERole;
+import com.podzilla.auth.model.Role;
+import com.podzilla.auth.model.User;
+import com.podzilla.auth.repository.RoleRepository;
+import com.podzilla.auth.repository.UserRepository;
+import jakarta.servlet.http.HttpServletRequest; // Added import
+import jakarta.servlet.http.HttpServletResponse;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.ArgumentCaptor;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+import java.util.Collections;
+import java.util.Optional;
+
+import static org.junit.jupiter.api.Assertions.*;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.*;
+
+@ExtendWith(MockitoExtension.class)
+class AuthenticationServiceTest {
+
+    @Mock
+    private AuthenticationManager authenticationManager;
+    @Mock
+    private PasswordEncoder passwordEncoder;
+    @Mock
+    private UserRepository userRepository;
+    @Mock
+    private TokenService tokenService;
+    @Mock
+    private RoleRepository roleRepository;
+    @Mock
+    private HttpServletResponse httpServletResponse;
+    @Mock // Added mock for HttpServletRequest
+    private HttpServletRequest httpServletRequest;
+
+    @InjectMocks
+    private AuthenticationService authenticationService;
+
+    private SignupRequest signupRequest;
+    private LoginRequest loginRequest;
+    private User user;
+    private Role userRole;
+
+    @BeforeEach
+    void setUp() {
+        signupRequest = new SignupRequest();
+        signupRequest.setName("Test User");
+        signupRequest.setEmail("test@example.com");
+        signupRequest.setPassword("password123");
+
+        loginRequest = new LoginRequest();
+        loginRequest.setEmail("test@example.com");
+        loginRequest.setPassword("password123");
+
+        userRole = new Role(ERole.ROLE_USER);
+        user = User.builder()
+                .id(1L)
+                .name("Test User")
+                .email("test@example.com")
+                .password("encodedPassword")
+                .roles(Collections.singleton(userRole))
+                .build();
+    }
+
+    // --- registerAccount Tests ---
+
+    @Test
+    void registerAccount_shouldSaveUser_whenEmailNotExistsAndPasswordNotEmpty() {
+        // Arrange
+        when(userRepository.existsByEmail(signupRequest.getEmail())).thenReturn(false);
+        when(passwordEncoder.encode(signupRequest.getPassword())).thenReturn("encodedPassword");
+        when(roleRepository.findByErole(ERole.ROLE_USER)).thenReturn(Optional.of(userRole));
+        when(userRepository.save(any(User.class))).thenReturn(user); // Return the saved user
+
+        // Act
+        authenticationService.registerAccount(signupRequest);
+
+        // Assert
+        verify(userRepository).existsByEmail(signupRequest.getEmail());
+        verify(passwordEncoder).encode(signupRequest.getPassword());
+        verify(roleRepository).findByErole(ERole.ROLE_USER);
+
+        // Capture the user argument passed to save
+        ArgumentCaptor<User> userCaptor = ArgumentCaptor.forClass(User.class);
+        verify(userRepository).save(userCaptor.capture());
+        User savedUser = userCaptor.getValue();
+
+        assertEquals(signupRequest.getName(), savedUser.getName());
+        assertEquals(signupRequest.getEmail(), savedUser.getEmail());
+        assertEquals("encodedPassword", savedUser.getPassword());
+        assertTrue(savedUser.getRoles().contains(userRole));
+    }
+
+    @Test
+    void registerAccount_shouldThrowValidationException_whenEmailExists() {
+        // Arrange
+        when(userRepository.existsByEmail(signupRequest.getEmail())).thenReturn(true);
+
+        // Act & Assert
+        ValidationException exception = assertThrows(ValidationException.class, () -> {
+            authenticationService.registerAccount(signupRequest);
+        });
+
+        assertEquals("Validation error: Email already in use.",
+                exception.getMessage());
+        verify(userRepository).existsByEmail(signupRequest.getEmail());
+        verify(passwordEncoder, never()).encode(anyString());
+        verify(roleRepository, never()).findByErole(any());
+        verify(userRepository, never()).save(any(User.class));
+    }
+
+    @Test
+    void registerAccount_shouldThrowValidationException_whenPasswordIsEmpty() {
+        // Arrange
+        signupRequest.setPassword(""); // Empty password
+
+        // Act & Assert
+        ValidationException exception = assertThrows(ValidationException.class, () -> {
+            authenticationService.registerAccount(signupRequest);
+        });
+
+        assertEquals("Validation error: Password cannot be empty.",
+                exception.getMessage());
+        verify(userRepository, never()).existsByEmail(anyString());
+        verify(passwordEncoder, never()).encode(anyString());
+        verify(roleRepository, never()).findByErole(any());
+        verify(userRepository, never()).save(any(User.class));
+    }
+
+    @Test
+    void registerAccount_shouldHandleRoleNotFoundGracefully() {
+        // Arrange - Simulate role not found in DB
+        when(userRepository.existsByEmail(signupRequest.getEmail())).thenReturn(false);
+        when(passwordEncoder.encode(signupRequest.getPassword())).thenReturn("encodedPassword");
+        when(roleRepository.findByErole(ERole.ROLE_USER)).thenReturn(Optional.empty()); // Role not found
+
+        // Act
+        ValidationException exception = assertThrows(ValidationException.class, () -> {
+            authenticationService.registerAccount(signupRequest);
+        });
+
+        assertEquals("Validation error: Role_USER not found.",
+                exception.getMessage());
+
+        // Assert
+        verify(userRepository).existsByEmail(signupRequest.getEmail());
+        verify(passwordEncoder).encode(signupRequest.getPassword());
+        verify(roleRepository).findByErole(ERole.ROLE_USER);
+    }
+
+
+    // --- login Tests ---
+
+    @Test
+    void login_shouldReturnUsernameAndSetTokens_whenCredentialsAreValid() {
+        // Arrange
+        UserDetails userDetails = new org.springframework.security.core.userdetails.User(
+                loginRequest.getEmail(),
+                "encodedPassword", // Password doesn't matter much here as AuthenticationManager handles it
+                Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"))
+        );
+        Authentication successfulAuth = new UsernamePasswordAuthenticationToken(
+                userDetails, // Principal
+                loginRequest.getPassword(), // Credentials
+                userDetails.getAuthorities() // Authorities
+        );
+
+        // Mock AuthenticationManager behavior
+        when(authenticationManager.authenticate(any(UsernamePasswordAuthenticationToken.class)))
+                .thenReturn(successfulAuth);
+
+        // Mocks for token generation (void methods, no 'when' needed unless checking args)
+        // doNothing().when(tokenService).generateAccessToken(anyString(), any(HttpServletResponse.class));
+        // doNothing().when(tokenService).generateRefreshToken(anyString(), any(HttpServletResponse.class));
+
+        // Act
+        String loggedInUsername = authenticationService.login(loginRequest, httpServletResponse);
+
+        // Assert
+        assertEquals(loginRequest.getEmail(), loggedInUsername);
+
+        // Verify AuthenticationManager was called with unauthenticated token
+        ArgumentCaptor<UsernamePasswordAuthenticationToken> authCaptor =
+                ArgumentCaptor.forClass(UsernamePasswordAuthenticationToken.class);
+        verify(authenticationManager).authenticate(authCaptor.capture());
+        UsernamePasswordAuthenticationToken capturedAuthRequest = authCaptor.getValue();
+        assertEquals(loginRequest.getEmail(), capturedAuthRequest.getName());
+        assertEquals(loginRequest.getPassword(), capturedAuthRequest.getCredentials());
+        assertFalse(capturedAuthRequest.isAuthenticated()); // Ensure it was unauthenticated initially
+
+        // Verify token generation methods were called
+        verify(tokenService).generateAccessToken(loginRequest.getEmail(), httpServletResponse);
+        verify(tokenService).generateRefreshToken(loginRequest.getEmail(), httpServletResponse);
+    }
+
+    @Test
+    void login_shouldThrowException_whenCredentialsAreInvalid() {
+        // Arrange
+        // Mock AuthenticationManager to throw an exception for bad credentials
+        when(authenticationManager.authenticate(any(UsernamePasswordAuthenticationToken.class)))
+                .thenThrow(new BadCredentialsException("Invalid credentials"));
+
+        // Act & Assert
+        assertThrows(BadCredentialsException.class, () -> {
+            authenticationService.login(loginRequest, httpServletResponse);
+        });
+
+        // Verify token generation methods were NOT called
+        verify(tokenService, never()).generateAccessToken(anyString(), any(HttpServletResponse.class));
+        verify(tokenService, never()).generateRefreshToken(anyString(), any(HttpServletResponse.class));
+    }
+
+    // --- logoutUser Tests ---
+    @Test
+    void logoutUser_shouldCallTokenServiceToRemoveTokens() {
+        // Arrange (no specific arrangement needed as methods are void)
+
+        // Act
+        authenticationService.logoutUser(httpServletResponse);
+
+        // Assert
+        verify(tokenService).removeAccessTokenFromCookie(httpServletResponse);
+        verify(tokenService).removeRefreshTokenFromCookieAndExpire(httpServletResponse);
+    }
+
+    // --- refreshToken Tests ---
+    @Test
+    void refreshToken_shouldReturnEmailAndGenerateAccessToken_whenTokenIsValid() {
+        // Arrange
+        String expectedEmail = "test@example.com";
+        String validRefreshToken = "valid-refresh-token";
+
+        when(tokenService.getRefreshTokenFromCookie(httpServletRequest)).thenReturn(validRefreshToken);
+        when(tokenService.renewRefreshToken(validRefreshToken, httpServletResponse)).thenReturn(expectedEmail);
+        // No need to mock generateAccessToken as it's void, we just verify it
+
+        // Act
+        String actualEmail = authenticationService.refreshToken(httpServletRequest, httpServletResponse);
+
+        // Assert
+        assertEquals(expectedEmail, actualEmail);
+        verify(tokenService).getRefreshTokenFromCookie(httpServletRequest);
+        verify(tokenService).renewRefreshToken(validRefreshToken, httpServletResponse);
+        verify(tokenService).generateAccessToken(expectedEmail, httpServletResponse);
+    }
+
+    @Test
+    void refreshToken_shouldThrowValidationException_whenTokenIsInvalid() {
+        // Arrange
+        String invalidRefreshToken = "invalid-refresh-token";
+
+        when(tokenService.getRefreshTokenFromCookie(httpServletRequest)).thenReturn(invalidRefreshToken);
+        // Mock renewRefreshToken to throw the exception caught in the service method
+        when(tokenService.renewRefreshToken(invalidRefreshToken, httpServletResponse))
+                .thenThrow(new IllegalArgumentException("Token invalid"));
+
+        // Act & Assert
+        ValidationException exception = assertThrows(ValidationException.class, () -> {
+            authenticationService.refreshToken(httpServletRequest, httpServletResponse);
+        });
+
+        assertEquals("Validation error: Invalid refresh token.",
+                exception.getMessage());
+        verify(tokenService).getRefreshTokenFromCookie(httpServletRequest);
+        verify(tokenService).renewRefreshToken(invalidRefreshToken, httpServletResponse);
+        // Verify generateAccessToken was NOT called in the failure case
+        verify(tokenService, never()).generateAccessToken(anyString(), any(HttpServletResponse.class));
+    }
+}