Integration test failed in default project with security implementations

mr.vvatcher · February 1, 2025, 12:52pm

I have attached a completely clean project with the connected dependencies jmix security and a newly created jmix add-on. When attempting to run an empty test, the following error occurs:

Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name ‘core_UserSubstitutionManager’: Unsatisfied dependency expressed through field ‘authenticationManager’: Error creating bean with name ‘io.jmix.security.SecurityConfiguration’: Unsatisfied dependency expressed through field ‘userRepository’: No qualifying bean of type ‘io.jmix.core.security.UserRepository’ available: expected at least 1 bean which qualifies as an autowire candidate. Dependency annotations: {@org.springframework.beans.factory.annotation.Autowired(required=true)}

I tried copying it from the same default application where it is created, but that didn’t work, and it is not being picked up in the tests.

An even bigger problem arises in a situation where:
Addon “B” depends on Addon “A”, which in turn depends on jmix security. As a result, it also does not allow the test to run, even though Addon “B” itself does not have a direct dependency on jmix security.

This can be bypassed by creating a stub UserRepository, but even after that, many issues still arise with the initialization of DataManager and similar problems.

Because of this, I ask knowledgeable people for help in solving the issue and advising on how to run integration tests.

Thank you!

m.orlova · February 3, 2025, 10:57am

Hi, @mr.vvatcher

You can use in-memory user repository io.jmix.core.security.InMemoryUserRepository implementation in your tests.
For that, register it as Spring bean in your AdtTestConfiguration. For example,

    @Bean
    public UserRepository userRepository() {
        return new InMemoryUserRepository();
    }

Also this bean provides the addUser method to add users. By default, it creates system and anonymous users only.

Regards,
Maria.

mr.vvatcher · February 3, 2025, 1:57pm

Maria, thank you very much for your response! It indeed addresses the first part of the question but does not resolve the overall issue—there is still no working integration test, since immediately after this error, the following occurs:

Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration': Unsatisfied dependency expressed through method 'setFilterChains' parameter 0: Error creating bean with name 'VaadinSecurityFilterChainBean' defined in class path resource [io/jmix/autoconfigure/securityflowui/SecurityFlowuiAutoConfiguration$DefaultFlowuiVaadinWebSecurity.class]: Failed to instantiate [org.springframework.security.web.SecurityFilterChain]: Factory method 'filterChain' threw exception with message: View 'login' is not defined
This happens in case there is no Login screen (and in the case of an addon, the login screen is most likely in the main project rather than in the addon). But even if we assume that this screen exists in the module itself, a new error arises (if there is at least one service with the @dataManager injection, in my case, it is systemUtilsBean):

Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'systemUtilsBean': Unsatisfied dependency expressed through field 'dataManager': Error creating bean with name 'core_UnconstrainedDataManager': Unsatisfied dependency expressed through field 'metadata': Error creating bean with name 'core_Metadata' defined in URL [jar:file:/C:/Users/dreizer/.gradle/caches/modules-2/files-2.1/io.jmix.core/jmix-core/2.4.2/ca6a239ce27c8a7f8ad8f997206456bfa103e326/jmix-core-2.4.2.jar!/io/jmix/core/impl/MetadataImpl.class]: Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'core_MetadataLoader' defined in URL [jar:file:/C:/Users/dreizer/.gradle/caches/modules-2/files-2.1/io.jmix.core/jmix-core/2.4.2/ca6a239ce27c8a7f8ad8f997206456bfa103e326/jmix-core-2.4.2.jar!/io/jmix/core/impl/MetadataLoader.class]: Unsatisfied dependency expressed through constructor parameter 1: Error creating bean with name 'core_MetaModelLoader' defined in URL [jar:file:/C:/Users/dreizer/.gradle/caches/modules-2/files-2.1/io.jmix.core/jmix-core/2.4.2/ca6a239ce27c8a7f8ad8f997206456bfa103e326/jmix-core-2.4.2.jar!/io/jmix/core/impl/MetaModelLoader.class]: Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'core_DatatypeRegistry' defined in URL [jar:file:/C:/Users/dreizer/.gradle/caches/modules-2/files-2.1/io.jmix.core/jmix-core/2.4.2/ca6a239ce27c8a7f8ad8f997206456bfa103e326/jmix-core-2.4.2.jar!/io/jmix/core/impl/DatatypeRegistryImpl.class]: Unsatisfied dependency expressed through constructor parameter 0: Error creating bean with name 'core_BooleanDatatype': Unsatisfied dependency expressed through method 'setMessages' parameter 0: Error creating bean with name 'core_Messages': Unsatisfied dependency expressed through field 'currentAuthentication': Error creating bean with name 'core_CurrentAuthentication': Unsatisfied dependency expressed through method 'setDeviceTimeZoneProvider' parameter 0: Error creating bean with name 'sec_DeviceTimeZoneProviderImpl' defined in URL [jar:file:/C:/Users/dreizer/.gradle/caches/modules-2/files-2.1/io.jmix.security/jmix-security-flowui/2.4.2/29dc24e50d69149f90fc25153f0b2308a4f05069/jmix-security-flowui-2.4.2.jar!/io/jmix/securityflowui/security/DeviceTimeZoneProviderImpl.class]: Unsatisfied dependency expressed through constructor parameter 0: No qualifying bean of type 'io.jmix.flowui.sys.ExtendedClientDetailsProvider' available: expected at least 1 bean which qualifies as autowire candidate. Dependency annotations: {}\

Could you please provide a working integration test considering the standard behavior in the context of an addon and dependencies between addons?

mr.vvatcher · February 11, 2025, 2:44pm

update pls

m.orlova · February 17, 2025, 1:28pm

Hi, @mr.vvatcher

Sorry for the late reply. If you have a look at io.jmix.autoconfigure.securityflowui.SecurityFlowuiAutoConfiguration, it contains DefaultFlowuiVaadinWebSecurity which requires a login view to configure a security.

If you don’t need this configuration in your tests, you can exclude it by specifying the following application property in test-app.properties:

jmix.flowui.use-default-security-configuration = false

Regards,
Maria.