AbstractConfiguredSecurityBuilderTests, AbstractRequestMatcherRegistryTests -> .java
Issue gh-4939
This commit is contained in:
Joe Grandja
parent
7eb58ee7d9
commit
1cb581a0c6
|
|
@ -1,173 +0,0 @@
|
|||
/*
|
||||
* Copyright 2002-2013 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web
|
||||
|
||||
import org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder
|
||||
import org.springframework.security.config.annotation.BaseSpringSpec
|
||||
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurer
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter
|
||||
import org.springframework.test.util.ReflectionTestUtils
|
||||
|
||||
import spock.lang.Specification
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
class AbstractConfiguredSecurityBuilderTests extends BaseSpringSpec {
|
||||
|
||||
ConcreteAbstractConfiguredBuilder builder
|
||||
|
||||
def setup() {
|
||||
builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor)
|
||||
}
|
||||
|
||||
def "Null ObjectPostProcessor rejected"() {
|
||||
when:
|
||||
new ConcreteAbstractConfiguredBuilder(null)
|
||||
then:
|
||||
thrown(IllegalArgumentException)
|
||||
when:
|
||||
builder.objectPostProcessor(null);
|
||||
then:
|
||||
thrown(IllegalArgumentException)
|
||||
}
|
||||
|
||||
def "apply null is rejected"() {
|
||||
when:
|
||||
builder.apply(null)
|
||||
then:
|
||||
thrown(IllegalArgumentException)
|
||||
}
|
||||
|
||||
def "Duplicate configurer is removed"() {
|
||||
when:
|
||||
builder.apply(new ConcreteConfigurer())
|
||||
builder.apply(new ConcreteConfigurer())
|
||||
then:
|
||||
ReflectionTestUtils.getField(builder,"configurers").size() == 1
|
||||
}
|
||||
|
||||
def "build twice fails"() {
|
||||
setup:
|
||||
builder.build()
|
||||
when:
|
||||
builder.build()
|
||||
then:
|
||||
thrown(IllegalStateException)
|
||||
}
|
||||
|
||||
def "getObject before build fails"() {
|
||||
when:
|
||||
builder.getObject()
|
||||
then:
|
||||
thrown(IllegalStateException)
|
||||
}
|
||||
|
||||
def "Configurer.init can apply another configurer"() {
|
||||
setup:
|
||||
DelegateConfigurer.CONF = Mock(SecurityConfigurerAdapter)
|
||||
when:
|
||||
builder.apply(new DelegateConfigurer())
|
||||
builder.build()
|
||||
then:
|
||||
1 * DelegateConfigurer.CONF.init(builder)
|
||||
1 * DelegateConfigurer.CONF.configure(builder)
|
||||
}
|
||||
|
||||
def "getConfigurer with multi fails"() {
|
||||
setup:
|
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true)
|
||||
builder.apply(new DelegateConfigurer())
|
||||
builder.apply(new DelegateConfigurer())
|
||||
when:
|
||||
builder.getConfigurer(DelegateConfigurer)
|
||||
then: "Fail due to trying to obtain a single DelegateConfigurer and multiple are provided"
|
||||
thrown(IllegalStateException)
|
||||
}
|
||||
|
||||
def "removeConfigurer with multi fails"() {
|
||||
setup:
|
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true)
|
||||
builder.apply(new DelegateConfigurer())
|
||||
builder.apply(new DelegateConfigurer())
|
||||
when:
|
||||
builder.removeConfigurer(DelegateConfigurer)
|
||||
then: "Fail due to trying to remove and obtain a single DelegateConfigurer and multiple are provided"
|
||||
thrown(IllegalStateException)
|
||||
}
|
||||
|
||||
def "removeConfigurers with multi"() {
|
||||
setup:
|
||||
DelegateConfigurer c1 = new DelegateConfigurer()
|
||||
DelegateConfigurer c2 = new DelegateConfigurer()
|
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true)
|
||||
builder.apply(c1)
|
||||
builder.apply(c2)
|
||||
when:
|
||||
def result = builder.removeConfigurers(DelegateConfigurer)
|
||||
then:
|
||||
result.size() == 2
|
||||
result.contains(c1)
|
||||
result.contains(c2)
|
||||
builder.getConfigurers(DelegateConfigurer).empty
|
||||
}
|
||||
|
||||
def "getConfigurers with multi"() {
|
||||
setup:
|
||||
DelegateConfigurer c1 = new DelegateConfigurer()
|
||||
DelegateConfigurer c2 = new DelegateConfigurer()
|
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true)
|
||||
builder.apply(c1)
|
||||
builder.apply(c2)
|
||||
when:
|
||||
def result = builder.getConfigurers(DelegateConfigurer)
|
||||
then:
|
||||
result.size() == 2
|
||||
result.contains(c1)
|
||||
result.contains(c2)
|
||||
builder.getConfigurers(DelegateConfigurer).size() == 2
|
||||
}
|
||||
|
||||
private static class DelegateConfigurer extends SecurityConfigurerAdapter<Object, ConcreteAbstractConfiguredBuilder> {
|
||||
private static SecurityConfigurer<Object, ConcreteAbstractConfiguredBuilder> CONF;
|
||||
|
||||
@Override
|
||||
public void init(ConcreteAbstractConfiguredBuilder builder)
|
||||
throws Exception {
|
||||
builder.apply(CONF);
|
||||
}
|
||||
}
|
||||
|
||||
private static class ConcreteConfigurer extends SecurityConfigurerAdapter<Object, ConcreteAbstractConfiguredBuilder> { }
|
||||
|
||||
private class ConcreteAbstractConfiguredBuilder extends AbstractConfiguredSecurityBuilder<Object, ConcreteAbstractConfiguredBuilder> {
|
||||
|
||||
public ConcreteAbstractConfiguredBuilder(ObjectPostProcessor<Object> objectPostProcessor) {
|
||||
super(objectPostProcessor);
|
||||
}
|
||||
|
||||
public ConcreteAbstractConfiguredBuilder(ObjectPostProcessor<Object> objectPostProcessor, boolean allowMulti) {
|
||||
super(objectPostProcessor,allowMulti);
|
||||
}
|
||||
|
||||
public Object performBuild() throws Exception {
|
||||
return "success";
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -1,59 +0,0 @@
|
|||
/*
|
||||
* Copyright 2002-2013 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web;
|
||||
|
||||
import static org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry.RequestMatchers.*
|
||||
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RegexRequestMatcher;
|
||||
|
||||
import spock.lang.Specification;
|
||||
|
||||
/**
|
||||
* @author Rob Winch
|
||||
*
|
||||
*/
|
||||
class RequestMatchersTests extends Specification {
|
||||
|
||||
def "regexMatchers(GET,'/a.*') uses RegexRequestMatcher"() {
|
||||
when:
|
||||
def matchers = regexMatchers(HttpMethod.GET, "/a.*")
|
||||
then: 'matcher is a RegexRequestMatcher'
|
||||
matchers.collect {it.class } == [RegexRequestMatcher]
|
||||
}
|
||||
|
||||
def "regexMatchers('/a.*') uses RegexRequestMatcher"() {
|
||||
when:
|
||||
def matchers = regexMatchers("/a.*")
|
||||
then: 'matcher is a RegexRequestMatcher'
|
||||
matchers.collect {it.class } == [RegexRequestMatcher]
|
||||
}
|
||||
|
||||
def "antMatchers(GET,'/a.*') uses AntPathRequestMatcher"() {
|
||||
when:
|
||||
def matchers = antMatchers(HttpMethod.GET, "/a.*")
|
||||
then: 'matcher is a RegexRequestMatcher'
|
||||
matchers.collect {it.class } == [AntPathRequestMatcher]
|
||||
}
|
||||
|
||||
def "antMatchers('/a.*') uses AntPathRequestMatcher"() {
|
||||
when:
|
||||
def matchers = antMatchers("/a.*")
|
||||
then: 'matcher is a AntPathRequestMatcher'
|
||||
matchers.collect {it.class } == [AntPathRequestMatcher]
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,150 @@
|
|||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder;
|
||||
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurer;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||
import org.springframework.test.util.ReflectionTestUtils;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
|
||||
/**
|
||||
* Tests for {@link AbstractConfiguredSecurityBuilder}.
|
||||
*
|
||||
* @author Joe Grandja
|
||||
*/
|
||||
public class AbstractConfiguredSecurityBuilderTests {
|
||||
private TestConfiguredSecurityBuilder builder;
|
||||
|
||||
@Before
|
||||
public void setUp() {
|
||||
this.builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class));
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void constructorWhenObjectPostProcessorIsNullThenThrowIllegalArgumentException() {
|
||||
new TestConfiguredSecurityBuilder(null);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void objectPostProcessorWhenNullThenThrowIllegalArgumentException() {
|
||||
this.builder.objectPostProcessor(null);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void applyWhenDuplicateConfigurerAddedThenDuplicateConfigurerRemoved() throws Exception {
|
||||
this.builder.apply(new TestSecurityConfigurer());
|
||||
this.builder.apply(new TestSecurityConfigurer());
|
||||
assertThat((Map) ReflectionTestUtils.getField(this.builder, "configurers")).hasSize(1);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalStateException.class)
|
||||
public void buildWhenBuildTwiceThenThrowIllegalStateException() throws Exception {
|
||||
this.builder.build();
|
||||
this.builder.build();
|
||||
}
|
||||
|
||||
@Test(expected = IllegalStateException.class)
|
||||
public void getObjectWhenNotBuiltThenThrowIllegalStateException() throws Exception {
|
||||
this.builder.getObject();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void buildWhenConfigurerAppliesAnotherConfigurerThenObjectStillBuilds() throws Exception {
|
||||
DelegateSecurityConfigurer.CONFIGURER = mock(SecurityConfigurer.class);
|
||||
this.builder.apply(new DelegateSecurityConfigurer());
|
||||
this.builder.build();
|
||||
verify(DelegateSecurityConfigurer.CONFIGURER).init(this.builder);
|
||||
verify(DelegateSecurityConfigurer.CONFIGURER).configure(this.builder);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalStateException.class)
|
||||
public void getConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception {
|
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true);
|
||||
builder.apply(new DelegateSecurityConfigurer());
|
||||
builder.apply(new DelegateSecurityConfigurer());
|
||||
builder.getConfigurer(DelegateSecurityConfigurer.class);
|
||||
}
|
||||
|
||||
@Test(expected = IllegalStateException.class)
|
||||
public void removeConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception {
|
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true);
|
||||
builder.apply(new DelegateSecurityConfigurer());
|
||||
builder.apply(new DelegateSecurityConfigurer());
|
||||
builder.removeConfigurer(DelegateSecurityConfigurer.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void removeConfigurersWhenMultipleConfigurersThenConfigurersRemoved() throws Exception {
|
||||
DelegateSecurityConfigurer configurer1 = new DelegateSecurityConfigurer();
|
||||
DelegateSecurityConfigurer configurer2 = new DelegateSecurityConfigurer();
|
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true);
|
||||
builder.apply(configurer1);
|
||||
builder.apply(configurer2);
|
||||
List<DelegateSecurityConfigurer> removedConfigurers = builder.removeConfigurers(DelegateSecurityConfigurer.class);
|
||||
assertThat(removedConfigurers).hasSize(2);
|
||||
assertThat(removedConfigurers).containsExactly(configurer1, configurer2);
|
||||
assertThat(builder.getConfigurers(DelegateSecurityConfigurer.class)).isEmpty();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getConfigurersWhenMultipleConfigurersThenConfigurersReturned() throws Exception {
|
||||
DelegateSecurityConfigurer configurer1 = new DelegateSecurityConfigurer();
|
||||
DelegateSecurityConfigurer configurer2 = new DelegateSecurityConfigurer();
|
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true);
|
||||
builder.apply(configurer1);
|
||||
builder.apply(configurer2);
|
||||
List<DelegateSecurityConfigurer> configurers = builder.getConfigurers(DelegateSecurityConfigurer.class);
|
||||
assertThat(configurers).hasSize(2);
|
||||
assertThat(configurers).containsExactly(configurer1, configurer2);
|
||||
assertThat(builder.getConfigurers(DelegateSecurityConfigurer.class)).hasSize(2);
|
||||
}
|
||||
|
||||
private static class DelegateSecurityConfigurer extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> {
|
||||
private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER;
|
||||
|
||||
@Override
|
||||
public void init(TestConfiguredSecurityBuilder builder) throws Exception {
|
||||
builder.apply(CONFIGURER);
|
||||
}
|
||||
}
|
||||
|
||||
private static class TestSecurityConfigurer extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> { }
|
||||
|
||||
private static class TestConfiguredSecurityBuilder extends AbstractConfiguredSecurityBuilder<Object, TestConfiguredSecurityBuilder> {
|
||||
|
||||
private TestConfiguredSecurityBuilder(ObjectPostProcessor<Object> objectPostProcessor) {
|
||||
super(objectPostProcessor);
|
||||
}
|
||||
|
||||
private TestConfiguredSecurityBuilder(ObjectPostProcessor<Object> objectPostProcessor, boolean allowConfigurersOfSameType) {
|
||||
super(objectPostProcessor, allowConfigurersOfSameType);
|
||||
}
|
||||
|
||||
public Object performBuild() throws Exception {
|
||||
return "success";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,91 @@
|
|||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
package org.springframework.security.config.annotation.web;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RegexRequestMatcher;
|
||||
import org.springframework.security.web.util.matcher.RequestMatcher;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
|
||||
/**
|
||||
* Tests for {@link AbstractRequestMatcherRegistry}.
|
||||
*
|
||||
* @author Joe Grandja
|
||||
*/
|
||||
public class AbstractRequestMatcherRegistryTests {
|
||||
private TestRequestMatcherRegistry matcherRegistry;
|
||||
|
||||
@Before
|
||||
public void setUp() {
|
||||
this.matcherRegistry = new TestRequestMatcherRegistry();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void regexMatchersWhenHttpMethodAndPatternParamsThenReturnRegexRequestMatcherType() {
|
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.regexMatchers(HttpMethod.GET, "/a.*");
|
||||
assertThat(requestMatchers).isNotEmpty();
|
||||
assertThat(requestMatchers.size()).isEqualTo(1);
|
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(RegexRequestMatcher.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void regexMatchersWhenPatternParamThenReturnRegexRequestMatcherType() {
|
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.regexMatchers("/a.*");
|
||||
assertThat(requestMatchers).isNotEmpty();
|
||||
assertThat(requestMatchers.size()).isEqualTo(1);
|
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(RegexRequestMatcher.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void antMatchersWhenHttpMethodAndPatternParamsThenReturnAntPathRequestMatcherType() {
|
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.antMatchers(HttpMethod.GET, "/a.*");
|
||||
assertThat(requestMatchers).isNotEmpty();
|
||||
assertThat(requestMatchers.size()).isEqualTo(1);
|
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(AntPathRequestMatcher.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void antMatchersWhenPatternParamThenReturnAntPathRequestMatcherType() {
|
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.antMatchers("/a.*");
|
||||
assertThat(requestMatchers).isNotEmpty();
|
||||
assertThat(requestMatchers.size()).isEqualTo(1);
|
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(AntPathRequestMatcher.class);
|
||||
}
|
||||
|
||||
private static class TestRequestMatcherRegistry extends AbstractRequestMatcherRegistry<List<RequestMatcher>> {
|
||||
|
||||
@Override
|
||||
public List<RequestMatcher> mvcMatchers(String... mvcPatterns) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<RequestMatcher> mvcMatchers(HttpMethod method, String... mvcPatterns) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
protected List<RequestMatcher> chainRequestMatchers(List<RequestMatcher> requestMatchers) {
|
||||
return requestMatchers;
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue