SEC-1897: Remove raw types from AbstractAccessDecisionManager

2014-11-20 15:36:53 -06:00 · 2014-11-20 15:36:53 -06:00 · 30c5788b8b
parent 1cca72e6d8
commit 30c5788b8b
14 changed files with 28 additions and 34 deletions
--- a/aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java
+++ b/aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java
@ -56,7 +56,7 @@ public class AnnotationSecurityAspectTests {
        adm = new AffirmativeBased();
        AccessDecisionVoter[] voters = new AccessDecisionVoter[]
                {new RoleVoter(), new PreInvocationAuthorizationAdviceVoter(new ExpressionBasedPreInvocationAdvice())};
-        adm.setDecisionVoters(Arrays.asList(voters));
+        adm.setDecisionVoters(Arrays.<AccessDecisionVoter<? extends Object>>asList(voters));
        interceptor.setAccessDecisionManager(adm);
        interceptor.setAuthenticationManager(authman);
        interceptor.setSecurityMetadataSource(new SecuredAnnotationSecurityMetadataSource());
--- a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java
@ -173,7 +173,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware {
     */
    @SuppressWarnings("rawtypes")
    protected AccessDecisionManager accessDecisionManager() {
-        List<AccessDecisionVoter> decisionVoters = new ArrayList<AccessDecisionVoter>();
+        List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<AccessDecisionVoter<? extends Object>>();
        ExpressionBasedPreInvocationAdvice expressionAdvice = new ExpressionBasedPreInvocationAdvice();
        expressionAdvice.setExpressionHandler(getExpressionHandler());
        if(prePostEnabled()) {
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractInterceptUrlConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractInterceptUrlConfigurer.java
@ -103,7 +103,7 @@ abstract class AbstractInterceptUrlConfigurer<C extends AbstractInterceptUrlConf
     *         default {@link AccessDecisionManager}
     */
    @SuppressWarnings("rawtypes")
-    abstract List<AccessDecisionVoter> getDecisionVoters(H http);
+    abstract List<AccessDecisionVoter<? extends Object>> getDecisionVoters(H http);

    abstract class AbstractInterceptUrlRegistry<R extends AbstractInterceptUrlRegistry<R,T>,T> extends AbstractConfigAttributeRequestMatcherRegistry<T> {

--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
@ -141,8 +141,8 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu

    @Override
    @SuppressWarnings("rawtypes")
-    final List<AccessDecisionVoter> getDecisionVoters(H http) {
-        List<AccessDecisionVoter> decisionVoters = new ArrayList<AccessDecisionVoter>();
+    final List<AccessDecisionVoter<? extends Object>> getDecisionVoters(H http) {
+        List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<AccessDecisionVoter<? extends Object>>();
        WebExpressionVoter expressionVoter = new WebExpressionVoter();
        expressionVoter.setExpressionHandler(getExpressionHandler(http));
        decisionVoters.add(expressionVoter);
@ -213,8 +213,6 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
        /**
         * Negates the following expression.
         *
-         * @param role the role to require (i.e. USER, ADMIN, etc). Note, it should not start with "ROLE_" as
-         *             this is automatically inserted.
         * @return the {@link ExpressionUrlAuthorizationConfigurer} for further customization
         */
        public AuthorizedUrl not() {
--- a/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java
@ -81,14 +81,12 @@ import org.springframework.util.Assert;
 *
 * <ul>
 * <li>
- * {@link org.springframework.security.config.annotation.web.builders.HttpSecurity#getAuthenticationManager()}
+ * AuthenticationManager
 * </li>
 * </ul>
 *
 * @param <H>
 *            the type of {@link HttpSecurityBuilder} that is being configured
- * @param <C>
- *            the type of object that is being chained
 *
 * @author Rob Winch
 * @since 3.2
@ -144,15 +142,14 @@ public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>

    /**
     * Creates the default {@link AccessDecisionVoter} instances used if an
-     * {@link AccessDecisionManager} was not specified using
-     * {@link #accessDecisionManager(AccessDecisionManager)}.
+     * {@link AccessDecisionManager} was not specified.
     *
     * @param http the builder to use
     */
    @Override
    @SuppressWarnings("rawtypes")
-    final List<AccessDecisionVoter> getDecisionVoters(H http) {
-        List<AccessDecisionVoter> decisionVoters = new ArrayList<AccessDecisionVoter>();
+    final List<AccessDecisionVoter<? extends Object>> getDecisionVoters(H http) {
+        List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<AccessDecisionVoter<? extends Object>>();
        decisionVoters.add(new RoleVoter());
        decisionVoters.add(new AuthenticatedVoter());
        return decisionVoters;
@ -236,7 +233,6 @@ public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
        /**
         * Creates a new instance
         * @param requestMatchers the {@link RequestMatcher} instances to map to some {@link ConfigAttribute} instances.
-         * @see UrlAuthorizationConfigurer#chainRequestMatchers(List)
         */
        private AuthorizedUrl(List<RequestMatcher> requestMatchers) {
            Assert.notEmpty(requestMatchers, "requestMatchers must contain at least one value");
--- a/config/src/main/java/org/springframework/security/config/annotation/web/socket/AbstractSecurityWebSocketMessageBrokerConfigurer.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/web/socket/AbstractSecurityWebSocketMessageBrokerConfigurer.java
@ -81,7 +81,7 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
    @Bean
    public ChannelSecurityInterceptor inboundChannelSecurity() {
        ChannelSecurityInterceptor channelSecurityInterceptor = new ChannelSecurityInterceptor(inboundMessageSecurityMetadataSource());
-        List<AccessDecisionVoter> voters = new ArrayList<AccessDecisionVoter>();
+        List<AccessDecisionVoter<? extends Object>> voters = new ArrayList<AccessDecisionVoter<? extends Object>>();
        voters.add(new MessageExpressionVoter());
        AffirmativeBased manager = new AffirmativeBased(voters);
        channelSecurityInterceptor.setAccessDecisionManager(manager);
--- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerConfigs.java
+++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerConfigs.java
@ -55,7 +55,7 @@ public class ExpressionUrlAuthorizationConfigurerConfigs {
        protected void configure(HttpSecurity http) throws Exception {
            SecurityExpressionHandler<FilterInvocation> handler = new DefaultWebSecurityExpressionHandler();
            WebExpressionVoter expressionVoter = new WebExpressionVoter();
-            AffirmativeBased adm = new AffirmativeBased(Arrays.<AccessDecisionVoter>asList(expressionVoter));
+            AffirmativeBased adm = new AffirmativeBased(Arrays.<AccessDecisionVoter<? extends Object>>asList(expressionVoter));
            http
                .authorizeRequests()
                    .expressionHandler(handler)
--- a/core/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java
+++ b/core/src/main/java/org/springframework/security/access/vote/AbstractAccessDecisionManager.java
@ -44,7 +44,7 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
    //~ Instance fields ================================================================================================
    protected final Log logger = LogFactory.getLog(getClass());

-    private List<AccessDecisionVoter> decisionVoters;
+    private List<AccessDecisionVoter<? extends Object>> decisionVoters;

    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();

@ -53,7 +53,7 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
    protected AbstractAccessDecisionManager() {
    }

-    protected AbstractAccessDecisionManager(List<AccessDecisionVoter> decisionVoters) {
+    protected AbstractAccessDecisionManager(List<AccessDecisionVoter<? extends Object>> decisionVoters) {
        Assert.notEmpty(decisionVoters, "A list of AccessDecisionVoters is required");
        this.decisionVoters = decisionVoters;
    }
@ -72,7 +72,7 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
        }
    }

-    public List<AccessDecisionVoter> getDecisionVoters() {
+    public List<AccessDecisionVoter<? extends Object>> getDecisionVoters() {
        return this.decisionVoters;
    }

@ -88,10 +88,10 @@ public abstract class AbstractAccessDecisionManager implements AccessDecisionMan
     * @deprecated Use constructor
     */
    @Deprecated
-    public void setDecisionVoters(List<AccessDecisionVoter> newList) {
+    public void setDecisionVoters(List<AccessDecisionVoter<? extends Object>> newList) {
        Assert.notEmpty(newList);

-        Iterator<AccessDecisionVoter> iter = newList.iterator();
+        Iterator<AccessDecisionVoter<? extends Object>> iter = newList.iterator();

        while (iter.hasNext()) {
            Object currentObject = iter.next();
--- a/core/src/main/java/org/springframework/security/access/vote/AffirmativeBased.java
+++ b/core/src/main/java/org/springframework/security/access/vote/AffirmativeBased.java
@ -36,7 +36,7 @@ public class AffirmativeBased extends AbstractAccessDecisionManager {
    public AffirmativeBased() {
    }

-    public AffirmativeBased(List<AccessDecisionVoter> decisionVoters) {
+    public AffirmativeBased(List<AccessDecisionVoter<? extends Object>> decisionVoters) {
        super(decisionVoters);
    }

--- a/core/src/main/java/org/springframework/security/access/vote/ConsensusBased.java
+++ b/core/src/main/java/org/springframework/security/access/vote/ConsensusBased.java
@ -41,7 +41,7 @@ public class ConsensusBased extends AbstractAccessDecisionManager {
    public ConsensusBased() {
    }

-    public ConsensusBased(List<AccessDecisionVoter> decisionVoters) {
+    public ConsensusBased(List<AccessDecisionVoter<? extends Object>> decisionVoters) {
        super(decisionVoters);
    }

--- a/core/src/main/java/org/springframework/security/access/vote/UnanimousBased.java
+++ b/core/src/main/java/org/springframework/security/access/vote/UnanimousBased.java
@ -38,7 +38,7 @@ public class UnanimousBased extends AbstractAccessDecisionManager {
    public UnanimousBased() {
    }

-    public UnanimousBased(List<AccessDecisionVoter> decisionVoters) {
+    public UnanimousBased(List<AccessDecisionVoter<? extends Object>> decisionVoters) {
        super(decisionVoters);
    }

--- a/core/src/test/java/org/springframework/security/access/vote/AffirmativeBasedTests.java
+++ b/core/src/test/java/org/springframework/security/access/vote/AffirmativeBasedTests.java
@ -61,32 +61,32 @@ public class AffirmativeBasedTests {

    @Test
    public void oneAffirmativeVoteOneDenyVoteOneAbstainVoteGrantsAccess() throws Exception {
-        mgr.setDecisionVoters(Arrays.asList(grant, deny, abstain));
+        mgr.setDecisionVoters(Arrays.<AccessDecisionVoter<? extends Object>>asList(grant, deny, abstain));
        mgr.afterPropertiesSet();
        mgr.decide(user, new Object(), attrs);
    }

    @Test
    public void oneDenyVoteOneAbstainVoteOneAffirmativeVoteGrantsAccess() throws Exception {
-        mgr.setDecisionVoters(Arrays.asList(deny, abstain, grant));
+        mgr.setDecisionVoters(Arrays.<AccessDecisionVoter<? extends Object>>asList(deny, abstain, grant));
        mgr.decide(user, new Object(), attrs);
    }

    @Test
    public void oneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
-        mgr.setDecisionVoters(Arrays.asList(grant, abstain, abstain));
+        mgr.setDecisionVoters(Arrays.<AccessDecisionVoter<? extends Object>>asList(grant, abstain, abstain));
        mgr.decide(user, new Object(), attrs);
    }

    @Test(expected=AccessDeniedException.class)
    public void oneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
-        mgr.setDecisionVoters(Arrays.asList(deny, abstain, abstain));
+        mgr.setDecisionVoters(Arrays.<AccessDecisionVoter<? extends Object>>asList(deny, abstain, abstain));
        mgr.decide(user, new Object(), attrs);
    }

    @Test(expected=AccessDeniedException.class)
    public void onlyAbstainVotesDeniesAccessWithDefault() throws Exception {
-        mgr.setDecisionVoters(Arrays.asList(abstain, abstain, abstain));
+        mgr.setDecisionVoters(Arrays.<AccessDecisionVoter<? extends Object>>asList(abstain, abstain, abstain));
        assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default

        mgr.decide(user, new Object(), attrs);
@ -94,7 +94,7 @@ public class AffirmativeBasedTests {

    @Test
    public void testThreeAbstainVotesGrantsAccessIfAllowIfAllAbstainDecisionsIsSet() throws Exception {
-        mgr.setDecisionVoters(Arrays.asList(abstain, abstain, abstain));
+        mgr.setDecisionVoters(Arrays.<AccessDecisionVoter<? extends Object>>asList(abstain, abstain, abstain));
        mgr.setAllowIfAllAbstainDecisions(true);
        assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed

--- a/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java
+++ b/core/src/test/java/org/springframework/security/access/vote/ConsensusBasedTests.java
@ -110,7 +110,7 @@ public class ConsensusBasedTests {
        RoleVoter roleVoter = new RoleVoter();
        DenyVoter denyForSureVoter = new DenyVoter();
        DenyAgainVoter denyAgainForSureVoter = new DenyAgainVoter();
-        List<AccessDecisionVoter> voters = new Vector<AccessDecisionVoter>();
+        List<AccessDecisionVoter<? extends Object>> voters = new Vector<AccessDecisionVoter<? extends Object>>();
        voters.add(roleVoter);
        voters.add(denyForSureVoter);
        voters.add(denyAgainForSureVoter);
--- a/core/src/test/java/org/springframework/security/access/vote/UnanimousBasedTests.java
+++ b/core/src/test/java/org/springframework/security/access/vote/UnanimousBasedTests.java
@ -43,7 +43,7 @@ public class UnanimousBasedTests extends TestCase {
        RoleVoter roleVoter = new RoleVoter();
        DenyVoter denyForSureVoter = new DenyVoter();
        DenyAgainVoter denyAgainForSureVoter = new DenyAgainVoter();
-        List<AccessDecisionVoter> voters = new Vector<AccessDecisionVoter>();
+        List<AccessDecisionVoter<? extends Object>> voters = new Vector<AccessDecisionVoter<? extends Object>>();
        voters.add(roleVoter);
        voters.add(denyForSureVoter);
        voters.add(denyAgainForSureVoter);
@ -59,7 +59,7 @@ public class UnanimousBasedTests extends TestCase {

        DenyVoter denyForSureVoter = new DenyVoter();
        DenyAgainVoter denyAgainForSureVoter = new DenyAgainVoter();
-        List<AccessDecisionVoter> voters = new Vector<AccessDecisionVoter>();
+        List<AccessDecisionVoter<? extends Object>> voters = new Vector<AccessDecisionVoter<? extends Object>>();
        voters.add(roleVoter);
        voters.add(denyForSureVoter);
        voters.add(denyAgainForSureVoter);