Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-23 12:32:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Test Reactive Method Security with Abstract Classes

Browse Source 
Issue gh-15352
This commit is contained in:
Josh Cummings 2024-09-12 15:38:09 -06:00
parent fee5dd30c0
commit 3e1f8bb960
1 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostReactiveMethodSecurityConfigurationTests.java
View File

@ -23,6 +23,7 @@ import java.util.List;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import jakarta.annotation.security.DenyAll;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.params.ParameterizedTest;
@ -37,6 +38,7 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Role;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
@ -409,6 +411,13 @@ public class PrePostReactiveMethodSecurityConfigurationTests {
});
}
// gh-15352
@Test
void annotationsInChildClassesDoNotAffectSuperclasses() {
this.spring.register(AbstractClassConfig.class).autowire();
this.spring.getContext().getBean(ClassInheritingAbstractClassWithNoAnnotations.class).method();
}
@Configuration
@EnableReactiveMethodSecurity
static class MethodSecurityServiceEnabledConfig {
@ -706,4 +715,29 @@ public class PrePostReactiveMethodSecurityConfigurationTests {
}
abstract static class AbstractClassWithNoAnnotations {
Mono<String> method() {
return Mono.just("ok");
}
}
@PreAuthorize("denyAll()")
@Secured("DENIED")
@DenyAll
static class ClassInheritingAbstractClassWithNoAnnotations extends AbstractClassWithNoAnnotations {
}
@EnableReactiveMethodSecurity
static class AbstractClassConfig {
@Bean
ClassInheritingAbstractClassWithNoAnnotations inheriting() {
return new ClassInheritingAbstractClassWithNoAnnotations();
}
}
}