Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-01 09:42:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-2827: Clean up MessageMatcher Ambiguities

Browse Source
This commit is contained in:
Rob Winch 2015-01-23 17:23:29 -06:00
parent b97a5d3b53
commit 414f98bee0
4 changed files with 262 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java
View File

@ -57,13 +57,23 @@ public class MessageSecurityMetadataSourceRegistry {
return matchers(MessageMatcher.ANY_MESSAGE); return matchers(MessageMatcher.ANY_MESSAGE);
} }
/**
* Maps any {@link Message} that has a null SimpMessageHeaderAccessor destination header (i.e. CONNECT,
* CONNECT_ACK, HEARTBEAT, UNSUBSCRIBE, DISCONNECT, DISCONNECT_ACK, OTHER)
*
* @return the Expression to associate
*/
public Constraint nullDestMatcher() {
return matchers(SimpDestinationMessageMatcher.NULL_DESTINATION_MATCHER);
}
/** /**
* Maps a {@link List} of {@link SimpDestinationMessageMatcher} instances. * Maps a {@link List} of {@link SimpDestinationMessageMatcher} instances.
* *
* @param typesToMatch the {@link SimpMessageType} instance to match on * @param typesToMatch the {@link SimpMessageType} instance to match on
* @return the {@link Constraint} associated to the matchers. * @return the {@link Constraint} associated to the matchers.
*/ */
public Constraint typeMatchers(SimpMessageType... typesToMatch) { public Constraint simpTypeMatchers(SimpMessageType... typesToMatch) {
MessageMatcher<?>[] typeMatchers = new MessageMatcher<?>[typesToMatch.length]; MessageMatcher<?>[] typeMatchers = new MessageMatcher<?>[typesToMatch.length];
for (int i = 0; i < typesToMatch.length; i++) { for (int i = 0; i < typesToMatch.length; i++) {
SimpMessageType typeToMatch = typesToMatch[i]; SimpMessageType typeToMatch = typesToMatch[i];
@ -81,15 +91,45 @@ public class MessageSecurityMetadataSourceRegistry {
* the patterns to create * the patterns to create
* {@link org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher} * {@link org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher}
* from. Uses * from. Uses
* {@link MessageSecurityMetadataSourceRegistry#pathMatcher(PathMatcher)} * {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}
* . * .
* *
* @return the {@link Constraint} that is associated to the * @return the {@link Constraint} that is associated to the
* {@link MessageMatcher} * {@link MessageMatcher}
* @see {@link MessageSecurityMetadataSourceRegistry#pathMatcher(PathMatcher)} * @see {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}
*/ */
public Constraint antMatchers(String... patterns) { public Constraint simpDestMatchers(String... patterns) {
return antMatchers(null, patterns); return simpDestMatchers(null, patterns);
}
/**
* Maps a {@link List} of {@link SimpDestinationMessageMatcher} instances that match on {@code SimpMessageType.MESSAGE}.
* If no destination is found on the Message, then the Matcher returns
* false.
*
* @param patterns the patterns to create {@link org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher}
* from. Uses {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}.
*
* @return the {@link Constraint} that is associated to the {@link MessageMatcher}
* @see {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}
*/
public Constraint simpDestMessageMatchers(String... patterns) {
return simpDestMatchers(SimpMessageType.MESSAGE, patterns);
}
/**
* Maps a {@link List} of {@link SimpDestinationMessageMatcher} instances that match on {@code SimpMessageType.SUBSCRIBE}.
* If no destination is found on the Message, then the Matcher returns
* false.
*
* @param patterns the patterns to create {@link org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher}
* from. Uses {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}.
*
* @return the {@link Constraint} that is associated to the {@link MessageMatcher}
* @see {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}
*/
public Constraint simpDestSubscribeMatchers(String... patterns) {
return simpDestMatchers(SimpMessageType.SUBSCRIBE, patterns);
} }
/** /**
@ -99,12 +139,12 @@ public class MessageSecurityMetadataSourceRegistry {
* *
* @param type the {@link SimpMessageType} to match on. If null, the {@link SimpMessageType} is not considered for matching. * @param type the {@link SimpMessageType} to match on. If null, the {@link SimpMessageType} is not considered for matching.
* @param patterns the patterns to create {@link org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher} * @param patterns the patterns to create {@link org.springframework.security.messaging.util.matcher.SimpDestinationMessageMatcher}
* from. Uses {@link MessageSecurityMetadataSourceRegistry#pathMatcher(PathMatcher)}. * from. Uses {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}.
* *
* @return the {@link Constraint} that is associated to the {@link MessageMatcher} * @return the {@link Constraint} that is associated to the {@link MessageMatcher}
* @see {@link MessageSecurityMetadataSourceRegistry#pathMatcher(PathMatcher)} * @see {@link MessageSecurityMetadataSourceRegistry#simpDestPathMatcher(PathMatcher)}
*/ */
public Constraint antMatchers(SimpMessageType type, String... patterns) { private Constraint simpDestMatchers(SimpMessageType type, String... patterns) {
List<MatcherBuilder> matchers = new ArrayList<MatcherBuilder>(patterns.length); List<MatcherBuilder> matchers = new ArrayList<MatcherBuilder>(patterns.length);
for(String pattern : patterns) { for(String pattern : patterns) {
matchers.add(new PathMatcherMessageMatcherBuilder(pattern, type)); matchers.add(new PathMatcherMessageMatcherBuilder(pattern, type));
@ -113,13 +153,13 @@ public class MessageSecurityMetadataSourceRegistry {
} }
/** /**
* The {@link PathMatcher} to be used with the {@link MessageSecurityMetadataSourceRegistry#antMatchers(String...)}. * The {@link PathMatcher} to be used with the {@link MessageSecurityMetadataSourceRegistry#simpDestMatchers(String...)}.
* The default is to use the default constructor of {@link AntPathMatcher}. * The default is to use the default constructor of {@link AntPathMatcher}.
* *
* @param pathMatcher the {@link PathMatcher} to use. Cannot be null. * @param pathMatcher the {@link PathMatcher} to use. Cannot be null.
* @return the {@link MessageSecurityMetadataSourceRegistry} for further customization. * @return the {@link MessageSecurityMetadataSourceRegistry} for further customization.
*/ */
public MessageSecurityMetadataSourceRegistry pathMatcher(PathMatcher pathMatcher) { public MessageSecurityMetadataSourceRegistry simpDestPathMatcher(PathMatcher pathMatcher) {
Assert.notNull(pathMatcher, "pathMatcher cannot be null"); Assert.notNull(pathMatcher, "pathMatcher cannot be null");
this.pathMatcher = pathMatcher; this.pathMatcher = pathMatcher;
return this; return this;
@ -344,7 +384,14 @@ public class MessageSecurityMetadataSourceRegistry {
} }
public MessageMatcher<?> build() { public MessageMatcher<?> build() {
return new SimpDestinationMessageMatcher(pattern, type, pathMatcher); if(type == null) {
return new SimpDestinationMessageMatcher(pattern, pathMatcher);
} else if(SimpMessageType.MESSAGE == type) {
return SimpDestinationMessageMatcher.createMessageMatcher(pattern, pathMatcher);
} else if(SimpMessageType.SUBSCRIBE == type) {
return SimpDestinationMessageMatcher.createSubscribeMatcher(pattern, pathMatcher);
}
throw new IllegalStateException(type + " is not supported since it does not have a destination");
} }
} }

172
config/src/test/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistryTests.java
View File

@ -22,6 +22,7 @@ import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner; import org.mockito.runners.MockitoJUnitRunner;
import org.springframework.messaging.Message; import org.springframework.messaging.Message;
import org.springframework.messaging.simp.SimpMessageHeaderAccessor; import org.springframework.messaging.simp.SimpMessageHeaderAccessor;
import org.springframework.messaging.simp.SimpMessageType;
import org.springframework.messaging.support.MessageBuilder; import org.springframework.messaging.support.MessageBuilder;
import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.messaging.access.intercept.MessageSecurityMetadataSource; import org.springframework.security.messaging.access.intercept.MessageSecurityMetadataSource;
@ -48,20 +49,21 @@ public class MessageSecurityMetadataSourceRegistryTests {
message = MessageBuilder message = MessageBuilder
.withPayload("Hi") .withPayload("Hi")
.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "location") .setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "location")
.build(); .setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.MESSAGE)
.build();
} }
// See https://github.com/spring-projects/spring-security/commit/3f30529039c76facf335d6ca69d18d8ae287f3f9#commitcomment-7412712 // See https://github.com/spring-projects/spring-security/commit/3f30529039c76facf335d6ca69d18d8ae287f3f9#commitcomment-7412712
// https://jira.spring.io/browse/SPR-11660 // https://jira.spring.io/browse/SPR-11660
@Test @Test
public void destinationMatcherCustom() { public void simpDestMatchersCustom() {
message = MessageBuilder message = MessageBuilder
.withPayload("Hi") .withPayload("Hi")
.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2") .setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2")
.build(); .build();
messages messages
.pathMatcher(new AntPathMatcher(".")) .simpDestPathMatcher(new AntPathMatcher("."))
.antMatchers("price.stock.*").permitAll(); .simpDestMatchers("price.stock.*").permitAll();
assertThat(getAttribute()).isNull(); assertThat(getAttribute()).isNull();
@ -70,21 +72,21 @@ public class MessageSecurityMetadataSourceRegistryTests {
.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2") .setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2")
.build(); .build();
messages messages
.pathMatcher(new AntPathMatcher(".")) .simpDestPathMatcher(new AntPathMatcher("."))
.antMatchers("price.stock.**").permitAll(); .simpDestMatchers("price.stock.**").permitAll();
assertThat(getAttribute()).isEqualTo("permitAll"); assertThat(getAttribute()).isEqualTo("permitAll");
} }
@Test @Test
public void destinationMatcherCustomSetAfterMatchersDoesNotMatter() { public void simpDestMatchersCustomSetAfterMatchersDoesNotMatter() {
message = MessageBuilder message = MessageBuilder
.withPayload("Hi") .withPayload("Hi")
.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2") .setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2")
.build(); .build();
messages messages
.antMatchers("price.stock.*").permitAll() .simpDestMatchers("price.stock.*").permitAll()
.pathMatcher(new AntPathMatcher(".")); .simpDestPathMatcher(new AntPathMatcher("."));
assertThat(getAttribute()).isNull(); assertThat(getAttribute()).isNull();
@ -93,14 +95,15 @@ public class MessageSecurityMetadataSourceRegistryTests {
.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2") .setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER, "price.stock.1.2")
.build(); .build();
messages messages
.antMatchers("price.stock.**").permitAll() .simpDestMatchers("price.stock.**").permitAll()
.pathMatcher(new AntPathMatcher(".")); .simpDestPathMatcher(new AntPathMatcher("."));
assertThat(getAttribute()).isEqualTo("permitAll"); assertThat(getAttribute()).isEqualTo("permitAll");
} }
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
public void pathMatcherNull() { public void pathMatcherNull() {
messages.pathMatcher(null); messages.simpDestPathMatcher(null);
} }
@Test @Test
@ -121,104 +124,203 @@ public class MessageSecurityMetadataSourceRegistryTests {
} }
@Test @Test
public void destinationMatcherExact() { public void simpDestMatchersExact() {
messages messages
.antMatchers("location").permitAll(); .simpDestMatchers("location").permitAll();
assertThat(getAttribute()).isEqualTo("permitAll"); assertThat(getAttribute()).isEqualTo("permitAll");
} }
@Test @Test
public void destinationMatcherMulti() { public void simpDestMatchersMulti() {
messages messages
.antMatchers("admin/**","api/**").hasRole("ADMIN") .simpDestMatchers("admin/**","api/**").hasRole("ADMIN")
.antMatchers("location").permitAll(); .simpDestMatchers("location").permitAll();
assertThat(getAttribute()).isEqualTo("permitAll"); assertThat(getAttribute()).isEqualTo("permitAll");
} }
@Test @Test
public void destinationMatcherRole() { public void simpDestMatchersRole() {
messages messages
.antMatchers("admin/**","location/**").hasRole("ADMIN") .simpDestMatchers("admin/**","location/**").hasRole("ADMIN")
.anyMessage().denyAll(); .anyMessage().denyAll();
assertThat(getAttribute()).isEqualTo("hasRole('ROLE_ADMIN')"); assertThat(getAttribute()).isEqualTo("hasRole('ROLE_ADMIN')");
} }
@Test @Test
public void destinationMatcherAnyRole() { public void simpDestMatchersAnyRole() {
messages messages
.antMatchers("admin/**","location/**").hasAnyRole("ADMIN", "ROOT") .simpDestMatchers("admin/**","location/**").hasAnyRole("ADMIN", "ROOT")
.anyMessage().denyAll(); .anyMessage().denyAll();
assertThat(getAttribute()).isEqualTo("hasAnyRole('ROLE_ADMIN','ROLE_ROOT')"); assertThat(getAttribute()).isEqualTo("hasAnyRole('ROLE_ADMIN','ROLE_ROOT')");
} }
@Test @Test
public void destinationMatcherAuthority() { public void simpDestMatchersAuthority() {
messages messages
.antMatchers("admin/**","location/**").hasAuthority("ROLE_ADMIN") .simpDestMatchers("admin/**","location/**").hasAuthority("ROLE_ADMIN")
.anyMessage().fullyAuthenticated(); .anyMessage().fullyAuthenticated();
assertThat(getAttribute()).isEqualTo("hasAuthority('ROLE_ADMIN')"); assertThat(getAttribute()).isEqualTo("hasAuthority('ROLE_ADMIN')");
} }
@Test @Test
public void destinationMatcherAccess() { public void simpDestMatchersAccess() {
String expected = "hasRole('ROLE_ADMIN') and fullyAuthenticated"; String expected = "hasRole('ROLE_ADMIN') and fullyAuthenticated";
messages messages
.antMatchers("admin/**","location/**").access(expected) .simpDestMatchers("admin/**","location/**").access(expected)
.anyMessage().denyAll(); .anyMessage().denyAll();
assertThat(getAttribute()).isEqualTo(expected); assertThat(getAttribute()).isEqualTo(expected);
} }
@Test @Test
public void destinationMatcherAnyAuthority() { public void simpDestMatchersAnyAuthority() {
messages messages
.antMatchers("admin/**","location/**").hasAnyAuthority("ROLE_ADMIN", "ROLE_ROOT") .simpDestMatchers("admin/**","location/**").hasAnyAuthority("ROLE_ADMIN", "ROLE_ROOT")
.anyMessage().denyAll(); .anyMessage().denyAll();
assertThat(getAttribute()).isEqualTo("hasAnyAuthority('ROLE_ADMIN','ROLE_ROOT')"); assertThat(getAttribute()).isEqualTo("hasAnyAuthority('ROLE_ADMIN','ROLE_ROOT')");
} }
@Test @Test
public void destinationMatcherRememberMe() { public void simpDestMatchersRememberMe() {
messages messages
.antMatchers("admin/**","location/**").rememberMe() .simpDestMatchers("admin/**","location/**").rememberMe()
.anyMessage().denyAll(); .anyMessage().denyAll();
assertThat(getAttribute()).isEqualTo("rememberMe"); assertThat(getAttribute()).isEqualTo("rememberMe");
} }
@Test @Test
public void destinationMatcherAnonymous() { public void simpDestMatchersAnonymous() {
messages messages
.antMatchers("admin/**","location/**").anonymous() .simpDestMatchers("admin/**","location/**").anonymous()
.anyMessage().denyAll(); .anyMessage().denyAll();
assertThat(getAttribute()).isEqualTo("anonymous"); assertThat(getAttribute()).isEqualTo("anonymous");
} }
@Test @Test
public void destinationMatcherFullyAuthenticated() { public void simpDestMatchersFullyAuthenticated() {
messages messages
.antMatchers("admin/**","location/**").fullyAuthenticated() .simpDestMatchers("admin/**","location/**").fullyAuthenticated()
.anyMessage().denyAll(); .anyMessage().denyAll();
assertThat(getAttribute()).isEqualTo("fullyAuthenticated"); assertThat(getAttribute()).isEqualTo("fullyAuthenticated");
} }
@Test @Test
public void destinationMatcherDenyAll() { public void simpDestMatchersDenyAll() {
messages messages
.antMatchers("admin/**","location/**").denyAll() .simpDestMatchers("admin/**","location/**").denyAll()
.anyMessage().permitAll(); .anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("denyAll"); assertThat(getAttribute()).isEqualTo("denyAll");
} }
@Test
public void simpDestMessageMatchersNotMatch() {
messages
.simpDestMessageMatchers("admin/**").denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("permitAll");
}
@Test
public void simpDestMessageMatchersMatch() {
messages
.simpDestMessageMatchers("location/**").denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("denyAll");
}
@Test
public void simpDestSubscribeMatchersNotMatch() {
messages
.simpDestSubscribeMatchers("location/**").denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("permitAll");
}
@Test
public void simpDestSubscribeMatchersMatch() {
message = MessageBuilder.fromMessage(message)
.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.SUBSCRIBE)
.build();
messages
.simpDestSubscribeMatchers("location/**").denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("denyAll");
}
@Test
public void nullDestMatcherNotMatches() {
messages
.nullDestMatcher().denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("permitAll");
}
@Test
public void nullDestMatcherMatch() {
message = MessageBuilder
.withPayload("Hi")
.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.CONNECT)
.build();
messages
.nullDestMatcher().denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("denyAll");
}
@Test
public void simpTypeMatchersMatch() {
messages
.simpTypeMatchers(SimpMessageType.MESSAGE).denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("denyAll");
}
@Test
public void simpTypeMatchersMatchMulti() {
messages
.simpTypeMatchers(SimpMessageType.CONNECT, SimpMessageType.MESSAGE).denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("denyAll");
}
@Test
public void simpTypeMatchersNotMatch() {
messages
.simpTypeMatchers(SimpMessageType.CONNECT).denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("permitAll");
}
@Test
public void simpTypeMatchersNotMatchMulti() {
messages
.simpTypeMatchers(SimpMessageType.CONNECT, SimpMessageType.DISCONNECT).denyAll()
.anyMessage().permitAll();
assertThat(getAttribute()).isEqualTo("permitAll");
}
private String getAttribute() { private String getAttribute() {
MessageSecurityMetadataSource source = messages.createMetadataSource(); MessageSecurityMetadataSource source = messages.createMetadataSource();
Collection<ConfigAttribute> attrs = source.getAttributes(message); Collection<ConfigAttribute> attrs = source.getAttributes(message);

56
messaging/src/main/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcher.java
View File

@ -33,7 +33,15 @@ import org.springframework.util.PathMatcher;
* @author Rob Winch * @author Rob Winch
*/ */
public final class SimpDestinationMessageMatcher implements MessageMatcher<Object> { public final class SimpDestinationMessageMatcher implements MessageMatcher<Object> {
public static final MessageMatcher<Object> NULL_DESTINATION_MATCHER = new MessageMatcher<Object>() {
public boolean matches(Message<? extends Object> message) {
String destination = SimpMessageHeaderAccessor.getDestination(message.getHeaders());
return destination == null;
}
};
private final PathMatcher matcher; private final PathMatcher matcher;
/** /**
* The {@link MessageMatcher} that determines if the type matches. If the * The {@link MessageMatcher} that determines if the type matches. If the
* type was null, this matcher will match every Message. * type was null, this matcher will match every Message.
@ -76,19 +84,16 @@ public final class SimpDestinationMessageMatcher implements MessageMatcher<Objec
this(pattern, null); this(pattern, null);
} }
/** /**
* <p> * <p>
* Creates a new instance with the specified pattern and a {@link AntPathMatcher} created from the default * Creates a new instance with the specified pattern and {@link PathMatcher}.
* constructor.
* </p> * </p>
* *
* @param pattern the pattern to use * @param pattern the pattern to use
* @param type the {@link SimpMessageType} to match on or null if any {@link SimpMessageType} should be matched.
* @param pathMatcher the {@link PathMatcher} to use. * @param pathMatcher the {@link PathMatcher} to use.
*/ */
public SimpDestinationMessageMatcher(String pattern, SimpMessageType type) { public SimpDestinationMessageMatcher(String pattern, PathMatcher pathMatcher) {
this(pattern, type, new AntPathMatcher()); this(pattern, null, pathMatcher);
} }
/** /**
@ -100,9 +105,13 @@ public final class SimpDestinationMessageMatcher implements MessageMatcher<Objec
* @param type the {@link SimpMessageType} to match on or null if any {@link SimpMessageType} should be matched. * @param type the {@link SimpMessageType} to match on or null if any {@link SimpMessageType} should be matched.
* @param pathMatcher the {@link PathMatcher} to use. * @param pathMatcher the {@link PathMatcher} to use.
*/ */
public SimpDestinationMessageMatcher(String pattern, SimpMessageType type, PathMatcher pathMatcher) { private SimpDestinationMessageMatcher(String pattern, SimpMessageType type, PathMatcher pathMatcher) {
Assert.notNull(pattern, "pattern cannot be null"); Assert.notNull(pattern, "pattern cannot be null");
Assert.notNull(pathMatcher, "pathMatcher cannot be null"); Assert.notNull(pathMatcher, "pathMatcher cannot be null");
if(!isTypeWithDestination(type)) {
throw new IllegalArgumentException("SimpMessageType " + type + " does not contain a destination and so cannot be matched on.");
}
this.matcher = pathMatcher; this.matcher = pathMatcher;
this.messageTypeMatcher = type == null ? ANY_MESSAGE : new SimpMessageTypeMatcher(type); this.messageTypeMatcher = type == null ? ANY_MESSAGE : new SimpMessageTypeMatcher(type);
this.pattern = pattern; this.pattern = pattern;
@ -117,16 +126,45 @@ public final class SimpDestinationMessageMatcher implements MessageMatcher<Objec
return destination != null && matcher.match(pattern, destination); return destination != null && matcher.match(pattern, destination);
} }
public MessageMatcher<Object> getMessageTypeMatcher() { public MessageMatcher<Object> getMessageTypeMatcher() {
return messageTypeMatcher; return messageTypeMatcher;
} }
@Override @Override
public String toString() { public String toString() {
return "SimpDestinationMessageMatcher [matcher=" + matcher return "SimpDestinationMessageMatcher [matcher=" + matcher
+ ", messageTypeMatcher=" + messageTypeMatcher + ", pattern=" + ", messageTypeMatcher=" + messageTypeMatcher + ", pattern="
+ pattern + "]"; + pattern + "]";
} }
private boolean isTypeWithDestination(SimpMessageType type) {
if(type == null) {
return true;
}
return SimpMessageType.MESSAGE.equals(type) || SimpMessageType.SUBSCRIBE.equals(type);
}
/**
* <p>
* Creates a new instance with the specified pattern, {@code SimpMessageType.SUBSCRIBE}, and {@link PathMatcher}.
* </p>
*
* @param pattern the pattern to use
* @param pathMatcher the {@link PathMatcher} to use.
*/
public static SimpDestinationMessageMatcher createSubscribeMatcher(String pattern, PathMatcher matcher) {
return new SimpDestinationMessageMatcher(pattern, SimpMessageType.SUBSCRIBE, matcher);
}
/**
* <p>
* Creates a new instance with the specified pattern, {@code SimpMessageType.MESSAGE}, and {@link PathMatcher}.
* </p>
*
* @param pattern the pattern to use
* @param pathMatcher the {@link PathMatcher} to use.
*/
public static SimpDestinationMessageMatcher createMessageMatcher(String pattern, PathMatcher matcher) {
return new SimpDestinationMessageMatcher(pattern, SimpMessageType.MESSAGE, matcher);
}
} }

25
messaging/src/test/java/org/springframework/security/messaging/util/matcher/SimpDestinationMessageMatcherTests.java
View File

@ -22,6 +22,8 @@ import org.junit.Test;
import org.springframework.messaging.simp.SimpMessageHeaderAccessor; import org.springframework.messaging.simp.SimpMessageHeaderAccessor;
import org.springframework.messaging.simp.SimpMessageType; import org.springframework.messaging.simp.SimpMessageType;
import org.springframework.messaging.support.MessageBuilder; import org.springframework.messaging.support.MessageBuilder;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
public class SimpDestinationMessageMatcherTests { public class SimpDestinationMessageMatcherTests {
@ -29,10 +31,13 @@ public class SimpDestinationMessageMatcherTests {
SimpDestinationMessageMatcher matcher; SimpDestinationMessageMatcher matcher;
PathMatcher pathMatcher;
@Before @Before
public void setup() { public void setup() {
messageBuilder = MessageBuilder.withPayload("M"); messageBuilder = MessageBuilder.withPayload("M");
matcher = new SimpDestinationMessageMatcher("/**"); matcher = new SimpDestinationMessageMatcher("/**");
pathMatcher = new AntPathMatcher();
} }
@Test(expected = IllegalArgumentException.class) @Test(expected = IllegalArgumentException.class)
@ -72,7 +77,7 @@ public class SimpDestinationMessageMatcherTests {
@Test @Test
public void matchesFalseMessageTypeNotDisconnectType() throws Exception { public void matchesFalseMessageTypeNotDisconnectType() throws Exception {
matcher = new SimpDestinationMessageMatcher("/match", SimpMessageType.MESSAGE); matcher = SimpDestinationMessageMatcher.createMessageMatcher("/match", pathMatcher);
messageBuilder.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.DISCONNECT); messageBuilder.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.DISCONNECT);
@ -81,7 +86,7 @@ public class SimpDestinationMessageMatcherTests {
@Test @Test
public void matchesTrueMessageType() throws Exception { public void matchesTrueMessageType() throws Exception {
matcher = new SimpDestinationMessageMatcher("/match", SimpMessageType.MESSAGE); matcher = SimpDestinationMessageMatcher.createMessageMatcher("/match", pathMatcher);
messageBuilder.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER,"/match"); messageBuilder.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER,"/match");
messageBuilder.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.MESSAGE); messageBuilder.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.MESSAGE);
@ -89,9 +94,19 @@ public class SimpDestinationMessageMatcherTests {
assertThat(matcher.matches(messageBuilder.build())).isTrue(); assertThat(matcher.matches(messageBuilder.build())).isTrue();
} }
@Test
public void matchesTrueSubscribeType() throws Exception {
matcher = SimpDestinationMessageMatcher.createSubscribeMatcher("/match", pathMatcher);
messageBuilder.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER,"/match");
messageBuilder.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.SUBSCRIBE);
assertThat(matcher.matches(messageBuilder.build())).isTrue();
}
@Test @Test
public void matchesNullMessageType() throws Exception { public void matchesNullMessageType() throws Exception {
matcher = new SimpDestinationMessageMatcher("/match", null); matcher = new SimpDestinationMessageMatcher("/match");
messageBuilder.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER,"/match"); messageBuilder.setHeader(SimpMessageHeaderAccessor.DESTINATION_HEADER,"/match");
messageBuilder.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.MESSAGE); messageBuilder.setHeader(SimpMessageHeaderAccessor.MESSAGE_TYPE_HEADER, SimpMessageType.MESSAGE);
@ -101,11 +116,11 @@ public class SimpDestinationMessageMatcherTests {
@Test @Test
public void typeConstructorParameterIsTransmitted() throws Exception { public void typeConstructorParameterIsTransmitted() throws Exception {
matcher = new SimpDestinationMessageMatcher("/match", SimpMessageType.MESSAGE); matcher = SimpDestinationMessageMatcher.createMessageMatcher("/match", pathMatcher);
MessageMatcher<Object> expectedTypeMatcher = new SimpMessageTypeMatcher(SimpMessageType.MESSAGE); MessageMatcher<Object> expectedTypeMatcher = new SimpMessageTypeMatcher(SimpMessageType.MESSAGE);
assertThat(matcher.getMessageTypeMatcher()).isEqualTo(expectedTypeMatcher); assertThat(matcher.getMessageTypeMatcher()).isEqualTo(expectedTypeMatcher);
} }