Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-1583: Added hasAuthority and hasAnyAuthority imlementations to SecurityExpressionRoot.

This commit is contained in:
Luke Taylor 2010-10-15 15:14:48 +01:00
parent f70942c6f5
commit 54694d5ab7
2 changed files with 35 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
core/src/main/java/org/springframework/security/access/expression/SecurityExpressionRoot.java
View File

@ -46,6 +46,14 @@ public abstract class SecurityExpressionRoot {
this.authentication = a;
}
public final boolean hasAuthority(String authority) {
return hasRole(authority);
}
public final boolean hasAnyAuthority(String... authorities) {
return hasAnyRole(authorities);
}
public final boolean hasRole(String role) {
return getAuthoritySet().contains(role);
}

29
core/src/test/java/org/springframework/security/access/expression/SecurityExpressionRootTests.java
View File

@ -1,12 +1,16 @@
package org.springframework.security.access.expression;
import static org.junit.Assert.*;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
import java.util.Collection;
import org.junit.Test;
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
import org.springframework.security.authentication.AuthenticationTrustResolver;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
@ -16,11 +20,30 @@ import org.springframework.security.core.authority.AuthorityUtils;
* @since 3.0
*/
public class SecurityExpressionRootTests {
private final Authentication JOE = new TestingAuthenticationToken("joe", "pass", "A", "B");
@Test
public void denyAllIsFalsePermitAllTrue() throws Exception {
SecurityExpressionRoot root = new SecurityExpressionRoot(JOE) {};
assertFalse(root.denyAll());
assertFalse(root.denyAll);
assertTrue(root.permitAll());
assertTrue(root.permitAll);
}
@Test
public void rememberMeIsCorrectlyDetected() throws Exception {
SecurityExpressionRoot root = new SecurityExpressionRoot(JOE) {};
AuthenticationTrustResolver atr = mock(AuthenticationTrustResolver.class);
root.setTrustResolver(atr);
when(atr.isRememberMe(JOE)).thenReturn(true);
assertTrue(root.isRememberMe());
assertFalse(root.isFullyAuthenticated());
}
@Test
public void roleHierarchySupportIsCorrectlyUsedInEvaluatingRoles() throws Exception {
SecurityExpressionRoot root =
new SecurityExpressionRoot(new TestingAuthenticationToken("joe", "pass", "A", "B")) {};
SecurityExpressionRoot root = new SecurityExpressionRoot(JOE) {};
root.setRoleHierarchy(new RoleHierarchy() {
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
@ -29,9 +52,11 @@ public class SecurityExpressionRootTests {
});
assertTrue(root.hasRole("C"));
assertTrue(root.hasAuthority("C"));
assertFalse(root.hasRole("A"));
assertFalse(root.hasRole("B"));
assertTrue(root.hasAnyRole("C", "A", "B"));
assertTrue(root.hasAnyAuthority("C", "A", "B"));
assertFalse(root.hasAnyRole("A", "B"));
}
}