mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-06-29 15:22:15 +00:00
SEC-1337: Make User serializable by moving anonymous comparator class
This commit is contained in:
Luke Taylor
parent
27dfff106e
commit
55679971f0
@ -185,7 +185,17 @@ public class User implements UserDetails {
|
|||||||
Assert.notNull(authorities, "Cannot pass a null GrantedAuthority collection");
|
Assert.notNull(authorities, "Cannot pass a null GrantedAuthority collection");
|
||||||
// Ensure array iteration order is predictable (as per UserDetails.getAuthorities() contract and SEC-717)
|
// Ensure array iteration order is predictable (as per UserDetails.getAuthorities() contract and SEC-717)
|
||||||
SortedSet<GrantedAuthority> sortedAuthorities =
|
SortedSet<GrantedAuthority> sortedAuthorities =
|
||||||
new TreeSet<GrantedAuthority>(new Comparator<GrantedAuthority>() {
|
new TreeSet<GrantedAuthority>(new AuthorityComparator());
|
||||||
|
|
||||||
|
for (GrantedAuthority grantedAuthority : authorities) {
|
||||||
|
Assert.notNull(grantedAuthority, "GrantedAuthority list cannot contain any null elements");
|
||||||
|
sortedAuthorities.add(grantedAuthority);
|
||||||
|
}
|
||||||
|
|
||||||
|
return sortedAuthorities;
|
||||||
|
}
|
||||||
|
|
||||||
|
private static class AuthorityComparator implements Comparator<GrantedAuthority> {
|
||||||
public int compare(GrantedAuthority g1, GrantedAuthority g2) {
|
public int compare(GrantedAuthority g1, GrantedAuthority g2) {
|
||||||
// Neither should ever be null as each entry is checked before adding it to the set.
|
// Neither should ever be null as each entry is checked before adding it to the set.
|
||||||
// If the authority is null, it is a custom authority and should precede others.
|
// If the authority is null, it is a custom authority and should precede others.
|
||||||
@ -199,15 +209,8 @@ public class User implements UserDetails {
|
|||||||
|
|
||||||
return g1.getAuthority().compareTo(g2.getAuthority());
|
return g1.getAuthority().compareTo(g2.getAuthority());
|
||||||
}
|
}
|
||||||
});
|
|
||||||
|
|
||||||
for (GrantedAuthority grantedAuthority : authorities) {
|
|
||||||
Assert.notNull(grantedAuthority, "GrantedAuthority list cannot contain any null elements");
|
|
||||||
sortedAuthorities.add(grantedAuthority);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return sortedAuthorities;
|
|
||||||
}
|
|
||||||
|
|
||||||
public String toString() {
|
public String toString() {
|
||||||
StringBuilder sb = new StringBuilder();
|
StringBuilder sb = new StringBuilder();
|
||||||
|
|||||||
@ -15,16 +15,16 @@
|
|||||||
|
|
||||||
package org.springframework.security.core.userdetails;
|
package org.springframework.security.core.userdetails;
|
||||||
|
|
||||||
|
import static org.junit.Assert.*;
|
||||||
|
|
||||||
|
import java.io.ByteArrayOutputStream;
|
||||||
|
import java.io.ObjectOutputStream;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
import junit.framework.TestCase;
|
import org.junit.Test;
|
||||||
|
|
||||||
|
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.core.authority.AuthorityUtils;
|
import org.springframework.security.core.authority.AuthorityUtils;
|
||||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||||
import org.springframework.security.core.userdetails.User;
|
|
||||||
import org.springframework.security.core.userdetails.UserDetails;
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -33,10 +33,11 @@ import org.springframework.security.core.userdetails.UserDetails;
|
|||||||
* @author Ben Alex
|
* @author Ben Alex
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class UserTests extends TestCase {
|
public class UserTests {
|
||||||
private static final List<GrantedAuthority> ROLE_12 = AuthorityUtils.createAuthorityList("ROLE_ONE","ROLE_TWO");
|
private static final List<GrantedAuthority> ROLE_12 = AuthorityUtils.createAuthorityList("ROLE_ONE","ROLE_TWO");
|
||||||
//~ Methods ========================================================================================================
|
//~ Methods ========================================================================================================
|
||||||
|
|
||||||
|
@Test
|
||||||
public void testEquals() {
|
public void testEquals() {
|
||||||
User user1 = new User("rod", "koala", true, true, true, true,ROLE_12);
|
User user1 = new User("rod", "koala", true, true, true, true,ROLE_12);
|
||||||
|
|
||||||
@ -57,6 +58,7 @@ public class UserTests extends TestCase {
|
|||||||
AuthorityUtils.createAuthorityList("ROLE_ONE"))));
|
AuthorityUtils.createAuthorityList("ROLE_ONE"))));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
public void testNoArgConstructorDoesntExist() {
|
public void testNoArgConstructorDoesntExist() {
|
||||||
Class<User> clazz = User.class;
|
Class<User> clazz = User.class;
|
||||||
|
|
||||||
@ -67,6 +69,7 @@ public class UserTests extends TestCase {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
public void testNullValuesRejected() throws Exception {
|
public void testNullValuesRejected() throws Exception {
|
||||||
try {
|
try {
|
||||||
new User(null, "koala", true, true, true, true,ROLE_12);
|
new User(null, "koala", true, true, true, true,ROLE_12);
|
||||||
@ -89,6 +92,7 @@ public class UserTests extends TestCase {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
public void testNullWithinGrantedAuthorityElementIsRejected() throws Exception {
|
public void testNullWithinGrantedAuthorityElementIsRejected() throws Exception {
|
||||||
try {
|
try {
|
||||||
List<GrantedAuthority> auths = AuthorityUtils.createAuthorityList("ROLE_ONE");
|
List<GrantedAuthority> auths = AuthorityUtils.createAuthorityList("ROLE_ONE");
|
||||||
@ -100,6 +104,7 @@ public class UserTests extends TestCase {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
public void testUserGettersSetter() throws Exception {
|
public void testUserGettersSetter() throws Exception {
|
||||||
UserDetails user = new User("rod", "koala", true, true, true, true,
|
UserDetails user = new User("rod", "koala", true, true, true, true,
|
||||||
AuthorityUtils.createAuthorityList("ROLE_TWO","ROLE_ONE"));
|
AuthorityUtils.createAuthorityList("ROLE_TWO","ROLE_ONE"));
|
||||||
@ -111,8 +116,19 @@ public class UserTests extends TestCase {
|
|||||||
assertTrue(user.toString().indexOf("rod") != -1);
|
assertTrue(user.toString().indexOf("rod") != -1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
public void testUserIsEnabled() throws Exception {
|
public void testUserIsEnabled() throws Exception {
|
||||||
UserDetails user = new User("rod", "koala", false, true, true, true, ROLE_12);
|
UserDetails user = new User("rod", "koala", false, true, true, true, ROLE_12);
|
||||||
assertTrue(!user.isEnabled());
|
assertTrue(!user.isEnabled());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void useIsSerializable() throws Exception {
|
||||||
|
UserDetails user = new User("rod", "koala", false, true, true, true, ROLE_12);
|
||||||
|
// Serialize to a byte array
|
||||||
|
ByteArrayOutputStream bos = new ByteArrayOutputStream() ;
|
||||||
|
ObjectOutputStream out = new ObjectOutputStream(bos) ;
|
||||||
|
out.writeObject(user);
|
||||||
|
out.close();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user