Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-14 08:02:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1507: Applied patch to return empty authority list rather than null from RoleHierarchyImpl.

Browse Source
This commit is contained in:
Luke Taylor 2010-07-02 19:51:00 +01:00
parent 25d222208d
commit 845c50a1c3
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java
View File

@ -29,6 +29,7 @@ import java.util.regex.Pattern;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.GrantedAuthorityImpl; import org.springframework.security.core.authority.GrantedAuthorityImpl;
/** /**
@ -106,7 +107,7 @@ public class RoleHierarchyImpl implements RoleHierarchy {
public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) { public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<GrantedAuthority> authorities) {
if (authorities == null || authorities.isEmpty()) { if (authorities == null || authorities.isEmpty()) {
return null; return AuthorityUtils.NO_AUTHORITIES;
} }
Set<GrantedAuthority> reachableRoles = new HashSet<GrantedAuthority>(); Set<GrantedAuthority> reachableRoles = new HashSet<GrantedAuthority>();

14
core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImplTests.java
View File

@ -14,6 +14,7 @@
package org.springframework.security.access.hierarchicalroles; package org.springframework.security.access.hierarchicalroles;
import java.util.ArrayList;
import java.util.List; import java.util.List;
import junit.framework.TestCase; import junit.framework.TestCase;
@ -30,6 +31,19 @@ import org.springframework.security.core.authority.AuthorityUtils;
*/ */
public class RoleHierarchyImplTests extends TestCase { public class RoleHierarchyImplTests extends TestCase {
public void testRoleHierarchyWithNullOrEmptyAuthorities() {
List<GrantedAuthority> authorities0 = null;
List<GrantedAuthority> authorities1 = new ArrayList<GrantedAuthority>();
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl();
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B");
assertNotNull(roleHierarchyImpl.getReachableGrantedAuthorities(authorities0));
assertEquals(0, roleHierarchyImpl.getReachableGrantedAuthorities(authorities0).size());
assertNotNull(roleHierarchyImpl.getReachableGrantedAuthorities(authorities1));
assertEquals(0, roleHierarchyImpl.getReachableGrantedAuthorities(authorities1).size());
}
public void testSimpleRoleHierarchy() { public void testSimpleRoleHierarchy() {
List<GrantedAuthority> authorities0 = AuthorityUtils.createAuthorityList("ROLE_0"); List<GrantedAuthority> authorities0 = AuthorityUtils.createAuthorityList("ROLE_0");