Converted to use mockito.
This commit is contained in:
Luke Taylor
parent
e63fba3a36
commit
946f3d1067
|
|
@ -16,19 +16,20 @@
|
||||||
package org.springframework.security.access.vote;
|
package org.springframework.security.access.vote;
|
||||||
|
|
||||||
import static org.junit.Assert.assertTrue;
|
import static org.junit.Assert.assertTrue;
|
||||||
|
import static org.mockito.Matchers.any;
|
||||||
|
import static org.mockito.Mockito.*;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Arrays;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
||||||
|
import org.junit.Before;
|
||||||
import org.junit.Test;
|
import org.junit.Test;
|
||||||
import org.springframework.security.access.AccessDecisionVoter;
|
import org.springframework.security.access.AccessDecisionVoter;
|
||||||
import org.springframework.security.access.AccessDeniedException;
|
import org.springframework.security.access.AccessDeniedException;
|
||||||
import org.springframework.security.access.SecurityConfig;
|
import org.springframework.security.access.ConfigAttribute;
|
||||||
import org.springframework.security.access.vote.AffirmativeBased;
|
|
||||||
import org.springframework.security.access.vote.RoleVoter;
|
|
||||||
import org.springframework.security.authentication.TestingAuthenticationToken;
|
import org.springframework.security.authentication.TestingAuthenticationToken;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.Authentication;
|
||||||
import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -38,75 +39,66 @@ import org.springframework.security.core.authority.GrantedAuthorityImpl;
|
||||||
* @version $Id$
|
* @version $Id$
|
||||||
*/
|
*/
|
||||||
public class AffirmativeBasedTests {
|
public class AffirmativeBasedTests {
|
||||||
|
private final List<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>();
|
||||||
|
private final Authentication user = new TestingAuthenticationToken("somebody", "password","ROLE_1", "ROLE_2");
|
||||||
|
private AffirmativeBased mgr;
|
||||||
|
private AccessDecisionVoter grant;
|
||||||
|
private AccessDecisionVoter abstain;
|
||||||
|
private AccessDecisionVoter deny;
|
||||||
|
|
||||||
private AffirmativeBased makeDecisionManager() {
|
@Before
|
||||||
AffirmativeBased decisionManager = new AffirmativeBased();
|
@SuppressWarnings("unchecked")
|
||||||
RoleVoter roleVoter = new RoleVoter();
|
public void setup() {
|
||||||
DenyVoter denyForSureVoter = new DenyVoter();
|
mgr = new AffirmativeBased();
|
||||||
DenyAgainVoter denyAgainForSureVoter = new DenyAgainVoter();
|
|
||||||
List<AccessDecisionVoter> voters = new ArrayList<AccessDecisionVoter>();
|
|
||||||
voters.add(roleVoter);
|
|
||||||
voters.add(denyForSureVoter);
|
|
||||||
voters.add(denyAgainForSureVoter);
|
|
||||||
decisionManager.setDecisionVoters(voters);
|
|
||||||
|
|
||||||
return decisionManager;
|
grant = mock(AccessDecisionVoter.class);
|
||||||
}
|
abstain = mock(AccessDecisionVoter.class);
|
||||||
|
deny = mock(AccessDecisionVoter.class);
|
||||||
|
|
||||||
private TestingAuthenticationToken makeTestToken() {
|
when(grant.vote(any(Authentication.class), any(Object.class), any(List.class))).thenReturn(AccessDecisionVoter.ACCESS_GRANTED);
|
||||||
return new TestingAuthenticationToken("somebody", "password",
|
when(abstain.vote(any(Authentication.class), any(Object.class), any(List.class))).thenReturn(AccessDecisionVoter.ACCESS_ABSTAIN);
|
||||||
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_1"), new GrantedAuthorityImpl("ROLE_2")});
|
when(deny.vote(any(Authentication.class), any(Object.class), any(List.class))).thenReturn(AccessDecisionVoter.ACCESS_DENIED);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteGrantsAccess() throws Exception {
|
public void oneAffirmativeVoteOneDenyVoteOneAbstainVoteGrantsAccess() throws Exception {
|
||||||
TestingAuthenticationToken auth = makeTestToken();
|
mgr.setDecisionVoters(Arrays.asList(grant, deny, abstain));
|
||||||
AffirmativeBased mgr = makeDecisionManager();
|
mgr.afterPropertiesSet();
|
||||||
|
mgr.decide(user, new Object(), attrs);
|
||||||
mgr.decide(auth, new Object(), SecurityConfig.createList(new String[]{"ROLE_1", "DENY_FOR_SURE"}));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
|
public void oneDenyVoteOneAbstainVoteOneAffirmativeVoteGrantsAccess() throws Exception {
|
||||||
TestingAuthenticationToken auth = makeTestToken();
|
mgr.setDecisionVoters(Arrays.asList(deny, abstain, grant));
|
||||||
AffirmativeBased mgr = makeDecisionManager();
|
mgr.decide(user, new Object(), attrs);
|
||||||
|
}
|
||||||
|
|
||||||
mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_2"));
|
@Test
|
||||||
|
public void oneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
|
||||||
|
mgr.setDecisionVoters(Arrays.asList(grant, abstain, abstain));
|
||||||
|
mgr.decide(user, new Object(), attrs);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected=AccessDeniedException.class)
|
@Test(expected=AccessDeniedException.class)
|
||||||
public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
|
public void oneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
|
||||||
TestingAuthenticationToken auth = makeTestToken();
|
mgr.setDecisionVoters(Arrays.asList(deny, abstain, abstain));
|
||||||
AffirmativeBased mgr = makeDecisionManager();
|
mgr.decide(user, new Object(), attrs);
|
||||||
|
|
||||||
mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_WE_DO_NOT_HAVE"));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test(expected=AccessDeniedException.class)
|
@Test(expected=AccessDeniedException.class)
|
||||||
public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception {
|
public void onlyAbstainVotesDeniesAccessWithDefault() throws Exception {
|
||||||
TestingAuthenticationToken auth = makeTestToken();
|
mgr.setDecisionVoters(Arrays.asList(abstain, abstain, abstain));
|
||||||
AffirmativeBased mgr = makeDecisionManager();
|
|
||||||
|
|
||||||
assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default
|
assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default
|
||||||
|
|
||||||
mgr.decide(auth, new Object(), SecurityConfig.createList("IGNORED_BY_ALL"));
|
mgr.decide(user, new Object(), attrs);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testThreeAbstainVotesGrantsAccessWithoutDefault() throws Exception {
|
public void testThreeAbstainVotesGrantsAccessIfAllowIfAllAbstainDecisionsIsSet() throws Exception {
|
||||||
TestingAuthenticationToken auth = makeTestToken();
|
mgr.setDecisionVoters(Arrays.asList(abstain, abstain, abstain));
|
||||||
AffirmativeBased mgr = makeDecisionManager();
|
|
||||||
mgr.setAllowIfAllAbstainDecisions(true);
|
mgr.setAllowIfAllAbstainDecisions(true);
|
||||||
assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed
|
assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed
|
||||||
|
|
||||||
mgr.decide(auth, new Object(), SecurityConfig.createList("IGNORED_BY_ALL"));
|
mgr.decide(user, new Object(), attrs);
|
||||||
}
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() throws Exception {
|
|
||||||
TestingAuthenticationToken auth = makeTestToken();
|
|
||||||
AffirmativeBased mgr = makeDecisionManager();
|
|
||||||
|
|
||||||
mgr.decide(auth, new Object(), SecurityConfig.createList("ROLE_1", "ROLE_2"));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue