SEC-428: Added test

2008-03-24 20:50:58 +00:00 · 2008-03-24 20:50:58 +00:00 · a375d8e59e
parent 1dd5f42142
commit a375d8e59e
4 changed files with 78 additions and 1 deletions
--- a/core/pom.xml
+++ b/core/pom.xml
@ -52,6 +52,13 @@
 		    <artifactId>aspectjrt</artifactId>
 		    <optional>true</optional>
 	    </dependency>
+	    <dependency>
+	        <groupId>org.aspectj</groupId>
+		    <artifactId>aspectjweaver</artifactId>
+		    <version>1.5.4</version>
+		    <scope>test</scope>
+		    <optional>true</optional>
+	    </dependency>	    
        <dependency>
            <groupId>org.springframework.ldap</groupId>
            <artifactId>spring-ldap</artifactId>
--- a/core/src/main/java/org/springframework/security/util/InMemoryXmlApplicationContext.java
+++ b/core/src/main/java/org/springframework/security/util/InMemoryXmlApplicationContext.java
@ -11,8 +11,10 @@ public class InMemoryXmlApplicationContext extends AbstractXmlApplicationContext
    private static final String BEANS_OPENING =
                    "<b:beans xmlns='http://www.springframework.org/schema/security'\n" +
                    "    xmlns:b='http://www.springframework.org/schema/beans'\n" +
+                    "    xmlns:aop='http://www.springframework.org/schema/aop'\n" +
                    "    xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'\n" +
                    "    xsi:schemaLocation='http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd\n" +
+                    "http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd\n" +
                    "http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-2.0.xsd'>\n";
    private static final String BEANS_CLOSE = "</b:beans>\n";

--- a/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java
+++ b/core/src/test/java/org/springframework/security/intercept/method/aopalliance/MethodSecurityInterceptorWithAopConfigTests.java
@ -0,0 +1,68 @@
+package org.springframework.security.intercept.method.aopalliance;
+
+import org.junit.After;
+import org.junit.Test;
+import org.springframework.context.support.AbstractXmlApplicationContext;
+import org.springframework.security.ITargetObject;
+import org.springframework.security.util.InMemoryXmlApplicationContext;
+
+/**
+ * Tests for SEC-428. 
+ * 
+ * @author Luke Taylor
+ * 
+ */
+public class MethodSecurityInterceptorWithAopConfigTests {
+    static final String AUTH_PROVIDER_XML =
+        "    <authentication-provider>" +
+        "        <user-service>" +
+        "            <user name='bob' password='bobspassword' authorities='ROLE_USER,ROLE_ADMIN' />" +
+        "            <user name='bill' password='billspassword' authorities='ROLE_USER' />" +
+        "        </user-service>" +
+        "    </authentication-provider>";
+    
+    static final String ACCESS_MANAGER_XML = 
+        "<b:bean id='accessDecisionManager' class='org.springframework.security.vote.AffirmativeBased'>" +
+        "   <b:property name='decisionVoters'>" +
+        "       <b:list><b:bean class='org.springframework.security.vote.RoleVoter'/></b:list>" +
+        "   </b:property>" +
+        "</b:bean>";
+    
+    private AbstractXmlApplicationContext appContext;
+    
+    @After
+    public void closeAppContext() {
+        if (appContext != null) {
+            appContext.close();
+            appContext = null;
+        }
+    }
+    
+    @Test
+    public void securityInterceptorIsAppliedWhenUsedWithAopConfig() {
+        setContext(
+                "<aop:config>" +
+        		"     <aop:pointcut id='targetMethods' expression='execution(* org.springframework.security.TargetObject.*(..))'/>" +
+        		"     <aop:advisor advice-ref='securityInterceptor' pointcut-ref='targetMethods' />" +
+        		"</aop:config>" +
+        		"<b:bean id='target' class='org.springframework.security.TargetObject'/>" +
+        		"<b:bean id='securityInterceptor' class='org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor' autowire='byType' >" +
+        		"     <b:property name='objectDefinitionSource'>" +
+                "       <b:value>" +
+                            "org.springframework.security.ITargetObject.makeLower*=ROLE_A\n" +
+                            "org.springframework.security.ITargetObject.makeUpper*=ROLE_A\n" +
+                            "org.springframework.security.ITargetObject.computeHashCode*=ROLE_B\n" +
+                "       </b:value>" +
+                "     </b:property>" +
+        		"</b:bean>" +
+        		AUTH_PROVIDER_XML + ACCESS_MANAGER_XML);
+        
+        ITargetObject target = (ITargetObject) appContext.getBean("target");
+        target.makeLowerCase("TEST");
+        
+    }
+
+    private void setContext(String context) {
+        appContext = new InMemoryXmlApplicationContext(context);
+    }    
+}
--- a/pom.xml
+++ b/pom.xml
@ -662,7 +662,7 @@
 	    <dependency>
 	        <groupId>aspectj</groupId>
 	    	<artifactId>aspectjrt</artifactId>
-		<version>1.5.3</version>
+		    <version>1.5.4</version>
 	    </dependency>
            <dependency>
                <groupId>org.springframework</groupId>