From 9926ad68b8f4e465f6c5243a8ff993fbf9d1b7a2 Mon Sep 17 00:00:00 2001
From: Manuel Tejeda <mtejeda21@gmail.com>
Date: Wed, 18 Sep 2019 07:59:20 -0500
Subject: [PATCH] add hasAnyRole method in AuthorizePayloadsSpec.Access

---
 .../annotation/rsocket/RSocketSecurity.java   |  5 +++++
 ...RSocketMessageHandlerConnectionITests.java | 19 +++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
index dd307f655f..34691a6a85 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
@@ -104,6 +104,7 @@ import java.util.List;
  * }
  * </pre>
  * @author Rob Winch
+ * @author Manuel Tejeda
  * @since 5.2
  */
 public class RSocketSecurity {
@@ -315,6 +316,10 @@ public class RSocketSecurity {
 				return access(AuthorityReactiveAuthorizationManager.hasRole(role));
 			}
 
+			public AuthorizePayloadsSpec hasAnyRole(String... roles) {
+				return access(AuthorityReactiveAuthorizationManager.hasAnyRole(roles));
+			}
+
 			public AuthorizePayloadsSpec permitAll() {
 				return access((a, ctx) -> Mono
 						.just(new AuthorizationDecision(true)));
diff --git a/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java b/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
index 7641ce9a6a..cc1f909376 100644
--- a/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
+++ b/config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
@@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode;
 
 /**
  * @author Rob Winch
+ * @author Manuel Tejeda
  */
 @ContextConfiguration
 @RunWith(SpringRunner.class)
@@ -167,6 +168,23 @@ public class RSocketMessageHandlerConnectionITests {
 //			.isInstanceOf(RejectedSetupException.class);
 	}
 
+	@Test
+	public void connectWithAnyRole() {
+		UsernamePasswordMetadata credentials =
+				new UsernamePasswordMetadata("user", "password");
+		this.requester = requester()
+				.setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
+				.connectTcp(this.server.address().getHostName(), this.server.address().getPort())
+				.block();
+
+		String hiRob = this.requester.route("anyroute")
+				.data("rob")
+				.retrieveMono(String.class)
+				.block();
+
+		assertThat(hiRob).isEqualTo("Hi rob");
+	}
+
 	private RSocketRequester.Builder requester() {
 		return RSocketRequester.builder()
 				.rsocketStrategies(this.handler.getRSocketStrategies());
@@ -225,6 +243,7 @@ public class RSocketMessageHandlerConnectionITests {
 						.setup().hasRole("SETUP")
 						.route("secure.admin.*").hasRole("ADMIN")
 						.route("secure.**").hasRole("USER")
+						.route("anyroute").hasAnyRole("USER")
 						.anyRequest().permitAll()
 				)
 				.basicAuthentication(Customizer.withDefaults());