SEC-418: Applied patch from issue.

2025-07-08 19:42:48 +00:00 · 2008-01-28 19:24:45 +00:00 · 2008-01-28 19:24:45 +00:00 · b253510127
commit b253510127
parent e41860d944
2 changed files with 30 additions and 9 deletions
--- a/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
@ -55,7 +55,6 @@ import org.springframework.util.Assert;
 import java.io.IOException;

 import java.util.ArrayList;
-import java.util.Arrays;
 import java.util.List;

 import javax.servlet.Filter;
@ -102,8 +101,6 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App

    private static final Log logger = LogFactory.getLog(SwitchUserProcessingFilter.class);

-    // ~ Static fields/initializers
-    // =============================================
    public static final String ACEGI_SECURITY_SWITCH_USERNAME_KEY = "j_username";
    public static final String ROLE_PREVIOUS_ADMINISTRATOR = "ROLE_PREVIOUS_ADMINISTRATOR";

@ -116,9 +113,6 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
    private String switchUserUrl = "/j_acegi_switch_user";
    private String targetUrl;
    private SwitchUserAuthorityChanger switchUserAuthorityChanger;
-
-    // ~ Instance fields
-    // ========================================================
    private UserDetailsService userDetailsService;

    //~ Methods ========================================================================================================
@ -275,8 +269,11 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
        Authentication currentAuth = SecurityContextHolder.getContext().getAuthentication();
        GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(ROLE_PREVIOUS_ADMINISTRATOR, currentAuth);

-        // get the original authorities
-        List orig = Arrays.asList(targetUser.getAuthorities());
+        // get the original authorities        
+        ArrayList orig = new ArrayList();
+        for (int i = 0; i < targetUser.getAuthorities().length; i++) {
+			orig.add(targetUser.getAuthorities()[i]);
+		}

        // Allow subclasses to change the authorities to be granted
        if (switchUserAuthorityChanger != null) {
@ -443,7 +440,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
    /**
     * Sets the authentication data access object.
     *
-     * @param authenticationDao The authentication dao
+     * @param userDetailsService The UserDetailsService to use
     */
    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
--- a/core/src/test/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilterTests.java
+++ b/core/src/test/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilterTests.java
@ -41,6 +41,8 @@ import org.springframework.dao.DataAccessException;
 import org.springframework.mock.web.MockHttpServletRequest;
 import org.springframework.mock.web.MockHttpServletResponse;

+import java.util.List;
+

 /**
 * Tests {@link org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter}.
@ -377,6 +379,28 @@ public class SwitchUserProcessingFilterTests extends TestCase {
        assertEquals("jacklord", ((User) targetAuth.getPrincipal()).getUsername());
    }

+    public void testModificationOfAuthoritiesWorks() {
+        UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
+        SecurityContextHolder.getContext().setAuthentication(auth);
+
+        MockHttpServletRequest request = new MockHttpServletRequest();
+        request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
+
+        SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
+        filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
+        filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
+            public void modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List authoritiesToBeGranted) {
+                authoritiesToBeGranted.clear();
+                authoritiesToBeGranted.add(new GrantedAuthorityImpl("ROLE_NEW"));
+            }
+        });
+
+        Authentication result = filter.attemptSwitchUser(request);
+        assertTrue(result != null);
+        assertEquals(2, result.getAuthorities().length);
+        assertEquals("ROLE_NEW", result.getAuthorities()[0].getAuthority());        
+    }
+
    //~ Inner Classes ==================================================================================================

    private class MockAuthenticationDaoUserJackLord implements UserDetailsService {