From b9415771987303cd2767e7f9eafac300f57085f9 Mon Sep 17 00:00:00 2001 From: Ben Alex Date: Tue, 14 Nov 2006 04:26:12 +0000 Subject: [PATCH] SEC-274: Reproduce bug report. --- .../annotation/BusinessServiceImpl.java | 28 ++++++++ .../acegisecurity/annotation/Department.java | 28 ++++++++ .../annotation/DepartmentService.java | 11 +++ .../annotation/DepartmentServiceImpl.java | 12 ++++ .../org/acegisecurity/annotation/Entity.java | 11 +++ .../SecurityAnnotationAttributesTests.java | 71 +++++++++++++++++-- 6 files changed, 154 insertions(+), 7 deletions(-) create mode 100644 core-tiger/src/test/java/org/acegisecurity/annotation/BusinessServiceImpl.java create mode 100644 core-tiger/src/test/java/org/acegisecurity/annotation/Department.java create mode 100644 core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentService.java create mode 100644 core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentServiceImpl.java create mode 100644 core-tiger/src/test/java/org/acegisecurity/annotation/Entity.java diff --git a/core-tiger/src/test/java/org/acegisecurity/annotation/BusinessServiceImpl.java b/core-tiger/src/test/java/org/acegisecurity/annotation/BusinessServiceImpl.java new file mode 100644 index 0000000000..2976beb361 --- /dev/null +++ b/core-tiger/src/test/java/org/acegisecurity/annotation/BusinessServiceImpl.java @@ -0,0 +1,28 @@ +package org.acegisecurity.annotation; + +/** + * + * @author Joe Scalise + */ +public class BusinessServiceImpl implements BusinessService { + + @Secured({"ROLE_USER"}) + public void someUserMethod1() { + } + + @Secured({"ROLE_USER"}) + public void someUserMethod2() { + } + + @Secured({"ROLE_USER", "ROLE_ADMIN"}) + public void someUserAndAdminMethod() { + } + + @Secured({"ROLE_ADMIN"}) + public void someAdminMethod() { + } + + public E someUserMethod3(final E entity) { + return entity; + } +} diff --git a/core-tiger/src/test/java/org/acegisecurity/annotation/Department.java b/core-tiger/src/test/java/org/acegisecurity/annotation/Department.java new file mode 100644 index 0000000000..fc610064bf --- /dev/null +++ b/core-tiger/src/test/java/org/acegisecurity/annotation/Department.java @@ -0,0 +1,28 @@ +package org.acegisecurity.annotation; + +/** + * + * @author Joe Scalise + */ +public class Department extends Entity { + //~ Instance fields ======================================================== + + private boolean active = true; + + //~ Constructors =========================================================== + + public Department(String name) { + super(name); + } + + //~ Methods ================================================================ + + public boolean isActive() { + return this.active; + } + + void deactive() { + this.active = true; + } + +} diff --git a/core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentService.java b/core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentService.java new file mode 100644 index 0000000000..61dcf8d382 --- /dev/null +++ b/core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentService.java @@ -0,0 +1,11 @@ +package org.acegisecurity.annotation; + +/** + * + * @author Joe Scalise + */ +public interface DepartmentService extends BusinessService { + + @Secured({"ROLE_USER"}) + Department someUserMethod3(Department dept); +} diff --git a/core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentServiceImpl.java b/core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentServiceImpl.java new file mode 100644 index 0000000000..fcfbd8a121 --- /dev/null +++ b/core-tiger/src/test/java/org/acegisecurity/annotation/DepartmentServiceImpl.java @@ -0,0 +1,12 @@ +package org.acegisecurity.annotation; + +/** + * @author Joe Scalise + */ +public class DepartmentServiceImpl extends BusinessServiceImpl implements DepartmentService { + + @Secured({"ROLE_ADMIN"}) + public Department someUserMethod3(final Department dept) { + return super.someUserMethod3(dept); + } +} diff --git a/core-tiger/src/test/java/org/acegisecurity/annotation/Entity.java b/core-tiger/src/test/java/org/acegisecurity/annotation/Entity.java new file mode 100644 index 0000000000..f596d1899f --- /dev/null +++ b/core-tiger/src/test/java/org/acegisecurity/annotation/Entity.java @@ -0,0 +1,11 @@ +package org.acegisecurity.annotation; + +/** + * Class to act as a superclass for annotations testing. + * + * @author Ben Alex + * + */ +public class Entity { + public Entity(String someParameter) {} +} diff --git a/core-tiger/src/test/java/org/acegisecurity/annotation/SecurityAnnotationAttributesTests.java b/core-tiger/src/test/java/org/acegisecurity/annotation/SecurityAnnotationAttributesTests.java index 0a87ae1b27..2cf119d5c1 100644 --- a/core-tiger/src/test/java/org/acegisecurity/annotation/SecurityAnnotationAttributesTests.java +++ b/core-tiger/src/test/java/org/acegisecurity/annotation/SecurityAnnotationAttributesTests.java @@ -15,28 +15,30 @@ package org.acegisecurity.annotation; +import java.lang.reflect.Field; +import java.lang.reflect.Method; +import java.util.Collection; + import junit.framework.TestCase; import org.acegisecurity.SecurityConfig; - +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.springframework.metadata.Attributes; -import java.lang.reflect.Field; -import java.lang.reflect.Method; - -import java.util.Collection; - /** * Tests for {@link org.acegisecurity.annotation.SecurityAnnotationAttributes} * * @author Mark St.Godard - * @version $Revision$ + * @author Joe Scalise + * @version $Id$ */ public class SecurityAnnotationAttributesTests extends TestCase { //~ Instance fields ================================================================================================ private Attributes attributes; + private Log logger = LogFactory.getLog(SecurityAnnotationAttributesTests.class); //~ Methods ======================================================================================================== @@ -132,4 +134,59 @@ public class SecurityAnnotationAttributesTests extends TestCase { fail("Unsupported method should have thrown an exception!"); } catch (UnsupportedOperationException expected) {} } + + public void testGenericsSuperclassDeclarationsAreIncludedWhenSubclassesOverride() { + + Method method = null; + try { + method = DepartmentServiceImpl.class.getMethod("someUserMethod3", new Class[]{Department.class}); + } catch (NoSuchMethodException unexpected) { + fail("Should be a superMethod called 'someUserMethod3' on class!"); + } + Collection attrs = this.attributes.getAttributes(method); + + if (logger.isDebugEnabled()) { + logger.debug("attrs: "); + logger.debug(attrs); + } + assertNotNull(attrs); + + // expect 1 attribute + assertTrue("Did not find 1 attribute", attrs.size() == 1); + + // should have 1 SecurityConfig + for (Object obj : attrs) { + assertTrue(obj instanceof SecurityConfig); + SecurityConfig sc = (SecurityConfig) obj; + assertEquals("Found an incorrect role", "ROLE_ADMIN", sc.getAttribute()); + } + + Method superMethod = null; + try { + superMethod = DepartmentServiceImpl.class.getMethod("someUserMethod3", new Class[]{Entity.class}); + } catch (NoSuchMethodException unexpected) { + fail("Should be a superMethod called 'someUserMethod3' on class!"); + } + System.out.println(superMethod); + Collection superAttrs = this.attributes.getAttributes(superMethod); + + if (logger.isDebugEnabled()) { + logger.debug("superAttrs: "); + logger.debug(superAttrs); + } + assertNotNull(superAttrs); + + // TODO: Resolve bridge method bug as reported in SEC-274 + /* + // expect 1 attribute + assertTrue("Did not find 1 attribute", superAttrs.size() == 1); + + // should have 1 SecurityConfig + for (Object obj : superAttrs) { + assertTrue(obj instanceof SecurityConfig); + SecurityConfig sc = (SecurityConfig) obj; + assertEquals("Found an incorrect role", "ROLE_ADMIN", sc.getAttribute()); + } + */ + } }