Updated to latest Spring build snapshot. Required minor EL changes to parser class name
This commit is contained in:
Luke Taylor
parent
e92aac225f
commit
c6b9371029
|
|
@ -2,7 +2,7 @@ package org.springframework.security.access.expression.method;
|
|||
|
||||
import org.springframework.expression.Expression;
|
||||
import org.springframework.expression.ParseException;
|
||||
import org.springframework.expression.spel.antlr.SpelAntlrExpressionParser;
|
||||
import org.springframework.expression.spel.standard.SpelExpressionParser;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.util.Assert;
|
||||
|
||||
|
|
@ -26,7 +26,7 @@ abstract class AbstractExpressionBasedMethodConfigAttribute implements ConfigAtt
|
|||
*/
|
||||
AbstractExpressionBasedMethodConfigAttribute(String filterExpression, String authorizeExpression) throws ParseException {
|
||||
Assert.isTrue(filterExpression != null || authorizeExpression != null, "Filter and authorization Expressions cannot both be null");
|
||||
SpelAntlrExpressionParser parser = new SpelAntlrExpressionParser();
|
||||
SpelExpressionParser parser = new SpelExpressionParser();
|
||||
this.filterExpression = filterExpression == null ? null : parser.parseExpression(filterExpression);
|
||||
this.authorizeExpression = authorizeExpression == null ? null : parser.parseExpression(authorizeExpression);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ import org.springframework.core.ParameterNameDiscoverer;
|
|||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.expression.Expression;
|
||||
import org.springframework.expression.ExpressionParser;
|
||||
import org.springframework.expression.spel.antlr.SpelAntlrExpressionParser;
|
||||
import org.springframework.expression.spel.standard.SpelExpressionParser;
|
||||
import org.springframework.security.access.PermissionEvaluator;
|
||||
import org.springframework.security.access.expression.ExpressionUtils;
|
||||
import org.springframework.security.authentication.AuthenticationTrustResolver;
|
||||
|
|
@ -36,7 +36,7 @@ public class DefaultMethodSecurityExpressionHandler implements MethodSecurityExp
|
|||
private ParameterNameDiscoverer parameterNameDiscoverer = new LocalVariableTableParameterNameDiscoverer();
|
||||
private PermissionEvaluator permissionEvaluator = new DenyAllPermissionEvaluator();
|
||||
private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
|
||||
private ExpressionParser expressionParser = new SpelAntlrExpressionParser();
|
||||
private ExpressionParser expressionParser = new SpelExpressionParser();
|
||||
|
||||
public DefaultMethodSecurityExpressionHandler() {
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,10 +14,8 @@ import org.springframework.security.access.prepost.PreInvocationAuthorizationAdv
|
|||
import org.springframework.security.core.Authentication;
|
||||
|
||||
/**
|
||||
* If only a @PreFilter condition is specified, it will vote to grant access, otherwise it will vote
|
||||
* to grant or deny access depending on whether the @PreAuthorize expression evaluates to 'true' or 'false',
|
||||
* respectively.
|
||||
|
||||
* Method pre-invocation handling based on expressions.
|
||||
*
|
||||
* @author Luke Taylor
|
||||
* @version $Id$
|
||||
* @since
|
||||
|
|
|
|||
|
|
@ -12,5 +12,14 @@ import org.springframework.security.core.Authentication;
|
|||
*/
|
||||
public interface PreInvocationAuthorizationAdvice {
|
||||
|
||||
/**
|
||||
* The "before" advice which should be executed to perform any filtering necessary and to decide whether
|
||||
* the method call is authorised.
|
||||
*
|
||||
* @param authentication the information on the principal on whose account the decision should be made
|
||||
* @param mi the method invocation being attempted
|
||||
* @param preInvocationAttribute the attribute built from the @PreFilte and @PostFilter annotations.
|
||||
* @return true if authorised, false otherwise
|
||||
*/
|
||||
boolean before(Authentication authentication, MethodInvocation mi, PreInvocationAttribute preInvocationAttribute);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -16,8 +16,6 @@
|
|||
package org.springframework.security.util;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.springframework.aop.framework.Advised;
|
||||
|
|
@ -57,13 +55,11 @@ public final class MethodInvocationUtils {
|
|||
Class<?>[] classArgs = null;
|
||||
|
||||
if (args != null) {
|
||||
List<Class<?>> list = new ArrayList<Class<?>>();
|
||||
classArgs = new Class<?>[args.length];
|
||||
|
||||
for (int i = 0; i < args.length; i++) {
|
||||
list.add(args[i].getClass());
|
||||
classArgs[i] = args[i].getClass();
|
||||
}
|
||||
|
||||
classArgs = list.toArray(new Class[] {});
|
||||
}
|
||||
|
||||
// Determine the type that declares the requested method, taking into account proxies
|
||||
|
|
@ -109,7 +105,8 @@ public final class MethodInvocationUtils {
|
|||
* @param args the actual arguments that should be passed to SimpleMethodInvocation
|
||||
* @return a <code>MethodInvocation</code>, or <code>null</code> if there was a problem
|
||||
*/
|
||||
public static MethodInvocation createFromClass(Object targetObject, Class<?> clazz, String methodName, Class<?>[] classArgs, Object[] args) {
|
||||
public static MethodInvocation createFromClass(Object targetObject, Class<?> clazz, String methodName,
|
||||
Class<?>[] classArgs, Object[] args) {
|
||||
Assert.notNull(clazz, "Class required");
|
||||
Assert.hasText(methodName, "MethodName required");
|
||||
|
||||
|
|
@ -117,7 +114,7 @@ public final class MethodInvocationUtils {
|
|||
|
||||
try {
|
||||
method = clazz.getMethod(methodName, classArgs);
|
||||
} catch (Exception e) {
|
||||
} catch (NoSuchMethodException e) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -7,11 +7,10 @@ import org.jmock.Mockery;
|
|||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
import org.springframework.expression.Expression;
|
||||
import org.springframework.expression.spel.antlr.SpelAntlrExpressionParser;
|
||||
import org.springframework.expression.spel.standard.SpelExpressionParser;
|
||||
import org.springframework.expression.spel.support.StandardEvaluationContext;
|
||||
import org.springframework.security.access.PermissionEvaluator;
|
||||
import org.springframework.security.access.expression.ExpressionUtils;
|
||||
import org.springframework.security.access.expression.method.MethodSecurityExpressionRoot;
|
||||
import org.springframework.security.authentication.AuthenticationTrustResolver;
|
||||
import org.springframework.security.core.Authentication;
|
||||
|
||||
|
|
@ -22,7 +21,7 @@ import org.springframework.security.core.Authentication;
|
|||
* @version $Id$
|
||||
*/
|
||||
public class MethodSecurityExpressionRootTests {
|
||||
SpelAntlrExpressionParser parser = new SpelAntlrExpressionParser();
|
||||
SpelExpressionParser parser = new SpelExpressionParser();
|
||||
MethodSecurityExpressionRoot root;
|
||||
StandardEvaluationContext ctx;
|
||||
Mockery jmock = new Mockery();
|
||||
|
|
|
|||
17
pom.xml
17
pom.xml
|
|
@ -86,7 +86,8 @@
|
|||
<id>com.springsource.repository.bundles.release</id>
|
||||
<name>SpringSource Enterprise Bundle Repository - SpringSource Bundle Releases</name>
|
||||
<url>http://repository.springsource.com/maven/bundles/release</url>
|
||||
</repository>
|
||||
</repository>
|
||||
-->
|
||||
<repository>
|
||||
<releases>
|
||||
<enabled>false</enabled>
|
||||
|
|
@ -94,11 +95,11 @@
|
|||
<snapshots>
|
||||
<enabled>true</enabled>
|
||||
</snapshots>
|
||||
<id>com.springsource.repository.bundles.snapshot</id>
|
||||
<name>SpringSource Enterprise Bundle Repository - SpringSource Snapshot Releases</name>
|
||||
<url>http://repository.springsource.com/maven/bundles/snapshot</url>
|
||||
<id>com.springsource.repository.maven.snapshot</id>
|
||||
<name>SpringSource Enterprise Bundle Maven Repository - SpringSource Snapshot Releases</name>
|
||||
<url>http://maven.springframework.org/snapshot</url>
|
||||
</repository>
|
||||
-->
|
||||
|
||||
<repository>
|
||||
<releases>
|
||||
<enabled>true</enabled>
|
||||
|
|
@ -106,7 +107,7 @@
|
|||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<id>Spring Framework Maven Milestone Releases</id>
|
||||
<id>com.springsource.repository.maven.milestone</id>
|
||||
<name>Spring Framework Maven Milestone Releases (Maven Central Format)</name>
|
||||
<url>http://maven.springframework.org/milestone</url>
|
||||
</repository>
|
||||
|
|
@ -114,7 +115,7 @@
|
|||
|
||||
<pluginRepositories>
|
||||
<pluginRepository>
|
||||
<id>com.springsource.repository.bundles.milestone</id>
|
||||
<id>com.springsource.repository.maven.milestone</id>
|
||||
<name>SpringSource Enterprise Bundle Repository - SpringSource Milestone Releases</name>
|
||||
<url>http://repository.springsource.com/maven/bundles/milestone</url>
|
||||
</pluginRepository>
|
||||
|
|
@ -766,7 +767,7 @@
|
|||
<properties>
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
||||
<spring.version>3.0.0.M3</spring.version>
|
||||
<spring.version>3.0.0.BUILD-SNAPSHOT</spring.version>
|
||||
<jstl.version>1.1.2</jstl.version>
|
||||
<jetty.version>6.1.18</jetty.version>
|
||||
</properties>
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ package org.springframework.security.web.access.expression;
|
|||
|
||||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.expression.ExpressionParser;
|
||||
import org.springframework.expression.spel.antlr.SpelAntlrExpressionParser;
|
||||
import org.springframework.expression.spel.standard.SpelExpressionParser;
|
||||
import org.springframework.expression.spel.support.StandardEvaluationContext;
|
||||
import org.springframework.security.access.expression.SecurityExpressionRoot;
|
||||
import org.springframework.security.authentication.AuthenticationTrustResolver;
|
||||
|
|
@ -21,7 +21,7 @@ import org.springframework.security.web.FilterInvocation;
|
|||
public class DefaultWebSecurityExpressionHandler implements WebSecurityExpressionHandler {
|
||||
|
||||
private AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl();
|
||||
private ExpressionParser expressionParser = new SpelAntlrExpressionParser();
|
||||
private ExpressionParser expressionParser = new SpelExpressionParser();
|
||||
|
||||
public ExpressionParser getExpressionParser() {
|
||||
return expressionParser;
|
||||
|
|
|
|||
Loading…
Reference in New Issue