Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-654: Made ConfigAttributeDefinition immutable, added several constructors to simplify its use. Removed MethodDefinitionMapping and FilterInvocationDefinitionMapping.

This commit is contained in:
Luke Taylor 2008-01-30 15:17:30 +00:00
parent 1dc80b5665
commit d695f5002c
64 changed files with 507 additions and 973 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
core-tiger/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java
View File

@ -40,75 +40,48 @@ import org.aopalliance.intercept.MethodInvocation;
* @version $Id$
*/
public class MethodDefinitionSourceEditorTigerTests extends TestCase {
//~ Constructors ===================================================================================================
public MethodDefinitionSourceEditorTigerTests() {
super();
}
public MethodDefinitionSourceEditorTigerTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(MethodDefinitionSourceEditorTigerTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testConcreteClassInvocationsAlsoReturnDefinitionsAgainstInterface()
throws Exception {
public void testConcreteClassInvocationsAlsoReturnDefinitionsAgainstInterface() throws Exception {
MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor();
editor.setAsText(
"org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION");
"org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION");
MethodDefinitionMap map = (MethodDefinitionMap) editor.getValue();
assertEquals(3, map.getMethodMapSize());
ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(Service.class,
"makeLowerCase", new Class[] {Entity.class}));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition();
expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE"));
"makeLowerCase", new Class[]{Entity.class}));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE");
assertEquals(expectedMakeLower, returnedMakeLower);
ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation(ServiceImpl.class,
"makeUpperCase", new Class[] {Entity.class}));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition();
expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_IMPLEMENTATION"));
expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE"));
"makeUpperCase", new Class[]{Entity.class}));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(new String[]{"ROLE_FROM_IMPLEMENTATION", "ROLE_FROM_INTERFACE"});
assertEquals(expectedMakeUpper, returnedMakeUpper);
}
public void testGenericsSuperclassDeclarationsAreIncludedWhenSubclassesOverride()
throws Exception {
public void testGenericsSuperclassDeclarationsAreIncludedWhenSubclassesOverride() throws Exception {
MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor();
editor.setAsText(
"org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION");
"org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION");
MethodDefinitionMap map = (MethodDefinitionMap) editor.getValue();
assertEquals(3, map.getMethodMapSize());
ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(PersonService.class,
"makeLowerCase", new Class[] {Entity.class}));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition();
expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE"));
"makeLowerCase", new Class[]{Entity.class}));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE");
assertEquals(expectedMakeLower, returnedMakeLower);
ConfigAttributeDefinition returnedMakeLower2 = map.getAttributes(new MockMethodInvocation(
OrganisationService.class, "makeLowerCase", new Class[] {Entity.class}));
ConfigAttributeDefinition expectedMakeLower2 = new ConfigAttributeDefinition();
expectedMakeLower2.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE"));
OrganisationService.class, "makeLowerCase", new Class[]{Entity.class}));
ConfigAttributeDefinition expectedMakeLower2 = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE");
assertEquals(expectedMakeLower2, returnedMakeLower2);
ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation(
PersonServiceImpl.class, "makeUpperCase", new Class[] {Entity.class}));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition();
expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_IMPLEMENTATION"));
expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE"));
PersonServiceImpl.class, "makeUpperCase", new Class[]{Entity.class}));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(new String[]{"ROLE_FROM_IMPLEMENTATION", "ROLE_FROM_INTERFACE"});
assertEquals(expectedMakeUpper, returnedMakeUpper);
}

131
core/src/main/java/org/springframework/security/ConfigAttributeDefinition.java
View File

@ -15,44 +15,93 @@
package org.springframework.security;
import org.springframework.util.Assert;
import java.io.Serializable;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import java.util.Collections;
import java.util.ArrayList;
import java.util.Collection;
/**
* Holds a group of {@link ConfigAttribute}s that are associated with a given secure object target.<p>All the
* <code>ConfigAttributeDefinition</code>s associated with a given {@link
* Holds a group of {@link ConfigAttribute}s that are associated with a given secure object target - effectively a
* Collection<ConfigAttribute>.
* <p>
* Once created, the object is immutable.
* <p>
* All the <code>ConfigAttributeDefinition</code>s associated with a given {@link
* org.springframework.security.intercept.AbstractSecurityInterceptor} are stored in an {@link
* org.springframework.security.intercept.ObjectDefinitionSource}.</p>
* org.springframework.security.intercept.ObjectDefinitionSource}.
*
* @author Ben Alex
* @version $Id$
*/
public class ConfigAttributeDefinition implements Serializable {
public static final ConfigAttributeDefinition NO_ATTRIBUTES = new ConfigAttributeDefinition();
//~ Instance fields ================================================================================================
private List configAttributes = new Vector();
private List configAttributes;
//~ Constructors ===================================================================================================
public ConfigAttributeDefinition() {
super();
private ConfigAttributeDefinition() {
configAttributes = Collections.EMPTY_LIST;
}
/**
* Creates a ConfigAttributeDefinition containing a single attribute
* @param attribute the String name of the attribute (converted internally to a <tt>SecurityConfig</tt> instance).
*/
public ConfigAttributeDefinition(String attribute) {
configAttributes = new ArrayList(1);
configAttributes.add(new SecurityConfig(attribute));
configAttributes = Collections.unmodifiableList(configAttributes);
}
/**
* Creates a ConfigAttributeDefinition containing a single attribute.
*/
public ConfigAttributeDefinition(ConfigAttribute attribute) {
configAttributes = new ArrayList(1);
configAttributes.add(attribute);
configAttributes = Collections.unmodifiableList(configAttributes);
}
/**
* Builds a collection of ConfigAttributes from an array of String tokens, each of which will be wrapped in a
* <tt>SecurityConfig</tt> instance.
*
* @param attributeTokens the tokens which will be turned into attributes.
*/
public ConfigAttributeDefinition(String[] attributeTokens) {
configAttributes = new ArrayList(attributeTokens.length);
for (int i = 0; i < attributeTokens.length; i++) {
configAttributes.add(new SecurityConfig(attributeTokens[i].trim()));
}
configAttributes = Collections.unmodifiableList(configAttributes);
}
/**
* Creates an immutable ConfigAttributeDefinition from the supplied list of <tt>ConfigAttribute</tt> objects.
*/
public ConfigAttributeDefinition(List configAttributes) {
Iterator attributes = configAttributes.iterator();
while (attributes.hasNext()) {
Assert.isInstanceOf(ConfigAttribute.class, attributes.next(),
"List entries must be of type ConfigAttribute");
}
this.configAttributes = Collections.unmodifiableList(new ArrayList(configAttributes));
}
//~ Methods ========================================================================================================
/**
* Adds a <code>ConfigAttribute</code> that is related to the secure object method.
*
* @param newConfigAttribute the new configuration attribute to add
*/
public void addConfigAttribute(ConfigAttribute newConfigAttribute) {
this.configAttributes.add(newConfigAttribute);
}
/**
* Indicates whether the specified <code>ConfigAttribute</code> is contained within this
* <code>ConfigAttributeDefinition</code>.
@ -67,53 +116,27 @@ public class ConfigAttributeDefinition implements Serializable {
}
public boolean equals(Object obj) {
if (obj instanceof ConfigAttributeDefinition) {
ConfigAttributeDefinition test = (ConfigAttributeDefinition) obj;
List testAttrs = new Vector();
Iterator iter = test.getConfigAttributes();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();
testAttrs.add(attr);
}
if (this.configAttributes.size() != testAttrs.size()) {
return false;
}
for (int i = 0; i < this.configAttributes.size(); i++) {
if (!this.configAttributes.get(i).equals(testAttrs.get(i))) {
return false;
}
}
return true;
if (!(obj instanceof ConfigAttributeDefinition)) {
return false;
}
return false;
ConfigAttributeDefinition test = (ConfigAttributeDefinition) obj;
return configAttributes.equals(test.configAttributes);
}
/**
* Returns an <code>Iterator</code> over all the <code>ConfigAttribute</code>s defined by this
* <code>ConfigAttributeDefinition</code>.<P>Allows <code>AccessDecisionManager</code>s and other classes
* to loop through every configuration attribute associated with a target secure object.</p>
* Returns the internal collection of <code>ConfigAttribute</code>s defined by this
* <code>ConfigAttributeDefinition</code>.
* <p>
* Allows <code>AccessDecisionManager</code>s and other classes to loop through every configuration attribute
* associated with a target secure object.
*
* @return all the configuration attributes stored by the instance, or <code>null</code> if an
* <code>Iterator</code> is unavailable
*/
public Iterator getConfigAttributes() {
return this.configAttributes.iterator();
}
/**
* Returns the number of <code>ConfigAttribute</code>s defined by this
* <code>ConfigAttributeDefinition</code>.
*
* @return the number of <code>ConfigAttribute</code>s contained
*/
public int size() {
return configAttributes.size();
public Collection getConfigAttributes() {
return this.configAttributes;
}
public String toString() {

14
core/src/main/java/org/springframework/security/ConfigAttributeEditor.java
View File

@ -18,6 +18,8 @@ package org.springframework.security;
import org.springframework.util.StringUtils;
import java.beans.PropertyEditorSupport;
import java.util.List;
import java.util.ArrayList;
/**
@ -32,17 +34,11 @@ public class ConfigAttributeEditor extends PropertyEditorSupport {
//~ Methods ========================================================================================================
public void setAsText(String s) throws IllegalArgumentException {
if ((s == null) || "".equals(s)) {
setValue(null);
if (StringUtils.hasText(s)) {
setValue(new ConfigAttributeDefinition(StringUtils.commaDelimitedListToStringArray(s)));
} else {
String[] tokens = StringUtils.commaDelimitedListToStringArray(s);
ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition();
setValue(null);
for (int i = 0; i < tokens.length; i++) {
configDefinition.addConfigAttribute(new SecurityConfig(tokens[i].trim()));
}
setValue(configDefinition);
}
}
}

2
core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationCollectionFilteringProvider.java
View File

@ -71,7 +71,7 @@ public class AclEntryAfterInvocationCollectionFilteringProvider extends Abstract
public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config,
Object returnedObject) throws AccessDeniedException {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationProvider.java
View File

@ -70,7 +70,7 @@ public class AclEntryAfterInvocationProvider extends AbstractAclProvider impleme
public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config,
Object returnedObject) throws AccessDeniedException {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProvider.java
View File

@ -92,7 +92,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProvider implements
public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config,
Object returnedObject) throws AccessDeniedException {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProvider.java
View File

@ -90,7 +90,7 @@ public class BasicAclEntryAfterInvocationProvider implements AfterInvocationProv
public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config,
Object returnedObject) throws AccessDeniedException {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplate.java
View File

@ -86,7 +86,7 @@ public abstract class CaptchaChannelProcessorTemplate implements ChannelProcesso
CaptchaSecurityContext context = null;
context = (CaptchaSecurityContext) SecurityContextHolder.getContext();
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java
View File

@ -224,7 +224,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A
while (iter.hasNext()) {
ConfigAttributeDefinition def = (ConfigAttributeDefinition) iter.next();
Iterator attributes = def.getConfigAttributes();
Iterator attributes = def.getConfigAttributes().iterator();
while (attributes.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) attributes.next();

33
core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionAttributes.java
View File

@ -24,6 +24,8 @@ import java.lang.reflect.Method;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.ArrayList;
/**
@ -56,21 +58,17 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
//~ Methods ========================================================================================================
private void add(ConfigAttributeDefinition definition, Collection attribs) {
private void add(List definition, Collection attribs) {
for (Iterator iter = attribs.iterator(); iter.hasNext();) {
Object o = iter.next();
if (o instanceof ConfigAttribute) {
definition.addConfigAttribute((ConfigAttribute) o);
definition.add(o);
}
}
}
private void addClassAttributes(ConfigAttributeDefinition definition, Class clazz) {
addClassAttributes(definition, new Class[] {clazz});
}
private void addClassAttributes(ConfigAttributeDefinition definition, Class[] clazz) {
private void addClassAttributes(List definition, Class[] clazz) {
for (int i = 0; i < clazz.length; i++) {
Collection classAttributes = attributes.getAttributes(clazz[i]);
@ -80,7 +78,7 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
}
}
private void addInterfaceMethodAttributes(ConfigAttributeDefinition definition, Method method) {
private void addInterfaceMethodAttributes(List definition, Method method) {
Class[] interfaces = method.getDeclaringClass().getInterfaces();
for (int i = 0; i < interfaces.length; i++) {
@ -96,7 +94,7 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
}
}
private void addMethodAttributes(ConfigAttributeDefinition definition, Method method) {
private void addMethodAttributes(List definition, Method method) {
// add the method level attributes
Collection methodAttributes = attributes.getAttributes(method);
@ -110,27 +108,26 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
}
protected ConfigAttributeDefinition lookupAttributes(Method method) {
ConfigAttributeDefinition definition = new ConfigAttributeDefinition();
Class interceptedClass = method.getDeclaringClass();
List attributes = new ArrayList();
// add the class level attributes for the implementing class
addClassAttributes(definition, interceptedClass);
addClassAttributes(attributes, new Class[] {interceptedClass});
// add the class level attributes for the implemented interfaces
addClassAttributes(definition, interceptedClass.getInterfaces());
addClassAttributes(attributes, interceptedClass.getInterfaces());
// add the method level attributes for the implemented method
addMethodAttributes(definition, method);
addMethodAttributes(attributes, method);
// add the method level attributes for the implemented intreface methods
addInterfaceMethodAttributes(definition, method);
addInterfaceMethodAttributes(attributes, method);
if (definition.size() == 0) {
if (attributes.size() == 0) {
return null;
} else {
return definition;
}
return new ConfigAttributeDefinition(attributes);
}
public void setAttributes(Attributes attributes) {

59
core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionMap.java
View File

@ -15,7 +15,6 @@
package org.springframework.security.intercept.method;
import org.springframework.security.ConfigAttribute;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.SecurityConfig;
@ -64,6 +63,22 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource {
//~ Methods ========================================================================================================
public MethodDefinitionMap() {
}
/**
* Creates the MethodDefinitionMap from a
* @param methodMap map of method names to <tt>ConfigAttributeDefinition</tt>s.
*/
public MethodDefinitionMap(Map methodMap) {
Iterator iterator = methodMap.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry entry = (Map.Entry) iterator.next();
addSecureMethod((String)entry.getKey(), (ConfigAttributeDefinition)entry.getValue());
}
}
/**
* Add configuration attributes for a secure method. Method names can end or start with <code>&#42</code>
* for matching multiple methods.
@ -192,11 +207,10 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource {
}
protected ConfigAttributeDefinition lookupAttributes(Method method) {
ConfigAttributeDefinition definition = new ConfigAttributeDefinition();
List attributesToReturn = new ArrayList();
// Add attributes explictly defined for this method invocation
ConfigAttributeDefinition directlyAssigned = (ConfigAttributeDefinition) this.methodMap.get(method);
merge(definition, directlyAssigned);
merge(attributesToReturn, (ConfigAttributeDefinition) this.methodMap.get(method));
// Add attributes explicitly defined for this method invocation's interfaces
Class[] interfaces = method.getDeclaringClass().getInterfaces();
@ -209,50 +223,25 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource {
Method interfaceMethod = clazz.getDeclaredMethod(method.getName(), (Class[]) method.getParameterTypes());
ConfigAttributeDefinition interfaceAssigned =
(ConfigAttributeDefinition) this.methodMap.get(interfaceMethod);
merge(definition, interfaceAssigned);
merge(attributesToReturn, interfaceAssigned);
} catch (Exception e) {
// skip this interface
}
}
// Return null if empty, as per abstract superclass contract
if (definition.size() == 0) {
if (attributesToReturn.size() == 0) {
return null;
} else {
return definition;
}
return new ConfigAttributeDefinition(attributesToReturn);
}
private void merge(ConfigAttributeDefinition definition, ConfigAttributeDefinition toMerge) {
private void merge(List attributes, ConfigAttributeDefinition toMerge) {
if (toMerge == null) {
return;
}
Iterator attribs = toMerge.getConfigAttributes();
while (attribs.hasNext()) {
definition.addConfigAttribute((ConfigAttribute) attribs.next());
}
}
/**
* Easier configuration of the instance, using {@link MethodDefinitionSourceMapping}.
*
* @param mappings {@link List} of {@link MethodDefinitionSourceMapping} objects.
*/
public void setMappings(List mappings) {
Iterator it = mappings.iterator();
while (it.hasNext()) {
MethodDefinitionSourceMapping mapping = (MethodDefinitionSourceMapping) it.next();
ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition();
Iterator configAttributesIt = mapping.getConfigAttributes().iterator();
while (configAttributesIt.hasNext()) {
String s = (String) configAttributesIt.next();
configDefinition.addConfigAttribute(new SecurityConfig(s));
}
addSecureMethod(mapping.getMethodName(), configDefinition);
}
attributes.addAll(toMerge.getConfigAttributes());
}
}

55
core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java
View File

@ -15,6 +15,8 @@
package org.springframework.security.intercept.method;
import org.springframework.security.ConfigAttributeDefinition;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -27,6 +29,8 @@ import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Map;
import java.util.LinkedHashMap;
/**
@ -44,38 +48,29 @@ public class MethodDefinitionSourceEditor extends PropertyEditorSupport {
//~ Methods ========================================================================================================
public void setAsText(String s) throws IllegalArgumentException {
MethodDefinitionMap source = new MethodDefinitionMap();
if ((s == null) || "".equals(s)) {
// Leave value in property editor null
} else {
// Use properties editor to tokenize the string
PropertiesEditor propertiesEditor = new PropertiesEditor();
propertiesEditor.setAsText(s);
Properties props = (Properties) propertiesEditor.getValue();
// Now we have properties, process each one individually
List mappings = new ArrayList();
for (Iterator iter = props.keySet().iterator(); iter.hasNext();) {
String name = (String) iter.next();
String value = props.getProperty(name);
MethodDefinitionSourceMapping mapping = new MethodDefinitionSourceMapping();
mapping.setMethodName(name);
String[] tokens = StringUtils.commaDelimitedListToStringArray(value);
for (int i = 0; i < tokens.length; i++) {
mapping.addConfigAttribute(tokens[i].trim());
}
mappings.add(mapping);
}
source.setMappings(mappings);
setValue(new MethodDefinitionMap());
return;
}
setValue(source);
// Use properties editor to tokenize the string
PropertiesEditor propertiesEditor = new PropertiesEditor();
propertiesEditor.setAsText(s);
Properties props = (Properties) propertiesEditor.getValue();
// Now we have properties, process each one individually
Map mappings = new LinkedHashMap();
for (Iterator iter = props.keySet().iterator(); iter.hasNext();) {
String name = (String) iter.next();
String value = props.getProperty(name);
String[] tokens = StringUtils.commaDelimitedListToStringArray(value);
mappings.put(name, new ConfigAttributeDefinition(tokens));
}
setValue(new MethodDefinitionMap(mappings));
}
}

82
core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceMapping.java
View File

@ -1,82 +0,0 @@
/* Copyright 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.intercept.method;
import java.util.ArrayList;
import java.util.List;
import org.springframework.security.ConfigAttribute;
/**
* Configuration entry for {@link MethodDefinitionSource}, that holds
* the method to be protected and the {@link ConfigAttribute}s as {@link String}
* that apply to that url.
*
* @author <a href="mailto:carlos@apache.org">Carlos Sanchez</a>
* @version $Id$
* @since 1.1
*/
public class MethodDefinitionSourceMapping {
private String methodName;
private List configAttributes = new ArrayList();
/**
* Name of the method to be secured, including package and class name.
* eg. <code>org.mydomain.MyClass.myMethod</code>
*
* @param methodName
*/
public void setMethodName(String methodName) {
this.methodName = methodName;
}
/**
* Name of the method to be secured.
*
* @return the name of the method
*/
public String getMethodName() {
return methodName;
}
/**
*
* @param roles {@link List}&lt;{@link String}>
*/
public void setConfigAttributes(List roles) {
this.configAttributes = roles;
}
/**
*
* @return {@link List}&lt;{@link String}>
*/
public List getConfigAttributes() {
return configAttributes;
}
/**
* Add a {@link ConfigAttribute} as {@link String}
*
* @param configAttribute
*/
public void addConfigAttribute(String configAttribute) {
configAttributes.add(configAttribute);
}
}

36
core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java
View File

@ -79,6 +79,17 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
this.urlMatcher = urlMatcher;
}
public DefaultFilterInvocationDefinitionSource(UrlMatcher urlMatcher, LinkedHashMap requestMap) {
this.urlMatcher = urlMatcher;
Iterator iterator = requestMap.entrySet().iterator();
while (iterator.hasNext()) {
Map.Entry entry = (Map.Entry) iterator.next();
addSecureUrl((String)entry.getKey(), (ConfigAttributeDefinition)entry.getValue());
}
}
//~ Methods ========================================================================================================
public void addSecureUrl(String pattern, ConfigAttributeDefinition attr) {
@ -212,31 +223,6 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation
return null;
}
/**
* Allows or easier configuration using {@link FilterInvocationDefinitionSourceMapping}.
*
* @param mappings
* {@link java.util.List} of
* {@link FilterInvocationDefinitionSourceMapping} objects.
*/
void setMappings(List mappings) {
Iterator it = mappings.iterator();
while (it.hasNext()) {
FilterInvocationDefinitionSourceMapping mapping = (FilterInvocationDefinitionSourceMapping) it.next();
ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition();
Iterator configAttributesIt = mapping.getConfigAttributes().iterator();
while (configAttributesIt.hasNext()) {
String s = (String) configAttributesIt.next();
configDefinition.addConfigAttribute(new SecurityConfig(s));
}
addSecureUrl(mapping.getUrl(), configDefinition);
}
}
public boolean supports(Class clazz) {
return FilterInvocation.class.isAssignableFrom(clazz);
}

2
core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java
View File

@ -41,7 +41,7 @@ public class FIDSToFilterChainMapConverter {
ConfigAttributeDefinition configAttributeDefinition = (ConfigAttributeDefinition) requestMap.get(entry);
List filters = new ArrayList();
Iterator attributes = configAttributeDefinition.getConfigAttributes();
Iterator attributes = configAttributeDefinition.getConfigAttributes().iterator();
while (attributes.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) attributes.next();

56
core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditor.java
View File

@ -19,13 +19,13 @@ import java.beans.PropertyEditorSupport;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.util.ArrayList;
import java.util.List;
import java.util.LinkedHashMap;
import org.springframework.security.util.StringSplitUtils;
import org.springframework.security.util.RegexUrlPathMatcher;
import org.springframework.security.util.UrlMatcher;
import org.springframework.security.util.AntUrlPathMatcher;
import org.springframework.security.ConfigAttributeDefinition;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@ -85,29 +85,11 @@ public class FilterInvocationDefinitionSourceEditor extends PropertyEditorSuppor
}
}
UrlMatcher matcher;
if (useAnt) {
matcher = new AntUrlPathMatcher();
((AntUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase);
} else {
matcher = new RegexUrlPathMatcher();
((RegexUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase);
}
DefaultFilterInvocationDefinitionSource fids = new DefaultFilterInvocationDefinitionSource(matcher);
if (useAnt) {
fids.setStripQueryStringFromUrls(true);
}
BufferedReader br = new BufferedReader(new StringReader(s));
int counter = 0;
String line;
List mappings = new ArrayList();
LinkedHashMap urlMap = new LinkedHashMap();
while (true) {
counter++;
@ -183,19 +165,33 @@ public class FilterInvocationDefinitionSourceEditor extends PropertyEditorSuppor
}
}
FilterInvocationDefinitionSourceMapping mapping = new FilterInvocationDefinitionSourceMapping();
mapping.setUrl(name);
String[] tokens = StringUtils.commaDelimitedListToStringArray(value);
for (int i = 0; i < tokens.length; i++) {
mapping.addConfigAttribute(tokens[i].trim());
}
mappings.add(mapping);
urlMap.put(name, new ConfigAttributeDefinition(tokens));
}
DefaultFilterInvocationDefinitionSource fids =
new DefaultFilterInvocationDefinitionSource(createMatcher(useAnt, converUrlToLowerCase), urlMap);
if (useAnt) {
fids.setStripQueryStringFromUrls(true);
}
fids.setMappings(mappings);
setValue(fids);
}
private UrlMatcher createMatcher(boolean useAnt, boolean converUrlToLowerCase) {
UrlMatcher matcher;
if (useAnt) {
matcher = new AntUrlPathMatcher();
((AntUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase);
} else {
matcher = new RegexUrlPathMatcher();
((RegexUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase);
}
return matcher;
}
}

81
core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceMapping.java
View File

@ -1,81 +0,0 @@
/* Copyright 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.intercept.web;
import java.util.ArrayList;
import java.util.List;
import org.springframework.security.ConfigAttribute;
/**
* Configuration entry for {@link FilterInvocationDefinitionSource}, that holds
* the url to be protected and the {@link ConfigAttribute}s as {@link String}
* that apply to that url.
*
* @author <a href="mailto:carlos@apache.org">Carlos Sanchez</a>
* @version $Id$
* @since 1.1
*/
class FilterInvocationDefinitionSourceMapping {
private String url;
private List configAttributes = new ArrayList();
/**
* Url to be secured.
*
* @param url
*/
public void setUrl(String url) {
this.url = url;
}
/**
* Url to be secured.
*
* @return the url
*/
public String getUrl() {
return url;
}
/**
*
* @param roles {@link List}&lt;{@link String}>
*/
public void setConfigAttributes(List roles) {
this.configAttributes = roles;
}
/**
*
* @return {@link List}&lt;{@link String}>
*/
public List getConfigAttributes() {
return configAttributes;
}
/**
* Add a {@link ConfigAttribute} as {@link String}
*
* @param configAttribute
*/
public void addConfigAttribute(String configAttribute) {
configAttributes.add(configAttribute);
}
}

2
core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java
View File

@ -66,7 +66,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean {
public Authentication buildRunAs(Authentication authentication, Object object, ConfigAttributeDefinition config) {
List newAuthorities = new Vector();
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/securechannel/ChannelDecisionManagerImpl.java
View File

@ -68,7 +68,7 @@ public class ChannelDecisionManagerImpl implements ChannelDecisionManager, Initi
public void decide(FilterInvocation invocation, ConfigAttributeDefinition config)
throws IOException, ServletException {
Iterator attrs = config.getConfigAttributes();
Iterator attrs = config.getConfigAttributes().iterator();
while (attrs.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) attrs.next();

2
core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java
View File

@ -81,7 +81,7 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini
while (iter.hasNext()) {
ConfigAttributeDefinition def = (ConfigAttributeDefinition) iter.next();
Iterator attributes = def.getConfigAttributes();
Iterator attributes = def.getConfigAttributes().iterator();
while (attributes.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) attributes.next();

2
core/src/main/java/org/springframework/security/securechannel/InsecureChannelProcessor.java
View File

@ -61,7 +61,7 @@ public class InsecureChannelProcessor implements InitializingBean, ChannelProces
throw new IllegalArgumentException("Nulls cannot be provided");
}
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/securechannel/SecureChannelProcessor.java
View File

@ -59,7 +59,7 @@ public class SecureChannelProcessor implements InitializingBean, ChannelProcesso
throws IOException, ServletException {
Assert.isTrue((invocation != null) && (config != null), "Nulls cannot be provided");
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

8
core/src/main/java/org/springframework/security/userdetails/CachingUserDetailsService.java Normal file
View File

@ -0,0 +1,8 @@
package org.springframework.security.userdetails;
/**
* @author Luke Taylor
* @version $Id$
*/
public interface CachingUserDetailsService extends UserDetailsService, UserDetailsCache {
}

14
core/src/main/java/org/springframework/security/userdetails/UserDetailsCache.java Normal file
View File

@ -0,0 +1,14 @@
package org.springframework.security.userdetails;
/**
* @author Luke Taylor
* @version $Id$
*/
public interface UserDetailsCache {
boolean userIsCached(String username);
void removeUserFromCache(String username);
void clearCache();
}

8
core/src/main/java/org/springframework/security/userdetails/decorator/CacheEnabledUserDetailsService.java Normal file
View File

@ -0,0 +1,8 @@
package org.springframework.security.userdetails.decorator;
/**
* @author Luke Taylor
* @version $Id$
*/
public class CacheEnabledUserDetailsService {
}

2
core/src/main/java/org/springframework/security/vote/AclEntryVoter.java
View File

@ -144,7 +144,7 @@ public class AclEntryVoter extends AbstractAclVoter {
}
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java
View File

@ -87,7 +87,7 @@ public class AuthenticatedVoter implements AccessDecisionVoter {
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
int result = ACCESS_ABSTAIN;
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

2
core/src/main/java/org/springframework/security/vote/BasicAclEntryVoter.java
View File

@ -163,7 +163,7 @@ public class BasicAclEntryVoter extends AbstractAclVoter implements Initializing
}
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

20
core/src/main/java/org/springframework/security/vote/LabelBasedAclVoter.java
View File

@ -182,7 +182,7 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
logger.debug("==========================================================");
}
if (this.supports((ConfigAttribute) config.getConfigAttributes().next())) {
if (this.supports((ConfigAttribute) config.getConfigAttributes().iterator().next())) {
result = ACCESS_DENIED;
/* Parse out the user's labels by examining the security context, and checking
@ -267,27 +267,15 @@ public class LabelBasedAclVoter extends AbstractAclVoter {
if (logger.isDebugEnabled()) {
switch (result) {
case ACCESS_GRANTED:
if (logger.isDebugEnabled()) {
logger.debug("===== Access is granted =====");
}
logger.debug("===== Access is granted =====");
break;
case ACCESS_DENIED:
if (logger.isDebugEnabled()) {
logger.debug("===== Access is denied =====");
}
logger.debug("===== Access is denied =====");
break;
case ACCESS_ABSTAIN:
if (logger.isDebugEnabled()) {
logger.debug("===== Abstaining =====");
}
logger.debug("===== Abstaining =====");
break;
}
}

2
core/src/main/java/org/springframework/security/vote/RoleVoter.java
View File

@ -93,7 +93,7 @@ public class RoleVoter implements AccessDecisionVoter {
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
int result = ACCESS_ABSTAIN;
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

17
core/src/main/java/org/springframework/security/vote/UnanimousBased.java
View File

@ -21,6 +21,7 @@ import org.springframework.security.ConfigAttribute;
import org.springframework.security.ConfigAttributeDefinition;
import java.util.Iterator;
import java.util.Arrays;
/**
@ -32,8 +33,9 @@ public class UnanimousBased extends AbstractAccessDecisionManager {
/**
* This concrete implementation polls all configured {@link AccessDecisionVoter}s for each {@link
* ConfigAttribute} and grants access if <b>only</b> grant votes were received.<p>Other voting
* implementations usually pass the entire list of {@link ConfigAttributeDefinition}s to the
* ConfigAttribute} and grants access if <b>only</b> grant votes were received.
* <p>
* Other voting implementations usually pass the entire list of {@link ConfigAttributeDefinition}s to the
* <code>AccessDecisionVoter</code>. This implementation differs in that each <code>AccessDecisionVoter</code>
* knows only about a single <code>ConfigAttribute</code> at a time.</p>
* <p>If every <code>AccessDecisionVoter</code> abstained from voting, the decision will be based on the
@ -46,21 +48,22 @@ public class UnanimousBased extends AbstractAccessDecisionManager {
* @throws AccessDeniedException if access is denied
*/
public void decide(Authentication authentication, Object object, ConfigAttributeDefinition config)
throws AccessDeniedException {
throws AccessDeniedException {
int grant = 0;
int abstain = 0;
Iterator configIter = config.getConfigAttributes();
Iterator configIter = config.getConfigAttributes().iterator();
while (configIter.hasNext()) {
ConfigAttributeDefinition thisDef = new ConfigAttributeDefinition();
thisDef.addConfigAttribute((ConfigAttribute) configIter.next());
ConfigAttributeDefinition singleAttrDef =
new ConfigAttributeDefinition((ConfigAttribute) configIter.next());
Iterator voters = this.getDecisionVoters().iterator();
while (voters.hasNext()) {
AccessDecisionVoter voter = (AccessDecisionVoter) voters.next();
int result = voter.vote(authentication, object, thisDef);
int result = voter.vote(authentication, object, singleAttrDef);
switch (result) {
case AccessDecisionVoter.ACCESS_GRANTED:

51
core/src/test/java/org/springframework/security/ConfigAttributeEditorTests.java
View File

@ -28,6 +28,8 @@ import java.util.Iterator;
* @version $Id$
*/
public class ConfigAttributeEditorTests extends TestCase {
private static final String[] ATTRIBUTES = new String[] {"A", "B"};
//~ Constructors ===================================================================================================
public ConfigAttributeEditorTests() {
@ -40,20 +42,12 @@ public class ConfigAttributeEditorTests extends TestCase {
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(ConfigAttributeEditorTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testCorrectOperation() {
ConfigAttributeEditor editor = new ConfigAttributeEditor();
editor.setAsText("HELLO,DOCTOR,NAME,YESTERDAY,TOMORROW");
ConfigAttributeDefinition result = (ConfigAttributeDefinition) editor.getValue();
Iterator iter = result.getConfigAttributes();
Iterator iter = result.getConfigAttributes().iterator();
int position = 0;
while (iter.hasNext()) {
@ -63,7 +57,7 @@ public class ConfigAttributeEditorTests extends TestCase {
assertEquals(5, position);
assertEquals(5, result.size());
assertEquals(5, result.getConfigAttributes().size());
assertTrue(result.contains(new SecurityConfig("HELLO")));
assertTrue(result.contains(new SecurityConfig("TOMORROW")));
@ -79,46 +73,31 @@ public class ConfigAttributeEditorTests extends TestCase {
}
public void testEqualsHandlingWhenDifferentObjectTypes() {
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition();
def1.addConfigAttribute(new SecurityConfig("A"));
def1.addConfigAttribute(new SecurityConfig("B"));
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES);
assertTrue(!def1.equals("A_STRING"));
}
public void testEqualsHandlingWhenExactlyEqual() {
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition();
def1.addConfigAttribute(new SecurityConfig("A"));
def1.addConfigAttribute(new SecurityConfig("B"));
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition();
def2.addConfigAttribute(new SecurityConfig("A"));
def2.addConfigAttribute(new SecurityConfig("B"));
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES);
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(ATTRIBUTES);
assertEquals(def1, def2);
}
public void testEqualsHandlingWhenOrderingNotEqual() {
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition();
def1.addConfigAttribute(new SecurityConfig("A"));
def1.addConfigAttribute(new SecurityConfig("B"));
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES);
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {"B", "A"});
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition();
def2.addConfigAttribute(new SecurityConfig("B"));
def2.addConfigAttribute(new SecurityConfig("A"));
assertTrue(!def1.equals(def2));
assertFalse(def1.equals(def2));
}
public void testEqualsHandlingWhenTestObjectHasNoAttributes() {
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition();
def1.addConfigAttribute(new SecurityConfig("A"));
def1.addConfigAttribute(new SecurityConfig("B"));
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES);
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {});
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition();
assertTrue(!def1.equals(def2));
assertTrue(!def2.equals(def1));
assertFalse(def1.equals(def2));
assertFalse(def2.equals(def1));
}
public void testNullReturnsNull() {
@ -134,7 +113,7 @@ public class ConfigAttributeEditorTests extends TestCase {
editor.setAsText(" HELLO, DOCTOR,NAME, YESTERDAY ,TOMORROW ");
ConfigAttributeDefinition result = (ConfigAttributeDefinition) editor.getValue();
Iterator iter = result.getConfigAttributes();
Iterator iter = result.getConfigAttributes().iterator();
ArrayList list = new ArrayList();

2
core/src/test/java/org/springframework/security/MockAccessDecisionManager.java
View File

@ -30,7 +30,7 @@ public class MockAccessDecisionManager implements AccessDecisionManager {
public void decide(Authentication authentication, Object object, ConfigAttributeDefinition config)
throws AccessDeniedException {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

2
core/src/test/java/org/springframework/security/MockAfterInvocationManager.java
View File

@ -29,7 +29,7 @@ public class MockAfterInvocationManager implements AfterInvocationManager {
public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config,
Object returnedObject) throws AccessDeniedException {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

2
core/src/test/java/org/springframework/security/MockRunAsManager.java
View File

@ -29,7 +29,7 @@ public class MockRunAsManager implements RunAsManager {
//~ Methods ========================================================================================================
public Authentication buildRunAs(Authentication authentication, Object object, ConfigAttributeDefinition config) {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attr = (ConfigAttribute) iter.next();

20
core/src/test/java/org/springframework/security/afterinvocation/AfterInvocationProviderManagerTests.java
View File

@ -70,21 +70,11 @@ public class AfterInvocationProviderManagerTests extends TestCase {
assertEquals(list, manager.getProviders());
manager.afterPropertiesSet();
ConfigAttributeDefinition attr1 = new ConfigAttributeDefinition();
attr1.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP1"));
ConfigAttributeDefinition attr2 = new ConfigAttributeDefinition();
attr2.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP2"));
ConfigAttributeDefinition attr3 = new ConfigAttributeDefinition();
attr3.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP3"));
ConfigAttributeDefinition attr2and3 = new ConfigAttributeDefinition();
attr2and3.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP2"));
attr2and3.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP3"));
ConfigAttributeDefinition attr4 = new ConfigAttributeDefinition();
attr4.addConfigAttribute(new SecurityConfig("NEVER_CAUSES_SWAP"));
ConfigAttributeDefinition attr1 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP1"});
ConfigAttributeDefinition attr2 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP2"});
ConfigAttributeDefinition attr3 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP3"});
ConfigAttributeDefinition attr2and3 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP2","GIVE_ME_SWAP3"});
ConfigAttributeDefinition attr4 = new ConfigAttributeDefinition(new String[] {"NEVER_CAUSES_SWAP"});
assertEquals("swap1", manager.decide(null, new SimpleMethodInvocation(), attr1, "content-before-swapping"));

40
core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProviderTests.java
View File

@ -20,8 +20,6 @@ import junit.framework.TestCase;
import org.springframework.security.AuthorizationServiceException;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.MockAclManager;
import org.springframework.security.SecurityConfig;
import org.springframework.security.acl.AclEntry;
import org.springframework.security.acl.AclManager;
import org.springframework.security.acl.basic.MockAclObjectIdentity;
@ -54,14 +52,6 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(BasicAclEntryAfterInvocationCollectionFilteringProviderTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testCorrectOperationWhenPrincipalHasIncorrectPermissionToDomainObject()
throws Exception {
// Create an AclManager, granting scott only ADMINISTRATION rights
@ -83,8 +73,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// Filter
List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list);
@ -117,8 +106,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// Filter
List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list);
@ -152,8 +140,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// Filter
List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list);
@ -188,8 +175,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// Filter
String[] filteredList = (String[]) provider.decide(auth, new SimpleMethodInvocation(), attr, list);
@ -215,8 +201,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// Filter
try {
@ -244,8 +229,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// Filter
List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, null);
@ -253,8 +237,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
assertNull(filteredList);
}
public void testRespectsModificationsToProcessConfigAttribute()
throws Exception {
public void testRespectsModificationsToProcessConfigAttribute() throws Exception {
// Create an AclManager
AclManager aclManager = new MockAclManager("sydney", "rod",
new AclEntry[] {
@ -279,14 +262,14 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// As no matching config attrib, ensure provider doesn't change list
assertEquals(4, ((List) provider.decide(auth, new SimpleMethodInvocation(), attr, list)).size());
// Filter, this time with the conf attrib provider setup to answer
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_ADMIN"));
attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_ADMIN");
//attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_ADMIN"));
List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list);
@ -320,8 +303,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ");
// Filter
List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list);

87
core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProviderTests.java
View File

@ -20,8 +20,6 @@ import junit.framework.TestCase;
import org.springframework.security.AccessDeniedException;
import org.springframework.security.ConfigAttributeDefinition;
import org.springframework.security.MockAclManager;
import org.springframework.security.SecurityConfig;
import org.springframework.security.acl.AclEntry;
import org.springframework.security.acl.AclManager;
import org.springframework.security.acl.basic.MockAclObjectIdentity;
@ -39,32 +37,15 @@ import org.springframework.security.util.SimpleMethodInvocation;
* @version $Id$
*/
public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
//~ Constructors ===================================================================================================
public BasicAclEntryAfterInvocationProviderTests() {
super();
}
public BasicAclEntryAfterInvocationProviderTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(BasicAclEntryAfterInvocationProviderTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testCorrectOperationWhenPrincipalHasIncorrectPermissionToDomainObject()
throws Exception {
// Create an AclManager, granting scott only ADMINISTRATION rights
AclManager aclManager = new MockAclManager("belmont", "scott",
new AclEntry[] {
new SimpleAclEntry("scott", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION)
new AclEntry[]{
new SimpleAclEntry("scott", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION)
});
BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider();
@ -73,8 +54,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ");
try {
provider.decide(auth, new SimpleMethodInvocation(), attr, "belmont");
@ -88,11 +68,11 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
throws Exception {
// Create an AclManager
AclManager aclManager = new MockAclManager("belmont", "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider();
@ -101,8 +81,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ");
try {
provider.decide(auth, new SimpleMethodInvocation(), attr, "belmont");
@ -116,11 +95,11 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
throws Exception {
// Create an AclManager
AclManager aclManager = new MockAclManager("belmont", "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider();
@ -130,8 +109,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ");
// Filter
assertEquals("belmont", provider.decide(auth, new SimpleMethodInvocation(), attr, "belmont"));
@ -141,11 +119,11 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
throws Exception {
// Create an AclManager
AclManager aclManager = new MockAclManager("belmont", "rod",
new AclEntry[] {
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE),
new MockAclEntry()
new AclEntry[]{
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE),
new MockAclEntry()
});
BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider();
@ -154,8 +132,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ");
// Filter
assertNull(provider.decide(auth, new SimpleMethodInvocation(), attr, null));
@ -165,9 +142,9 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
throws Exception {
// Create an AclManager
AclManager aclManager = new MockAclManager("sydney", "rod",
new AclEntry[] {
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new MockAclEntry()
new AclEntry[]{
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new MockAclEntry()
});
BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider();
@ -179,14 +156,13 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ");
// As no matching config attrib, ensure provider returns original obj
assertEquals("sydney", provider.decide(auth, new SimpleMethodInvocation(), attr, "sydney"));
// Filter, this time with the conf attrib provider setup to answer
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_ADMIN"));
attr = new ConfigAttributeDefinition("AFTER_ACL_ADMIN");
assertEquals("sydney", provider.decide(auth, new SimpleMethodInvocation(), attr, "sydney"));
}
@ -194,22 +170,21 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase {
throws Exception {
// Create an AclManager
AclManager aclManager = new MockAclManager("sydney", "rod",
new AclEntry[] {
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new MockAclEntry()
new AclEntry[]{
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new MockAclEntry()
});
BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider();
provider.setAclManager(aclManager);
assertEquals(SimpleAclEntry.READ, provider.getRequirePermission()[0]);
provider.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION});
provider.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION});
assertEquals(SimpleAclEntry.ADMINISTRATION, provider.getRequirePermission()[0]);
provider.afterPropertiesSet();
// Create the Authentication and Config Attribs we'll be presenting
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED");
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ");
// Filter
assertEquals("sydney", provider.decide(auth, new SimpleMethodInvocation(), attr, "sydney"));

7
core/src/test/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplateTests.java
View File

@ -68,8 +68,7 @@ public class CaptchaChannelProcessorTemplateTests extends TestCase {
CaptchaChannelProcessorTemplate processor = new TestHumanityCaptchaChannelProcessor();
processor.setKeyword("X");
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("Y"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition("Y");
CaptchaSecurityContext context = new CaptchaSecurityContextImpl();
SecurityContextHolder.setContext(context);
@ -135,9 +134,7 @@ public class CaptchaChannelProcessorTemplateTests extends TestCase {
CaptchaChannelProcessorTemplate processor = new TestHumanityCaptchaChannelProcessor();
processor.setKeyword("X");
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("X"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition("X");
CaptchaSecurityContext context = new CaptchaSecurityContextImpl();
SecurityContextHolder.setContext(context);

16
core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java
View File

@ -133,13 +133,13 @@ public class HttpSecurityBeanDefinitionParserTests {
FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR);
FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource();
ConfigAttributeDefinition attrs = fids.getAttributes(createFilterinvocation("/Secure", null));
assertEquals(2, attrs.size());
assertTrue(attrs.contains(new SecurityConfig("ROLE_A")));
assertTrue(attrs.contains(new SecurityConfig("ROLE_B")));
attrs = fids.getAttributes(createFilterinvocation("/secure", null));
assertEquals(1, attrs.size());
assertTrue(attrs.contains(new SecurityConfig("ROLE_C")));
ConfigAttributeDefinition attrDef = fids.getAttributes(createFilterinvocation("/Secure", null));
assertEquals(2, attrDef.getConfigAttributes().size());
assertTrue(attrDef.contains(new SecurityConfig("ROLE_A")));
assertTrue(attrDef.contains(new SecurityConfig("ROLE_B")));
attrDef = fids.getAttributes(createFilterinvocation("/secure", null));
assertEquals(1, attrDef.getConfigAttributes().size());
assertTrue(attrDef.contains(new SecurityConfig("ROLE_C")));
}
@Test
@ -154,7 +154,7 @@ public class HttpSecurityBeanDefinitionParserTests {
FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR);
FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource();
ConfigAttributeDefinition attrs = fids.getAttributes(createFilterinvocation("/secure", "POST"));
assertEquals(2, attrs.size());
assertEquals(2, attrs.getConfigAttributes().size());
assertTrue(attrs.contains(new SecurityConfig("ROLE_A")));
assertTrue(attrs.contains(new SecurityConfig("ROLE_B")));
}

8
core/src/test/java/org/springframework/security/event/authorization/AuthenticationCredentialsNotFoundEventTests.java
View File

@ -42,13 +42,9 @@ public class AuthenticationCredentialsNotFoundEventTests extends TestCase {
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(AuthenticationCredentialsNotFoundEventTests.class);
}
public void testRejectsNulls() {
try {
new AuthenticationCredentialsNotFoundEvent(null, new ConfigAttributeDefinition(),
new AuthenticationCredentialsNotFoundEvent(null, new ConfigAttributeDefinition(new String[] {}),
new AuthenticationCredentialsNotFoundException("test"));
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
@ -64,7 +60,7 @@ public class AuthenticationCredentialsNotFoundEventTests extends TestCase {
}
try {
new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(),
new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(new String[] {}),
null);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {

6
core/src/test/java/org/springframework/security/event/authorization/AuthorizationFailureEventTests.java
View File

@ -52,7 +52,7 @@ public class AuthorizationFailureEventTests extends TestCase {
public void testRejectsNulls() {
try {
new AuthorizationFailureEvent(null, new ConfigAttributeDefinition(),
new AuthorizationFailureEvent(null, ConfigAttributeDefinition.NO_ATTRIBUTES,
new UsernamePasswordAuthenticationToken("foo", "bar"), new AccessDeniedException("error"));
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
@ -68,7 +68,7 @@ public class AuthorizationFailureEventTests extends TestCase {
}
try {
new AuthorizationFailureEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(), null,
new AuthorizationFailureEvent(new SimpleMethodInvocation(), ConfigAttributeDefinition.NO_ATTRIBUTES, null,
new AccessDeniedException("error"));
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
@ -76,7 +76,7 @@ public class AuthorizationFailureEventTests extends TestCase {
}
try {
new AuthorizationFailureEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(),
new AuthorizationFailureEvent(new SimpleMethodInvocation(), ConfigAttributeDefinition.NO_ATTRIBUTES,
new UsernamePasswordAuthenticationToken("foo", "bar"), null);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {

8
core/src/test/java/org/springframework/security/event/authorization/AuthorizedEventTests.java
View File

@ -43,13 +43,9 @@ public class AuthorizedEventTests extends TestCase {
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(AuthorizedEventTests.class);
}
public void testRejectsNulls() {
try {
new AuthorizedEvent(null, new ConfigAttributeDefinition(),
new AuthorizedEvent(null, ConfigAttributeDefinition.NO_ATTRIBUTES,
new UsernamePasswordAuthenticationToken("foo", "bar"));
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
@ -65,7 +61,7 @@ public class AuthorizedEventTests extends TestCase {
}
try {
new AuthorizedEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(), null);
new AuthorizedEvent(new SimpleMethodInvocation(), ConfigAttributeDefinition.NO_ATTRIBUTES, null);
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(true);

8
core/src/test/java/org/springframework/security/intercept/InterceptorStatusTokenTests.java
View File

@ -46,10 +46,6 @@ public class InterceptorStatusTokenTests extends TestCase {
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(InterceptorStatusTokenTests.class);
}
public void testNoArgConstructorDoesntExist() {
Class clazz = InterceptorStatusToken.class;
@ -62,9 +58,7 @@ public class InterceptorStatusTokenTests extends TestCase {
}
public void testOperation() {
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO");
MethodInvocation mi = new SimpleMethodInvocation();
InterceptorStatusToken token = new InterceptorStatusToken(new UsernamePasswordAuthenticationToken("rod",

11
core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionAttributesTests.java
View File

@ -71,7 +71,8 @@ public class MethodDefinitionAttributesTests extends TestCase {
}
private ConfigAttributeDefinition getConfigAttributeDefinition(Class clazz, String methodName, Class[] args)
throws Exception {
throws Exception {
final Method method = clazz.getMethod(methodName, args);
MethodDefinitionAttributes source = new MethodDefinitionAttributes();
source.setAttributes(new MockAttributes());
@ -96,8 +97,7 @@ public class MethodDefinitionAttributesTests extends TestCase {
super.setUp();
}
public void testAttributesForInterfaceTargetObject()
throws Exception {
public void testAttributesForInterfaceTargetObject() throws Exception {
ConfigAttributeDefinition def1 = getConfigAttributeDefinition(ITargetObject.class, "countLength",
new Class[] {String.class});
Set set1 = toSet(def1);
@ -190,8 +190,7 @@ public class MethodDefinitionAttributesTests extends TestCase {
assertEquals("HELLO org.springframework.security.MockRunAsAuthenticationToken true", result);
}
public void testMethodCallWithoutRunAsReplacement()
throws Exception {
public void testMethodCallWithoutRunAsReplacement() throws Exception {
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_INTERFACE_METHOD_MAKE_LOWER_CASE")});
SecurityContextHolder.getContext().setAuthentication(token);
@ -219,7 +218,7 @@ public class MethodDefinitionAttributesTests extends TestCase {
*/
private Set toSet(ConfigAttributeDefinition def) {
Set set = new HashSet();
Iterator i = def.getConfigAttributes();
Iterator i = def.getConfigAttributes().iterator();
while (i.hasNext()) {
ConfigAttribute a = (ConfigAttribute) i.next();

29
core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java
View File

@ -64,10 +64,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returnedCountLength = map.getAttributes(joinPoint);
ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition();
expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_TWO"));
expectedCountLength.addConfigAttribute(new SecurityConfig("RUN_AS_ENTRY"));
ConfigAttributeDefinition expectedCountLength =
new ConfigAttributeDefinition(new String[] {"ROLE_ONE", "ROLE_TWO", "RUN_AS_ENTRY"});
assertEquals(expectedCountLength, returnedCountLength);
}
@ -115,15 +113,13 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(TargetObject.class,
"makeLowerCase", new Class[] {String.class}));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition();
expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE"));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE");
assertEquals(expectedMakeLower, returnedMakeLower);
ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation(TargetObject.class,
"makeUpperCase", new Class[] {String.class}));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition();
expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_IMPLEMENTATION"));
expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE"));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(
new String[]{"ROLE_FROM_IMPLEMENTATION","ROLE_FROM_INTERFACE"});
assertEquals(expectedMakeUpper, returnedMakeUpper);
}
@ -171,20 +167,17 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(TargetObject.class,
"makeLowerCase", new Class[] {String.class}));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition();
expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_LOWER"));
ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_LOWER");
assertEquals(expectedMakeLower, returnedMakeLower);
ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation(TargetObject.class,
"makeUpperCase", new Class[] {String.class}));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition();
expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_UPPER"));
ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition("ROLE_UPPER");
assertEquals(expectedMakeUpper, returnedMakeUpper);
ConfigAttributeDefinition returnedCountLength = map.getAttributes(new MockMethodInvocation(TargetObject.class,
"countLength", new Class[] {String.class}));
ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition();
expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_GENERAL"));
ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition("ROLE_GENERAL");
assertEquals(expectedCountLength, returnedCountLength);
}
@ -215,10 +208,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returnedCountLength = map.getAttributes(new MockMethodInvocation(TargetObject.class,
"countLength", new Class[] {String.class}));
ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition();
expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_TWO"));
expectedCountLength.addConfigAttribute(new SecurityConfig("RUN_AS_ENTRY"));
ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition(
new String[] {"ROLE_ONE", "ROLE_TWO", "RUN_AS_ENTRY"});
assertEquals(expectedCountLength, returnedCountLength);
}

20
core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java
View File

@ -26,7 +26,6 @@ import java.util.Vector;
/**
* DOCUMENT ME!
*
* @author Ben Alex
* @version $Id$
@ -43,34 +42,23 @@ public class MockMethodDefinitionSource extends AbstractMethodDefinitionSource {
returnAnIterator = returnAnIteratorWhenRequested;
list = new Vector();
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition();
def1.addConfigAttribute(new SecurityConfig("MOCK_LOWER"));
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition("MOCK_LOWER");
list.add(def1);
if (includeInvalidAttributes) {
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition();
def2.addConfigAttribute(new SecurityConfig("MOCK_LOWER"));
def2.addConfigAttribute(new SecurityConfig("INVALID_ATTRIBUTE"));
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {"MOCK_LOWER","INVALID_ATTRIBUTE"});
list.add(def2);
}
ConfigAttributeDefinition def3 = new ConfigAttributeDefinition();
def3.addConfigAttribute(new SecurityConfig("MOCK_UPPER"));
def3.addConfigAttribute(new SecurityConfig("RUN_AS_"));
ConfigAttributeDefinition def3 = new ConfigAttributeDefinition(new String[] {"MOCK_UPPER", "RUN_AS_"});
list.add(def3);
if (includeInvalidAttributes) {
ConfigAttributeDefinition def4 = new ConfigAttributeDefinition();
def4.addConfigAttribute(new SecurityConfig("MOCK_SOMETHING"));
def4.addConfigAttribute(new SecurityConfig("ANOTHER_INVALID"));
ConfigAttributeDefinition def4 = new ConfigAttributeDefinition(new String[] {"MOCK_SOMETHING", "ANOTHER_INVALID"});
list.add(def4);
}
}
private MockMethodDefinitionSource() {
super();
}
//~ Methods ========================================================================================================
public Iterator getConfigAttributeDefinitions() {

35
core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java
View File

@ -52,8 +52,7 @@ public class DefaultFilterInvocationDefinitionSourceTests {
@Test
public void lookupNotRequiringExactMatchSuccessIfNotMatching() {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/secure/super/**", def);
FilterInvocation fi = createFilterInvocation("/SeCuRE/super/somefile.html", null);
@ -67,8 +66,7 @@ public class DefaultFilterInvocationDefinitionSourceTests {
*/
@Test
public void lookupNotRequiringExactMatchSucceedsIfSecureUrlPathContainsUpperCase() {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/SeCuRE/super/**", def);
FilterInvocation fi = createFilterInvocation("/secure/super/somefile.html", null);
@ -81,8 +79,7 @@ public class DefaultFilterInvocationDefinitionSourceTests {
@Test
public void lookupRequiringExactMatchFailsIfNotMatching() {
map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false));
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/secure/super/**", def);
FilterInvocation fi = createFilterInvocation("/SeCuRE/super/somefile.html", null);
@ -94,8 +91,7 @@ public class DefaultFilterInvocationDefinitionSourceTests {
@Test
public void lookupRequiringExactMatchIsSuccessful() {
map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false));
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/SeCurE/super/**", def);
FilterInvocation fi = createFilterInvocation("/SeCurE/super/somefile.html", null);
@ -106,8 +102,7 @@ public class DefaultFilterInvocationDefinitionSourceTests {
@Test
public void lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful() {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/someAdminPage.html**", def);
FilterInvocation fi = createFilterInvocation("/someAdminPage.html?a=/test", null);
@ -118,15 +113,13 @@ public class DefaultFilterInvocationDefinitionSourceTests {
@Test(expected = IllegalArgumentException.class)
public void unknownHttpMethodIsRejected() {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/someAdminPage.html**", "UNKNOWN", def);
}
@Test
public void httpMethodLookupSucceeds() {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/somepage**", "GET", def);
FilterInvocation fi = createFilterInvocation("/somepage", "GET");
@ -136,8 +129,7 @@ public class DefaultFilterInvocationDefinitionSourceTests {
@Test
public void requestWithDifferentHttpMethodDoesntMatch() {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/somepage**", "GET", def);
FilterInvocation fi = createFilterInvocation("/somepage", null);
@ -147,15 +139,11 @@ public class DefaultFilterInvocationDefinitionSourceTests {
@Test
public void httpMethodSpecificUrlTakesPrecedence() {
// Even though this is added before the method-specific def, the latter should match
ConfigAttributeDefinition allMethodDef = new ConfigAttributeDefinition();
allMethodDef.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition allMethodDef = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/**", null, allMethodDef);
ConfigAttributeDefinition postOnlyDef = new ConfigAttributeDefinition();
postOnlyDef.addConfigAttribute(new SecurityConfig("ROLE_TWO"));
ConfigAttributeDefinition postOnlyDef = new ConfigAttributeDefinition("ROLE_TWO");
map.addSecureUrl("/somepage**", "POST", postOnlyDef);
FilterInvocation fi = createFilterInvocation("/somepage", "POST");
@ -168,8 +156,7 @@ public class DefaultFilterInvocationDefinitionSourceTests {
*/
@Test
public void extraQuestionMarkStillMatches() {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("ROLE_ONE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE");
map.addSecureUrl("/someAdminPage.html*", def);
FilterInvocation fi = createFilterInvocation("/someAdminPage.html?x=2/aa?y=3", null);

25
core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java
View File

@ -201,9 +201,8 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
new MockHttpServletResponse(), new MockFilterChain()));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition(
new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"});
assertEquals(expected, returned);
}
@ -220,10 +219,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
new MockHttpServletResponse(), new MockFilterChain()));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
expected.addConfigAttribute(new SecurityConfig("ROLE_SUPERVISOR"));
expected.addConfigAttribute(new SecurityConfig("ROLE_TELLER"));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_SUPERVISOR", "ROLE_TELLER"});
assertEquals(expected, returned);
}
@ -239,10 +235,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
new MockHttpServletResponse(), new MockFilterChain()));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"});
assertEquals(expected, returned);
}
@ -258,10 +251,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
new MockHttpServletResponse(), new MockFilterChain()));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"});
assertEquals(expected, returned);
}
@ -305,10 +295,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase {
ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest,
new MockHttpServletResponse(), new MockFilterChain()));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition();
expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE"));
expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE"));
ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"});
assertEquals(expected, returned);
}

22
core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java
View File

@ -42,6 +42,7 @@ import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.LinkedHashMap;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
@ -147,9 +148,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
interceptor.setApplicationEventPublisher(MockApplicationContext.getContext());
// Setup a mock config attribute definition
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("MOCK_OK"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("MOCK_OK");
MockFilterInvocationDefinitionMap mockSource = new MockFilterInvocationDefinitionMap("/secure/page.html", def);
interceptor.setObjectDefinitionSource(mockSource);
@ -202,9 +201,7 @@ public class FilterSecurityInterceptorTests extends TestCase {
interceptor.setApplicationEventPublisher(MockApplicationContext.getContext());
// Setup a mock config attribute definition
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("MOCK_OK"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("MOCK_OK");
MockFilterInvocationDefinitionMap mockSource = new MockFilterInvocationDefinitionMap("/secure/page.html", def);
interceptor.setObjectDefinitionSource(mockSource);
@ -227,19 +224,12 @@ public class FilterSecurityInterceptorTests extends TestCase {
}
public void testNotLoadedFromApplicationContext() throws Exception {
FilterInvocationDefinitionSourceMapping mapping = new FilterInvocationDefinitionSourceMapping();
mapping.setUrl("/secure/**");
mapping.addConfigAttribute("ROLE_USER");
List mappings = new ArrayList(1);
mappings.add(mapping);
DefaultFilterInvocationDefinitionSource filterInvocationDefinitionSource
DefaultFilterInvocationDefinitionSource fids
= new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
filterInvocationDefinitionSource.setMappings(mappings);
fids.addSecureUrl("/secure/**", null, new ConfigAttributeDefinition(new String[] {"ROLE_USER"}));
FilterSecurityInterceptor filter = new FilterSecurityInterceptor();
filter.setObjectDefinitionSource(filterInvocationDefinitionSource);
filter.setObjectDefinitionSource(fids);
MockFilterChain filterChain = new MockFilterChain();
filterChain.expectToProceed = true;

15
core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinitionSource.java
View File

@ -43,26 +43,19 @@ public class MockFilterInvocationDefinitionSource extends DefaultFilterInvocatio
returnAnIterator = returnAnIteratorWhenRequested;
list = new Vector();
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition();
def1.addConfigAttribute(new SecurityConfig("MOCK_LOWER"));
ConfigAttributeDefinition def1 = new ConfigAttributeDefinition("MOCK_LOWER");
list.add(def1);
if (includeInvalidAttributes) {
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition();
def2.addConfigAttribute(new SecurityConfig("MOCK_LOWER"));
def2.addConfigAttribute(new SecurityConfig("INVALID_ATTRIBUTE"));
ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {"MOCK_LOWER", "INVALID_ATTRIBUTE"});
list.add(def2);
}
ConfigAttributeDefinition def3 = new ConfigAttributeDefinition();
def3.addConfigAttribute(new SecurityConfig("MOCK_UPPER"));
def3.addConfigAttribute(new SecurityConfig("RUN_AS"));
ConfigAttributeDefinition def3 = new ConfigAttributeDefinition(new String[] {"MOCK_UPPER","RUN_AS"});
list.add(def3);
if (includeInvalidAttributes) {
ConfigAttributeDefinition def4 = new ConfigAttributeDefinition();
def4.addConfigAttribute(new SecurityConfig("MOCK_SOMETHING"));
def4.addConfigAttribute(new SecurityConfig("ANOTHER_INVALID"));
ConfigAttributeDefinition def4 = new ConfigAttributeDefinition(new String[] {"MOCK_SOMETHING","ANOTHER_INVALID"});
list.add(def4);
}
}

15
core/src/test/java/org/springframework/security/runas/RunAsManagerImplTests.java
View File

@ -61,9 +61,7 @@ public class RunAsManagerImplTests extends TestCase {
public void testDoesNotReturnAdditionalAuthoritiesIfCalledWithoutARunAsSetting()
throws Exception {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("SOMETHING_WE_IGNORE"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("SOMETHING_WE_IGNORE");
UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
@ -75,9 +73,7 @@ public class RunAsManagerImplTests extends TestCase {
}
public void testRespectsRolePrefix() throws Exception {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("RUN_AS_SOMETHING"));
ConfigAttributeDefinition def = new ConfigAttributeDefinition("RUN_AS_SOMETHING");
UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ONE"), new GrantedAuthorityImpl("TWO")});
@ -101,11 +97,8 @@ public class RunAsManagerImplTests extends TestCase {
assertEquals("my_password".hashCode(), resultCast.getKeyHash());
}
public void testReturnsAdditionalGrantedAuthorities()
throws Exception {
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig("RUN_AS_SOMETHING"));
public void testReturnsAdditionalGrantedAuthorities() throws Exception {
ConfigAttributeDefinition def = new ConfigAttributeDefinition("RUN_AS_SOMETHING");
UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken("Test", "Password",
new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});

12
core/src/test/java/org/springframework/security/securechannel/ChannelDecisionManagerImplTests.java
View File

@ -95,8 +95,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
MockFilterChain chain = new MockFilterChain();
FilterInvocation fi = new FilterInvocation(request, response, chain);
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("xyz"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition("xyz");
cdm.decide(fi, cad);
assertTrue(fi.getResponse().isCommitted());
@ -115,9 +114,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
MockFilterChain chain = new MockFilterChain();
FilterInvocation fi = new FilterInvocation(request, response, chain);
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("abc"));
cad.addConfigAttribute(new SecurityConfig("ANY_CHANNEL"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"abc", "ANY_CHANNEL"});
cdm.decide(fi, cad);
assertFalse(fi.getResponse().isCommitted());
@ -138,8 +135,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
MockFilterChain chain = new MockFilterChain();
FilterInvocation fi = new FilterInvocation(request, response, chain);
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("SOME_ATTRIBUTE_NO_PROCESSORS_SUPPORT"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition("SOME_ATTRIBUTE_NO_PROCESSORS_SUPPORT");
cdm.decide(fi, cad);
assertFalse(fi.getResponse().isCommitted());
@ -198,7 +194,7 @@ public class ChannelDecisionManagerImplTests extends TestCase {
public void decide(FilterInvocation invocation, ConfigAttributeDefinition config)
throws IOException, ServletException {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
if (failIfCalled) {
fail("Should not have called this channel processor: " + configAttribute);

24
core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java
View File

@ -52,9 +52,7 @@ public class ChannelProcessingFilterTests extends TestCase {
throws Exception {
ChannelProcessingFilter filter = new ChannelProcessingFilter();
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("MOCK"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("MOCK");
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true);
filter.setFilterInvocationDefinitionSource(fids);
@ -83,8 +81,7 @@ public class ChannelProcessingFilterTests extends TestCase {
ChannelProcessingFilter filter = new ChannelProcessingFilter();
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("SUPPORTS_MOCK_ONLY"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("SUPPORTS_MOCK_ONLY");
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true);
@ -99,10 +96,7 @@ public class ChannelProcessingFilterTests extends TestCase {
ChannelProcessingFilter filter = new ChannelProcessingFilter();
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("SUPPORTS_MOCK_ONLY"));
attr.addConfigAttribute(new SecurityConfig("INVALID_ATTRIBUTE"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition(new String[] {"SUPPORTS_MOCK_ONLY", "INVALID_ATTRIBUTE"});
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true);
filter.setFilterInvocationDefinitionSource(fids);
@ -120,8 +114,7 @@ public class ChannelProcessingFilterTests extends TestCase {
ChannelProcessingFilter filter = new ChannelProcessingFilter();
filter.setChannelDecisionManager(new MockChannelDecisionManager(true, "SOME_ATTRIBUTE"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("SOME_ATTRIBUTE"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("SOME_ATTRIBUTE");
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true);
@ -143,8 +136,7 @@ public class ChannelProcessingFilterTests extends TestCase {
ChannelProcessingFilter filter = new ChannelProcessingFilter();
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SOME_ATTRIBUTE"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("SOME_ATTRIBUTE"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("SOME_ATTRIBUTE");
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true);
@ -166,8 +158,7 @@ public class ChannelProcessingFilterTests extends TestCase {
ChannelProcessingFilter filter = new ChannelProcessingFilter();
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "NOT_USED"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("NOT_USED"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("NOT_USED");
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true);
@ -211,8 +202,7 @@ public class ChannelProcessingFilterTests extends TestCase {
filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "MOCK"));
assertTrue(filter.getChannelDecisionManager() != null);
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("MOCK"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("MOCK");
MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, false);

8
core/src/test/java/org/springframework/security/securechannel/InsecureChannelProcessorTests.java
View File

@ -45,9 +45,7 @@ public class InsecureChannelProcessorTests extends TestCase {
}
public void testDecideDetectsAcceptableChannel() throws Exception {
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_INSECURE_CHANNEL"});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");
@ -69,9 +67,7 @@ public class InsecureChannelProcessorTests extends TestCase {
public void testDecideDetectsUnacceptableChannel()
throws Exception {
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_INSECURE_CHANNEL"});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");

19
core/src/test/java/org/springframework/security/securechannel/SecureChannelProcessorTests.java
View File

@ -36,18 +36,8 @@ import org.springframework.mock.web.MockHttpServletResponse;
public class SecureChannelProcessorTests extends TestCase {
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(SecureChannelProcessorTests.class);
}
public final void setUp() throws Exception {
super.setUp();
}
public void testDecideDetectsAcceptableChannel() throws Exception {
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_SECURE_CHANNEL"});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");
@ -68,11 +58,8 @@ public class SecureChannelProcessorTests extends TestCase {
assertFalse(fi.getResponse().isCommitted());
}
public void testDecideDetectsUnacceptableChannel()
throws Exception {
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE"));
cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL"));
public void testDecideDetectsUnacceptableChannel() throws Exception {
ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_SECURE_CHANNEL"});
MockHttpServletRequest request = new MockHttpServletRequest();
request.setQueryString("info=true");

9
core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java
View File

@ -34,6 +34,8 @@ import org.springframework.security.intercept.web.DefaultFilterInvocationDefinit
import org.springframework.security.ui.webapp.AuthenticationProcessingFilter;
import java.util.List;
import java.util.ArrayList;
import java.util.Arrays;
/**
* Tests {@link FilterChainProxy}.
@ -69,8 +71,6 @@ public class FilterChainProxyTests {
filterChainProxy.afterPropertiesSet();
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertEquals("FilterChainProxy requires the FilterInvocationDefinitionSource to return a non-null response to getConfigAttributeDefinitions()",
expected.getMessage());
}
}
@ -79,8 +79,7 @@ public class FilterChainProxyTests {
FilterChainProxy filterChainProxy = new FilterChainProxy();
filterChainProxy.setApplicationContext(MockApplicationContext.getContext());
ConfigAttributeDefinition cad = new ConfigAttributeDefinition();
cad.addConfigAttribute(new MockConfigAttribute());
ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new MockConfigAttribute());
DefaultFilterInvocationDefinitionSource fids =
new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher());
@ -93,8 +92,6 @@ public class FilterChainProxyTests {
filterChainProxy.init(new MockFilterConfig());
fail("Should have thrown IllegalArgumentException");
} catch (IllegalArgumentException expected) {
assertTrue(expected.getMessage()
.endsWith("returned null to the getAttribute() method, which is invalid when used with FilterChainProxy"));
}
}

20
core/src/test/java/org/springframework/security/vote/AffirmativeBasedTests.java
View File

@ -80,9 +80,7 @@ public class AffirmativeBasedTests extends TestCase {
TestingAuthenticationToken auth = makeTestToken();
AffirmativeBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant
config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"});
mgr.decide(auth, new Object(), config);
assertTrue(true);
@ -93,8 +91,7 @@ public class AffirmativeBasedTests extends TestCase {
TestingAuthenticationToken auth = makeTestToken();
AffirmativeBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant
ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_2");
mgr.decide(auth, new Object(), config);
assertTrue(true);
@ -105,8 +102,7 @@ public class AffirmativeBasedTests extends TestCase {
TestingAuthenticationToken auth = makeTestToken();
AffirmativeBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_WE_DO_NOT_HAVE")); // deny
ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_WE_DO_NOT_HAVE");
try {
mgr.decide(auth, new Object(), config);
@ -123,8 +119,7 @@ public class AffirmativeBasedTests extends TestCase {
assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain
ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL");
try {
mgr.decide(auth, new Object(), config);
@ -141,8 +136,7 @@ public class AffirmativeBasedTests extends TestCase {
mgr.setAllowIfAllAbstainDecisions(true);
assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain
ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL");
mgr.decide(auth, new Object(), config);
assertTrue(true);
@ -153,9 +147,7 @@ public class AffirmativeBasedTests extends TestCase {
TestingAuthenticationToken auth = makeTestToken();
AffirmativeBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant
config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "ROLE_2"});
mgr.decide(auth, new Object(), config);
assertTrue(true);

9
core/src/test/java/org/springframework/security/vote/AuthenticatedVoterTests.java
View File

@ -72,8 +72,7 @@ public class AuthenticatedVoterTests extends TestCase {
public void testAnonymousWorks() {
AuthenticatedVoter voter = new AuthenticatedVoter();
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig(AuthenticatedVoter.IS_AUTHENTICATED_ANONYMOUSLY));
ConfigAttributeDefinition def = new ConfigAttributeDefinition(AuthenticatedVoter.IS_AUTHENTICATED_ANONYMOUSLY);
assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createAnonymous(), null, def));
assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createRememberMe(), null, def));
assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createFullyAuthenticated(), null, def));
@ -81,8 +80,7 @@ public class AuthenticatedVoterTests extends TestCase {
public void testFullyWorks() {
AuthenticatedVoter voter = new AuthenticatedVoter();
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig(AuthenticatedVoter.IS_AUTHENTICATED_FULLY));
ConfigAttributeDefinition def = new ConfigAttributeDefinition(AuthenticatedVoter.IS_AUTHENTICATED_FULLY);
assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(createAnonymous(), null, def));
assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(createRememberMe(), null, def));
assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createFullyAuthenticated(), null, def));
@ -90,8 +88,7 @@ public class AuthenticatedVoterTests extends TestCase {
public void testRememberMeWorks() {
AuthenticatedVoter voter = new AuthenticatedVoter();
ConfigAttributeDefinition def = new ConfigAttributeDefinition();
def.addConfigAttribute(new SecurityConfig(AuthenticatedVoter.IS_AUTHENTICATED_REMEMBERED));
ConfigAttributeDefinition def = new ConfigAttributeDefinition(AuthenticatedVoter.IS_AUTHENTICATED_REMEMBERED);
assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(createAnonymous(), null, def));
assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createRememberMe(), null, def));
assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createFullyAuthenticated(), null, def));

128
core/src/test/java/org/springframework/security/vote/BasicAclEntryVoterTests.java
View File

@ -73,11 +73,11 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject, "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
@ -86,21 +86,20 @@ public class BasicAclEntryVoterTests extends TestCase {
assertEquals(aclManager, voter.getAclManager());
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
assertEquals("FOO_ADMIN_OR_WRITE_ACCESS", voter.getProcessConfigAttribute());
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
assertEquals(2, voter.getRequirePermission().length);
voter.setProcessDomainObjectClass(SomeDomainObject.class);
assertEquals(SomeDomainObject.class, voter.getProcessDomainObjectClass());
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS");
// Setup a MockMethodInvocation, so voter can retrieve domainObject
MethodInvocation mi = getMethodInvocation(domainObject);
assertEquals(AccessDecisionVoter.ACCESS_GRANTED,
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
}
public void testOnlySupportsMethodInvocationAndJoinPoint() {
@ -206,30 +205,29 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject, "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
BasicAclEntryVoter voter = new BasicAclEntryVoter();
voter.setAclManager(aclManager);
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setProcessDomainObjectClass(SomeDomainObject.class);
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("A_DIFFERENT_ATTRIBUTE"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("A_DIFFERENT_ATTRIBUTE");
// Setup a MockMethodInvocation, so voter can retrieve domainObject
MethodInvocation mi = getMethodInvocation(domainObject);
assertEquals(AccessDecisionVoter.ACCESS_ABSTAIN,
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
}
public void testVoterAbstainsIfNotMatchingConfigAttribute()
@ -239,30 +237,29 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject, "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
BasicAclEntryVoter voter = new BasicAclEntryVoter();
voter.setAclManager(aclManager);
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setProcessDomainObjectClass(SomeDomainObject.class);
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS");
// Setup a MockMethodInvocation, so voter can retrieve domainObject
MethodInvocation mi = getMethodInvocation(domainObject);
assertEquals(AccessDecisionVoter.ACCESS_ABSTAIN,
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
}
public void testVoterCanDenyAccessBasedOnInternalMethodOfDomainObject()
@ -272,29 +269,28 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
BasicAclEntryVoter voter = new BasicAclEntryVoter();
voter.setAclManager(aclManager);
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setProcessDomainObjectClass(SomeDomainObject.class);
voter.setInternalMethod("getParent");
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS");
// Setup a MockMethodInvocation, so voter can retrieve domainObject
MethodInvocation mi = getMethodInvocation(domainObject);
assertEquals(AccessDecisionVoter.ACCESS_DENIED,
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
}
public void testVoterCanDenyAccessIfPrincipalHasNoPermissionsAtAllToDomainObject()
@ -304,30 +300,29 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject, "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
BasicAclEntryVoter voter = new BasicAclEntryVoter();
voter.setAclManager(aclManager);
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setProcessDomainObjectClass(SomeDomainObject.class);
voter.setInternalMethod("getParent");
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS");
// Setup a MockMethodInvocation, so voter can retrieve domainObject
MethodInvocation mi = getMethodInvocation(domainObject);
// NB: scott is the principal, not rod
assertEquals(AccessDecisionVoter.ACCESS_DENIED,
voter.vote(new UsernamePasswordAuthenticationToken("scott", null), mi, attr));
voter.vote(new UsernamePasswordAuthenticationToken("scott", null), mi, attr));
}
public void testVoterCanGrantAccessBasedOnInternalMethodOfDomainObject()
@ -337,33 +332,32 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
BasicAclEntryVoter voter = new BasicAclEntryVoter();
voter.setAclManager(aclManager);
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setProcessDomainObjectClass(SomeDomainObject.class);
voter.setInternalMethod("getParent");
assertEquals("getParent", voter.getInternalMethod());
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS");
// Setup a MockMethodInvocation, so voter can retrieve domainObject
// (well actually it will access domainObject.getParent())
MethodInvocation mi = getMethodInvocation(domainObject);
assertEquals(AccessDecisionVoter.ACCESS_GRANTED,
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr));
}
public void testVoterThrowsExceptionIfInvalidInternalMethodOfDomainObject()
@ -373,25 +367,24 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
BasicAclEntryVoter voter = new BasicAclEntryVoter();
voter.setAclManager(aclManager);
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setProcessDomainObjectClass(SomeDomainObject.class);
voter.setInternalMethod("getNonExistentParentName");
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS");
// Setup a MockMethodInvocation, so voter can retrieve domainObject
// (well actually it will access domainObject.getParent())
@ -412,30 +405,29 @@ public class BasicAclEntryVoterTests extends TestCase {
// Setup an AclManager
AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod",
new AclEntry[] {
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
new AclEntry[]{
new MockAclEntry(),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ),
new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE)
});
// Wire up a voter
BasicAclEntryVoter voter = new BasicAclEntryVoter();
voter.setAclManager(aclManager);
voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS");
voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE});
voter.setProcessDomainObjectClass(SomeDomainObject.class);
voter.afterPropertiesSet();
// Wire up an invocation to be voted on
ConfigAttributeDefinition attr = new ConfigAttributeDefinition();
attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS"));
ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS");
// Setup a MockMethodInvocation that doesn't provide SomeDomainObject arg
Class clazz = String.class;
Method method = clazz.getMethod("toString", new Class[] {});
Method method = clazz.getMethod("toString", new Class[]{});
MethodInvocation mi = new SimpleMethodInvocation(method, new Object[] {domainObject});
MethodInvocation mi = new SimpleMethodInvocation(method, new Object[]{domainObject});
try {
voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr);

62
core/src/test/java/org/springframework/security/vote/ConsensusBasedTests.java
View File

@ -35,36 +35,16 @@ import org.springframework.security.providers.TestingAuthenticationToken;
* @version $Id$
*/
public class ConsensusBasedTests extends TestCase {
//~ Constructors ===========================================================
public ConsensusBasedTests() {
super();
}
public ConsensusBasedTests(String arg0) {
super(arg0);
}
//~ Methods ================================================================
public final void setUp() throws Exception {
super.setUp();
}
public static void main(String[] args) {
junit.textui.TestRunner.run(ConsensusBasedTests.class);
}
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccessWithoutDefault()
throws Exception {
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccessWithoutDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
ConsensusBased mgr = makeDecisionManager();
mgr.setAllowIfEqualGrantedDeniedDecisions(false);
assertTrue(!mgr.isAllowIfEqualGrantedDeniedDecisions()); // check changed
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant
config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"});
try {
mgr.decide(auth, new Object(), config);
@ -74,40 +54,33 @@ public class ConsensusBasedTests extends TestCase {
}
}
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteGrantsAccessWithDefault()
throws Exception {
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteGrantsAccessWithDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
ConsensusBased mgr = makeDecisionManager();
assertTrue(mgr.isAllowIfEqualGrantedDeniedDecisions()); // check default
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant
config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"});
mgr.decide(auth, new Object(), config);
assertTrue(true);
}
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess()
throws Exception {
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
ConsensusBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant
ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_2");
mgr.decide(auth, new Object(), config);
assertTrue(true);
}
public void testOneDenyVoteTwoAbstainVotesDeniesAccess()
throws Exception {
public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
ConsensusBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_WE_DO_NOT_HAVE")); // deny
ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_WE_DO_NOT_HAVE");
try {
mgr.decide(auth, new Object(), config);
@ -117,15 +90,13 @@ public class ConsensusBasedTests extends TestCase {
}
}
public void testThreeAbstainVotesDeniesAccessWithDefault()
throws Exception {
public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
ConsensusBased mgr = makeDecisionManager();
assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain
ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL");
try {
mgr.decide(auth, new Object(), config);
@ -135,28 +106,23 @@ public class ConsensusBasedTests extends TestCase {
}
}
public void testThreeAbstainVotesGrantsAccessWithoutDefault()
throws Exception {
public void testThreeAbstainVotesGrantsAccessWithoutDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
ConsensusBased mgr = makeDecisionManager();
mgr.setAllowIfAllAbstainDecisions(true);
assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain
ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL");
mgr.decide(auth, new Object(), config);
assertTrue(true);
}
public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess()
throws Exception {
public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
ConsensusBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant
config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "ROLE_2"});
mgr.decide(auth, new Object(), config);
assertTrue(true);

2
core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java
View File

@ -52,7 +52,7 @@ public class DenyAgainVoter implements AccessDecisionVoter {
}
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

2
core/src/test/java/org/springframework/security/vote/DenyVoter.java
View File

@ -46,7 +46,7 @@ public class DenyVoter implements AccessDecisionVoter {
}
public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) {
Iterator iter = config.getConfigAttributes();
Iterator iter = config.getConfigAttributes().iterator();
while (iter.hasNext()) {
ConfigAttribute attribute = (ConfigAttribute) iter.next();

55
core/src/test/java/org/springframework/security/vote/UnanimousBasedTests.java
View File

@ -36,22 +36,9 @@ import java.util.Vector;
* @version $Id$
*/
public class UnanimousBasedTests extends TestCase {
//~ Constructors ===================================================================================================
public UnanimousBasedTests() {
super();
}
public UnanimousBasedTests(String arg0) {
super(arg0);
}
//~ Methods ========================================================================================================
public static void main(String[] args) {
junit.textui.TestRunner.run(UnanimousBasedTests.class);
}
private UnanimousBased makeDecisionManager() {
UnanimousBased decisionManager = new UnanimousBased();
RoleVoter roleVoter = new RoleVoter();
@ -96,14 +83,11 @@ public class UnanimousBasedTests extends TestCase {
super.setUp();
}
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess()
throws Exception {
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant
config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"});
try {
mgr.decide(auth, new Object(), config);
@ -113,25 +97,21 @@ public class UnanimousBasedTests extends TestCase {
}
}
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess()
throws Exception {
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant
ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_2");
mgr.decide(auth, new Object(), config);
assertTrue(true);
}
public void testOneDenyVoteTwoAbstainVotesDeniesAccess()
throws Exception {
public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_WE_DO_NOT_HAVE")); // deny
ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_WE_DO_NOT_HAVE");
try {
mgr.decide(auth, new Object(), config);
@ -145,23 +125,19 @@ public class UnanimousBasedTests extends TestCase {
TestingAuthenticationToken auth = makeTestTokenWithFooBarPrefix();
UnanimousBased mgr = makeDecisionManagerWithFooBarPrefix();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("FOOBAR_1")); // grant
config.addConfigAttribute(new SecurityConfig("FOOBAR_2")); // grant
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"FOOBAR_1", "FOOBAR_2"});
mgr.decide(auth, new Object(), config);
assertTrue(true);
}
public void testThreeAbstainVotesDeniesAccessWithDefault()
throws Exception {
public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain
ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL");
try {
mgr.decide(auth, new Object(), config);
@ -171,28 +147,23 @@ public class UnanimousBasedTests extends TestCase {
}
}
public void testThreeAbstainVotesGrantsAccessWithoutDefault()
throws Exception {
public void testThreeAbstainVotesGrantsAccessWithoutDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
mgr.setAllowIfAllAbstainDecisions(true);
assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain
ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL");
mgr.decide(auth, new Object(), config);
assertTrue(true);
}
public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess()
throws Exception {
public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
ConfigAttributeDefinition config = new ConfigAttributeDefinition();
config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant
config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant
ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "ROLE_2"});
mgr.decide(auth, new Object(), config);
assertTrue(true);