Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-12 05:13:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove RoleHierarchyImpl Deprecations

Browse Source 
Closes gh-17297

Signed-off-by: Tran Ngoc Nhan <ngocnhan.tran1996@gmail.com>
This commit is contained in:
Tran Ngoc Nhan 2025-06-20 01:02:32 +07:00 committed by Josh Cummings
parent 62252c1232
commit e52987d03c
13 changed files with 44 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
config/src/test/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfigurationTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -542,9 +542,7 @@ public class GlobalMethodSecurityConfigurationTests {
@Bean @Bean
RoleHierarchy roleHierarchy() { RoleHierarchy roleHierarchy() {
RoleHierarchyImpl result = new RoleHierarchyImpl(); return RoleHierarchyImpl.fromHierarchy("ROLE_USER > ROLE_ADMIN");
result.setHierarchy("ROLE_USER > ROLE_ADMIN");
return result;
} }
} }

4
config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfigurationTests.java
View File

@ -1566,9 +1566,7 @@ public class PrePostMethodSecurityConfigurationTests {
@Bean @Bean
static RoleHierarchy roleHierarchy() { static RoleHierarchy roleHierarchy() {
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); return RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER");
roleHierarchyImpl.setHierarchy("ROLE_ADMIN > ROLE_USER");
return roleHierarchyImpl;
} }
} }

4
config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java
View File

@ -571,9 +571,7 @@ public class WebSecurityConfigurationTests {
@Bean @Bean
RoleHierarchy roleHierarchy() { RoleHierarchy roleHierarchy() {
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); return RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER");
roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER");
return roleHierarchy;
} }
} }

4
config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java
View File

@ -970,9 +970,7 @@ public class AuthorizeHttpRequestsConfigurerTests {
@Bean @Bean
RoleHierarchy roleHierarchy() { RoleHierarchy roleHierarchy() {
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); return RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER");
roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER");
return roleHierarchy;
} }
} }

6
config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -311,9 +311,7 @@ public class AuthorizeRequestsTests {
@Bean @Bean
RoleHierarchy roleHiearchy() { RoleHierarchy roleHiearchy() {
RoleHierarchyImpl result = new RoleHierarchyImpl(); return RoleHierarchyImpl.fromHierarchy("ROLE_USER > ROLE_ADMIN");
result.setHierarchy("ROLE_USER > ROLE_ADMIN");
return result;
} }
} }

6
config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -1193,9 +1193,7 @@ public class ExpressionUrlAuthorizationConfigurerTests {
@Bean @Bean
RoleHierarchy roleHierarchy() { RoleHierarchy roleHierarchy() {
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); return RoleHierarchyImpl.fromHierarchy("ROLE_USER > ROLE_MEMBER");
roleHierarchy.setHierarchy("ROLE_USER > ROLE_MEMBER");
return roleHierarchy;
} }
} }

30
core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -78,7 +78,7 @@ import org.springframework.util.Assert;
* @author Michael Mayr * @author Michael Mayr
* @author Josh Cummings * @author Josh Cummings
*/ */
public class RoleHierarchyImpl implements RoleHierarchy { public final class RoleHierarchyImpl implements RoleHierarchy {
private static final Log logger = LogFactory.getLog(RoleHierarchyImpl.class); private static final Log logger = LogFactory.getLog(RoleHierarchyImpl.class);
@ -88,14 +88,6 @@ public class RoleHierarchyImpl implements RoleHierarchy {
*/ */
private Map<String, Set<GrantedAuthority>> rolesReachableInOneOrMoreStepsMap = null; private Map<String, Set<GrantedAuthority>> rolesReachableInOneOrMoreStepsMap = null;
/**
* @deprecated Use {@link RoleHierarchyImpl#fromHierarchy} instead
*/
@Deprecated
public RoleHierarchyImpl() {
}
private RoleHierarchyImpl(Map<String, Set<GrantedAuthority>> hierarchy) { private RoleHierarchyImpl(Map<String, Set<GrantedAuthority>> hierarchy) {
this.rolesReachableInOneOrMoreStepsMap = buildRolesReachableInOneOrMoreStepsMap(hierarchy); this.rolesReachableInOneOrMoreStepsMap = buildRolesReachableInOneOrMoreStepsMap(hierarchy);
} }
@ -139,24 +131,6 @@ public class RoleHierarchyImpl implements RoleHierarchy {
return new Builder(rolePrefix); return new Builder(rolePrefix);
} }
/**
* Set the role hierarchy and pre-calculate for every role the set of all reachable
* roles, i.e. all roles lower in the hierarchy of every given role. Pre-calculation
* is done for performance reasons (reachable roles can then be calculated in O(1)
* time). During pre-calculation, cycles in role hierarchy are detected and will cause
* a <tt>CycleInRoleHierarchyException</tt> to be thrown.
* @param roleHierarchyStringRepresentation - String definition of the role hierarchy.
* @deprecated Use {@link RoleHierarchyImpl#fromHierarchy} instead
*/
@Deprecated
public void setHierarchy(String roleHierarchyStringRepresentation) {
logger.debug(LogMessage.format("setHierarchy() - The following role hierarchy was set: %s",
roleHierarchyStringRepresentation));
Map<String, Set<GrantedAuthority>> hierarchy = buildRolesReachableInOneStepMap(
roleHierarchyStringRepresentation);
this.rolesReachableInOneOrMoreStepsMap = buildRolesReachableInOneOrMoreStepsMap(hierarchy);
}
@Override @Override
public Collection<GrantedAuthority> getReachableGrantedAuthorities( public Collection<GrantedAuthority> getReachableGrantedAuthorities(
Collection<? extends GrantedAuthority> authorities) { Collection<? extends GrantedAuthority> authorities) {

5
core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyAuthoritiesMapperTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -32,8 +32,7 @@ public class RoleHierarchyAuthoritiesMapperTests {
@Test @Test
public void expectedAuthoritiesAreReturned() { public void expectedAuthoritiesAreReturned() {
RoleHierarchyImpl rh = new RoleHierarchyImpl(); RoleHierarchyImpl rh = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C");
rh.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C");
RoleHierarchyAuthoritiesMapper mapper = new RoleHierarchyAuthoritiesMapper(rh); RoleHierarchyAuthoritiesMapper mapper = new RoleHierarchyAuthoritiesMapper(rh);
Collection<? extends GrantedAuthority> authorities = mapper Collection<? extends GrantedAuthority> authorities = mapper
.mapAuthorities(AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_D")); .mapAuthorities(AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_D"));

55
core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImplTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2024 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -40,8 +40,7 @@ public class RoleHierarchyImplTests {
public void testRoleHierarchyWithNullOrEmptyAuthorities() { public void testRoleHierarchyWithNullOrEmptyAuthorities() {
List<GrantedAuthority> authorities0 = null; List<GrantedAuthority> authorities0 = null;
List<GrantedAuthority> authorities1 = new ArrayList<>(); List<GrantedAuthority> authorities1 = new ArrayList<>();
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B");
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B");
assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities0)).isNotNull(); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities0)).isNotNull();
assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities0)).isEmpty(); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities0)).isEmpty();
assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities1)).isNotNull(); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities1)).isNotNull();
@ -53,8 +52,7 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> authorities0 = AuthorityUtils.createAuthorityList("ROLE_0"); List<GrantedAuthority> authorities0 = AuthorityUtils.createAuthorityList("ROLE_0");
List<GrantedAuthority> authorities1 = AuthorityUtils.createAuthorityList("ROLE_A"); List<GrantedAuthority> authorities1 = AuthorityUtils.createAuthorityList("ROLE_A");
List<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B"); List<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B");
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B");
assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities(
roleHierarchyImpl.getReachableGrantedAuthorities(authorities0), authorities0)) roleHierarchyImpl.getReachableGrantedAuthorities(authorities0), authorities0))
.isTrue(); .isTrue();
@ -72,12 +70,11 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", "ROLE_C"); List<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", "ROLE_C");
List<GrantedAuthority> authorities3 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", "ROLE_C", List<GrantedAuthority> authorities3 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", "ROLE_C",
"ROLE_D"); "ROLE_D");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C");
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C");
assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities(
roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities2)) roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities2))
.isTrue(); .isTrue();
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_D"); roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_D");
assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities(
roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities3)) roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities3))
.isTrue(); .isTrue();
@ -94,8 +91,8 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> authoritiesOutput3 = AuthorityUtils.createAuthorityList("ROLE_C", "ROLE_D"); List<GrantedAuthority> authoritiesOutput3 = AuthorityUtils.createAuthorityList("ROLE_C", "ROLE_D");
List<GrantedAuthority> authoritiesInput4 = AuthorityUtils.createAuthorityList("ROLE_D"); List<GrantedAuthority> authoritiesInput4 = AuthorityUtils.createAuthorityList("ROLE_D");
List<GrantedAuthority> authoritiesOutput4 = AuthorityUtils.createAuthorityList("ROLE_D"); List<GrantedAuthority> authoritiesOutput4 = AuthorityUtils.createAuthorityList("ROLE_D");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D"); .fromHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D");
assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities(
roleHierarchyImpl.getReachableGrantedAuthorities(authoritiesInput1), authoritiesOutput1)) roleHierarchyImpl.getReachableGrantedAuthorities(authoritiesInput1), authoritiesOutput1))
.isTrue(); .isTrue();
@ -112,24 +109,22 @@ public class RoleHierarchyImplTests {
@Test @Test
public void testCyclesInRoleHierarchy() { public void testCyclesInRoleHierarchy() {
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl();
assertThatExceptionOfType(CycleInRoleHierarchyException.class) assertThatExceptionOfType(CycleInRoleHierarchyException.class)
.isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_A")); .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_A"));
assertThatExceptionOfType(CycleInRoleHierarchyException.class) assertThatExceptionOfType(CycleInRoleHierarchyException.class)
.isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_A")); .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_A"));
assertThatExceptionOfType(CycleInRoleHierarchyException.class) assertThatExceptionOfType(CycleInRoleHierarchyException.class)
.isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_A")); .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_A"));
assertThatExceptionOfType(CycleInRoleHierarchyException.class).isThrownBy(() -> roleHierarchyImpl assertThatExceptionOfType(CycleInRoleHierarchyException.class).isThrownBy(() -> RoleHierarchyImpl
.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_E\nROLE_E > ROLE_D\nROLE_D > ROLE_B")); .fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_E\nROLE_E > ROLE_D\nROLE_D > ROLE_B"));
assertThatExceptionOfType(CycleInRoleHierarchyException.class) assertThatExceptionOfType(CycleInRoleHierarchyException.class)
.isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_C > ROLE_B\nROLE_B > ROLE_A\nROLE_A > ROLE_B")); .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_C > ROLE_B\nROLE_B > ROLE_A\nROLE_A > ROLE_B"));
} }
@Test @Test
public void testNoCyclesInRoleHierarchy() { public void testNoCyclesInRoleHierarchy() {
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); assertThatNoException().isThrownBy(() -> RoleHierarchyImpl
assertThatNoException().isThrownBy(() -> roleHierarchyImpl .fromHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D"));
.setHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D"));
} }
// SEC-863 // SEC-863
@ -138,8 +133,7 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> authorities0 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_0"); List<GrantedAuthority> authorities0 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_0");
List<GrantedAuthority> authorities1 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_A"); List<GrantedAuthority> authorities1 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_A");
List<GrantedAuthority> authorities2 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_A", "ROLE_B"); List<GrantedAuthority> authorities2 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_A", "ROLE_B");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B");
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B");
assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthoritiesCompareByAuthorityString( assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthoritiesCompareByAuthorityString(
roleHierarchyImpl.getReachableGrantedAuthorities(authorities0), authorities0)) roleHierarchyImpl.getReachableGrantedAuthorities(authorities0), authorities0))
.isTrue(); .isTrue();
@ -157,12 +151,11 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE A", "ROLE B", "ROLE>C"); List<GrantedAuthority> authorities2 = AuthorityUtils.createAuthorityList("ROLE A", "ROLE B", "ROLE>C");
List<GrantedAuthority> authorities3 = AuthorityUtils.createAuthorityList("ROLE A", "ROLE B", "ROLE>C", List<GrantedAuthority> authorities3 = AuthorityUtils.createAuthorityList("ROLE A", "ROLE B", "ROLE>C",
"ROLE D"); "ROLE D");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C");
roleHierarchyImpl.setHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C");
assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities(
roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities2)) roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities2))
.isTrue(); .isTrue();
roleHierarchyImpl.setHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C\nROLE>C > ROLE D"); roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C\nROLE>C > ROLE D");
assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities(
roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities3)) roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities3))
.isTrue(); .isTrue();
@ -174,8 +167,7 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_A"); List<GrantedAuthority> flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_A");
List<GrantedAuthority> allAuthorities = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", List<GrantedAuthority> allAuthorities = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B",
"ROLE_AUTHENTICATED", "ROLE_UNAUTHENTICATED"); "ROLE_AUTHENTICATED", "ROLE_UNAUTHENTICATED");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy(
roleHierarchyImpl.setHierarchy(
"ROLE_A > ROLE_B\n" + "ROLE_B > ROLE_AUTHENTICATED\n" + "ROLE_AUTHENTICATED > ROLE_UNAUTHENTICATED"); "ROLE_A > ROLE_B\n" + "ROLE_B > ROLE_AUTHENTICATED\n" + "ROLE_AUTHENTICATED > ROLE_UNAUTHENTICATED");
assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities)) assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities))
.containsExactlyInAnyOrderElementsOf(allAuthorities); .containsExactlyInAnyOrderElementsOf(allAuthorities);
@ -187,9 +179,8 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST"); List<GrantedAuthority> flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST");
List<GrantedAuthority> allAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST", "ROLE_HIGHER", List<GrantedAuthority> allAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST", "ROLE_HIGHER",
"ROLE_LOW", "ROLE_LOWER"); "ROLE_LOW", "ROLE_LOWER");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl
roleHierarchyImpl .fromHierarchy("ROLE_HIGHEST > ROLE_HIGHER\n" + "ROLE_HIGHER > ROLE_LOW\n" + "ROLE_LOW > ROLE_LOWER");
.setHierarchy("ROLE_HIGHEST > ROLE_HIGHER\n" + "ROLE_HIGHER > ROLE_LOW\n" + "ROLE_LOW > ROLE_LOWER");
assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities)) assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities))
.containsExactlyInAnyOrderElementsOf(allAuthorities); .containsExactlyInAnyOrderElementsOf(allAuthorities);
} }
@ -200,8 +191,8 @@ public class RoleHierarchyImplTests {
List<GrantedAuthority> flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST"); List<GrantedAuthority> flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST");
List<GrantedAuthority> allAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST", "ROLE_HIGHER", List<GrantedAuthority> allAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST", "ROLE_HIGHER",
"ROLE_LOW", "ROLE_LOWER"); "ROLE_LOW", "ROLE_LOWER");
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl
roleHierarchyImpl.setHierarchy("ROLE_HIGHEST > ROLE_HIGHER > ROLE_LOW > ROLE_LOWER"); .fromHierarchy("ROLE_HIGHEST > ROLE_HIGHER > ROLE_LOW > ROLE_LOWER");
assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities)) assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities))
.containsExactlyInAnyOrderElementsOf(allAuthorities); .containsExactlyInAnyOrderElementsOf(allAuthorities);
} }

5
core/src/test/java/org/springframework/security/access/vote/RoleHierarchyVoterTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2016 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -29,8 +29,7 @@ public class RoleHierarchyVoterTests {
@Test @Test
public void hierarchicalRoleIsIncludedInDecision() { public void hierarchicalRoleIsIncludedInDecision() {
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B");
roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B");
// User has role A, role B is required // User has role A, role B is required
TestingAuthenticationToken auth = new TestingAuthenticationToken("user", "password", "ROLE_A"); TestingAuthenticationToken auth = new TestingAuthenticationToken("user", "password", "ROLE_A");
RoleHierarchyVoter voter = new RoleHierarchyVoter(roleHierarchyImpl); RoleHierarchyVoter voter = new RoleHierarchyVoter(roleHierarchyImpl);

5
core/src/test/java/org/springframework/security/authorization/AuthoritiesAuthorizationManagerTests.java
View File

@ -48,7 +48,7 @@ class AuthoritiesAuthorizationManagerTests {
@Test @Test
void setRoleHierarchyWhenNotNullThenVerifyRoleHierarchy() { void setRoleHierarchyWhenNotNullThenVerifyRoleHierarchy() {
AuthoritiesAuthorizationManager manager = new AuthoritiesAuthorizationManager(); AuthoritiesAuthorizationManager manager = new AuthoritiesAuthorizationManager();
RoleHierarchy roleHierarchy = new RoleHierarchyImpl(); RoleHierarchy roleHierarchy = RoleHierarchyImpl.withDefaultRolePrefix().build();
manager.setRoleHierarchy(roleHierarchy); manager.setRoleHierarchy(roleHierarchy);
assertThat(manager).extracting("roleHierarchy").isEqualTo(roleHierarchy); assertThat(manager).extracting("roleHierarchy").isEqualTo(roleHierarchy);
} }
@ -76,8 +76,7 @@ class AuthoritiesAuthorizationManagerTests {
@Test @Test
void checkWhenRoleHierarchySetThenGreaterRoleTakesPrecedence() { void checkWhenRoleHierarchySetThenGreaterRoleTakesPrecedence() {
AuthoritiesAuthorizationManager manager = new AuthoritiesAuthorizationManager(); AuthoritiesAuthorizationManager manager = new AuthoritiesAuthorizationManager();
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchy = RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER");
roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER");
manager.setRoleHierarchy(roleHierarchy); manager.setRoleHierarchy(roleHierarchy);
Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password",
"ROLE_ADMIN"); "ROLE_ADMIN");

5
core/src/test/java/org/springframework/security/authorization/AuthorityAuthorizationManagerTests.java
View File

@ -243,7 +243,7 @@ public class AuthorityAuthorizationManagerTests {
@Test @Test
public void setRoleHierarchyWhenNotNullThenVerifyRoleHierarchy() { public void setRoleHierarchyWhenNotNullThenVerifyRoleHierarchy() {
AuthorityAuthorizationManager<Object> manager = AuthorityAuthorizationManager.hasRole("USER"); AuthorityAuthorizationManager<Object> manager = AuthorityAuthorizationManager.hasRole("USER");
RoleHierarchy roleHierarchy = new RoleHierarchyImpl(); RoleHierarchy roleHierarchy = RoleHierarchyImpl.withDefaultRolePrefix().build();
manager.setRoleHierarchy(roleHierarchy); manager.setRoleHierarchy(roleHierarchy);
assertThat(manager).extracting("delegate").extracting("roleHierarchy").isEqualTo(roleHierarchy); assertThat(manager).extracting("delegate").extracting("roleHierarchy").isEqualTo(roleHierarchy);
} }
@ -257,8 +257,7 @@ public class AuthorityAuthorizationManagerTests {
@Test @Test
public void hasRoleWhenRoleHierarchySetThenGreaterRoleTakesPrecedence() { public void hasRoleWhenRoleHierarchySetThenGreaterRoleTakesPrecedence() {
AuthorityAuthorizationManager<Object> manager = AuthorityAuthorizationManager.hasRole("USER"); AuthorityAuthorizationManager<Object> manager = AuthorityAuthorizationManager.hasRole("USER");
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchy = RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER");
roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER");
manager.setRoleHierarchy(roleHierarchy); manager.setRoleHierarchy(roleHierarchy);
Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password",
"ROLE_ADMIN"); "ROLE_ADMIN");

5
messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2022 the original author or authors. * Copyright 2002-2025 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -96,8 +96,7 @@ public class DefaultMessageSecurityExpressionHandlerTests {
@Test @Test
public void roleHierarchy() { public void roleHierarchy() {
this.authentication = new TestingAuthenticationToken("admin", "pass", "ROLE_ADMIN"); this.authentication = new TestingAuthenticationToken("admin", "pass", "ROLE_ADMIN");
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); RoleHierarchyImpl roleHierarchy = RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER");
roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER");
this.handler.setRoleHierarchy(roleHierarchy); this.handler.setRoleHierarchy(roleHierarchy);
EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.message); EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.message);
Expression expression = this.handler.getExpressionParser().parseExpression("hasRole('ROLE_USER')"); Expression expression = this.handler.getExpressionParser().parseExpression("hasRole('ROLE_USER')");