Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-10-30 22:28:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1589: Add support for property placeholder in intercept-methods access attribute.

Browse Source
This commit is contained in:
Luke Taylor 2010-10-14 13:39:26 +01:00
parent 173537f4f2
commit f70942c6f5
3 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
config/src/main/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecorator.java
View File

@ -9,6 +9,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.beans.factory.config.BeanDefinitionHolder;
import org.springframework.beans.factory.config.RuntimeBeanReference;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.support.ManagedMap;
import org.springframework.beans.factory.support.RootBeanDefinition;
import org.springframework.beans.factory.xml.BeanDefinitionDecorator;
import org.springframework.beans.factory.xml.ParserContext;
@ -64,15 +65,17 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
interceptor.addPropertyValue("authenticationManager", new RuntimeBeanReference(BeanIds.AUTHENTICATION_MANAGER));
// Lookup parent bean information
Element parent = (Element) node.getParentNode();
String parentBeanClass = parent.getAttribute("class");
String parentBeanClass = ((Element) node.getParentNode()).getAttribute("class");
// Parse the included methods
List<Element> methods = DomUtils.getChildElementsByTagName(interceptMethodsElt, Elements.PROTECT);
Map<String, List<ConfigAttribute>> mappings = new LinkedHashMap<String, List<ConfigAttribute>>();
Map<String, BeanDefinition> mappings = new ManagedMap<String, BeanDefinition>();
for (Element protectmethodElt : methods) {
String[] tokens = StringUtils.commaDelimitedListToStringArray(protectmethodElt.getAttribute(ATT_ACCESS));
BeanDefinitionBuilder attributeBuilder = BeanDefinitionBuilder.rootBeanDefinition(SecurityConfig.class);
attributeBuilder.setFactoryMethod("createListFromCommaDelimitedString");
attributeBuilder.addConstructorArgValue(protectmethodElt.getAttribute(ATT_ACCESS));
// Support inference of class names
String methodName = protectmethodElt.getAttribute(ATT_METHOD);
@ -83,7 +86,7 @@ class InternalInterceptMethodsBeanDefinitionDecorator extends AbstractIntercepto
}
}
mappings.put(methodName, SecurityConfig.createList(tokens));
mappings.put(methodName, attributeBuilder.getBeanDefinition());
}
BeanDefinition metadataSource = new RootBeanDefinition(MapBasedMethodSecurityMetadataSource.class);

2
config/src/test/java/org/springframework/security/config/method/InterceptMethodsBeanDefinitionDecoratorTests.java
View File

@ -25,6 +25,8 @@ public class InterceptMethodsBeanDefinitionDecoratorTests {
@Before
public void loadContext() {
// Set value for placeholder
System.setProperty("admin.role", "ROLE_ADMIN");
appContext = new ClassPathXmlApplicationContext("org/springframework/security/config/method-security.xml");
target = (TestBusinessBean) appContext.getBean("target");
}

6
config/src/test/resources/org/springframework/security/config/method-security.xml
View File

@ -6,11 +6,13 @@
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<b:bean class='org.springframework.beans.factory.config.PropertyPlaceholderConfigurer'/>
<b:bean id="target" class="org.springframework.security.config.TestBusinessBeanImpl">
<!-- This will add a security interceptor to the bean -->
<intercept-methods>
<protect method="org.springframework.security.config.TestBusinessBean.set*" access="ROLE_ADMIN" />
<protect method="get*" access="ROLE_ADMIN,ROLE_USER" />
<protect method="org.springframework.security.config.TestBusinessBean.set*" access="${admin.role}" />
<protect method="get*" access="${admin.role},ROLE_USER" />
<protect method="doSomething" access="ROLE_USER" />
</intercept-methods>
</b:bean>