Examples with ConfigAttribute org.springframework.security.access.ConfigAttribute used on opensource projects

Search in sources :

Example 61 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.

the class Jsr250MethodSecurityMetadataSourceTests method classLevelAnnotationsOnlyAffectTheClassTheyAnnotateAndTheirMembers.

// JSR-250 Spec Tests
/**
	 * Class-level annotations only affect the class they annotate and their members, that
	 * is, its methods and fields. They never affect a member declared by a superclass,
	 * even if it is not hidden or overridden by the class in question.
	 *
	 * @throws Exception
	 */
@Test
public void classLevelAnnotationsOnlyAffectTheClassTheyAnnotateAndTheirMembers() throws Exception {
    Child target = new Child();
    MockMethodInvocation mi = new MockMethodInvocation(target, target.getClass(), "notOverriden");
    Collection<ConfigAttribute> accessAttributes = this.mds.getAttributes(mi);
    assertThat(accessAttributes).isNull();
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) Test(org.junit.Test)

Example 62 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.

the class Jsr250MethodSecurityMetadataSourceTests method classLevelAnnotationsIgnoredByExplicitMemberAnnotation.

@Test
public void classLevelAnnotationsIgnoredByExplicitMemberAnnotation() throws Exception {
    Child target = new Child();
    MockMethodInvocation mi = new MockMethodInvocation(target, target.getClass(), "explicitMethod");
    Collection<ConfigAttribute> accessAttributes = this.mds.getAttributes(mi);
    assertThat(accessAttributes).hasSize(1);
    assertThat(accessAttributes.toArray()[0].toString()).isEqualTo("ROLE_EXPLICIT");
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) Test(org.junit.Test)

Example 63 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.

the class Jsr250MethodSecurityMetadataSourceTests method classLevelAnnotationsOnlyAffectTheClassTheyAnnotateAndTheirMembersOverriden.

@Test
public void classLevelAnnotationsOnlyAffectTheClassTheyAnnotateAndTheirMembersOverriden() throws Exception {
    Child target = new Child();
    MockMethodInvocation mi = new MockMethodInvocation(target, target.getClass(), "overriden");
    Collection<ConfigAttribute> accessAttributes = this.mds.getAttributes(mi);
    assertThat(accessAttributes).hasSize(1);
    assertThat(accessAttributes.toArray()[0].toString()).isEqualTo("ROLE_DERIVED");
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) Test(org.junit.Test)

Example 64 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.

the class Jsr250MethodSecurityMetadataSourceTests method interfacesNeverContributeAnnotationsMethodLevel.

/**
	 * The interfaces implemented by a class never contribute annotations to the class
	 * itself or any of its members.
	 *
	 * @throws Exception
	 */
@Test
public void interfacesNeverContributeAnnotationsMethodLevel() throws Exception {
    Parent target = new Parent();
    MockMethodInvocation mi = new MockMethodInvocation(target, target.getClass(), "interfaceMethod");
    Collection<ConfigAttribute> accessAttributes = this.mds.getAttributes(mi);
    assertThat(accessAttributes).isEmpty();
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) Test(org.junit.Test)

Example 65 with ConfigAttribute

use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.

the class Jsr250VoterTests method supportsMultipleRolesCorrectly.

// SEC-1443
@Test
public void supportsMultipleRolesCorrectly() throws Exception {
    List<ConfigAttribute> attrs = new ArrayList<ConfigAttribute>();
    Jsr250Voter voter = new Jsr250Voter();
    attrs.add(new Jsr250SecurityConfig("A"));
    attrs.add(new Jsr250SecurityConfig("B"));
    attrs.add(new Jsr250SecurityConfig("C"));
    assertThat(voter.vote(new TestingAuthenticationToken("user", "pwd", "A"), new Object(), attrs)).isEqualTo(AccessDecisionVoter.ACCESS_GRANTED);
    assertThat(voter.vote(new TestingAuthenticationToken("user", "pwd", "B"), new Object(), attrs)).isEqualTo(AccessDecisionVoter.ACCESS_GRANTED);
    assertThat(voter.vote(new TestingAuthenticationToken("user", "pwd", "C"), new Object(), attrs)).isEqualTo(AccessDecisionVoter.ACCESS_GRANTED);
    assertThat(voter.vote(new TestingAuthenticationToken("user", "pwd", "NONE"), new Object(), attrs)).isEqualTo(AccessDecisionVoter.ACCESS_DENIED);
    assertThat(voter.vote(new TestingAuthenticationToken("user", "pwd", "A"), new Object(), SecurityConfig.createList("A", "B", "C"))).isEqualTo(AccessDecisionVoter.ACCESS_ABSTAIN);
}
Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) ArrayList(java.util.ArrayList) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Aggregations

ConfigAttribute (org.springframework.security.access.ConfigAttribute)88 Test (org.junit.Test)54 SecurityConfig (org.springframework.security.access.SecurityConfig)21 FilterInvocation (org.springframework.security.web.FilterInvocation)15 AccessDeniedException (org.springframework.security.access.AccessDeniedException)13 MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)12 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)10 ArrayList (java.util.ArrayList)9 LinkedHashMap (java.util.LinkedHashMap)8 Authentication (org.springframework.security.core.Authentication)8 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8 Collection (java.util.Collection)6 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)6 Method (java.lang.reflect.Method)5 List (java.util.List)5 MethodInvocation (org.aopalliance.intercept.MethodInvocation)5 GrantedAuthority (org.springframework.security.core.GrantedAuthority)5 RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)5 AuthorizationFailureEvent (org.springframework.security.access.event.AuthorizationFailureEvent)4 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial