Example 11 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class SecuredAnnotationSecurityMetadataSourceTests method proxyFactoryInterfaceAttributesFound.
@Test
public void proxyFactoryInterfaceAttributesFound() throws Exception {
MockMethodInvocation mi = MethodInvocationFactory.createSec2150MethodInvocation();
Collection<ConfigAttribute> attributes = mds.getAttributes(mi);
assertThat(attributes.size()).isEqualTo(1);
assertThat(attributes).extracting("attribute").containsOnly("ROLE_PERSON");
}
Also used :
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation)
Test(org.junit.Test)
Example 12 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class SecuredAnnotationSecurityMetadataSourceTests method annotatedAnnotationAtInterfaceLevelIsDetected.
@Test
public void annotatedAnnotationAtInterfaceLevelIsDetected() throws Exception {
MockMethodInvocation annotatedAtInterfaceLevel = new MockMethodInvocation(new AnnotatedAnnotationAtInterfaceLevel(), ReturnVoid2.class, "doSomething", List.class);
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtInterfaceLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs.length).isEqualTo(1);
assertThat(attrs[0].getAttribute()).isEqualTo("CUSTOM");
}
Also used :
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation)
Test(org.junit.Test)
Example 13 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class SecuredAnnotationSecurityMetadataSourceTests method annotatedAnnotationAtMethodLevelIsDetected.
@Test
public void annotatedAnnotationAtMethodLevelIsDetected() throws Exception {
MockMethodInvocation annotatedAtMethodLevel = new MockMethodInvocation(new AnnotatedAnnotationAtMethodLevel(), ReturnVoid.class, "doSomething", List.class);
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtMethodLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs.length).isEqualTo(1);
assertThat(attrs[0].getAttribute()).isEqualTo("CUSTOM");
}
Also used :
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation)
Test(org.junit.Test)
Example 14 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class SecuredAnnotationSecurityMetadataSourceTests method methodLevelAttributesAreFound.
@Test
public void methodLevelAttributesAreFound() {
Method method = null;
try {
method = BusinessService.class.getMethod("someUserAndAdminMethod", new Class[] {});
} catch (NoSuchMethodException unexpected) {
fail("Should be a method called 'someUserAndAdminMethod' on class!");
}
Collection<ConfigAttribute> attrs = this.mds.findAttributes(method, BusinessService.class);
assertThat(attrs).isNotNull();
// expect 2 attributes
assertThat(attrs).hasSize(2);
boolean user = false;
boolean admin = false;
// should have 2 SecurityConfigs
for (ConfigAttribute sc : attrs) {
assertThat(sc instanceof SecurityConfig).isTrue();
if (sc.getAttribute().equals("ROLE_USER")) {
user = true;
} else if (sc.getAttribute().equals("ROLE_ADMIN")) {
admin = true;
}
}
// expect to have ROLE_USER and ROLE_ADMIN
assertThat(user && admin).isTrue();
}
Also used :
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
SecurityConfig(org.springframework.security.access.SecurityConfig)
Method(java.lang.reflect.Method)
Test(org.junit.Test)
Example 15 with ConfigAttribute
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class SecuredAnnotationSecurityMetadataSourceTests method annotatedAnnotationAtClassLevelIsDetected.
@Test
public void annotatedAnnotationAtClassLevelIsDetected() throws Exception {
MockMethodInvocation annotatedAtClassLevel = new MockMethodInvocation(new AnnotatedAnnotationAtClassLevel(), ReturnVoid.class, "doSomething", List.class);
ConfigAttribute[] attrs = mds.getAttributes(annotatedAtClassLevel).toArray(new ConfigAttribute[0]);
assertThat(attrs.length).isEqualTo(1);
assertThat(attrs[0].getAttribute()).isEqualTo("CUSTOM");
}
Also used :
ConfigAttribute(org.springframework.security.access.ConfigAttribute)
MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation)
Test(org.junit.Test)
Aggregations
ConfigAttribute (org.springframework.security.access.ConfigAttribute)88
Test (org.junit.Test)54
SecurityConfig (org.springframework.security.access.SecurityConfig)21
FilterInvocation (org.springframework.security.web.FilterInvocation)15
AccessDeniedException (org.springframework.security.access.AccessDeniedException)13
MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)12
TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)10
ArrayList (java.util.ArrayList)9
LinkedHashMap (java.util.LinkedHashMap)8
Authentication (org.springframework.security.core.Authentication)8
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8
Collection (java.util.Collection)6
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)6
Method (java.lang.reflect.Method)5
List (java.util.List)5
MethodInvocation (org.aopalliance.intercept.MethodInvocation)5
GrantedAuthority (org.springframework.security.core.GrantedAuthority)5
RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)5
AuthorizationFailureEvent (org.springframework.security.access.event.AuthorizationFailureEvent)4
SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)4
