use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testOneAffirmativeVoteTwoAbstainVotesGrantsAccess.
@Test
public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
List<ConfigAttribute> config = SecurityConfig.createList("ROLE_2");
mgr.decide(auth, new Object(), config);
}
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testThreeAbstainVotesGrantsAccessWithoutDefault.
@Test
public void testThreeAbstainVotesGrantsAccessWithoutDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
mgr.setAllowIfAllAbstainDecisions(true);
// check changed
assertThat(mgr.isAllowIfAllAbstainDecisions()).isTrue();
List<ConfigAttribute> config = SecurityConfig.createList("IGNORED_BY_ALL");
mgr.decide(auth, new Object(), config);
}
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testOneDenyVoteTwoAbstainVotesDeniesAccess.
@Test
public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
List<ConfigAttribute> config = SecurityConfig.createList("ROLE_WE_DO_NOT_HAVE");
try {
mgr.decide(auth, new Object(), config);
fail("Should have thrown AccessDeniedException");
} catch (AccessDeniedException expected) {
}
}
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testThreeAbstainVotesDeniesAccessWithDefault.
@Test
public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
// check default
assertThat(!mgr.isAllowIfAllAbstainDecisions()).isTrue();
List<ConfigAttribute> config = SecurityConfig.createList("IGNORED_BY_ALL");
try {
mgr.decide(auth, new Object(), config);
fail("Should have thrown AccessDeniedException");
} catch (AccessDeniedException expected) {
}
}
use of org.springframework.security.access.ConfigAttribute in project spring-security by spring-projects.
the class UnanimousBasedTests method testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess.
@Test
public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess() throws Exception {
TestingAuthenticationToken auth = makeTestToken();
UnanimousBased mgr = makeDecisionManager();
List<ConfigAttribute> config = SecurityConfig.createList(new String[] { "ROLE_1", "DENY_FOR_SURE" });
try {
mgr.decide(auth, new Object(), config);
fail("Should have thrown AccessDeniedException");
} catch (AccessDeniedException expected) {
}
}
Aggregations