Search in sources :

Example 1 with MethodSecurityExpressionHandler

use of org.springframework.security.access.expression.method.MethodSecurityExpressionHandler in project spring-security by spring-projects.

the class PostAuthorizeAuthorizationManagerTests method setExpressionHandlerWhenNotNullThenSetsExpressionHandler.

@Test
public void setExpressionHandlerWhenNotNullThenSetsExpressionHandler() {
    MethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
    PostAuthorizeAuthorizationManager manager = new PostAuthorizeAuthorizationManager();
    manager.setExpressionHandler(expressionHandler);
    assertThat(manager).extracting("expressionHandler").isEqualTo(expressionHandler);
}
Also used : DefaultMethodSecurityExpressionHandler(org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler) DefaultMethodSecurityExpressionHandler(org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.jupiter.api.Test)

Example 2 with MethodSecurityExpressionHandler

use of org.springframework.security.access.expression.method.MethodSecurityExpressionHandler in project spring-security by spring-projects.

the class PreAuthorizeAuthorizationManagerTests method setExpressionHandlerWhenNotNullThenSetsExpressionHandler.

@Test
public void setExpressionHandlerWhenNotNullThenSetsExpressionHandler() {
    MethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
    PreAuthorizeAuthorizationManager manager = new PreAuthorizeAuthorizationManager();
    manager.setExpressionHandler(expressionHandler);
    assertThat(manager).extracting("expressionHandler").isEqualTo(expressionHandler);
}
Also used : DefaultMethodSecurityExpressionHandler(org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler) DefaultMethodSecurityExpressionHandler(org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.jupiter.api.Test)

Example 3 with MethodSecurityExpressionHandler

use of org.springframework.security.access.expression.method.MethodSecurityExpressionHandler in project spring-security by spring-projects.

the class PreFilterAuthorizationMethodInterceptorTests method setExpressionHandlerWhenNotNullThenSetsExpressionHandler.

@Test
public void setExpressionHandlerWhenNotNullThenSetsExpressionHandler() {
    MethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
    PreFilterAuthorizationMethodInterceptor advice = new PreFilterAuthorizationMethodInterceptor();
    advice.setExpressionHandler(expressionHandler);
    assertThat(advice).extracting("expressionHandler").isEqualTo(expressionHandler);
}
Also used : DefaultMethodSecurityExpressionHandler(org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler) DefaultMethodSecurityExpressionHandler(org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.jupiter.api.Test)

Example 4 with MethodSecurityExpressionHandler

use of org.springframework.security.access.expression.method.MethodSecurityExpressionHandler in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method methodSecurityExpressionHandlerIsConfiguredWithPermissionEvaluatorFromTheContext.

@Test
public void methodSecurityExpressionHandlerIsConfiguredWithPermissionEvaluatorFromTheContext() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(PermissionEvaluatorConfiguration.class, AuthorizationAndResourceServerConfiguration.class, MinimalSecureWebApplication.class);
    this.context.refresh();
    PreInvocationAuthorizationAdvice advice = this.context.getBean(PreInvocationAuthorizationAdvice.class);
    MethodSecurityExpressionHandler expressionHandler = (MethodSecurityExpressionHandler) ReflectionTestUtils.getField(advice, "expressionHandler");
    PermissionEvaluator permissionEvaluator = (PermissionEvaluator) ReflectionTestUtils.getField(expressionHandler, "permissionEvaluator");
    assertThat(permissionEvaluator).isSameAs(this.context.getBean(PermissionEvaluator.class));
}
Also used : PreInvocationAuthorizationAdvice(org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice) PermissionEvaluator(org.springframework.security.access.PermissionEvaluator) AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext) OAuth2MethodSecurityExpressionHandler(org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.Test)

Example 5 with MethodSecurityExpressionHandler

use of org.springframework.security.access.expression.method.MethodSecurityExpressionHandler in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method methodSecurityExpressionHandlerIsConfiguredWithRoleHierarchyFromTheContext.

@Test
public void methodSecurityExpressionHandlerIsConfiguredWithRoleHierarchyFromTheContext() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(RoleHierarchyConfiguration.class, AuthorizationAndResourceServerConfiguration.class, MinimalSecureWebApplication.class);
    this.context.refresh();
    PreInvocationAuthorizationAdvice advice = this.context.getBean(PreInvocationAuthorizationAdvice.class);
    MethodSecurityExpressionHandler expressionHandler = (MethodSecurityExpressionHandler) ReflectionTestUtils.getField(advice, "expressionHandler");
    RoleHierarchy roleHierarchy = (RoleHierarchy) ReflectionTestUtils.getField(expressionHandler, "roleHierarchy");
    assertThat(roleHierarchy).isSameAs(this.context.getBean(RoleHierarchy.class));
}
Also used : PreInvocationAuthorizationAdvice(org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice) AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext) RoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy) OAuth2MethodSecurityExpressionHandler(org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.Test)

Aggregations

MethodSecurityExpressionHandler (org.springframework.security.access.expression.method.MethodSecurityExpressionHandler)6 Test (org.junit.jupiter.api.Test)4 DefaultMethodSecurityExpressionHandler (org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler)4 Test (org.junit.Test)2 AnnotationConfigServletWebServerApplicationContext (org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext)2 PreInvocationAuthorizationAdvice (org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice)2 OAuth2MethodSecurityExpressionHandler (org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler)2 PermissionEvaluator (org.springframework.security.access.PermissionEvaluator)1 RoleHierarchy (org.springframework.security.access.hierarchicalroles.RoleHierarchy)1