Examples with RoleHierarchy org.springframework.security.access.hierarchicalroles.RoleHierarchy used on opensource projects

Search in sources :

Example 1 with RoleHierarchy

use of org.springframework.security.access.hierarchicalroles.RoleHierarchy in project spring-security by spring-projects.

the class SidRetrievalStrategyTests method roleHierarchyIsUsedWhenSet.

@Test
public void roleHierarchyIsUsedWhenSet() {
    RoleHierarchy rh = mock(RoleHierarchy.class);
    List rhAuthorities = AuthorityUtils.createAuthorityList("D");
    given(rh.getReachableGrantedAuthorities(anyCollection())).willReturn(rhAuthorities);
    SidRetrievalStrategy strat = new SidRetrievalStrategyImpl(rh);
    List<Sid> sids = strat.getSids(this.authentication);
    assertThat(sids).hasSize(2);
    assertThat(sids.get(0)).isNotNull();
    assertThat(sids.get(0) instanceof PrincipalSid).isTrue();
    assertThat(((GrantedAuthoritySid) sids.get(1)).getGrantedAuthority()).isEqualTo("D");
}
Also used : SidRetrievalStrategyImpl(org.springframework.security.acls.domain.SidRetrievalStrategyImpl) GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid) RoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy) List(java.util.List) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) SidRetrievalStrategy(org.springframework.security.acls.model.SidRetrievalStrategy) Sid(org.springframework.security.acls.model.Sid) GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Test(org.junit.jupiter.api.Test)

Example 2 with RoleHierarchy

use of org.springframework.security.access.hierarchicalroles.RoleHierarchy in project spring-security by spring-projects.

the class GlobalMethodSecurityConfiguration method afterSingletonsInstantiated.

@Override
public void afterSingletonsInstantiated() {
    try {
        initializeMethodSecurityInterceptor();
    } catch (Exception ex) {
        throw new RuntimeException(ex);
    }
    PermissionEvaluator permissionEvaluator = getSingleBeanOrNull(PermissionEvaluator.class);
    if (permissionEvaluator != null) {
        this.defaultMethodExpressionHandler.setPermissionEvaluator(permissionEvaluator);
    }
    RoleHierarchy roleHierarchy = getSingleBeanOrNull(RoleHierarchy.class);
    if (roleHierarchy != null) {
        this.defaultMethodExpressionHandler.setRoleHierarchy(roleHierarchy);
    }
    AuthenticationTrustResolver trustResolver = getSingleBeanOrNull(AuthenticationTrustResolver.class);
    if (trustResolver != null) {
        this.defaultMethodExpressionHandler.setTrustResolver(trustResolver);
    }
    GrantedAuthorityDefaults grantedAuthorityDefaults = getSingleBeanOrNull(GrantedAuthorityDefaults.class);
    if (grantedAuthorityDefaults != null) {
        this.defaultMethodExpressionHandler.setDefaultRolePrefix(grantedAuthorityDefaults.getRolePrefix());
    }
    this.defaultMethodExpressionHandler = this.objectPostProcessor.postProcess(this.defaultMethodExpressionHandler);
}
Also used : PermissionEvaluator(org.springframework.security.access.PermissionEvaluator) GrantedAuthorityDefaults(org.springframework.security.config.core.GrantedAuthorityDefaults) RoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy) AuthenticationTrustResolver(org.springframework.security.authentication.AuthenticationTrustResolver) BeansException(org.springframework.beans.BeansException) NoSuchBeanDefinitionException(org.springframework.beans.factory.NoSuchBeanDefinitionException)

Example 3 with RoleHierarchy

use of org.springframework.security.access.hierarchicalroles.RoleHierarchy in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method methodSecurityExpressionHandlerIsConfiguredWithRoleHierarchyFromTheContext.

@Test
public void methodSecurityExpressionHandlerIsConfiguredWithRoleHierarchyFromTheContext() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(RoleHierarchyConfiguration.class, AuthorizationAndResourceServerConfiguration.class, MinimalSecureWebApplication.class);
    this.context.refresh();
    PreInvocationAuthorizationAdvice advice = this.context.getBean(PreInvocationAuthorizationAdvice.class);
    MethodSecurityExpressionHandler expressionHandler = (MethodSecurityExpressionHandler) ReflectionTestUtils.getField(advice, "expressionHandler");
    RoleHierarchy roleHierarchy = (RoleHierarchy) ReflectionTestUtils.getField(expressionHandler, "roleHierarchy");
    assertThat(roleHierarchy).isSameAs(this.context.getBean(RoleHierarchy.class));
}
Also used : PreInvocationAuthorizationAdvice(org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice) AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext) RoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy) OAuth2MethodSecurityExpressionHandler(org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.Test)

Example 4 with RoleHierarchy

use of org.springframework.security.access.hierarchicalroles.RoleHierarchy in project spring-security by spring-projects.

the class SecurityExpressionRootTests method roleHierarchySupportIsCorrectlyUsedInEvaluatingRoles.

@Test
public void roleHierarchySupportIsCorrectlyUsedInEvaluatingRoles() throws Exception {
    root.setRoleHierarchy(new RoleHierarchy() {

        public Collection<GrantedAuthority> getReachableGrantedAuthorities(Collection<? extends GrantedAuthority> authorities) {
            return AuthorityUtils.createAuthorityList("ROLE_C");
        }
    });
    assertThat(root.hasRole("C")).isTrue();
    assertThat(root.hasAuthority("ROLE_C")).isTrue();
    assertThat(root.hasRole("A")).isFalse();
    assertThat(root.hasRole("B")).isFalse();
    assertThat(root.hasAnyRole("C", "A", "B")).isTrue();
    assertThat(root.hasAnyAuthority("ROLE_C", "ROLE_A", "ROLE_B")).isTrue();
    assertThat(root.hasAnyRole("A", "B")).isFalse();
}
Also used : RoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy) Collection(java.util.Collection) Test(org.junit.Test)

Aggregations

RoleHierarchy (org.springframework.security.access.hierarchicalroles.RoleHierarchy)4 Test (org.junit.Test)2 Collection (java.util.Collection)1 List (java.util.List)1 Test (org.junit.jupiter.api.Test)1 BeansException (org.springframework.beans.BeansException)1 NoSuchBeanDefinitionException (org.springframework.beans.factory.NoSuchBeanDefinitionException)1 AnnotationConfigServletWebServerApplicationContext (org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext)1 PermissionEvaluator (org.springframework.security.access.PermissionEvaluator)1 MethodSecurityExpressionHandler (org.springframework.security.access.expression.method.MethodSecurityExpressionHandler)1 PreInvocationAuthorizationAdvice (org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice)1 GrantedAuthoritySid (org.springframework.security.acls.domain.GrantedAuthoritySid)1 PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)1 SidRetrievalStrategyImpl (org.springframework.security.acls.domain.SidRetrievalStrategyImpl)1 Sid (org.springframework.security.acls.model.Sid)1 SidRetrievalStrategy (org.springframework.security.acls.model.SidRetrievalStrategy)1 AuthenticationTrustResolver (org.springframework.security.authentication.AuthenticationTrustResolver)1 GrantedAuthorityDefaults (org.springframework.security.config.core.GrantedAuthorityDefaults)1 OAuth2MethodSecurityExpressionHandler (org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial