Examples with MockMethodInvocation - org.springframework.security.access.intercept.method.MockMethodInvocation

Example 1 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class ReactiveMethodSecurityConfigurationTests method rolePrefixWithDefaultConfig.

@Test
public void rolePrefixWithDefaultConfig() throws NoSuchMethodException {
    this.spring.register(ReactiveMethodSecurityConfiguration.class).autowire();
    TestingAuthenticationToken authentication = new TestingAuthenticationToken("principal", "credential", "ROLE_ABC");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new Foo(), Foo.class, "bar", String.class);
    EvaluationContext context = this.methodSecurityExpressionHandler.createEvaluationContext(authentication, methodInvocation);
    SecurityExpressionRoot root = (SecurityExpressionRoot) context.getRootObject().getValue();
    assertThat(root.hasRole("ROLE_ABC")).isTrue();
    assertThat(root.hasRole("ABC")).isTrue();
}

Also used : MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) EvaluationContext(org.springframework.expression.EvaluationContext) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) SecurityExpressionRoot(org.springframework.security.access.expression.SecurityExpressionRoot) Test(org.junit.jupiter.api.Test)

Example 2 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class ReactiveMethodSecurityConfigurationTests method rolePrefixWithGrantedAuthorityDefaultsAndSubclassWithProxyingEnabled.

@Test
public void rolePrefixWithGrantedAuthorityDefaultsAndSubclassWithProxyingEnabled() throws NoSuchMethodException {
    this.spring.register(SubclassConfig.class).autowire();
    TestingAuthenticationToken authentication = new TestingAuthenticationToken("principal", "credential", "ROLE_ABC");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new Foo(), Foo.class, "bar", String.class);
    EvaluationContext context = this.methodSecurityExpressionHandler.createEvaluationContext(authentication, methodInvocation);
    SecurityExpressionRoot root = (SecurityExpressionRoot) context.getRootObject().getValue();
    assertThat(root.hasRole("ROLE_ABC")).isTrue();
    assertThat(root.hasRole("ABC")).isTrue();
}

Example 3 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class Jsr250MethodSecurityMetadataSourceTests method annotationsOnOverriddenMemberIgnored.

@Test
public void annotationsOnOverriddenMemberIgnored() throws Exception {
    Child target = new Child();
    MockMethodInvocation mi = new MockMethodInvocation(target, target.getClass(), "overridenIgnored");
    Collection<ConfigAttribute> accessAttributes = this.mds.getAttributes(mi);
    assertThat(accessAttributes).hasSize(1);
    assertThat(accessAttributes.toArray()[0].toString()).isEqualTo("ROLE_DERIVED");
}

Also used : ConfigAttribute(org.springframework.security.access.ConfigAttribute) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) Test(org.junit.jupiter.api.Test)

Example 4 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class SecuredAnnotationSecurityMetadataSourceTests method annotatedAnnotationAtClassLevelIsDetected.

@Test
public void annotatedAnnotationAtClassLevelIsDetected() throws Exception {
    MockMethodInvocation annotatedAtClassLevel = new MockMethodInvocation(new AnnotatedAnnotationAtClassLevel(), ReturnVoid.class, "doSomething", List.class);
    ConfigAttribute[] attrs = this.mds.getAttributes(annotatedAtClassLevel).toArray(new ConfigAttribute[0]);
    assertThat(attrs).hasSize(1);
    assertThat(attrs).extracting("attribute").containsOnly("CUSTOM");
}

Example 5 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class SecuredAnnotationSecurityMetadataSourceTests method annotatedAnnotationAtInterfaceLevelIsDetected.

@Test
public void annotatedAnnotationAtInterfaceLevelIsDetected() throws Exception {
    MockMethodInvocation annotatedAtInterfaceLevel = new MockMethodInvocation(new AnnotatedAnnotationAtInterfaceLevel(), ReturnVoid2.class, "doSomething", List.class);
    ConfigAttribute[] attrs = this.mds.getAttributes(annotatedAtInterfaceLevel).toArray(new ConfigAttribute[0]);
    assertThat(attrs).hasSize(1);
    assertThat(attrs).extracting("attribute").containsOnly("CUSTOM");
}

Aggregations

MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)72 Test (org.junit.jupiter.api.Test)70 TestAuthentication (org.springframework.security.authentication.TestAuthentication)36 AuthorizationDecision (org.springframework.security.authorization.AuthorizationDecision)27 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)23 Authentication (org.springframework.security.core.Authentication)20 AnnotationConfigurationException (org.springframework.core.annotation.AnnotationConfigurationException)13 ConfigAttribute (org.springframework.security.access.ConfigAttribute)12 PreInvocationAttribute (org.springframework.security.access.prepost.PreInvocationAttribute)7 EvaluationContext (org.springframework.expression.EvaluationContext)3 SecurityExpressionRoot (org.springframework.security.access.expression.SecurityExpressionRoot)3 ArrayList (java.util.ArrayList)2 List (java.util.List)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 ProxyFactory (org.springframework.aop.framework.ProxyFactory)1 Expression (org.springframework.expression.Expression)1