Search in sources :

Example 56 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class PreAuthorizeAuthorizationManagerTests method checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException.

@Test
public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception {
    Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new ClassLevelAnnotations(), ClassLevelAnnotations.class, "inheritedAnnotations");
    PreAuthorizeAuthorizationManager manager = new PreAuthorizeAuthorizationManager();
    assertThatExceptionOfType(AnnotationConfigurationException.class).isThrownBy(() -> manager.check(authentication, methodInvocation));
}
Also used : AnnotationConfigurationException(org.springframework.core.annotation.AnnotationConfigurationException) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 57 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class PreAuthorizeAuthorizationManagerTests method checkDoSomethingStringWhenArgIsNotGrantThenDeniedDecision.

@Test
public void checkDoSomethingStringWhenArgIsNotGrantThenDeniedDecision() throws Exception {
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomethingString", new Class[] { String.class }, new Object[] { "deny" });
    PreAuthorizeAuthorizationManager manager = new PreAuthorizeAuthorizationManager();
    AuthorizationDecision decision = manager.check(TestAuthentication::authenticatedUser, methodInvocation);
    assertThat(decision).isNotNull();
    assertThat(decision.isGranted()).isFalse();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Test(org.junit.jupiter.api.Test)

Example 58 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class Jsr250AuthorizationManagerTests method checkDenyAllWhenRoleAdminThenDeniedDecision.

@Test
public void checkDenyAllWhenRoleAdminThenDeniedDecision() throws Exception {
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "denyAll");
    Jsr250AuthorizationManager manager = new Jsr250AuthorizationManager();
    AuthorizationDecision decision = manager.check(TestAuthentication::authenticatedAdmin, methodInvocation);
    assertThat(decision).isNotNull();
    assertThat(decision.isGranted()).isFalse();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Test(org.junit.jupiter.api.Test)

Example 59 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class Jsr250AuthorizationManagerTests method checkRolesAllowedUserOrAdminWhenRoleAnonymousThenDeniedDecision.

@Test
public void checkRolesAllowedUserOrAdminWhenRoleAnonymousThenDeniedDecision() throws Exception {
    Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_ANONYMOUS");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "rolesAllowedUserOrAdmin");
    Jsr250AuthorizationManager manager = new Jsr250AuthorizationManager();
    AuthorizationDecision decision = manager.check(authentication, methodInvocation);
    assertThat(decision).isNotNull();
    assertThat(decision.isGranted()).isFalse();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 60 with MockMethodInvocation

use of org.springframework.security.access.intercept.method.MockMethodInvocation in project spring-security by spring-projects.

the class Jsr250AuthorizationManagerTests method checkRolesAllowedUserOrAdminWhenRoleUserThenGrantedDecision.

@Test
public void checkRolesAllowedUserOrAdminWhenRoleUserThenGrantedDecision() throws Exception {
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "rolesAllowedUserOrAdmin");
    Jsr250AuthorizationManager manager = new Jsr250AuthorizationManager();
    AuthorizationDecision decision = manager.check(TestAuthentication::authenticatedUser, methodInvocation);
    assertThat(decision).isNotNull();
    assertThat(decision.isGranted()).isTrue();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Test(org.junit.jupiter.api.Test)

Aggregations

MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)72 Test (org.junit.jupiter.api.Test)70 TestAuthentication (org.springframework.security.authentication.TestAuthentication)36 AuthorizationDecision (org.springframework.security.authorization.AuthorizationDecision)27 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)23 Authentication (org.springframework.security.core.Authentication)20 AnnotationConfigurationException (org.springframework.core.annotation.AnnotationConfigurationException)13 ConfigAttribute (org.springframework.security.access.ConfigAttribute)12 PreInvocationAttribute (org.springframework.security.access.prepost.PreInvocationAttribute)7 EvaluationContext (org.springframework.expression.EvaluationContext)3 SecurityExpressionRoot (org.springframework.security.access.expression.SecurityExpressionRoot)3 ArrayList (java.util.ArrayList)2 List (java.util.List)1 BeforeEach (org.junit.jupiter.api.BeforeEach)1 ProxyFactory (org.springframework.aop.framework.ProxyFactory)1 Expression (org.springframework.expression.Expression)1