Search in sources :

Example 1 with PreInvocationAuthorizationAdvice

use of org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method methodSecurityExpressionHandlerIsConfiguredWithPermissionEvaluatorFromTheContext.

@Test
public void methodSecurityExpressionHandlerIsConfiguredWithPermissionEvaluatorFromTheContext() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(PermissionEvaluatorConfiguration.class, AuthorizationAndResourceServerConfiguration.class, MinimalSecureWebApplication.class);
    this.context.refresh();
    PreInvocationAuthorizationAdvice advice = this.context.getBean(PreInvocationAuthorizationAdvice.class);
    MethodSecurityExpressionHandler expressionHandler = (MethodSecurityExpressionHandler) ReflectionTestUtils.getField(advice, "expressionHandler");
    PermissionEvaluator permissionEvaluator = (PermissionEvaluator) ReflectionTestUtils.getField(expressionHandler, "permissionEvaluator");
    assertThat(permissionEvaluator).isSameAs(this.context.getBean(PermissionEvaluator.class));
}
Also used : PreInvocationAuthorizationAdvice(org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice) PermissionEvaluator(org.springframework.security.access.PermissionEvaluator) AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext) OAuth2MethodSecurityExpressionHandler(org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.Test)

Example 2 with PreInvocationAuthorizationAdvice

use of org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method methodSecurityExpressionHandlerIsConfiguredWithRoleHierarchyFromTheContext.

@Test
public void methodSecurityExpressionHandlerIsConfiguredWithRoleHierarchyFromTheContext() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(RoleHierarchyConfiguration.class, AuthorizationAndResourceServerConfiguration.class, MinimalSecureWebApplication.class);
    this.context.refresh();
    PreInvocationAuthorizationAdvice advice = this.context.getBean(PreInvocationAuthorizationAdvice.class);
    MethodSecurityExpressionHandler expressionHandler = (MethodSecurityExpressionHandler) ReflectionTestUtils.getField(advice, "expressionHandler");
    RoleHierarchy roleHierarchy = (RoleHierarchy) ReflectionTestUtils.getField(expressionHandler, "roleHierarchy");
    assertThat(roleHierarchy).isSameAs(this.context.getBean(RoleHierarchy.class));
}
Also used : PreInvocationAuthorizationAdvice(org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice) AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext) RoleHierarchy(org.springframework.security.access.hierarchicalroles.RoleHierarchy) OAuth2MethodSecurityExpressionHandler(org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler) MethodSecurityExpressionHandler(org.springframework.security.access.expression.method.MethodSecurityExpressionHandler) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)2 AnnotationConfigServletWebServerApplicationContext (org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext)2 MethodSecurityExpressionHandler (org.springframework.security.access.expression.method.MethodSecurityExpressionHandler)2 PreInvocationAuthorizationAdvice (org.springframework.security.access.prepost.PreInvocationAuthorizationAdvice)2 OAuth2MethodSecurityExpressionHandler (org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler)2 PermissionEvaluator (org.springframework.security.access.PermissionEvaluator)1 RoleHierarchy (org.springframework.security.access.hierarchicalroles.RoleHierarchy)1