Search in sources :

Example 1 with AclAuthorizationStrategy

use of org.springframework.security.acls.domain.AclAuthorizationStrategy in project spring-security by spring-projects.

the class SpringCacheBasedAclCacheTests method cacheOperationsAclWithParent.

@SuppressWarnings("rawtypes")
@Test
public void cacheOperationsAclWithParent() throws Exception {
    Cache cache = getCache();
    Map realCache = (Map) cache.getNativeCache();
    Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
    auth.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(auth);
    ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 1L);
    ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, 2L);
    AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL"));
    AuditLogger auditLogger = new ConsoleAuditLogger();
    PermissionGrantingStrategy permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
    SpringCacheBasedAclCache myCache = new SpringCacheBasedAclCache(cache, permissionGrantingStrategy, aclAuthorizationStrategy);
    MutableAcl acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, auditLogger);
    MutableAcl parentAcl = new AclImpl(identityParent, 2L, aclAuthorizationStrategy, auditLogger);
    acl.setParent(parentAcl);
    assertThat(realCache).isEmpty();
    myCache.putInCache(acl);
    assertThat(4).isEqualTo(realCache.size());
    // Check we can get from cache the same objects we put in
    AclImpl aclFromCache = (AclImpl) myCache.getFromCache(1L);
    assertThat(aclFromCache).isEqualTo(acl);
    // SEC-951 check transient fields are set on parent
    assertThat(FieldUtils.getFieldValue(aclFromCache.getParentAcl(), "aclAuthorizationStrategy")).isNotNull();
    assertThat(FieldUtils.getFieldValue(aclFromCache.getParentAcl(), "permissionGrantingStrategy")).isNotNull();
    assertThat(myCache.getFromCache(identity)).isEqualTo(acl);
    assertThat(FieldUtils.getFieldValue(aclFromCache, "aclAuthorizationStrategy")).isNotNull();
    AclImpl parentAclFromCache = (AclImpl) myCache.getFromCache(2L);
    assertThat(parentAclFromCache).isEqualTo(parentAcl);
    assertThat(FieldUtils.getFieldValue(parentAclFromCache, "aclAuthorizationStrategy")).isNotNull();
    assertThat(myCache.getFromCache(identityParent)).isEqualTo(parentAcl);
}
Also used : AclAuthorizationStrategyImpl(org.springframework.security.acls.domain.AclAuthorizationStrategyImpl) DefaultPermissionGrantingStrategy(org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy) SpringCacheBasedAclCache(org.springframework.security.acls.domain.SpringCacheBasedAclCache) ConsoleAuditLogger(org.springframework.security.acls.domain.ConsoleAuditLogger) AuditLogger(org.springframework.security.acls.domain.AuditLogger) ObjectIdentityImpl(org.springframework.security.acls.domain.ObjectIdentityImpl) AclAuthorizationStrategy(org.springframework.security.acls.domain.AclAuthorizationStrategy) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) DefaultPermissionGrantingStrategy(org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy) PermissionGrantingStrategy(org.springframework.security.acls.model.PermissionGrantingStrategy) ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) AclImpl(org.springframework.security.acls.domain.AclImpl) Authentication(org.springframework.security.core.Authentication) ConsoleAuditLogger(org.springframework.security.acls.domain.ConsoleAuditLogger) MutableAcl(org.springframework.security.acls.model.MutableAcl) Map(java.util.Map) Cache(org.springframework.cache.Cache) SpringCacheBasedAclCache(org.springframework.security.acls.domain.SpringCacheBasedAclCache) Test(org.junit.jupiter.api.Test)

Example 2 with AclAuthorizationStrategy

use of org.springframework.security.acls.domain.AclAuthorizationStrategy in project spring-security by spring-projects.

the class SpringCacheBasedAclCacheTests method cacheOperationsAclWithoutParent.

@SuppressWarnings("rawtypes")
@Test
public void cacheOperationsAclWithoutParent() {
    Cache cache = getCache();
    Map realCache = (Map) cache.getNativeCache();
    ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100L);
    AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"), new SimpleGrantedAuthority("ROLE_GENERAL"));
    AuditLogger auditLogger = new ConsoleAuditLogger();
    PermissionGrantingStrategy permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
    SpringCacheBasedAclCache myCache = new SpringCacheBasedAclCache(cache, permissionGrantingStrategy, aclAuthorizationStrategy);
    MutableAcl acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, auditLogger);
    assertThat(realCache).isEmpty();
    myCache.putInCache(acl);
    // Check we can get from cache the same objects we put in
    assertThat(acl).isEqualTo(myCache.getFromCache(1L));
    assertThat(acl).isEqualTo(myCache.getFromCache(identity));
    // Put another object in cache
    ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, 101L);
    MutableAcl acl2 = new AclImpl(identity2, 2L, aclAuthorizationStrategy, new ConsoleAuditLogger());
    myCache.putInCache(acl2);
    // Try to evict an entry that doesn't exist
    myCache.evictFromCache(3L);
    myCache.evictFromCache(new ObjectIdentityImpl(TARGET_CLASS, 102L));
    assertThat(realCache).hasSize(4);
    myCache.evictFromCache(1L);
    assertThat(realCache).hasSize(2);
    // Check the second object inserted
    assertThat(acl2).isEqualTo(myCache.getFromCache(2L));
    assertThat(acl2).isEqualTo(myCache.getFromCache(identity2));
    myCache.evictFromCache(identity2);
    assertThat(realCache).isEmpty();
}
Also used : AclAuthorizationStrategyImpl(org.springframework.security.acls.domain.AclAuthorizationStrategyImpl) DefaultPermissionGrantingStrategy(org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy) SpringCacheBasedAclCache(org.springframework.security.acls.domain.SpringCacheBasedAclCache) ConsoleAuditLogger(org.springframework.security.acls.domain.ConsoleAuditLogger) AuditLogger(org.springframework.security.acls.domain.AuditLogger) ObjectIdentityImpl(org.springframework.security.acls.domain.ObjectIdentityImpl) AclAuthorizationStrategy(org.springframework.security.acls.domain.AclAuthorizationStrategy) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) DefaultPermissionGrantingStrategy(org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy) PermissionGrantingStrategy(org.springframework.security.acls.model.PermissionGrantingStrategy) ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) AclImpl(org.springframework.security.acls.domain.AclImpl) ConsoleAuditLogger(org.springframework.security.acls.domain.ConsoleAuditLogger) MutableAcl(org.springframework.security.acls.model.MutableAcl) Map(java.util.Map) Cache(org.springframework.cache.Cache) SpringCacheBasedAclCache(org.springframework.security.acls.domain.SpringCacheBasedAclCache) Test(org.junit.jupiter.api.Test)

Aggregations

Map (java.util.Map)2 Test (org.junit.jupiter.api.Test)2 Cache (org.springframework.cache.Cache)2 AclAuthorizationStrategy (org.springframework.security.acls.domain.AclAuthorizationStrategy)2 AclAuthorizationStrategyImpl (org.springframework.security.acls.domain.AclAuthorizationStrategyImpl)2 AclImpl (org.springframework.security.acls.domain.AclImpl)2 AuditLogger (org.springframework.security.acls.domain.AuditLogger)2 ConsoleAuditLogger (org.springframework.security.acls.domain.ConsoleAuditLogger)2 DefaultPermissionGrantingStrategy (org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy)2 ObjectIdentityImpl (org.springframework.security.acls.domain.ObjectIdentityImpl)2 SpringCacheBasedAclCache (org.springframework.security.acls.domain.SpringCacheBasedAclCache)2 MutableAcl (org.springframework.security.acls.model.MutableAcl)2 ObjectIdentity (org.springframework.security.acls.model.ObjectIdentity)2 PermissionGrantingStrategy (org.springframework.security.acls.model.PermissionGrantingStrategy)2 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)2 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1 Authentication (org.springframework.security.core.Authentication)1