Search in sources :

Example 1 with CumulativePermission

use of org.springframework.security.acls.domain.CumulativePermission in project spring-security by spring-projects.

the class JdbcMutableAclServiceTests method cumulativePermissions.

@Test
@Transactional
public void cumulativePermissions() {
    Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_ADMINISTRATOR");
    auth.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(auth);
    ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(110));
    MutableAcl topParent = jdbcMutableAclService.createAcl(topParentOid);
    // Add an ACE permission entry
    Permission cm = new CumulativePermission().set(BasePermission.READ).set(BasePermission.ADMINISTRATION);
    assertThat(cm.getMask()).isEqualTo(17);
    Sid benSid = new PrincipalSid(auth);
    topParent.insertAce(0, cm, benSid, true);
    assertThat(topParent.getEntries()).hasSize(1);
    // Explicitly save the changed ACL
    topParent = jdbcMutableAclService.updateAcl(topParent);
    // Check the mask was retrieved correctly
    assertThat(topParent.getEntries().get(0).getPermission().getMask()).isEqualTo(17);
    assertThat(topParent.isGranted(Arrays.asList(cm), Arrays.asList(benSid), true)).isTrue();
    SecurityContextHolder.clearContext();
}
Also used : ObjectIdentity(org.springframework.security.acls.model.ObjectIdentity) CumulativePermission(org.springframework.security.acls.domain.CumulativePermission) Authentication(org.springframework.security.core.Authentication) ObjectIdentityImpl(org.springframework.security.acls.domain.ObjectIdentityImpl) Permission(org.springframework.security.acls.model.Permission) BasePermission(org.springframework.security.acls.domain.BasePermission) CumulativePermission(org.springframework.security.acls.domain.CumulativePermission) MutableAcl(org.springframework.security.acls.model.MutableAcl) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) CustomSid(org.springframework.security.acls.sid.CustomSid) Sid(org.springframework.security.acls.model.Sid) GrantedAuthoritySid(org.springframework.security.acls.domain.GrantedAuthoritySid) PrincipalSid(org.springframework.security.acls.domain.PrincipalSid) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

Test (org.junit.Test)1 BasePermission (org.springframework.security.acls.domain.BasePermission)1 CumulativePermission (org.springframework.security.acls.domain.CumulativePermission)1 GrantedAuthoritySid (org.springframework.security.acls.domain.GrantedAuthoritySid)1 ObjectIdentityImpl (org.springframework.security.acls.domain.ObjectIdentityImpl)1 PrincipalSid (org.springframework.security.acls.domain.PrincipalSid)1 MutableAcl (org.springframework.security.acls.model.MutableAcl)1 ObjectIdentity (org.springframework.security.acls.model.ObjectIdentity)1 Permission (org.springframework.security.acls.model.Permission)1 Sid (org.springframework.security.acls.model.Sid)1 CustomSid (org.springframework.security.acls.sid.CustomSid)1 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)1 Authentication (org.springframework.security.core.Authentication)1 Transactional (org.springframework.transaction.annotation.Transactional)1