Examples with AuthorizationDecision org.springframework.security.authorization.AuthorizationDecision used on opensource projects

Search in sources :

Example 31 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class Jsr250AuthorizationManagerTests method checkDeniedWhenClassAnnotationsThenMethodAnnotationsTakePrecedence.

@Test
public void checkDeniedWhenClassAnnotationsThenMethodAnnotationsTakePrecedence() throws Exception {
    Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new ClassLevelAnnotations(), ClassLevelAnnotations.class, "denyAll");
    Jsr250AuthorizationManager manager = new Jsr250AuthorizationManager();
    AuthorizationDecision decision = manager.check(authentication, methodInvocation);
    assertThat(decision.isGranted()).isFalse();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 32 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class Jsr250AuthorizationManagerTests method checkPermitAllWhenRoleUserThenGrantedDecision.

@Test
public void checkPermitAllWhenRoleUserThenGrantedDecision() throws Exception {
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "permitAll");
    Jsr250AuthorizationManager manager = new Jsr250AuthorizationManager();
    AuthorizationDecision decision = manager.check(TestAuthentication::authenticatedUser, methodInvocation);
    assertThat(decision).isNotNull();
    assertThat(decision.isGranted()).isTrue();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Test(org.junit.jupiter.api.Test)

Example 33 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class SecuredAuthorizationManagerTests method checkDoSomethingWhenNoSecuredAnnotationThenNullDecision.

@Test
public void checkDoSomethingWhenNoSecuredAnnotationThenNullDecision() throws Exception {
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "doSomething");
    SecuredAuthorizationManager manager = new SecuredAuthorizationManager();
    AuthorizationDecision decision = manager.check(TestAuthentication::authenticatedUser, methodInvocation);
    assertThat(decision).isNull();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Test(org.junit.jupiter.api.Test)

Example 34 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class SecuredAuthorizationManagerTests method checkRequiresAdminWhenClassAnnotationsThenMethodAnnotationsTakePrecedence.

@Test
public void checkRequiresAdminWhenClassAnnotationsThenMethodAnnotationsTakePrecedence() throws Exception {
    Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new ClassLevelAnnotations(), ClassLevelAnnotations.class, "securedAdmin");
    SecuredAuthorizationManager manager = new SecuredAuthorizationManager();
    AuthorizationDecision decision = manager.check(authentication, methodInvocation);
    assertThat(decision.isGranted()).isFalse();
    authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_ADMIN");
    decision = manager.check(authentication, methodInvocation);
    assertThat(decision.isGranted()).isTrue();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Authentication(org.springframework.security.core.Authentication) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.jupiter.api.Test)

Example 35 with AuthorizationDecision

use of org.springframework.security.authorization.AuthorizationDecision in project spring-security by spring-projects.

the class SecuredAuthorizationManagerTests method checkSecuredUserOrAdminWhenRoleUserThenGrantedDecision.

@Test
public void checkSecuredUserOrAdminWhenRoleUserThenGrantedDecision() throws Exception {
    MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "securedUserOrAdmin");
    SecuredAuthorizationManager manager = new SecuredAuthorizationManager();
    AuthorizationDecision decision = manager.check(TestAuthentication::authenticatedUser, methodInvocation);
    assertThat(decision).isNotNull();
    assertThat(decision.isGranted()).isTrue();
}
Also used : AuthorizationDecision(org.springframework.security.authorization.AuthorizationDecision) MockMethodInvocation(org.springframework.security.access.intercept.method.MockMethodInvocation) TestAuthentication(org.springframework.security.authentication.TestAuthentication) Test(org.junit.jupiter.api.Test)

Aggregations

AuthorizationDecision (org.springframework.security.authorization.AuthorizationDecision)39 Test (org.junit.jupiter.api.Test)36 MockMethodInvocation (org.springframework.security.access.intercept.method.MockMethodInvocation)27 TestAuthentication (org.springframework.security.authentication.TestAuthentication)27 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)13 Authentication (org.springframework.security.core.Authentication)13 PayloadExchangeMatcherEntry (org.springframework.security.rsocket.util.matcher.PayloadExchangeMatcherEntry)4 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 Supplier (java.util.function.Supplier)2 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 AccessDeniedException (org.springframework.security.access.AccessDeniedException)2 AuthorityAuthorizationManager (org.springframework.security.authorization.AuthorityAuthorizationManager)2 MvcRequestMatcher (org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher)2 AnyRequestMatcher (org.springframework.security.web.util.matcher.AnyRequestMatcher)2 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)1 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)1 BDDMockito.given (org.mockito.BDDMockito.given)1 Mock (org.mockito.Mock)1 MockitoExtension (org.mockito.junit.jupiter.MockitoExtension)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial