Examples with GrantedAuthority org.springframework.security.core.GrantedAuthority used on opensource projects

Example 21 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.

the class SidTests method testGrantedAuthoritySidHashCode.

@Test
public void testGrantedAuthoritySidHashCode() throws Exception {
    GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
    Sid gaSid = new GrantedAuthoritySid(ga);
    assertThat(gaSid.hashCode()).isEqualTo("ROLE_TEST".hashCode());
    assertThat(gaSid.hashCode()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST").hashCode());
    assertThat(gaSid.hashCode()).isNotEqualTo(new GrantedAuthoritySid("ROLE_TEST_2").hashCode());
    assertThat(gaSid.hashCode()).isNotEqualTo(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST_2")).hashCode());
}

Example 22 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.

the class SidTests method testGrantedAuthoritySidConstructorsRequiredFields.

@Test
public void testGrantedAuthoritySidConstructorsRequiredFields() throws Exception {
    // Check one String-argument constructor
    try {
        String string = null;
        new GrantedAuthoritySid(string);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        new GrantedAuthoritySid("");
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        new GrantedAuthoritySid("ROLE_TEST");
    } catch (IllegalArgumentException notExpected) {
        fail("It shouldn't have thrown IllegalArgumentException");
    }
    // Check one GrantedAuthority-argument constructor
    try {
        GrantedAuthority ga = null;
        new GrantedAuthoritySid(ga);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        GrantedAuthority ga = new SimpleGrantedAuthority(null);
        new GrantedAuthoritySid(ga);
        fail("It should have thrown IllegalArgumentException");
    } catch (IllegalArgumentException expected) {
    }
    try {
        GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
        new GrantedAuthoritySid(ga);
    } catch (IllegalArgumentException notExpected) {
        fail("It shouldn't have thrown IllegalArgumentException");
    }
}

Example 23 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.

the class SidTests method testGrantedAuthoritySidEquals.

@Test
public void testGrantedAuthoritySidEquals() throws Exception {
    GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
    Sid gaSid = new GrantedAuthoritySid(ga);
    assertThat(gaSid.equals(null)).isFalse();
    assertThat(gaSid.equals("DIFFERENT_TYPE_OBJECT")).isFalse();
    assertThat(gaSid.equals(gaSid)).isTrue();
    assertThat(gaSid.equals(new GrantedAuthoritySid(ga))).isTrue();
    assertThat(gaSid.equals(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_TEST")))).isTrue();
    assertThat(gaSid.equals(new GrantedAuthoritySid(new SimpleGrantedAuthority("ROLE_NOT_EQUAL")))).isFalse();
    assertThat(gaSid.equals(new GrantedAuthoritySid("ROLE_TEST"))).isTrue();
    assertThat(gaSid.equals(new GrantedAuthoritySid("ROLE_NOT_EQUAL"))).isFalse();
}

Example 24 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.

the class SidRetrievalStrategyImpl method getSids.

// ~ Methods
// ========================================================================================================
public List<Sid> getSids(Authentication authentication) {
    Collection<? extends GrantedAuthority> authorities = roleHierarchy.getReachableGrantedAuthorities(authentication.getAuthorities());
    List<Sid> sids = new ArrayList<Sid>(authorities.size() + 1);
    sids.add(new PrincipalSid(authentication));
    for (GrantedAuthority authority : authorities) {
        sids.add(new GrantedAuthoritySid(authority));
    }
    return sids;
}

Example 25 with GrantedAuthority

use of org.springframework.security.core.GrantedAuthority in project spring-security by spring-projects.

the class AclAuthorizationStrategyImpl method securityCheck.

// ~ Methods
// ========================================================================================================
public void securityCheck(Acl acl, int changeType) {
    if ((SecurityContextHolder.getContext() == null) || (SecurityContextHolder.getContext().getAuthentication() == null) || !SecurityContextHolder.getContext().getAuthentication().isAuthenticated()) {
        throw new AccessDeniedException("Authenticated principal required to operate with ACLs");
    }
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    // Check if authorized by virtue of ACL ownership
    Sid currentUser = createCurrentUser(authentication);
    if (currentUser.equals(acl.getOwner()) && ((changeType == CHANGE_GENERAL) || (changeType == CHANGE_OWNERSHIP))) {
        return;
    }
    // Not authorized by ACL ownership; try via adminstrative permissions
    GrantedAuthority requiredAuthority;
    if (changeType == CHANGE_AUDITING) {
        requiredAuthority = this.gaModifyAuditing;
    } else if (changeType == CHANGE_GENERAL) {
        requiredAuthority = this.gaGeneralChanges;
    } else if (changeType == CHANGE_OWNERSHIP) {
        requiredAuthority = this.gaTakeOwnership;
    } else {
        throw new IllegalArgumentException("Unknown change type");
    }
    // Iterate this principal's authorities to determine right
    Set<String> authorities = AuthorityUtils.authorityListToSet(authentication.getAuthorities());
    if (authorities.contains(requiredAuthority.getAuthority())) {
        return;
    }
    // Try to get permission via ACEs within the ACL
    List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
    if (acl.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), sids, false)) {
        return;
    }
    throw new AccessDeniedException("Principal does not have required ACL permissions to perform requested operation");
}