From 03bcc6776a88edb57fd9b4bb34f9c63f6c6aebee Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Thu, 30 May 2024 16:30:54 -0600 Subject: [PATCH] Correct Authorization Tests Issue gh-9289 --- .../Jsr250AuthorizationManagerTests.java | 12 +--------- ...ostAuthorizeAuthorizationManagerTests.java | 23 ++++++++---------- ...rizeReactiveAuthorizationManagerTests.java | 24 ++++++++----------- ...erAuthorizationMethodInterceptorTests.java | 21 ++++++++-------- ...izationReactiveMethodInterceptorTests.java | 21 ++++++++-------- ...PreAuthorizeAuthorizationManagerTests.java | 22 ++++++++--------- ...rizeReactiveAuthorizationManagerTests.java | 23 ++++++++---------- ...erAuthorizationMethodInterceptorTests.java | 21 ++++++++-------- ...izationReactiveMethodInterceptorTests.java | 21 ++++++++-------- 9 files changed, 81 insertions(+), 107 deletions(-) diff --git a/core/src/test/java/org/springframework/security/authorization/method/Jsr250AuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/method/Jsr250AuthorizationManagerTests.java index 5918746923..54eb918c98 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/Jsr250AuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/Jsr250AuthorizationManagerTests.java @@ -206,7 +206,7 @@ public class Jsr250AuthorizationManagerTests { } @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { + public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER"); MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, "inheritedAnnotations"); @@ -215,16 +215,6 @@ public class Jsr250AuthorizationManagerTests { .isThrownBy(() -> manager.check(authentication, methodInvocation)); } - @Test - public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { - Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER"); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new ClassLevelAnnotations(), - ClassLevelAnnotations.class, "inheritedAnnotations"); - Jsr250AuthorizationManager manager = new Jsr250AuthorizationManager(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> manager.check(authentication, methodInvocation)); - } - @Test public void checkRequiresUserWhenMethodsFromInheritThenApplies() throws Exception { MockMethodInvocation methodInvocation = new MockMethodInvocation(new RolesAllowedClass(), diff --git a/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManagerTests.java index 6260f862cb..952338b184 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManagerTests.java @@ -145,22 +145,11 @@ public class PostAuthorizeAuthorizationManagerTests { assertThat(decision.isGranted()).isFalse(); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER"); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - MethodInvocationResult result = new MethodInvocationResult(methodInvocation, null); - PostAuthorizeAuthorizationManager manager = new PostAuthorizeAuthorizationManager(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> manager.check(authentication, result)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER"); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); MethodInvocationResult result = new MethodInvocationResult(methodInvocation, null); PostAuthorizeAuthorizationManager manager = new PostAuthorizeAuthorizationManager(); assertThatExceptionOfType(AnnotationConfigurationException.class) @@ -233,6 +222,14 @@ public class PostAuthorizeAuthorizationManagerTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PostAuthorize("hasRole('ADMIN')") diff --git a/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManagerTests.java index 9946565334..482712cb9b 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PostAuthorizeReactiveAuthorizationManagerTests.java @@ -149,24 +149,12 @@ public class PostAuthorizeReactiveAuthorizationManagerTests { assertThat(decision.isGranted()).isFalse(); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - Mono authentication = Mono - .just(new TestingAuthenticationToken("user", "password", "ROLE_USER")); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - MethodInvocationResult result = new MethodInvocationResult(methodInvocation, null); - PostAuthorizeReactiveAuthorizationManager manager = new PostAuthorizeReactiveAuthorizationManager(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> manager.check(authentication, result)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { Mono authentication = Mono .just(new TestingAuthenticationToken("user", "password", "ROLE_USER")); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); MethodInvocationResult result = new MethodInvocationResult(methodInvocation, null); PostAuthorizeReactiveAuthorizationManager manager = new PostAuthorizeReactiveAuthorizationManager(); assertThatExceptionOfType(AnnotationConfigurationException.class) @@ -216,6 +204,14 @@ public class PostAuthorizeReactiveAuthorizationManagerTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PostAuthorize("hasRole('ADMIN')") diff --git a/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationMethodInterceptorTests.java b/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationMethodInterceptorTests.java index d68b9ce5d4..341b7bc720 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationMethodInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationMethodInterceptorTests.java @@ -109,19 +109,10 @@ public class PostFilterAuthorizationMethodInterceptorTests { assertThat(result).asInstanceOf(InstanceOfAssertFactories.array(String[].class)).containsOnly("john"); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - PostFilterAuthorizationMethodInterceptor advice = new PostFilterAuthorizationMethodInterceptor(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> advice.invoke(methodInvocation)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); PostFilterAuthorizationMethodInterceptor advice = new PostFilterAuthorizationMethodInterceptor(); assertThatExceptionOfType(AnnotationConfigurationException.class) .isThrownBy(() -> advice.invoke(methodInvocation)); @@ -230,6 +221,14 @@ public class PostFilterAuthorizationMethodInterceptorTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PostFilter("filterObject == 'jim'") diff --git a/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptorTests.java b/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptorTests.java index 750cc4b14d..0aefbc2383 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PostFilterAuthorizationReactiveMethodInterceptorTests.java @@ -105,19 +105,10 @@ public class PostFilterAuthorizationReactiveMethodInterceptorTests { .containsOnly("john"); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - PostFilterAuthorizationReactiveMethodInterceptor interceptor = new PostFilterAuthorizationReactiveMethodInterceptor(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> interceptor.invoke(methodInvocation)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); PostFilterAuthorizationReactiveMethodInterceptor interceptor = new PostFilterAuthorizationReactiveMethodInterceptor(); assertThatExceptionOfType(AnnotationConfigurationException.class) .isThrownBy(() -> interceptor.invoke(methodInvocation)); @@ -155,6 +146,14 @@ public class PostFilterAuthorizationReactiveMethodInterceptorTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PostFilter("filterObject == 'jim'") diff --git a/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManagerTests.java index aa27ca0577..13ae1457f9 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManagerTests.java @@ -114,21 +114,11 @@ public class PreAuthorizeAuthorizationManagerTests { assertThat(decision.isGranted()).isFalse(); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER"); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - PreAuthorizeAuthorizationManager manager = new PreAuthorizeAuthorizationManager(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> manager.check(authentication, methodInvocation)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER"); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); PreAuthorizeAuthorizationManager manager = new PreAuthorizeAuthorizationManager(); assertThatExceptionOfType(AnnotationConfigurationException.class) .isThrownBy(() -> manager.check(authentication, methodInvocation)); @@ -207,6 +197,14 @@ public class PreAuthorizeAuthorizationManagerTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PreAuthorize("hasRole('ADMIN')") diff --git a/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManagerTests.java index 58c841f894..8319d57ed8 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PreAuthorizeReactiveAuthorizationManagerTests.java @@ -123,23 +123,12 @@ public class PreAuthorizeReactiveAuthorizationManagerTests { assertThat(decision.isGranted()).isFalse(); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - Mono authentication = Mono - .just(new TestingAuthenticationToken("user", "password", "ROLE_USER")); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - PreAuthorizeReactiveAuthorizationManager manager = new PreAuthorizeReactiveAuthorizationManager(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> manager.check(authentication, methodInvocation)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { Mono authentication = Mono .just(new TestingAuthenticationToken("user", "password", "ROLE_USER")); - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); PreAuthorizeReactiveAuthorizationManager manager = new PreAuthorizeReactiveAuthorizationManager(); assertThatExceptionOfType(AnnotationConfigurationException.class) .isThrownBy(() -> manager.check(authentication, methodInvocation)); @@ -183,6 +172,14 @@ public class PreAuthorizeReactiveAuthorizationManagerTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PreAuthorize("hasRole('ADMIN')") diff --git a/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationMethodInterceptorTests.java b/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationMethodInterceptorTests.java index 3cf5cc033e..c86d0a0675 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationMethodInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationMethodInterceptorTests.java @@ -169,19 +169,10 @@ public class PreFilterAuthorizationMethodInterceptorTests { .withMessage("Unable to determine the method argument for filtering. Specify the filter target."); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - PreFilterAuthorizationMethodInterceptor advice = new PreFilterAuthorizationMethodInterceptor(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> advice.invoke(methodInvocation)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); PreFilterAuthorizationMethodInterceptor advice = new PreFilterAuthorizationMethodInterceptor(); assertThatExceptionOfType(AnnotationConfigurationException.class) .isThrownBy(() -> advice.invoke(methodInvocation)); @@ -297,6 +288,14 @@ public class PreFilterAuthorizationMethodInterceptorTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PreFilter("filterObject == 'jim'") diff --git a/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptorTests.java b/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptorTests.java index 7273be6f66..2c7e2b6578 100644 --- a/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/authorization/method/PreFilterAuthorizationReactiveMethodInterceptorTests.java @@ -140,19 +140,10 @@ public class PreFilterAuthorizationReactiveMethodInterceptorTests { .containsOnly("john"); } - @Test - public void checkInheritedAnnotationsWhenDuplicatedThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); - PreFilterAuthorizationReactiveMethodInterceptor interceptor = new PreFilterAuthorizationReactiveMethodInterceptor(); - assertThatExceptionOfType(AnnotationConfigurationException.class) - .isThrownBy(() -> interceptor.invoke(methodInvocation)); - } - @Test public void checkInheritedAnnotationsWhenConflictingThenAnnotationConfigurationException() throws Exception { - MockMethodInvocation methodInvocation = new MockMethodInvocation(new TestClass(), TestClass.class, - "inheritedAnnotations"); + MockMethodInvocation methodInvocation = new MockMethodInvocation(new ConflictingAnnotations(), + ConflictingAnnotations.class, "inheritedAnnotations"); PreFilterAuthorizationReactiveMethodInterceptor interceptor = new PreFilterAuthorizationReactiveMethodInterceptor(); assertThatExceptionOfType(AnnotationConfigurationException.class) .isThrownBy(() -> interceptor.invoke(methodInvocation)); @@ -200,6 +191,14 @@ public class PreFilterAuthorizationReactiveMethodInterceptorTests { } + public static class ConflictingAnnotations implements InterfaceAnnotationsOne, InterfaceAnnotationsTwo { + + @Override + public void inheritedAnnotations() { + } + + } + public interface InterfaceAnnotationsOne { @PreFilter("filterObject == 'jim'")