Joe Grandja
8 years ago
4 changed files with 241 additions and 232 deletions
@ -1,173 +0,0 @@
@@ -1,173 +0,0 @@
|
||||
/* |
||||
* Copyright 2002-2013 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0 |
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
package org.springframework.security.config.annotation.web |
||||
|
||||
import org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder |
||||
import org.springframework.security.config.annotation.BaseSpringSpec |
||||
import org.springframework.security.config.annotation.ObjectPostProcessor; |
||||
import org.springframework.security.config.annotation.SecurityConfigurer |
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter |
||||
import org.springframework.test.util.ReflectionTestUtils |
||||
|
||||
import spock.lang.Specification |
||||
|
||||
/** |
||||
* @author Rob Winch |
||||
* |
||||
*/ |
||||
class AbstractConfiguredSecurityBuilderTests extends BaseSpringSpec { |
||||
|
||||
ConcreteAbstractConfiguredBuilder builder |
||||
|
||||
def setup() { |
||||
builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor) |
||||
} |
||||
|
||||
def "Null ObjectPostProcessor rejected"() { |
||||
when: |
||||
new ConcreteAbstractConfiguredBuilder(null) |
||||
then: |
||||
thrown(IllegalArgumentException) |
||||
when: |
||||
builder.objectPostProcessor(null); |
||||
then: |
||||
thrown(IllegalArgumentException) |
||||
} |
||||
|
||||
def "apply null is rejected"() { |
||||
when: |
||||
builder.apply(null) |
||||
then: |
||||
thrown(IllegalArgumentException) |
||||
} |
||||
|
||||
def "Duplicate configurer is removed"() { |
||||
when: |
||||
builder.apply(new ConcreteConfigurer()) |
||||
builder.apply(new ConcreteConfigurer()) |
||||
then: |
||||
ReflectionTestUtils.getField(builder,"configurers").size() == 1 |
||||
} |
||||
|
||||
def "build twice fails"() { |
||||
setup: |
||||
builder.build() |
||||
when: |
||||
builder.build() |
||||
then: |
||||
thrown(IllegalStateException) |
||||
} |
||||
|
||||
def "getObject before build fails"() { |
||||
when: |
||||
builder.getObject() |
||||
then: |
||||
thrown(IllegalStateException) |
||||
} |
||||
|
||||
def "Configurer.init can apply another configurer"() { |
||||
setup: |
||||
DelegateConfigurer.CONF = Mock(SecurityConfigurerAdapter) |
||||
when: |
||||
builder.apply(new DelegateConfigurer()) |
||||
builder.build() |
||||
then: |
||||
1 * DelegateConfigurer.CONF.init(builder) |
||||
1 * DelegateConfigurer.CONF.configure(builder) |
||||
} |
||||
|
||||
def "getConfigurer with multi fails"() { |
||||
setup: |
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true) |
||||
builder.apply(new DelegateConfigurer()) |
||||
builder.apply(new DelegateConfigurer()) |
||||
when: |
||||
builder.getConfigurer(DelegateConfigurer) |
||||
then: "Fail due to trying to obtain a single DelegateConfigurer and multiple are provided" |
||||
thrown(IllegalStateException) |
||||
} |
||||
|
||||
def "removeConfigurer with multi fails"() { |
||||
setup: |
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true) |
||||
builder.apply(new DelegateConfigurer()) |
||||
builder.apply(new DelegateConfigurer()) |
||||
when: |
||||
builder.removeConfigurer(DelegateConfigurer) |
||||
then: "Fail due to trying to remove and obtain a single DelegateConfigurer and multiple are provided" |
||||
thrown(IllegalStateException) |
||||
} |
||||
|
||||
def "removeConfigurers with multi"() { |
||||
setup: |
||||
DelegateConfigurer c1 = new DelegateConfigurer() |
||||
DelegateConfigurer c2 = new DelegateConfigurer() |
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true) |
||||
builder.apply(c1) |
||||
builder.apply(c2) |
||||
when: |
||||
def result = builder.removeConfigurers(DelegateConfigurer) |
||||
then: |
||||
result.size() == 2 |
||||
result.contains(c1) |
||||
result.contains(c2) |
||||
builder.getConfigurers(DelegateConfigurer).empty |
||||
} |
||||
|
||||
def "getConfigurers with multi"() { |
||||
setup: |
||||
DelegateConfigurer c1 = new DelegateConfigurer() |
||||
DelegateConfigurer c2 = new DelegateConfigurer() |
||||
ConcreteAbstractConfiguredBuilder builder = new ConcreteAbstractConfiguredBuilder(objectPostProcessor, true) |
||||
builder.apply(c1) |
||||
builder.apply(c2) |
||||
when: |
||||
def result = builder.getConfigurers(DelegateConfigurer) |
||||
then: |
||||
result.size() == 2 |
||||
result.contains(c1) |
||||
result.contains(c2) |
||||
builder.getConfigurers(DelegateConfigurer).size() == 2 |
||||
} |
||||
|
||||
private static class DelegateConfigurer extends SecurityConfigurerAdapter<Object, ConcreteAbstractConfiguredBuilder> { |
||||
private static SecurityConfigurer<Object, ConcreteAbstractConfiguredBuilder> CONF; |
||||
|
||||
@Override |
||||
public void init(ConcreteAbstractConfiguredBuilder builder) |
||||
throws Exception { |
||||
builder.apply(CONF); |
||||
} |
||||
} |
||||
|
||||
private static class ConcreteConfigurer extends SecurityConfigurerAdapter<Object, ConcreteAbstractConfiguredBuilder> { } |
||||
|
||||
private class ConcreteAbstractConfiguredBuilder extends AbstractConfiguredSecurityBuilder<Object, ConcreteAbstractConfiguredBuilder> { |
||||
|
||||
public ConcreteAbstractConfiguredBuilder(ObjectPostProcessor<Object> objectPostProcessor) { |
||||
super(objectPostProcessor); |
||||
} |
||||
|
||||
public ConcreteAbstractConfiguredBuilder(ObjectPostProcessor<Object> objectPostProcessor, boolean allowMulti) { |
||||
super(objectPostProcessor,allowMulti); |
||||
} |
||||
|
||||
public Object performBuild() throws Exception { |
||||
return "success"; |
||||
} |
||||
} |
||||
|
||||
} |
||||
@ -1,59 +0,0 @@
@@ -1,59 +0,0 @@
|
||||
/* |
||||
* Copyright 2002-2013 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0 |
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
package org.springframework.security.config.annotation.web; |
||||
|
||||
import static org.springframework.security.config.annotation.web.AbstractRequestMatcherRegistry.RequestMatchers.* |
||||
|
||||
import org.springframework.http.HttpMethod; |
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; |
||||
import org.springframework.security.web.util.matcher.RegexRequestMatcher; |
||||
|
||||
import spock.lang.Specification; |
||||
|
||||
/** |
||||
* @author Rob Winch |
||||
* |
||||
*/ |
||||
class RequestMatchersTests extends Specification { |
||||
|
||||
def "regexMatchers(GET,'/a.*') uses RegexRequestMatcher"() { |
||||
when: |
||||
def matchers = regexMatchers(HttpMethod.GET, "/a.*") |
||||
then: 'matcher is a RegexRequestMatcher' |
||||
matchers.collect {it.class } == [RegexRequestMatcher] |
||||
} |
||||
|
||||
def "regexMatchers('/a.*') uses RegexRequestMatcher"() { |
||||
when: |
||||
def matchers = regexMatchers("/a.*") |
||||
then: 'matcher is a RegexRequestMatcher' |
||||
matchers.collect {it.class } == [RegexRequestMatcher] |
||||
} |
||||
|
||||
def "antMatchers(GET,'/a.*') uses AntPathRequestMatcher"() { |
||||
when: |
||||
def matchers = antMatchers(HttpMethod.GET, "/a.*") |
||||
then: 'matcher is a RegexRequestMatcher' |
||||
matchers.collect {it.class } == [AntPathRequestMatcher] |
||||
} |
||||
|
||||
def "antMatchers('/a.*') uses AntPathRequestMatcher"() { |
||||
when: |
||||
def matchers = antMatchers("/a.*") |
||||
then: 'matcher is a AntPathRequestMatcher' |
||||
matchers.collect {it.class } == [AntPathRequestMatcher] |
||||
} |
||||
} |
||||
@ -0,0 +1,150 @@
@@ -0,0 +1,150 @@
|
||||
/* |
||||
* Copyright 2002-2018 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
package org.springframework.security.config.annotation.web; |
||||
|
||||
import org.junit.Before; |
||||
import org.junit.Test; |
||||
import org.springframework.security.config.annotation.AbstractConfiguredSecurityBuilder; |
||||
import org.springframework.security.config.annotation.ObjectPostProcessor; |
||||
import org.springframework.security.config.annotation.SecurityConfigurer; |
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter; |
||||
import org.springframework.test.util.ReflectionTestUtils; |
||||
|
||||
import java.util.List; |
||||
import java.util.Map; |
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat; |
||||
import static org.mockito.Mockito.mock; |
||||
import static org.mockito.Mockito.verify; |
||||
|
||||
/** |
||||
* Tests for {@link AbstractConfiguredSecurityBuilder}. |
||||
* |
||||
* @author Joe Grandja |
||||
*/ |
||||
public class AbstractConfiguredSecurityBuilderTests { |
||||
private TestConfiguredSecurityBuilder builder; |
||||
|
||||
@Before |
||||
public void setUp() { |
||||
this.builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class)); |
||||
} |
||||
|
||||
@Test(expected = IllegalArgumentException.class) |
||||
public void constructorWhenObjectPostProcessorIsNullThenThrowIllegalArgumentException() { |
||||
new TestConfiguredSecurityBuilder(null); |
||||
} |
||||
|
||||
@Test(expected = IllegalArgumentException.class) |
||||
public void objectPostProcessorWhenNullThenThrowIllegalArgumentException() { |
||||
this.builder.objectPostProcessor(null); |
||||
} |
||||
|
||||
@Test |
||||
public void applyWhenDuplicateConfigurerAddedThenDuplicateConfigurerRemoved() throws Exception { |
||||
this.builder.apply(new TestSecurityConfigurer()); |
||||
this.builder.apply(new TestSecurityConfigurer()); |
||||
assertThat((Map) ReflectionTestUtils.getField(this.builder, "configurers")).hasSize(1); |
||||
} |
||||
|
||||
@Test(expected = IllegalStateException.class) |
||||
public void buildWhenBuildTwiceThenThrowIllegalStateException() throws Exception { |
||||
this.builder.build(); |
||||
this.builder.build(); |
||||
} |
||||
|
||||
@Test(expected = IllegalStateException.class) |
||||
public void getObjectWhenNotBuiltThenThrowIllegalStateException() throws Exception { |
||||
this.builder.getObject(); |
||||
} |
||||
|
||||
@Test |
||||
public void buildWhenConfigurerAppliesAnotherConfigurerThenObjectStillBuilds() throws Exception { |
||||
DelegateSecurityConfigurer.CONFIGURER = mock(SecurityConfigurer.class); |
||||
this.builder.apply(new DelegateSecurityConfigurer()); |
||||
this.builder.build(); |
||||
verify(DelegateSecurityConfigurer.CONFIGURER).init(this.builder); |
||||
verify(DelegateSecurityConfigurer.CONFIGURER).configure(this.builder); |
||||
} |
||||
|
||||
@Test(expected = IllegalStateException.class) |
||||
public void getConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception { |
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); |
||||
builder.apply(new DelegateSecurityConfigurer()); |
||||
builder.apply(new DelegateSecurityConfigurer()); |
||||
builder.getConfigurer(DelegateSecurityConfigurer.class); |
||||
} |
||||
|
||||
@Test(expected = IllegalStateException.class) |
||||
public void removeConfigurerWhenMultipleConfigurersThenThrowIllegalStateException() throws Exception { |
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); |
||||
builder.apply(new DelegateSecurityConfigurer()); |
||||
builder.apply(new DelegateSecurityConfigurer()); |
||||
builder.removeConfigurer(DelegateSecurityConfigurer.class); |
||||
} |
||||
|
||||
@Test |
||||
public void removeConfigurersWhenMultipleConfigurersThenConfigurersRemoved() throws Exception { |
||||
DelegateSecurityConfigurer configurer1 = new DelegateSecurityConfigurer(); |
||||
DelegateSecurityConfigurer configurer2 = new DelegateSecurityConfigurer(); |
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); |
||||
builder.apply(configurer1); |
||||
builder.apply(configurer2); |
||||
List<DelegateSecurityConfigurer> removedConfigurers = builder.removeConfigurers(DelegateSecurityConfigurer.class); |
||||
assertThat(removedConfigurers).hasSize(2); |
||||
assertThat(removedConfigurers).containsExactly(configurer1, configurer2); |
||||
assertThat(builder.getConfigurers(DelegateSecurityConfigurer.class)).isEmpty(); |
||||
} |
||||
|
||||
@Test |
||||
public void getConfigurersWhenMultipleConfigurersThenConfigurersReturned() throws Exception { |
||||
DelegateSecurityConfigurer configurer1 = new DelegateSecurityConfigurer(); |
||||
DelegateSecurityConfigurer configurer2 = new DelegateSecurityConfigurer(); |
||||
TestConfiguredSecurityBuilder builder = new TestConfiguredSecurityBuilder(mock(ObjectPostProcessor.class), true); |
||||
builder.apply(configurer1); |
||||
builder.apply(configurer2); |
||||
List<DelegateSecurityConfigurer> configurers = builder.getConfigurers(DelegateSecurityConfigurer.class); |
||||
assertThat(configurers).hasSize(2); |
||||
assertThat(configurers).containsExactly(configurer1, configurer2); |
||||
assertThat(builder.getConfigurers(DelegateSecurityConfigurer.class)).hasSize(2); |
||||
} |
||||
|
||||
private static class DelegateSecurityConfigurer extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> { |
||||
private static SecurityConfigurer<Object, TestConfiguredSecurityBuilder> CONFIGURER; |
||||
|
||||
@Override |
||||
public void init(TestConfiguredSecurityBuilder builder) throws Exception { |
||||
builder.apply(CONFIGURER); |
||||
} |
||||
} |
||||
|
||||
private static class TestSecurityConfigurer extends SecurityConfigurerAdapter<Object, TestConfiguredSecurityBuilder> { } |
||||
|
||||
private static class TestConfiguredSecurityBuilder extends AbstractConfiguredSecurityBuilder<Object, TestConfiguredSecurityBuilder> { |
||||
|
||||
private TestConfiguredSecurityBuilder(ObjectPostProcessor<Object> objectPostProcessor) { |
||||
super(objectPostProcessor); |
||||
} |
||||
|
||||
private TestConfiguredSecurityBuilder(ObjectPostProcessor<Object> objectPostProcessor, boolean allowConfigurersOfSameType) { |
||||
super(objectPostProcessor, allowConfigurersOfSameType); |
||||
} |
||||
|
||||
public Object performBuild() throws Exception { |
||||
return "success"; |
||||
} |
||||
} |
||||
} |
||||
@ -0,0 +1,91 @@
@@ -0,0 +1,91 @@
|
||||
/* |
||||
* Copyright 2002-2018 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
package org.springframework.security.config.annotation.web; |
||||
|
||||
import org.junit.Before; |
||||
import org.junit.Test; |
||||
import org.springframework.http.HttpMethod; |
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; |
||||
import org.springframework.security.web.util.matcher.RegexRequestMatcher; |
||||
import org.springframework.security.web.util.matcher.RequestMatcher; |
||||
|
||||
import java.util.List; |
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat; |
||||
|
||||
/** |
||||
* Tests for {@link AbstractRequestMatcherRegistry}. |
||||
* |
||||
* @author Joe Grandja |
||||
*/ |
||||
public class AbstractRequestMatcherRegistryTests { |
||||
private TestRequestMatcherRegistry matcherRegistry; |
||||
|
||||
@Before |
||||
public void setUp() { |
||||
this.matcherRegistry = new TestRequestMatcherRegistry(); |
||||
} |
||||
|
||||
@Test |
||||
public void regexMatchersWhenHttpMethodAndPatternParamsThenReturnRegexRequestMatcherType() { |
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.regexMatchers(HttpMethod.GET, "/a.*"); |
||||
assertThat(requestMatchers).isNotEmpty(); |
||||
assertThat(requestMatchers.size()).isEqualTo(1); |
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(RegexRequestMatcher.class); |
||||
} |
||||
|
||||
@Test |
||||
public void regexMatchersWhenPatternParamThenReturnRegexRequestMatcherType() { |
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.regexMatchers("/a.*"); |
||||
assertThat(requestMatchers).isNotEmpty(); |
||||
assertThat(requestMatchers.size()).isEqualTo(1); |
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(RegexRequestMatcher.class); |
||||
} |
||||
|
||||
@Test |
||||
public void antMatchersWhenHttpMethodAndPatternParamsThenReturnAntPathRequestMatcherType() { |
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.antMatchers(HttpMethod.GET, "/a.*"); |
||||
assertThat(requestMatchers).isNotEmpty(); |
||||
assertThat(requestMatchers.size()).isEqualTo(1); |
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(AntPathRequestMatcher.class); |
||||
} |
||||
|
||||
@Test |
||||
public void antMatchersWhenPatternParamThenReturnAntPathRequestMatcherType() { |
||||
List<RequestMatcher> requestMatchers = this.matcherRegistry.antMatchers("/a.*"); |
||||
assertThat(requestMatchers).isNotEmpty(); |
||||
assertThat(requestMatchers.size()).isEqualTo(1); |
||||
assertThat(requestMatchers.get(0)).isExactlyInstanceOf(AntPathRequestMatcher.class); |
||||
} |
||||
|
||||
private static class TestRequestMatcherRegistry extends AbstractRequestMatcherRegistry<List<RequestMatcher>> { |
||||
|
||||
@Override |
||||
public List<RequestMatcher> mvcMatchers(String... mvcPatterns) { |
||||
return null; |
||||
} |
||||
|
||||
@Override |
||||
public List<RequestMatcher> mvcMatchers(HttpMethod method, String... mvcPatterns) { |
||||
return null; |
||||
} |
||||
|
||||
@Override |
||||
protected List<RequestMatcher> chainRequestMatchers(List<RequestMatcher> requestMatchers) { |
||||
return requestMatchers; |
||||
} |
||||
} |
||||
} |
||||
Loading…
Reference in new issue