GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add hasAnyAuthority method in AuthorizePayloadsSpec.Access 

See Fixes gh-7437

Co-authored-by: Eddú Meléndez <eddu.melendez@gmail.com>
pull/7455/head
Ebert Toribio 6 years ago
parent
3425db6d16
commit
3a66191756
2 changed files with 30 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
  2. 26
      config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java

5
config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
Unescape View File

@ -104,6 +104,7 @@ import java.util.List; @@ -104,6 +104,7 @@ import java.util.List;
* }
* </pre>
* @author Rob Winch
* @author Ebert Toribio
* @since 5.2
*/
public class RSocketSecurity {
@ -320,6 +321,10 @@ public class RSocketSecurity { @@ -320,6 +321,10 @@ public class RSocketSecurity {
.just(new AuthorizationDecision(true)));
}
public AuthorizePayloadsSpec hasAnyAuthority(String... authorities) {
return access(AuthorityReactiveAuthorizationManager.hasAnyAuthority(authorities));
}
public AuthorizePayloadsSpec access(
ReactiveAuthorizationManager<PayloadExchangeAuthorizationContext> authorization) {
AuthorizePayloadsSpec.this.authzBuilder.add(new PayloadExchangeMatcherEntry<>(this.matcher, authorization));

26
config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
Unescape View File

@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode; @@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode;
/**
* @author Rob Winch
* @author Ebert Toribio
*/
@ContextConfiguration
@RunWith(SpringRunner.class)
@ -167,6 +168,23 @@ public class RSocketMessageHandlerConnectionITests { @@ -167,6 +168,23 @@ public class RSocketMessageHandlerConnectionITests {
// .isInstanceOf(RejectedSetupException.class);
}
@Test
public void connectWithAnyAuthority() {
UsernamePasswordMetadata credentials =
new UsernamePasswordMetadata("ebert", "ebert");
this.requester = requester()
.setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
.connectTcp(this.server.address().getHostName(), this.server.address().getPort())
.block();
String hiEbert = this.requester.route("management.users")
.data("ebert")
.retrieveMono(String.class)
.block();
assertThat(hiEbert).isEqualTo("Hi ebert");
}
private RSocketRequester.Builder requester() {
return RSocketRequester.builder()
.rsocketStrategies(this.handler.getRSocketStrategies());
@ -208,13 +226,18 @@ public class RSocketMessageHandlerConnectionITests { @@ -208,13 +226,18 @@ public class RSocketMessageHandlerConnectionITests {
.password("password")
.roles("USER", "SETUP")
.build();
UserDetails manager = User.withDefaultPasswordEncoder()
.username("ebert")
.password("ebert")
.roles("SETUP", "MANAGER")
.build();
UserDetails evil = User.withDefaultPasswordEncoder()
.username("evil")
.password("password")
.roles("EVIL")
.build();
return new MapReactiveUserDetailsService(admin, user, evil);
return new MapReactiveUserDetailsService(admin, user, manager, evil);
}
@Bean
@ -225,6 +248,7 @@ public class RSocketMessageHandlerConnectionITests { @@ -225,6 +248,7 @@ public class RSocketMessageHandlerConnectionITests {
.setup().hasRole("SETUP")
.route("secure.admin.*").hasRole("ADMIN")
.route("secure.**").hasRole("USER")
.route("management.*").hasAnyAuthority("ROLE_MANAGER")
.anyRequest().permitAll()
)
.basicAuthentication(Customizer.withDefaults());

Write Preview
Loading…
Cancel
Save