|
|
|
|
@ -1,5 +1,5 @@
@@ -1,5 +1,5 @@
|
|
|
|
|
/* |
|
|
|
|
* Copyright 2002-2018 the original author or authors. |
|
|
|
|
* Copyright 2002-2020 the original author or authors. |
|
|
|
|
* |
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License"); |
|
|
|
|
* you may not use this file except in compliance with the License. |
|
|
|
|
@ -32,6 +32,8 @@ import org.springframework.mock.web.MockHttpServletResponse;
@@ -32,6 +32,8 @@ import org.springframework.mock.web.MockHttpServletResponse;
|
|
|
|
|
import org.springframework.security.access.PermissionEvaluator; |
|
|
|
|
import org.springframework.security.access.expression.AbstractSecurityExpressionHandler; |
|
|
|
|
import org.springframework.security.access.expression.SecurityExpressionHandler; |
|
|
|
|
import org.springframework.security.access.hierarchicalroles.RoleHierarchy; |
|
|
|
|
import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl; |
|
|
|
|
import org.springframework.security.authentication.TestingAuthenticationToken; |
|
|
|
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; |
|
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
|
|
|
|
@ -68,6 +70,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
@@ -68,6 +70,7 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
|
|
|
|
|
* |
|
|
|
|
* @author Rob Winch |
|
|
|
|
* @author Joe Grandja |
|
|
|
|
* @author Evgeniy Cheban |
|
|
|
|
*/ |
|
|
|
|
public class WebSecurityConfigurationTests { |
|
|
|
|
@Rule |
|
|
|
|
@ -270,6 +273,31 @@ public class WebSecurityConfigurationTests {
@@ -270,6 +273,31 @@ public class WebSecurityConfigurationTests {
|
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@Test |
|
|
|
|
public void securityExpressionHandlerWhenRoleHierarchyBeanThenRoleHierarchyUsed() { |
|
|
|
|
this.spring.register(WebSecurityExpressionHandlerRoleHierarchyBeanConfig.class).autowire(); |
|
|
|
|
TestingAuthenticationToken authentication = new TestingAuthenticationToken("user", "notused", "ROLE_ADMIN"); |
|
|
|
|
FilterInvocation invocation = new FilterInvocation(new MockHttpServletRequest("GET", ""), |
|
|
|
|
new MockHttpServletResponse(), new MockFilterChain()); |
|
|
|
|
|
|
|
|
|
AbstractSecurityExpressionHandler handler = this.spring.getContext().getBean(AbstractSecurityExpressionHandler.class); |
|
|
|
|
EvaluationContext evaluationContext = handler.createEvaluationContext(authentication, invocation); |
|
|
|
|
Expression expression = handler.getExpressionParser() |
|
|
|
|
.parseExpression("hasRole('ROLE_USER')"); |
|
|
|
|
boolean granted = expression.getValue(evaluationContext, Boolean.class); |
|
|
|
|
assertThat(granted).isTrue(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@EnableWebSecurity |
|
|
|
|
static class WebSecurityExpressionHandlerRoleHierarchyBeanConfig extends WebSecurityConfigurerAdapter { |
|
|
|
|
@Bean |
|
|
|
|
RoleHierarchy roleHierarchy() { |
|
|
|
|
RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); |
|
|
|
|
roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER"); |
|
|
|
|
return roleHierarchy; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@Test |
|
|
|
|
public void securityExpressionHandlerWhenPermissionEvaluatorBeanThenPermissionEvaluatorUsed() throws Exception { |
|
|
|
|
this.spring.register(WebSecurityExpressionHandlerPermissionEvaluatorBeanConfig.class).autowire(); |
|
|
|
|
|
Evgeniy Cheban
6 years ago
committed by
Eleftheria Stein