GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

add hasAnyRole method in AuthorizePayloadsSpec.Access

pull/7453/head
Manuel Tejeda 6 years ago
parent
7576dc44d7
commit
9926ad68b8
2 changed files with 24 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
  2. 19
      config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java

5
config/src/main/java/org/springframework/security/config/annotation/rsocket/RSocketSecurity.java
Unescape View File

@ -104,6 +104,7 @@ import java.util.List; @@ -104,6 +104,7 @@ import java.util.List;
* }
* </pre>
* @author Rob Winch
* @author Manuel Tejeda
* @since 5.2
*/
public class RSocketSecurity {
@ -315,6 +316,10 @@ public class RSocketSecurity { @@ -315,6 +316,10 @@ public class RSocketSecurity {
return access(AuthorityReactiveAuthorizationManager.hasRole(role));
}
public AuthorizePayloadsSpec hasAnyRole(String... roles) {
return access(AuthorityReactiveAuthorizationManager.hasAnyRole(roles));
}
public AuthorizePayloadsSpec permitAll() {
return access((a, ctx) -> Mono
.just(new AuthorizationDecision(true)));

19
config/src/test/java/org/springframework/security/config/annotation/rsocket/RSocketMessageHandlerConnectionITests.java
Unescape View File

@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode; @@ -51,6 +51,7 @@ import static org.assertj.core.api.Assertions.assertThatCode;
/**
* @author Rob Winch
* @author Manuel Tejeda
*/
@ContextConfiguration
@RunWith(SpringRunner.class)
@ -167,6 +168,23 @@ public class RSocketMessageHandlerConnectionITests { @@ -167,6 +168,23 @@ public class RSocketMessageHandlerConnectionITests {
// .isInstanceOf(RejectedSetupException.class);
}
@Test
public void connectWithAnyRole() {
UsernamePasswordMetadata credentials =
new UsernamePasswordMetadata("user", "password");
this.requester = requester()
.setupMetadata(credentials, UsernamePasswordMetadata.BASIC_AUTHENTICATION_MIME_TYPE)
.connectTcp(this.server.address().getHostName(), this.server.address().getPort())
.block();
String hiRob = this.requester.route("anyroute")
.data("rob")
.retrieveMono(String.class)
.block();
assertThat(hiRob).isEqualTo("Hi rob");
}
private RSocketRequester.Builder requester() {
return RSocketRequester.builder()
.rsocketStrategies(this.handler.getRSocketStrategies());
@ -225,6 +243,7 @@ public class RSocketMessageHandlerConnectionITests { @@ -225,6 +243,7 @@ public class RSocketMessageHandlerConnectionITests {
.setup().hasRole("SETUP")
.route("secure.admin.*").hasRole("ADMIN")
.route("secure.**").hasRole("USER")
.route("anyroute").hasAnyRole("USER")
.anyRequest().permitAll()
)
.basicAuthentication(Customizer.withDefaults());

Write Preview
Loading…
Cancel
Save