GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '6.1.x' 

Closes gh-13489
pull/13553/head
Josh Cummings 3 years ago
parent
8d0e426654 0579be0d25
commit
b62dd851a2
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
2 changed files with 20 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 16
      core/src/main/java/org/springframework/security/authorization/AuthorizationManagers.java
  2. 9
      core/src/test/java/org/springframework/security/authorization/AuthorizationManagersTests.java

16
core/src/main/java/org/springframework/security/authorization/AuthorizationManagers.java
Unescape View File

@ -41,11 +41,17 @@ public final class AuthorizationManagers { @@ -41,11 +41,17 @@ public final class AuthorizationManagers {
List<AuthorizationDecision> decisions = new ArrayList<>();
for (AuthorizationManager<T> manager : managers) {
AuthorizationDecision decision = manager.check(authentication, object);
if (decision == null || decision.isGranted()) {
if (decision == null) {
continue;
}
if (decision.isGranted()) {
return decision;
}
decisions.add(decision);
}
if (decisions.isEmpty()) {
return new AuthorizationDecision(false);
}
return new CompositeAuthorizationDecision(false, decisions);
};
}
@ -64,11 +70,17 @@ public final class AuthorizationManagers { @@ -64,11 +70,17 @@ public final class AuthorizationManagers {
List<AuthorizationDecision> decisions = new ArrayList<>();
for (AuthorizationManager<T> manager : managers) {
AuthorizationDecision decision = manager.check(authentication, object);
if (decision != null && !decision.isGranted()) {
if (decision == null) {
continue;
}
if (!decision.isGranted()) {
return decision;
}
decisions.add(decision);
}
if (decisions.isEmpty()) {
return new AuthorizationDecision(true);
}
return new CompositeAuthorizationDecision(true, decisions);
};
}

9
core/src/test/java/org/springframework/security/authorization/AuthorizationManagersTests.java
Unescape View File

@ -36,12 +36,14 @@ class AuthorizationManagersTests { @@ -36,12 +36,14 @@ class AuthorizationManagersTests {
assertThat(decision.isGranted()).isTrue();
}
// gh-13069
@Test
void checkAnyOfWhenOneAbstainedThenAbstainedDecision() {
void checkAnyOfWhenAllNonAbstainingDeniesThenDeniedDecision() {
AuthorizationManager<?> composed = AuthorizationManagers.anyOf((a, o) -> new AuthorizationDecision(false),
(a, o) -> null);
AuthorizationDecision decision = composed.check(null, null);
assertThat(decision).isNull();
assertThat(decision).isNotNull();
assertThat(decision.isGranted()).isFalse();
}
@Test
@ -61,8 +63,9 @@ class AuthorizationManagersTests { @@ -61,8 +63,9 @@ class AuthorizationManagersTests {
assertThat(decision.isGranted()).isTrue();
}
// gh-13069
@Test
void checkAllOfWhenOneAbstainedThenGrantedDecision() {
void checkAllOfWhenAllNonAbstainingGrantsThenGrantedDecision() {
AuthorizationManager<?> composed = AuthorizationManagers.allOf((a, o) -> new AuthorizationDecision(true),
(a, o) -> null);
AuthorizationDecision decision = composed.check(null, null);

Write Preview
Loading…
Cancel
Save