GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch '6.4.x' into 6.5.x

pull/17910/head
Josh Cummings 3 months ago
parent
ad86ae0a79 e5694ac7b5
commit
d0f93fa6d8
No known key found for this signature in database
GPG Key ID: 869B37A20E876129
2 changed files with 33 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      core/src/main/java/org/springframework/security/core/annotation/UniqueSecurityAnnotationScanner.java
  2. 32
      core/src/test/java/org/springframework/security/core/annotation/UniqueSecurityAnnotationScannerTests.java

2
core/src/main/java/org/springframework/security/core/annotation/UniqueSecurityAnnotationScanner.java
Unescape View File

@ -305,7 +305,7 @@ final class UniqueSecurityAnnotationScanner<A extends Annotation> extends Abstra @@ -305,7 +305,7 @@ final class UniqueSecurityAnnotationScanner<A extends Annotation> extends Abstra
}
for (int i = 0; i < rootParameterTypes.length; i++) {
Class<?> resolvedParameterType = ResolvableType.forMethodParameter(candidateMethod, i, sourceDeclaringClass)
.resolve();
.toClass();
if (rootParameterTypes[i] != resolvedParameterType) {
return false;
}

32
core/src/test/java/org/springframework/security/core/annotation/UniqueSecurityAnnotationScannerTests.java
Unescape View File

@ -28,6 +28,7 @@ import org.junit.jupiter.api.Test; @@ -28,6 +28,7 @@ import org.junit.jupiter.api.Test;
import org.springframework.core.annotation.AnnotationConfigurationException;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.util.ClassUtils;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
@ -326,6 +327,14 @@ public class UniqueSecurityAnnotationScannerTests { @@ -326,6 +327,14 @@ public class UniqueSecurityAnnotationScannerTests {
.isThrownBy(() -> this.parameterScanner.scan(parameter));
}
// gh-17898
@Test
void scanWhenAnnotationOnParameterizedUndeclaredMethodAndThenLocates() throws Exception {
Method method = ClassUtils.getMethod(GenericInterfaceImpl.class, "processOneAndTwo", Long.class, Object.class);
PreAuthorize pre = this.scanner.scan(method, method.getDeclaringClass());
assertThat(pre).isNotNull();
}
interface UserService {
void add(@CustomParameterAnnotation("one") String user);
@ -764,4 +773,27 @@ public class UniqueSecurityAnnotationScannerTests { @@ -764,4 +773,27 @@ public class UniqueSecurityAnnotationScannerTests {
}
interface GenericInterface<A, B> {
@PreAuthorize("hasAuthority('thirtythree')")
void processOneAndTwo(A value1, B value2);
}
abstract static class GenericAbstractSuperclass<C> implements GenericInterface<Long, C> {
@Override
public void processOneAndTwo(Long value1, C value2) {
}
}
static class GenericInterfaceImpl extends GenericAbstractSuperclass<String> {
// The compiler does not require us to declare a concrete
// processOneAndTwo(Long, String) method, and we intentionally
// do not declare one here.
}
}

Write Preview
Loading…
Cancel
Save