diff --git a/core-tiger/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java b/core-tiger/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java index 84fa40f670..4640a8587f 100644 --- a/core-tiger/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java +++ b/core-tiger/src/test/java/org/springframework/security/annotation/MethodDefinitionSourceEditorTigerTests.java @@ -40,75 +40,48 @@ import org.aopalliance.intercept.MethodInvocation; * @version $Id$ */ public class MethodDefinitionSourceEditorTigerTests extends TestCase { - //~ Constructors =================================================================================================== - - public MethodDefinitionSourceEditorTigerTests() { - super(); - } - - public MethodDefinitionSourceEditorTigerTests(String arg0) { - super(arg0); - } - //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(MethodDefinitionSourceEditorTigerTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } - - public void testConcreteClassInvocationsAlsoReturnDefinitionsAgainstInterface() - throws Exception { + public void testConcreteClassInvocationsAlsoReturnDefinitionsAgainstInterface() throws Exception { MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); editor.setAsText( - "org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION"); + "org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION"); MethodDefinitionMap map = (MethodDefinitionMap) editor.getValue(); assertEquals(3, map.getMethodMapSize()); ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(Service.class, - "makeLowerCase", new Class[] {Entity.class})); - ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition(); - expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE")); + "makeLowerCase", new Class[]{Entity.class})); + ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE"); assertEquals(expectedMakeLower, returnedMakeLower); ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation(ServiceImpl.class, - "makeUpperCase", new Class[] {Entity.class})); - ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(); - expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_IMPLEMENTATION")); - expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE")); + "makeUpperCase", new Class[]{Entity.class})); + ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(new String[]{"ROLE_FROM_IMPLEMENTATION", "ROLE_FROM_INTERFACE"}); assertEquals(expectedMakeUpper, returnedMakeUpper); } - public void testGenericsSuperclassDeclarationsAreIncludedWhenSubclassesOverride() - throws Exception { + public void testGenericsSuperclassDeclarationsAreIncludedWhenSubclassesOverride() throws Exception { MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor(); editor.setAsText( - "org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION"); + "org.springframework.security.annotation.test.Service.makeLower*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.Service.makeUpper*=ROLE_FROM_INTERFACE\r\norg.springframework.security.annotation.test.ServiceImpl.makeUpper*=ROLE_FROM_IMPLEMENTATION"); MethodDefinitionMap map = (MethodDefinitionMap) editor.getValue(); assertEquals(3, map.getMethodMapSize()); ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(PersonService.class, - "makeLowerCase", new Class[] {Entity.class})); - ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition(); - expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE")); + "makeLowerCase", new Class[]{Entity.class})); + ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE"); assertEquals(expectedMakeLower, returnedMakeLower); ConfigAttributeDefinition returnedMakeLower2 = map.getAttributes(new MockMethodInvocation( - OrganisationService.class, "makeLowerCase", new Class[] {Entity.class})); - ConfigAttributeDefinition expectedMakeLower2 = new ConfigAttributeDefinition(); - expectedMakeLower2.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE")); + OrganisationService.class, "makeLowerCase", new Class[]{Entity.class})); + ConfigAttributeDefinition expectedMakeLower2 = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE"); assertEquals(expectedMakeLower2, returnedMakeLower2); ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation( - PersonServiceImpl.class, "makeUpperCase", new Class[] {Entity.class})); - ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(); - expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_IMPLEMENTATION")); - expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE")); + PersonServiceImpl.class, "makeUpperCase", new Class[]{Entity.class})); + ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(new String[]{"ROLE_FROM_IMPLEMENTATION", "ROLE_FROM_INTERFACE"}); assertEquals(expectedMakeUpper, returnedMakeUpper); } diff --git a/core/src/main/java/org/springframework/security/ConfigAttributeDefinition.java b/core/src/main/java/org/springframework/security/ConfigAttributeDefinition.java index 993ef74438..e3b4673301 100644 --- a/core/src/main/java/org/springframework/security/ConfigAttributeDefinition.java +++ b/core/src/main/java/org/springframework/security/ConfigAttributeDefinition.java @@ -15,44 +15,93 @@ package org.springframework.security; +import org.springframework.util.Assert; + import java.io.Serializable; import java.util.Iterator; import java.util.List; -import java.util.Vector; +import java.util.Collections; +import java.util.ArrayList; +import java.util.Collection; /** - * Holds a group of {@link ConfigAttribute}s that are associated with a given secure object target.

All the - * ConfigAttributeDefinitions associated with a given {@link + * Holds a group of {@link ConfigAttribute}s that are associated with a given secure object target - effectively a + * Collection. + *

+ * Once created, the object is immutable. + *

+ * All the ConfigAttributeDefinitions associated with a given {@link * org.springframework.security.intercept.AbstractSecurityInterceptor} are stored in an {@link - * org.springframework.security.intercept.ObjectDefinitionSource}.

+ * org.springframework.security.intercept.ObjectDefinitionSource}. * * @author Ben Alex * @version $Id$ */ public class ConfigAttributeDefinition implements Serializable { + public static final ConfigAttributeDefinition NO_ATTRIBUTES = new ConfigAttributeDefinition(); + //~ Instance fields ================================================================================================ - private List configAttributes = new Vector(); + private List configAttributes; //~ Constructors =================================================================================================== - public ConfigAttributeDefinition() { - super(); + private ConfigAttributeDefinition() { + configAttributes = Collections.EMPTY_LIST; } - //~ Methods ======================================================================================================== + /** + * Creates a ConfigAttributeDefinition containing a single attribute + * @param attribute the String name of the attribute (converted internally to a SecurityConfig instance). + */ + public ConfigAttributeDefinition(String attribute) { + configAttributes = new ArrayList(1); + configAttributes.add(new SecurityConfig(attribute)); + configAttributes = Collections.unmodifiableList(configAttributes); + } /** - * Adds a ConfigAttribute that is related to the secure object method. + * Creates a ConfigAttributeDefinition containing a single attribute. + */ + public ConfigAttributeDefinition(ConfigAttribute attribute) { + configAttributes = new ArrayList(1); + configAttributes.add(attribute); + configAttributes = Collections.unmodifiableList(configAttributes); + } + + /** + * Builds a collection of ConfigAttributes from an array of String tokens, each of which will be wrapped in a + * SecurityConfig instance. * - * @param newConfigAttribute the new configuration attribute to add + * @param attributeTokens the tokens which will be turned into attributes. */ - public void addConfigAttribute(ConfigAttribute newConfigAttribute) { - this.configAttributes.add(newConfigAttribute); + public ConfigAttributeDefinition(String[] attributeTokens) { + configAttributes = new ArrayList(attributeTokens.length); + + for (int i = 0; i < attributeTokens.length; i++) { + configAttributes.add(new SecurityConfig(attributeTokens[i].trim())); + } + + configAttributes = Collections.unmodifiableList(configAttributes); } + /** + * Creates an immutable ConfigAttributeDefinition from the supplied list of ConfigAttribute objects. + */ + public ConfigAttributeDefinition(List configAttributes) { + Iterator attributes = configAttributes.iterator(); + while (attributes.hasNext()) { + Assert.isInstanceOf(ConfigAttribute.class, attributes.next(), + "List entries must be of type ConfigAttribute"); + } + + this.configAttributes = Collections.unmodifiableList(new ArrayList(configAttributes)); + } + + //~ Methods ======================================================================================================== + /** * Indicates whether the specified ConfigAttribute is contained within this * ConfigAttributeDefinition. @@ -67,53 +116,27 @@ public class ConfigAttributeDefinition implements Serializable { } public boolean equals(Object obj) { - if (obj instanceof ConfigAttributeDefinition) { - ConfigAttributeDefinition test = (ConfigAttributeDefinition) obj; - - List testAttrs = new Vector(); - Iterator iter = test.getConfigAttributes(); - - while (iter.hasNext()) { - ConfigAttribute attr = (ConfigAttribute) iter.next(); - testAttrs.add(attr); - } - - if (this.configAttributes.size() != testAttrs.size()) { - return false; - } - - for (int i = 0; i < this.configAttributes.size(); i++) { - if (!this.configAttributes.get(i).equals(testAttrs.get(i))) { - return false; - } - } - - return true; + if (!(obj instanceof ConfigAttributeDefinition)) { + return false; } - return false; - } + ConfigAttributeDefinition test = (ConfigAttributeDefinition) obj; - /** - * Returns an Iterator over all the ConfigAttributes defined by this - * ConfigAttributeDefinition.

Allows AccessDecisionManagers and other classes - * to loop through every configuration attribute associated with a target secure object.

- * - * @return all the configuration attributes stored by the instance, or null if an - * Iterator is unavailable - */ - public Iterator getConfigAttributes() { - return this.configAttributes.iterator(); + return configAttributes.equals(test.configAttributes); } /** - * Returns the number of ConfigAttributes defined by this + * Returns the internal collection of ConfigAttributes defined by this * ConfigAttributeDefinition. + *

+ * Allows AccessDecisionManagers and other classes to loop through every configuration attribute + * associated with a target secure object. * - * @return the number of ConfigAttributes contained + * @return all the configuration attributes stored by the instance, or null if an + * Iterator is unavailable */ - public int size() { - return configAttributes.size(); + public Collection getConfigAttributes() { + return this.configAttributes; } public String toString() { diff --git a/core/src/main/java/org/springframework/security/ConfigAttributeEditor.java b/core/src/main/java/org/springframework/security/ConfigAttributeEditor.java index 398d347008..9435babd87 100644 --- a/core/src/main/java/org/springframework/security/ConfigAttributeEditor.java +++ b/core/src/main/java/org/springframework/security/ConfigAttributeEditor.java @@ -18,6 +18,8 @@ package org.springframework.security; import org.springframework.util.StringUtils; import java.beans.PropertyEditorSupport; +import java.util.List; +import java.util.ArrayList; /** @@ -32,17 +34,11 @@ public class ConfigAttributeEditor extends PropertyEditorSupport { //~ Methods ======================================================================================================== public void setAsText(String s) throws IllegalArgumentException { - if ((s == null) || "".equals(s)) { - setValue(null); + if (StringUtils.hasText(s)) { + setValue(new ConfigAttributeDefinition(StringUtils.commaDelimitedListToStringArray(s))); } else { - String[] tokens = StringUtils.commaDelimitedListToStringArray(s); - ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition(); - - for (int i = 0; i < tokens.length; i++) { - configDefinition.addConfigAttribute(new SecurityConfig(tokens[i].trim())); - } + setValue(null); - setValue(configDefinition); } } } diff --git a/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationCollectionFilteringProvider.java b/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationCollectionFilteringProvider.java index 974a6f9a41..a9d16be050 100644 --- a/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationCollectionFilteringProvider.java +++ b/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationCollectionFilteringProvider.java @@ -71,7 +71,7 @@ public class AclEntryAfterInvocationCollectionFilteringProvider extends Abstract public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationProvider.java b/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationProvider.java index effd63b6e5..38031a288f 100644 --- a/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationProvider.java +++ b/core/src/main/java/org/springframework/security/afterinvocation/AclEntryAfterInvocationProvider.java @@ -70,7 +70,7 @@ public class AclEntryAfterInvocationProvider extends AbstractAclProvider impleme public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProvider.java b/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProvider.java index 6c9311be80..8a9bcefd16 100644 --- a/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProvider.java +++ b/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProvider.java @@ -92,7 +92,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProvider implements public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProvider.java b/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProvider.java index 884ee7d477..8c43682106 100644 --- a/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProvider.java +++ b/core/src/main/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProvider.java @@ -90,7 +90,7 @@ public class BasicAclEntryAfterInvocationProvider implements AfterInvocationProv public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplate.java b/core/src/main/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplate.java index dd569ebf65..46c0c69338 100644 --- a/core/src/main/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplate.java +++ b/core/src/main/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplate.java @@ -86,7 +86,7 @@ public abstract class CaptchaChannelProcessorTemplate implements ChannelProcesso CaptchaSecurityContext context = null; context = (CaptchaSecurityContext) SecurityContextHolder.getContext(); - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java b/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java index daf8d5be8a..83a986d552 100644 --- a/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java +++ b/core/src/main/java/org/springframework/security/intercept/AbstractSecurityInterceptor.java @@ -224,7 +224,7 @@ public abstract class AbstractSecurityInterceptor implements InitializingBean, A while (iter.hasNext()) { ConfigAttributeDefinition def = (ConfigAttributeDefinition) iter.next(); - Iterator attributes = def.getConfigAttributes(); + Iterator attributes = def.getConfigAttributes().iterator(); while (attributes.hasNext()) { ConfigAttribute attr = (ConfigAttribute) attributes.next(); diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionAttributes.java b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionAttributes.java index 436702e230..ea549601c9 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionAttributes.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionAttributes.java @@ -24,6 +24,8 @@ import java.lang.reflect.Method; import java.util.Collection; import java.util.Iterator; +import java.util.List; +import java.util.ArrayList; /** @@ -56,21 +58,17 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource { //~ Methods ======================================================================================================== - private void add(ConfigAttributeDefinition definition, Collection attribs) { + private void add(List definition, Collection attribs) { for (Iterator iter = attribs.iterator(); iter.hasNext();) { Object o = iter.next(); if (o instanceof ConfigAttribute) { - definition.addConfigAttribute((ConfigAttribute) o); + definition.add(o); } } } - private void addClassAttributes(ConfigAttributeDefinition definition, Class clazz) { - addClassAttributes(definition, new Class[] {clazz}); - } - - private void addClassAttributes(ConfigAttributeDefinition definition, Class[] clazz) { + private void addClassAttributes(List definition, Class[] clazz) { for (int i = 0; i < clazz.length; i++) { Collection classAttributes = attributes.getAttributes(clazz[i]); @@ -80,7 +78,7 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource { } } - private void addInterfaceMethodAttributes(ConfigAttributeDefinition definition, Method method) { + private void addInterfaceMethodAttributes(List definition, Method method) { Class[] interfaces = method.getDeclaringClass().getInterfaces(); for (int i = 0; i < interfaces.length; i++) { @@ -96,7 +94,7 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource { } } - private void addMethodAttributes(ConfigAttributeDefinition definition, Method method) { + private void addMethodAttributes(List definition, Method method) { // add the method level attributes Collection methodAttributes = attributes.getAttributes(method); @@ -110,27 +108,26 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource { } protected ConfigAttributeDefinition lookupAttributes(Method method) { - ConfigAttributeDefinition definition = new ConfigAttributeDefinition(); - Class interceptedClass = method.getDeclaringClass(); + List attributes = new ArrayList(); // add the class level attributes for the implementing class - addClassAttributes(definition, interceptedClass); + addClassAttributes(attributes, new Class[] {interceptedClass}); // add the class level attributes for the implemented interfaces - addClassAttributes(definition, interceptedClass.getInterfaces()); + addClassAttributes(attributes, interceptedClass.getInterfaces()); // add the method level attributes for the implemented method - addMethodAttributes(definition, method); + addMethodAttributes(attributes, method); // add the method level attributes for the implemented intreface methods - addInterfaceMethodAttributes(definition, method); + addInterfaceMethodAttributes(attributes, method); - if (definition.size() == 0) { + if (attributes.size() == 0) { return null; - } else { - return definition; } + + return new ConfigAttributeDefinition(attributes); } public void setAttributes(Attributes attributes) { diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionMap.java b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionMap.java index 52539c35e8..946fdca28c 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionMap.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionMap.java @@ -15,7 +15,6 @@ package org.springframework.security.intercept.method; -import org.springframework.security.ConfigAttribute; import org.springframework.security.ConfigAttributeDefinition; import org.springframework.security.SecurityConfig; @@ -64,6 +63,22 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource { //~ Methods ======================================================================================================== + public MethodDefinitionMap() { + } + + /** + * Creates the MethodDefinitionMap from a + * @param methodMap map of method names to ConfigAttributeDefinitions. + */ + public MethodDefinitionMap(Map methodMap) { + Iterator iterator = methodMap.entrySet().iterator(); + + while (iterator.hasNext()) { + Map.Entry entry = (Map.Entry) iterator.next(); + addSecureMethod((String)entry.getKey(), (ConfigAttributeDefinition)entry.getValue()); + } + } + /** * Add configuration attributes for a secure method. Method names can end or start with * * for matching multiple methods. @@ -192,11 +207,10 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource { } protected ConfigAttributeDefinition lookupAttributes(Method method) { - ConfigAttributeDefinition definition = new ConfigAttributeDefinition(); + List attributesToReturn = new ArrayList(); // Add attributes explictly defined for this method invocation - ConfigAttributeDefinition directlyAssigned = (ConfigAttributeDefinition) this.methodMap.get(method); - merge(definition, directlyAssigned); + merge(attributesToReturn, (ConfigAttributeDefinition) this.methodMap.get(method)); // Add attributes explicitly defined for this method invocation's interfaces Class[] interfaces = method.getDeclaringClass().getInterfaces(); @@ -209,50 +223,25 @@ public class MethodDefinitionMap extends AbstractMethodDefinitionSource { Method interfaceMethod = clazz.getDeclaredMethod(method.getName(), (Class[]) method.getParameterTypes()); ConfigAttributeDefinition interfaceAssigned = (ConfigAttributeDefinition) this.methodMap.get(interfaceMethod); - merge(definition, interfaceAssigned); + merge(attributesToReturn, interfaceAssigned); } catch (Exception e) { // skip this interface } } // Return null if empty, as per abstract superclass contract - if (definition.size() == 0) { + if (attributesToReturn.size() == 0) { return null; - } else { - return definition; } + + return new ConfigAttributeDefinition(attributesToReturn); } - private void merge(ConfigAttributeDefinition definition, ConfigAttributeDefinition toMerge) { + private void merge(List attributes, ConfigAttributeDefinition toMerge) { if (toMerge == null) { return; } - Iterator attribs = toMerge.getConfigAttributes(); - - while (attribs.hasNext()) { - definition.addConfigAttribute((ConfigAttribute) attribs.next()); - } - } - - /** - * Easier configuration of the instance, using {@link MethodDefinitionSourceMapping}. - * - * @param mappings {@link List} of {@link MethodDefinitionSourceMapping} objects. - */ - public void setMappings(List mappings) { - Iterator it = mappings.iterator(); - while (it.hasNext()) { - MethodDefinitionSourceMapping mapping = (MethodDefinitionSourceMapping) it.next(); - ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition(); - - Iterator configAttributesIt = mapping.getConfigAttributes().iterator(); - while (configAttributesIt.hasNext()) { - String s = (String) configAttributesIt.next(); - configDefinition.addConfigAttribute(new SecurityConfig(s)); - } - - addSecureMethod(mapping.getMethodName(), configDefinition); - } + attributes.addAll(toMerge.getConfigAttributes()); } } diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java index 736c240671..359b6c4acb 100644 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java +++ b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditor.java @@ -15,6 +15,8 @@ package org.springframework.security.intercept.method; +import org.springframework.security.ConfigAttributeDefinition; + import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -27,6 +29,8 @@ import java.util.ArrayList; import java.util.Iterator; import java.util.List; import java.util.Properties; +import java.util.Map; +import java.util.LinkedHashMap; /** @@ -44,38 +48,29 @@ public class MethodDefinitionSourceEditor extends PropertyEditorSupport { //~ Methods ======================================================================================================== public void setAsText(String s) throws IllegalArgumentException { - MethodDefinitionMap source = new MethodDefinitionMap(); - if ((s == null) || "".equals(s)) { - // Leave value in property editor null - } else { - // Use properties editor to tokenize the string - PropertiesEditor propertiesEditor = new PropertiesEditor(); - propertiesEditor.setAsText(s); - - Properties props = (Properties) propertiesEditor.getValue(); + setValue(new MethodDefinitionMap()); + return; + } - // Now we have properties, process each one individually - List mappings = new ArrayList(); + // Use properties editor to tokenize the string + PropertiesEditor propertiesEditor = new PropertiesEditor(); + propertiesEditor.setAsText(s); - for (Iterator iter = props.keySet().iterator(); iter.hasNext();) { - String name = (String) iter.next(); - String value = props.getProperty(name); + Properties props = (Properties) propertiesEditor.getValue(); - MethodDefinitionSourceMapping mapping = new MethodDefinitionSourceMapping(); - mapping.setMethodName(name); + // Now we have properties, process each one individually + Map mappings = new LinkedHashMap(); - String[] tokens = StringUtils.commaDelimitedListToStringArray(value); + for (Iterator iter = props.keySet().iterator(); iter.hasNext();) { + String name = (String) iter.next(); + String value = props.getProperty(name); - for (int i = 0; i < tokens.length; i++) { - mapping.addConfigAttribute(tokens[i].trim()); - } + String[] tokens = StringUtils.commaDelimitedListToStringArray(value); - mappings.add(mapping); - } - source.setMappings(mappings); + mappings.put(name, new ConfigAttributeDefinition(tokens)); } - setValue(source); + setValue(new MethodDefinitionMap(mappings)); } } diff --git a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceMapping.java b/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceMapping.java deleted file mode 100644 index 768f32646d..0000000000 --- a/core/src/main/java/org/springframework/security/intercept/method/MethodDefinitionSourceMapping.java +++ /dev/null @@ -1,82 +0,0 @@ -/* Copyright 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.method; - -import java.util.ArrayList; -import java.util.List; - -import org.springframework.security.ConfigAttribute; - -/** - * Configuration entry for {@link MethodDefinitionSource}, that holds - * the method to be protected and the {@link ConfigAttribute}s as {@link String} - * that apply to that url. - * - * @author Carlos Sanchez - * @version $Id$ - * @since 1.1 - */ -public class MethodDefinitionSourceMapping { - - private String methodName; - - private List configAttributes = new ArrayList(); - - /** - * Name of the method to be secured, including package and class name. - * eg. org.mydomain.MyClass.myMethod - * - * @param methodName - */ - public void setMethodName(String methodName) { - this.methodName = methodName; - } - - /** - * Name of the method to be secured. - * - * @return the name of the method - */ - public String getMethodName() { - return methodName; - } - - /** - * - * @param roles {@link List}<{@link String}> - */ - public void setConfigAttributes(List roles) { - this.configAttributes = roles; - } - - /** - * - * @return {@link List}<{@link String}> - */ - public List getConfigAttributes() { - return configAttributes; - } - - /** - * Add a {@link ConfigAttribute} as {@link String} - * - * @param configAttribute - */ - public void addConfigAttribute(String configAttribute) { - configAttributes.add(configAttribute); - } - -} diff --git a/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java b/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java index e1d77b3115..ebc1445706 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java +++ b/core/src/main/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSource.java @@ -79,6 +79,17 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation this.urlMatcher = urlMatcher; } + public DefaultFilterInvocationDefinitionSource(UrlMatcher urlMatcher, LinkedHashMap requestMap) { + this.urlMatcher = urlMatcher; + + Iterator iterator = requestMap.entrySet().iterator(); + + while (iterator.hasNext()) { + Map.Entry entry = (Map.Entry) iterator.next(); + addSecureUrl((String)entry.getKey(), (ConfigAttributeDefinition)entry.getValue()); + } + } + //~ Methods ======================================================================================================== public void addSecureUrl(String pattern, ConfigAttributeDefinition attr) { @@ -212,31 +223,6 @@ public class DefaultFilterInvocationDefinitionSource implements FilterInvocation return null; } - /** - * Allows or easier configuration using {@link FilterInvocationDefinitionSourceMapping}. - * - * @param mappings - * {@link java.util.List} of - * {@link FilterInvocationDefinitionSourceMapping} objects. - */ - void setMappings(List mappings) { - Iterator it = mappings.iterator(); - - while (it.hasNext()) { - FilterInvocationDefinitionSourceMapping mapping = (FilterInvocationDefinitionSourceMapping) it.next(); - ConfigAttributeDefinition configDefinition = new ConfigAttributeDefinition(); - - Iterator configAttributesIt = mapping.getConfigAttributes().iterator(); - while (configAttributesIt.hasNext()) { - String s = (String) configAttributesIt.next(); - configDefinition.addConfigAttribute(new SecurityConfig(s)); - } - - addSecureUrl(mapping.getUrl(), configDefinition); - } - } - - public boolean supports(Class clazz) { return FilterInvocation.class.isAssignableFrom(clazz); } diff --git a/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java b/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java index c0a17a3845..65b68af3e7 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java +++ b/core/src/main/java/org/springframework/security/intercept/web/FIDSToFilterChainMapConverter.java @@ -41,7 +41,7 @@ public class FIDSToFilterChainMapConverter { ConfigAttributeDefinition configAttributeDefinition = (ConfigAttributeDefinition) requestMap.get(entry); List filters = new ArrayList(); - Iterator attributes = configAttributeDefinition.getConfigAttributes(); + Iterator attributes = configAttributeDefinition.getConfigAttributes().iterator(); while (attributes.hasNext()) { ConfigAttribute attr = (ConfigAttribute) attributes.next(); diff --git a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditor.java b/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditor.java index a8133366c0..c0dac27947 100644 --- a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditor.java +++ b/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditor.java @@ -19,13 +19,13 @@ import java.beans.PropertyEditorSupport; import java.io.BufferedReader; import java.io.IOException; import java.io.StringReader; -import java.util.ArrayList; -import java.util.List; +import java.util.LinkedHashMap; import org.springframework.security.util.StringSplitUtils; import org.springframework.security.util.RegexUrlPathMatcher; import org.springframework.security.util.UrlMatcher; import org.springframework.security.util.AntUrlPathMatcher; +import org.springframework.security.ConfigAttributeDefinition; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; @@ -85,29 +85,11 @@ public class FilterInvocationDefinitionSourceEditor extends PropertyEditorSuppor } } - UrlMatcher matcher; - - if (useAnt) { - matcher = new AntUrlPathMatcher(); - ((AntUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase); - - } else { - matcher = new RegexUrlPathMatcher(); - ((RegexUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase); - } - - DefaultFilterInvocationDefinitionSource fids = new DefaultFilterInvocationDefinitionSource(matcher); - - if (useAnt) { - fids.setStripQueryStringFromUrls(true); - } - - BufferedReader br = new BufferedReader(new StringReader(s)); int counter = 0; String line; - List mappings = new ArrayList(); + LinkedHashMap urlMap = new LinkedHashMap(); while (true) { counter++; @@ -183,19 +165,33 @@ public class FilterInvocationDefinitionSourceEditor extends PropertyEditorSuppor } } - FilterInvocationDefinitionSourceMapping mapping = new FilterInvocationDefinitionSourceMapping(); - mapping.setUrl(name); - String[] tokens = StringUtils.commaDelimitedListToStringArray(value); - for (int i = 0; i < tokens.length; i++) { - mapping.addConfigAttribute(tokens[i].trim()); - } + urlMap.put(name, new ConfigAttributeDefinition(tokens)); + } + + DefaultFilterInvocationDefinitionSource fids = + new DefaultFilterInvocationDefinitionSource(createMatcher(useAnt, converUrlToLowerCase), urlMap); - mappings.add(mapping); + if (useAnt) { + fids.setStripQueryStringFromUrls(true); } - fids.setMappings(mappings); setValue(fids); } + + private UrlMatcher createMatcher(boolean useAnt, boolean converUrlToLowerCase) { + UrlMatcher matcher; + + if (useAnt) { + matcher = new AntUrlPathMatcher(); + ((AntUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase); + + } else { + matcher = new RegexUrlPathMatcher(); + ((RegexUrlPathMatcher)matcher).setRequiresLowerCaseUrl(converUrlToLowerCase); + } + + return matcher; + } } diff --git a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceMapping.java b/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceMapping.java deleted file mode 100644 index dfa7613fe1..0000000000 --- a/core/src/main/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceMapping.java +++ /dev/null @@ -1,81 +0,0 @@ -/* Copyright 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.intercept.web; - -import java.util.ArrayList; -import java.util.List; - -import org.springframework.security.ConfigAttribute; - -/** - * Configuration entry for {@link FilterInvocationDefinitionSource}, that holds - * the url to be protected and the {@link ConfigAttribute}s as {@link String} - * that apply to that url. - * - * @author Carlos Sanchez - * @version $Id$ - * @since 1.1 - */ -class FilterInvocationDefinitionSourceMapping { - - private String url; - - private List configAttributes = new ArrayList(); - - /** - * Url to be secured. - * - * @param url - */ - public void setUrl(String url) { - this.url = url; - } - - /** - * Url to be secured. - * - * @return the url - */ - public String getUrl() { - return url; - } - - /** - * - * @param roles {@link List}<{@link String}> - */ - public void setConfigAttributes(List roles) { - this.configAttributes = roles; - } - - /** - * - * @return {@link List}<{@link String}> - */ - public List getConfigAttributes() { - return configAttributes; - } - - /** - * Add a {@link ConfigAttribute} as {@link String} - * - * @param configAttribute - */ - public void addConfigAttribute(String configAttribute) { - configAttributes.add(configAttribute); - } - -} diff --git a/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java b/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java index e8518723b6..1408b13405 100644 --- a/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java +++ b/core/src/main/java/org/springframework/security/runas/RunAsManagerImpl.java @@ -66,7 +66,7 @@ public class RunAsManagerImpl implements RunAsManager, InitializingBean { public Authentication buildRunAs(Authentication authentication, Object object, ConfigAttributeDefinition config) { List newAuthorities = new Vector(); - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/securechannel/ChannelDecisionManagerImpl.java b/core/src/main/java/org/springframework/security/securechannel/ChannelDecisionManagerImpl.java index 603cd17b62..320909a895 100644 --- a/core/src/main/java/org/springframework/security/securechannel/ChannelDecisionManagerImpl.java +++ b/core/src/main/java/org/springframework/security/securechannel/ChannelDecisionManagerImpl.java @@ -68,7 +68,7 @@ public class ChannelDecisionManagerImpl implements ChannelDecisionManager, Initi public void decide(FilterInvocation invocation, ConfigAttributeDefinition config) throws IOException, ServletException { - Iterator attrs = config.getConfigAttributes(); + Iterator attrs = config.getConfigAttributes().iterator(); while (attrs.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) attrs.next(); diff --git a/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java b/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java index 011502080a..b3656ad5bc 100644 --- a/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java +++ b/core/src/main/java/org/springframework/security/securechannel/ChannelProcessingFilter.java @@ -81,7 +81,7 @@ public class ChannelProcessingFilter extends SpringSecurityFilter implements Ini while (iter.hasNext()) { ConfigAttributeDefinition def = (ConfigAttributeDefinition) iter.next(); - Iterator attributes = def.getConfigAttributes(); + Iterator attributes = def.getConfigAttributes().iterator(); while (attributes.hasNext()) { ConfigAttribute attr = (ConfigAttribute) attributes.next(); diff --git a/core/src/main/java/org/springframework/security/securechannel/InsecureChannelProcessor.java b/core/src/main/java/org/springframework/security/securechannel/InsecureChannelProcessor.java index e52c0d6307..c6981a944c 100644 --- a/core/src/main/java/org/springframework/security/securechannel/InsecureChannelProcessor.java +++ b/core/src/main/java/org/springframework/security/securechannel/InsecureChannelProcessor.java @@ -61,7 +61,7 @@ public class InsecureChannelProcessor implements InitializingBean, ChannelProces throw new IllegalArgumentException("Nulls cannot be provided"); } - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/securechannel/SecureChannelProcessor.java b/core/src/main/java/org/springframework/security/securechannel/SecureChannelProcessor.java index 7ae11670bb..c896dcaf3f 100644 --- a/core/src/main/java/org/springframework/security/securechannel/SecureChannelProcessor.java +++ b/core/src/main/java/org/springframework/security/securechannel/SecureChannelProcessor.java @@ -59,7 +59,7 @@ public class SecureChannelProcessor implements InitializingBean, ChannelProcesso throws IOException, ServletException { Assert.isTrue((invocation != null) && (config != null), "Nulls cannot be provided"); - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/userdetails/CachingUserDetailsService.java b/core/src/main/java/org/springframework/security/userdetails/CachingUserDetailsService.java new file mode 100644 index 0000000000..998b9ed2ea --- /dev/null +++ b/core/src/main/java/org/springframework/security/userdetails/CachingUserDetailsService.java @@ -0,0 +1,8 @@ +package org.springframework.security.userdetails; + +/** + * @author Luke Taylor + * @version $Id$ + */ +public interface CachingUserDetailsService extends UserDetailsService, UserDetailsCache { +} diff --git a/core/src/main/java/org/springframework/security/userdetails/UserDetailsCache.java b/core/src/main/java/org/springframework/security/userdetails/UserDetailsCache.java new file mode 100644 index 0000000000..8d4b1382e8 --- /dev/null +++ b/core/src/main/java/org/springframework/security/userdetails/UserDetailsCache.java @@ -0,0 +1,14 @@ +package org.springframework.security.userdetails; + +/** + * @author Luke Taylor + * @version $Id$ + */ +public interface UserDetailsCache { + + boolean userIsCached(String username); + + void removeUserFromCache(String username); + + void clearCache(); +} diff --git a/core/src/main/java/org/springframework/security/userdetails/decorator/CacheEnabledUserDetailsService.java b/core/src/main/java/org/springframework/security/userdetails/decorator/CacheEnabledUserDetailsService.java new file mode 100644 index 0000000000..3b4514a0f6 --- /dev/null +++ b/core/src/main/java/org/springframework/security/userdetails/decorator/CacheEnabledUserDetailsService.java @@ -0,0 +1,8 @@ +package org.springframework.security.userdetails.decorator; + +/** + * @author Luke Taylor + * @version $Id$ + */ +public class CacheEnabledUserDetailsService { +} diff --git a/core/src/main/java/org/springframework/security/vote/AclEntryVoter.java b/core/src/main/java/org/springframework/security/vote/AclEntryVoter.java index 5a79512b84..e46b31db57 100644 --- a/core/src/main/java/org/springframework/security/vote/AclEntryVoter.java +++ b/core/src/main/java/org/springframework/security/vote/AclEntryVoter.java @@ -144,7 +144,7 @@ public class AclEntryVoter extends AbstractAclVoter { } public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java b/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java index 3906ff98f6..9f83cdddd2 100644 --- a/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java +++ b/core/src/main/java/org/springframework/security/vote/AuthenticatedVoter.java @@ -87,7 +87,7 @@ public class AuthenticatedVoter implements AccessDecisionVoter { public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) { int result = ACCESS_ABSTAIN; - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/vote/BasicAclEntryVoter.java b/core/src/main/java/org/springframework/security/vote/BasicAclEntryVoter.java index f0715651a1..80b15621f8 100644 --- a/core/src/main/java/org/springframework/security/vote/BasicAclEntryVoter.java +++ b/core/src/main/java/org/springframework/security/vote/BasicAclEntryVoter.java @@ -163,7 +163,7 @@ public class BasicAclEntryVoter extends AbstractAclVoter implements Initializing } public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/vote/LabelBasedAclVoter.java b/core/src/main/java/org/springframework/security/vote/LabelBasedAclVoter.java index 923220f187..a22fccd2df 100644 --- a/core/src/main/java/org/springframework/security/vote/LabelBasedAclVoter.java +++ b/core/src/main/java/org/springframework/security/vote/LabelBasedAclVoter.java @@ -182,7 +182,7 @@ public class LabelBasedAclVoter extends AbstractAclVoter { logger.debug("=========================================================="); } - if (this.supports((ConfigAttribute) config.getConfigAttributes().next())) { + if (this.supports((ConfigAttribute) config.getConfigAttributes().iterator().next())) { result = ACCESS_DENIED; /* Parse out the user's labels by examining the security context, and checking @@ -267,27 +267,15 @@ public class LabelBasedAclVoter extends AbstractAclVoter { if (logger.isDebugEnabled()) { switch (result) { case ACCESS_GRANTED: - - if (logger.isDebugEnabled()) { - logger.debug("===== Access is granted ====="); - } - + logger.debug("===== Access is granted ====="); break; case ACCESS_DENIED: - - if (logger.isDebugEnabled()) { - logger.debug("===== Access is denied ====="); - } - + logger.debug("===== Access is denied ====="); break; case ACCESS_ABSTAIN: - - if (logger.isDebugEnabled()) { - logger.debug("===== Abstaining ====="); - } - + logger.debug("===== Abstaining ====="); break; } } diff --git a/core/src/main/java/org/springframework/security/vote/RoleVoter.java b/core/src/main/java/org/springframework/security/vote/RoleVoter.java index d0ebbb56c1..2ef3d99860 100644 --- a/core/src/main/java/org/springframework/security/vote/RoleVoter.java +++ b/core/src/main/java/org/springframework/security/vote/RoleVoter.java @@ -93,7 +93,7 @@ public class RoleVoter implements AccessDecisionVoter { public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) { int result = ACCESS_ABSTAIN; - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/main/java/org/springframework/security/vote/UnanimousBased.java b/core/src/main/java/org/springframework/security/vote/UnanimousBased.java index 854a1309d0..a051345a41 100644 --- a/core/src/main/java/org/springframework/security/vote/UnanimousBased.java +++ b/core/src/main/java/org/springframework/security/vote/UnanimousBased.java @@ -21,6 +21,7 @@ import org.springframework.security.ConfigAttribute; import org.springframework.security.ConfigAttributeDefinition; import java.util.Iterator; +import java.util.Arrays; /** @@ -32,8 +33,9 @@ public class UnanimousBased extends AbstractAccessDecisionManager { /** * This concrete implementation polls all configured {@link AccessDecisionVoter}s for each {@link - * ConfigAttribute} and grants access if only grant votes were received.

Other voting - * implementations usually pass the entire list of {@link ConfigAttributeDefinition}s to the + * ConfigAttribute} and grants access if only grant votes were received. + *

+ * Other voting implementations usually pass the entire list of {@link ConfigAttributeDefinition}s to the * AccessDecisionVoter. This implementation differs in that each AccessDecisionVoter * knows only about a single ConfigAttribute at a time.

*

If every AccessDecisionVoter abstained from voting, the decision will be based on the @@ -46,21 +48,22 @@ public class UnanimousBased extends AbstractAccessDecisionManager { * @throws AccessDeniedException if access is denied */ public void decide(Authentication authentication, Object object, ConfigAttributeDefinition config) - throws AccessDeniedException { + throws AccessDeniedException { + int grant = 0; int abstain = 0; - Iterator configIter = config.getConfigAttributes(); + Iterator configIter = config.getConfigAttributes().iterator(); while (configIter.hasNext()) { - ConfigAttributeDefinition thisDef = new ConfigAttributeDefinition(); - thisDef.addConfigAttribute((ConfigAttribute) configIter.next()); + ConfigAttributeDefinition singleAttrDef = + new ConfigAttributeDefinition((ConfigAttribute) configIter.next()); Iterator voters = this.getDecisionVoters().iterator(); while (voters.hasNext()) { AccessDecisionVoter voter = (AccessDecisionVoter) voters.next(); - int result = voter.vote(authentication, object, thisDef); + int result = voter.vote(authentication, object, singleAttrDef); switch (result) { case AccessDecisionVoter.ACCESS_GRANTED: diff --git a/core/src/test/java/org/springframework/security/ConfigAttributeEditorTests.java b/core/src/test/java/org/springframework/security/ConfigAttributeEditorTests.java index bb2ca6e8db..66440c65e8 100644 --- a/core/src/test/java/org/springframework/security/ConfigAttributeEditorTests.java +++ b/core/src/test/java/org/springframework/security/ConfigAttributeEditorTests.java @@ -28,6 +28,8 @@ import java.util.Iterator; * @version $Id$ */ public class ConfigAttributeEditorTests extends TestCase { + private static final String[] ATTRIBUTES = new String[] {"A", "B"}; + //~ Constructors =================================================================================================== public ConfigAttributeEditorTests() { @@ -40,20 +42,12 @@ public class ConfigAttributeEditorTests extends TestCase { //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(ConfigAttributeEditorTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } - public void testCorrectOperation() { ConfigAttributeEditor editor = new ConfigAttributeEditor(); editor.setAsText("HELLO,DOCTOR,NAME,YESTERDAY,TOMORROW"); ConfigAttributeDefinition result = (ConfigAttributeDefinition) editor.getValue(); - Iterator iter = result.getConfigAttributes(); + Iterator iter = result.getConfigAttributes().iterator(); int position = 0; while (iter.hasNext()) { @@ -63,7 +57,7 @@ public class ConfigAttributeEditorTests extends TestCase { assertEquals(5, position); - assertEquals(5, result.size()); + assertEquals(5, result.getConfigAttributes().size()); assertTrue(result.contains(new SecurityConfig("HELLO"))); assertTrue(result.contains(new SecurityConfig("TOMORROW"))); @@ -79,46 +73,31 @@ public class ConfigAttributeEditorTests extends TestCase { } public void testEqualsHandlingWhenDifferentObjectTypes() { - ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(); - def1.addConfigAttribute(new SecurityConfig("A")); - def1.addConfigAttribute(new SecurityConfig("B")); + ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES); assertTrue(!def1.equals("A_STRING")); } public void testEqualsHandlingWhenExactlyEqual() { - ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(); - def1.addConfigAttribute(new SecurityConfig("A")); - def1.addConfigAttribute(new SecurityConfig("B")); - - ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(); - def2.addConfigAttribute(new SecurityConfig("A")); - def2.addConfigAttribute(new SecurityConfig("B")); + ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES); + ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(ATTRIBUTES); assertEquals(def1, def2); } public void testEqualsHandlingWhenOrderingNotEqual() { - ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(); - def1.addConfigAttribute(new SecurityConfig("A")); - def1.addConfigAttribute(new SecurityConfig("B")); + ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES); + ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {"B", "A"}); - ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(); - def2.addConfigAttribute(new SecurityConfig("B")); - def2.addConfigAttribute(new SecurityConfig("A")); - - assertTrue(!def1.equals(def2)); + assertFalse(def1.equals(def2)); } public void testEqualsHandlingWhenTestObjectHasNoAttributes() { - ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(); - def1.addConfigAttribute(new SecurityConfig("A")); - def1.addConfigAttribute(new SecurityConfig("B")); - - ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(); + ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(ATTRIBUTES); + ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {}); - assertTrue(!def1.equals(def2)); - assertTrue(!def2.equals(def1)); + assertFalse(def1.equals(def2)); + assertFalse(def2.equals(def1)); } public void testNullReturnsNull() { @@ -134,7 +113,7 @@ public class ConfigAttributeEditorTests extends TestCase { editor.setAsText(" HELLO, DOCTOR,NAME, YESTERDAY ,TOMORROW "); ConfigAttributeDefinition result = (ConfigAttributeDefinition) editor.getValue(); - Iterator iter = result.getConfigAttributes(); + Iterator iter = result.getConfigAttributes().iterator(); ArrayList list = new ArrayList(); diff --git a/core/src/test/java/org/springframework/security/MockAccessDecisionManager.java b/core/src/test/java/org/springframework/security/MockAccessDecisionManager.java index e60eb62b70..dfcf187739 100644 --- a/core/src/test/java/org/springframework/security/MockAccessDecisionManager.java +++ b/core/src/test/java/org/springframework/security/MockAccessDecisionManager.java @@ -30,7 +30,7 @@ public class MockAccessDecisionManager implements AccessDecisionManager { public void decide(Authentication authentication, Object object, ConfigAttributeDefinition config) throws AccessDeniedException { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/test/java/org/springframework/security/MockAfterInvocationManager.java b/core/src/test/java/org/springframework/security/MockAfterInvocationManager.java index 181af38605..c5a0168b36 100644 --- a/core/src/test/java/org/springframework/security/MockAfterInvocationManager.java +++ b/core/src/test/java/org/springframework/security/MockAfterInvocationManager.java @@ -29,7 +29,7 @@ public class MockAfterInvocationManager implements AfterInvocationManager { public Object decide(Authentication authentication, Object object, ConfigAttributeDefinition config, Object returnedObject) throws AccessDeniedException { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/test/java/org/springframework/security/MockRunAsManager.java b/core/src/test/java/org/springframework/security/MockRunAsManager.java index a4cdc642ae..dd4a7eb058 100644 --- a/core/src/test/java/org/springframework/security/MockRunAsManager.java +++ b/core/src/test/java/org/springframework/security/MockRunAsManager.java @@ -29,7 +29,7 @@ public class MockRunAsManager implements RunAsManager { //~ Methods ======================================================================================================== public Authentication buildRunAs(Authentication authentication, Object object, ConfigAttributeDefinition config) { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attr = (ConfigAttribute) iter.next(); diff --git a/core/src/test/java/org/springframework/security/afterinvocation/AfterInvocationProviderManagerTests.java b/core/src/test/java/org/springframework/security/afterinvocation/AfterInvocationProviderManagerTests.java index 5eb6ea8ba1..5a024d3202 100644 --- a/core/src/test/java/org/springframework/security/afterinvocation/AfterInvocationProviderManagerTests.java +++ b/core/src/test/java/org/springframework/security/afterinvocation/AfterInvocationProviderManagerTests.java @@ -70,21 +70,11 @@ public class AfterInvocationProviderManagerTests extends TestCase { assertEquals(list, manager.getProviders()); manager.afterPropertiesSet(); - ConfigAttributeDefinition attr1 = new ConfigAttributeDefinition(); - attr1.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP1")); - - ConfigAttributeDefinition attr2 = new ConfigAttributeDefinition(); - attr2.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP2")); - - ConfigAttributeDefinition attr3 = new ConfigAttributeDefinition(); - attr3.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP3")); - - ConfigAttributeDefinition attr2and3 = new ConfigAttributeDefinition(); - attr2and3.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP2")); - attr2and3.addConfigAttribute(new SecurityConfig("GIVE_ME_SWAP3")); - - ConfigAttributeDefinition attr4 = new ConfigAttributeDefinition(); - attr4.addConfigAttribute(new SecurityConfig("NEVER_CAUSES_SWAP")); + ConfigAttributeDefinition attr1 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP1"}); + ConfigAttributeDefinition attr2 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP2"}); + ConfigAttributeDefinition attr3 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP3"}); + ConfigAttributeDefinition attr2and3 = new ConfigAttributeDefinition(new String[] {"GIVE_ME_SWAP2","GIVE_ME_SWAP3"}); + ConfigAttributeDefinition attr4 = new ConfigAttributeDefinition(new String[] {"NEVER_CAUSES_SWAP"}); assertEquals("swap1", manager.decide(null, new SimpleMethodInvocation(), attr1, "content-before-swapping")); diff --git a/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProviderTests.java b/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProviderTests.java index cc844e52f9..c28d446d2c 100644 --- a/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProviderTests.java +++ b/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationCollectionFilteringProviderTests.java @@ -20,8 +20,6 @@ import junit.framework.TestCase; import org.springframework.security.AuthorizationServiceException; import org.springframework.security.ConfigAttributeDefinition; import org.springframework.security.MockAclManager; -import org.springframework.security.SecurityConfig; - import org.springframework.security.acl.AclEntry; import org.springframework.security.acl.AclManager; import org.springframework.security.acl.basic.MockAclObjectIdentity; @@ -54,14 +52,6 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(BasicAclEntryAfterInvocationCollectionFilteringProviderTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } - public void testCorrectOperationWhenPrincipalHasIncorrectPermissionToDomainObject() throws Exception { // Create an AclManager, granting scott only ADMINISTRATION rights @@ -83,8 +73,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // Filter List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list); @@ -117,8 +106,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // Filter List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list); @@ -152,8 +140,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // Filter List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list); @@ -188,8 +175,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // Filter String[] filteredList = (String[]) provider.decide(auth, new SimpleMethodInvocation(), attr, list); @@ -215,8 +201,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // Filter try { @@ -244,8 +229,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // Filter List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, null); @@ -253,8 +237,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend assertNull(filteredList); } - public void testRespectsModificationsToProcessConfigAttribute() - throws Exception { + public void testRespectsModificationsToProcessConfigAttribute() throws Exception { // Create an AclManager AclManager aclManager = new MockAclManager("sydney", "rod", new AclEntry[] { @@ -279,14 +262,14 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // As no matching config attrib, ensure provider doesn't change list assertEquals(4, ((List) provider.decide(auth, new SimpleMethodInvocation(), attr, list)).size()); // Filter, this time with the conf attrib provider setup to answer - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_ADMIN")); + attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_ADMIN"); + //attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_ADMIN")); List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list); @@ -320,8 +303,7 @@ public class BasicAclEntryAfterInvocationCollectionFilteringProviderTests extend // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_COLLECTION_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_COLLECTION_READ"); // Filter List filteredList = (List) provider.decide(auth, new SimpleMethodInvocation(), attr, list); diff --git a/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProviderTests.java b/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProviderTests.java index 8f24b9833d..79dac10452 100644 --- a/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProviderTests.java +++ b/core/src/test/java/org/springframework/security/afterinvocation/BasicAclEntryAfterInvocationProviderTests.java @@ -20,8 +20,6 @@ import junit.framework.TestCase; import org.springframework.security.AccessDeniedException; import org.springframework.security.ConfigAttributeDefinition; import org.springframework.security.MockAclManager; -import org.springframework.security.SecurityConfig; - import org.springframework.security.acl.AclEntry; import org.springframework.security.acl.AclManager; import org.springframework.security.acl.basic.MockAclObjectIdentity; @@ -39,32 +37,15 @@ import org.springframework.security.util.SimpleMethodInvocation; * @version $Id$ */ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { - //~ Constructors =================================================================================================== - - public BasicAclEntryAfterInvocationProviderTests() { - super(); - } - - public BasicAclEntryAfterInvocationProviderTests(String arg0) { - super(arg0); - } //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(BasicAclEntryAfterInvocationProviderTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } - public void testCorrectOperationWhenPrincipalHasIncorrectPermissionToDomainObject() throws Exception { // Create an AclManager, granting scott only ADMINISTRATION rights AclManager aclManager = new MockAclManager("belmont", "scott", - new AclEntry[] { - new SimpleAclEntry("scott", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION) + new AclEntry[]{ + new SimpleAclEntry("scott", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION) }); BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider(); @@ -73,8 +54,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ"); try { provider.decide(auth, new SimpleMethodInvocation(), attr, "belmont"); @@ -88,11 +68,11 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { throws Exception { // Create an AclManager AclManager aclManager = new MockAclManager("belmont", "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider(); @@ -101,8 +81,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("scott", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ"); try { provider.decide(auth, new SimpleMethodInvocation(), attr, "belmont"); @@ -116,11 +95,11 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { throws Exception { // Create an AclManager AclManager aclManager = new MockAclManager("belmont", "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider(); @@ -130,8 +109,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ"); // Filter assertEquals("belmont", provider.decide(auth, new SimpleMethodInvocation(), attr, "belmont")); @@ -141,11 +119,11 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { throws Exception { // Create an AclManager AclManager aclManager = new MockAclManager("belmont", "rod", - new AclEntry[] { - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE), - new MockAclEntry() + new AclEntry[]{ + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE), + new MockAclEntry() }); BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider(); @@ -154,8 +132,7 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ"); // Filter assertNull(provider.decide(auth, new SimpleMethodInvocation(), attr, null)); @@ -165,9 +142,9 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { throws Exception { // Create an AclManager AclManager aclManager = new MockAclManager("sydney", "rod", - new AclEntry[] { - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new MockAclEntry() + new AclEntry[]{ + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new MockAclEntry() }); BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider(); @@ -179,14 +156,13 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ"); // As no matching config attrib, ensure provider returns original obj assertEquals("sydney", provider.decide(auth, new SimpleMethodInvocation(), attr, "sydney")); // Filter, this time with the conf attrib provider setup to answer - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_ADMIN")); + attr = new ConfigAttributeDefinition("AFTER_ACL_ADMIN"); assertEquals("sydney", provider.decide(auth, new SimpleMethodInvocation(), attr, "sydney")); } @@ -194,22 +170,21 @@ public class BasicAclEntryAfterInvocationProviderTests extends TestCase { throws Exception { // Create an AclManager AclManager aclManager = new MockAclManager("sydney", "rod", - new AclEntry[] { - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new MockAclEntry() + new AclEntry[]{ + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new MockAclEntry() }); BasicAclEntryAfterInvocationProvider provider = new BasicAclEntryAfterInvocationProvider(); provider.setAclManager(aclManager); assertEquals(SimpleAclEntry.READ, provider.getRequirePermission()[0]); - provider.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION}); + provider.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION}); assertEquals(SimpleAclEntry.ADMINISTRATION, provider.getRequirePermission()[0]); provider.afterPropertiesSet(); // Create the Authentication and Config Attribs we'll be presenting UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("rod", "NOT_USED"); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("AFTER_ACL_READ")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("AFTER_ACL_READ"); // Filter assertEquals("sydney", provider.decide(auth, new SimpleMethodInvocation(), attr, "sydney")); diff --git a/core/src/test/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplateTests.java b/core/src/test/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplateTests.java index 6657b5690e..af7e752d34 100644 --- a/core/src/test/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplateTests.java +++ b/core/src/test/java/org/springframework/security/captcha/CaptchaChannelProcessorTemplateTests.java @@ -68,8 +68,7 @@ public class CaptchaChannelProcessorTemplateTests extends TestCase { CaptchaChannelProcessorTemplate processor = new TestHumanityCaptchaChannelProcessor(); processor.setKeyword("X"); - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("Y")); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition("Y"); CaptchaSecurityContext context = new CaptchaSecurityContextImpl(); SecurityContextHolder.setContext(context); @@ -135,9 +134,7 @@ public class CaptchaChannelProcessorTemplateTests extends TestCase { CaptchaChannelProcessorTemplate processor = new TestHumanityCaptchaChannelProcessor(); processor.setKeyword("X"); - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("X")); - + ConfigAttributeDefinition cad = new ConfigAttributeDefinition("X"); CaptchaSecurityContext context = new CaptchaSecurityContextImpl(); SecurityContextHolder.setContext(context); diff --git a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java index 7b8ff04c32..91dc3bf58d 100644 --- a/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java +++ b/core/src/test/java/org/springframework/security/config/HttpSecurityBeanDefinitionParserTests.java @@ -133,13 +133,13 @@ public class HttpSecurityBeanDefinitionParserTests { FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR); FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource(); - ConfigAttributeDefinition attrs = fids.getAttributes(createFilterinvocation("/Secure", null)); - assertEquals(2, attrs.size()); - assertTrue(attrs.contains(new SecurityConfig("ROLE_A"))); - assertTrue(attrs.contains(new SecurityConfig("ROLE_B"))); - attrs = fids.getAttributes(createFilterinvocation("/secure", null)); - assertEquals(1, attrs.size()); - assertTrue(attrs.contains(new SecurityConfig("ROLE_C"))); + ConfigAttributeDefinition attrDef = fids.getAttributes(createFilterinvocation("/Secure", null)); + assertEquals(2, attrDef.getConfigAttributes().size()); + assertTrue(attrDef.contains(new SecurityConfig("ROLE_A"))); + assertTrue(attrDef.contains(new SecurityConfig("ROLE_B"))); + attrDef = fids.getAttributes(createFilterinvocation("/secure", null)); + assertEquals(1, attrDef.getConfigAttributes().size()); + assertTrue(attrDef.contains(new SecurityConfig("ROLE_C"))); } @Test @@ -154,7 +154,7 @@ public class HttpSecurityBeanDefinitionParserTests { FilterSecurityInterceptor fis = (FilterSecurityInterceptor) appContext.getBean(BeanIds.FILTER_SECURITY_INTERCEPTOR); FilterInvocationDefinitionSource fids = fis.getObjectDefinitionSource(); ConfigAttributeDefinition attrs = fids.getAttributes(createFilterinvocation("/secure", "POST")); - assertEquals(2, attrs.size()); + assertEquals(2, attrs.getConfigAttributes().size()); assertTrue(attrs.contains(new SecurityConfig("ROLE_A"))); assertTrue(attrs.contains(new SecurityConfig("ROLE_B"))); } diff --git a/core/src/test/java/org/springframework/security/event/authorization/AuthenticationCredentialsNotFoundEventTests.java b/core/src/test/java/org/springframework/security/event/authorization/AuthenticationCredentialsNotFoundEventTests.java index 4215b040ed..1df300ef55 100644 --- a/core/src/test/java/org/springframework/security/event/authorization/AuthenticationCredentialsNotFoundEventTests.java +++ b/core/src/test/java/org/springframework/security/event/authorization/AuthenticationCredentialsNotFoundEventTests.java @@ -42,13 +42,9 @@ public class AuthenticationCredentialsNotFoundEventTests extends TestCase { //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(AuthenticationCredentialsNotFoundEventTests.class); - } - public void testRejectsNulls() { try { - new AuthenticationCredentialsNotFoundEvent(null, new ConfigAttributeDefinition(), + new AuthenticationCredentialsNotFoundEvent(null, new ConfigAttributeDefinition(new String[] {}), new AuthenticationCredentialsNotFoundException("test")); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { @@ -64,7 +60,7 @@ public class AuthenticationCredentialsNotFoundEventTests extends TestCase { } try { - new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(), + new AuthenticationCredentialsNotFoundEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(new String[] {}), null); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { diff --git a/core/src/test/java/org/springframework/security/event/authorization/AuthorizationFailureEventTests.java b/core/src/test/java/org/springframework/security/event/authorization/AuthorizationFailureEventTests.java index 0123502755..1e659a05fe 100644 --- a/core/src/test/java/org/springframework/security/event/authorization/AuthorizationFailureEventTests.java +++ b/core/src/test/java/org/springframework/security/event/authorization/AuthorizationFailureEventTests.java @@ -52,7 +52,7 @@ public class AuthorizationFailureEventTests extends TestCase { public void testRejectsNulls() { try { - new AuthorizationFailureEvent(null, new ConfigAttributeDefinition(), + new AuthorizationFailureEvent(null, ConfigAttributeDefinition.NO_ATTRIBUTES, new UsernamePasswordAuthenticationToken("foo", "bar"), new AccessDeniedException("error")); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { @@ -68,7 +68,7 @@ public class AuthorizationFailureEventTests extends TestCase { } try { - new AuthorizationFailureEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(), null, + new AuthorizationFailureEvent(new SimpleMethodInvocation(), ConfigAttributeDefinition.NO_ATTRIBUTES, null, new AccessDeniedException("error")); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { @@ -76,7 +76,7 @@ public class AuthorizationFailureEventTests extends TestCase { } try { - new AuthorizationFailureEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(), + new AuthorizationFailureEvent(new SimpleMethodInvocation(), ConfigAttributeDefinition.NO_ATTRIBUTES, new UsernamePasswordAuthenticationToken("foo", "bar"), null); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { diff --git a/core/src/test/java/org/springframework/security/event/authorization/AuthorizedEventTests.java b/core/src/test/java/org/springframework/security/event/authorization/AuthorizedEventTests.java index ea8e6a60bb..b52fd58571 100644 --- a/core/src/test/java/org/springframework/security/event/authorization/AuthorizedEventTests.java +++ b/core/src/test/java/org/springframework/security/event/authorization/AuthorizedEventTests.java @@ -43,13 +43,9 @@ public class AuthorizedEventTests extends TestCase { //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(AuthorizedEventTests.class); - } - public void testRejectsNulls() { try { - new AuthorizedEvent(null, new ConfigAttributeDefinition(), + new AuthorizedEvent(null, ConfigAttributeDefinition.NO_ATTRIBUTES, new UsernamePasswordAuthenticationToken("foo", "bar")); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { @@ -65,7 +61,7 @@ public class AuthorizedEventTests extends TestCase { } try { - new AuthorizedEvent(new SimpleMethodInvocation(), new ConfigAttributeDefinition(), null); + new AuthorizedEvent(new SimpleMethodInvocation(), ConfigAttributeDefinition.NO_ATTRIBUTES, null); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { assertTrue(true); diff --git a/core/src/test/java/org/springframework/security/intercept/InterceptorStatusTokenTests.java b/core/src/test/java/org/springframework/security/intercept/InterceptorStatusTokenTests.java index 134d723351..7bb08c9e82 100644 --- a/core/src/test/java/org/springframework/security/intercept/InterceptorStatusTokenTests.java +++ b/core/src/test/java/org/springframework/security/intercept/InterceptorStatusTokenTests.java @@ -46,10 +46,6 @@ public class InterceptorStatusTokenTests extends TestCase { //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(InterceptorStatusTokenTests.class); - } - public void testNoArgConstructorDoesntExist() { Class clazz = InterceptorStatusToken.class; @@ -62,9 +58,7 @@ public class InterceptorStatusTokenTests extends TestCase { } public void testOperation() { - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO")); - + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO"); MethodInvocation mi = new SimpleMethodInvocation(); InterceptorStatusToken token = new InterceptorStatusToken(new UsernamePasswordAuthenticationToken("rod", diff --git a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionAttributesTests.java b/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionAttributesTests.java index e8c91db1e9..fabc913315 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionAttributesTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionAttributesTests.java @@ -71,7 +71,8 @@ public class MethodDefinitionAttributesTests extends TestCase { } private ConfigAttributeDefinition getConfigAttributeDefinition(Class clazz, String methodName, Class[] args) - throws Exception { + throws Exception { + final Method method = clazz.getMethod(methodName, args); MethodDefinitionAttributes source = new MethodDefinitionAttributes(); source.setAttributes(new MockAttributes()); @@ -96,8 +97,7 @@ public class MethodDefinitionAttributesTests extends TestCase { super.setUp(); } - public void testAttributesForInterfaceTargetObject() - throws Exception { + public void testAttributesForInterfaceTargetObject() throws Exception { ConfigAttributeDefinition def1 = getConfigAttributeDefinition(ITargetObject.class, "countLength", new Class[] {String.class}); Set set1 = toSet(def1); @@ -190,8 +190,7 @@ public class MethodDefinitionAttributesTests extends TestCase { assertEquals("HELLO org.springframework.security.MockRunAsAuthenticationToken true", result); } - public void testMethodCallWithoutRunAsReplacement() - throws Exception { + public void testMethodCallWithoutRunAsReplacement() throws Exception { UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken("Test", "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("MOCK_INTERFACE_METHOD_MAKE_LOWER_CASE")}); SecurityContextHolder.getContext().setAuthentication(token); @@ -219,7 +218,7 @@ public class MethodDefinitionAttributesTests extends TestCase { */ private Set toSet(ConfigAttributeDefinition def) { Set set = new HashSet(); - Iterator i = def.getConfigAttributes(); + Iterator i = def.getConfigAttributes().iterator(); while (i.hasNext()) { ConfigAttribute a = (ConfigAttribute) i.next(); diff --git a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java b/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java index 076482f740..6f19a29a8b 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MethodDefinitionSourceEditorTests.java @@ -64,10 +64,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returnedCountLength = map.getAttributes(joinPoint); - ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition(); - expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_ONE")); - expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_TWO")); - expectedCountLength.addConfigAttribute(new SecurityConfig("RUN_AS_ENTRY")); + ConfigAttributeDefinition expectedCountLength = + new ConfigAttributeDefinition(new String[] {"ROLE_ONE", "ROLE_TWO", "RUN_AS_ENTRY"}); assertEquals(expectedCountLength, returnedCountLength); } @@ -115,15 +113,13 @@ public class MethodDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(TargetObject.class, "makeLowerCase", new Class[] {String.class})); - ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition(); - expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE")); + ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_FROM_INTERFACE"); assertEquals(expectedMakeLower, returnedMakeLower); ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation(TargetObject.class, "makeUpperCase", new Class[] {String.class})); - ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(); - expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_IMPLEMENTATION")); - expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_FROM_INTERFACE")); + ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition( + new String[]{"ROLE_FROM_IMPLEMENTATION","ROLE_FROM_INTERFACE"}); assertEquals(expectedMakeUpper, returnedMakeUpper); } @@ -171,20 +167,17 @@ public class MethodDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returnedMakeLower = map.getAttributes(new MockMethodInvocation(TargetObject.class, "makeLowerCase", new Class[] {String.class})); - ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition(); - expectedMakeLower.addConfigAttribute(new SecurityConfig("ROLE_LOWER")); + ConfigAttributeDefinition expectedMakeLower = new ConfigAttributeDefinition("ROLE_LOWER"); assertEquals(expectedMakeLower, returnedMakeLower); ConfigAttributeDefinition returnedMakeUpper = map.getAttributes(new MockMethodInvocation(TargetObject.class, "makeUpperCase", new Class[] {String.class})); - ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition(); - expectedMakeUpper.addConfigAttribute(new SecurityConfig("ROLE_UPPER")); + ConfigAttributeDefinition expectedMakeUpper = new ConfigAttributeDefinition("ROLE_UPPER"); assertEquals(expectedMakeUpper, returnedMakeUpper); ConfigAttributeDefinition returnedCountLength = map.getAttributes(new MockMethodInvocation(TargetObject.class, "countLength", new Class[] {String.class})); - ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition(); - expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_GENERAL")); + ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition("ROLE_GENERAL"); assertEquals(expectedCountLength, returnedCountLength); } @@ -215,10 +208,8 @@ public class MethodDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returnedCountLength = map.getAttributes(new MockMethodInvocation(TargetObject.class, "countLength", new Class[] {String.class})); - ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition(); - expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_ONE")); - expectedCountLength.addConfigAttribute(new SecurityConfig("ROLE_TWO")); - expectedCountLength.addConfigAttribute(new SecurityConfig("RUN_AS_ENTRY")); + ConfigAttributeDefinition expectedCountLength = new ConfigAttributeDefinition( + new String[] {"ROLE_ONE", "ROLE_TWO", "RUN_AS_ENTRY"}); assertEquals(expectedCountLength, returnedCountLength); } diff --git a/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java b/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java index e7c75cf308..31733dc4d4 100644 --- a/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java +++ b/core/src/test/java/org/springframework/security/intercept/method/MockMethodDefinitionSource.java @@ -26,7 +26,6 @@ import java.util.Vector; /** - * DOCUMENT ME! * * @author Ben Alex * @version $Id$ @@ -43,34 +42,23 @@ public class MockMethodDefinitionSource extends AbstractMethodDefinitionSource { returnAnIterator = returnAnIteratorWhenRequested; list = new Vector(); - ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(); - def1.addConfigAttribute(new SecurityConfig("MOCK_LOWER")); + ConfigAttributeDefinition def1 = new ConfigAttributeDefinition("MOCK_LOWER"); list.add(def1); if (includeInvalidAttributes) { - ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(); - def2.addConfigAttribute(new SecurityConfig("MOCK_LOWER")); - def2.addConfigAttribute(new SecurityConfig("INVALID_ATTRIBUTE")); + ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {"MOCK_LOWER","INVALID_ATTRIBUTE"}); list.add(def2); } - ConfigAttributeDefinition def3 = new ConfigAttributeDefinition(); - def3.addConfigAttribute(new SecurityConfig("MOCK_UPPER")); - def3.addConfigAttribute(new SecurityConfig("RUN_AS_")); + ConfigAttributeDefinition def3 = new ConfigAttributeDefinition(new String[] {"MOCK_UPPER", "RUN_AS_"}); list.add(def3); if (includeInvalidAttributes) { - ConfigAttributeDefinition def4 = new ConfigAttributeDefinition(); - def4.addConfigAttribute(new SecurityConfig("MOCK_SOMETHING")); - def4.addConfigAttribute(new SecurityConfig("ANOTHER_INVALID")); + ConfigAttributeDefinition def4 = new ConfigAttributeDefinition(new String[] {"MOCK_SOMETHING", "ANOTHER_INVALID"}); list.add(def4); } } - private MockMethodDefinitionSource() { - super(); - } - //~ Methods ======================================================================================================== public Iterator getConfigAttributeDefinitions() { diff --git a/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java b/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java index f7d8cd5539..294b715782 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/DefaultFilterInvocationDefinitionSourceTests.java @@ -52,8 +52,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { @Test public void lookupNotRequiringExactMatchSuccessIfNotMatching() { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/secure/super/**", def); FilterInvocation fi = createFilterInvocation("/SeCuRE/super/somefile.html", null); @@ -67,8 +66,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { */ @Test public void lookupNotRequiringExactMatchSucceedsIfSecureUrlPathContainsUpperCase() { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/SeCuRE/super/**", def); FilterInvocation fi = createFilterInvocation("/secure/super/somefile.html", null); @@ -81,8 +79,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { @Test public void lookupRequiringExactMatchFailsIfNotMatching() { map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false)); - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/secure/super/**", def); FilterInvocation fi = createFilterInvocation("/SeCuRE/super/somefile.html", null); @@ -94,8 +91,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { @Test public void lookupRequiringExactMatchIsSuccessful() { map = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher(false)); - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/SeCurE/super/**", def); FilterInvocation fi = createFilterInvocation("/SeCurE/super/somefile.html", null); @@ -106,8 +102,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { @Test public void lookupRequiringExactMatchWithAdditionalSlashesIsSuccessful() { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/someAdminPage.html**", def); FilterInvocation fi = createFilterInvocation("/someAdminPage.html?a=/test", null); @@ -118,15 +113,13 @@ public class DefaultFilterInvocationDefinitionSourceTests { @Test(expected = IllegalArgumentException.class) public void unknownHttpMethodIsRejected() { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/someAdminPage.html**", "UNKNOWN", def); } @Test public void httpMethodLookupSucceeds() { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/somepage**", "GET", def); FilterInvocation fi = createFilterInvocation("/somepage", "GET"); @@ -136,8 +129,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { @Test public void requestWithDifferentHttpMethodDoesntMatch() { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/somepage**", "GET", def); FilterInvocation fi = createFilterInvocation("/somepage", null); @@ -147,15 +139,11 @@ public class DefaultFilterInvocationDefinitionSourceTests { @Test public void httpMethodSpecificUrlTakesPrecedence() { - - // Even though this is added before the method-specific def, the latter should match - ConfigAttributeDefinition allMethodDef = new ConfigAttributeDefinition(); - allMethodDef.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition allMethodDef = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/**", null, allMethodDef); - ConfigAttributeDefinition postOnlyDef = new ConfigAttributeDefinition(); - postOnlyDef.addConfigAttribute(new SecurityConfig("ROLE_TWO")); + ConfigAttributeDefinition postOnlyDef = new ConfigAttributeDefinition("ROLE_TWO"); map.addSecureUrl("/somepage**", "POST", postOnlyDef); FilterInvocation fi = createFilterInvocation("/somepage", "POST"); @@ -168,8 +156,7 @@ public class DefaultFilterInvocationDefinitionSourceTests { */ @Test public void extraQuestionMarkStillMatches() { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("ROLE_ONE")); + ConfigAttributeDefinition def = new ConfigAttributeDefinition("ROLE_ONE"); map.addSecureUrl("/someAdminPage.html*", def); FilterInvocation fi = createFilterInvocation("/someAdminPage.html?x=2/aa?y=3", null); diff --git a/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java b/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java index 9abe39457c..3ceea68ce4 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/FilterInvocationDefinitionSourceEditorTests.java @@ -201,9 +201,8 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, new MockHttpServletResponse(), new MockFilterChain())); - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE")); - expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE")); + ConfigAttributeDefinition expected = new ConfigAttributeDefinition( + new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"}); assertEquals(expected, returned); } @@ -220,10 +219,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, new MockHttpServletResponse(), new MockFilterChain())); - - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_SUPERVISOR")); - expected.addConfigAttribute(new SecurityConfig("ROLE_TELLER")); + ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_SUPERVISOR", "ROLE_TELLER"}); assertEquals(expected, returned); } @@ -239,10 +235,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, new MockHttpServletResponse(), new MockFilterChain())); - - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE")); - expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE")); + ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"}); assertEquals(expected, returned); } @@ -258,10 +251,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, new MockHttpServletResponse(), new MockFilterChain())); - - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE")); - expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE")); + ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"}); assertEquals(expected, returned); } @@ -305,10 +295,7 @@ public class FilterInvocationDefinitionSourceEditorTests extends TestCase { ConfigAttributeDefinition returned = map.getAttributes(new FilterInvocation(httpRequest, new MockHttpServletResponse(), new MockFilterChain())); - - ConfigAttributeDefinition expected = new ConfigAttributeDefinition(); - expected.addConfigAttribute(new SecurityConfig("ROLE_WE_DONT_HAVE")); - expected.addConfigAttribute(new SecurityConfig("ANOTHER_ROLE")); + ConfigAttributeDefinition expected = new ConfigAttributeDefinition(new String[] {"ROLE_WE_DONT_HAVE", "ANOTHER_ROLE"}); assertEquals(expected, returned); } diff --git a/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java b/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java index 591df7b61c..8ba32db8f1 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java +++ b/core/src/test/java/org/springframework/security/intercept/web/FilterSecurityInterceptorTests.java @@ -42,6 +42,7 @@ import java.io.IOException; import java.util.ArrayList; import java.util.Iterator; import java.util.List; +import java.util.LinkedHashMap; import javax.servlet.FilterChain; import javax.servlet.ServletException; @@ -147,9 +148,7 @@ public class FilterSecurityInterceptorTests extends TestCase { interceptor.setApplicationEventPublisher(MockApplicationContext.getContext()); // Setup a mock config attribute definition - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("MOCK_OK")); - + ConfigAttributeDefinition def = new ConfigAttributeDefinition("MOCK_OK"); MockFilterInvocationDefinitionMap mockSource = new MockFilterInvocationDefinitionMap("/secure/page.html", def); interceptor.setObjectDefinitionSource(mockSource); @@ -202,9 +201,7 @@ public class FilterSecurityInterceptorTests extends TestCase { interceptor.setApplicationEventPublisher(MockApplicationContext.getContext()); // Setup a mock config attribute definition - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("MOCK_OK")); - + ConfigAttributeDefinition def = new ConfigAttributeDefinition("MOCK_OK"); MockFilterInvocationDefinitionMap mockSource = new MockFilterInvocationDefinitionMap("/secure/page.html", def); interceptor.setObjectDefinitionSource(mockSource); @@ -227,19 +224,12 @@ public class FilterSecurityInterceptorTests extends TestCase { } public void testNotLoadedFromApplicationContext() throws Exception { - FilterInvocationDefinitionSourceMapping mapping = new FilterInvocationDefinitionSourceMapping(); - mapping.setUrl("/secure/**"); - mapping.addConfigAttribute("ROLE_USER"); - - List mappings = new ArrayList(1); - mappings.add(mapping); - - DefaultFilterInvocationDefinitionSource filterInvocationDefinitionSource + DefaultFilterInvocationDefinitionSource fids = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher()); - filterInvocationDefinitionSource.setMappings(mappings); + fids.addSecureUrl("/secure/**", null, new ConfigAttributeDefinition(new String[] {"ROLE_USER"})); FilterSecurityInterceptor filter = new FilterSecurityInterceptor(); - filter.setObjectDefinitionSource(filterInvocationDefinitionSource); + filter.setObjectDefinitionSource(fids); MockFilterChain filterChain = new MockFilterChain(); filterChain.expectToProceed = true; diff --git a/core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinitionSource.java b/core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinitionSource.java index 22c25b6b8b..ceecd8e9a7 100644 --- a/core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinitionSource.java +++ b/core/src/test/java/org/springframework/security/intercept/web/MockFilterInvocationDefinitionSource.java @@ -43,26 +43,19 @@ public class MockFilterInvocationDefinitionSource extends DefaultFilterInvocatio returnAnIterator = returnAnIteratorWhenRequested; list = new Vector(); - ConfigAttributeDefinition def1 = new ConfigAttributeDefinition(); - def1.addConfigAttribute(new SecurityConfig("MOCK_LOWER")); + ConfigAttributeDefinition def1 = new ConfigAttributeDefinition("MOCK_LOWER"); list.add(def1); if (includeInvalidAttributes) { - ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(); - def2.addConfigAttribute(new SecurityConfig("MOCK_LOWER")); - def2.addConfigAttribute(new SecurityConfig("INVALID_ATTRIBUTE")); + ConfigAttributeDefinition def2 = new ConfigAttributeDefinition(new String[] {"MOCK_LOWER", "INVALID_ATTRIBUTE"}); list.add(def2); } - ConfigAttributeDefinition def3 = new ConfigAttributeDefinition(); - def3.addConfigAttribute(new SecurityConfig("MOCK_UPPER")); - def3.addConfigAttribute(new SecurityConfig("RUN_AS")); + ConfigAttributeDefinition def3 = new ConfigAttributeDefinition(new String[] {"MOCK_UPPER","RUN_AS"}); list.add(def3); if (includeInvalidAttributes) { - ConfigAttributeDefinition def4 = new ConfigAttributeDefinition(); - def4.addConfigAttribute(new SecurityConfig("MOCK_SOMETHING")); - def4.addConfigAttribute(new SecurityConfig("ANOTHER_INVALID")); + ConfigAttributeDefinition def4 = new ConfigAttributeDefinition(new String[] {"MOCK_SOMETHING","ANOTHER_INVALID"}); list.add(def4); } } diff --git a/core/src/test/java/org/springframework/security/runas/RunAsManagerImplTests.java b/core/src/test/java/org/springframework/security/runas/RunAsManagerImplTests.java index b395dbfe31..819b427e6b 100644 --- a/core/src/test/java/org/springframework/security/runas/RunAsManagerImplTests.java +++ b/core/src/test/java/org/springframework/security/runas/RunAsManagerImplTests.java @@ -61,9 +61,7 @@ public class RunAsManagerImplTests extends TestCase { public void testDoesNotReturnAdditionalAuthoritiesIfCalledWithoutARunAsSetting() throws Exception { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("SOMETHING_WE_IGNORE")); - + ConfigAttributeDefinition def = new ConfigAttributeDefinition("SOMETHING_WE_IGNORE"); UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken("Test", "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}); @@ -75,9 +73,7 @@ public class RunAsManagerImplTests extends TestCase { } public void testRespectsRolePrefix() throws Exception { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("RUN_AS_SOMETHING")); - + ConfigAttributeDefinition def = new ConfigAttributeDefinition("RUN_AS_SOMETHING"); UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken("Test", "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ONE"), new GrantedAuthorityImpl("TWO")}); @@ -101,11 +97,8 @@ public class RunAsManagerImplTests extends TestCase { assertEquals("my_password".hashCode(), resultCast.getKeyHash()); } - public void testReturnsAdditionalGrantedAuthorities() - throws Exception { - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig("RUN_AS_SOMETHING")); - + public void testReturnsAdditionalGrantedAuthorities() throws Exception { + ConfigAttributeDefinition def = new ConfigAttributeDefinition("RUN_AS_SOMETHING"); UsernamePasswordAuthenticationToken inputToken = new UsernamePasswordAuthenticationToken("Test", "Password", new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}); diff --git a/core/src/test/java/org/springframework/security/securechannel/ChannelDecisionManagerImplTests.java b/core/src/test/java/org/springframework/security/securechannel/ChannelDecisionManagerImplTests.java index b4c5383b13..7d556bb027 100644 --- a/core/src/test/java/org/springframework/security/securechannel/ChannelDecisionManagerImplTests.java +++ b/core/src/test/java/org/springframework/security/securechannel/ChannelDecisionManagerImplTests.java @@ -95,8 +95,7 @@ public class ChannelDecisionManagerImplTests extends TestCase { MockFilterChain chain = new MockFilterChain(); FilterInvocation fi = new FilterInvocation(request, response, chain); - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("xyz")); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition("xyz"); cdm.decide(fi, cad); assertTrue(fi.getResponse().isCommitted()); @@ -115,9 +114,7 @@ public class ChannelDecisionManagerImplTests extends TestCase { MockFilterChain chain = new MockFilterChain(); FilterInvocation fi = new FilterInvocation(request, response, chain); - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("abc")); - cad.addConfigAttribute(new SecurityConfig("ANY_CHANNEL")); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"abc", "ANY_CHANNEL"}); cdm.decide(fi, cad); assertFalse(fi.getResponse().isCommitted()); @@ -138,8 +135,7 @@ public class ChannelDecisionManagerImplTests extends TestCase { MockFilterChain chain = new MockFilterChain(); FilterInvocation fi = new FilterInvocation(request, response, chain); - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("SOME_ATTRIBUTE_NO_PROCESSORS_SUPPORT")); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition("SOME_ATTRIBUTE_NO_PROCESSORS_SUPPORT"); cdm.decide(fi, cad); assertFalse(fi.getResponse().isCommitted()); @@ -198,7 +194,7 @@ public class ChannelDecisionManagerImplTests extends TestCase { public void decide(FilterInvocation invocation, ConfigAttributeDefinition config) throws IOException, ServletException { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); if (failIfCalled) { fail("Should not have called this channel processor: " + configAttribute); diff --git a/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java b/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java index 102af9fcfe..2e240d20c6 100644 --- a/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java +++ b/core/src/test/java/org/springframework/security/securechannel/ChannelProcessingFilterTests.java @@ -52,9 +52,7 @@ public class ChannelProcessingFilterTests extends TestCase { throws Exception { ChannelProcessingFilter filter = new ChannelProcessingFilter(); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("MOCK")); - + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("MOCK"); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true); filter.setFilterInvocationDefinitionSource(fids); @@ -83,8 +81,7 @@ public class ChannelProcessingFilterTests extends TestCase { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY")); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("SUPPORTS_MOCK_ONLY")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("SUPPORTS_MOCK_ONLY"); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true); @@ -99,10 +96,7 @@ public class ChannelProcessingFilterTests extends TestCase { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SUPPORTS_MOCK_ONLY")); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("SUPPORTS_MOCK_ONLY")); - attr.addConfigAttribute(new SecurityConfig("INVALID_ATTRIBUTE")); - + ConfigAttributeDefinition attr = new ConfigAttributeDefinition(new String[] {"SUPPORTS_MOCK_ONLY", "INVALID_ATTRIBUTE"}); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true); filter.setFilterInvocationDefinitionSource(fids); @@ -120,8 +114,7 @@ public class ChannelProcessingFilterTests extends TestCase { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(true, "SOME_ATTRIBUTE")); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("SOME_ATTRIBUTE")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("SOME_ATTRIBUTE"); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true); @@ -143,8 +136,7 @@ public class ChannelProcessingFilterTests extends TestCase { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "SOME_ATTRIBUTE")); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("SOME_ATTRIBUTE")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("SOME_ATTRIBUTE"); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true); @@ -166,8 +158,7 @@ public class ChannelProcessingFilterTests extends TestCase { ChannelProcessingFilter filter = new ChannelProcessingFilter(); filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "NOT_USED")); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("NOT_USED")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("NOT_USED"); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, true); @@ -211,8 +202,7 @@ public class ChannelProcessingFilterTests extends TestCase { filter.setChannelDecisionManager(new MockChannelDecisionManager(false, "MOCK")); assertTrue(filter.getChannelDecisionManager() != null); - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("MOCK")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("MOCK"); MockFilterInvocationDefinitionMap fids = new MockFilterInvocationDefinitionMap("/path", attr, false); diff --git a/core/src/test/java/org/springframework/security/securechannel/InsecureChannelProcessorTests.java b/core/src/test/java/org/springframework/security/securechannel/InsecureChannelProcessorTests.java index db8855038c..123a211fbe 100644 --- a/core/src/test/java/org/springframework/security/securechannel/InsecureChannelProcessorTests.java +++ b/core/src/test/java/org/springframework/security/securechannel/InsecureChannelProcessorTests.java @@ -45,9 +45,7 @@ public class InsecureChannelProcessorTests extends TestCase { } public void testDecideDetectsAcceptableChannel() throws Exception { - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE")); - cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL")); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_INSECURE_CHANNEL"}); MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("info=true"); @@ -69,9 +67,7 @@ public class InsecureChannelProcessorTests extends TestCase { public void testDecideDetectsUnacceptableChannel() throws Exception { - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE")); - cad.addConfigAttribute(new SecurityConfig("REQUIRES_INSECURE_CHANNEL")); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_INSECURE_CHANNEL"}); MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("info=true"); diff --git a/core/src/test/java/org/springframework/security/securechannel/SecureChannelProcessorTests.java b/core/src/test/java/org/springframework/security/securechannel/SecureChannelProcessorTests.java index c6a30c1fef..32527306dd 100644 --- a/core/src/test/java/org/springframework/security/securechannel/SecureChannelProcessorTests.java +++ b/core/src/test/java/org/springframework/security/securechannel/SecureChannelProcessorTests.java @@ -36,18 +36,8 @@ import org.springframework.mock.web.MockHttpServletResponse; public class SecureChannelProcessorTests extends TestCase { //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(SecureChannelProcessorTests.class); - } - - public final void setUp() throws Exception { - super.setUp(); - } - public void testDecideDetectsAcceptableChannel() throws Exception { - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE")); - cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL")); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_SECURE_CHANNEL"}); MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("info=true"); @@ -68,11 +58,8 @@ public class SecureChannelProcessorTests extends TestCase { assertFalse(fi.getResponse().isCommitted()); } - public void testDecideDetectsUnacceptableChannel() - throws Exception { - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new SecurityConfig("SOME_IGNORED_ATTRIBUTE")); - cad.addConfigAttribute(new SecurityConfig("REQUIRES_SECURE_CHANNEL")); + public void testDecideDetectsUnacceptableChannel() throws Exception { + ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new String[]{"SOME_IGNORED_ATTRIBUTE", "REQUIRES_SECURE_CHANNEL"}); MockHttpServletRequest request = new MockHttpServletRequest(); request.setQueryString("info=true"); diff --git a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java index 13c3e62134..85709396c0 100644 --- a/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java +++ b/core/src/test/java/org/springframework/security/util/FilterChainProxyTests.java @@ -34,6 +34,8 @@ import org.springframework.security.intercept.web.DefaultFilterInvocationDefinit import org.springframework.security.ui.webapp.AuthenticationProcessingFilter; import java.util.List; +import java.util.ArrayList; +import java.util.Arrays; /** * Tests {@link FilterChainProxy}. @@ -69,8 +71,6 @@ public class FilterChainProxyTests { filterChainProxy.afterPropertiesSet(); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { - assertEquals("FilterChainProxy requires the FilterInvocationDefinitionSource to return a non-null response to getConfigAttributeDefinitions()", - expected.getMessage()); } } @@ -79,8 +79,7 @@ public class FilterChainProxyTests { FilterChainProxy filterChainProxy = new FilterChainProxy(); filterChainProxy.setApplicationContext(MockApplicationContext.getContext()); - ConfigAttributeDefinition cad = new ConfigAttributeDefinition(); - cad.addConfigAttribute(new MockConfigAttribute()); + ConfigAttributeDefinition cad = new ConfigAttributeDefinition(new MockConfigAttribute()); DefaultFilterInvocationDefinitionSource fids = new DefaultFilterInvocationDefinitionSource(new AntUrlPathMatcher()); @@ -93,8 +92,6 @@ public class FilterChainProxyTests { filterChainProxy.init(new MockFilterConfig()); fail("Should have thrown IllegalArgumentException"); } catch (IllegalArgumentException expected) { - assertTrue(expected.getMessage() - .endsWith("returned null to the getAttribute() method, which is invalid when used with FilterChainProxy")); } } diff --git a/core/src/test/java/org/springframework/security/vote/AffirmativeBasedTests.java b/core/src/test/java/org/springframework/security/vote/AffirmativeBasedTests.java index 0549f25377..b17cbb705d 100644 --- a/core/src/test/java/org/springframework/security/vote/AffirmativeBasedTests.java +++ b/core/src/test/java/org/springframework/security/vote/AffirmativeBasedTests.java @@ -80,9 +80,7 @@ public class AffirmativeBasedTests extends TestCase { TestingAuthenticationToken auth = makeTestToken(); AffirmativeBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant - config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"}); mgr.decide(auth, new Object(), config); assertTrue(true); @@ -93,8 +91,7 @@ public class AffirmativeBasedTests extends TestCase { TestingAuthenticationToken auth = makeTestToken(); AffirmativeBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant + ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_2"); mgr.decide(auth, new Object(), config); assertTrue(true); @@ -105,8 +102,7 @@ public class AffirmativeBasedTests extends TestCase { TestingAuthenticationToken auth = makeTestToken(); AffirmativeBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_WE_DO_NOT_HAVE")); // deny + ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_WE_DO_NOT_HAVE"); try { mgr.decide(auth, new Object(), config); @@ -123,8 +119,7 @@ public class AffirmativeBasedTests extends TestCase { assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain + ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL"); try { mgr.decide(auth, new Object(), config); @@ -141,8 +136,7 @@ public class AffirmativeBasedTests extends TestCase { mgr.setAllowIfAllAbstainDecisions(true); assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain + ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL"); mgr.decide(auth, new Object(), config); assertTrue(true); @@ -153,9 +147,7 @@ public class AffirmativeBasedTests extends TestCase { TestingAuthenticationToken auth = makeTestToken(); AffirmativeBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant - config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "ROLE_2"}); mgr.decide(auth, new Object(), config); assertTrue(true); diff --git a/core/src/test/java/org/springframework/security/vote/AuthenticatedVoterTests.java b/core/src/test/java/org/springframework/security/vote/AuthenticatedVoterTests.java index 65719bb1c7..c534ac7420 100644 --- a/core/src/test/java/org/springframework/security/vote/AuthenticatedVoterTests.java +++ b/core/src/test/java/org/springframework/security/vote/AuthenticatedVoterTests.java @@ -72,8 +72,7 @@ public class AuthenticatedVoterTests extends TestCase { public void testAnonymousWorks() { AuthenticatedVoter voter = new AuthenticatedVoter(); - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig(AuthenticatedVoter.IS_AUTHENTICATED_ANONYMOUSLY)); + ConfigAttributeDefinition def = new ConfigAttributeDefinition(AuthenticatedVoter.IS_AUTHENTICATED_ANONYMOUSLY); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createAnonymous(), null, def)); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createRememberMe(), null, def)); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createFullyAuthenticated(), null, def)); @@ -81,8 +80,7 @@ public class AuthenticatedVoterTests extends TestCase { public void testFullyWorks() { AuthenticatedVoter voter = new AuthenticatedVoter(); - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig(AuthenticatedVoter.IS_AUTHENTICATED_FULLY)); + ConfigAttributeDefinition def = new ConfigAttributeDefinition(AuthenticatedVoter.IS_AUTHENTICATED_FULLY); assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(createAnonymous(), null, def)); assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(createRememberMe(), null, def)); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createFullyAuthenticated(), null, def)); @@ -90,8 +88,7 @@ public class AuthenticatedVoterTests extends TestCase { public void testRememberMeWorks() { AuthenticatedVoter voter = new AuthenticatedVoter(); - ConfigAttributeDefinition def = new ConfigAttributeDefinition(); - def.addConfigAttribute(new SecurityConfig(AuthenticatedVoter.IS_AUTHENTICATED_REMEMBERED)); + ConfigAttributeDefinition def = new ConfigAttributeDefinition(AuthenticatedVoter.IS_AUTHENTICATED_REMEMBERED); assertEquals(AccessDecisionVoter.ACCESS_DENIED, voter.vote(createAnonymous(), null, def)); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createRememberMe(), null, def)); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, voter.vote(createFullyAuthenticated(), null, def)); diff --git a/core/src/test/java/org/springframework/security/vote/BasicAclEntryVoterTests.java b/core/src/test/java/org/springframework/security/vote/BasicAclEntryVoterTests.java index 20fd8f3d1c..ff7763cfe1 100644 --- a/core/src/test/java/org/springframework/security/vote/BasicAclEntryVoterTests.java +++ b/core/src/test/java/org/springframework/security/vote/BasicAclEntryVoterTests.java @@ -73,11 +73,11 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject, "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter @@ -86,21 +86,20 @@ public class BasicAclEntryVoterTests extends TestCase { assertEquals(aclManager, voter.getAclManager()); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); assertEquals("FOO_ADMIN_OR_WRITE_ACCESS", voter.getProcessConfigAttribute()); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); assertEquals(2, voter.getRequirePermission().length); voter.setProcessDomainObjectClass(SomeDomainObject.class); assertEquals(SomeDomainObject.class, voter.getProcessDomainObjectClass()); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS"); // Setup a MockMethodInvocation, so voter can retrieve domainObject MethodInvocation mi = getMethodInvocation(domainObject); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, - voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); + voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); } public void testOnlySupportsMethodInvocationAndJoinPoint() { @@ -206,30 +205,29 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject, "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter BasicAclEntryVoter voter = new BasicAclEntryVoter(); voter.setAclManager(aclManager); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); voter.setProcessDomainObjectClass(SomeDomainObject.class); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("A_DIFFERENT_ATTRIBUTE")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("A_DIFFERENT_ATTRIBUTE"); // Setup a MockMethodInvocation, so voter can retrieve domainObject MethodInvocation mi = getMethodInvocation(domainObject); assertEquals(AccessDecisionVoter.ACCESS_ABSTAIN, - voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); + voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); } public void testVoterAbstainsIfNotMatchingConfigAttribute() @@ -239,30 +237,29 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject, "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter BasicAclEntryVoter voter = new BasicAclEntryVoter(); voter.setAclManager(aclManager); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); voter.setProcessDomainObjectClass(SomeDomainObject.class); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS"); // Setup a MockMethodInvocation, so voter can retrieve domainObject MethodInvocation mi = getMethodInvocation(domainObject); assertEquals(AccessDecisionVoter.ACCESS_ABSTAIN, - voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); + voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); } public void testVoterCanDenyAccessBasedOnInternalMethodOfDomainObject() @@ -272,29 +269,28 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter BasicAclEntryVoter voter = new BasicAclEntryVoter(); voter.setAclManager(aclManager); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); voter.setProcessDomainObjectClass(SomeDomainObject.class); voter.setInternalMethod("getParent"); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS"); // Setup a MockMethodInvocation, so voter can retrieve domainObject MethodInvocation mi = getMethodInvocation(domainObject); assertEquals(AccessDecisionVoter.ACCESS_DENIED, - voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); + voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); } public void testVoterCanDenyAccessIfPrincipalHasNoPermissionsAtAllToDomainObject() @@ -304,30 +300,29 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject, "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter BasicAclEntryVoter voter = new BasicAclEntryVoter(); voter.setAclManager(aclManager); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); voter.setProcessDomainObjectClass(SomeDomainObject.class); voter.setInternalMethod("getParent"); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS"); // Setup a MockMethodInvocation, so voter can retrieve domainObject MethodInvocation mi = getMethodInvocation(domainObject); // NB: scott is the principal, not rod assertEquals(AccessDecisionVoter.ACCESS_DENIED, - voter.vote(new UsernamePasswordAuthenticationToken("scott", null), mi, attr)); + voter.vote(new UsernamePasswordAuthenticationToken("scott", null), mi, attr)); } public void testVoterCanGrantAccessBasedOnInternalMethodOfDomainObject() @@ -337,33 +332,32 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter BasicAclEntryVoter voter = new BasicAclEntryVoter(); voter.setAclManager(aclManager); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); voter.setProcessDomainObjectClass(SomeDomainObject.class); voter.setInternalMethod("getParent"); assertEquals("getParent", voter.getInternalMethod()); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS"); // Setup a MockMethodInvocation, so voter can retrieve domainObject // (well actually it will access domainObject.getParent()) MethodInvocation mi = getMethodInvocation(domainObject); assertEquals(AccessDecisionVoter.ACCESS_GRANTED, - voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); + voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr)); } public void testVoterThrowsExceptionIfInvalidInternalMethodOfDomainObject() @@ -373,25 +367,24 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter BasicAclEntryVoter voter = new BasicAclEntryVoter(); voter.setAclManager(aclManager); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); voter.setProcessDomainObjectClass(SomeDomainObject.class); voter.setInternalMethod("getNonExistentParentName"); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS"); // Setup a MockMethodInvocation, so voter can retrieve domainObject // (well actually it will access domainObject.getParent()) @@ -412,30 +405,29 @@ public class BasicAclEntryVoterTests extends TestCase { // Setup an AclManager AclManager aclManager = new MockAclManager(domainObject.getParent(), "rod", - new AclEntry[] { - new MockAclEntry(), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), - new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) + new AclEntry[]{ + new MockAclEntry(), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.READ), + new SimpleAclEntry("rod", new MockAclObjectIdentity(), null, SimpleAclEntry.DELETE) }); // Wire up a voter BasicAclEntryVoter voter = new BasicAclEntryVoter(); voter.setAclManager(aclManager); voter.setProcessConfigAttribute("FOO_ADMIN_OR_WRITE_ACCESS"); - voter.setRequirePermission(new int[] {SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); + voter.setRequirePermission(new int[]{SimpleAclEntry.ADMINISTRATION, SimpleAclEntry.WRITE}); voter.setProcessDomainObjectClass(SomeDomainObject.class); voter.afterPropertiesSet(); // Wire up an invocation to be voted on - ConfigAttributeDefinition attr = new ConfigAttributeDefinition(); - attr.addConfigAttribute(new SecurityConfig("FOO_ADMIN_OR_WRITE_ACCESS")); + ConfigAttributeDefinition attr = new ConfigAttributeDefinition("FOO_ADMIN_OR_WRITE_ACCESS"); // Setup a MockMethodInvocation that doesn't provide SomeDomainObject arg Class clazz = String.class; - Method method = clazz.getMethod("toString", new Class[] {}); + Method method = clazz.getMethod("toString", new Class[]{}); - MethodInvocation mi = new SimpleMethodInvocation(method, new Object[] {domainObject}); + MethodInvocation mi = new SimpleMethodInvocation(method, new Object[]{domainObject}); try { voter.vote(new UsernamePasswordAuthenticationToken("rod", null), mi, attr); diff --git a/core/src/test/java/org/springframework/security/vote/ConsensusBasedTests.java b/core/src/test/java/org/springframework/security/vote/ConsensusBasedTests.java index 044c68bb75..04b9ee57c1 100644 --- a/core/src/test/java/org/springframework/security/vote/ConsensusBasedTests.java +++ b/core/src/test/java/org/springframework/security/vote/ConsensusBasedTests.java @@ -35,36 +35,16 @@ import org.springframework.security.providers.TestingAuthenticationToken; * @version $Id$ */ public class ConsensusBasedTests extends TestCase { - //~ Constructors =========================================================== - - public ConsensusBasedTests() { - super(); - } - - public ConsensusBasedTests(String arg0) { - super(arg0); - } //~ Methods ================================================================ - public final void setUp() throws Exception { - super.setUp(); - } - - public static void main(String[] args) { - junit.textui.TestRunner.run(ConsensusBasedTests.class); - } - - public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccessWithoutDefault() - throws Exception { + public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccessWithoutDefault() throws Exception { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); mgr.setAllowIfEqualGrantedDeniedDecisions(false); assertTrue(!mgr.isAllowIfEqualGrantedDeniedDecisions()); // check changed - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant - config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"}); try { mgr.decide(auth, new Object(), config); @@ -74,40 +54,33 @@ public class ConsensusBasedTests extends TestCase { } } - public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteGrantsAccessWithDefault() - throws Exception { + public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteGrantsAccessWithDefault() throws Exception { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); assertTrue(mgr.isAllowIfEqualGrantedDeniedDecisions()); // check default - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant - config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"}); mgr.decide(auth, new Object(), config); assertTrue(true); } - public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() - throws Exception { + public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant + ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_2"); mgr.decide(auth, new Object(), config); assertTrue(true); } - public void testOneDenyVoteTwoAbstainVotesDeniesAccess() - throws Exception { + public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_WE_DO_NOT_HAVE")); // deny + ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_WE_DO_NOT_HAVE"); try { mgr.decide(auth, new Object(), config); @@ -117,15 +90,13 @@ public class ConsensusBasedTests extends TestCase { } } - public void testThreeAbstainVotesDeniesAccessWithDefault() - throws Exception { + public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain + ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL"); try { mgr.decide(auth, new Object(), config); @@ -135,28 +106,23 @@ public class ConsensusBasedTests extends TestCase { } } - public void testThreeAbstainVotesGrantsAccessWithoutDefault() - throws Exception { + public void testThreeAbstainVotesGrantsAccessWithoutDefault() throws Exception { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); mgr.setAllowIfAllAbstainDecisions(true); assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain + ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL"); mgr.decide(auth, new Object(), config); assertTrue(true); } - public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() - throws Exception { + public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() throws Exception { TestingAuthenticationToken auth = makeTestToken(); ConsensusBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant - config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "ROLE_2"}); mgr.decide(auth, new Object(), config); assertTrue(true); diff --git a/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java b/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java index 3a0b22eda4..f2b9d98362 100644 --- a/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java +++ b/core/src/test/java/org/springframework/security/vote/DenyAgainVoter.java @@ -52,7 +52,7 @@ public class DenyAgainVoter implements AccessDecisionVoter { } public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/test/java/org/springframework/security/vote/DenyVoter.java b/core/src/test/java/org/springframework/security/vote/DenyVoter.java index dd7c1a177e..2dbbfecef6 100644 --- a/core/src/test/java/org/springframework/security/vote/DenyVoter.java +++ b/core/src/test/java/org/springframework/security/vote/DenyVoter.java @@ -46,7 +46,7 @@ public class DenyVoter implements AccessDecisionVoter { } public int vote(Authentication authentication, Object object, ConfigAttributeDefinition config) { - Iterator iter = config.getConfigAttributes(); + Iterator iter = config.getConfigAttributes().iterator(); while (iter.hasNext()) { ConfigAttribute attribute = (ConfigAttribute) iter.next(); diff --git a/core/src/test/java/org/springframework/security/vote/UnanimousBasedTests.java b/core/src/test/java/org/springframework/security/vote/UnanimousBasedTests.java index a4dfaa38c3..b14228babe 100644 --- a/core/src/test/java/org/springframework/security/vote/UnanimousBasedTests.java +++ b/core/src/test/java/org/springframework/security/vote/UnanimousBasedTests.java @@ -36,22 +36,9 @@ import java.util.Vector; * @version $Id$ */ public class UnanimousBasedTests extends TestCase { - //~ Constructors =================================================================================================== - - public UnanimousBasedTests() { - super(); - } - - public UnanimousBasedTests(String arg0) { - super(arg0); - } //~ Methods ======================================================================================================== - public static void main(String[] args) { - junit.textui.TestRunner.run(UnanimousBasedTests.class); - } - private UnanimousBased makeDecisionManager() { UnanimousBased decisionManager = new UnanimousBased(); RoleVoter roleVoter = new RoleVoter(); @@ -96,14 +83,11 @@ public class UnanimousBasedTests extends TestCase { super.setUp(); } - public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess() - throws Exception { + public void testOneAffirmativeVoteOneDenyVoteOneAbstainVoteDeniesAccess() throws Exception { TestingAuthenticationToken auth = makeTestToken(); UnanimousBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant - config.addConfigAttribute(new SecurityConfig("DENY_FOR_SURE")); // deny + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "DENY_FOR_SURE"}); try { mgr.decide(auth, new Object(), config); @@ -113,25 +97,21 @@ public class UnanimousBasedTests extends TestCase { } } - public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() - throws Exception { + public void testOneAffirmativeVoteTwoAbstainVotesGrantsAccess() throws Exception { TestingAuthenticationToken auth = makeTestToken(); UnanimousBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant + ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_2"); mgr.decide(auth, new Object(), config); assertTrue(true); } - public void testOneDenyVoteTwoAbstainVotesDeniesAccess() - throws Exception { + public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception { TestingAuthenticationToken auth = makeTestToken(); UnanimousBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_WE_DO_NOT_HAVE")); // deny + ConfigAttributeDefinition config = new ConfigAttributeDefinition("ROLE_WE_DO_NOT_HAVE"); try { mgr.decide(auth, new Object(), config); @@ -145,23 +125,19 @@ public class UnanimousBasedTests extends TestCase { TestingAuthenticationToken auth = makeTestTokenWithFooBarPrefix(); UnanimousBased mgr = makeDecisionManagerWithFooBarPrefix(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("FOOBAR_1")); // grant - config.addConfigAttribute(new SecurityConfig("FOOBAR_2")); // grant + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"FOOBAR_1", "FOOBAR_2"}); mgr.decide(auth, new Object(), config); assertTrue(true); } - public void testThreeAbstainVotesDeniesAccessWithDefault() - throws Exception { + public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception { TestingAuthenticationToken auth = makeTestToken(); UnanimousBased mgr = makeDecisionManager(); assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain + ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL"); try { mgr.decide(auth, new Object(), config); @@ -171,28 +147,23 @@ public class UnanimousBasedTests extends TestCase { } } - public void testThreeAbstainVotesGrantsAccessWithoutDefault() - throws Exception { + public void testThreeAbstainVotesGrantsAccessWithoutDefault() throws Exception { TestingAuthenticationToken auth = makeTestToken(); UnanimousBased mgr = makeDecisionManager(); mgr.setAllowIfAllAbstainDecisions(true); assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("IGNORED_BY_ALL")); // abstain + ConfigAttributeDefinition config = new ConfigAttributeDefinition("IGNORED_BY_ALL"); mgr.decide(auth, new Object(), config); assertTrue(true); } - public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() - throws Exception { + public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() throws Exception { TestingAuthenticationToken auth = makeTestToken(); UnanimousBased mgr = makeDecisionManager(); - ConfigAttributeDefinition config = new ConfigAttributeDefinition(); - config.addConfigAttribute(new SecurityConfig("ROLE_1")); // grant - config.addConfigAttribute(new SecurityConfig("ROLE_2")); // grant + ConfigAttributeDefinition config = new ConfigAttributeDefinition(new String[]{"ROLE_1", "ROLE_2"}); mgr.decide(auth, new Object(), config); assertTrue(true);