Add AspectJ AuthorizationManager Support

Closes gh-11326
This commit is contained in:
Josh Cummings
2022-07-08 11:37:36 -06:00
parent a5351f3d89
commit 0f58620643
24 changed files with 1223 additions and 13 deletions

View File

@@ -32,6 +32,7 @@ import org.springframework.aop.support.DefaultPointcutAdvisor;
import org.springframework.aop.support.JdkRegexpMethodPointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.AdviceMode;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Role;
@@ -406,6 +407,17 @@ public class PrePostMethodSecurityConfigurationTests {
this.methodSecurityService.preAuthorizeBean(true);
}
@Test
public void configureWhenAspectJThenRegistersAspects() {
this.spring.register(AspectJMethodSecurityServiceConfig.class).autowire();
assertThat(this.spring.getContext().containsBean("preFilterAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("postFilterAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("preAuthorizeAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("postAuthorizeAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("securedAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("annotationSecurityAspect$0")).isFalse();
}
@EnableMethodSecurity
static class MethodSecurityServiceConfig {
@@ -547,4 +559,19 @@ public class PrePostMethodSecurityConfigurationTests {
}
@EnableMethodSecurity(mode = AdviceMode.ASPECTJ, securedEnabled = true)
static class AspectJMethodSecurityServiceConfig {
@Bean
MethodSecurityService methodSecurityService() {
return new MethodSecurityServiceImpl();
}
@Bean
Authz authz() {
return new Authz();
}
}
}

View File

@@ -85,6 +85,17 @@ public class MethodSecurityBeanDefinitionParserTests {
.withMessage("Access Denied");
}
@Test
public void configureWhenAspectJThenRegistersAspects() {
this.spring.configLocations(xml("AspectJMethodSecurityServiceEnabled")).autowire();
assertThat(this.spring.getContext().containsBean("preFilterAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("postFilterAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("preAuthorizeAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("postAuthorizeAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("securedAspect$0")).isTrue();
assertThat(this.spring.getContext().containsBean("annotationSecurityAspect$0")).isFalse();
}
@WithAnonymousUser
@Test
public void preAuthorizePermitAllWhenRoleAnonymousThenPasses() {