Add default AuthorizationManager

Closes gh-11963
This commit is contained in:
Josh Cummings
2022-10-05 21:36:34 -06:00
parent dce1c30522
commit 4ddec07d0e
2 changed files with 40 additions and 2 deletions

View File

@@ -24,6 +24,7 @@ import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.authorization.AuthorityAuthorizationManager;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
@@ -31,6 +32,10 @@ import org.springframework.security.web.util.matcher.RequestMatcherEntry;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
import static org.mockito.ArgumentMatchers.any;
import static org.mockito.BDDMockito.given;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
/**
* Tests for {@link RequestMatcherDelegatingAuthorizationManager}.
@@ -115,6 +120,20 @@ public class RequestMatcherDelegatingAuthorizationManagerTests {
assertThat(unmapped.isGranted()).isFalse();
}
@Test
public void checkWhenNoMatchesThenUsesDefaultAuthorizationManager() {
RequestMatcherDelegatingAuthorizationManager manager = RequestMatcherDelegatingAuthorizationManager.builder()
.add((request) -> false, (authentication, context) -> new AuthorizationDecision(false)).build();
AuthorizationManager<RequestAuthorizationContext> defaultManager = mock(AuthorizationManager.class);
given(defaultManager.check(any(), any())).willReturn(new AuthorizationDecision(true));
manager.setDefaultAuthorizationManager(defaultManager);
Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password");
AuthorizationDecision decision = manager.check(authentication, new MockHttpServletRequest(null, "/endpoint"));
assertThat(decision).isNotNull();
assertThat(decision.isGranted()).isTrue();
verify(defaultManager).check(any(), any());
}
@Test
public void addWhenMappingsConsumerNullThenException() {
assertThatIllegalArgumentException()