Polish RoleHierarchy Bean Usage
Issue gh-12783
This commit is contained in:
committed by
Josh Cummings
parent
b76f7c029d
commit
e6bea1cfa1
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
* Copyright 2002-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -50,9 +50,12 @@ public interface MethodSecurityService {
|
||||
@PermitAll
|
||||
String jsr250PermitAll();
|
||||
|
||||
@RolesAllowed({ "ADMIN", "USER" })
|
||||
@RolesAllowed("ADMIN")
|
||||
String jsr250RolesAllowed();
|
||||
|
||||
@RolesAllowed("USER")
|
||||
String jsr250RolesAllowedUser();
|
||||
|
||||
@Secured({ "ROLE_USER", "RUN_AS_SUPER" })
|
||||
Authentication runAs();
|
||||
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
/*
|
||||
* Copyright 2002-2022 the original author or authors.
|
||||
* Copyright 2002-2023 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
@@ -56,6 +56,11 @@ public class MethodSecurityServiceImpl implements MethodSecurityService {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String jsr250RolesAllowedUser() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public Authentication runAs() {
|
||||
return SecurityContextHolder.getContext().getAuthentication();
|
||||
|
||||
@@ -453,9 +453,9 @@ public class PrePostMethodSecurityConfigurationTests {
|
||||
@Test
|
||||
public void methodSecurityAdminWhenRoleHierarchyBeanAvailableThenUses() {
|
||||
this.spring.register(RoleHierarchyConfig.class, MethodSecurityServiceConfig.class).autowire();
|
||||
this.methodSecurityService.preAuthorizeAdmin();
|
||||
this.methodSecurityService.secured();
|
||||
this.methodSecurityService.jsr250RolesAllowed();
|
||||
this.methodSecurityService.preAuthorizeUser();
|
||||
this.methodSecurityService.securedUser();
|
||||
this.methodSecurityService.jsr250RolesAllowedUser();
|
||||
}
|
||||
|
||||
@WithMockUser
|
||||
@@ -464,7 +464,7 @@ public class PrePostMethodSecurityConfigurationTests {
|
||||
this.spring.register(RoleHierarchyConfig.class, MethodSecurityServiceConfig.class).autowire();
|
||||
this.methodSecurityService.preAuthorizeUser();
|
||||
this.methodSecurityService.securedUser();
|
||||
this.methodSecurityService.jsr250RolesAllowed();
|
||||
this.methodSecurityService.jsr250RolesAllowedUser();
|
||||
}
|
||||
|
||||
private static Consumer<ConfigurableWebApplicationContext> disallowBeanOverriding() {
|
||||
@@ -652,9 +652,9 @@ public class PrePostMethodSecurityConfigurationTests {
|
||||
static class RoleHierarchyConfig {
|
||||
|
||||
@Bean
|
||||
RoleHierarchy roleHierarchy() {
|
||||
static RoleHierarchy roleHierarchy() {
|
||||
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl();
|
||||
roleHierarchyImpl.setHierarchy("ADMIN > USER");
|
||||
roleHierarchyImpl.setHierarchy("ROLE_ADMIN > ROLE_USER");
|
||||
return roleHierarchyImpl;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user