Polish RoleHierarchy Bean Usage

Issue gh-12783
This commit is contained in:
DerChris173
2023-12-07 18:34:58 +01:00
committed by Josh Cummings
parent b76f7c029d
commit e6bea1cfa1
6 changed files with 44 additions and 35 deletions

View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2022 the original author or authors.
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -50,9 +50,12 @@ public interface MethodSecurityService {
@PermitAll
String jsr250PermitAll();
@RolesAllowed({ "ADMIN", "USER" })
@RolesAllowed("ADMIN")
String jsr250RolesAllowed();
@RolesAllowed("USER")
String jsr250RolesAllowedUser();
@Secured({ "ROLE_USER", "RUN_AS_SUPER" })
Authentication runAs();

View File

@@ -1,5 +1,5 @@
/*
* Copyright 2002-2022 the original author or authors.
* Copyright 2002-2023 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -56,6 +56,11 @@ public class MethodSecurityServiceImpl implements MethodSecurityService {
return null;
}
@Override
public String jsr250RolesAllowedUser() {
return null;
}
@Override
public Authentication runAs() {
return SecurityContextHolder.getContext().getAuthentication();

View File

@@ -453,9 +453,9 @@ public class PrePostMethodSecurityConfigurationTests {
@Test
public void methodSecurityAdminWhenRoleHierarchyBeanAvailableThenUses() {
this.spring.register(RoleHierarchyConfig.class, MethodSecurityServiceConfig.class).autowire();
this.methodSecurityService.preAuthorizeAdmin();
this.methodSecurityService.secured();
this.methodSecurityService.jsr250RolesAllowed();
this.methodSecurityService.preAuthorizeUser();
this.methodSecurityService.securedUser();
this.methodSecurityService.jsr250RolesAllowedUser();
}
@WithMockUser
@@ -464,7 +464,7 @@ public class PrePostMethodSecurityConfigurationTests {
this.spring.register(RoleHierarchyConfig.class, MethodSecurityServiceConfig.class).autowire();
this.methodSecurityService.preAuthorizeUser();
this.methodSecurityService.securedUser();
this.methodSecurityService.jsr250RolesAllowed();
this.methodSecurityService.jsr250RolesAllowedUser();
}
private static Consumer<ConfigurableWebApplicationContext> disallowBeanOverriding() {
@@ -652,9 +652,9 @@ public class PrePostMethodSecurityConfigurationTests {
static class RoleHierarchyConfig {
@Bean
RoleHierarchy roleHierarchy() {
static RoleHierarchy roleHierarchy() {
RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl();
roleHierarchyImpl.setHierarchy("ADMIN > USER");
roleHierarchyImpl.setHierarchy("ROLE_ADMIN > ROLE_USER");
return roleHierarchyImpl;
}