Java MethodSecurityExpressionRoot Exemples

Exemple #1

Fichier : MethodSecurityExpressionRootTests.java Projet : wkorando/spring-security

  @Test
  public void hasPermissionOnDomainObjectReturnsTrueIfPermissionEvaluatorDoes() throws Exception {
    final Object dummyDomainObject = new Object();
    final PermissionEvaluator pe = mock(PermissionEvaluator.class);
    ctx.setVariable("domainObject", dummyDomainObject);
    root.setPermissionEvaluator(pe);
    when(pe.hasPermission(user, dummyDomainObject, "ignored")).thenReturn(true);

    assertThat(root.hasPermission(dummyDomainObject, "ignored")).isTrue();
  }

Exemple #2

Fichier : MethodSecurityExpressionRootTests.java Projet : wkorando/spring-security

 @Before
 public void createContext() {
   user = mock(Authentication.class);
   root = new MethodSecurityExpressionRoot(user);
   ctx = new StandardEvaluationContext();
   ctx.setRootObject(root);
   trustResolver = mock(AuthenticationTrustResolver.class);
   root.setTrustResolver(trustResolver);
 }

Exemple #3

Fichier : MethodSecurityExpressionRootTests.java Projet : wkorando/spring-security

  @Test
  public void hasPermissionWorksWithThisObject() throws Exception {
    Object targetObject =
        new Object() {
          public String getX() {
            return "x";
          }
        };
    root.setThis(targetObject);
    Integer i = 2;
    PermissionEvaluator pe = mock(PermissionEvaluator.class);
    root.setPermissionEvaluator(pe);
    when(pe.hasPermission(user, targetObject, i)).thenReturn(true).thenReturn(false);
    when(pe.hasPermission(user, "x", i)).thenReturn(true);

    Expression e = parser.parseExpression("hasPermission(this, 2)");
    assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
    e = parser.parseExpression("hasPermission(this, 2)");
    assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isFalse();

    e = parser.parseExpression("hasPermission(this.x, 2)");
    assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
  }

Exemple #4

Fichier : MethodSecurityExpressionRootTests.java Projet : wkorando/spring-security

  @Test
  public void hasPermissionOnDomainObjectWorksWithIntegerExpressions() throws Exception {
    final Object dummyDomainObject = new Object();
    ctx.setVariable("domainObject", dummyDomainObject);
    final PermissionEvaluator pe = mock(PermissionEvaluator.class);
    root.setPermissionEvaluator(pe);
    when(pe.hasPermission(eq(user), eq(dummyDomainObject), any(Integer.class)))
        .thenReturn(true)
        .thenReturn(true)
        .thenReturn(false);

    Expression e = parser.parseExpression("hasPermission(#domainObject, 0xA)");
    // evaluator returns true
    assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
    e = parser.parseExpression("hasPermission(#domainObject, 10)");
    // evaluator returns true
    assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isTrue();
    e = parser.parseExpression("hasPermission(#domainObject, 0xFF)");
    // evaluator returns false, make sure return value matches
    assertThat(ExpressionUtils.evaluateAsBoolean(e, ctx)).isFalse();
  }

Exemple #5

Fichier : MethodSecurityExpressionRootTests.java Projet : wkorando/spring-security

 @Test
 public void isAnonymousReturnsFalseIfTrustResolverReportsNonAnonymous() {
   when(trustResolver.isAnonymous(user)).thenReturn(false);
   assertThat(root.isAnonymous()).isFalse();
 }