Página inicial Explorar Ajuda
Registrar Entrar
github
/
spring-security
mirror de https://github.com/spring-projects/spring-security
2
0
Fork 0
Arquivos Issues 0 Wiki
Ver código fonte

SEC-2768: DefaultMessageSecurityExpressionHandler sets PermissionEvaluator

Rob Winch 10 anos atrás
pai
95c70f29bd
commit
002a78d87d
3 arquivos alterados com 17 adições e 0 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 1 0
      messaging/src/main/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandler.java
  2. 3 0
      messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageSecurityExpressionRoot.java
  3. 13 0
      messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java

+ 1 - 0
messaging/src/main/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandler.java
Ver arquivo 

@@ -39,6 +39,7 @@ public class DefaultMessageSecurityExpressionHandler<T> extends AbstractSecurity
 
     @Override
 
     protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication, Message<T> invocation) {
 
         MessageSecurityExpressionRoot root = new MessageSecurityExpressionRoot(authentication,invocation);
 
+        root.setPermissionEvaluator(getPermissionEvaluator());
 
         root.setTrustResolver(trustResolver);
 
         root.setRoleHierarchy(getRoleHierarchy());
 
         return root;

+ 3 - 0
messaging/src/main/java/org/springframework/security/messaging/access/expression/MessageSecurityExpressionRoot.java
Ver arquivo 

@@ -27,7 +27,10 @@ import org.springframework.security.core.Authentication;
 
  */
 
 final class MessageSecurityExpressionRoot extends SecurityExpressionRoot {
 
 
+    public final Message<?> message;
 
+
 
     public MessageSecurityExpressionRoot(Authentication authentication, Message<?> message) {
 
         super(authentication);
 
+        this.message = message;
 
     }
 
 }

+ 13 - 0
messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java
Ver arquivo 

@@ -27,6 +27,7 @@ import org.springframework.expression.EvaluationContext;
 
 import org.springframework.expression.Expression;
 
 import org.springframework.messaging.Message;
 
 import org.springframework.messaging.support.GenericMessage;
 
+import org.springframework.security.access.PermissionEvaluator;
 
 import org.springframework.security.access.expression.ExpressionUtils;
 
 import org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl;
 
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 
@@ -39,6 +40,8 @@ import org.springframework.security.core.authority.AuthorityUtils;
 
 public class DefaultMessageSecurityExpressionHandlerTests {
 
     @Mock
 
     AuthenticationTrustResolver trustResolver;
 
+    @Mock
 
+    PermissionEvaluator permissionEvaluator;
 
 
     DefaultMessageSecurityExpressionHandler<Object> handler;
 
 
@@ -89,4 +92,14 @@ public class DefaultMessageSecurityExpressionHandlerTests {
 
 
         assertThat(ExpressionUtils.evaluateAsBoolean(expression, context)).isTrue();
 
     }
 
+
 
+    @Test
 
+    public void permissionEvaluator() {
 
+        handler.setPermissionEvaluator(permissionEvaluator);
 
+        EvaluationContext context = handler.createEvaluationContext(authentication, message);
 
+        Expression expression = handler.getExpressionParser().parseExpression("hasPermission(message, 'read')");
 
+        when(permissionEvaluator.hasPermission(authentication, message, "read")).thenReturn(true);
 
+
 
+        assertThat(ExpressionUtils.evaluateAsBoolean(expression, context)).isTrue();
 
+    }
 
 }