Kezdőlap Felfedezés Súgó
Regisztráció Bejelentkezés
github
/
spring-security
tükrözi: https://github.com/spring-projects/spring-security
2
0
Másolás 0
Fájlok Problémák 0 Wiki
Forráskód Böngészése

SEC-1533: AclAuthorizationStrategyImpl can now take either one or three GrantedAuthority arguments. If only one is supplied, it will be used for all 3 of the permissions supported by the class.

Luke Taylor 15 éve
szülő
acad848690
commit
1a838c2049
4 módosított fájl, 26 hozzáadás és 29 törlés
Osztott Nézet Diff Statisztika Mutatása
  1. 13 6
      acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java
  2. 12 14
      acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java
  3. 0 8
      samples/contacts/src/main/resources/applicationContext-common-authorization.xml
  4. 1 1
      samples/contacts/src/test/java/sample/contact/ContactManagerTests.java

+ 13 - 6
acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java
Fájl Megtekintése 

@@ -52,16 +52,23 @@ public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy {
 
      * Constructor. The only mandatory parameter relates to the system-wide {@link GrantedAuthority} instances that
 
      * can be held to always permit ACL changes.
 
      *
 
-     * @param auths an array of <code>GrantedAuthority</code>s that have
 
+     * @param auths the <code>GrantedAuthority</code>s that have
 
      * special permissions (index 0 is the authority needed to change
 
      * ownership, index 1 is the authority needed to modify auditing details,
 
      * index 2 is the authority needed to change other ACL and ACE details) (required)
 
+     * <p>
 
+     * Alternatively, a single value can be supplied for all three permissions.
 
      */
 
-    public AclAuthorizationStrategyImpl(GrantedAuthority[] auths) {
 
-        Assert.isTrue(auths != null && auths.length == 3, "GrantedAuthority[] with three elements required");
 
-        this.gaTakeOwnership = auths[0];
 
-        this.gaModifyAuditing = auths[1];
 
-        this.gaGeneralChanges = auths[2];
 
+    public AclAuthorizationStrategyImpl(GrantedAuthority... auths) {
 
+        Assert.isTrue(auths != null && (auths.length == 3 || auths.length == 1),
 
+                "One or three GrantedAuthority instances required");
 
+        if (auths.length == 3) {
 
+            gaTakeOwnership = auths[0];
 
+            gaModifyAuditing = auths[1];
 
+            gaGeneralChanges = auths[2];
 
+        } else {
 
+            gaTakeOwnership = gaModifyAuditing = gaGeneralChanges = auths[0];
 
+        }
 
     }
 
 
     //~ Methods ========================================================================================================

+ 12 - 14
acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTests.java
Fájl Megtekintése 

@@ -101,9 +101,7 @@ public class BasicLookupStrategyTests {
 
     @Before
 
     public void initializeBeans() {
 
         EhCacheBasedAclCache cache = new EhCacheBasedAclCache(getCache());
 
-        AclAuthorizationStrategy authorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthority[] {
 
-                new GrantedAuthorityImpl("ROLE_ADMINISTRATOR"), new GrantedAuthorityImpl("ROLE_ADMINISTRATOR"),
 
-                new GrantedAuthorityImpl("ROLE_ADMINISTRATOR") });
 
+        AclAuthorizationStrategy authorizationStrategy = new AclAuthorizationStrategyImpl(new GrantedAuthorityImpl("ROLE_ADMINISTRATOR"));
 
         strategy = new BasicLookupStrategy(dataSource, cache, authorizationStrategy,
 
                 new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()));
 
         strategy.setPermissionFactory(new DefaultPermissionFactory());
 
@@ -194,16 +192,16 @@ public class BasicLookupStrategyTests {
 
 
         // Check each entry
 
         Assert.assertTrue(topParent.isEntriesInheriting());
 
-        Assert.assertEquals(topParent.getId(), new Long(1));
 
+        Assert.assertEquals(topParent.getId(), Long.valueOf(1));
 
         Assert.assertEquals(topParent.getOwner(), new PrincipalSid("ben"));
 
-        Assert.assertEquals(topParent.getEntries().get(0).getId(), new Long(1));
 
+        Assert.assertEquals(topParent.getEntries().get(0).getId(), Long.valueOf(1));
 
         Assert.assertEquals(topParent.getEntries().get(0).getPermission(), BasePermission.READ);
 
         Assert.assertEquals(topParent.getEntries().get(0).getSid(), new PrincipalSid("ben"));
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditFailure());
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditSuccess());
 
         Assert.assertTrue(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isGranting());
 
 
-        Assert.assertEquals(topParent.getEntries().get(1).getId(), new Long(2));
 
+        Assert.assertEquals(topParent.getEntries().get(1).getId(), Long.valueOf(2));
 
         Assert.assertEquals(topParent.getEntries().get(1).getPermission(), BasePermission.WRITE);
 
         Assert.assertEquals(topParent.getEntries().get(1).getSid(), new PrincipalSid("ben"));
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditFailure());
 
@@ -211,9 +209,9 @@ public class BasicLookupStrategyTests {
 
         Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isGranting());
 
 
         Assert.assertTrue(middleParent.isEntriesInheriting());
 
-        Assert.assertEquals(middleParent.getId(), new Long(2));
 
+        Assert.assertEquals(middleParent.getId(), Long.valueOf(2));
 
         Assert.assertEquals(middleParent.getOwner(), new PrincipalSid("ben"));
 
-        Assert.assertEquals(middleParent.getEntries().get(0).getId(), new Long(3));
 
+        Assert.assertEquals(middleParent.getEntries().get(0).getId(), Long.valueOf(3));
 
         Assert.assertEquals(middleParent.getEntries().get(0).getPermission(), BasePermission.DELETE);
 
         Assert.assertEquals(middleParent.getEntries().get(0).getSid(), new PrincipalSid("ben"));
 
         Assert.assertFalse(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditFailure());
 
@@ -221,9 +219,9 @@ public class BasicLookupStrategyTests {
 
         Assert.assertTrue(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isGranting());
 
 
         Assert.assertTrue(child.isEntriesInheriting());
 
-        Assert.assertEquals(child.getId(), new Long(3));
 
+        Assert.assertEquals(child.getId(), Long.valueOf(3));
 
         Assert.assertEquals(child.getOwner(), new PrincipalSid("ben"));
 
-        Assert.assertEquals(child.getEntries().get(0).getId(), new Long(4));
 
+        Assert.assertEquals(child.getEntries().get(0).getId(), Long.valueOf(4));
 
         Assert.assertEquals(child.getEntries().get(0).getPermission(), BasePermission.DELETE);
 
         Assert.assertEquals(child.getEntries().get(0).getSid(), new PrincipalSid("ben"));
 
         Assert.assertFalse(((AuditableAccessControlEntry) child.getEntries().get(0)).isAuditFailure());
 
@@ -236,10 +234,10 @@ public class BasicLookupStrategyTests {
 
         String query = "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (4,2,103,1,1,1);";
 
         jdbcTemplate.execute(query);
 
 
-        ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(100));
 
-        ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, new Integer(101));
 
-        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, new Long(102));
 
-        ObjectIdentity middleParent2Oid = new ObjectIdentityImpl(TARGET_CLASS, new Long(103));
 
+        ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(100));
 
+        ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(101));
 
+        ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(102));
 
+        ObjectIdentity middleParent2Oid = new ObjectIdentityImpl(TARGET_CLASS, Long.valueOf(103));
 
 
         // Retrieve the child
 
         Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(Arrays.asList(childOid), null);

+ 0 - 8
samples/contacts/src/main/resources/applicationContext-common-authorization.xml
Fájl Megtekintése 

@@ -30,17 +30,9 @@
 
     <constructor-arg>
 
         <bean class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
 
             <constructor-arg>
 
-            <list>
 
                 <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
                     <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
                 </bean>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
-                    <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
-                </bean>
 
-                <bean class="org.springframework.security.core.authority.GrantedAuthorityImpl">
 
-                    <constructor-arg value="ROLE_ADMINISTRATOR"/>
 
-                </bean>
 
-            </list>
 
             </constructor-arg>
 
         </bean>
 
     </constructor-arg>

+ 1 - 1
samples/contacts/src/test/java/sample/contact/ContactManagerTests.java
Fájl Megtekintése 

@@ -37,7 +37,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
  *
 
  * @author David Leal
 
  * @author Ben Alex
 
- * @Author Luke Taylor
 
+ * @author Luke Taylor
 
  */
 
 @ContextConfiguration(locations={
 
                 "/applicationContext-security.xml",