Clarify interface contract for ObjectDefinitionSource when no ConfigAttributes exist for a given secure object invocation, plus unit tests and fixes for concrete implementations. Thanks to Sean Radford for spotting the inconsistency.

core/src/main/java/org/acegisecurity/intercept/ObjectDefinitionSource.java

@@ -34,6 +34,11 @@ public interface ObjectDefinitionSource {
     /**
      * Accesses the <code>ConfigAttributeDefinition</code> that applies to a
      * given secure object.
+     * 
+     * <P>
+     * Returns <code>null</code> if no <code>ConfigAttribiteDefinition</code>
+     * applies.
+     * </p>
      *
      * @param object the object being secured
      *

core/src/main/java/org/acegisecurity/intercept/method/MethodDefinitionAttributes.java

@@ -103,7 +103,11 @@ public class MethodDefinitionAttributes extends AbstractMethodDefinitionSource {
         // add the method level attributes for the implemented intreface methods
         addInterfaceMethodAttributes(definition, invocation.getMethod());
 
-        return definition;
+        if (definition.size() == 0) {
+            return null;
+        } else {
+            return definition;
+        }
     }
 
     private void add(ConfigAttributeDefinition definition, Collection attribs) {

core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionAttributesTests.java

@@ -26,6 +26,7 @@ import net.sf.acegisecurity.MockMethodInvocation;
 import net.sf.acegisecurity.OtherTargetObject;
 import net.sf.acegisecurity.SecurityConfig;
 import net.sf.acegisecurity.TargetObject;
+import net.sf.acegisecurity.acl.basic.SomeDomain;
 import net.sf.acegisecurity.context.ContextHolder;
 import net.sf.acegisecurity.context.SecureContext;
 import net.sf.acegisecurity.context.SecureContextImpl;
@@ -202,6 +203,15 @@ public class MethodDefinitionAttributesTests extends TestCase {
         ContextHolder.setContext(null);
     }
 
+    public void testNullReturnedIfZeroAttributesDefinedForMethodInvocation()
+        throws Exception {
+        // SomeDomain is not defined in the MockAttributes() 
+        // (which getConfigAttributeDefinition refers to)
+        ConfigAttributeDefinition def = getConfigAttributeDefinition(SomeDomain.class,
+                "getId", null);
+        assertNull(def);
+    }
+
     private ConfigAttributeDefinition getConfigAttributeDefinition(
         Class clazz, String methodName, Class[] args) throws Exception {
         final Method method = clazz.getMethod(methodName, args);

core/src/test/java/org/acegisecurity/intercept/method/MethodDefinitionSourceEditorTests.java

@@ -157,6 +157,20 @@ public class MethodDefinitionSourceEditorTests extends TestCase {
         assertEquals(expectedCountLength, returnedCountLength);
     }
 
+    public void testNullIsReturnedByMethodDefinitionSourceWhenMethodInvocationNotDefined()
+        throws Exception {
+        MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor();
+        editor.setAsText(
+            "net.sf.acegisecurity.TargetObject.countLength=ROLE_ONE,ROLE_TWO,RUN_AS_ENTRY");
+
+        MethodDefinitionMap map = (MethodDefinitionMap) editor.getValue();
+
+        ConfigAttributeDefinition configAttributeDefinition = map.getAttributes(new MockMethodInvocation(
+                    TargetObject.class, "makeLowerCase",
+                    new Class[] {String.class}));
+        assertNull(configAttributeDefinition);
+    }
+
     public void testNullReturnsEmptyMap() {
         MethodDefinitionSourceEditor editor = new MethodDefinitionSourceEditor();
         editor.setAsText(null);