SEC-1177: MethodInvocationUtils Returns Null With Valid Method String and Class. Added very simple checking of declared methods on class.

core/src/main/java/org/springframework/security/util/MethodInvocationUtils.java

@@ -83,7 +83,11 @@ public final class MethodInvocationUtils {
     }
 
     /**
-     * Generates a <code>MethodInvocation</code> for specified <code>methodName</code> on the passed class.
+     * Generates a <code>MethodInvocation</code> for the specified <code>methodName</code> on the passed class.
+     *
+     * If a method with this name, taking no arguments does not exist, it will check through the declared
+     * methods on the class, until one is found matching the supplied name. If more than one method name matches,
+     * an <tt>IllegalArgumentException</tt> will be raised.
      *
      * @param clazz the class of object that will be used to find the relevant <code>Method</code>
      * @param methodName the name of the method to find
@@ -91,7 +95,21 @@ public final class MethodInvocationUtils {
      * @return a <code>MethodInvocation</code>, or <code>null</code> if there was a problem
      */
     public static MethodInvocation createFromClass(Class<?> clazz, String methodName) {
-        return createFromClass(null, clazz, methodName, null, null);
+        MethodInvocation mi = createFromClass(null, clazz, methodName, null, null);
+
+        if (mi == null) {
+            for (Method m : clazz.getDeclaredMethods()) {
+                if (m.getName().equals(methodName)) {
+                    if (mi != null) {
+                        throw new IllegalArgumentException("The class " + clazz + " has more than one method named" +
+                                " '" + methodName + "'");
+                    }
+                    mi = new SimpleMethodInvocation(null, m);
+                }
+            }
+        }
+
+        return mi;
     }
 
     /**

core/src/test/java/org/springframework/security/util/MethodInvocationUtilsTests.java

@@ -4,6 +4,7 @@ import static org.junit.Assert.*;
 
 import org.aopalliance.intercept.MethodInvocation;
 import org.junit.Test;
+import org.springframework.security.access.annotation.BusinessServiceImpl;
 
 /**
  *
@@ -19,13 +20,18 @@ public class MethodInvocationUtilsTests {
     }
 
     @Test
-    public void createFromClassWithNoArgInfoReturnsNullForMethodWithArgs() {
-        MethodInvocation mi = MethodInvocationUtils.createFromClass(String.class, "codePointAt");
-        assertNull(mi);
+    public void createFromClassReturnsMethodIfArgInfoOmittedAndMethodNameIsUnique() {
+        MethodInvocation mi = MethodInvocationUtils.createFromClass(BusinessServiceImpl.class, "methodReturningAnArray");
+        assertNotNull(mi);
+    }
+
+    @Test(expected=IllegalArgumentException.class)
+    public void exceptionIsRaisedIfArgInfoOmittedAndMethodNameIsNotUnique() {
+        MethodInvocationUtils.createFromClass(BusinessServiceImpl.class, "methodReturningAList");
     }
 
     @Test
-    public void createFromClassReturnsMethodIfGivArgInfoForMethodWithArgs() {
+    public void createFromClassReturnsMethodIfGivenArgInfoForMethodWithArgs() {
         MethodInvocation mi = MethodInvocationUtils.createFromClass(null, String.class, "compareTo",
                 new Class<?>[]{String.class}, new Object[] {""});
         assertNotNull(mi);