17 years ago · b253510127
--- a/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
@@ -55,7 +55,6 @@ import org.springframework.util.Assert;
 
				 import java.io.IOException;
			
 
				 
			
 
				 import java.util.ArrayList;
			
 
				-import java.util.Arrays;
			
 
				 import java.util.List;
			
 
				 
			
 
				 import javax.servlet.Filter;
			
@@ -102,8 +101,6 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
				 
			
 
				     private static final Log logger = LogFactory.getLog(SwitchUserProcessingFilter.class);
			
 
				 
			
 
				-    // ~ Static fields/initializers
			
 
				-    // =============================================
			
 
				     public static final String ACEGI_SECURITY_SWITCH_USERNAME_KEY = "j_username";
			
 
				     public static final String ROLE_PREVIOUS_ADMINISTRATOR = "ROLE_PREVIOUS_ADMINISTRATOR";
			
 
				 
			
@@ -116,9 +113,6 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
				     private String switchUserUrl = "/j_acegi_switch_user";
			
 
				     private String targetUrl;
			
 
				     private SwitchUserAuthorityChanger switchUserAuthorityChanger;
			
 
				-
			
 
				-    // ~ Instance fields
			
 
				-    // ========================================================
			
 
				     private UserDetailsService userDetailsService;
			
 
				 
			
 
				     //~ Methods ========================================================================================================
			
@@ -275,8 +269,11 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
				         Authentication currentAuth = SecurityContextHolder.getContext().getAuthentication();
			
 
				         GrantedAuthority switchAuthority = new SwitchUserGrantedAuthority(ROLE_PREVIOUS_ADMINISTRATOR, currentAuth);
			
 
				 
			
 
				-        // get the original authorities
			
 
				-        List orig = Arrays.asList(targetUser.getAuthorities());
			
 
				+        // get the original authorities        
			
 
				+        ArrayList orig = new ArrayList();
			
 
				+        for (int i = 0; i < targetUser.getAuthorities().length; i++) {
			
 
				+			orig.add(targetUser.getAuthorities()[i]);
			
 
				+		}
			
 
				 
			
 
				         // Allow subclasses to change the authorities to be granted
			
 
				         if (switchUserAuthorityChanger != null) {
			
@@ -443,7 +440,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
				     /**
			
 
				      * Sets the authentication data access object.
			
 
				      *
			
 
				-     * @param authenticationDao The authentication dao
			
 
				+     * @param userDetailsService The UserDetailsService to use
			
 
				      */
			
 
				     public void setUserDetailsService(UserDetailsService userDetailsService) {
			
 
				         this.userDetailsService = userDetailsService;
			
--- a/core/src/test/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilterTests.java
+++ b/core/src/test/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilterTests.java
@@ -41,6 +41,8 @@ import org.springframework.dao.DataAccessException;
 
				 import org.springframework.mock.web.MockHttpServletRequest;
			
 
				 import org.springframework.mock.web.MockHttpServletResponse;
			
 
				 
			
 
				+import java.util.List;
			
 
				+
			
 
				 
			
 
				 /**
			
 
				  * Tests {@link org.acegisecurity.ui.switchuser.SwitchUserProcessingFilter}.
			
@@ -377,6 +379,28 @@ public class SwitchUserProcessingFilterTests extends TestCase {
 
				         assertEquals("jacklord", ((User) targetAuth.getPrincipal()).getUsername());
			
 
				     }
			
 
				 
			
 
				+    public void testModificationOfAuthoritiesWorks() {
			
 
				+        UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken("dano", "hawaii50");
			
 
				+        SecurityContextHolder.getContext().setAuthentication(auth);
			
 
				+
			
 
				+        MockHttpServletRequest request = new MockHttpServletRequest();
			
 
				+        request.addParameter(SwitchUserProcessingFilter.ACEGI_SECURITY_SWITCH_USERNAME_KEY, "jacklord");
			
 
				+
			
 
				+        SwitchUserProcessingFilter filter = new SwitchUserProcessingFilter();
			
 
				+        filter.setUserDetailsService(new MockAuthenticationDaoUserJackLord());
			
 
				+        filter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() {
			
 
				+            public void modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List authoritiesToBeGranted) {
			
 
				+                authoritiesToBeGranted.clear();
			
 
				+                authoritiesToBeGranted.add(new GrantedAuthorityImpl("ROLE_NEW"));
			
 
				+            }
			
 
				+        });
			
 
				+
			
 
				+        Authentication result = filter.attemptSwitchUser(request);
			
 
				+        assertTrue(result != null);
			
 
				+        assertEquals(2, result.getAuthorities().length);
			
 
				+        assertEquals("ROLE_NEW", result.getAuthorities()[0].getAuthority());        
			
 
				+    }
			
 
				+
			
 
				     //~ Inner Classes ==================================================================================================
			
 
				 
			
 
				     private class MockAuthenticationDaoUserJackLord implements UserDetailsService {