Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Support SingleResultAuthorizationManager

Browse Source 
Closes gh-16590

Signed-off-by: Max Batischev <mblancer@mail.ru>
This commit is contained in:
Max Batischev
2025-02-17 16:42:54 +03:00
committed by Josh Cummings
parent 29f1ea50b6
commit 58a665e5aa
10 changed files with 181 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files
web/src/main/java/org/springframework/security/web/access/intercept/RequestMatcherDelegatingAuthorizationManager.java
+4 -3
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2023 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -30,6 +30,7 @@ import org.springframework.security.authorization.AuthenticatedAuthorizationMana
import org.springframework.security.authorization.AuthorityAuthorizationManager;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.AuthorizationManager;
import org.springframework.security.authorization.SingleResultAuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.util.UrlUtils;
import org.springframework.security.web.util.matcher.AnyRequestMatcher;
@@ -201,7 +202,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
* @return the {@link Builder} for further customizations
*/
public Builder permitAll() {
return access((a, o) -> new AuthorizationDecision(true));
return access(SingleResultAuthorizationManager.permitAll());
}
/**
@@ -209,7 +210,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
* @return the {@link Builder} for further customizations
*/
public Builder denyAll() {
return access((a, o) -> new AuthorizationDecision(false));
return access(SingleResultAuthorizationManager.denyAll());
}
/**
web/src/test/java/org/springframework/security/web/access/intercept/RequestMatcherDelegatingAuthorizationManagerTests.java
+7 -6
View File
@@ -1,5 +1,5 @@
/*
* Copyright 2002-2023 the original author or authors.
* Copyright 2002-2025 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -26,6 +26,7 @@ import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.authorization.AuthenticatedAuthorizationManager;
import org.springframework.security.authorization.AuthorityAuthorizationManager;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.SingleResultAuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.servlet.util.matcher.MvcRequestMatcher;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@@ -55,7 +56,7 @@ public class RequestMatcherDelegatingAuthorizationManagerTests {
public void addWhenMatcherNullThenException() {
assertThatIllegalArgumentException()
.isThrownBy(() -> RequestMatcherDelegatingAuthorizationManager.builder()
.add(null, (a, o) -> new AuthorizationDecision(true))
.add(null, SingleResultAuthorizationManager.permitAll())
.build())
.withMessage("matcher cannot be null");
}
@@ -72,8 +73,8 @@ public class RequestMatcherDelegatingAuthorizationManagerTests {
@Test
public void checkWhenMultipleMappingsConfiguredThenDelegatesMatchingManager() {
RequestMatcherDelegatingAuthorizationManager manager = RequestMatcherDelegatingAuthorizationManager.builder()
.add(new MvcRequestMatcher(null, "/grant"), (a, o) -> new AuthorizationDecision(true))
.add(new MvcRequestMatcher(null, "/deny"), (a, o) -> new AuthorizationDecision(false))
.add(new MvcRequestMatcher(null, "/grant"), SingleResultAuthorizationManager.permitAll())
.add(new MvcRequestMatcher(null, "/deny"), SingleResultAuthorizationManager.denyAll())
.build();
Supplier<Authentication> authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_USER");
@@ -97,11 +98,11 @@ public class RequestMatcherDelegatingAuthorizationManagerTests {
RequestMatcherDelegatingAuthorizationManager manager = RequestMatcherDelegatingAuthorizationManager.builder()
.mappings((m) -> {
m.add(new RequestMatcherEntry<>(new MvcRequestMatcher(null, "/grant"),
(a, o) -> new AuthorizationDecision(true)));
SingleResultAuthorizationManager.permitAll()));
m.add(new RequestMatcherEntry<>(AnyRequestMatcher.INSTANCE,
AuthorityAuthorizationManager.hasRole("ADMIN")));
m.add(new RequestMatcherEntry<>(new MvcRequestMatcher(null, "/afterAny"),
(a, o) -> new AuthorizationDecision(true)));
SingleResultAuthorizationManager.permitAll()));
})
.build();