Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 13:23:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add AuthorizationManagerFactory.hasAll(Authorities|Roles)

Browse Source 
Closes gh-17932
This commit is contained in:
Rob Winch
2025-09-18 09:08:46 -05:00
parent ebc391cb97
commit 675835e525
8 changed files with 88 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/main/java/org/springframework/security/authorization/AuthorizationManagerFactory.java
+22
View File
@@ -65,6 +65,17 @@ public interface AuthorizationManagerFactory<T extends @Nullable Object> {
return AuthorityAuthorizationManager.hasAnyRole(roles);
}
/**
* Creates an {@link AuthorizationManager} that requires users to have all the
* provided roles.
* @param roles the roles (automatically prepended with ROLE_) that the user must have
* to allow access (i.e. USER, ADMIN, etc.)
* @return A new {@link AuthorizationManager} instance
*/
default AuthorizationManager<T> hasAllRoles(String... roles) {
return AllAuthoritiesAuthorizationManager.hasAllRoles(roles);
}
/**
* Creates an {@link AuthorizationManager} that requires users to have the specified
* authority.
@@ -87,6 +98,17 @@ public interface AuthorizationManagerFactory<T extends @Nullable Object> {
return AuthorityAuthorizationManager.hasAnyAuthority(authorities);
}
/**
* Creates an {@link AuthorizationManager} that requires users to have all the
* provided authorities.
* @param authorities the authorities that the user must have to allow access (i.e.
* USER, ADMIN, etc.)
* @return A new {@link AuthorizationManager} instance
*/
default AuthorizationManager<T> hasAllAuthorities(String... authorities) {
return AllAuthoritiesAuthorizationManager.hasAllAuthorities(authorities);
}
/**
* Creates an {@link AuthorizationManager} that allows any authenticated user.
* @return A new {@link AuthorizationManager} instance
core/src/main/java/org/springframework/security/authorization/DefaultAuthorizationManagerFactory.java
+16
View File
@@ -79,6 +79,11 @@ public final class DefaultAuthorizationManagerFactory<T extends @Nullable Object
return withRoleHierarchy(AuthorityAuthorizationManager.hasAnyRole(this.rolePrefix, roles));
}
@Override
public AuthorizationManager<T> hasAllRoles(String... roles) {
return withRoleHierarchy(AllAuthoritiesAuthorizationManager.hasAllPrefixedAuthorities(this.rolePrefix, roles));
}
@Override
public AuthorizationManager<T> hasAuthority(String authority) {
return withRoleHierarchy(AuthorityAuthorizationManager.hasAuthority(authority));
@@ -89,6 +94,11 @@ public final class DefaultAuthorizationManagerFactory<T extends @Nullable Object
return withRoleHierarchy(AuthorityAuthorizationManager.hasAnyAuthority(authorities));
}
@Override
public AuthorizationManager<T> hasAllAuthorities(String... authorities) {
return withRoleHierarchy(AllAuthoritiesAuthorizationManager.hasAllAuthorities(authorities));
}
@Override
public AuthorizationManager<T> authenticated() {
return withTrustResolver(AuthenticatedAuthorizationManager.authenticated());
@@ -114,6 +124,12 @@ public final class DefaultAuthorizationManagerFactory<T extends @Nullable Object
return authorizationManager;
}
private AllAuthoritiesAuthorizationManager<T> withRoleHierarchy(
AllAuthoritiesAuthorizationManager<T> authorizationManager) {
authorizationManager.setRoleHierarchy(this.roleHierarchy);
return authorizationManager;
}
private AuthenticatedAuthorizationManager<T> withTrustResolver(
AuthenticatedAuthorizationManager<T> authorizationManager) {
authorizationManager.setTrustResolver(this.trustResolver);
core/src/test/java/org/springframework/security/authorization/AuthorizationManagerFactoryTests.java
+14
View File
@@ -55,6 +55,13 @@ public class AuthorizationManagerFactoryTests {
assertThat(authorizationManager).isInstanceOf(AuthorityAuthorizationManager.class);
}
@Test
public void hasAllRolesReturnsAllAuthoritiesAuthorizationManagerByDefault() {
AuthorizationManagerFactory<String> factory = new DefaultAuthorizationManagerFactory<>();
AuthorizationManager<String> authorizationManager = factory.hasAllRoles("authority1", "authority2");
assertThat(authorizationManager).isInstanceOf(AllAuthoritiesAuthorizationManager.class);
}
@Test
public void hasAuthorityReturnsAuthorityAuthorizationManagerByDefault() {
AuthorizationManagerFactory<String> factory = new DefaultAuthorizationManagerFactory<>();
@@ -69,6 +76,13 @@ public class AuthorizationManagerFactoryTests {
assertThat(authorizationManager).isInstanceOf(AuthorityAuthorizationManager.class);
}
@Test
public void hasAllAuthoritiesReturnsAllAuthoritiesAuthorizationManagerByDefault() {
AuthorizationManagerFactory<String> factory = new DefaultAuthorizationManagerFactory<>();
AuthorizationManager<String> authorizationManager = factory.hasAllAuthorities("authority1", "authority2");
assertThat(authorizationManager).isInstanceOf(AllAuthoritiesAuthorizationManager.class);
}
@Test
public void authenticatedReturnsAuthenticatedAuthorizationManagerByDefault() {
AuthorizationManagerFactory<String> factory = new DefaultAuthorizationManagerFactory<>();