Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1971: Allow injection of ExpressionParser in AbstractSecurityExpressionHandler

Browse Source
This commit is contained in:
Rob Winch
2012-06-14 16:43:20 -05:00
parent 6584b65489
commit 8b05d23832
2 changed files with 22 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
core/src/main/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandler.java
+7 -1
View File
@@ -11,6 +11,7 @@ import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.access.hierarchicalroles.RoleHierarchy;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;
/**
* Base implementation of the facade which isolates Spring Security's requirements for evaluating security expressions
@@ -20,7 +21,7 @@ import org.springframework.security.core.Authentication;
* @since 3.1
*/
public abstract class AbstractSecurityExpressionHandler<T> implements SecurityExpressionHandler<T>, ApplicationContextAware {
private final ExpressionParser expressionParser = new SpelExpressionParser();
private ExpressionParser expressionParser = new SpelExpressionParser();
private BeanResolver br;
private RoleHierarchy roleHierarchy;
private PermissionEvaluator permissionEvaluator = new DenyAllPermissionEvaluator();
@@ -29,6 +30,11 @@ public abstract class AbstractSecurityExpressionHandler<T> implements SecurityEx
return expressionParser;
}
public final void setExpressionParser(ExpressionParser expressionParser) {
Assert.notNull(expressionParser, "expressionParser cannot be null");
this.expressionParser = expressionParser;
}
/**
* Invokes the internal template methods to create {@code StandardEvaluationContext} and {@code SecurityExpressionRoot}
* objects.
core/src/test/java/org/springframework/security/access/expression/AbstractSecurityExpressionHandlerTests.java
+15 -4
View File
@@ -3,16 +3,15 @@ package org.springframework.security.access.expression;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.mock;
import org.junit.*;
import org.springframework.context.ApplicationContext;
import org.junit.Before;
import org.junit.Test;
import org.springframework.context.annotation.AnnotationConfigApplicationContext;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.expression.Expression;
import org.springframework.expression.spel.standard.SpelExpressionParser;
import org.springframework.security.core.Authentication;
import java.util.*;
/**
* @author Luke Taylor
*/
@@ -36,6 +35,18 @@ public class AbstractSecurityExpressionHandlerTests {
Expression expression = handler.getExpressionParser().parseExpression("@number10.compareTo(@number20) < 0");
assertTrue((Boolean) expression.getValue(handler.createEvaluationContext(mock(Authentication.class), new Object())));
}
@Test(expected=IllegalArgumentException.class)
public void setExpressionParserNull() {
handler.setExpressionParser(null);
}
@Test
public void setExpressionParser() {
SpelExpressionParser parser = new SpelExpressionParser();
handler.setExpressionParser(parser);
assertTrue(parser == handler.getExpressionParser());
}
}
@Configuration