[tlinh2110@gmail.com] Add resource for Testing Method Security

This commit is contained in:
linhvovn
2017-12-14 23:38:56 +08:00
parent 5014f5088e
commit 778177333f
15 changed files with 447 additions and 0 deletions
@@ -0,0 +1,11 @@
package org.baeldung.testmethodsecurity.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
}
@@ -0,0 +1,39 @@
package org.baeldung.testmethodsecurity.entity;
import java.util.Collection;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
@SuppressWarnings("serial")
public class CustomUser extends User{
private String nickName;
private int age;
public CustomUser(String username, String password, Collection<? extends GrantedAuthority> authorities) {
super(username, password, authorities);
}
public CustomUser(String username, String password, Collection<? extends GrantedAuthority> authorities,String nickName) {
super(username, password, authorities);
this.nickName = nickName;
}
public String getNickName() {
return nickName;
}
public void setNickName(String nickName) {
this.nickName = nickName;
}
public int getAge() {
return age;
}
public void setAge(int age) {
this.age = age;
}
}
@@ -0,0 +1,41 @@
package org.baeldung.testmethodsecurity.repository;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import org.baeldung.testmethodsecurity.entity.CustomUser;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
@Service
public class UserRoleRepository {
static Map<String,CustomUser> DB_BASED_USER_MAPPING;
static{
DB_BASED_USER_MAPPING = new LinkedHashMap<>();
DB_BASED_USER_MAPPING.put("jane", new CustomUser("jane","1234", getGrantedAuthorities("ROLE_USER","ROLE_VIEWER"),"jane"));
DB_BASED_USER_MAPPING.put("john", new CustomUser("john","1234", getGrantedAuthorities("ROLE_EDITOR","ROLE_ADMIN"),"jane"));
DB_BASED_USER_MAPPING.put("jack", new CustomUser("jack","1234", getGrantedAuthorities("ROLE_USER","ROLE_REVIEWER"),"jane"));
}
private static List<GrantedAuthority> getGrantedAuthorities(String...roles){
ArrayList<GrantedAuthority> authorities = new ArrayList<>();
for (String role : roles){
authorities.add(new SimpleGrantedAuthority(role));
}
return authorities;
}
public CustomUser loadUserByUserName(String username){
if (DB_BASED_USER_MAPPING.containsKey(username)){
return DB_BASED_USER_MAPPING.get(username);
}
throw new UsernameNotFoundException("User "+username+" cannot be found");
}
}
@@ -0,0 +1,19 @@
package org.baeldung.testmethodsecurity.service;
import org.baeldung.testmethodsecurity.repository.UserRoleRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.stereotype.Service;
@Service("userDetailService")
public class CustomUserDetailsService implements UserDetailsService {
@Autowired
UserRoleRepository userRoleRepo;
@Override
public UserDetails loadUserByUsername(String username) {
return userRoleRepo.loadUserByUserName(username);
}
}
@@ -0,0 +1,26 @@
package org.baeldung.testmethodsecurity.service;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Service;
@Service
public class SystemPropImpl implements SystemPropInterface{
@PreAuthorize("permitAll")
@Override
public String getSystemName() {
return "Method Security";
}
@Override
public String sayHello(){
return sayHi();
}
@Secured("ROLE_USER")
public String sayHi(){
return "Hi";
}
}
@@ -0,0 +1,11 @@
package org.baeldung.testmethodsecurity.service;
public interface SystemPropInterface {
String getSystemName();
String sayHello();
String sayHi();
}
@@ -0,0 +1,29 @@
package org.baeldung.testmethodsecurity.service;
import org.baeldung.testmethodsecurity.entity.CustomUser;
import org.baeldung.testmethodsecurity.repository.UserRoleRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
@Service
public class UserRoleService {
@Autowired
UserRoleRepository userRoleRepository;
@PreAuthorize("hasRole('ROLE_VIEWER') or hasAuthority('SYS_ADMIN')")
public String getUserName(){
SecurityContext securityContext = SecurityContextHolder.getContext();
return securityContext.getAuthentication().getName();
}
@PostAuthorize("returnObject.username == authentication.principal.nickName")
public CustomUser loadUserDetail(String username){
return userRoleRepository.loadUserByUserName(username);
}
}