[tlinh2110@gmail.com] Add resource for Testing Method Security
This commit is contained in:
+11
@@ -0,0 +1,11 @@
|
||||
package org.baeldung.testmethodsecurity.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
|
||||
|
||||
@Configuration
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
|
||||
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
|
||||
|
||||
}
|
||||
+39
@@ -0,0 +1,39 @@
|
||||
package org.baeldung.testmethodsecurity.entity;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
public class CustomUser extends User{
|
||||
|
||||
private String nickName;
|
||||
private int age;
|
||||
|
||||
public CustomUser(String username, String password, Collection<? extends GrantedAuthority> authorities) {
|
||||
super(username, password, authorities);
|
||||
}
|
||||
|
||||
public CustomUser(String username, String password, Collection<? extends GrantedAuthority> authorities,String nickName) {
|
||||
super(username, password, authorities);
|
||||
this.nickName = nickName;
|
||||
}
|
||||
|
||||
public String getNickName() {
|
||||
return nickName;
|
||||
}
|
||||
|
||||
public void setNickName(String nickName) {
|
||||
this.nickName = nickName;
|
||||
}
|
||||
|
||||
public int getAge() {
|
||||
return age;
|
||||
}
|
||||
|
||||
public void setAge(int age) {
|
||||
this.age = age;
|
||||
}
|
||||
|
||||
}
|
||||
+41
@@ -0,0 +1,41 @@
|
||||
package org.baeldung.testmethodsecurity.repository;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import org.baeldung.testmethodsecurity.entity.CustomUser;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class UserRoleRepository {
|
||||
|
||||
static Map<String,CustomUser> DB_BASED_USER_MAPPING;
|
||||
|
||||
static{
|
||||
DB_BASED_USER_MAPPING = new LinkedHashMap<>();
|
||||
DB_BASED_USER_MAPPING.put("jane", new CustomUser("jane","1234", getGrantedAuthorities("ROLE_USER","ROLE_VIEWER"),"jane"));
|
||||
DB_BASED_USER_MAPPING.put("john", new CustomUser("john","1234", getGrantedAuthorities("ROLE_EDITOR","ROLE_ADMIN"),"jane"));
|
||||
DB_BASED_USER_MAPPING.put("jack", new CustomUser("jack","1234", getGrantedAuthorities("ROLE_USER","ROLE_REVIEWER"),"jane"));
|
||||
}
|
||||
|
||||
private static List<GrantedAuthority> getGrantedAuthorities(String...roles){
|
||||
ArrayList<GrantedAuthority> authorities = new ArrayList<>();
|
||||
for (String role : roles){
|
||||
authorities.add(new SimpleGrantedAuthority(role));
|
||||
}
|
||||
return authorities;
|
||||
}
|
||||
|
||||
public CustomUser loadUserByUserName(String username){
|
||||
if (DB_BASED_USER_MAPPING.containsKey(username)){
|
||||
return DB_BASED_USER_MAPPING.get(username);
|
||||
}
|
||||
throw new UsernameNotFoundException("User "+username+" cannot be found");
|
||||
}
|
||||
|
||||
}
|
||||
+19
@@ -0,0 +1,19 @@
|
||||
package org.baeldung.testmethodsecurity.service;
|
||||
|
||||
import org.baeldung.testmethodsecurity.repository.UserRoleRepository;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service("userDetailService")
|
||||
public class CustomUserDetailsService implements UserDetailsService {
|
||||
|
||||
@Autowired
|
||||
UserRoleRepository userRoleRepo;
|
||||
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String username) {
|
||||
return userRoleRepo.loadUserByUserName(username);
|
||||
}
|
||||
}
|
||||
+26
@@ -0,0 +1,26 @@
|
||||
package org.baeldung.testmethodsecurity.service;
|
||||
|
||||
import org.springframework.security.access.annotation.Secured;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class SystemPropImpl implements SystemPropInterface{
|
||||
|
||||
@PreAuthorize("permitAll")
|
||||
@Override
|
||||
public String getSystemName() {
|
||||
return "Method Security";
|
||||
}
|
||||
|
||||
@Override
|
||||
public String sayHello(){
|
||||
return sayHi();
|
||||
}
|
||||
|
||||
@Secured("ROLE_USER")
|
||||
public String sayHi(){
|
||||
return "Hi";
|
||||
}
|
||||
|
||||
}
|
||||
+11
@@ -0,0 +1,11 @@
|
||||
package org.baeldung.testmethodsecurity.service;
|
||||
|
||||
public interface SystemPropInterface {
|
||||
|
||||
String getSystemName();
|
||||
|
||||
String sayHello();
|
||||
|
||||
String sayHi();
|
||||
|
||||
}
|
||||
+29
@@ -0,0 +1,29 @@
|
||||
package org.baeldung.testmethodsecurity.service;
|
||||
|
||||
import org.baeldung.testmethodsecurity.entity.CustomUser;
|
||||
import org.baeldung.testmethodsecurity.repository.UserRoleRepository;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PostAuthorize;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
@Service
|
||||
public class UserRoleService {
|
||||
|
||||
@Autowired
|
||||
UserRoleRepository userRoleRepository;
|
||||
|
||||
@PreAuthorize("hasRole('ROLE_VIEWER') or hasAuthority('SYS_ADMIN')")
|
||||
public String getUserName(){
|
||||
SecurityContext securityContext = SecurityContextHolder.getContext();
|
||||
return securityContext.getAuthentication().getName();
|
||||
}
|
||||
|
||||
@PostAuthorize("returnObject.username == authentication.principal.nickName")
|
||||
public CustomUser loadUserDetail(String username){
|
||||
return userRoleRepository.loadUserByUserName(username);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user