1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.shiro.spring.security.interceptor;
20
21 import org.apache.shiro.authz.annotation.RequiresAuthentication;
22 import org.junit.Test;
23
24 import static org.junit.Assert.assertFalse;
25 import static org.junit.Assert.assertTrue;
26
27 public class AuthorizationAttributeSourceAdvisorTest {
28
29 static class Secured {
30 @RequiresAuthentication
31 public void secureMethod() {
32 }
33
34 public void unsecuredMethod() {
35 }
36 }
37
38 interface ServiceInterface {
39 @RequiresAuthentication
40 String secureMethod();
41
42 String unsecuredMethod();
43 }
44
45 static class ServiceImpl implements ServiceInterface {
46
47 @Override
48 public String secureMethod() {
49 return "";
50 }
51
52 @Override
53 public String unsecuredMethod() {
54 return "";
55 }
56 }
57
58 @RequiresAuthentication
59 interface SafeServiceInterface {
60 String someMethod();
61 }
62
63 static class SafeServiceImpl implements SafeServiceInterface {
64
65 @Override
66 public String someMethod() {
67 return "";
68 }
69 }
70
71 @Test
72 public void matches() throws NoSuchMethodException {
73 assertTrue(
74 "the method is annotated, should match",
75 new AuthorizationAttributeSourceAdvisor().matches(
76 Secured.class.getDeclaredMethod("secureMethod"), Secured.class
77 ));
78 assertFalse(
79 "the method is not annotated, should not match",
80 new AuthorizationAttributeSourceAdvisor().matches(
81 Secured.class.getDeclaredMethod("unsecuredMethod"), Secured.class
82 ));
83
84 assertTrue(
85 "the method declaration is annotated in the interface, should match",
86 new AuthorizationAttributeSourceAdvisor().matches(
87 ServiceInterface.class.getDeclaredMethod("secureMethod"), ServiceImpl.class
88 ));
89 assertFalse(
90 "not annotated method, should not match",
91 new AuthorizationAttributeSourceAdvisor().matches(
92 ServiceInterface.class.getDeclaredMethod("unsecuredMethod"), ServiceImpl.class
93 ));
94
95 assertTrue(
96 "the method declaration is in the interface with type-annotation, should match",
97 new AuthorizationAttributeSourceAdvisor().matches(
98 SafeServiceInterface.class.getDeclaredMethod("someMethod"), SafeServiceInterface.class
99 ));
100 assertTrue(
101 "the method declaration is in the interface with type-annotation, should match",
102 new AuthorizationAttributeSourceAdvisor().matches(
103 SafeServiceImpl.class.getDeclaredMethod("someMethod"), SafeServiceImpl.class
104 ));
105
106 }
107
108 }