Examples of org.springframework.security.access.vote.UnanimousBased.decide()

Package org.springframework.security.access.vote

Class org.springframework.security.access.vote.UnanimousBased

Examples of org.springframework.security.access.vote.UnanimousBased.decide()

org.springframework.security.access.vote.UnanimousBased.decide()
This concrete implementation polls all configured {@link AccessDecisionVoter}s for each {@link ConfigAttribute} and grants access if only grant (or abstain) votes were received.
Other voting implementations usually pass the entire list of ConfigAttributes to the AccessDecisionVoter. This implementation differs in that each AccessDecisionVoter knows only about a single ConfigAttribute at a time.
If every AccessDecisionVoter abstained from voting, the decision will be based on the {@link #isAllowIfAllAbstainDecisions()} property (defaults to false). @param authentication the caller invoking the method @param object the secured object @param attributes the configuration attributes associated with the method being invoked @throws AccessDeniedException if access is denied

        UnanimousBased mgr = makeDecisionManager();


        List<ConfigAttribute> config = SecurityConfig.createList(new String[]{"ROLE_1", "DENY_FOR_SURE"});


        try {
            mgr.decide(auth, new Object(), config);
            fail("Should have thrown AccessDeniedException");
        } catch (AccessDeniedException expected) {
            assertTrue(true);
        }
    }

View Full Code Here

        TestingAuthenticationToken auth = makeTestToken();
        UnanimousBased mgr = makeDecisionManager();


        List<ConfigAttribute> config = SecurityConfig.createList("ROLE_2");


        mgr.decide(auth, new Object(), config);
        assertTrue(true);
    }


    public void testOneDenyVoteTwoAbstainVotesDeniesAccess() throws Exception {
        TestingAuthenticationToken auth = makeTestToken();

View Full Code Here

        UnanimousBased mgr = makeDecisionManager();


        List<ConfigAttribute> config = SecurityConfig.createList("ROLE_WE_DO_NOT_HAVE");


        try {
            mgr.decide(auth, new Object(), config);
            fail("Should have thrown AccessDeniedException");
        } catch (AccessDeniedException expected) {
            assertTrue(true);
        }
    }

View Full Code Here

        TestingAuthenticationToken auth = makeTestTokenWithFooBarPrefix();
        UnanimousBased mgr = makeDecisionManagerWithFooBarPrefix();


        List<ConfigAttribute> config = SecurityConfig.createList(new String[]{"FOOBAR_1", "FOOBAR_2"});


        mgr.decide(auth, new Object(), config);
        assertTrue(true);
    }


    public void testThreeAbstainVotesDeniesAccessWithDefault() throws Exception {
        TestingAuthenticationToken auth = makeTestToken();

View Full Code Here

        assertTrue(!mgr.isAllowIfAllAbstainDecisions()); // check default


        List<ConfigAttribute> config = SecurityConfig.createList("IGNORED_BY_ALL");


        try {
            mgr.decide(auth, new Object(), config);
            fail("Should have thrown AccessDeniedException");
        } catch (AccessDeniedException expected) {
            assertTrue(true);
        }
    }

View Full Code Here

        mgr.setAllowIfAllAbstainDecisions(true);
        assertTrue(mgr.isAllowIfAllAbstainDecisions()); // check changed


        List<ConfigAttribute> config = SecurityConfig.createList("IGNORED_BY_ALL");


        mgr.decide(auth, new Object(), config);
        assertTrue(true);
    }


    public void testTwoAffirmativeVotesTwoAbstainVotesGrantsAccess() throws Exception {
        TestingAuthenticationToken auth = makeTestToken();

View Full Code Here

        TestingAuthenticationToken auth = makeTestToken();
        UnanimousBased mgr = makeDecisionManager();


        List<ConfigAttribute> config = SecurityConfig.createList(new String[]{"ROLE_1", "ROLE_2"});


        mgr.decide(auth, new Object(), config);
        assertTrue(true);
    }
}

View Full Code Here

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.