Add Auto Configuration for SecurityEvaluationContextExtension

Fixes gh-3840
2015-08-27 11:11:38 -05:00 · 2015-08-27 11:11:38 -05:00 · 34772e4177
parent e9fe34e2fa
commit 34772e4177
4 changed files with 60 additions and 1 deletions
--- a/spring-boot-autoconfigure/pom.xml
+++ b/spring-boot-autoconfigure/pom.xml
@ -405,6 +405,11 @@
 			<artifactId>spring-security-config</artifactId>
 			<optional>true</optional>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-data</artifactId>
+			<optional>true</optional>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.security.oauth</groupId>
 			<artifactId>spring-security-oauth2</artifactId>
--- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfiguration.java
+++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfiguration.java
@ -50,7 +50,8 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@EnableConfigurationProperties
@Import({ SpringBootWebSecurityConfiguration.class,
 		AuthenticationManagerConfiguration.class,
-		BootGlobalAuthenticationConfiguration.class })
+		BootGlobalAuthenticationConfiguration.class,
+		SecurityDataConfiguration.class })
 public class SecurityAutoConfiguration {

 	@Bean
--- a/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityDataConfiguration.java
+++ b/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/SecurityDataConfiguration.java
@ -0,0 +1,40 @@
+/*
+ * Copyright 2002-2015 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.boot.autoconfigure.security;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.repository.query.spi.EvaluationContextExtensionSupport;
+import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
+
+/**
+ * Automatically adds Spring Security's integration with Spring Data.
+ *
+ * @author Rob Winch
+ * @since 1.3
+ */
+@Configuration
+@ConditionalOnClass({SecurityEvaluationContextExtension.class, EvaluationContextExtensionSupport.class})
+public class SecurityDataConfiguration {
+
+	@ConditionalOnMissingBean(SecurityEvaluationContextExtension.class)
+	@Bean
+	public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
+		return new SecurityEvaluationContextExtension();
+	}
+}
--- a/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java
+++ b/spring-boot-autoconfigure/src/test/java/org/springframework/boot/autoconfigure/security/SecurityAutoConfigurationTests.java
@ -52,6 +52,7 @@ import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.data.repository.query.SecurityEvaluationContextExtension;
 import org.springframework.security.web.FilterChainProxy;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.web.context.support.AnnotationConfigWebApplicationContext;
@ -350,6 +351,18 @@ public class SecurityAutoConfigurationTests {
 		assertNotNull(manager.authenticate(token));
 	}

+	@Test
+	public void testSecurityEvaluationContextExtensionSupport() {
+		this.context = new AnnotationConfigWebApplicationContext();
+		this.context.setServletContext(new MockServletContext());
+
+		this.context.register(AuthenticationManagerCustomizer.class,
+				SecurityAutoConfiguration.class, ServerPropertiesAutoConfiguration.class);
+		this.context.refresh();
+
+		assertNotNull(this.context.getBean(SecurityEvaluationContextExtension.class));
+	}
+
 	private static final class AuthenticationListener implements
 			ApplicationListener<AbstractAuthenticationEvent> {