diff --git a/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java b/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java index e94ae9bd55..d292bd2931 100644 --- a/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java +++ b/taglibs/src/main/java/org/springframework/security/taglibs/authz/AccessControlListTag.java @@ -52,15 +52,18 @@ import org.springframework.web.util.ExpressionEvaluationUtils; * principal. *

* One or more comma separate numeric are specified via the hasPermission attribute. - * These permissions are then converted into {@link Permission} instances. These instances are then presented as an - * array to the {@link Acl#isGranted(Permission[], org.springframework.security.acls.model.Sid[], boolean)} method. + * These permissions are then converted into {@link Permission} instances using the {@link PermissionFactory} + * instance obtained from the application context, or a {@link DefaultPermissionFactory} if one isn't found. + * The Permission instances are then presented as a list + * array to the {@link Acl#isGranted(List, List, boolean)} method. * The {@link Sid} presented is determined by the {@link SidRetrievalStrategy}. *

* For this class to operate it must be able to access the application context via the - * WebApplicationContextUtils and attempt to locate an {@link AclService} and {@link SidRetrievalStrategy}. + * WebApplicationContextUtils and attempt to locate an {@link AclService}, + * {@link ObjectIdentityRetrievalStrategy} and {@link SidRetrievalStrategy}. * There cannot be more than one of these present. The AclService must be provided, but a - * {@link SidRetrievalStrategyImpl} instance will be created as the default retrieval strategy if no implementation - * is supplied by the application context. + * {@link SidRetrievalStrategyImpl} and/or an {@link ObjectIdentityRetrievalStrategyImpl} will be created if no + * implementations are found in the application context. * * @author Ben Alex * @version $Id$ diff --git a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AccessControlListTagTests.java b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AccessControlListTagTests.java index 8e7dd508dc..a704e34ff6 100644 --- a/taglibs/src/test/java/org/springframework/security/taglibs/authz/AccessControlListTagTests.java +++ b/taglibs/src/test/java/org/springframework/security/taglibs/authz/AccessControlListTagTests.java @@ -16,12 +16,10 @@ import org.springframework.mock.web.MockHttpServletRequest; import org.springframework.mock.web.MockHttpServletResponse; import org.springframework.mock.web.MockPageContext; import org.springframework.mock.web.MockServletContext; -import org.springframework.security.acls.AclPermissionEvaluator; import org.springframework.security.acls.model.Acl; import org.springframework.security.acls.model.AclService; import org.springframework.security.acls.model.ObjectIdentity; import org.springframework.security.acls.model.ObjectIdentityRetrievalStrategy; -import org.springframework.security.acls.model.SidRetrievalStrategy; import org.springframework.security.authentication.TestingAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.context.WebApplicationContext; @@ -44,12 +42,12 @@ public class AccessControlListTagTests { WebApplicationContext ctx = mock(WebApplicationContext.class); AclService service = mock(AclService.class); - AclPermissionEvaluator pe = new AclPermissionEvaluator(service); ObjectIdentity oid = mock(ObjectIdentity.class); ObjectIdentityRetrievalStrategy oidStrategy = mock(ObjectIdentityRetrievalStrategy.class); when(oidStrategy.getObjectIdentity(anyObject())).thenReturn(oid); - pe.setObjectIdentityRetrievalStrategy(oidStrategy); - pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class)); +// AclPermissionEvaluator pe = new AclPermissionEvaluator(service); +// pe.setObjectIdentityRetrievalStrategy(oidStrategy); +// pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class)); acl = mock(Acl.class); when(service.readAclById(any(ObjectIdentity.class), anyList())).thenReturn(acl);