diff --git a/core/src/main/java/org/springframework/security/access/vote/InterfaceBasedLabelParameterStrategy.java b/core/src/main/java/org/springframework/security/access/vote/InterfaceBasedLabelParameterStrategy.java deleted file mode 100644 index 6dca070554..0000000000 --- a/core/src/main/java/org/springframework/security/access/vote/InterfaceBasedLabelParameterStrategy.java +++ /dev/null @@ -1,73 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.access.vote; - -import java.lang.reflect.Method; - - -/** - * This is a very useful implementation of the LabelParameterStrategy. Data objects which are meant to be labeled - * should implement the LabeledData interface. This strategy will then castdown to that interface for either testing - * or retrieval of the label. - * - * @author Greg Turnquist - */ -public class InterfaceBasedLabelParameterStrategy implements LabelParameterStrategy { - //~ Instance fields ================================================================================================ - - private String noLabel = ""; - - //~ Methods ======================================================================================================== - - /** - * Test if the argument is labeled, and if so, downcast to LabeledData and retrieve the domain object's - * labeled value. Otherwise, return an empty string. NOTE: The default for no label is an empty string. If somehow - * the user wants to make that a label itself, he or she must inject an alternate value to the noLabel property. - * - * @param method DOCUMENT ME! - * @param arg DOCUMENT ME! - * - * @return DOCUMENT ME! - */ - public String getLabel(Method method, Object arg) { - if (isLabeled(method, arg)) { - return ((LabeledData) arg).getLabel(); - } else { - return noLabel; - } - } - - public String getNoLabel() { - return noLabel; - } - - /** - * Test if the argument implemented the LabeledData interface. NOTE: The invoking method has no bearing for - * this strategy, only the argument itself. - * - * @param method DOCUMENT ME! - * @param arg DOCUMENT ME! - * - * @return DOCUMENT ME! - */ - public boolean isLabeled(Method method, Object arg) { - return (arg instanceof LabeledData); - } - - public void setNoLabel(String noLabel) { - this.noLabel = noLabel; - } -} diff --git a/core/src/main/java/org/springframework/security/access/vote/LabelBasedAclVoter.java b/core/src/main/java/org/springframework/security/access/vote/LabelBasedAclVoter.java deleted file mode 100644 index 71fbcfaaee..0000000000 --- a/core/src/main/java/org/springframework/security/access/vote/LabelBasedAclVoter.java +++ /dev/null @@ -1,269 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.access.vote; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; -import java.util.Map; - -import org.aopalliance.intercept.MethodInvocation; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.security.access.ConfigAttribute; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.util.Assert; - - -/** - *

This Acl voter will evaluate methods based on labels applied to incoming arguments. It will only check - * methods that have been properly tagged in the MethodSecurityInterceptor with the value stored in - * attributeIndicatingLabeledOperation. If a method has been tagged, then it examines each argument, and if the - * argument implements {@link LabeledData}, then it will asses if the user's list of granted authorities matches. - *

- * - *

By default, if none of the arguments are labeled, then the access will be granted. This can be overridden by - * setting allowAccessIfNoAttributesAreLabeled to false in the Spring context file.

- * - *

In many situations, different values are linked together to define a common label, it is necessary to - * define a map in the application context that links user-assigned label access to domain object labels. This is done - * by setting up the labelMap in the application context.

- * - * @author Greg Turnquist - * - * @see org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor - * @deprecated Use new spring-security-acl module instead - */ -public class LabelBasedAclVoter extends AbstractAclVoter { - //~ Static fields/initializers ===================================================================================== - - private static final Log logger = LogFactory.getLog(LabelBasedAclVoter.class); - - //~ Instance fields ================================================================================================ - - private Map> labelMap = null; - private String attributeIndicatingLabeledOperation = null; - private boolean allowAccessIfNoAttributesAreLabeled = true; - - //~ Methods ======================================================================================================== - - /** - * Set whether or not to allow the user to run methods in which none of the incoming arguments are labeled. - * - *

Default value: true, users can run such methods.

- * - * @param allowAccessIfNoAttributesAreLabeled boolean - */ - public void setAllowAccessIfNoAttributesAreLabeled(boolean allowAccessIfNoAttributesAreLabeled) { - this.allowAccessIfNoAttributesAreLabeled = allowAccessIfNoAttributesAreLabeled; - } - - /** - * Each method intended for evaluation by this voter must include this tag name in the definition of the - * MethodSecurityInterceptor, indicating if this voter should evaluate the arguments and compare them against the - * label map. - * - * @param attributeIndicatingLabeledOperation string - */ - public void setAttributeIndicatingLabeledOperation(String attributeIndicatingLabeledOperation) { - this.attributeIndicatingLabeledOperation = attributeIndicatingLabeledOperation; - } - - /** - * Set the map that correlate a user's assigned label against domain object values that are considered data - * labels. An example application context configuration of a labelMap: - * - * 
-     * <bean id="accessDecisionManager" class="org.springframework.security.access.vote.UnanimousBased">
-     *     <property name="allowIfAllAbstainDecisions"><value>false</value></property>
-     *     <property name="decisionVoters">
-     *       <list>
-     *         <bean class="org.springframework.security.access.vote.RoleVoter"/>
-     *         <bean class="org.springframework.security.access.vote.LabelBasedAclVoter">
-     *           <property name="attributeIndicatingLabeledOperation">
-     *             <value>LABELED_OPERATION</value>
-     *           </property>
-     *           <property name="labelMap">
-     *             <map>
-     *               <entry key="DATA_LABEL_BLUE">
-     *                 <list>
-     *                   <value>blue</value>
-     *                   <value>indigo</value>
-     *                   <value>purple</value>
-     *                 </list>
-     *               </entry>
-     *               <entry key="LABEL_ORANGE">
-     *                 <list>
-     *                   <value>orange</value>
-     *                   <value>sunshine</value>
-     *                   <value>amber</value>
-     *                 </list>
-     *               </entry>
-     *               <entry key="LABEL_ADMIN">
-     *                 <list>
-     *                   <value>blue</value>
-     *                   <value>indigo</value>
-     *                   <value>purple</value>
-     *                   <value>orange</value>
-     *                   <value>sunshine</value>
-     *                   <value>amber</value>
-     *                 </list>
-     *               </entry>
-     *             </map>
-     *           </property>
-     *         </bean>
-     *       </list>
-     *     </property>
-     *   </bean>
-     *
- * - * @param labelMap a map structured as in the above example. - * - */ - public void setLabelMap(Map> labelMap) { - this.labelMap = labelMap; - } - - /** - * This acl voter will only evaluate labeled methods if they are marked in the security interceptor's - * configuration with the attribute stored in attributeIndicatingLabeledOperation. - * - * @see org.springframework.security.access.vote.AbstractAclVoter - * @see org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor - */ - public boolean supports(ConfigAttribute attribute) { - if (attribute.getAttribute().equals(attributeIndicatingLabeledOperation)) { - logger.debug(attribute + " is supported."); - - return true; - } - - if (logger.isDebugEnabled()) { - logger.debug(attribute + " is unsupported."); - } - - return false; - } - - /** - * Vote on whether or not the user has all the labels necessary to match the method argument's labeled data. - * - * @return ACCESS_ABSTAIN, ACCESS_GRANTED, or ACCESS_DENIED. - */ - public int vote(Authentication authentication, Object object, Collection attributes) { - int result = ACCESS_ABSTAIN; - - if (logger.isDebugEnabled()) { - logger.debug("=========================================================="); - } - - if (this.supports(attributes.iterator().next())) { - result = ACCESS_DENIED; - - /* Parse out the user's labels by examining the security context, and checking - * for matches against the label map. - */ - List userLabels = new ArrayList(); - - for (GrantedAuthority authority : authentication.getAuthorities()) { - String userLabel = authority.getAuthority(); - if (labelMap.containsKey(userLabel)) { - userLabels.add(userLabel); - logger.debug("Adding " + userLabel + " to <<<" + authentication.getName() - + "'s>>> authorized label list"); - } - } - - MethodInvocation invocation = (MethodInvocation) object; - - int matches = 0; - int misses = 0; - int labeledArguments = 0; - - for (int j = 0; j < invocation.getArguments().length; j++) { - if (invocation.getArguments()[j] instanceof LabeledData) { - labeledArguments++; - - boolean matched = false; - - String argumentDataLabel = ((LabeledData) invocation.getArguments()[j]).getLabel(); - logger.debug("Argument[" + j + "/" + invocation.getArguments()[j].getClass().getName() - + "] has a data label of " + argumentDataLabel); - - List validDataLabels = new ArrayList(); - - for (int i = 0; i < userLabels.size(); i++) { - validDataLabels.addAll(labelMap.get(userLabels.get(i))); - } - - logger.debug("The valid labels for user label " + userLabels + " are " + validDataLabels); - - for (String validDataLabel : validDataLabels) { - if (argumentDataLabel.equals(validDataLabel)) { - logger.debug(userLabels + " maps to " + validDataLabel + " which matches the argument"); - matched = true; - } - } - - if (matched) { - logger.debug("We have a match!"); - matches++; - } else { - logger.debug("We have a miss!"); - misses++; - } - } - } - Assert.isTrue((matches + misses) == labeledArguments, - "The matches (" + matches + ") and misses (" + misses + " ) don't add up (" + labeledArguments + ")"); - - logger.debug("We have " + matches + " matches and " + misses + " misses and " + labeledArguments - + " labeled arguments."); - - /* The result has already been set to ACCESS_DENIED. Only if there is a proper match of - * labels will this be overturned. However, if none of the attributes are actually labeled, - * the result is dependent on allowAccessIfNoAttributesAreLabeled. - */ - if ((matches > 0) && (misses == 0)) { - result = ACCESS_GRANTED; - } else if (labeledArguments == 0) { - if (allowAccessIfNoAttributesAreLabeled) { - result = ACCESS_GRANTED; - } else { - result = ACCESS_DENIED; - } - } - } - - if (logger.isDebugEnabled()) { - switch (result) { - case ACCESS_GRANTED: - logger.debug("===== Access is granted ====="); - break; - - case ACCESS_DENIED: - logger.debug("===== Access is denied ====="); - break; - - case ACCESS_ABSTAIN: - logger.debug("===== Abstaining ====="); - break; - } - } - - return result; - } -} diff --git a/core/src/main/java/org/springframework/security/access/vote/LabelParameterStrategy.java b/core/src/main/java/org/springframework/security/access/vote/LabelParameterStrategy.java deleted file mode 100644 index 531574f5a9..0000000000 --- a/core/src/main/java/org/springframework/security/access/vote/LabelParameterStrategy.java +++ /dev/null @@ -1,51 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.access.vote; - -import java.lang.reflect.Method; - - -/** - * This is a strategy interface for determining which parts of a method invocation - * are labeled. Not all arguments are necessarily labeled. This offers a plugabble - * mechanism to define various ways to label data. - * - * @author Greg Turnquist - */ -public interface LabelParameterStrategy { - //~ Methods ======================================================================================================== - - /** - * Get the actual label associated with the argument. NOTE: This currently only supports one label per - * argument. - * - * @param method - * @param arg - * - * @return string value of the label - */ - String getLabel(Method method, Object arg); - - /** - * Evaluate if one particular argument is labeled. The context of the method is also provided should that - * have bearing on the label. - * - * @param method - * @param arg - * - * @return boolean - */ - boolean isLabeled(Method method, Object arg); -} diff --git a/core/src/main/java/org/springframework/security/access/vote/LabeledData.java b/core/src/main/java/org/springframework/security/access/vote/LabeledData.java deleted file mode 100644 index 3517dc900e..0000000000 --- a/core/src/main/java/org/springframework/security/access/vote/LabeledData.java +++ /dev/null @@ -1,35 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.access.vote; - -/** - * This interface indicates data objects that carry a label. The purpose is to support - * the {@link LabelBasedAclVoter}. When it votes, it evaluates all method arguments - * tagged with this interface, and votes if they match the user's granted authorities list. - * - * @author Greg Turnquist - */ -public interface LabeledData { - //~ Methods ======================================================================================================== - - /** - * Retrieve the domain object's data label. NOTE: This implementation only supports one data label per - * object. - * - * @return The label value of data object as a string. - */ - String getLabel(); -} diff --git a/core/src/test/java/org/springframework/security/access/vote/LabelBasedAclVoterTests.java b/core/src/test/java/org/springframework/security/access/vote/LabelBasedAclVoterTests.java deleted file mode 100644 index c6772168ab..0000000000 --- a/core/src/test/java/org/springframework/security/access/vote/LabelBasedAclVoterTests.java +++ /dev/null @@ -1,184 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.access.vote; - -import static org.junit.Assert.*; - -import java.util.List; - -import org.junit.Test; -import org.junit.runner.RunWith; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.test.context.ContextConfiguration; -import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; - - -/** - * @author Greg Turnquist - */ -@ContextConfiguration(locations={"/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml"}) -@RunWith(SpringJUnit4ClassRunner.class) -public class LabelBasedAclVoterTests { - //~ Instance fields ================================================================================================ - - @Autowired - private SampleService sampleService = null; - - @Autowired - private AuthenticationManager authenticationManager; - - //~ Methods ======================================================================================================== - - public SampleService getSampleService() { - return sampleService; - } - - public void setSampleService(SampleService sampleService) { - this.sampleService = sampleService; - } - - private void setupContext(String username, String password) { - UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password); - SecurityContextHolder.getContext().setAuthentication(authenticationManager.authenticate(token)); - } - - @Test - public void testDoingSomethingForBlueUser() { - setupContext("blueuser", "password"); - - List dataList = sampleService.getTheSampleData(); - assertNotNull(dataList); - - SampleBlockOfData block1 = (SampleBlockOfData) dataList.get(0); - SampleBlockOfData block2 = (SampleBlockOfData) dataList.get(1); - SampleBlockOfData block3 = (SampleBlockOfData) dataList.get(2); - - sampleService.doSomethingOnThis(block1, block1); - - try { - sampleService.doSomethingOnThis(block2, block2); - fail("Expected an AccessDeniedException"); - } catch (AccessDeniedException e) {} - catch (RuntimeException e) { - fail("Expected an AccessDeniedException"); - } - - try { - sampleService.doSomethingOnThis(block1, block2); - fail("Expected an AccessDeniedException"); - } catch (AccessDeniedException e) {} - catch (RuntimeException e) { - fail("Expected an AccessDeniedException"); - } - - try { - sampleService.doSomethingOnThis(block2, block1); - fail("Expected an AccessDeniedException"); - } catch (AccessDeniedException e) {} - catch (RuntimeException e) { - fail("Expected an AccessDeniedException"); - } - - sampleService.doSomethingOnThis(block3, block3); - } - - @Test - public void testDoingSomethingForMultiUser() { - setupContext("multiuser", "password4"); - - List dataList = sampleService.getTheSampleData(); - assertNotNull(dataList); - - SampleBlockOfData block1 = (SampleBlockOfData) dataList.get(0); - SampleBlockOfData block2 = (SampleBlockOfData) dataList.get(1); - SampleBlockOfData block3 = (SampleBlockOfData) dataList.get(2); - - sampleService.doSomethingOnThis(block1, block1); - sampleService.doSomethingOnThis(block2, block2); - sampleService.doSomethingOnThis(block1, block2); - sampleService.doSomethingOnThis(block2, block1); - sampleService.doSomethingOnThis(block3, block3); - } - - @Test - public void testDoingSomethingForOrangeUser() { - setupContext("orangeuser", "password3"); - - List dataList = sampleService.getTheSampleData(); - assertNotNull(dataList); - - SampleBlockOfData block1 = (SampleBlockOfData) dataList.get(0); - SampleBlockOfData block2 = (SampleBlockOfData) dataList.get(1); - SampleBlockOfData block3 = (SampleBlockOfData) dataList.get(2); - - sampleService.doSomethingOnThis(block2, block2); - - try { - sampleService.doSomethingOnThis(block1, block1); - fail("Expected an AccessDeniedException"); - } catch (AccessDeniedException e) {} - catch (RuntimeException e) { - fail("Expected an AccessDeniedException"); - } - - try { - sampleService.doSomethingOnThis(block1, block2); - fail("Expected an AccessDeniedException"); - } catch (AccessDeniedException e) {} - catch (RuntimeException e) { - fail("Expected an AccessDeniedException"); - } - - try { - sampleService.doSomethingOnThis(block2, block1); - fail("Expected an AccessDeniedException"); - } catch (AccessDeniedException e) {} - catch (RuntimeException e) { - fail("Expected an AccessDeniedException"); - } - - sampleService.doSomethingOnThis(block3, block3); - } - - @Test - public void testDoingSomethingForSuperUser() { - setupContext("superuser", "password2"); - - List dataList = sampleService.getTheSampleData(); - assertNotNull(dataList); - - SampleBlockOfData block1 = (SampleBlockOfData) dataList.get(0); - SampleBlockOfData block2 = (SampleBlockOfData) dataList.get(1); - SampleBlockOfData block3 = (SampleBlockOfData) dataList.get(2); - - sampleService.doSomethingOnThis(block1, block1); - sampleService.doSomethingOnThis(block2, block2); - sampleService.doSomethingOnThis(block1, block2); - sampleService.doSomethingOnThis(block2, block1); - sampleService.doSomethingOnThis(block3, block3); - } - - @Test - public void testSampleBlockOfDataPOJO() { - SampleBlockOfData block = new SampleBlockOfData(); - block.setId("ID-ABC"); - assertEquals(block.getId(), "ID-ABC"); - } -} diff --git a/core/src/test/java/org/springframework/security/access/vote/SampleBlockOfData.java b/core/src/test/java/org/springframework/security/access/vote/SampleBlockOfData.java deleted file mode 100644 index 42ca005f09..0000000000 --- a/core/src/test/java/org/springframework/security/access/vote/SampleBlockOfData.java +++ /dev/null @@ -1,66 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.access.vote; - -import org.springframework.security.access.vote.LabeledData; - -import java.io.Serializable; - - -/** - * For label unit tests. - * - * @author Greg Turnquist - */ -public class SampleBlockOfData implements Serializable, LabeledData { - //~ Static fields/initializers ===================================================================================== - - private static final long serialVersionUID = 1L; - public static final String DATA_LABEL_BLUE = "blue"; - public static final String DATA_LABEL_ORANGE = "orange"; - public static final String DATA_LABEL_SHARED = "blue-orange"; - - //~ Instance fields ================================================================================================ - - private String dataType; - private String id; - - //~ Methods ======================================================================================================== - - public String getId() { - return id; - } - - public String getLabel() { - return dataType; - } - - public String getSomeData() { - return dataType; - } - - public void setId(String ticketNumber) { - this.id = ticketNumber; - } - - public void setSomeData(String trafficType) { - this.dataType = trafficType; - } - - public String toString() { - return this.id + "/" + this.dataType; - } -} diff --git a/core/src/test/java/org/springframework/security/access/vote/SampleService.java b/core/src/test/java/org/springframework/security/access/vote/SampleService.java deleted file mode 100644 index 30437bbaf0..0000000000 --- a/core/src/test/java/org/springframework/security/access/vote/SampleService.java +++ /dev/null @@ -1,30 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.access.vote; - -import java.util.List; - - -/** - * @author Greg Turnquist - */ -public interface SampleService { - //~ Methods ======================================================================================================== - - public void doSomethingOnThis(SampleBlockOfData block1, SampleBlockOfData block2); - - public List getTheSampleData(); -} diff --git a/core/src/test/java/org/springframework/security/access/vote/SampleServiceImpl.java b/core/src/test/java/org/springframework/security/access/vote/SampleServiceImpl.java deleted file mode 100644 index aa9bf9d4f4..0000000000 --- a/core/src/test/java/org/springframework/security/access/vote/SampleServiceImpl.java +++ /dev/null @@ -1,53 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.access.vote; - -import java.util.List; -import java.util.Vector; - - -/** - * For label unit tests. - * - * @author Greg Turnquist - */ -public class SampleServiceImpl implements SampleService { - //~ Methods ======================================================================================================== - - public void doSomethingOnThis(SampleBlockOfData block1, SampleBlockOfData block2) { - } - - public List getTheSampleData() { - List dataList = new Vector(); - SampleBlockOfData block; - - block = new SampleBlockOfData(); - block.setId("001"); - block.setSomeData(SampleBlockOfData.DATA_LABEL_BLUE); - dataList.add(block); - - block = new SampleBlockOfData(); - block.setId("002"); - block.setSomeData(SampleBlockOfData.DATA_LABEL_ORANGE); - dataList.add(block); - - block = new SampleBlockOfData(); - block.setId("003"); - block.setSomeData(SampleBlockOfData.DATA_LABEL_SHARED); - dataList.add(block); - - return dataList; - } -} diff --git a/core/src/test/resources/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml b/core/src/test/resources/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml deleted file mode 100644 index 6c3a76daaa..0000000000 --- a/core/src/test/resources/org/springframework/security/vote/labelBasedSecurityApplicationContext.xml +++ /dev/null @@ -1,91 +0,0 @@ - - - - - - - blueuser=password,ROLE_BASIC,LABEL_BLUE - superuser=password2,ROLE_BASIC,LABEL_SHARED - orangeuser=password3,ROLE_BASIC,LABEL_ORANGE - multiuser=password4,ROLE_BASIC,LABEL_BLUE,LABEL_ORANGE - - - - - - - - - - - - - - - - - - false - - - - - LABELED_OPERATION - - - - - blue - blue-orange - - - - - orange - blue-orange - - - - - blue - orange - blue-orange - - - - - - - - - - - false - - - - - org.springframework.security.access.vote.SampleService.get*=ROLE_BASIC - org.springframework.security.access.vote.SampleService.do*=ROLE_BASIC,LABELED_OPERATION - - - - - - Security: - - - - - - sampleService - - - perfOfSecurity - securityInteceptor - - - - -