Polish MethodSecurityExpressionHandler Test

- Rename to follow convention
- Use a mock object to verify usage

Issue gh-15715

Author: jzheaux

config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostReactiveMethodSecurityConfigurationTests.java

@@ -16,8 +16,6 @@
 
 package org.springframework.security.config.annotation.method.configuration;
 
-import java.io.Serializable;
-
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import reactor.test.StepVerifier;
@@ -31,11 +29,17 @@
 import org.springframework.security.authorization.AuthorizationDeniedException;
 import org.springframework.security.config.test.SpringTestContext;
 import org.springframework.security.config.test.SpringTestContextExtension;
-import org.springframework.security.core.Authentication;
 import org.springframework.security.test.context.annotation.SecurityTestExecutionListeners;
 import org.springframework.security.test.context.support.WithMockUser;
 import org.springframework.test.context.junit.jupiter.SpringExtension;
 
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.BDDMockito.given;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+
 @ExtendWith({ SpringExtension.class, SpringTestContextExtension.class })
 @SecurityTestExecutionListeners
 public class PrePostReactiveMethodSecurityConfigurationTests {
@@ -211,13 +215,17 @@ void preAuthorizeWhenAllowedAndHandlerWithCustomAnnotationUsingBeanThenInvokeMet
 
 	@Test
 	@WithMockUser(roles = "ADMIN")
-	public void customMethodSecurityExpressionHandler() {
+	public void preAuthorizeWhenCustomMethodSecurityExpressionHandlerThenUses() {
 		this.spring.register(MethodSecurityServiceEnabledConfig.class, PermissionEvaluatorConfig.class).autowire();
 		ReactiveMethodSecurityService service = this.spring.getContext().getBean(ReactiveMethodSecurityService.class);
+		PermissionEvaluator permissionEvaluator = this.spring.getContext().getBean(PermissionEvaluator.class);
+		given(permissionEvaluator.hasPermission(any(), eq("grant"), any())).willReturn(true);
+		given(permissionEvaluator.hasPermission(any(), eq("deny"), any())).willReturn(false);
 		StepVerifier.create(service.preAuthorizeHasPermission("grant")).expectNext("ok").verifyComplete();
 		StepVerifier.create(service.preAuthorizeHasPermission("deny"))
 			.expectError(AuthorizationDeniedException.class)
 			.verify();
+		verify(permissionEvaluator, times(2)).hasPermission(any(), any(), any());
 	}
 
 	@Configuration
@@ -234,23 +242,17 @@ ReactiveMethodSecurityService methodSecurityService() {
 	@Configuration
 	static class PermissionEvaluatorConfig {
 
+		@Bean
+		static PermissionEvaluator permissionEvaluator() {
+			return mock(PermissionEvaluator.class);
+		}
+
 		@Bean
 		@Role(BeanDefinition.ROLE_INFRASTRUCTURE)
-		static DefaultMethodSecurityExpressionHandler methodSecurityExpressionHandler() {
+		static DefaultMethodSecurityExpressionHandler methodSecurityExpressionHandler(
+				PermissionEvaluator permissionEvaluator) {
 			DefaultMethodSecurityExpressionHandler handler = new DefaultMethodSecurityExpressionHandler();
-			handler.setPermissionEvaluator(new PermissionEvaluator() {
-				@Override
-				public boolean hasPermission(Authentication authentication, Object targetDomainObject,
-						Object permission) {
-					return "grant".equals(targetDomainObject);
-				}
-
-				@Override
-				public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType,
-						Object permission) {
-					throw new UnsupportedOperationException();
-				}
-			});
+			handler.setPermissionEvaluator(permissionEvaluator);
 			return handler;
 		}