1616
1717package org .springframework .security .web .access ;
1818
19- import java .util .Arrays ;
20- import java .util .Collections ;
2119import java .util .List ;
2220
2321import jakarta .servlet .http .HttpServletRequest ;
@@ -70,50 +68,41 @@ void setup() {
7068
7169 @ Test
7270 void isAllowedWhenDelegatesEmptyThenAllowed () {
73- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
74- Collections .emptyList ());
71+ WebInvocationPrivilegeEvaluator delegating = evaluator ();
7572 assertThat (delegating .isAllowed (this .uri , this .authentication )).isTrue ();
7673 }
7774
7875 @ Test
7976 void isAllowedWhenNotMatchThenAllowed () {
80- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> notMatch = new RequestMatcherEntry <>(this .alwaysDeny ,
81- Collections .singletonList (TestWebInvocationPrivilegeEvaluator .alwaysAllow ()));
82- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
83- Collections .singletonList (notMatch ));
77+ RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> notMatch = entry (this .alwaysDeny ,
78+ TestWebInvocationPrivilegeEvaluator .alwaysAllow ());
79+ WebInvocationPrivilegeEvaluator delegating = evaluator (notMatch );
8480 assertThat (delegating .isAllowed (this .uri , this .authentication )).isTrue ();
8581 verify (notMatch .getRequestMatcher ()).matches (any ());
8682 }
8783
8884 @ Test
8985 void isAllowedWhenPrivilegeEvaluatorAllowThenAllowedTrue () {
90- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = new RequestMatcherEntry <>(
91- this .alwaysMatch , Collections .singletonList (TestWebInvocationPrivilegeEvaluator .alwaysAllow ()));
92- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
93- Collections .singletonList (delegate ));
86+ WebInvocationPrivilegeEvaluator delegating = evaluator (allow (this .alwaysMatch ));
9487 assertThat (delegating .isAllowed (this .uri , this .authentication )).isTrue ();
9588 }
9689
9790 @ Test
9891 void isAllowedWhenPrivilegeEvaluatorDenyThenAllowedFalse () {
99- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = new RequestMatcherEntry <>(
100- this .alwaysMatch , Collections .singletonList (TestWebInvocationPrivilegeEvaluator .alwaysDeny ()));
101- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
102- Collections .singletonList (delegate ));
92+ WebInvocationPrivilegeEvaluator delegating = evaluator (deny (this .alwaysMatch ));
10393 assertThat (delegating .isAllowed (this .uri , this .authentication )).isFalse ();
10494 }
10595
10696 @ Test
10797 void isAllowedWhenNotMatchThenMatchThenOnlySecondDelegateInvoked () {
108- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> notMatchDelegate = new RequestMatcherEntry <>(
109- this . alwaysDeny , Collections . singletonList ( TestWebInvocationPrivilegeEvaluator .alwaysAllow () ));
110- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> matchDelegate = new RequestMatcherEntry <>(
111- this . alwaysMatch , Collections . singletonList ( TestWebInvocationPrivilegeEvaluator .alwaysAllow () ));
98+ RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> notMatchDelegate = entry ( this . alwaysDeny ,
99+ TestWebInvocationPrivilegeEvaluator .alwaysAllow ());
100+ RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> matchDelegate = entry ( this . alwaysMatch ,
101+ TestWebInvocationPrivilegeEvaluator .alwaysAllow ());
112102 RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> spyNotMatchDelegate = spy (notMatchDelegate );
113103 RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> spyMatchDelegate = spy (matchDelegate );
114104
115- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
116- Arrays .asList (notMatchDelegate , spyMatchDelegate ));
105+ WebInvocationPrivilegeEvaluator delegating = evaluator (notMatchDelegate , spyMatchDelegate );
117106 assertThat (delegating .isAllowed (this .uri , this .authentication )).isTrue ();
118107 verify (spyNotMatchDelegate .getRequestMatcher ()).matches (any ());
119108 verify (spyNotMatchDelegate , never ()).getEntry ();
@@ -124,10 +113,8 @@ void isAllowedWhenNotMatchThenMatchThenOnlySecondDelegateInvoked() {
124113
125114 @ Test
126115 void isAllowedWhenDelegatePrivilegeEvaluatorsEmptyThenAllowedTrue () {
127- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = new RequestMatcherEntry <>(
128- this .alwaysMatch , Collections .emptyList ());
129- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
130- Collections .singletonList (delegate ));
116+ RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = entry (this .alwaysMatch );
117+ WebInvocationPrivilegeEvaluator delegating = evaluator (delegate );
131118 assertThat (delegating .isAllowed (this .uri , this .authentication )).isTrue ();
132119 }
133120
@@ -137,11 +124,10 @@ void isAllowedWhenFirstDelegateDenyThenDoNotInvokeOthers() {
137124 WebInvocationPrivilegeEvaluator allow = TestWebInvocationPrivilegeEvaluator .alwaysAllow ();
138125 WebInvocationPrivilegeEvaluator spyDeny = spy (deny );
139126 WebInvocationPrivilegeEvaluator spyAllow = spy (allow );
140- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = new RequestMatcherEntry <>(
141- this . alwaysMatch , Arrays . asList ( spyDeny , spyAllow ) );
127+ RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = entry ( this . alwaysMatch , spyDeny ,
128+ spyAllow );
142129
143- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
144- Collections .singletonList (delegate ));
130+ WebInvocationPrivilegeEvaluator delegating = evaluator (delegate );
145131
146132 assertThat (delegating .isAllowed (this .uri , this .authentication )).isFalse ();
147133 verify (spyDeny ).isAllowed (any (), any ());
@@ -152,11 +138,9 @@ void isAllowedWhenFirstDelegateDenyThenDoNotInvokeOthers() {
152138 void isAllowedWhenDifferentArgumentsThenCallSpecificIsAllowedInDelegate () {
153139 WebInvocationPrivilegeEvaluator deny = TestWebInvocationPrivilegeEvaluator .alwaysDeny ();
154140 WebInvocationPrivilegeEvaluator spyDeny = spy (deny );
155- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = new RequestMatcherEntry <>(
156- this .alwaysMatch , Collections .singletonList (spyDeny ));
141+ RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = entry (this .alwaysMatch , spyDeny );
157142
158- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
159- Collections .singletonList (delegate ));
143+ WebInvocationPrivilegeEvaluator delegating = evaluator (delegate );
160144
161145 assertThat (delegating .isAllowed (this .uri , this .authentication )).isFalse ();
162146 assertThat (delegating .isAllowed ("/cp" , this .uri , "GET" , this .authentication )).isFalse ();
@@ -172,10 +156,8 @@ void isAllowedWhenServletContextIsSetThenPassedFilterInvocationHttpServletReques
172156 ArgumentCaptor <HttpServletRequest > argumentCaptor = ArgumentCaptor .forClass (HttpServletRequest .class );
173157 RequestMatcher requestMatcher = mock (RequestMatcher .class );
174158 WebInvocationPrivilegeEvaluator wipe = mock (WebInvocationPrivilegeEvaluator .class );
175- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = new RequestMatcherEntry <>(requestMatcher ,
176- Collections .singletonList (wipe ));
177- RequestMatcherDelegatingWebInvocationPrivilegeEvaluator requestMatcherWipe = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
178- Collections .singletonList (delegate ));
159+ RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> delegate = entry (requestMatcher , wipe );
160+ RequestMatcherDelegatingWebInvocationPrivilegeEvaluator requestMatcherWipe = evaluator (delegate );
179161 requestMatcherWipe .setServletContext (servletContext );
180162 requestMatcherWipe .isAllowed ("/foo/index.jsp" , token );
181163 verify (requestMatcher ).matches (argumentCaptor .capture ());
@@ -186,19 +168,13 @@ void isAllowedWhenServletContextIsSetThenPassedFilterInvocationHttpServletReques
186168 void constructorWhenPrivilegeEvaluatorsNullThenException () {
187169 RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> entry = new RequestMatcherEntry <>(this .alwaysMatch ,
188170 null );
189- assertThatIllegalArgumentException ()
190- .isThrownBy (
191- () -> new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (Collections .singletonList (entry )))
171+ assertThatIllegalArgumentException ().isThrownBy (() -> evaluator (entry ))
192172 .withMessageContaining ("webInvocationPrivilegeEvaluators cannot be null" );
193173 }
194174
195175 @ Test
196176 void constructorWhenRequestMatcherNullThenException () {
197- RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> entry = new RequestMatcherEntry <>(null ,
198- Collections .singletonList (mock (WebInvocationPrivilegeEvaluator .class )));
199- assertThatIllegalArgumentException ()
200- .isThrownBy (
201- () -> new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (Collections .singletonList (entry )))
177+ assertThatIllegalArgumentException ().isThrownBy (() -> evaluator (deny (null )))
202178 .withMessageContaining ("requestMatcher cannot be null" );
203179 }
204180
@@ -207,18 +183,30 @@ void constructorWhenRequestMatcherNullThenException() {
207183 void isAllowedWhenInvokesDelegateThenCachesRequestPath () {
208184 PathPatternRequestMatcher path = PathPatternRequestMatcher .withDefaults ().matcher ("/path/**" );
209185 PathPatternRequestMatcher any = PathPatternRequestMatcher .withDefaults ().matcher ("/**" );
210- WebInvocationPrivilegeEvaluator delegating = new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (
211- List .of (deny (path ), deny (any )));
186+ WebInvocationPrivilegeEvaluator delegating = evaluator (deny (path ), deny (any ));
212187 try (MockedStatic <ServletRequestPathUtils > utils = Mockito .mockStatic (ServletRequestPathUtils .class ,
213188 Mockito .CALLS_REAL_METHODS )) {
214189 delegating .isAllowed ("/uri" , null );
215190 utils .verify (() -> ServletRequestPathUtils .parseAndCache (any ()), times (1 ));
216191 }
217192 }
218193
194+ @ SuppressWarnings ({ "rawtypes" , "unchecked" })
195+ private RequestMatcherDelegatingWebInvocationPrivilegeEvaluator evaluator (RequestMatcherEntry ... entries ) {
196+ return new RequestMatcherDelegatingWebInvocationPrivilegeEvaluator (List .of (entries ));
197+ }
198+
199+ private RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> allow (RequestMatcher requestMatcher ) {
200+ return entry (requestMatcher , TestWebInvocationPrivilegeEvaluator .alwaysAllow ());
201+ }
202+
219203 private RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> deny (RequestMatcher requestMatcher ) {
220- return new RequestMatcherEntry <>(requestMatcher ,
221- Collections .singletonList (TestWebInvocationPrivilegeEvaluator .alwaysDeny ()));
204+ return entry (requestMatcher , TestWebInvocationPrivilegeEvaluator .alwaysDeny ());
205+ }
206+
207+ private RequestMatcherEntry <List <WebInvocationPrivilegeEvaluator >> entry (RequestMatcher requestMatcher ,
208+ WebInvocationPrivilegeEvaluator ... evaluators ) {
209+ return new RequestMatcherEntry <>(requestMatcher , List .of (evaluators ));
222210 }
223211
224212}
0 commit comments