fix unit test
Signed-off-by: Michael Hirsch <michael.hirsch@bosch-si.com>
This commit is contained in:
@@ -14,6 +14,7 @@ import java.io.File;
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Method;
|
||||
import java.lang.reflect.Modifier;
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.net.URL;
|
||||
import java.util.ArrayList;
|
||||
@@ -51,6 +52,10 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
|
||||
for (final Class<?> interfaceToCheck : findInterfacesInPackage) {
|
||||
assertDeclaredMethodsContainsPreAuthorizeAnnotaions(interfaceToCheck);
|
||||
}
|
||||
|
||||
// all exclusion should be used, otherwise the method exlusion should be
|
||||
// cleaned up again
|
||||
assertThat(METHOD_SECURITY_EXCLUSION).isEmpty();
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -65,12 +70,15 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
|
||||
private static void assertDeclaredMethodsContainsPreAuthorizeAnnotaions(final Class<?> clazz) {
|
||||
final Method[] declaredMethods = clazz.getDeclaredMethods();
|
||||
for (final Method method : declaredMethods) {
|
||||
if (!METHOD_SECURITY_EXCLUSION.contains(method) && !method.isSynthetic()
|
||||
&& Modifier.isPublic(method.getModifiers())) {
|
||||
final PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
|
||||
assertThat(annotation).as("The public method " + method.getName() + " in class " + clazz.getName()
|
||||
+ " is not annoated with @PreAuthorize, security leak?").isNotNull();
|
||||
final boolean methodExcluded = METHOD_SECURITY_EXCLUSION.contains(method);
|
||||
if (methodExcluded || method.isSynthetic() || Modifier.isPublic(method.getModifiers())) {
|
||||
// skip method because it should be excluded
|
||||
METHOD_SECURITY_EXCLUSION.remove(method);
|
||||
continue;
|
||||
}
|
||||
final PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
|
||||
assertThat(annotation).as("The public method " + method.getName() + " in class " + clazz.getName()
|
||||
+ " is not annoated with @PreAuthorize, security leak?").isNotNull();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -93,17 +101,21 @@ public class RepositoryManagementMethodPreAuthorizeAnnotatedTest {
|
||||
final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
|
||||
final Enumeration<URL> resources = classLoader.getResources(p.getName().replace(".", "/"));
|
||||
while (resources.hasMoreElements()) {
|
||||
final File packageDirectory = new File(resources.nextElement().getFile());
|
||||
final File[] filesInPackage = packageDirectory.listFiles();
|
||||
for (final File classFile : filesInPackage) {
|
||||
final String classNameWithExtension = classFile.getName();
|
||||
final int indexOfExtension = classNameWithExtension.indexOf(".class");
|
||||
if (indexOfExtension > 0) {
|
||||
final String classNameWithoutExtension = classNameWithExtension.substring(0, indexOfExtension);
|
||||
if (includeFilter.matcher(classNameWithoutExtension).matches()) {
|
||||
final Class<?> classInPackage = Class.forName(p.getName() + "." + classNameWithoutExtension);
|
||||
if (classInPackage.isInterface()) {
|
||||
interfacesToReturn.add(classInPackage);
|
||||
final String uriPath = new URI(resources.nextElement().toString()).getPath();
|
||||
if (uriPath != null) {
|
||||
final File packageDirectory = new File(uriPath);
|
||||
final File[] filesInPackage = packageDirectory.listFiles();
|
||||
for (final File classFile : filesInPackage) {
|
||||
final String classNameWithExtension = classFile.getName();
|
||||
final int indexOfExtension = classNameWithExtension.indexOf(".class");
|
||||
if (indexOfExtension > 0) {
|
||||
final String classNameWithoutExtension = classNameWithExtension.substring(0, indexOfExtension);
|
||||
if (includeFilter.matcher(classNameWithoutExtension).matches()) {
|
||||
final Class<?> classInPackage = Class
|
||||
.forName(p.getName() + "." + classNameWithoutExtension);
|
||||
if (classInPackage.isInterface()) {
|
||||
interfacesToReturn.add(classInPackage);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user