diff --git a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfigurationTests.java index fcbb5c0a151..4188b8379cc 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfigurationTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -542,9 +542,7 @@ MethodSecurityService service() { @Bean RoleHierarchy roleHierarchy() { - RoleHierarchyImpl result = new RoleHierarchyImpl(); - result.setHierarchy("ROLE_USER > ROLE_ADMIN"); - return result; + return RoleHierarchyImpl.fromHierarchy("ROLE_USER > ROLE_ADMIN"); } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfigurationTests.java index 404750ee955..6781b321f76 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/method/configuration/PrePostMethodSecurityConfigurationTests.java @@ -1583,9 +1583,7 @@ static class RoleHierarchyConfig { @Bean static RoleHierarchy roleHierarchy() { - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_ADMIN > ROLE_USER"); - return roleHierarchyImpl; + return RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER"); } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java index f96d67809ef..1403d508c29 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurationTests.java @@ -577,9 +577,7 @@ static class WebSecurityExpressionHandlerRoleHierarchyBeanConfig { @Bean RoleHierarchy roleHierarchy() { - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER"); - return roleHierarchy; + return RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER"); } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java index 7d57cae2014..30033d95ef4 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurerTests.java @@ -982,9 +982,7 @@ SecurityFilterChain filterChain(HttpSecurity http) throws Exception { @Bean RoleHierarchy roleHierarchy() { - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER"); - return roleHierarchy; + return RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER"); } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java index 4bf3d4ef784..5d81c4f01c5 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/AuthorizeRequestsTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -299,9 +299,7 @@ UserDetailsService userDetailsService() { @Bean RoleHierarchy roleHiearchy() { - RoleHierarchyImpl result = new RoleHierarchyImpl(); - result.setHierarchy("ROLE_USER > ROLE_ADMIN"); - return result; + return RoleHierarchyImpl.fromHierarchy("ROLE_USER > ROLE_ADMIN"); } } diff --git a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java index ebb6b48bae8..7f38c8978b7 100644 --- a/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java +++ b/config/src/test/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -1208,9 +1208,7 @@ SecurityFilterChain filterChain(HttpSecurity http) throws Exception { @Bean RoleHierarchy roleHierarchy() { - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - roleHierarchy.setHierarchy("ROLE_USER > ROLE_MEMBER"); - return roleHierarchy; + return RoleHierarchyImpl.fromHierarchy("ROLE_USER > ROLE_MEMBER"); } } diff --git a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java index 759227be7e3..d1a28aec85a 100755 --- a/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java +++ b/core/src/main/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImpl.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -78,7 +78,7 @@ * @author Michael Mayr * @author Josh Cummings */ -public class RoleHierarchyImpl implements RoleHierarchy { +public final class RoleHierarchyImpl implements RoleHierarchy { private static final Log logger = LogFactory.getLog(RoleHierarchyImpl.class); @@ -88,14 +88,6 @@ public class RoleHierarchyImpl implements RoleHierarchy { */ private Map> rolesReachableInOneOrMoreStepsMap = null; - /** - * @deprecated Use {@link RoleHierarchyImpl#fromHierarchy} instead - */ - @Deprecated - public RoleHierarchyImpl() { - - } - private RoleHierarchyImpl(Map> hierarchy) { this.rolesReachableInOneOrMoreStepsMap = buildRolesReachableInOneOrMoreStepsMap(hierarchy); } @@ -139,24 +131,6 @@ public static Builder withRolePrefix(String rolePrefix) { return new Builder(rolePrefix); } - /** - * Set the role hierarchy and pre-calculate for every role the set of all reachable - * roles, i.e. all roles lower in the hierarchy of every given role. Pre-calculation - * is done for performance reasons (reachable roles can then be calculated in O(1) - * time). During pre-calculation, cycles in role hierarchy are detected and will cause - * a CycleInRoleHierarchyException to be thrown. - * @param roleHierarchyStringRepresentation - String definition of the role hierarchy. - * @deprecated Use {@link RoleHierarchyImpl#fromHierarchy} instead - */ - @Deprecated - public void setHierarchy(String roleHierarchyStringRepresentation) { - logger.debug(LogMessage.format("setHierarchy() - The following role hierarchy was set: %s", - roleHierarchyStringRepresentation)); - Map> hierarchy = buildRolesReachableInOneStepMap( - roleHierarchyStringRepresentation); - this.rolesReachableInOneOrMoreStepsMap = buildRolesReachableInOneOrMoreStepsMap(hierarchy); - } - @Override public Collection getReachableGrantedAuthorities( Collection authorities) { diff --git a/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyAuthoritiesMapperTests.java b/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyAuthoritiesMapperTests.java index 6175ba64a29..6987d133e6f 100644 --- a/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyAuthoritiesMapperTests.java +++ b/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyAuthoritiesMapperTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,8 +32,7 @@ public class RoleHierarchyAuthoritiesMapperTests { @Test public void expectedAuthoritiesAreReturned() { - RoleHierarchyImpl rh = new RoleHierarchyImpl(); - rh.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C"); + RoleHierarchyImpl rh = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C"); RoleHierarchyAuthoritiesMapper mapper = new RoleHierarchyAuthoritiesMapper(rh); Collection authorities = mapper .mapAuthorities(AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_D")); diff --git a/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImplTests.java b/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImplTests.java index b4cf14b6f5d..a439f1e7218 100644 --- a/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImplTests.java +++ b/core/src/test/java/org/springframework/security/access/hierarchicalroles/RoleHierarchyImplTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2024 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -40,8 +40,7 @@ public class RoleHierarchyImplTests { public void testRoleHierarchyWithNullOrEmptyAuthorities() { List authorities0 = null; List authorities1 = new ArrayList<>(); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B"); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities0)).isNotNull(); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities0)).isEmpty(); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(authorities1)).isNotNull(); @@ -53,8 +52,7 @@ public void testSimpleRoleHierarchy() { List authorities0 = AuthorityUtils.createAuthorityList("ROLE_0"); List authorities1 = AuthorityUtils.createAuthorityList("ROLE_A"); List authorities2 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B"); assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( roleHierarchyImpl.getReachableGrantedAuthorities(authorities0), authorities0)) .isTrue(); @@ -72,12 +70,11 @@ public void testTransitiveRoleHierarchies() { List authorities2 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", "ROLE_C"); List authorities3 = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", "ROLE_C", "ROLE_D"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C"); assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities2)) .isTrue(); - roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_D"); + roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_D"); assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities3)) .isTrue(); @@ -94,8 +91,8 @@ public void testComplexRoleHierarchy() { List authoritiesOutput3 = AuthorityUtils.createAuthorityList("ROLE_C", "ROLE_D"); List authoritiesInput4 = AuthorityUtils.createAuthorityList("ROLE_D"); List authoritiesOutput4 = AuthorityUtils.createAuthorityList("ROLE_D"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl + .fromHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D"); assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( roleHierarchyImpl.getReachableGrantedAuthorities(authoritiesInput1), authoritiesOutput1)) .isTrue(); @@ -112,24 +109,22 @@ public void testComplexRoleHierarchy() { @Test public void testCyclesInRoleHierarchy() { - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); assertThatExceptionOfType(CycleInRoleHierarchyException.class) - .isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_A")); + .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_A")); assertThatExceptionOfType(CycleInRoleHierarchyException.class) - .isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_A")); + .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_A")); assertThatExceptionOfType(CycleInRoleHierarchyException.class) - .isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_A")); - assertThatExceptionOfType(CycleInRoleHierarchyException.class).isThrownBy(() -> roleHierarchyImpl - .setHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_E\nROLE_E > ROLE_D\nROLE_D > ROLE_B")); + .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_A")); + assertThatExceptionOfType(CycleInRoleHierarchyException.class).isThrownBy(() -> RoleHierarchyImpl + .fromHierarchy("ROLE_A > ROLE_B\nROLE_B > ROLE_C\nROLE_C > ROLE_E\nROLE_E > ROLE_D\nROLE_D > ROLE_B")); assertThatExceptionOfType(CycleInRoleHierarchyException.class) - .isThrownBy(() -> roleHierarchyImpl.setHierarchy("ROLE_C > ROLE_B\nROLE_B > ROLE_A\nROLE_A > ROLE_B")); + .isThrownBy(() -> RoleHierarchyImpl.fromHierarchy("ROLE_C > ROLE_B\nROLE_B > ROLE_A\nROLE_A > ROLE_B")); } @Test public void testNoCyclesInRoleHierarchy() { - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - assertThatNoException().isThrownBy(() -> roleHierarchyImpl - .setHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D")); + assertThatNoException().isThrownBy(() -> RoleHierarchyImpl + .fromHierarchy("ROLE_A > ROLE_B\nROLE_A > ROLE_C\nROLE_C > ROLE_D\nROLE_B > ROLE_D")); } // SEC-863 @@ -138,8 +133,7 @@ public void testSimpleRoleHierarchyWithCustomGrantedAuthorityImplementation() { List authorities0 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_0"); List authorities1 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_A"); List authorities2 = HierarchicalRolesTestHelper.createAuthorityList("ROLE_A", "ROLE_B"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B"); assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthoritiesCompareByAuthorityString( roleHierarchyImpl.getReachableGrantedAuthorities(authorities0), authorities0)) .isTrue(); @@ -157,12 +151,11 @@ public void testWhitespaceRoleHierarchies() { List authorities2 = AuthorityUtils.createAuthorityList("ROLE A", "ROLE B", "ROLE>C"); List authorities3 = AuthorityUtils.createAuthorityList("ROLE A", "ROLE B", "ROLE>C", "ROLE D"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C"); assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities2)) .isTrue(); - roleHierarchyImpl.setHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C\nROLE>C > ROLE D"); + roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE A > ROLE B\nROLE B > ROLE>C\nROLE>C > ROLE D"); assertThat(HierarchicalRolesTestHelper.containTheSameGrantedAuthorities( roleHierarchyImpl.getReachableGrantedAuthorities(authorities1), authorities3)) .isTrue(); @@ -174,8 +167,7 @@ public void testJavadoc() { List flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_A"); List allAuthorities = AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B", "ROLE_AUTHENTICATED", "ROLE_UNAUTHENTICATED"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy( + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy( "ROLE_A > ROLE_B\n" + "ROLE_B > ROLE_AUTHENTICATED\n" + "ROLE_AUTHENTICATED > ROLE_UNAUTHENTICATED"); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities)) .containsExactlyInAnyOrderElementsOf(allAuthorities); @@ -187,9 +179,8 @@ public void testInterfaceJavadoc() { List flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST"); List allAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST", "ROLE_HIGHER", "ROLE_LOW", "ROLE_LOWER"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl - .setHierarchy("ROLE_HIGHEST > ROLE_HIGHER\n" + "ROLE_HIGHER > ROLE_LOW\n" + "ROLE_LOW > ROLE_LOWER"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl + .fromHierarchy("ROLE_HIGHEST > ROLE_HIGHER\n" + "ROLE_HIGHER > ROLE_LOW\n" + "ROLE_LOW > ROLE_LOWER"); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities)) .containsExactlyInAnyOrderElementsOf(allAuthorities); } @@ -200,8 +191,8 @@ public void singleLineLargeHierarchy() { List flatAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST"); List allAuthorities = AuthorityUtils.createAuthorityList("ROLE_HIGHEST", "ROLE_HIGHER", "ROLE_LOW", "ROLE_LOWER"); - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_HIGHEST > ROLE_HIGHER > ROLE_LOW > ROLE_LOWER"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl + .fromHierarchy("ROLE_HIGHEST > ROLE_HIGHER > ROLE_LOW > ROLE_LOWER"); assertThat(roleHierarchyImpl.getReachableGrantedAuthorities(flatAuthorities)) .containsExactlyInAnyOrderElementsOf(allAuthorities); } diff --git a/core/src/test/java/org/springframework/security/access/vote/RoleHierarchyVoterTests.java b/core/src/test/java/org/springframework/security/access/vote/RoleHierarchyVoterTests.java index 5a06cc403be..ac8d68988d2 100644 --- a/core/src/test/java/org/springframework/security/access/vote/RoleHierarchyVoterTests.java +++ b/core/src/test/java/org/springframework/security/access/vote/RoleHierarchyVoterTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -29,8 +29,7 @@ public class RoleHierarchyVoterTests { @Test public void hierarchicalRoleIsIncludedInDecision() { - RoleHierarchyImpl roleHierarchyImpl = new RoleHierarchyImpl(); - roleHierarchyImpl.setHierarchy("ROLE_A > ROLE_B"); + RoleHierarchyImpl roleHierarchyImpl = RoleHierarchyImpl.fromHierarchy("ROLE_A > ROLE_B"); // User has role A, role B is required TestingAuthenticationToken auth = new TestingAuthenticationToken("user", "password", "ROLE_A"); RoleHierarchyVoter voter = new RoleHierarchyVoter(roleHierarchyImpl); diff --git a/core/src/test/java/org/springframework/security/authorization/AuthoritiesAuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/AuthoritiesAuthorizationManagerTests.java index 6474117ea41..defd6177ef1 100644 --- a/core/src/test/java/org/springframework/security/authorization/AuthoritiesAuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/AuthoritiesAuthorizationManagerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -48,7 +48,7 @@ void setRoleHierarchyWhenNullThenIllegalArgumentException() { @Test void setRoleHierarchyWhenNotNullThenVerifyRoleHierarchy() { AuthoritiesAuthorizationManager manager = new AuthoritiesAuthorizationManager(); - RoleHierarchy roleHierarchy = new RoleHierarchyImpl(); + RoleHierarchy roleHierarchy = RoleHierarchyImpl.withDefaultRolePrefix().build(); manager.setRoleHierarchy(roleHierarchy); assertThat(manager).extracting("roleHierarchy").isEqualTo(roleHierarchy); } @@ -76,8 +76,7 @@ void checkWhenUserHasNotAnyAuthorityThenDeniedDecision() { @Test void checkWhenRoleHierarchySetThenGreaterRoleTakesPrecedence() { AuthoritiesAuthorizationManager manager = new AuthoritiesAuthorizationManager(); - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER"); + RoleHierarchyImpl roleHierarchy = RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER"); manager.setRoleHierarchy(roleHierarchy); Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_ADMIN"); diff --git a/core/src/test/java/org/springframework/security/authorization/AuthorityAuthorizationManagerTests.java b/core/src/test/java/org/springframework/security/authorization/AuthorityAuthorizationManagerTests.java index 73b3e045869..4cfe6016428 100644 --- a/core/src/test/java/org/springframework/security/authorization/AuthorityAuthorizationManagerTests.java +++ b/core/src/test/java/org/springframework/security/authorization/AuthorityAuthorizationManagerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2023 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -243,7 +243,7 @@ public void setRoleHierarchyWhenNullThenIllegalArgumentException() { @Test public void setRoleHierarchyWhenNotNullThenVerifyRoleHierarchy() { AuthorityAuthorizationManager manager = AuthorityAuthorizationManager.hasRole("USER"); - RoleHierarchy roleHierarchy = new RoleHierarchyImpl(); + RoleHierarchy roleHierarchy = RoleHierarchyImpl.withDefaultRolePrefix().build(); manager.setRoleHierarchy(roleHierarchy); assertThat(manager).extracting("delegate").extracting("roleHierarchy").isEqualTo(roleHierarchy); } @@ -257,8 +257,7 @@ public void getRoleHierarchyWhenNotSetThenDefaultsToNullRoleHierarchy() { @Test public void hasRoleWhenRoleHierarchySetThenGreaterRoleTakesPrecedence() { AuthorityAuthorizationManager manager = AuthorityAuthorizationManager.hasRole("USER"); - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER"); + RoleHierarchyImpl roleHierarchy = RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER"); manager.setRoleHierarchy(roleHierarchy); Supplier authentication = () -> new TestingAuthenticationToken("user", "password", "ROLE_ADMIN"); diff --git a/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java b/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java index a247c6daf71..25984b681c0 100644 --- a/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java +++ b/messaging/src/test/java/org/springframework/security/messaging/access/expression/DefaultMessageSecurityExpressionHandlerTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2025 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -96,8 +96,7 @@ public void trustResolverCustom() { @Test public void roleHierarchy() { this.authentication = new TestingAuthenticationToken("admin", "pass", "ROLE_ADMIN"); - RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl(); - roleHierarchy.setHierarchy("ROLE_ADMIN > ROLE_USER"); + RoleHierarchyImpl roleHierarchy = RoleHierarchyImpl.fromHierarchy("ROLE_ADMIN > ROLE_USER"); this.handler.setRoleHierarchy(roleHierarchy); EvaluationContext context = this.handler.createEvaluationContext(this.authentication, this.message); Expression expression = this.handler.getExpressionParser().parseExpression("hasRole('ROLE_USER')");