4
这是什么,是我的春天安全方法:如何编写TestNG的春季安全方法
@Override
public boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission)
{
logger.trace(String.format("hasPermission() - \nAuthentication - %s\nObject - %s\nPermission Reqd - %s",
authentication.toString(), targetDomainObject.toString(), permission.toString()));
UserDetails principal = (UserDetails) authentication.getPrincipal();
for (GrantedAuthority authority : principal.getAuthorities()) {
if(authority.getAuthority().equalsIgnoreCase((String)permission)) {
logger.debug("Allowing user to perform operation");
logger.debug("Setting userId {} in the RO", principal.getUsername());
if(targetDomainObject.getClass().isArray()) {
AbstractRO[] domainObjectArray = (AbstractRO[]) targetDomainObject;
for (AbstractRO abstractRO : domainObjectArray) {
abstractRO.setUserId(principal.getUsername());
}
}
return true;
}
}
logger.debug("Dis-allowing user to perform operation. User does not have '{}' granted authority.", permission);
return false;
}
,我调用这个函数像下面:
@PreAuthorize("isAuthenticated() and hasPermission(#request, 'CREATE_REQUISITION')")
@RequestMapping(method = RequestMethod.POST, value = "/trade/createrequisition")
public
@ResponseBody
void createRequisition(@RequestBody CreateRequisitionRO[] request);
这是什么,是我的TestNG的类:
package in.hexgen.api.facade;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.testng.annotations.Test;
import com.hexgen.api.facade.security.HexGenPermissionEvaluator;
public class HexGenPermissionEvaluatorTest {
private static final Logger logger = LoggerFactory.getLogger(HexGenPermissionEvaluatorTest.class);
Object name="akash";
Object permission="CREATE_REQUISITION";
Authentication authentication;
@Resource(name = "permissionEval")
private HexGenPermissionEvaluator permissionEval;
@Test
public void hasPermission() {
//authentication.setAuthenticated(true);
logger.debug("HexGenPermissionEvaluator Generate - starting ...");
permissionEval.hasPermission(authentication,name, permission);
logger.debug("HexGenPermissionEvaluator Generate - completed ...");
}
}
,但我当我运行测试得到这个例外
FAILED: hasPermission
java.lang.NullPointerException
at in.hexgen.api.facade.HexGenPermissionEvaluatorTest.hasPermission(HexGenPermissionEvaluatorTest.java:30)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocationHelper.java:80)
at org.testng.internal.Invoker.invokeMethod(Invoker.java:714)
at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:901)
at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1231)
at org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWorker.java:128)
at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:111)
at org.testng.TestRunner.privateRun(TestRunner.java:767)
at org.testng.TestRunner.run(TestRunner.java:617)
at org.testng.SuiteRunner.runTest(SuiteRunner.java:334)
at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:329)
at org.testng.SuiteRunner.privateRun(SuiteRunner.java:291)
at org.testng.SuiteRunner.run(SuiteRunner.java:240)
at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52)
at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86)
at org.testng.TestNG.runSuitesSequentially(TestNG.java:1203)
at org.testng.TestNG.runSuitesLocally(TestNG.java:1128)
at org.testng.TestNG.run(TestNG.java:1036)
at org.testng.remote.RemoteTestNG.run(RemoteTestNG.java:111)
at org.testng.remote.RemoteTestNG.initAndRun(RemoteTestNG.java:204)
at org.testng.remote.RemoteTestNG.main(RemoteTestNG.java:175)
我犯的错误是什么,请帮我找到并解雇凶手。
问候