优化权限

hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/basic/embed/EmbedAuthenticationManagerTest.groovy

@@ -0,0 +1,40 @@
+package org.hswebframework.web.authorization.basic.embed
+
+import org.hswebframework.web.authorization.Authentication
+import org.hswebframework.web.authorization.AuthenticationManager
+import org.hswebframework.web.authorization.simple.PlainTextUsernamePasswordAuthenticationRequest
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.boot.test.context.SpringBootTest
+import org.springframework.test.context.ContextConfiguration
+import org.springframework.test.context.web.WebAppConfiguration
+import spock.lang.Specification
+
+/**
+ * @author zhouhao
+ * @since 3.0.0-RC
+ */
+@WebAppConfiguration
+@ContextConfiguration
+@SpringBootTest(classes = [TestApplication.class], properties = ["classpath:application.yml"])
+class EmbedAuthenticationManagerTest extends Specification {
+
+    @Autowired
+    private AuthenticationManager manager;
+
+
+    def "Test"() {
+        setup:
+        Authentication authentication = manager.authenticate(new PlainTextUsernamePasswordAuthenticationRequest("admin", "admin"));
+        expect:
+        authentication != null
+        authentication.getUser() != null
+        authentication.getUser().getName() == "超级管理员"
+        authentication.hasPermission("user-manager", "query")
+        authentication.getPermission("user-manager") != null
+        authentication.hasRole("user")
+        authentication.getPermission("user-manager")
+                .get().findDenyFields("query") != null
+        authentication.getPermission("user-manager")
+                .get().findDenyFields("query").contains("password")
+    }
+}

hsweb-authorization/hsweb-authorization-basic/src/test/java/org/hswebframework/web/authorization/basic/embed/TestApplication.java

@@ -0,0 +1,19 @@
+package org.hswebframework.web.authorization.basic.embed;
+
+import org.hswebframework.web.authorization.basic.configuration.AopAuthorizeAutoConfiguration;
+import org.hswebframework.web.authorization.basic.configuration.AuthorizingHandlerAutoConfiguration;
+import org.hswebframework.web.authorization.basic.configuration.EnableAopAuthorize;
+import org.springframework.boot.autoconfigure.ImportAutoConfiguration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.test.context.web.WebAppConfiguration;
+
+/**
+ * @author zhouhao
+ * @since 3.0.0-RC
+ */
+@SpringBootApplication
+@WebAppConfiguration
+@EnableAopAuthorize
+public class TestApplication {
+
+}

hsweb-authorization/hsweb-authorization-basic/src/test/resources/application.yml

@@ -0,0 +1,38 @@
+
+spring:
+    aop:
+        auto: true
+        proxy-target-class: true
+    datasource:
+       url : jdbc:h2:mem:example-oauth2-client
+       username : sa
+       password :
+       type: com.alibaba.druid.pool.DruidDataSource
+       driver-class-name : org.h2.Driver
+    cache:
+       type: simple
+hsweb:
+    app:
+      name: hsweb-oauth2 客户端示例
+      version: 3.0.0
+    users:
+        admin:
+          name: 超级管理员
+          username: admin
+          password: admin
+          roles: #用户的角色
+            - id: admin
+              name: 管理员
+            - id: user
+              name: 用户
+          permissions:
+            - id: user-manager
+              actions: query,get,update,delete
+              dataAccesses:
+                - action: query
+                  type: DENY_FIELDS
+                  fields:
+                    - password
+                    - salt
+server:
+  port: 8808