diff --git a/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java b/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java index 17f5e2d527b9b..ba6ec3f69909e 100644 --- a/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java +++ b/extensions/resteasy-reactive/rest/deployment/src/main/java/io/quarkus/resteasy/reactive/server/deployment/ResteasyReactiveProcessor.java @@ -87,7 +87,6 @@ import org.jboss.resteasy.reactive.common.processor.TargetJavaVersion; import org.jboss.resteasy.reactive.common.processor.scanning.ApplicationScanningResult; import org.jboss.resteasy.reactive.common.processor.scanning.ResourceScanningResult; -import org.jboss.resteasy.reactive.common.processor.transformation.AnnotationsTransformer; import org.jboss.resteasy.reactive.common.types.AllWriteableMarker; import org.jboss.resteasy.reactive.common.util.Encode; import org.jboss.resteasy.reactive.common.util.types.Types; @@ -104,6 +103,7 @@ import org.jboss.resteasy.reactive.server.model.ParamConverterProviders; import org.jboss.resteasy.reactive.server.model.ServerMethodParameter; import org.jboss.resteasy.reactive.server.model.ServerResourceMethod; +import org.jboss.resteasy.reactive.server.processor.ServerEndpointIndexer; import org.jboss.resteasy.reactive.server.processor.generation.converters.GeneratedConverterIndexerExtension; import org.jboss.resteasy.reactive.server.processor.generation.exceptionmappers.ServerExceptionMapperGenerator; import org.jboss.resteasy.reactive.server.processor.generation.injection.TransformedFieldInjectionIndexerExtension; @@ -521,14 +521,6 @@ public void accept(EndpointIndexer.ResourceMethodCallbackEntry entry) { + method.declaringClass() + "[" + method + "]"; - ClassInfo classInfoWithSecurity = consumeStandardSecurityAnnotations(method, - entry.getActualEndpointInfo(), index, c -> c); - if (classInfoWithSecurity != null) { - reflectiveClassBuildItemBuildProducer.produce( - ReflectiveClassBuildItem.builder(entry.getActualEndpointInfo().name().toString()) - .constructors(false).methods().build()); - } - if (!result.getPossibleSubResources().containsKey(method.returnType().name())) { reflectiveHierarchy.produce(ReflectiveHierarchyBuildItem .builder(method.returnType()) @@ -1520,21 +1512,42 @@ MethodScannerBuildItem integrateEagerSecurity(Capabilities capabilities, Combine @Override public List scan(MethodInfo method, ClassInfo actualEndpointClass, Map methodContext) { - if (applySecurityInterceptors && interceptedMethods.contains(method)) { - return List.of(EagerSecurityInterceptorHandler.Customizer.newInstance(), - EagerSecurityHandler.Customizer.newInstance(false)); - } else { - return List.of(newEagerSecurityHandlerCustomizerInstance(method, actualEndpointClass, index, - withDefaultSecurityCheck)); + var endpointImpl = ServerEndpointIndexer.findEndpointImplementation(method, actualEndpointClass, index); + if (applySecurityInterceptors) { + boolean isMethodIntercepted = interceptedMethods.containsKey(endpointImpl); + if (isMethodIntercepted) { + return createEagerSecCustomizerWithInterceptor(interceptedMethods, endpointImpl, method, endpointImpl, + withDefaultSecurityCheck); + } else { + isMethodIntercepted = interceptedMethods.containsKey(method); + if (isMethodIntercepted && !endpointImpl.equals(method)) { + return createEagerSecCustomizerWithInterceptor(interceptedMethods, method, method, endpointImpl, + withDefaultSecurityCheck); + } + } } + return List.of(newEagerSecurityHandlerCustomizerInstance(method, endpointImpl, withDefaultSecurityCheck)); } }); } - private HandlerChainCustomizer newEagerSecurityHandlerCustomizerInstance(MethodInfo method, ClassInfo actualEndpointClass, - IndexView index, boolean withDefaultSecurityCheck) { - if (withDefaultSecurityCheck - || consumeStandardSecurityAnnotations(method, actualEndpointClass, index, (c) -> c) != null) { + private static List createEagerSecCustomizerWithInterceptor( + Map interceptedMethods, MethodInfo method, MethodInfo originalMethod, MethodInfo endpointImpl, + boolean withDefaultSecurityCheck) { + var requiresSecurityCheck = interceptedMethods.get(method); + final HandlerChainCustomizer eagerSecCustomizer; + if (requiresSecurityCheck) { + eagerSecCustomizer = EagerSecurityHandler.Customizer.newInstance(false); + } else { + eagerSecCustomizer = newEagerSecurityHandlerCustomizerInstance(originalMethod, endpointImpl, + withDefaultSecurityCheck); + } + return List.of(EagerSecurityInterceptorHandler.Customizer.newInstance(), eagerSecCustomizer); + } + + private static HandlerChainCustomizer newEagerSecurityHandlerCustomizerInstance(MethodInfo method, MethodInfo endpointImpl, + boolean withDefaultSecurityCheck) { + if (withDefaultSecurityCheck || consumesStandardSecurityAnnotations(method, endpointImpl)) { return EagerSecurityHandler.Customizer.newInstance(false); } return EagerSecurityHandler.Customizer.newInstance(true); @@ -1602,19 +1615,19 @@ void registerSecurityInterceptors(Capabilities capabilities, } } - private T consumeStandardSecurityAnnotations(MethodInfo methodInfo, ClassInfo classInfo, IndexView index, - Function function) { - if (SecurityTransformerUtils.hasStandardSecurityAnnotation(methodInfo)) { - return function.apply(methodInfo.declaringClass()); - } - ClassInfo c = classInfo; - while (c.superName() != null) { - if (SecurityTransformerUtils.hasStandardSecurityAnnotation(c)) { - return function.apply(c); - } - c = index.getClassByName(c.superName()); + private static boolean consumesStandardSecurityAnnotations(MethodInfo methodInfo, MethodInfo endpointImpl) { + // invoked method + if (consumesStandardSecurityAnnotations(endpointImpl)) { + return true; } - return null; + + // fallback to original behavior + return !endpointImpl.equals(methodInfo) && consumesStandardSecurityAnnotations(methodInfo); + } + + private static boolean consumesStandardSecurityAnnotations(MethodInfo methodInfo) { + return SecurityTransformerUtils.hasStandardSecurityAnnotation(methodInfo) + || SecurityTransformerUtils.hasStandardSecurityAnnotation(methodInfo.declaringClass()); } private Optional getAppPath(Optional newPropertyValue) { diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/AbstractImplMethodSecuredTest.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/AbstractImplMethodSecuredTest.java new file mode 100644 index 0000000000000..696ce00670025 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/AbstractImplMethodSecuredTest.java @@ -0,0 +1,411 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SecurityAnnotation.METHOD_ROLES_ALLOWED; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SecurityAnnotation.NONE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SecurityAnnotation.PATH_SEPARATOR; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.FIRST_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.MULTIPLE_INHERITANCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SECOND_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SECURED_SUB_RESOURCE_ENDPOINT_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.THIRD_INTERFACE; +import static io.restassured.RestAssured.given; +import static org.hamcrest.Matchers.is; + +import org.jboss.shrinkwrap.api.asset.StringAsset; +import org.junit.jupiter.api.BeforeAll; +import org.junit.jupiter.api.Test; +import org.junit.jupiter.params.ParameterizedTest; +import org.junit.jupiter.params.provider.EnumSource; + +import io.quarkus.security.test.utils.TestIdentityController; +import io.quarkus.security.test.utils.TestIdentityProvider; +import io.quarkus.test.QuarkusUnitTest; +import io.restassured.RestAssured; +import io.restassured.http.ContentType; + +/** + * Tests that implementation method is always secured when a standard security annotation is on a class + * or on a class method or when additional method security (like the default JAX-RS security) is in place. + */ +public abstract class AbstractImplMethodSecuredTest { + + protected static QuarkusUnitTest getRunner() { + return getRunner(""); + } + + protected static QuarkusUnitTest getRunner(String applicationProperties) { + return new QuarkusUnitTest() + .withApplicationRoot((jar) -> jar + .addPackage("io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation") + .addPackage("io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed") + .addPackage("io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall") + .addPackage("io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall") + .addPackage("io.quarkus.resteasy.reactive.server.test.security.inheritance.multiple.pathonbase") + .addClasses(TestIdentityProvider.class, TestIdentityController.class, SecurityAnnotation.class, + SubPaths.class, JsonObjectReader.class) + .addAsResource(new StringAsset(applicationProperties + System.lineSeparator()), + "application.properties")); + } + + @BeforeAll + public static void setupUsers() { + TestIdentityController.resetRoles() + .add("admin", "admin", "admin") + .add("user", "user", "user"); + } + + protected boolean denyAllUnannotated() { + return false; + } + + protected String roleRequiredForUnannotatedEndpoint() { + return null; + } + + private void assertPath(String basePath, Object securityAnnotationObj, String classSecurityOn) { + assertPath(basePath, toSecurityAnnotation(securityAnnotationObj), classSecurityOn); + } + + private void assertSecuredSubResourcePath(String basePath) { + + // sub resource locator is not secured, e.g. @Path("sub") public SubResource subResource() { ... } + var path = NONE.assemblePath(basePath) + SECURED_SUB_RESOURCE_ENDPOINT_PATH; + var methodSubPath = NONE.methodSubPath(basePath) + SECURED_SUB_RESOURCE_ENDPOINT_PATH; + + boolean defJaxRsSecurity = denyAllUnannotated() || roleRequiredForUnannotatedEndpoint() != null; + final SecurityAnnotation securityAnnotation; + if (defJaxRsSecurity) { + // subresource locator is not secured, therefore default JAX-RS security wins + securityAnnotation = NONE; + } else { + // sub resource endpoint itself has RolesAllowed, e.g. @RolesAllowed @Path("endpoint") String endpoint() { ... } + securityAnnotation = METHOD_ROLES_ALLOWED; + } + + assertPath(path, methodSubPath, securityAnnotation); + } + + private void assertPath(String basePath, SecurityAnnotation securityAnnotation, String classSecurityOn) { + var path = securityAnnotation.assemblePath(basePath, classSecurityOn); + var methodSubPath = securityAnnotation.methodSubPath(basePath, classSecurityOn); + assertPath(path, methodSubPath, securityAnnotation); + } + + private void assertPath(String basePath, SecurityAnnotation securityAnnotation) { + var path = securityAnnotation.assemblePath(basePath); + var methodSubPath = securityAnnotation.methodSubPath(basePath); + assertPath(path, methodSubPath, securityAnnotation); + } + + private void assertPath(String path, String methodSubPath, SecurityAnnotation securityAnnotation) { + var invalidPayload = "}{\"simple\": \"obj\"}"; + var validPayload = "{\"simple\": \"obj\"}"; + + boolean defJaxRsSecurity = denyAllUnannotated() || roleRequiredForUnannotatedEndpoint() != null; + boolean endpointSecuredWithDefJaxRsSec = defJaxRsSecurity && !securityAnnotation.hasSecurityAnnotation(); + boolean endpointSecured = endpointSecuredWithDefJaxRsSec || securityAnnotation.endpointSecured(); + + // test anonymous - for secured endpoints: unauthenticated + if (endpointSecured) { + given().contentType(ContentType.JSON).body(invalidPayload).post(path).then().statusCode(401); + } else { + given().contentType(ContentType.JSON).body(validPayload).post(path).then().statusCode(200).body(is(methodSubPath)); + } + + // test user - for secured endpoints: unauthorized + if (endpointSecured) { + given().contentType(ContentType.JSON).body(invalidPayload).auth().preemptive().basic("user", "user").post(path) + .then().statusCode(403); + } else { + given().contentType(ContentType.JSON).body(validPayload).auth().preemptive().basic("user", "user").post(path).then() + .statusCode(200).body(is(methodSubPath)); + } + + // test admin - for secured endpoints: authorized + boolean denyAccess = securityAnnotation.denyAll() || (endpointSecuredWithDefJaxRsSec && denyAllUnannotated()); + if (denyAccess) { + given().contentType(ContentType.JSON).body(invalidPayload).auth().preemptive().basic("admin", "admin").post(path) + .then().statusCode(403); + } else { + given().contentType(ContentType.JSON).body(invalidPayload).auth().preemptive().basic("admin", "admin").post(path) + .then().statusCode(500); + given().contentType(ContentType.JSON).body(validPayload).auth().preemptive().basic("admin", "admin").post(path) + .then().statusCode(200).body(is(methodSubPath)); + } + } + + private static void assertNotFound(String basePath) { + var path = NONE.assembleNotFoundPath(basePath); + // this assures that not-tested scenarios are simply not supported by RESTEasy + // should this assertion fail, we need to assure implementation method is secured + given().contentType(ContentType.JSON).body("{\"simple\": \"obj\"}").post(path).then().statusCode(404); + } + + private static SecurityAnnotation toSecurityAnnotation(Object securityAnnotationObj) { + // we use Object due to @EnumSource class loading problems + return SecurityAnnotation.valueOf(securityAnnotationObj.toString()); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnInterface_ImplOnBaseResource_ImplMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnResource_ImplOnBaseResource_ImplMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @Test + public void test_ClassPathOnParentResource_ImplOnBaseResource_ImplMetWithPath() { + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + + IMPL_METHOD_WITH_PATH; + assertNotFound(resourceSubPath); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnInterface_ImplOnBaseResource_InterfaceMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnResource_ImplOnBaseResource_InterfaceMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnParentResource_ImplOnBaseResource_InterfaceMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @Test + public void test_ClassPathOnInterface_ImplOnBaseResource_ParentMetWithPath() { + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + + PARENT_METHOD_WITH_PATH; + assertNotFound(resourceSubPath); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnResource_ImplOnBaseResource_ParentMetWithPath(Object securityAnnotationObj) { + RestAssured.enableLoggingOfRequestAndResponseIfValidationFails(); + var resourceSubPath = CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + + PARENT_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnParentResource_ImplOnBaseResource_ParentMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + + PARENT_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface(Object securityAnnotationObj) { + // test subresource locator defined on an interface + // @Path("i") + // public interface I { + // @Path("sub") + // @RolesAllowed("admin") + // default SubResource subResource() { + // return new SubResource(); + // } + // } + + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_INTERFACE); + } + + @Test + public void test_ClassPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_SecurityInsideSub() { + // HINT: test security is inside sub resource on an endpoint method + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE; + assertSecuredSubResourcePath(resourceSubPath); + assertSecuredSubResourcePath(resourceSubPath); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnInterface_SubDeclaredOnInterface_SubImplOnParent(Object securityAnnotationObj) { + // HINT: test security for '@Path("sub") SubResource subResource' but not inside endpoints 'SubResource' itself + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_PARENT); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnResource_SubDeclaredOnBase_SubImplOnBase(Object securityAnnotationObj) { + // HINT: test security for '@Path("sub") SubResource subResource' but not inside endpoints 'SubResource' itself + var resourceSubPath = CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_RESOURCE + + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnParentResource_SubDeclaredOnParent_SubImplOnParent(Object securityAnnotationObj) { + // HINT: test security for '@Path("sub") SubResource subResource' but not inside endpoints 'SubResource' itself + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_PARENT); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnParentResource_SubDeclaredOnParent_SubImplOnBase(Object securityAnnotationObj) { + // HINT: test security for '@Path("sub") SubResource subResource' but not inside endpoints 'SubResource' itself + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_BASE); + } + + @Test + public void test_ClassPathOnInterface_ImplOnParentResource_ImplMetWithPath() { + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH; + assertNotFound(resourceSubPath); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnResource_ImplOnParentResource_ImplMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_PARENT); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnParentResource_ImplOnParentResource_ImplMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_PARENT); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnInterface_ImplOnParentResource_InterfaceMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_PARENT); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnResource_ImplOnParentResource_InterfaceMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_PARENT); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnParentResource_ImplOnParentResource_InterfaceMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_PARENT); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnInterface_ImplOnInterface_ImplMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_INTERFACE + PATH_SEPARATOR + CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_INTERFACE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnResource_ImplOnInterface_ImplMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_INTERFACE); + } + + @EnumSource(SecurityAnnotation.class) + @ParameterizedTest + public void test_ClassPathOnParentResource_ImplOnInterface_ImplMetWithPath(Object securityAnnotationObj) { + var resourceSubPath = CLASS_PATH_ON_PARENT_RESOURCE + PATH_SEPARATOR + CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, securityAnnotationObj, CLASS_SECURITY_ON_INTERFACE); + } + + @Test + public void test_MultipleInheritance_ClassPathOnBase_ImplOnBase_ImplWithPath() { + var resourceSubPath = MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + MULTIPLE_INHERITANCE + + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH; + assertPath(resourceSubPath, METHOD_ROLES_ALLOWED); + assertPath(resourceSubPath, NONE); + } + + @Test + public void test_MultipleInheritance_ClassPathOnBase_ImplOnBase_FirstInterface_InterfaceMethodWithPath() { + var resourceSubPath = MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + MULTIPLE_INHERITANCE + + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + SECOND_INTERFACE + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, METHOD_ROLES_ALLOWED); + assertPath(resourceSubPath, NONE); + } + + @Test + public void test_MultipleInheritance_ClassPathOnBase_ImplOnBase_SecondInterface_InterfaceMethodWithPath() { + var resourceSubPath = MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + MULTIPLE_INHERITANCE + + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + FIRST_INTERFACE + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, METHOD_ROLES_ALLOWED); + assertPath(resourceSubPath, NONE); + } + + @Test + public void test_MultipleInheritance_ClassPathOnBase_ImplOnBase_ThirdInterface_InterfaceMethodWithPath() { + var resourceSubPath = MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + MULTIPLE_INHERITANCE + + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, METHOD_ROLES_ALLOWED); + assertPath(resourceSubPath, NONE); + } + + @Test + public void test_MultipleInheritance_ClassPathOnBase_ImplOnInterface_ThirdInterface_InterfaceMethodWithPath() { + var resourceSubPath = MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + PATH_SEPARATOR + MULTIPLE_INHERITANCE + + CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH; + assertPath(resourceSubPath, METHOD_ROLES_ALLOWED); + assertPath(resourceSubPath, NONE); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/DefaultJaxRsDenyAllImplMethodSecuredTest.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/DefaultJaxRsDenyAllImplMethodSecuredTest.java new file mode 100644 index 0000000000000..2b8a9ed6ef7aa --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/DefaultJaxRsDenyAllImplMethodSecuredTest.java @@ -0,0 +1,16 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance; + +import org.junit.jupiter.api.extension.RegisterExtension; + +import io.quarkus.test.QuarkusUnitTest; + +public class DefaultJaxRsDenyAllImplMethodSecuredTest extends AbstractImplMethodSecuredTest { + + @RegisterExtension + static QuarkusUnitTest runner = getRunner("quarkus.security.jaxrs.deny-unannotated-endpoints=true"); + + @Override + protected boolean denyAllUnannotated() { + return true; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/DefaultJaxRsRolesAllowedImplMethodSecuredTest.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/DefaultJaxRsRolesAllowedImplMethodSecuredTest.java new file mode 100644 index 0000000000000..f8e5c75099fc0 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/DefaultJaxRsRolesAllowedImplMethodSecuredTest.java @@ -0,0 +1,16 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance; + +import org.junit.jupiter.api.extension.RegisterExtension; + +import io.quarkus.test.QuarkusUnitTest; + +public class DefaultJaxRsRolesAllowedImplMethodSecuredTest extends AbstractImplMethodSecuredTest { + + @RegisterExtension + static QuarkusUnitTest runner = getRunner("quarkus.security.jaxrs.default-roles-allowed=admin"); + + @Override + protected String roleRequiredForUnannotatedEndpoint() { + return "admin"; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/ImplMethodSecuredTest.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/ImplMethodSecuredTest.java new file mode 100644 index 0000000000000..58eb93333f515 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/ImplMethodSecuredTest.java @@ -0,0 +1,12 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance; + +import org.junit.jupiter.api.extension.RegisterExtension; + +import io.quarkus.test.QuarkusUnitTest; + +public class ImplMethodSecuredTest extends AbstractImplMethodSecuredTest { + + @RegisterExtension + static QuarkusUnitTest runner = getRunner(); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/JsonObjectReader.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/JsonObjectReader.java new file mode 100644 index 0000000000000..116d80955d9b4 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/JsonObjectReader.java @@ -0,0 +1,56 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance; + +import java.io.IOException; +import java.io.InputStream; +import java.lang.annotation.Annotation; +import java.lang.reflect.Type; +import java.nio.charset.StandardCharsets; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.MediaType; +import jakarta.ws.rs.core.MultivaluedMap; +import jakarta.ws.rs.ext.Provider; + +import org.jboss.resteasy.reactive.server.spi.ResteasyReactiveResourceInfo; +import org.jboss.resteasy.reactive.server.spi.ServerMessageBodyReader; +import org.jboss.resteasy.reactive.server.spi.ServerRequestContext; + +import io.vertx.core.json.JsonObject; + +@Provider +@Consumes(MediaType.APPLICATION_JSON) +public class JsonObjectReader implements ServerMessageBodyReader { + + @Override + public boolean isReadable(Class type, Type genericType, ResteasyReactiveResourceInfo lazyMethod, MediaType mediaType) { + return true; + } + + @Override + public JsonObject readFrom(Class type, Type genericType, MediaType mediaType, ServerRequestContext context) + throws WebApplicationException, IOException { + return readFrom(context.getInputStream()); + } + + @Override + public boolean isReadable(Class aClass, Type type, Annotation[] annotations, MediaType mediaType) { + return true; + } + + @Override + public JsonObject readFrom(Class aClass, Type type, Annotation[] annotations, MediaType mediaType, + MultivaluedMap multivaluedMap, InputStream inputStream) + throws IOException, WebApplicationException { + return readFrom(inputStream); + } + + private JsonObject readFrom(InputStream inputStream) { + try { + String json = new String(inputStream.readAllBytes(), StandardCharsets.UTF_8); + return new JsonObject(json); + } catch (Exception e) { + throw new RuntimeException("Unable to parse JsonObject.", e); + } + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/SecurityAnnotation.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/SecurityAnnotation.java new file mode 100644 index 0000000000000..1f873567f7b02 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/SecurityAnnotation.java @@ -0,0 +1,77 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance; + +import jakarta.ws.rs.Path; + +public enum SecurityAnnotation { + NONE(SubPaths.NO_SECURITY_ANNOTATION, false, null, false), + METHOD_ROLES_ALLOWED(SubPaths.METHOD_ROLES_ALLOWED, false, "admin", false), + METHOD_DENY_ALL(SubPaths.METHOD_DENY_ALL, true, null, false), + METHOD_PERMIT_ALL(SubPaths.METHOD_PERMIT_ALL, false, null, false), + CLASS_ROLES_ALLOWED(SubPaths.CLASS_ROLES_ALLOWED, false, "admin", true), + CLASS_DENY_ALL(SubPaths.CLASS_DENY_ALL, true, null, true), + CLASS_PERMIT_ALL(SubPaths.CLASS_PERMIT_ALL, false, null, true), + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL(SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL, false, null, true), + // class is annotated with the @DenyAll, but method level annotation must have priority, therefore we set denyAll=false + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED(SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED, false, "admin", true), + CLASS_DENY_ALL_METHOD_PERMIT_ALL(SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL, false, null, true); + + static final String PATH_SEPARATOR = "/"; + + private final SubPaths.SubPath subPath; + private final String allowedRole; + private final boolean isClassSecurityAnnotation; + private final boolean denyAll; + + SecurityAnnotation(SubPaths.SubPath subPath, boolean denyAll, String allowedRole, boolean isClassSecurityAnnotation) { + this.subPath = subPath; + this.denyAll = denyAll; + this.allowedRole = allowedRole; + this.isClassSecurityAnnotation = isClassSecurityAnnotation; + } + + private String toSecurityAnnInfix(String classSecurityOn) { + return isClassSecurityAnnotation ? classSecurityOn : ""; + } + + boolean hasSecurityAnnotation() { + return this != NONE; + } + + boolean denyAll() { + return denyAll; + } + + boolean endpointSecured() { + return denyAll || allowedRole != null; + } + + /** + * @param basePath path common for all {@link this} annotations + * @param classSecurityOn whether class-level annotation is on interface, parent or base + * @return request path + */ + String assemblePath(String basePath, String classSecurityOn) { + return subPath.classSubPathPrefix() + toSecurityAnnInfix(classSecurityOn) + basePath + subPath.methodSubPath(); + } + + String assemblePath(String basePath) { + return subPath.classSubPathPrefix() + basePath + subPath.methodSubPath(); + } + + String assembleNotFoundPath(String basePath) { + return subPath.classSubPathPrefix() + basePath; + } + + /** + * @return endpoint method-level {@link Path#value()} + */ + String methodSubPath(String basePath, String classSecurityOn) { + var path = assemblePath(basePath, classSecurityOn); + return path.substring(path.indexOf(PATH_SEPARATOR, 1) + 1); + } + + String methodSubPath(String basePath) { + var path = assemblePath(basePath); + return path.substring(path.indexOf(PATH_SEPARATOR, 1) + 1); + } +} \ No newline at end of file diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/SubPaths.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/SubPaths.java new file mode 100644 index 0000000000000..5b59022976c3a --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/SubPaths.java @@ -0,0 +1,88 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance; + +public interface SubPaths { + + record SubPath(String classSubPathPrefix, String methodSubPath) { + } + + String CLASS_PATH_ON_INTERFACE = "class-path-on-interface"; + String CLASS_PATH_ON_RESOURCE = "class-path-on-resource"; + String CLASS_PATH_ON_PARENT_RESOURCE = "class-path-on-parent-resource"; + + String CLASS_SECURITY_ON_BASE = "class-security-on-base-"; + String CLASS_SECURITY_ON_PARENT = "class-security-on-parent-"; + String CLASS_SECURITY_ON_INTERFACE = "class-security-on-interface-"; + + String IMPL_ON_BASE = "/impl-on-base-resource"; + String IMPL_ON_PARENT = "/impl-on-parent-resource"; + /** + * Interface that sits on the top of a resource class hierarchy. + */ + String IMPL_ON_INTERFACE = "/impl-on-interface"; + String SUB_DECLARED_ON = "/sub-resource-declared-on-"; + + /** + * Following 3 constants refer to where method like {@code @Path("sub") SubResource subResource} with JAX-RS + * sub-resource declaring annotations are declared. + */ + String SUB_DECLARED_ON_INTERFACE = SUB_DECLARED_ON + "interface"; + String SUB_DECLARED_ON_BASE = SUB_DECLARED_ON + "base"; + String SUB_DECLARED_ON_PARENT = SUB_DECLARED_ON + "parent"; + + String SECURED_SUB_RESOURCE_ENDPOINT_PATH = "/secured"; + + /** + * Following 3 constants refer to where method like {@code @Override SubResource subResource() { return new SubResource(); + * }} + * is implemented. That is whether actually invoked sub-resource endpoint is placed on a base, parent or an interface. + */ + String SUB_IMPL_ON_BASE = "/sub-impl-on-base"; + String SUB_IMPL_ON_PARENT = "/sub-impl-on-parent"; + String SUB_IMPL_ON_INTERFACE = "/sub-impl-on-interface"; + + String IMPL_METHOD_WITH_PATH = "/impl-met-with-path"; + String PARENT_METHOD_WITH_PATH = "/parent-met-with-path"; + String INTERFACE_METHOD_WITH_PATH = "/interface-met-with-path"; + + String CLASS_NO_ANNOTATION_PREFIX = "/class-no-annotation-"; + String CLASS_ROLES_ALLOWED_PREFIX = "/class-roles-allowed-"; + String CLASS_DENY_ALL_PREFIX = "/class-deny-all-"; + String CLASS_PERMIT_ALL_PREFIX = "/class-permit-all-"; + + String NO_SECURITY_ANNOTATION_PATH = "/no-security-annotation"; + String METHOD_ROLES_ALLOWED_PATH = "/method-roles-allowed"; + String METHOD_DENY_ALL_PATH = "/method-deny-all"; + String METHOD_PERMIT_ALL_PATH = "/method-permit-all"; + String CLASS_ROLES_ALLOWED_PATH = "/class-roles-allowed"; + String CLASS_DENY_ALL_PATH = "/class-deny-all"; + String CLASS_PERMIT_ALL_PATH = "/class-permit-all"; + String CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH = "/class-deny-all-method-roles-allowed"; + String CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH = "/class-deny-all-method-permit-all"; + String CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH = "/class-permit-all-method-permit-all"; + + String MULTIPLE_INHERITANCE = "multiple-inheritance-"; + + /** + * Interface implemented by a base/parent resource. + */ + String FIRST_INTERFACE = "/first-interface"; + /** + * Interface that extends {@link #FIRST_INTERFACE}. + */ + String SECOND_INTERFACE = "/second-interface"; + /** + * Interface that extends {@link #SECOND_INTERFACE}. + */ + String THIRD_INTERFACE = "/third-interface"; + + SubPath NO_SECURITY_ANNOTATION = new SubPath(CLASS_NO_ANNOTATION_PREFIX, NO_SECURITY_ANNOTATION_PATH); + SubPath METHOD_ROLES_ALLOWED = new SubPath(CLASS_NO_ANNOTATION_PREFIX, METHOD_ROLES_ALLOWED_PATH); + SubPath METHOD_DENY_ALL = new SubPath(CLASS_NO_ANNOTATION_PREFIX, METHOD_DENY_ALL_PATH); + SubPath METHOD_PERMIT_ALL = new SubPath(CLASS_NO_ANNOTATION_PREFIX, METHOD_PERMIT_ALL_PATH); + SubPath CLASS_ROLES_ALLOWED = new SubPath(CLASS_ROLES_ALLOWED_PREFIX, CLASS_ROLES_ALLOWED_PATH); + SubPath CLASS_DENY_ALL = new SubPath(CLASS_DENY_ALL_PREFIX, CLASS_DENY_ALL_PATH); + SubPath CLASS_PERMIT_ALL = new SubPath(CLASS_PERMIT_ALL_PREFIX, CLASS_PERMIT_ALL_PATH); + SubPath CLASS_DENY_ALL_METHOD_ROLES_ALLOWED = new SubPath(CLASS_DENY_ALL_PREFIX, CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH); + SubPath CLASS_DENY_ALL_METHOD_PERMIT_ALL = new SubPath(CLASS_DENY_ALL_PREFIX, CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH); + SubPath CLASS_PERMIT_ALL_METHOD_PERMIT_ALL = new SubPath(CLASS_PERMIT_ALL_PREFIX, CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH); +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_OnBase_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_OnBase_SecurityOnParent.java new file mode 100644 index 0000000000000..bf4c06dcb594f --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_OnBase_SecurityOnParent.java @@ -0,0 +1,17 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_RESOURCE) +public class ClassDenyAllBaseResourceWithPath_OnBase_SecurityOnParent + extends ClassDenyAllParentResourceWithoutPath_PathOnBase_SecurityOnParent { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..9e272d62cf534 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_SecurityOnBase.java @@ -0,0 +1,106 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@DenyAll +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_RESOURCE) +public class ClassDenyAllBaseResourceWithPath_SecurityOnBase extends ClassDenyAllParentResourceWithoutPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_ClassDenyAllPath(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_ClassDenyAllMethodPermitAllPath(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_ClassDenyAllMethodRolesAllowedPath(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @PermitAll + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_PATH) + public ClassDenyAllSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_ClassDenyAll() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + public ClassDenyAllSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_ClassDenyAllMethodPermitAll() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH); + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + public ClassDenyAllSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_ClassDenyAllMethodRolesAllowed() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..8f8357a914421 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithPath_SecurityOnInterface.java @@ -0,0 +1,18 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_RESOURCE) +public class ClassDenyAllBaseResourceWithPath_SecurityOnInterface + extends ClassDenyAllParentResourceWithoutPath_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnBase.java new file mode 100644 index 0000000000000..b8b89e479d9d3 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnBase.java @@ -0,0 +1,81 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; + +import io.vertx.core.json.JsonObject; + +@DenyAll +public class ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnBase + extends ClassDenyAllParentResourceWithPath_SecurityOnBase { + + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed( + JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassDenyAll() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_PATH); + } + + @PermitAll + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassDenyAllMethodPermitAll() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH); + } + + @RolesAllowed("admin") + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassDenyAllMethodRolesAllowed() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java new file mode 100644 index 0000000000000..35d7af12b55d9 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java @@ -0,0 +1,5 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +public class ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface + extends ClassDenyAllParentResourceWithPath_SecurityOnInterface { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnParent.java new file mode 100644 index 0000000000000..b897716a955c8 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnParent.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +public class ClassDenyAllBaseResourceWithoutPathExtParentRes_SecurityOnParent + extends ClassDenyAllParentResourceWithPath_SecurityOnParent { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnBase.java new file mode 100644 index 0000000000000..7be4efeda9d90 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnBase.java @@ -0,0 +1,76 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; + +import io.vertx.core.json.JsonObject; + +@DenyAll +public class ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnBase + implements ClassDenyAllInterfaceWithPath_SecurityOnBase { + + @Override + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassDenyAll() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_PATH); + } + + @PermitAll + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassDenyAllMethodPermitAll() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH); + } + + @RolesAllowed("admin") + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassDenyAllMethodRolesAllowed() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnInterface.java new file mode 100644 index 0000000000000..fb3a57ee88616 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnInterface.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +// must always be here as interface needs an implementing class, otherwise is ignored +public class ClassDenyAllBaseResourceWithoutPathImplInterface_SecurityOnInterface + implements ClassDenyAllInterfaceWithPath_SecurityOnInterface { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..6695cecdbe129 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllBaseResourceWithoutPath_SecurityOnParent.java @@ -0,0 +1,5 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +public class ClassDenyAllBaseResourceWithoutPath_SecurityOnParent + extends ClassDenyAllParentResourceWithoutPath_SecurityOnParent { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..f7a34dc71ee52 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnBase.java @@ -0,0 +1,61 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_INTERFACE) +public interface ClassDenyAllInterfaceWithPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_PATH) + ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassDenyAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassDenyAllMethodPermitAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassDenyAllMethodRolesAllowed(); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..e16e6a8eecebd --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnInterface.java @@ -0,0 +1,72 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_INTERFACE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@DenyAll +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_INTERFACE) +public interface ClassDenyAllInterfaceWithPath_SecurityOnInterface { + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + CLASS_DENY_ALL_PATH) + default ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_ClassDenyAll() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + CLASS_DENY_ALL_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + default ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_ClassDenyAllMethodPermitAll() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH); + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + default ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_ClassDenyAllMethodRolesAllowed() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH); + } + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnParent.java new file mode 100644 index 0000000000000..ca5356357dcc9 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithPath_SecurityOnParent.java @@ -0,0 +1,50 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_INTERFACE) +public interface ClassDenyAllInterfaceWithPath_SecurityOnParent { + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + CLASS_DENY_ALL_PATH) + ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassDenyAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassDenyAllMethodPermitAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassDenyAllMethodRolesAllowed(); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java new file mode 100644 index 0000000000000..07b3e167b29da --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java @@ -0,0 +1,44 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@DenyAll +public interface ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_ClassDenyAllMethodRolesAllowed( + JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnParent.java new file mode 100644 index 0000000000000..bf98bbbd9cc60 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnParent.java @@ -0,0 +1,30 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnParent { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnBase.java new file mode 100644 index 0000000000000..3f8606bd00861 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnBase.java @@ -0,0 +1,29 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassDenyAllInterfaceWithoutPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..ab1a58ca44f5c --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnInterface.java @@ -0,0 +1,41 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@DenyAll +public interface ClassDenyAllInterfaceWithoutPath_SecurityOnInterface { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..abeede37b851b --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllInterfaceWithoutPath_SecurityOnParent.java @@ -0,0 +1,29 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassDenyAllInterfaceWithoutPath_SecurityOnParent { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceInterface_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceInterface_SecurityOnBase.java new file mode 100644 index 0000000000000..81d466dd71d84 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceInterface_SecurityOnBase.java @@ -0,0 +1,29 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassDenyAllParentResourceInterface_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..c1d0c7f073f07 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnBase.java @@ -0,0 +1,52 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassDenyAllParentResourceWithPath_SecurityOnBase + implements ClassDenyAllParentResourceInterface_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodPermitAll( + JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodRolesAllowed( + JsonObject array); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + CLASS_DENY_ALL_PATH) + public abstract ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassDenyAll(); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + public abstract ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassDenyAllMethodPermitAll(); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + public abstract ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassDenyAllMethodRolesAllowed(); +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..0fbd10b5c7237 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnInterface.java @@ -0,0 +1,18 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassDenyAllParentResourceWithPath_SecurityOnInterface + implements ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnParent.java new file mode 100644 index 0000000000000..94e4a87e4d7f5 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithPath_SecurityOnParent.java @@ -0,0 +1,97 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@DenyAll +@Path(CLASS_DENY_ALL_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassDenyAllParentResourceWithPath_SecurityOnParent + implements ClassDenyAllInterfaceWithoutPath_PathOnParent_SecurityOnParent { + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + CLASS_DENY_ALL_PATH) + public ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParent_ClassDenyAll() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + CLASS_DENY_ALL_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + public ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParent_ClassDenyAllMethodPermitAll() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH); + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + public ClassDenyAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParent_ClassDenyAllMethodRolesAllowed() { + return new ClassDenyAllSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH); + } + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed( + JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_PathOnBase_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_PathOnBase_SecurityOnParent.java new file mode 100644 index 0000000000000..e91ada6657001 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_PathOnBase_SecurityOnParent.java @@ -0,0 +1,59 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@DenyAll +public abstract class ClassDenyAllParentResourceWithoutPath_PathOnBase_SecurityOnParent + implements ClassDenyAllInterfaceWithoutPath_SecurityOnParent { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } + + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnBase.java new file mode 100644 index 0000000000000..69baeb44a2ffd --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnBase.java @@ -0,0 +1,32 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public abstract class ClassDenyAllParentResourceWithoutPath_SecurityOnBase + implements ClassDenyAllInterfaceWithoutPath_SecurityOnBase { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassDenyAll(JsonObject array); + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodPermitAll( + JsonObject array); + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassDenyAllMethodRolesAllowed( + JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..3f6e4071fb194 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnInterface.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +public abstract class ClassDenyAllParentResourceWithoutPath_SecurityOnInterface + implements ClassDenyAllInterfaceWithoutPath_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..9dce001e56bc2 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllParentResourceWithoutPath_SecurityOnParent.java @@ -0,0 +1,58 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; + +import io.vertx.core.json.JsonObject; + +@DenyAll +public abstract class ClassDenyAllParentResourceWithoutPath_SecurityOnParent + implements ClassDenyAllInterfaceWithPath_SecurityOnParent { + + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassDenyAll() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + CLASS_DENY_ALL_PATH); + } + + @PermitAll + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassDenyAllMethodPermitAll() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH); + } + + @RolesAllowed("admin") + @Override + public ClassDenyAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassDenyAllMethodRolesAllowed() { + return new ClassDenyAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH); + } + + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassDenyAllMethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_DENY_ALL_METHOD_ROLES_ALLOWED_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllSubResourceWithoutPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllSubResourceWithoutPath.java new file mode 100644 index 0000000000000..9cd6ecb11d6ae --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classdenyall/ClassDenyAllSubResourceWithoutPath.java @@ -0,0 +1,20 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classdenyall; + +import jakarta.ws.rs.POST; + +import io.vertx.core.json.JsonObject; + +public class ClassDenyAllSubResourceWithoutPath { + + private final String subResourcePath; + + public ClassDenyAllSubResourceWithoutPath(String subResourcePath) { + this.subResourcePath = subResourcePath; + } + + @POST + public String post(JsonObject array) { + return subResourcePath; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..03b26d6c04588 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithPath_SecurityOnBase.java @@ -0,0 +1,77 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.PermitAll; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@PermitAll +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_RESOURCE) +public class ClassPermitAllBaseResourceWithPath_SecurityOnBase extends ClassPermitAllParentResourceWithoutPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_ClassPermitAllPath(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_ClassPermitAllMethodPermitAllPath(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_PATH) + public ClassPermitAllSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_ClassPermitAll() { + return new ClassPermitAllSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + public ClassPermitAllSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_ClassPermitAllMethodPermitAll() { + return new ClassPermitAllSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..9840d54373cf4 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithPath_SecurityOnInterface.java @@ -0,0 +1,18 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_RESOURCE) +public class ClassPermitAllBaseResourceWithPath_SecurityOnInterface + extends ClassPermitAllParentResourceWithoutPath_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnBase.java new file mode 100644 index 0000000000000..960f4388fb3e6 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnBase.java @@ -0,0 +1,55 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.PermitAll; + +import io.vertx.core.json.JsonObject; + +@PermitAll +public class ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnBase + extends ClassPermitAllParentResourceWithPath_SecurityOnBase { + + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public ClassPermitAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassPermitAll() { + return new ClassPermitAllSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_PATH); + } + + @PermitAll + @Override + public ClassPermitAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassPermitAllMethodPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java new file mode 100644 index 0000000000000..683659e1fe37b --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java @@ -0,0 +1,5 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +public class ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnInterface + extends ClassPermitAllParentResourceWithPath_SecurityOnInterface { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnParent.java new file mode 100644 index 0000000000000..8866b4075f938 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnParent.java @@ -0,0 +1,5 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +public class ClassPermitAllBaseResourceWithoutPathExtParentRes_SecurityOnParent + extends ClassPermitAllParentResourceWithPath_SecurityOnParent { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnBase.java new file mode 100644 index 0000000000000..1f7f8919c172d --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnBase.java @@ -0,0 +1,54 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.PermitAll; + +import io.vertx.core.json.JsonObject; + +@PermitAll +public class ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnBase + implements ClassPermitAllInterfaceWithPath_SecurityOnBase { + + @Override + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_PATH); + } + + @PermitAll + @Override + public ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassPermitAllMethodPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnInterface.java new file mode 100644 index 0000000000000..97527ba1daeac --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnInterface.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +// must always be here as interface needs an implementing class, otherwise is ignored +public class ClassPermitAllBaseResourceWithoutPathImplInterface_SecurityOnInterface + implements ClassPermitAllInterfaceWithPath_SecurityOnInterface { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPath_OnBase_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPath_OnBase_SecurityOnParent.java new file mode 100644 index 0000000000000..38e65f19d42ca --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPath_OnBase_SecurityOnParent.java @@ -0,0 +1,17 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_RESOURCE) +public class ClassPermitAllBaseResourceWithoutPath_OnBase_SecurityOnParent + extends ClassPermitAllParentResourceWithoutPath_PathOnBase_SecurityOnParent { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..9f1dd4791ae9a --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllBaseResourceWithoutPath_SecurityOnParent.java @@ -0,0 +1,5 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +public class ClassPermitAllBaseResourceWithoutPath_SecurityOnParent + extends ClassPermitAllParentResourceWithoutPath_SecurityOnParent { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..d33be2713903f --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnBase.java @@ -0,0 +1,48 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_INTERFACE) +public interface ClassPermitAllInterfaceWithPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_PATH) + ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassPermitAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassPermitAllMethodPermitAll(); +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..91948c6e72353 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnInterface.java @@ -0,0 +1,54 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_INTERFACE; + +import jakarta.annotation.security.PermitAll; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@PermitAll +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_INTERFACE) +public interface ClassPermitAllInterfaceWithPath_SecurityOnInterface { + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + CLASS_PERMIT_ALL_PATH) + default ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_ClassPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + CLASS_PERMIT_ALL_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + default ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_ClassPermitAllMethodPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH); + } + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnParent.java new file mode 100644 index 0000000000000..84a26c5dd2078 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithPath_SecurityOnParent.java @@ -0,0 +1,41 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_INTERFACE) +public interface ClassPermitAllInterfaceWithPath_SecurityOnParent { + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + CLASS_PERMIT_ALL_PATH) + ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassPermitAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassPermitAllMethodPermitAll(); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java new file mode 100644 index 0000000000000..030361db73e1c --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java @@ -0,0 +1,32 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; + +import jakarta.annotation.security.PermitAll; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@PermitAll +public interface ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_ClassPermitAllMethodPermitAll( + JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnParent.java new file mode 100644 index 0000000000000..5c510227a4385 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnParent.java @@ -0,0 +1,24 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnParent { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnBase.java new file mode 100644 index 0000000000000..0f279ac25e745 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnBase.java @@ -0,0 +1,24 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassPermitAllInterfaceWithoutPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..60e5b15135469 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnInterface.java @@ -0,0 +1,31 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; + +import jakarta.annotation.security.PermitAll; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@PermitAll +public interface ClassPermitAllInterfaceWithoutPath_SecurityOnInterface { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..b915da867fffc --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllInterfaceWithoutPath_SecurityOnParent.java @@ -0,0 +1,24 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassPermitAllInterfaceWithoutPath_SecurityOnParent { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceInterface_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceInterface_SecurityOnBase.java new file mode 100644 index 0000000000000..a0f17b02bde29 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceInterface_SecurityOnBase.java @@ -0,0 +1,24 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassPermitAllParentResourceInterface_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..a9c404924ba99 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnBase.java @@ -0,0 +1,41 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassPermitAllParentResourceWithPath_SecurityOnBase + implements ClassPermitAllParentResourceInterface_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassPermitAllMethodPermitAll( + JsonObject array); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_PATH) + public abstract ClassPermitAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassPermitAll(); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + public abstract ClassPermitAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBase_ClassPermitAllMethodPermitAll(); +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..add1cbbd5ed24 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnInterface.java @@ -0,0 +1,18 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassPermitAllParentResourceWithPath_SecurityOnInterface + implements ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnParent.java new file mode 100644 index 0000000000000..35665a7bda1f3 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithPath_SecurityOnParent.java @@ -0,0 +1,69 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.PermitAll; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@PermitAll +@Path(CLASS_PERMIT_ALL_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassPermitAllParentResourceWithPath_SecurityOnParent + implements ClassPermitAllInterfaceWithoutPath_PathOnParent_SecurityOnParent { + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + CLASS_PERMIT_ALL_PATH) + public ClassPermitAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParent_ClassPermitAll() { + return new ClassPermitAllSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + CLASS_PERMIT_ALL_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + public ClassPermitAllSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParent_ClassPermitAllMethodPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + + SUB_IMPL_ON_PARENT + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH); + } + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll( + JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_PathOnBase_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_PathOnBase_SecurityOnParent.java new file mode 100644 index 0000000000000..a715de44641e3 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_PathOnBase_SecurityOnParent.java @@ -0,0 +1,42 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.annotation.security.PermitAll; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@PermitAll +public abstract class ClassPermitAllParentResourceWithoutPath_PathOnBase_SecurityOnParent + implements ClassPermitAllInterfaceWithoutPath_SecurityOnParent { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnBase.java new file mode 100644 index 0000000000000..859be9c57786b --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnBase.java @@ -0,0 +1,26 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public abstract class ClassPermitAllParentResourceWithoutPath_SecurityOnBase + implements ClassPermitAllInterfaceWithoutPath_SecurityOnBase { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassPermitAll(JsonObject array); + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassPermitAllMethodPermitAll( + JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..0618a94e56b9e --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnInterface.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +public abstract class ClassPermitAllParentResourceWithoutPath_SecurityOnInterface + implements ClassPermitAllInterfaceWithoutPath_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..168ac6dd945dd --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllParentResourceWithoutPath_SecurityOnParent.java @@ -0,0 +1,42 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.PermitAll; + +import io.vertx.core.json.JsonObject; + +@PermitAll +public abstract class ClassPermitAllParentResourceWithoutPath_SecurityOnParent + implements ClassPermitAllInterfaceWithPath_SecurityOnParent { + + @Override + public ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + CLASS_PERMIT_ALL_PATH); + } + + @PermitAll + @Override + public ClassPermitAllSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassPermitAllMethodPermitAll() { + return new ClassPermitAllSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH); + } + + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassPermitAllMethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_PERMIT_ALL_METHOD_PERMIT_ALL_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllSubResourceWithoutPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllSubResourceWithoutPath.java new file mode 100644 index 0000000000000..39adbb89f718b --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classpermitall/ClassPermitAllSubResourceWithoutPath.java @@ -0,0 +1,20 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classpermitall; + +import jakarta.ws.rs.POST; + +import io.vertx.core.json.JsonObject; + +public class ClassPermitAllSubResourceWithoutPath { + + private final String subResourcePath; + + public ClassPermitAllSubResourceWithoutPath(String subResourcePath) { + this.subResourcePath = subResourcePath; + } + + @POST + public String post(JsonObject array) { + return subResourcePath; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..c719605cbd0ac --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnBase.java @@ -0,0 +1,51 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@RolesAllowed("admin") +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_RESOURCE) +public class ClassRolesAllowedBaseResourceWithPath_SecurityOnBase + extends ClassRolesAllowedParentResourceWithoutPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_ClassRolesAllowedPath(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_ROLES_ALLOWED_PATH) + public ClassRolesAllowedSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_ClassRolesAllowed() { + return new ClassRolesAllowedSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + CLASS_ROLES_ALLOWED_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..d25424b67c671 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnInterface.java @@ -0,0 +1,18 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_RESOURCE) +public class ClassRolesAllowedBaseResourceWithPath_SecurityOnInterface + extends ClassRolesAllowedParentResourceWithoutPath_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnParent.java new file mode 100644 index 0000000000000..37d0b6cbfd5b1 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithPath_SecurityOnParent.java @@ -0,0 +1,18 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_RESOURCE) +public class ClassRolesAllowedBaseResourceWithPath_SecurityOnParent + extends ClassRolesAllowedParentResourceWithoutPath_SecurityOnParent { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnBase.java new file mode 100644 index 0000000000000..a65c5cebbf49d --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnBase.java @@ -0,0 +1,34 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.RolesAllowed; + +import io.vertx.core.json.JsonObject; + +@RolesAllowed("admin") +public class ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnBase + extends ClassRolesAllowedParentResourceWithPath_SecurityOnBase { + + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Override + public ClassRolesAllowedSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_ClassRolesAllowed() { + return new ClassRolesAllowedSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + CLASS_ROLES_ALLOWED_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java new file mode 100644 index 0000000000000..9114037a2f445 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnInterface.java @@ -0,0 +1,5 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +public class ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnInterface + extends ClassRolesAllowedParentResourceWithPath_SecurityOnInterface { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnParent.java new file mode 100644 index 0000000000000..d515c5dcbaada --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnParent.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +public class ClassRolesAllowedBaseResourceWithoutPathExtParentRes_SecurityOnParent + extends ClassRolesAllowedParentResourceWithPath_SecurityOnParent { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnBase.java new file mode 100644 index 0000000000000..279978230e72b --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnBase.java @@ -0,0 +1,35 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.RolesAllowed; + +import io.vertx.core.json.JsonObject; + +@RolesAllowed("admin") +public class ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnBase + implements ClassRolesAllowedInterfaceWithPath_SecurityOnBase { + + @Override + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Override + public ClassRolesAllowedSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassRolesAllowed() { + return new ClassRolesAllowedSubResourceWithoutPath( + CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + CLASS_ROLES_ALLOWED_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnInterface.java new file mode 100644 index 0000000000000..356a2a6cc3491 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnInterface.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +// must always be here as interface needs an implementing class, otherwise is ignored +public class ClassRolesAllowedBaseResourceWithoutPathImplInterface_SecurityOnInterface + implements ClassRolesAllowedInterfaceWithPath_SecurityOnInterface { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPath_OnBase_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPath_OnBase_SecurityOnParent.java new file mode 100644 index 0000000000000..97ba87896da25 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPath_OnBase_SecurityOnParent.java @@ -0,0 +1,17 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_RESOURCE) +public class ClassRolesAllowedBaseResourceWithoutPath_OnBase_SecurityOnParent + extends ClassRolesAllowedParentResourceWithoutPath_PathOnBase_SecurityOnParent { +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPath_OnInterface_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPath_OnInterface_SecurityOnParent.java new file mode 100644 index 0000000000000..90918462b55b8 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedBaseResourceWithoutPath_OnInterface_SecurityOnParent.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +public class ClassRolesAllowedBaseResourceWithoutPath_OnInterface_SecurityOnParent + extends ClassRolesAllowedParentResourceWithoutPath_PathOnInterface_SecurityOnParent { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..67505331550dc --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnBase.java @@ -0,0 +1,36 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_INTERFACE) +public interface ClassRolesAllowedInterfaceWithPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_ClassRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + CLASS_ROLES_ALLOWED_PATH) + ClassRolesAllowedSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_ClassRolesAllowed(); +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..d13487fe82145 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnInterface.java @@ -0,0 +1,40 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_INTERFACE; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@RolesAllowed("admin") +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_INTERFACE) +public interface ClassRolesAllowedInterfaceWithPath_SecurityOnInterface { + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + CLASS_ROLES_ALLOWED_PATH) + default ClassRolesAllowedSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_ClassRolesAllowed() { + return new ClassRolesAllowedSubResourceWithoutPath( + CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + CLASS_ROLES_ALLOWED_PATH); + } + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnParent.java new file mode 100644 index 0000000000000..92d69b6001782 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithPath_SecurityOnParent.java @@ -0,0 +1,32 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_INTERFACE) +public interface ClassRolesAllowedInterfaceWithPath_SecurityOnParent { + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + CLASS_ROLES_ALLOWED_PATH) + ClassRolesAllowedSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassRolesAllowed(); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java new file mode 100644 index 0000000000000..a8d03bd65bf45 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnInterface.java @@ -0,0 +1,23 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@RolesAllowed("admin") +public interface ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnInterface { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnParent.java new file mode 100644 index 0000000000000..a3bc5ebbcd188 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnParent.java @@ -0,0 +1,19 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnParent { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnBase.java new file mode 100644 index 0000000000000..4ab1356a2850c --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnBase.java @@ -0,0 +1,19 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassRolesAllowedInterfaceWithoutPath_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..aba095ba096a0 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnInterface.java @@ -0,0 +1,23 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@RolesAllowed("admin") +public interface ClassRolesAllowedInterfaceWithoutPath_SecurityOnInterface { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..0ecd888de0327 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedInterfaceWithoutPath_SecurityOnParent.java @@ -0,0 +1,19 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassRolesAllowedInterfaceWithoutPath_SecurityOnParent { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceInterface_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceInterface_SecurityOnBase.java new file mode 100644 index 0000000000000..d45cc4b5a3686 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceInterface_SecurityOnBase.java @@ -0,0 +1,19 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface ClassRolesAllowedParentResourceInterface_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnBase.java new file mode 100644 index 0000000000000..77d440a21ed7a --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnBase.java @@ -0,0 +1,32 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_BASE + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassRolesAllowedParentResourceWithPath_SecurityOnBase + implements ClassRolesAllowedParentResourceInterface_SecurityOnBase { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_ClassRolesAllowed(JsonObject array); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + CLASS_ROLES_ALLOWED_PATH) + public abstract ClassRolesAllowedSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_ClassRolesAllowed(); +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..9bd36d426e487 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnInterface.java @@ -0,0 +1,18 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_INTERFACE; + +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_INTERFACE + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassRolesAllowedParentResourceWithPath_SecurityOnInterface + implements ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnParent.java new file mode 100644 index 0000000000000..0ae13565bb527 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithPath_SecurityOnParent.java @@ -0,0 +1,45 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_SECURITY_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@RolesAllowed("admin") +@Path(CLASS_ROLES_ALLOWED_PREFIX + CLASS_SECURITY_ON_PARENT + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class ClassRolesAllowedParentResourceWithPath_SecurityOnParent + implements ClassRolesAllowedInterfaceWithoutPath_PathOnParent_SecurityOnParent { + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + CLASS_ROLES_ALLOWED_PATH) + public ClassRolesAllowedSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParentResource_ClassRolesAllowed() { + return new ClassRolesAllowedSubResourceWithoutPath(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + + SUB_IMPL_ON_PARENT + CLASS_ROLES_ALLOWED_PATH); + } + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_PathOnBase_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_PathOnBase_SecurityOnParent.java new file mode 100644 index 0000000000000..7ef14717b020d --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_PathOnBase_SecurityOnParent.java @@ -0,0 +1,23 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@RolesAllowed("admin") +public abstract class ClassRolesAllowedParentResourceWithoutPath_PathOnBase_SecurityOnParent { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_PathOnInterface_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_PathOnInterface_SecurityOnParent.java new file mode 100644 index 0000000000000..cf36aa0bbcc0b --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_PathOnInterface_SecurityOnParent.java @@ -0,0 +1,29 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.RolesAllowed; + +import io.vertx.core.json.JsonObject; + +@RolesAllowed("admin") +public abstract class ClassRolesAllowedParentResourceWithoutPath_PathOnInterface_SecurityOnParent + implements ClassRolesAllowedInterfaceWithPath_SecurityOnParent { + + @Override + public ClassRolesAllowedSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_ClassRolesAllowed() { + return new ClassRolesAllowedSubResourceWithoutPath( + CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + CLASS_ROLES_ALLOWED_PATH); + } + + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnBase.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnBase.java new file mode 100644 index 0000000000000..d5b143d93be28 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnBase.java @@ -0,0 +1,20 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public abstract class ClassRolesAllowedParentResourceWithoutPath_SecurityOnBase + implements ClassRolesAllowedInterfaceWithoutPath_SecurityOnBase { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_ClassRolesAllowed(JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnInterface.java new file mode 100644 index 0000000000000..73c1125d0672d --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnInterface.java @@ -0,0 +1,6 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +public abstract class ClassRolesAllowedParentResourceWithoutPath_SecurityOnInterface + implements ClassRolesAllowedInterfaceWithoutPath_SecurityOnInterface { + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnParent.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnParent.java new file mode 100644 index 0000000000000..d481ebca9cddb --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedParentResourceWithoutPath_SecurityOnParent.java @@ -0,0 +1,20 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; + +import jakarta.annotation.security.RolesAllowed; + +import io.vertx.core.json.JsonObject; + +@RolesAllowed("admin") +public abstract class ClassRolesAllowedParentResourceWithoutPath_SecurityOnParent + implements ClassRolesAllowedInterfaceWithoutPath_SecurityOnParent { + + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_ClassRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + CLASS_ROLES_ALLOWED_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedSubResourceWithoutPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedSubResourceWithoutPath.java new file mode 100644 index 0000000000000..223ea305c2998 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/classrolesallowed/ClassRolesAllowedSubResourceWithoutPath.java @@ -0,0 +1,20 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.classrolesallowed; + +import jakarta.ws.rs.POST; + +import io.vertx.core.json.JsonObject; + +public class ClassRolesAllowedSubResourceWithoutPath { + + private final String subResourcePath; + + public ClassRolesAllowedSubResourceWithoutPath(String subResourcePath) { + this.subResourcePath = subResourcePath; + } + + @POST + public String post(JsonObject array) { + return subResourcePath; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource.java new file mode 100644 index 0000000000000..d327817d23fb6 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource.java @@ -0,0 +1,83 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.multiple.pathonbase; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_NO_ANNOTATION_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.FIRST_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.MULTIPLE_INHERITANCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SECOND_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.THIRD_INTERFACE; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +@Path(CLASS_NO_ANNOTATION_PREFIX + MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE) +public class BaseResource implements BaseResource_First_Interface { + + @POST + @RolesAllowed("admin") + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + public String multipleInheritance_ClassPathOnBase_ImplOnBase_ImplWithPath_MethodRolesAllowed(JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH; + } + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + public String multipleInheritance_ClassPathOnBase_ImplOnBase_ImplWithPath_NoAnnotation(JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String multipleInheritance_ClassPathOnBase_ImplOnBase_FirstInterface_InterfaceMethodWithPath_MethodRolesAllowed( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + FIRST_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH; + } + + @Override + public String multipleInheritance_ClassPathOnBase_ImplOnBase_FirstInterface_InterfaceMethodWithPath_NoAnnotation( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + FIRST_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String multipleInheritance_ClassPathOnBase_ImplOnBase_SecondInterface_InterfaceMethodWithPath_MethodRolesAllowed( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + SECOND_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH; + } + + @Override + public String multipleInheritance_ClassPathOnBase_ImplOnBase_SecondInterface_InterfaceMethodWithPath_NoAnnotation( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + SECOND_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String multipleInheritance_ClassPathOnBase_ImplOnBase_ThirdInterface_InterfaceMethodWithPath_MethodRolesAllowed( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH; + } + + @Override + public String multipleInheritance_ClassPathOnBase_ImplOnBase_ThirdInterface_InterfaceMethodWithPath_NoAnnotation( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_First_Interface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_First_Interface.java new file mode 100644 index 0000000000000..881ea5bd44121 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_First_Interface.java @@ -0,0 +1,31 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.multiple.pathonbase; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.FIRST_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.MULTIPLE_INHERITANCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface BaseResource_First_Interface + extends BaseResource_Second_Interface { + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + FIRST_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH) + String multipleInheritance_ClassPathOnBase_ImplOnBase_FirstInterface_InterfaceMethodWithPath_MethodRolesAllowed( + JsonObject array); + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + FIRST_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH) + String multipleInheritance_ClassPathOnBase_ImplOnBase_FirstInterface_InterfaceMethodWithPath_NoAnnotation( + JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_Second_Interface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_Second_Interface.java new file mode 100644 index 0000000000000..b9becf5b3963e --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_Second_Interface.java @@ -0,0 +1,31 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.multiple.pathonbase; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.MULTIPLE_INHERITANCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SECOND_INTERFACE; + +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface BaseResource_Second_Interface + extends BaseResource_Third_Interface { + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + SECOND_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH) + String multipleInheritance_ClassPathOnBase_ImplOnBase_SecondInterface_InterfaceMethodWithPath_MethodRolesAllowed( + JsonObject array); + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + SECOND_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH) + String multipleInheritance_ClassPathOnBase_ImplOnBase_SecondInterface_InterfaceMethodWithPath_NoAnnotation( + JsonObject array); + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_Third_Interface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_Third_Interface.java new file mode 100644 index 0000000000000..c7a7a43202ac5 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/multiple/pathonbase/BaseResource_Third_Interface.java @@ -0,0 +1,50 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.multiple.pathonbase; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.MULTIPLE_INHERITANCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.THIRD_INTERFACE; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface BaseResource_Third_Interface { + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH) + String multipleInheritance_ClassPathOnBase_ImplOnBase_ThirdInterface_InterfaceMethodWithPath_MethodRolesAllowed( + JsonObject array); + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH) + String multipleInheritance_ClassPathOnBase_ImplOnBase_ThirdInterface_InterfaceMethodWithPath_NoAnnotation( + JsonObject array); + + @RolesAllowed("admin") + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH) + default String multipleInheritance_ClassPathOnBase_ImplOnInterface_ThirdInterface_InterfaceMethodWithPath_MethodRolesAllowed( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + METHOD_ROLES_ALLOWED_PATH; + } + + @POST + @Path(MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH) + default String multipleInheritance_ClassPathOnBase_ImplOnInterface_ThirdInterface_InterfaceMethodWithPath_NoAnnotation( + JsonObject array) { + return MULTIPLE_INHERITANCE + CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + THIRD_INTERFACE + INTERFACE_METHOD_WITH_PATH + + NO_SECURITY_ANNOTATION_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithPath.java new file mode 100644 index 0000000000000..2abb17d1d62fb --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithPath.java @@ -0,0 +1,132 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_NO_ANNOTATION_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_NO_ANNOTATION_PREFIX + CLASS_PATH_ON_RESOURCE) +public class NoAnnotationBaseResourceWithPath extends NoAnnotationParentResourceWithoutPath { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + @POST + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_NoAnnotation(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @Override + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + @POST + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + @POST + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + @POST + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_RolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_DenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_PermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_RolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_DenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_PermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + NO_SECURITY_ANNOTATION_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_NoSecurityAnnotation() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + NO_SECURITY_ANNOTATION_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + METHOD_PERMIT_ALL_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_MethodPermitAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + METHOD_PERMIT_ALL_PATH); + } + + @DenyAll + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + METHOD_DENY_ALL_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_MethodDenyAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + METHOD_DENY_ALL_PATH); + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + METHOD_ROLES_ALLOWED_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnResource_SubDeclaredOnBase_SubImplOnBase_MethodRolesAllowed() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_RESOURCE + SUB_DECLARED_ON_BASE + SUB_IMPL_ON_BASE + METHOD_ROLES_ALLOWED_PATH); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithoutPathExtParentRes.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithoutPathExtParentRes.java new file mode 100644 index 0000000000000..64d509db40b60 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithoutPathExtParentRes.java @@ -0,0 +1,105 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_NO_ANNOTATION_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public class NoAnnotationBaseResourceWithoutPathExtParentRes extends NoAnnotationParentResourceWithPath { + + @Override + @Path(CLASS_NO_ANNOTATION_PREFIX + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + @POST + public String get_ClassPathOnParentResource_ImplOnBase_ImplMethodWithPath_NoAnnotation(JsonObject array) { + return CLASS_NO_ANNOTATION_PREFIX + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_NoAnnotation(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @Override + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_NoSecurityAnnotation() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + NO_SECURITY_ANNOTATION_PATH); + } + + @PermitAll + @Override + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_MethodPermitAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + METHOD_PERMIT_ALL_PATH); + } + + @DenyAll + @Override + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_MethodDenyAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + METHOD_DENY_ALL_PATH); + } + + @RolesAllowed("admin") + @Override + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_MethodRolesAllowed() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + METHOD_ROLES_ALLOWED_PATH); + } + + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithoutPathImplInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithoutPathImplInterface.java new file mode 100644 index 0000000000000..150696c26f5eb --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationBaseResourceWithoutPathImplInterface.java @@ -0,0 +1,110 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public class NoAnnotationBaseResourceWithoutPathImplInterface extends NoAnnotationParentResourceWithoutPathImplInterface { + + @Override + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_NoAnnotation(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + public String classPathOnInterface_ImplOnBase_ImplMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_NoAnnotation(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_NoSecurityAnnotation() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + NO_SECURITY_ANNOTATION_PATH); + } + + @PermitAll + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_MethodPermitAll() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + METHOD_PERMIT_ALL_PATH); + } + + @DenyAll + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_MethodDenyAll() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + METHOD_DENY_ALL_PATH); + } + + @RolesAllowed("admin") + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_MethodRolesAllowed() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_BASE + METHOD_ROLES_ALLOWED_PATH); + } + + @Override + public String classPathOnInterface_ImplOnBase_ParentMethodWithPath_NoSecurityAnnotation(JsonObject array) { + throw new IllegalStateException("RESTEasy didn't support this endpoint in past"); + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationInterfaceWithPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationInterfaceWithPath.java new file mode 100644 index 0000000000000..24dab9dcdfbcd --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationInterfaceWithPath.java @@ -0,0 +1,152 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_NO_ANNOTATION_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_NO_ANNOTATION_PREFIX + CLASS_PATH_ON_INTERFACE) +public interface NoAnnotationInterfaceWithPath { + + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_NoAnnotation(JsonObject array); + + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_MethodRolesAllowed(JsonObject array); + + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_MethodDenyAll(JsonObject array); + + String classPathOnInterface_ImplOnBase_ImplMethodWithPath_MethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_NoAnnotation(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_MethodDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnBase_InterfaceMethodWithPath_MethodPermitAll(JsonObject array); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + NO_SECURITY_ANNOTATION_PATH) + default NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_NoSecurityAnnotation() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + NO_SECURITY_ANNOTATION_PATH); + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + METHOD_ROLES_ALLOWED_PATH) + default NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_MethodRolesAllowed() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_INTERFACE + METHOD_ROLES_ALLOWED_PATH); + } + + @DenyAll + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + METHOD_DENY_ALL_PATH) + default NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_MethodDenyAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + METHOD_DENY_ALL_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + METHOD_PERMIT_ALL_PATH) + default NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnInterface_MethodPermitAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_INTERFACE + METHOD_PERMIT_ALL_PATH); + } + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + NO_SECURITY_ANNOTATION_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_NoSecurityAnnotation(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + METHOD_PERMIT_ALL_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_MethodPermitAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + METHOD_DENY_ALL_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_MethodDenyAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_BASE + METHOD_ROLES_ALLOWED_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnBase_MethodRolesAllowed(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + NO_SECURITY_ANNOTATION_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_NoSecurityAnnotation(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + METHOD_PERMIT_ALL_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_MethodPermitAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + METHOD_DENY_ALL_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_MethodDenyAll(); + + @Path(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + SUB_IMPL_ON_PARENT + METHOD_ROLES_ALLOWED_PATH) + NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_MethodRolesAllowed(); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_MethodDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_MethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @DenyAll + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + default String classPathOnInterface_ImplOnInterface_ImplMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationInterfaceWithoutPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationInterfaceWithoutPath.java new file mode 100644 index 0000000000000..c143a6daec45b --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationInterfaceWithoutPath.java @@ -0,0 +1,83 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface NoAnnotationInterfaceWithoutPath { + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_RolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_DenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnBase_InterfaceMethodWithPath_PermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_NoAnnotation(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_MethodDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_MethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @DenyAll + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + default String classPathOnResource_ImplOnInterface_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceInterface.java new file mode 100644 index 0000000000000..6ea136bdb8a9a --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceInterface.java @@ -0,0 +1,82 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public interface NoAnnotationParentResourceInterface { + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_MethodDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnBase_InterfaceMethodWithPath_MethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_MethodPermitAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_MethodDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @PermitAll + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @DenyAll + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + default String classPathOnParentResource_ImplOnInterface_ImplMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_INTERFACE + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithPath.java new file mode 100644 index 0000000000000..1c2aa3b92fdac --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithPath.java @@ -0,0 +1,142 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_NO_ANNOTATION_PREFIX; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_PARENT_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.Consumes; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; +import jakarta.ws.rs.Produces; +import jakarta.ws.rs.core.MediaType; + +import io.vertx.core.json.JsonObject; + +@Produces(MediaType.APPLICATION_JSON) +@Consumes(MediaType.APPLICATION_JSON) +@Path(CLASS_NO_ANNOTATION_PREFIX + CLASS_PATH_ON_PARENT_RESOURCE) +public abstract class NoAnnotationParentResourceWithPath implements NoAnnotationParentResourceInterface { + + public String get_ClassPathOnParentResource_ImplOnBase_ImplMethodWithPath_NoAnnotation(JsonObject array) { + throw new IllegalStateException("Implementation should had been invoked"); + } + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_NoAnnotation(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_MethodRolesAllowed(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_MethodDenyAll(JsonObject array); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + public abstract String classPathOnParentResource_ImplOnBase_ParentMethodWithPath_MethodPermitAll(JsonObject array); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + NO_SECURITY_ANNOTATION_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParentResource_NoSecurityAnnotation() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + + SUB_IMPL_ON_PARENT + NO_SECURITY_ANNOTATION_PATH); + } + + @PermitAll + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + METHOD_PERMIT_ALL_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParentResource_MethodPermitAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + METHOD_PERMIT_ALL_PATH); + } + + @DenyAll + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + METHOD_DENY_ALL_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParentResource_MethodDenyAll() { + return new NoAnnotationSubResourceWithoutPath( + CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + METHOD_DENY_ALL_PATH); + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_PARENT + METHOD_ROLES_ALLOWED_PATH) + public NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnParentResource_MethodRolesAllowed() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + + SUB_IMPL_ON_PARENT + METHOD_ROLES_ALLOWED_PATH); + } + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + NO_SECURITY_ANNOTATION_PATH) + public abstract NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_NoSecurityAnnotation(); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + METHOD_PERMIT_ALL_PATH) + public abstract NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_MethodPermitAll(); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + METHOD_DENY_ALL_PATH) + public abstract NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_MethodDenyAll(); + + @Path(CLASS_PATH_ON_PARENT_RESOURCE + SUB_DECLARED_ON_PARENT + SUB_IMPL_ON_BASE + METHOD_ROLES_ALLOWED_PATH) + public abstract NoAnnotationSubResourceWithoutPath classPathOnParentResource_SubDeclaredOnParent_SubImplOnBaseResource_MethodRolesAllowed(); + + @POST + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @POST + @PermitAll + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @POST + @DenyAll + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @POST + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + public String classPathOnParentResource_ImplOnParent_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnParentResource_ImplOnParent_InterfaceMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_PARENT_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithoutPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithoutPath.java new file mode 100644 index 0000000000000..f2ce03626f1fb --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithoutPath.java @@ -0,0 +1,95 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_RESOURCE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public abstract class NoAnnotationParentResourceWithoutPath implements NoAnnotationInterfaceWithoutPath { + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_NoSecurityAnnotation(JsonObject array); + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_RolesAllowed(JsonObject array); + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_DenyAll(JsonObject array); + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + @POST + public abstract String test_ClassPathOnResource_ImplOnBase_ParentMethodWithPath_PermitAll(JsonObject array); + + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Path(CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH) + @POST + public String test_ClassPathOnResource_ImplOnParent_ImplMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_NoAnnotation(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } + + @DenyAll + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnResource_ImplOnParent_InterfaceMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_RESOURCE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + public String get_ClassPathOnResource_ImplOnBase_ImplMethodWithPath_MethodRolesAllowed(JsonObject array) { + // hint: purpose of this method is to ensure that existence of overridden parent method + // has no effect on a secured method (like: correct secured resource method is identified) + throw new IllegalStateException("Implementation should be used"); + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithoutPathImplInterface.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithoutPathImplInterface.java new file mode 100644 index 0000000000000..b09ee0649c292 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationParentResourceWithoutPathImplInterface.java @@ -0,0 +1,85 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.CLASS_PATH_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_BASE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.IMPL_ON_PARENT; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.INTERFACE_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_DENY_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_PERMIT_ALL_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.METHOD_ROLES_ALLOWED_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.NO_SECURITY_ANNOTATION_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.PARENT_METHOD_WITH_PATH; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_DECLARED_ON_INTERFACE; +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SUB_IMPL_ON_PARENT; + +import jakarta.annotation.security.DenyAll; +import jakarta.annotation.security.PermitAll; +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public abstract class NoAnnotationParentResourceWithoutPathImplInterface implements NoAnnotationInterfaceWithPath { + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_BASE + PARENT_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + public abstract String classPathOnInterface_ImplOnBase_ParentMethodWithPath_NoSecurityAnnotation(JsonObject array); + + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_NoSecurityAnnotation() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + NO_SECURITY_ANNOTATION_PATH); + } + + @PermitAll + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_MethodPermitAll() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + METHOD_PERMIT_ALL_PATH); + } + + @DenyAll + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_MethodDenyAll() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + METHOD_DENY_ALL_PATH); + } + + @RolesAllowed("admin") + @Override + public NoAnnotationSubResourceWithoutPath classPathOnInterface_SubDeclaredOnInterface_SubImplOnParent_MethodRolesAllowed() { + return new NoAnnotationSubResourceWithoutPath(CLASS_PATH_ON_INTERFACE + SUB_DECLARED_ON_INTERFACE + + SUB_IMPL_ON_PARENT + METHOD_ROLES_ALLOWED_PATH); + } + + @POST + @Path(CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH) + public String classPathOnInterface_ImplOnParent_ImplMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + IMPL_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_NoSecurityAnnotation(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + NO_SECURITY_ANNOTATION_PATH; + } + + @DenyAll + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_MethodDenyAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_DENY_ALL_PATH; + } + + @PermitAll + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_MethodPermitAll(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_PERMIT_ALL_PATH; + } + + @RolesAllowed("admin") + @Override + public String classPathOnInterface_ImplOnParent_InterfaceMethodWithPath_MethodRolesAllowed(JsonObject array) { + return CLASS_PATH_ON_INTERFACE + IMPL_ON_PARENT + INTERFACE_METHOD_WITH_PATH + METHOD_ROLES_ALLOWED_PATH; + } +} diff --git a/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationSubResourceWithoutPath.java b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationSubResourceWithoutPath.java new file mode 100644 index 0000000000000..79e5262467976 --- /dev/null +++ b/extensions/resteasy-reactive/rest/deployment/src/test/java/io/quarkus/resteasy/reactive/server/test/security/inheritance/noclassannotation/NoAnnotationSubResourceWithoutPath.java @@ -0,0 +1,31 @@ +package io.quarkus.resteasy.reactive.server.test.security.inheritance.noclassannotation; + +import static io.quarkus.resteasy.reactive.server.test.security.inheritance.SubPaths.SECURED_SUB_RESOURCE_ENDPOINT_PATH; + +import jakarta.annotation.security.RolesAllowed; +import jakarta.ws.rs.POST; +import jakarta.ws.rs.Path; + +import io.vertx.core.json.JsonObject; + +public class NoAnnotationSubResourceWithoutPath { + + private final String subResourcePath; + + public NoAnnotationSubResourceWithoutPath(String subResourcePath) { + this.subResourcePath = subResourcePath; + } + + @POST + public String post(JsonObject array) { + return subResourcePath; + } + + @RolesAllowed("admin") + @Path(SECURED_SUB_RESOURCE_ENDPOINT_PATH) + @POST + public String securedPost(JsonObject array) { + return subResourcePath + SECURED_SUB_RESOURCE_ENDPOINT_PATH; + } + +} diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java index e94d113d32991..b75ac82fd32c9 100644 --- a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityContext.java @@ -16,9 +16,7 @@ import org.eclipse.microprofile.config.inject.ConfigProperty; import org.jboss.resteasy.reactive.server.core.ResteasyReactiveRequestContext; -import org.jboss.resteasy.reactive.server.spi.ResteasyReactiveResourceInfo; -import io.quarkus.arc.Arc; import io.quarkus.arc.InjectableInstance; import io.quarkus.runtime.ShutdownEvent; import io.quarkus.runtime.StartupEvent; @@ -30,13 +28,10 @@ import io.quarkus.security.spi.runtime.AuthorizationFailureEvent; import io.quarkus.security.spi.runtime.AuthorizationSuccessEvent; import io.quarkus.security.spi.runtime.BlockingSecurityExecutor; -import io.quarkus.security.spi.runtime.MethodDescription; -import io.quarkus.security.spi.runtime.SecurityCheckStorage; import io.quarkus.security.spi.runtime.SecurityEventHelper; import io.quarkus.vertx.http.runtime.HttpBuildTimeConfig; import io.quarkus.vertx.http.runtime.HttpConfiguration; import io.quarkus.vertx.http.runtime.security.AbstractPathMatchingHttpSecurityPolicy; -import io.quarkus.vertx.http.runtime.security.EagerSecurityInterceptorStorage; import io.quarkus.vertx.http.runtime.security.HttpSecurityPolicy; import io.quarkus.vertx.http.runtime.security.HttpSecurityPolicy.DefaultAuthorizationRequestContext; import io.quarkus.vertx.http.runtime.security.QuarkusHttpUser; @@ -51,9 +46,7 @@ public class EagerSecurityContext { final AbstractPathMatchingHttpSecurityPolicy jaxRsPathMatchingPolicy; final SecurityEventHelper eventHelper; final InjectableInstance identityAssociation; - final EagerSecurityInterceptorStorage interceptorStorage; final AuthorizationController authorizationController; - final SecurityCheckStorage securityCheckStorage; final boolean doNotRunPermissionSecurityCheck; final boolean isProactiveAuthDisabled; @@ -61,14 +54,11 @@ public class EagerSecurityContext { @ConfigProperty(name = "quarkus.security.events.enabled") boolean securityEventsEnabled, Event authorizationSuccessEvent, BeanManager beanManager, InjectableInstance identityAssociation, AuthorizationController authorizationController, - SecurityCheckStorage securityCheckStorage, HttpConfiguration httpConfig, BlockingSecurityExecutor blockingExecutor, + HttpConfiguration httpConfig, BlockingSecurityExecutor blockingExecutor, HttpBuildTimeConfig buildTimeConfig, Instance installedPolicies) { - var interceptorStorageHandle = Arc.container().instance(EagerSecurityInterceptorStorage.class); - this.interceptorStorage = interceptorStorageHandle.isAvailable() ? interceptorStorageHandle.get() : null; this.isProactiveAuthDisabled = !buildTimeConfig.auth.proactive; this.identityAssociation = identityAssociation; this.authorizationController = authorizationController; - this.securityCheckStorage = securityCheckStorage; this.eventHelper = new SecurityEventHelper<>(authorizationSuccessEvent, authorizationFailureEvent, AUTHORIZATION_SUCCESS, AUTHORIZATION_FAILURE, beanManager, securityEventsEnabled); var jaxRsPathMatchingPolicy = new AbstractPathMatchingHttpSecurityPolicy(httpConfig.auth.permissions, @@ -87,8 +77,8 @@ public class EagerSecurityContext { void initSingleton(@Observes StartupEvent event) { // intention here is to initialize this instance during app startup and make it accessible as singleton to // all the security ServerRestHandler instances, so that they don't need to access it via CDI programmatically - // and write to a volatile variable during the request; the EagerSecurityHandler is created for each secured - // endpoint, so there can be a lot of them + // and write to a volatile variable during the request; the EagerSecurityHandler is created for each + // endpoint (in case there is HTTP permission configured), so there can be a lot of them instance = this; } @@ -176,9 +166,4 @@ public SecurityIdentity apply(SecurityCheckWithIdentity checkWithIdentity) { } }); } - - static MethodDescription lazyMethodToMethodDescription(ResteasyReactiveResourceInfo lazyMethod) { - return new MethodDescription(lazyMethod.getActualDeclaringClassName(), - lazyMethod.getName(), MethodDescription.typesAsStrings(lazyMethod.getParameterTypes())); - } } diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityHandler.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityHandler.java index 27da712905fe3..2b1a28d5ea50a 100644 --- a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityHandler.java +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityHandler.java @@ -1,9 +1,7 @@ package io.quarkus.resteasy.reactive.server.runtime.security; import static io.quarkus.resteasy.reactive.server.runtime.StandardSecurityCheckInterceptor.STANDARD_SECURITY_CHECK_INTERCEPTOR; -import static io.quarkus.resteasy.reactive.server.runtime.security.EagerSecurityContext.lazyMethodToMethodDescription; -import java.lang.reflect.Method; import java.util.Collections; import java.util.List; import java.util.Map; @@ -17,12 +15,14 @@ import org.jboss.resteasy.reactive.server.model.ServerResourceMethod; import org.jboss.resteasy.reactive.server.spi.ServerRestHandler; +import io.quarkus.arc.Arc; import io.quarkus.security.UnauthorizedException; import io.quarkus.security.identity.SecurityIdentity; import io.quarkus.security.spi.runtime.AuthorizationFailureEvent; import io.quarkus.security.spi.runtime.AuthorizationSuccessEvent; import io.quarkus.security.spi.runtime.MethodDescription; import io.quarkus.security.spi.runtime.SecurityCheck; +import io.quarkus.security.spi.runtime.SecurityCheckStorage; import io.quarkus.vertx.http.runtime.security.QuarkusHttpUser; import io.smallrye.mutiny.Uni; import io.smallrye.mutiny.subscription.UniSubscriber; @@ -31,22 +31,21 @@ public class EagerSecurityHandler implements ServerRestHandler { - private static final SecurityCheck NULL_SENTINEL = new SecurityCheck() { - @Override - public void apply(SecurityIdentity identity, Method method, Object[] parameters) { - - } - - @Override - public void apply(SecurityIdentity identity, MethodDescription method, Object[] parameters) { - - } - }; - private final boolean onlyCheckForHttpPermissions; - private volatile SecurityCheck check; - - public EagerSecurityHandler(boolean onlyCheckForHttpPermissions) { - this.onlyCheckForHttpPermissions = onlyCheckForHttpPermissions; + /** + * Used when no endpoint security checks were detected, no default Jakarta REST security is in place, and + * we have this handler in place for whether Jakarta REST specific HTTP Permissions are required + * is determined when runtime config is available. + */ + private static final EagerSecurityHandler HTTP_PERMS_ONLY = new EagerSecurityHandler(null, false, null); + + private final SecurityCheck check; + private final boolean isDefaultJaxRsSecCheck; + private final MethodDescription invokedMethodDesc; + + private EagerSecurityHandler(SecurityCheck check, boolean isDefaultJaxRsSecCheck, MethodDescription invokedMethodDesc) { + this.check = check; + this.isDefaultJaxRsSecCheck = isDefaultJaxRsSecCheck; + this.invokedMethodDesc = invokedMethodDesc; } @Override @@ -55,14 +54,26 @@ public void handle(ResteasyReactiveRequestContext requestContext) throws Excepti return; } - var securityCheck = getSecurityCheck(requestContext); + if (isDefaultJaxRsSecCheck && isRequestAlreadyChecked(requestContext)) { + // default Jakarta REST security is applied on subresource locators + // this ensures it's not reapplied on subresource endpoints + return; + } + + final Function> checkRequiringIdentity; + if (check == null) { + checkRequiringIdentity = null; + } else { + checkRequiringIdentity = getSecurityCheck(requestContext, check, invokedMethodDesc); + } + final Uni check; - if (securityCheck == null) { + if (checkRequiringIdentity == null) { if (EagerSecurityContext.instance.doNotRunPermissionSecurityCheck) { - // no check + // either permit all security check or no check at all return; } else { - // only permission check + // only HTTP permission check check = Uni.createFrom().deferred(new Supplier>() { @Override public Uni get() { @@ -72,10 +83,10 @@ public Uni get() { } } else { if (EagerSecurityContext.instance.doNotRunPermissionSecurityCheck) { - // only security check - check = EagerSecurityContext.instance.getDeferredIdentity().chain(securityCheck); + // only security check that requires identity + check = EagerSecurityContext.instance.getDeferredIdentity().chain(checkRequiringIdentity); } else { - // both security check and permission check + // both security check that requires identity and HTTP permission check check = EagerSecurityContext.instance.getDeferredIdentity() .flatMap(new Function>() { @Override @@ -83,7 +94,7 @@ public Uni apply(SecurityIdentity securityIdentity) { return EagerSecurityContext.instance.getPermissionCheck(requestContext, securityIdentity); } }) - .chain(securityCheck); + .chain(checkRequiringIdentity); } } @@ -107,30 +118,13 @@ public void onFailure(Throwable failure) { }); } - private Function> getSecurityCheck(ResteasyReactiveRequestContext requestContext) { - if (this.onlyCheckForHttpPermissions || this.check == NULL_SENTINEL) { - return null; - } - SecurityCheck check = this.check; - MethodDescription methodDescription = lazyMethodToMethodDescription(requestContext.getTarget().getLazyMethod()); - if (check == null) { - check = EagerSecurityContext.instance.securityCheckStorage.getSecurityCheck(methodDescription); - if (check == null) { - if (EagerSecurityContext.instance.securityCheckStorage.getDefaultSecurityCheck() == null - || isRequestAlreadyChecked(requestContext)) { - check = NULL_SENTINEL; - } else { - check = EagerSecurityContext.instance.securityCheckStorage.getDefaultSecurityCheck(); - } - } - this.check = check; - } - if (check == NULL_SENTINEL) { - return null; - } - + /** + * @return null if the check permits all requests, otherwise fun that requires identity to perform check + */ + private static Function> getSecurityCheck(ResteasyReactiveRequestContext requestContext, + SecurityCheck check, MethodDescription invokedMethodDesc) { if (check.isPermitAll()) { - preventRepeatedSecurityChecks(requestContext, methodDescription); + preventRepeatedSecurityChecks(requestContext, invokedMethodDesc); if (EagerSecurityContext.instance.eventHelper.fireEventOnSuccess()) { requestContext.requireCDIRequestScope(); @@ -144,11 +138,10 @@ private Function> getSecurityCheck(ResteasyReactiveRequ } EagerSecurityContext.instance.eventHelper.fireSuccessEvent(new AuthorizationSuccessEvent(identity, - check.getClass().getName(), createEventPropsWithRoutingCtx(requestContext), methodDescription)); + check.getClass().getName(), createEventPropsWithRoutingCtx(requestContext), invokedMethodDesc)); } return null; } else { - SecurityCheck theCheck = check; return new Function>() { @Override public Uni apply(SecurityIdentity securityIdentity) { @@ -159,7 +152,7 @@ public Uni apply(SecurityIdentity securityIdentity) { EagerSecurityContext.instance.identityAssociation.get().setIdentity(securityIdentity); } - if (theCheck.requiresMethodArguments()) { + if (check.requiresMethodArguments()) { // if security check requires method arguments, we can't perform it now // however we only allow to pass authenticated requests to avoid security risks if (securityIdentity == null || securityIdentity.isAnonymous()) { @@ -167,16 +160,16 @@ public Uni apply(SecurityIdentity securityIdentity) { if (EagerSecurityContext.instance.eventHelper.fireEventOnFailure()) { EagerSecurityContext.instance.eventHelper .fireFailureEvent(new AuthorizationFailureEvent(securityIdentity, unauthorizedException, - theCheck.getClass().getName(), createEventPropsWithRoutingCtx(requestContext), - methodDescription)); + check.getClass().getName(), createEventPropsWithRoutingCtx(requestContext), + invokedMethodDesc)); } throw unauthorizedException; } // security check will be performed by CDI interceptor return Uni.createFrom().nullItem(); } else { - preventRepeatedSecurityChecks(requestContext, methodDescription); - var checkResult = theCheck.nonBlockingApply(securityIdentity, methodDescription, + preventRepeatedSecurityChecks(requestContext, invokedMethodDesc); + var checkResult = check.nonBlockingApply(securityIdentity, invokedMethodDesc, requestContext.getParameters()); if (EagerSecurityContext.instance.eventHelper.fireEventOnFailure()) { checkResult = checkResult @@ -186,8 +179,8 @@ public Uni apply(SecurityIdentity securityIdentity) { public void accept(Throwable throwable) { EagerSecurityContext.instance.eventHelper .fireFailureEvent(new AuthorizationFailureEvent( - securityIdentity, throwable, theCheck.getClass().getName(), - createEventPropsWithRoutingCtx(requestContext), methodDescription)); + securityIdentity, throwable, check.getClass().getName(), + createEventPropsWithRoutingCtx(requestContext), invokedMethodDesc)); } }); } @@ -198,8 +191,8 @@ public void accept(Throwable throwable) { public void run() { EagerSecurityContext.instance.eventHelper.fireSuccessEvent( new AuthorizationSuccessEvent(securityIdentity, - theCheck.getClass().getName(), - createEventPropsWithRoutingCtx(requestContext), methodDescription)); + check.getClass().getName(), + createEventPropsWithRoutingCtx(requestContext), invokedMethodDesc)); } }); } @@ -244,7 +237,35 @@ public static HandlerChainCustomizer newInstance(boolean onlyCheckForHttpPermiss public List handlers(Phase phase, ResourceClass resourceClass, ServerResourceMethod serverResourceMethod) { if (phase == Phase.AFTER_MATCH) { - return Collections.singletonList(new EagerSecurityHandler(onlyCheckForHttpPermissions())); + if (onlyCheckForHttpPermissions()) { + return Collections.singletonList(HTTP_PERMS_ONLY); + } + + boolean isDefaultJaxRsSecCheck = false; + var desc = ResourceMethodDescription.of(serverResourceMethod); + var checkStorage = Arc.container().instance(SecurityCheckStorage.class).get(); + + var check = checkStorage.getSecurityCheck(desc.invokedMethodDesc()); + if (check == null && desc.fallbackMethodDesc() != null) { + check = checkStorage.getSecurityCheck(desc.fallbackMethodDesc()); + } + if (check == null) { + check = checkStorage.getDefaultSecurityCheck(); + isDefaultJaxRsSecCheck = true; + } + + if (check == null) { + throw new IllegalStateException( + """ + Security annotation placed on resource method '%s#%s' wasn't detected by Quarkus during the build time. + Please report issue in Quarkus project. + """ + .formatted(desc.invokedMethodDesc().getClassName(), + desc.invokedMethodDesc().getMethodName())); + } + + return Collections + .singletonList(new EagerSecurityHandler(check, isDefaultJaxRsSecCheck, desc.invokedMethodDesc())); } return Collections.emptyList(); } diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityInterceptorHandler.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityInterceptorHandler.java index 6570c4ea403bb..92f43df67f578 100644 --- a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityInterceptorHandler.java +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/EagerSecurityInterceptorHandler.java @@ -1,7 +1,5 @@ package io.quarkus.resteasy.reactive.server.runtime.security; -import static io.quarkus.resteasy.reactive.server.runtime.security.EagerSecurityContext.lazyMethodToMethodDescription; - import java.util.Collections; import java.util.List; import java.util.function.Consumer; @@ -12,8 +10,9 @@ import org.jboss.resteasy.reactive.server.model.ServerResourceMethod; import org.jboss.resteasy.reactive.server.spi.ServerRestHandler; -import io.quarkus.security.spi.runtime.MethodDescription; +import io.quarkus.arc.Arc; import io.quarkus.security.spi.runtime.SecurityCheck; +import io.quarkus.vertx.http.runtime.security.EagerSecurityInterceptorStorage; import io.vertx.ext.web.RoutingContext; /** @@ -22,36 +21,16 @@ */ public class EagerSecurityInterceptorHandler implements ServerRestHandler { - private static final Consumer NULL_SENTINEL = new Consumer() { - @Override - public void accept(RoutingContext routingContext) { - - } - }; - private volatile Consumer interceptor; + private final Consumer interceptor; - private EagerSecurityInterceptorHandler() { + private EagerSecurityInterceptorHandler(Consumer interceptor) { + this.interceptor = interceptor; } @Override public void handle(ResteasyReactiveRequestContext requestContext) throws Exception { // right now we do apply security interceptors even when authorization is disabled (for example for tests), as // even though you don't want to run security checks, you still might want to authenticate (access identity) - - if (interceptor == NULL_SENTINEL) { - return; - } - - if (interceptor == null) { - MethodDescription methodDescription = lazyMethodToMethodDescription(requestContext.getTarget().getLazyMethod()); - interceptor = EagerSecurityContext.instance.interceptorStorage.getInterceptor(methodDescription); - - if (interceptor == null) { - interceptor = NULL_SENTINEL; - return; - } - } - interceptor.accept(requestContext.unwrap(RoutingContext.class)); } @@ -65,7 +44,25 @@ public static HandlerChainCustomizer newInstance() { public List handlers(Phase phase, ResourceClass resourceClass, ServerResourceMethod serverResourceMethod) { if (phase == Phase.AFTER_MATCH) { - return Collections.singletonList(new EagerSecurityInterceptorHandler()); + + var desc = ResourceMethodDescription.of(serverResourceMethod); + var interceptorStorage = Arc.container().instance(EagerSecurityInterceptorStorage.class).get(); + var interceptor = interceptorStorage.getInterceptor(desc.invokedMethodDesc()); + if (interceptor == null && desc.fallbackMethodDesc() != null) { + interceptor = interceptorStorage.getInterceptor(desc.fallbackMethodDesc()); + } + + if (interceptor == null) { + throw new IllegalStateException( + """ + Security annotation placed on resource method '%s#%s' wasn't detected by Quarkus during the build time. + Please report issue in Quarkus project. + """ + .formatted(desc.invokedMethodDesc().getClassName(), + desc.invokedMethodDesc().getMethodName())); + } + + return Collections.singletonList(new EagerSecurityInterceptorHandler(interceptor)); } return Collections.emptyList(); } diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/ResourceMethodDescription.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/ResourceMethodDescription.java new file mode 100644 index 0000000000000..c7fb73a68cc93 --- /dev/null +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/ResourceMethodDescription.java @@ -0,0 +1,31 @@ +package io.quarkus.resteasy.reactive.server.runtime.security; + +import org.jboss.resteasy.reactive.server.model.ServerResourceMethod; + +import io.quarkus.security.spi.runtime.MethodDescription; + +/** + * @param invokedMethodDesc description of actually invoked method (method on which CDI interceptors are applied) + * @param fallbackMethodDesc description that we used in the past; not null when different to {@code invokedMethodDesc} + */ +record ResourceMethodDescription(MethodDescription invokedMethodDesc, MethodDescription fallbackMethodDesc) { + + static ResourceMethodDescription of(ServerResourceMethod method) { + return new ResourceMethodDescription( + createMethodDescription(method, method.getActualDeclaringClassName()), + createMethodDescription(method, method.getClassDeclMethodThatHasJaxRsEndpointDefiningAnn())); + } + + private static MethodDescription createMethodDescription(ServerResourceMethod method, String clazz) { + if (clazz == null) { + return null; + } + String[] paramTypes = new String[method.getParameters().length]; + for (int i = 0; i < method.getParameters().length; i++) { + paramTypes[i] = method.getParameters()[i].declaredUnresolvedType; + } + + return new MethodDescription(clazz, method.getName(), paramTypes); + } + +} diff --git a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/SecurityContextOverrideHandler.java b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/SecurityContextOverrideHandler.java index c526bc1b7846f..e2a978c5a9cfa 100644 --- a/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/SecurityContextOverrideHandler.java +++ b/extensions/resteasy-reactive/rest/runtime/src/main/java/io/quarkus/resteasy/reactive/server/runtime/security/SecurityContextOverrideHandler.java @@ -16,8 +16,6 @@ import org.jboss.resteasy.reactive.server.model.ServerResourceMethod; import org.jboss.resteasy.reactive.server.spi.ServerRestHandler; -import io.quarkus.arc.Arc; -import io.quarkus.arc.InjectableInstance; import io.quarkus.resteasy.reactive.server.runtime.ResteasyReactiveSecurityContext; import io.quarkus.security.credential.Credential; import io.quarkus.security.identity.CurrentIdentityAssociation; @@ -28,7 +26,10 @@ public class SecurityContextOverrideHandler implements ServerRestHandler { - private volatile InjectableInstance currentIdentityAssociation; + private static final SecurityContextOverrideHandler INSTANCE = new SecurityContextOverrideHandler(); + + private SecurityContextOverrideHandler() { + } @Override public void handle(ResteasyReactiveRequestContext requestContext) throws Exception { @@ -46,10 +47,9 @@ public void handle(ResteasyReactiveRequestContext requestContext) throws Excepti private void updateIdentity(ResteasyReactiveRequestContext requestContext, SecurityContext modified) { requestContext.requireCDIRequestScope(); - InjectableInstance instance = getCurrentIdentityAssociation(); - if (instance.isResolvable()) { + if (EagerSecurityContext.instance.identityAssociation.isResolvable()) { RoutingContext routingContext = requestContext.unwrap(RoutingContext.class); - CurrentIdentityAssociation currentIdentityAssociation = instance.get(); + CurrentIdentityAssociation currentIdentityAssociation = EagerSecurityContext.instance.identityAssociation.get(); Uni oldIdentity = currentIdentityAssociation.getDeferredIdentity(); currentIdentityAssociation.setIdentity(oldIdentity.map(new Function() { @Override @@ -119,20 +119,12 @@ public Uni checkPermission(Permission permission) { } } - private InjectableInstance getCurrentIdentityAssociation() { - InjectableInstance identityAssociation = this.currentIdentityAssociation; - if (identityAssociation == null) { - return this.currentIdentityAssociation = Arc.container().select(CurrentIdentityAssociation.class); - } - return identityAssociation; - } - public static class Customizer implements HandlerChainCustomizer { @Override public List handlers(Phase phase, ResourceClass resourceClass, ServerResourceMethod serverResourceMethod) { if (phase == Phase.AFTER_PRE_MATCH) { - return Collections.singletonList(new SecurityContextOverrideHandler()); + return Collections.singletonList(INSTANCE); } return Collections.emptyList(); } diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/EagerSecurityInterceptorBindingBuildItem.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/EagerSecurityInterceptorBindingBuildItem.java index 9cb335d53b863..e6870df3e4511 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/EagerSecurityInterceptorBindingBuildItem.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/EagerSecurityInterceptorBindingBuildItem.java @@ -27,6 +27,11 @@ public final class EagerSecurityInterceptorBindingBuildItem extends MultiBuildIt private final DotName[] annotationBindings; private final Function> interceptorCreator; private final Map bindingToValue; + /** + * If this interceptor is always accompanied by {@link io.quarkus.security.spi.runtime.SecurityCheck}. + * For example, we know that endpoint annotated with {@link HttpAuthenticationMechanism} is always secured. + */ + private final boolean requiresSecurityCheck; /** * @@ -38,6 +43,7 @@ public EagerSecurityInterceptorBindingBuildItem(Function> interceptorCreator, @@ -45,6 +51,7 @@ public EagerSecurityInterceptorBindingBuildItem(Function> bindingValueToInterceptedMethods, - DotName interceptorBinding) { + DotName interceptorBinding, boolean requiresSecurityCheck) { this.bindingValueToInterceptedMethods = Map.copyOf(bindingValueToInterceptedMethods); this.interceptorBinding = interceptorBinding; + this.requiresSecurityCheck = requiresSecurityCheck; } private Stream interceptedMethods() { return bindingValueToInterceptedMethods.values().stream().flatMap(Collection::stream); } - public static List collectInterceptedMethods(List items) { - return items.stream().flatMap(EagerSecurityInterceptorMethodsBuildItem::interceptedMethods).toList(); + public static Map collectInterceptedMethods(List items) { + Map result = new HashMap<>(); + for (var item : items) { + item.interceptedMethods().forEach(mi -> { + if (result.containsKey(mi)) { + var requiresCheck = result.get(mi); + if (!requiresCheck && item.requiresSecurityCheck) { + result.put(mi, true); + } + } else { + result.put(mi, item.requiresSecurityCheck); + } + }); + } + return result; } - } diff --git a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java index 6c77581e02424..9d27aac812e25 100644 --- a/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java +++ b/extensions/vertx-http/deployment/src/main/java/io/quarkus/vertx/http/deployment/HttpSecurityProcessor.java @@ -331,6 +331,11 @@ void collectInterceptedMethods(CombinedIndexBuildItem indexBuildItem, List interceptorBindings, BuildProducer methodsProducer) { if (!interceptorBindings.isEmpty()) { + Map bindingToRequiresSecCheckFlag = interceptorBindings.stream() + .flatMap(ib -> Arrays + .stream(ib.getAnnotationBindings()) + .map(b -> Map.entry(b, ib.requiresSecurityCheck()))) + .collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue)); var index = indexBuildItem.getIndex(); Map> cache = new HashMap<>(); Map>> result = new HashMap<>(); @@ -338,7 +343,8 @@ void collectInterceptedMethods(CombinedIndexBuildItem indexBuildItem, addInterceptedEndpoints(interceptorBindings, index, AnnotationTarget.Kind.CLASS, result, cache); if (!result.isEmpty()) { result.forEach((annotationBinding, bindingValueToInterceptedMethods) -> methodsProducer.produce( - new EagerSecurityInterceptorMethodsBuildItem(bindingValueToInterceptedMethods, annotationBinding))); + new EagerSecurityInterceptorMethodsBuildItem(bindingValueToInterceptedMethods, annotationBinding, + bindingToRequiresSecCheckFlag.get(annotationBinding)))); } } } diff --git a/independent-projects/resteasy-reactive/server/processor/src/main/java/org/jboss/resteasy/reactive/server/processor/ServerEndpointIndexer.java b/independent-projects/resteasy-reactive/server/processor/src/main/java/org/jboss/resteasy/reactive/server/processor/ServerEndpointIndexer.java index 07fb3fba149d4..07ebfc324d5d9 100644 --- a/independent-projects/resteasy-reactive/server/processor/src/main/java/org/jboss/resteasy/reactive/server/processor/ServerEndpointIndexer.java +++ b/independent-projects/resteasy-reactive/server/processor/src/main/java/org/jboss/resteasy/reactive/server/processor/ServerEndpointIndexer.java @@ -25,7 +25,9 @@ import java.io.File; import java.io.InputStream; +import java.lang.reflect.Modifier; import java.nio.file.Path; +import java.util.ArrayDeque; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; @@ -34,6 +36,7 @@ import java.util.LinkedHashMap; import java.util.List; import java.util.Map; +import java.util.Queue; import java.util.Set; import java.util.function.Supplier; import java.util.regex.PatternSyntaxException; @@ -183,10 +186,108 @@ protected ServerResourceMethod createResourceMethod(MethodInfo methodInfo, Class } } serverResourceMethod.setHandlerChainCustomizers(methodCustomizers); - serverResourceMethod.setActualDeclaringClassName(methodInfo.declaringClass().name().toString()); + + var actualDeclaringClassName = findActualDeclaringClassName(methodInfo, actualEndpointClass); + serverResourceMethod.setActualDeclaringClassName(actualDeclaringClassName); + var classDeclMethodThatHasJaxRsEndpointDefiningAnn = methodInfo.declaringClass().name().toString(); + if (!actualDeclaringClassName.equals(classDeclMethodThatHasJaxRsEndpointDefiningAnn)) { + serverResourceMethod + .setClassDeclMethodThatHasJaxRsEndpointDefiningAnn(classDeclMethodThatHasJaxRsEndpointDefiningAnn); + } + return serverResourceMethod; } + private String findActualDeclaringClassName(MethodInfo methodInfo, ClassInfo actualEndpointClass) { + return findEndpointImplementation(methodInfo, actualEndpointClass, index).declaringClass().name().toString(); + } + + /** + * Aim here is to find a method that actually returns endpoint response. + * We can receive method with similar signature several times here, only differing in the modifiers (abstract etc.). + * However, {@code actualEndpointClass} will change. + * For example once from the interface with JAX-RS endpoint defining annotations and also from implementors. + * + * @return method that returns endpoint response + */ + public static MethodInfo findEndpointImplementation(MethodInfo methodInfo, ClassInfo actualEndpointClass, IndexView index) { + // provided that 'actualEndpointClass' is requested from CDI via InstanceHandler factory + // we know that this class resolution must be unambiguous: + // 1. go down - find exactly one non-abstract class + ClassInfo clazz = null; + if (actualEndpointClass.isInterface()) { + for (var implementor : index.getAllKnownImplementors(actualEndpointClass.name())) { + if (!implementor.isInterface() && !implementor.isAbstract()) { + if (clazz == null) { + clazz = implementor; + // keep going to recognize if there is more than one non-abstract implementor + } else { + // resolution is not unambiguous, this at least make behavior deterministic + clazz = actualEndpointClass; + break; + } + } + } + } else { + for (var subClass : index.getAllKnownSubclasses(actualEndpointClass.name())) { + if (!subClass.isAbstract()) { + if (clazz == null) { + clazz = subClass; + // keep going to recognize if there is more than one non-abstract subclass + } else { + // resolution is not unambiguous, this at least make behavior deterministic + clazz = actualEndpointClass; + break; + } + } + } + } + if (clazz == null) { + clazz = actualEndpointClass; + } + + // 2. go up - first impl. going up is the one invoked on the endpoint instance + Queue defaultInterfaceMethods = new ArrayDeque<>(); + do { + // is non-abstract method declared on this class? + var method = clazz.method(methodInfo.name(), methodInfo.parameterTypes()); + if (method != null && !Modifier.isAbstract(method.flags())) { + return method; + } + + var interfaceWithImplMethod = findInterfaceDefaultMethod(clazz, methodInfo, index); + if (interfaceWithImplMethod != null) { + // class methods override default interface methods -> check parent first + defaultInterfaceMethods.add(interfaceWithImplMethod); + } + + if (clazz.superName() != null && !clazz.superName().equals(ResteasyReactiveDotNames.OBJECT)) { + clazz = index.getClassByName(clazz.superName()); + } else { + break; + } + } while (clazz != null); + if (!defaultInterfaceMethods.isEmpty()) { + return defaultInterfaceMethods.peek(); + } + + // 3. fallback to original behavior + return methodInfo; + } + + private static MethodInfo findInterfaceDefaultMethod(ClassInfo clazz, MethodInfo methodInfo, IndexView index) { + for (DotName interfaceName : clazz.interfaceNames()) { + var interfaceClass = index.getClassByName(interfaceName); + if (interfaceClass != null) { + var intMethod = interfaceClass.method(methodInfo.name(), methodInfo.parameterTypes()); + if (intMethod != null && intMethod.isDefault() && Modifier.isPublic(intMethod.flags())) { + return intMethod; + } + } + } + return null; + } + @Override protected boolean handleBeanParam(ClassInfo actualEndpointInfo, Type paramType, MethodParameter[] methodParameters, int i, Set fileFormNames) { diff --git a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/model/ServerResourceMethod.java b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/model/ServerResourceMethod.java index e56dd9e8836f3..06f619193e9d5 100644 --- a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/model/ServerResourceMethod.java +++ b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/model/ServerResourceMethod.java @@ -19,6 +19,7 @@ public class ServerResourceMethod extends ResourceMethod { private List handlerChainCustomizers = new ArrayList<>(); private ParameterExtractor customerParameterExtractor; private String actualDeclaringClassName; + private String classDeclMethodThatHasJaxRsEndpointDefiningAnn; public ServerResourceMethod() { } @@ -79,4 +80,25 @@ public String getActualDeclaringClassName() { public void setActualDeclaringClassName(String actualDeclaringClassName) { this.actualDeclaringClassName = actualDeclaringClassName; } + + /** + * Returns a declaring class name of a resource method annotated with Jakarta REST endpoint defining annotations. + * This class can be different to {@link #getActualDeclaringClassName()} when this method is overridden on subclasses, + * or when method-level {@link jakarta.ws.rs.Path} is defined on non-default interface method. + * + * @return declaring class name if different to {@link #getActualDeclaringClassName()} or null + */ + public String getClassDeclMethodThatHasJaxRsEndpointDefiningAnn() { + return classDeclMethodThatHasJaxRsEndpointDefiningAnn; + } + + /** + * Sets a declaring class name of a resource method annotated with Jakarta REST endpoint defining annotations. + * Should only be set when the name is different to {@link #getActualDeclaringClassName()}. + * + * @param classDeclMethodThatHasJaxRsEndpointDefiningAnn class name + */ + public void setClassDeclMethodThatHasJaxRsEndpointDefiningAnn(String classDeclMethodThatHasJaxRsEndpointDefiningAnn) { + this.classDeclMethodThatHasJaxRsEndpointDefiningAnn = classDeclMethodThatHasJaxRsEndpointDefiningAnn; + } } diff --git a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/spi/ResteasyReactiveResourceInfo.java b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/spi/ResteasyReactiveResourceInfo.java index 014668cab4ebe..b370a8cf5a309 100644 --- a/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/spi/ResteasyReactiveResourceInfo.java +++ b/independent-projects/resteasy-reactive/server/runtime/src/main/java/org/jboss/resteasy/reactive/server/spi/ResteasyReactiveResourceInfo.java @@ -132,6 +132,11 @@ public String getMethodId() { return methodId; } + /** + * @return declaring class of a method that returns endpoint response + * @deprecated if you need the method, please open an issue so that we can document and test your use case + */ + @Deprecated public String getActualDeclaringClassName() { return actualDeclaringClassName; }