define AuthorizationCollector as extension point with multiple implmentations

scm-webapp/src/test/java/sonia/scm/repository/DefaultRepositoryManagerPerfTest.java

@@ -205,7 +205,7 @@ private long calculateAverage(List<Long> times) {
     
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
-      return authzCollector.collect();
+      return authzCollector.collect(principals);
     }
     
   }

scm-webapp/src/test/java/sonia/scm/security/DefaultRealmTest.java

@@ -71,7 +71,11 @@ import static org.mockito.Mockito.*;
 
 //~--- JDK imports ------------------------------------------------------------
 
+import java.util.Collections;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
+
 import org.apache.shiro.authz.AuthorizationInfo;
 import org.apache.shiro.authz.Permission;
 import org.apache.shiro.authz.SimpleAuthorizationInfo;
@@ -132,6 +136,36 @@ public class DefaultRealmTest
     assertThat(realmsAutz.getStringPermissions(), Matchers.contains("repository:*"));
   }
 
+  @Test
+  public void testGetAuthorizationInfoWithMultipleAuthorizationCollectors(){
+    SimplePrincipalCollection col = new SimplePrincipalCollection();
+    col.add(Scope.empty(), DefaultRealm.REALM);
+
+    SimpleAuthorizationInfo collectedFromDefault = new SimpleAuthorizationInfo();
+    collectedFromDefault.addStringPermission("repository:*");
+    when(collector.collect(col)).thenReturn(collectedFromDefault);
+
+    SimpleAuthorizationInfo collectedFromSecond = new SimpleAuthorizationInfo();
+    collectedFromSecond.addStringPermission("user:*");
+    collectedFromSecond.addRole("awesome");
+
+    AuthorizationCollector secondCollector = principalCollection -> collectedFromSecond;
+    authorizationCollectors.add(secondCollector);
+
+    SimpleAuthorizationInfo collectedFromThird = new SimpleAuthorizationInfo();
+    Permission permission = p -> false;
+    collectedFromThird.addObjectPermission(permission);
+    collectedFromThird.addRole("awesome");
+
+    AuthorizationCollector thirdCollector = principalCollection -> collectedFromThird;
+    authorizationCollectors.add(thirdCollector);
+
+    AuthorizationInfo realmsAuthz = realm.doGetAuthorizationInfo(col);
+    assertThat(realmsAuthz.getObjectPermissions(), contains(permission));
+    assertThat(realmsAuthz.getStringPermissions(), containsInAnyOrder("repository:*", "user:*"));
+    assertThat(realmsAuthz.getRoles(), Matchers.contains("awesome"));
+  }
+
   /**
    * Tests {@link DefaultRealm#doGetAuthorizationInfo(PrincipalCollection)} with empty scope.
    */  
@@ -284,7 +318,11 @@ public class DefaultRealmTest
     // use a small number of iterations for faster test execution
     hashService.setHashIterations(512);
     service.setHashService(hashService);
-    realm = new DefaultRealm(service, collector, helperFactory);
+
+    authorizationCollectors = new HashSet<>();
+    authorizationCollectors.add(collector);
+
+    realm = new DefaultRealm(service, authorizationCollectors, helperFactory);
     
     // set permission resolver
     realm.setPermissionResolver(new WildcardPermissionResolver());
@@ -358,6 +396,8 @@ public class DefaultRealmTest
   @Mock
   private DefaultAuthorizationCollector collector;
 
+  private Set<AuthorizationCollector> authorizationCollectors;
+
   @Mock
   private LoginAttemptHandler loginAttemptHandler;