Java: add test for qhelp good example

java/ql/test/query-tests/security/CWE-016/SpringBootActuatorsTest.java

@@ -271,4 +271,11 @@ public class SpringBootActuatorsTest {
 		http.securityMatcher(EndpointRequest.toAnyEndpoint());
 		http.authorizeHttpRequests((requests) -> requests.anyRequest().permitAll()); // $ hasExposedSpringBootActuator
 	}
+
+  // QHelp Good example
+  protected void configureQhelpGood(HttpSecurity http) throws Exception {
+    // GOOD: only users with ENDPOINT_ADMIN role are allowed to access the actuator endpoints
+    http.requestMatcher(EndpointRequest.toAnyEndpoint()).authorizeRequests((requests) ->
+        requests.anyRequest().hasRole("ENDPOINT_ADMIN"));
+  }
 }

java/ql/test/stubs/springframework-5.3.8/org/springframework/security/config/annotation/web/configurers/AuthorizeHttpRequestsConfigurer.java

@@ -14,5 +14,9 @@ public final class AuthorizeHttpRequestsConfigurer<H extends HttpSecurityBuilder
 		public AuthorizationManagerRequestMatcherRegistry permitAll() {
 			return null;
 		}
+
+		public AuthorizationManagerRequestMatcherRegistry hasRole(String role) {
+			return null;
+		}
 	}
 }

java/ql/test/stubs/springframework-5.3.8/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java

@@ -12,5 +12,9 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
 		public ExpressionInterceptUrlRegistry permitAll() {
 			return null;
 		}
+
+		public ExpressionInterceptUrlRegistry hasRole(String role) {
+			return null;
+		}
 	}
 }