Created
October 25, 2024 15:02
-
-
Save Bludwarf/7626eb819142ddbd10e367d7e348a8f9 to your computer and use it in GitHub Desktop.
CustomMethodSecurityExpressionHandler
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class CustomMethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler { | |
| private final AuthenticationTrustResolver trustResolver = new AuthenticationTrustResolverImpl(); | |
| @Override | |
| protected MethodSecurityExpressionOperations createSecurityExpressionRoot( | |
| Authentication authentication, MethodInvocation invocation) { | |
| val root = new CustomMethodSecurityExpressionRoot(authentication); | |
| root.setPermissionEvaluator(getPermissionEvaluator()); | |
| root.setTrustResolver(trustResolver); | |
| root.setRoleHierarchy(getRoleHierarchy()); | |
| return root; | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class CustomMethodSecurityExpressionRoot extends SecurityExpressionRoot implements MethodSecurityExpressionOperations { | |
| private Object filterObject; | |
| private Object returnObject; | |
| public CustomMethodSecurityExpressionRoot(Authentication authentication) { | |
| super(authentication); | |
| } | |
| /** | |
| * @param code code de la fonctionnalité | |
| * @return L'utilisateur a accès à la fonctionnalité <i>code</i>, quelque-soit le type de droit (READ ou WRITE) ? | |
| */ | |
| public boolean hasFunctionality(String code) { | |
| if (StringUtils.isBlank(code)) { | |
| return false; | |
| } | |
| val authorityPrefix = code + ";"; | |
| return getAuthentication().getAuthorities().stream().anyMatch(authority -> authority.getAuthority().startsWith(authorityPrefix)); | |
| } | |
| @Override | |
| public void setFilterObject(Object filterObject) { | |
| this.filterObject = filterObject; | |
| } | |
| @Override | |
| public Object getFilterObject() { | |
| return filterObject; | |
| } | |
| @Override | |
| public void setReturnObject(Object returnObject) { | |
| this.returnObject = returnObject; | |
| } | |
| @Override | |
| public Object getReturnObject() { | |
| return returnObject; | |
| } | |
| @Override | |
| public Object getThis() { | |
| return this; | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @EnableWebSecurity | |
| @EnableGlobalMethodSecurity(prePostEnabled = true) | |
| public class WebSecurityConfig { | |
| // static : https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#customizing-expression-handling | |
| @Bean | |
| static CustomMethodSecurityExpressionHandler customMethodSecurityExpressionHandler() { | |
| return new CustomMethodSecurityExpressionHandler(); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Sources :