mikaelhg · May 4, 2022 06:49
diff --git a/Demo.java b/Demo.java

 @Service
 class FooService {
    @Inject FooDao dao;
    
    @Scheduled(fixedRate = 600000L, initialDelay = 60000L)
    public void periodicalTask() throws IOException {
        RunAs.runAsAdmin(() -> {
            dao.save(new Foo(...));
        });
    }
 }


 @RepositoryRestResource(path = "notices")
 public interface FooDao extends JpaRepository<Foo, String> {

    @Override
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    <S extends Foo> S save(S entity);
    
 }
diff --git a/RunAs.java b/RunAs.java
 package io.mikael;

 import com.google.common.collect.ImmutableList;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;

 public class RunAs {

    @FunctionalInterface
    public interface RunAsMethod {
        default void run() {
            try {
                runWithException();
            } catch (Exception e) {
                // ignore
            }
        }
        void runWithException() throws Exception;
    }

    public static void runAsAdmin(final RunAsMethod func) {
        final AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("system", "system",
                ImmutableList.of(new SimpleGrantedAuthority("ROLE_ADMIN")));
        final Authentication originalAuthentication = SecurityContextHolder.getContext().getAuthentication();
        SecurityContextHolder.getContext().setAuthentication(token);
        func.run();
        SecurityContextHolder.getContext().setAuthentication(originalAuthentication);
    }

 }

	@Service
	class FooService {
	@Inject FooDao dao;

	@Scheduled(fixedRate = 600000L, initialDelay = 60000L)
	public void periodicalTask() throws IOException {
	RunAs.runAsAdmin(() -> {
	dao.save(new Foo(...));
	});
	}
	}


	@RepositoryRestResource(path = "notices")
	public interface FooDao extends JpaRepository<Foo, String> {

	@Override
	@PreAuthorize("hasRole('ROLE_ADMIN')")
	<S extends Foo> S save(S entity);

	}
	package io.mikael;

	import com.google.common.collect.ImmutableList;
	import org.springframework.security.authentication.AnonymousAuthenticationToken;
	import org.springframework.security.core.Authentication;
	import org.springframework.security.core.authority.SimpleGrantedAuthority;
	import org.springframework.security.core.context.SecurityContextHolder;

	public class RunAs {

	@FunctionalInterface
	public interface RunAsMethod {
	default void run() {
	try {
	runWithException();
	} catch (Exception e) {
	// ignore
	}
	}
	void runWithException() throws Exception;
	}

	public static void runAsAdmin(final RunAsMethod func) {
	final AnonymousAuthenticationToken token = new AnonymousAuthenticationToken("system", "system",
	ImmutableList.of(new SimpleGrantedAuthority("ROLE_ADMIN")));
	final Authentication originalAuthentication = SecurityContextHolder.getContext().getAuthentication();
	SecurityContextHolder.getContext().setAuthentication(token);
	func.run();
	SecurityContextHolder.getContext().setAuthentication(originalAuthentication);
	}

	}