org.springframework.security.access.prepost.PreFilter Java Examples

The following examples show how to use org.springframework.security.access.prepost.PreFilter. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: SampleController.java    From tutorial with MIT License 5 votes vote down vote up 
/**
 * PreFilter/PostFilter这2个注解的作用是过滤参数/返回值的;PreFilter会按照注解参数设定,只保留符合规则的参数传给方法;
 * PostFilter则把方法返回值再次过滤,只保留符合规则的返回给客户端。
 * 例如下面的例子,PreFilter会过滤掉客户端传递过来的参数中所有不以a开头的字符串;而PostFilter则过滤掉返回数据中所有不以b结尾的字符串。
 * 执行时,客户端传递的字符串数组,只有以a开头的会被打印,并且只有以a开头并以b结尾的字符串才可以被返回给客户端;
 * PreFilter/PostFilter也和PreAuthorize/PostAuthorize一样必须用@EnableGlobalMethodSecurity(prePostEnabled = true打开才能用。
 */
@PostMapping("/children")
@PreFilter(filterTarget="list", value="filterObject.startsWith('a')")
@PostFilter("filterObject.endsWith('b')")
public List<String> echo(@RequestBody List<String> list){
    if(log.isTraceEnabled()) {
        log.trace("echo ... list.size()= " + list.size());
        for(String s : list) {
            log.trace("  " + s );
        }
    }
    return list;
}
Example #2
Source File: AuthorityRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('AUTHORITY_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('AUTHORITY_WRITE'))")
<S extends Authority> Iterable<S> save(Iterable<S> authorities);
Example #3
Source File: TaskService.java    From tutorials with MIT License 4 votes vote down vote up 
@PreFilter("hasRole('MANAGER') or filterObject.assignee == authentication.name")
public Iterable<Task> save(Iterable<Task> entities) {
    return taskRepository.saveAll(entities);
}
Example #4
Source File: UserRoleService.java    From tutorials with MIT License 4 votes vote down vote up 
@PreFilter(value = "filterObject != authentication.principal.username", filterTarget = "usernames")
public String joinUsernamesAndRoles(List<String> usernames, List<String> roles) {
    return usernames.stream().collect(Collectors.joining(";")) + ":" + roles.stream().collect(Collectors.joining(";"));
}
Example #5
Source File: UserRoleService.java    From tutorials with MIT License 4 votes vote down vote up 
@PreFilter("filterObject != authentication.principal.username")
public String joinUsernames(List<String> usernames) {
    return usernames.stream().collect(Collectors.joining(";"));
}
Example #6
Source File: DashboardRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('DASHBOARD_DELETE')")
void delete(Iterable<? extends Dashboard> dashboards);
Example #7
Source File: DashboardRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('DASHBOARD_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('DASHBOARD_WRITE'))")
<S extends Dashboard> Iterable<S> save(Iterable<S> dashboards);
Example #8
Source File: DashboardBoxTypeRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('DASHBOARD_BOX_TYPE_DELETE')")
void delete(Iterable<? extends DashboardBoxType> dashboardBoxTypes);
Example #9
Source File: DashboardBoxTypeRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('DASHBOARD_BOX_TYPE_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('DASHBOARD_BOX_TYPE_WRITE'))")
<S extends DashboardBoxType> Iterable<S> save(Iterable<S> dashboardBoxTypes);
Example #10
Source File: DashboardBoxRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('DASHBOARD_BOX_DELETE')")
void delete(Iterable<? extends DashboardBox> dashboardBoxes);
Example #11
Source File: DashboardBoxRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('DASHBOARD_BOX_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('DASHBOARD_BOX_WRITE'))")
<S extends DashboardBox> Iterable<S> save(Iterable<S> dashboardBoxes);
Example #12
Source File: UserRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or (hasRole('ADMIN_USER') and hasAuthority('ADMIN_USER_DELETE'))")
void delete(Iterable<? extends User> users);
Example #13
Source File: UserRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasRole('ADMIN_USER') and hasAuthority('ADMIN_USER_CREATE')) or " +
        "(!(filterObject.id == null) and hasRole('ADMIN_USER') and hasAuthority('ADMIN_USER_WRITE'))")
<S extends User> Iterable<S> save(Iterable<S> users);
Example #14
Source File: AuthorityRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('AUTHORITY_DELETE')")
void delete(Iterable<? extends Authority> authorities);
Example #15
Source File: RoleRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('ADMIN_USER_ROLE_DELETE')")
void delete(Iterable<? extends Role> roles);
Example #16
Source File: RoleRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('ADMIN_USER_ROLE_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('ADMIN_USER_ROLE_WRITE'))")
<S extends Role> Iterable<S> save(Iterable<S> entities);
Example #17
Source File: GroupRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('GROUP_DELETE')")
void delete(Iterable<? extends Group> groups);
Example #18
Source File: GroupRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('GROUP_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('GROUP_WRITE'))")
<S extends Group> Iterable<S> save(Iterable<S> groups);
Example #19
Source File: UserRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or (hasRole('ADMIN_USER') and hasAuthority('CUSTOMER_USER_DELETE'))")
void delete(Iterable<? extends User> users);
Example #20
Source File: UserRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasRole('ADMIN_USER') and hasAuthority('CUSTOMER_USER_CREATE')) or " +
        "(!(filterObject.id == null) and hasRole('ADMIN_USER') and hasAuthority('CUSTOMER_USER_WRITE'))")
<S extends User> Iterable<S> save(Iterable<S> entities);
Example #21
Source File: ContactRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('CONTACT_DELETE')")
void delete(Iterable<? extends Contact> contacts);
Example #22
Source File: ContactRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('CONTACT_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('CONTACT_WRITE'))")
<S extends Contact> Iterable<S> save(Iterable<S> entities);
Example #23
Source File: CustomerRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or ((filterObject.id == null) and hasAuthority('CUSTOMER_CREATE')) or " +
        "(!(filterObject.id == null) and hasAuthority('CUSTOMER_WRITE'))")
<S extends Customer> Iterable<S> save(Iterable<S> customers);
Example #24
Source File: CustomerRepository.java    From SMSC with Apache License 2.0 4 votes vote down vote up 
@Override
@Transactional
@PreFilter("hasRole('POWER_ADMIN_USER') or hasAuthority('CUSTOMER_DELETE')")
void delete(Iterable<? extends Customer> customers);
Example #25
Source File: OverAnnotatedService.java    From Spring-Boot-2-Fundamentals with MIT License 4 votes vote down vote up 
@PreFilter("filterObject.content.length() < 240 or hasRole('ADMIN')")
@PostFilter("filterObject.author.name == authentication.name")
public List<ShortMessage> saveAndReturnAll(List<ShortMessage> posts) {
    return posts;
}