org.springframework.security.access.expression.SecurityExpressionOperations Java Examples

The following examples show how to use org.springframework.security.access.expression.SecurityExpressionOperations. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: AuthAspect.java    From microservice-integration with MIT License 6 votes vote down vote up 
/**
 * 定制一个环绕通知
 * 当想获得注解里面的属性,可以直接注入改注解
 *
 * @param joinPoint
 * @param preAuth
 */
@Around("cut()&&@annotation(preAuth)")
public Object record(ProceedingJoinPoint joinPoint, PreAuth preAuth) throws Throwable {

    String value = preAuth.value();

    SecurityContextHolder.getContext();
    //Spring EL 对value进行解析
    SecurityExpressionOperations operations = new CustomerSecurityExpressionRoot(SecurityContextHolder.getContext().getAuthentication());
    StandardEvaluationContext operationContext = new StandardEvaluationContext(operations);
    ExpressionParser parser = new SpelExpressionParser();
    Expression expression = parser.parseExpression(value);
    boolean result = expression.getValue(operationContext, boolean.class);
    if (result) {
        return joinPoint.proceed();
    }

    return "Forbidden";
}
Example #2
Source File: RbacWebSecurityExpressionHandler.java    From spring-backend-boilerplate with Apache License 2.0 5 votes vote down vote up 
@Override
public SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication,
																 FilterInvocation fi) {
	RbacWebSecurityExpressionRoot root = new RbacWebSecurityExpressionRoot(authentication,
																		   fi,
																		   permissionService,
																		   resourceService);
	root.setPermissionEvaluator(getPermissionEvaluator());
	root.setRoleHierarchy(getRoleHierarchy());
	return root;
}
Example #3
Source File: DefaultServerWebExchangeExpressionHandler.java    From spring-security-reactive with Apache License 2.0 5 votes vote down vote up 
@Override
protected SecurityExpressionOperations createSecurityExpressionRoot(Authentication authentication,
		ServerWebExchange invocation) {
	SecurityExpressionRoot root = new SecurityExpressionRoot(authentication) {};
	root.setPermissionEvaluator(getPermissionEvaluator());
	root.setTrustResolver(trustResolver);
	root.setRoleHierarchy(getRoleHierarchy());
	root.setDefaultRolePrefix(defaultRolePrefix);
	return root;
}