spring-security/samples/tutorial-xml/src/main/java/bigbank/BankService.java

package bigbank;

import org.springframework.security.access.prepost.PreAuthorize;


public interface BankService {

    public Account readAccount(Long id);

    public Account[] findAccounts();

    @PreAuthorize(
            "hasRole('supervisor') or " +
            "hasRole('teller') and (#account.balance + #amount >= -#account.overdraft)" )
    public Account post(Account account, double amount);
}
Enhance sample to show method authorization. 2007-12-14 02:27:48 +00:00			`package bigbank;`

SEC-1158: Decoupling of Pre/Post annotations implementation from Spring EL. 2009-05-11 05:18:20 +00:00			`import org.springframework.security.access.prepost.PreAuthorize;`
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces 2008-10-30 04:10:54 +00:00
Enhance sample to show method authorization. 2007-12-14 02:27:48 +00:00
			`public interface BankService {`
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces 2008-10-30 04:10:54 +00:00
			`public Account readAccount(Long id);`

			`public Account[] findAccounts();`

			`@PreAuthorize(`
SEC-1650: Updates and corrections to tutorial sample to fit better with new tutorial. 2011-05-03 22:23:55 +01:00			`"hasRole('supervisor') or " +`
			`"hasRole('teller') and (#account.balance + #amount >= -#account.overdraft)" )`
SEC-1013: Refactored out use of ConfigAttributeDefinition from remaining interfaces 2008-10-30 04:10:54 +00:00			`public Account post(Account account, double amount);`
Enhance sample to show method authorization. 2007-12-14 02:27:48 +00:00			`}`