diff --git a/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/data.adoc b/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/data.adoc index 07a1decc3f..f4b78894e0 100644 --- a/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/data.adoc +++ b/docs/manual/src/docs/asciidoc/_includes/servlet/integrations/data.adoc @@ -7,10 +7,11 @@ It is not only useful but necessary to include the user in the queries to suppor [[data-configuration]] === Spring Data & Spring Security Configuration -To use this support, add `org.springframework.security:spring-security-data` dependency and provide a bean of type `SecurityEvaluationContextExtension`. -In Java Configuration, this would look like: +To use this support, add `org.springframework.security:spring-security-data` dependency and provide a bean of type `SecurityEvaluationContextExtension`: -[source,java] +==== +.Java +[source,java,role="primary"] ---- @Bean public SecurityEvaluationContextExtension securityEvaluationContextExtension() { @@ -18,6 +19,16 @@ public SecurityEvaluationContextExtension securityEvaluationContextExtension() { } ---- +.Kotlin +[source,kotlin,role="secondary"] +---- +@Bean +fun securityEvaluationContextExtension(): SecurityEvaluationContextExtension { + return SecurityEvaluationContextExtension() +} +---- +==== + In XML Configuration, this would look like: [source,xml] @@ -31,7 +42,9 @@ In XML Configuration, this would look like: Now Spring Security can be used within your queries. For example: -[source,java] +==== +.Java +[source,java,role="primary"] ---- @Repository public interface MessageRepository extends PagingAndSortingRepository { @@ -40,6 +53,17 @@ public interface MessageRepository extends PagingAndSortingRepository { + @Query("select m from Message m where m.to.id = ?#{ principal?.id }") + fun findInbox(pageable: Pageable): Page +} +---- +==== + This checks to see if the `Authentication.getPrincipal().getId()` is equal to the recipient of the `Message`. Note that this example assumes you have customized the principal to be an Object that has an id property. By exposing the `SecurityEvaluationContextExtension` bean, all of the <> are available within the Query.