From 20def5e25d82444053b21fb1057a0c24cd72910d Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Tue, 12 Jul 2022 14:29:30 -0600 Subject: [PATCH] Consolidate ExpressionAuthorizationDecision Issue gh-11493 --- ...ressionAttributeAuthorizationDecision.java | 4 ++ .../PostAuthorizeAuthorizationManager.java | 3 +- .../PreAuthorizeAuthorizationManager.java | 3 +- .../ExpressionAuthorizationDecision.java | 55 ------------------- .../WebExpressionAuthorizationManager.java | 1 + 5 files changed, 9 insertions(+), 57 deletions(-) delete mode 100644 web/src/main/java/org/springframework/security/web/access/expression/ExpressionAuthorizationDecision.java diff --git a/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java b/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java index f43d20fc67..834910879c 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java +++ b/core/src/main/java/org/springframework/security/authorization/method/ExpressionAttributeAuthorizationDecision.java @@ -23,7 +23,11 @@ import org.springframework.security.authorization.AuthorizationDecision; * * @author Marcus Da Coregio * @since 5.6 + * @deprecated Use + * {@link org.springframework.security.authorization.ExpressionAuthorizationDecision} + * instead */ +@Deprecated public class ExpressionAttributeAuthorizationDecision extends AuthorizationDecision { private final ExpressionAttribute expressionAttribute; diff --git a/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManager.java index 3d605f0853..b27e53e4ce 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManager.java +++ b/core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManager.java @@ -31,6 +31,7 @@ import org.springframework.security.access.expression.method.MethodSecurityExpre import org.springframework.security.access.prepost.PostAuthorize; import org.springframework.security.authorization.AuthorizationDecision; import org.springframework.security.authorization.AuthorizationManager; +import org.springframework.security.authorization.ExpressionAuthorizationDecision; import org.springframework.security.core.Authentication; import org.springframework.util.Assert; @@ -76,7 +77,7 @@ public final class PostAuthorizeAuthorizationManager implements AuthorizationMan mi.getMethodInvocation()); this.expressionHandler.setReturnObject(mi.getResult(), ctx); boolean granted = ExpressionUtils.evaluateAsBoolean(attribute.getExpression(), ctx); - return new ExpressionAttributeAuthorizationDecision(granted, attribute); + return new ExpressionAuthorizationDecision(granted, attribute.getExpression()); } private final class PostAuthorizeExpressionAttributeRegistry diff --git a/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManager.java b/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManager.java index cbf861a2bb..5b048e89ba 100644 --- a/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManager.java +++ b/core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManager.java @@ -31,6 +31,7 @@ import org.springframework.security.access.expression.method.MethodSecurityExpre import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.authorization.AuthorizationDecision; import org.springframework.security.authorization.AuthorizationManager; +import org.springframework.security.authorization.ExpressionAuthorizationDecision; import org.springframework.security.core.Authentication; import org.springframework.util.Assert; @@ -74,7 +75,7 @@ public final class PreAuthorizeAuthorizationManager implements AuthorizationMana } EvaluationContext ctx = this.expressionHandler.createEvaluationContext(authentication, mi); boolean granted = ExpressionUtils.evaluateAsBoolean(attribute.getExpression(), ctx); - return new ExpressionAttributeAuthorizationDecision(granted, attribute); + return new ExpressionAuthorizationDecision(granted, attribute.getExpression()); } private final class PreAuthorizeExpressionAttributeRegistry diff --git a/web/src/main/java/org/springframework/security/web/access/expression/ExpressionAuthorizationDecision.java b/web/src/main/java/org/springframework/security/web/access/expression/ExpressionAuthorizationDecision.java deleted file mode 100644 index 7095899d29..0000000000 --- a/web/src/main/java/org/springframework/security/web/access/expression/ExpressionAuthorizationDecision.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright 2002-2022 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * https://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.springframework.security.web.access.expression; - -import org.springframework.expression.Expression; -import org.springframework.security.authorization.AuthorizationDecision; - -/** - * An expression-based {@link AuthorizationDecision}. - * - * @author Evgeniy Cheban - * @since 5.8 - */ -public final class ExpressionAuthorizationDecision extends AuthorizationDecision { - - private final Expression expression; - - /** - * Creates an instance. - * @param granted the decision to use - * @param expression the {@link Expression} to use - */ - public ExpressionAuthorizationDecision(boolean granted, Expression expression) { - super(granted); - this.expression = expression; - } - - /** - * Returns the {@link Expression}. - * @return the {@link Expression} to use - */ - public Expression getExpression() { - return this.expression; - } - - @Override - public String toString() { - return "ExpressionAuthorizationDecision[granted=" + isGranted() + ", expression='" + this.expression + "']"; - } - -} diff --git a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionAuthorizationManager.java b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionAuthorizationManager.java index 8b9ed3c402..fbe51e789c 100644 --- a/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionAuthorizationManager.java +++ b/web/src/main/java/org/springframework/security/web/access/expression/WebExpressionAuthorizationManager.java @@ -24,6 +24,7 @@ import org.springframework.security.access.expression.ExpressionUtils; import org.springframework.security.access.expression.SecurityExpressionHandler; import org.springframework.security.authorization.AuthorizationDecision; import org.springframework.security.authorization.AuthorizationManager; +import org.springframework.security.authorization.ExpressionAuthorizationDecision; import org.springframework.security.core.Authentication; import org.springframework.security.web.access.intercept.RequestAuthorizationContext; import org.springframework.util.Assert;