Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clarify usage of hasAnyRole and hasAnyAuthority

This commit is contained in:
Kristine Jetzke 2019-10-31 22:06:44 +01:00 committed by Eleftheria Stein-Kousathana
parent 9f6a36444a
commit 97fd3d7c84
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/manual/src/docs/asciidoc/_includes/servlet/authorization/expression-based.adoc
View File

@ -21,22 +21,32 @@ This provides some common expressions which are available in both web and method
|=== |===
| Expression | Description | Expression | Description
| `hasRole([role])` | `hasRole(String role)`
| Returns `true` if the current principal has the specified role. | Returns `true` if the current principal has the specified role.
For example, `hasRole('admin')`
By default if the supplied role does not start with 'ROLE_' it will be added. By default if the supplied role does not start with 'ROLE_' it will be added.
This can be customized by modifying the `defaultRolePrefix` on `DefaultWebSecurityExpressionHandler`. This can be customized by modifying the `defaultRolePrefix` on `DefaultWebSecurityExpressionHandler`.
| `hasAnyRole([role1,role2])` | `hasAnyRole(String... roles)`
| Returns `true` if the current principal has any of the supplied roles (given as a comma-separated list of strings). | Returns `true` if the current principal has any of the supplied roles (given as a comma-separated list of strings).
For example, `hasAnyRole('admin', 'user')`
By default if the supplied role does not start with 'ROLE_' it will be added. By default if the supplied role does not start with 'ROLE_' it will be added.
This can be customized by modifying the `defaultRolePrefix` on `DefaultWebSecurityExpressionHandler`. This can be customized by modifying the `defaultRolePrefix` on `DefaultWebSecurityExpressionHandler`.
| `hasAuthority([authority])` | `hasAuthority(String authority)`
| Returns `true` if the current principal has the specified authority. | Returns `true` if the current principal has the specified authority.
| `hasAnyAuthority([authority1,authority2])` For example, `hasAuthority('read')`
| `hasAnyAuthority(String... authorities)`
| Returns `true` if the current principal has any of the supplied authorities (given as a comma-separated list of strings) | Returns `true` if the current principal has any of the supplied authorities (given as a comma-separated list of strings)
For example, `hasAnyAuthority('read', 'write')`
| `principal` | `principal`
| Allows direct access to the principal object representing the current user | Allows direct access to the principal object representing the current user