Updating authorization docs to mention handling of Maps in @PreFilter and @PostFilter annotations
This commit is contained in:
Maksim Mednik
parent
eacd212a5a
commit
b57c2f2821
|
|
@ -304,7 +304,7 @@ To access the return value from a method, use the built-in name `returnObject` i
|
|||
--
|
||||
|
||||
===== Filtering using @PreFilter and @PostFilter
|
||||
As you may already be aware, Spring Security supports filtering of collections and arrays and this can now be achieved using expressions.
|
||||
Spring Security supports filtering of collections, arrays, maps and streams using expressions.
|
||||
This is most commonly performed on the return value of a method.
|
||||
For example:
|
||||
|
||||
|
|
@ -315,8 +315,10 @@ For example:
|
|||
public List<Contact> getAll();
|
||||
----
|
||||
|
||||
When using the `@PostFilter` annotation, Spring Security iterates through the returned collection and removes any elements for which the supplied expression is false.
|
||||
When using the `@PostFilter` annotation, Spring Security iterates through the returned collection or map and removes any elements for which the supplied expression is false.
|
||||
For an array, a new array instance will be returned containing filtered elements.
|
||||
The name `filterObject` refers to the current object in the collection.
|
||||
In case when a map is used it will refer to the current `Map.Entry` object which allows one to use `filterObject.key` or `filterObject.value` in the expresion.
|
||||
You can also filter before the method call, using `@PreFilter`, though this is a less common requirement.
|
||||
The syntax is just the same, but if there is more than one argument which is a collection type then you have to select one by name using the `filterTarget` property of this annotation.
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue