SEC-1023: Add hasPermission() support to SecurityExpressionRoot

http://jira.springframework.org/browse/SEC-1023. PermissionEvaluator interface for use by expressions when evaluating hasPermisson() expressions.

core/src/main/java/org/springframework/security/expression/PermissionEvaluator.java

@@ -0,0 +1,25 @@
+package org.springframework.security.expression;
+
+import org.springframework.security.Authentication;
+
+/**
+ * Strategy used in expression evaluation to determine whether a user has a permission or permissions
+ * for a given domain object.
+ *
+ *
+ * @author Luke Taylor
+ * @version $Id$
+ * @since 2.5
+ */
+public interface PermissionEvaluator {
+    /**
+     *
+     * @param authentication represents the user in question. Should not be null.
+     * @param targetDomainObject the domain object for which permissions should be checked. May be null
+     *          in which case implementations should return false, as the null condition can be checked explicitly
+     *          in the expression.
+     * @param permission a representation of the permission object as supplied by the expression system. Not null.
+     * @return true if the permission is granted, false otherwise
+     */
+    boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission);
+}