Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager

Closes gh-11188
This commit is contained in:
Evgeniy Cheban 2022-05-09 03:37:06 +03:00 committed by Josh Cummings
parent dc2bd2b4f8
commit dbd96a9e3f
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
1 changed files with 15 additions and 7 deletions

View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2021 the original author or authors. * Copyright 2002-2022 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -17,6 +17,7 @@
package org.springframework.security.authorization; package org.springframework.security.authorization;
import java.util.HashSet; import java.util.HashSet;
import java.util.List;
import java.util.Set; import java.util.Set;
import java.util.function.Supplier; import java.util.function.Supplier;
@ -37,10 +38,10 @@ public final class AuthorityAuthorizationManager<T> implements AuthorizationMana
private static final String ROLE_PREFIX = "ROLE_"; private static final String ROLE_PREFIX = "ROLE_";
private final Set<GrantedAuthority> authorities; private final List<GrantedAuthority> authorities;
private AuthorityAuthorizationManager(String... authorities) { private AuthorityAuthorizationManager(String... authorities) {
this.authorities = new HashSet<>(AuthorityUtils.createAuthorityList(authorities)); this.authorities = AuthorityUtils.createAuthorityList(authorities);
} }
/** /**
@ -132,16 +133,23 @@ public final class AuthorityAuthorizationManager<T> implements AuthorizationMana
} }
private boolean isAuthorized(Authentication authentication) { private boolean isAuthorized(Authentication authentication) {
Set<String> authorities = getAuthoritySet();
for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) { for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
for (GrantedAuthority authority : this.authorities) { if (authorities.contains(grantedAuthority.getAuthority())) {
if (authority.getAuthority().equals(grantedAuthority.getAuthority())) {
return true; return true;
} }
} }
}
return false; return false;
} }
private Set<String> getAuthoritySet() {
Set<String> result = new HashSet<>();
for (GrantedAuthority grantedAuthority : this.authorities) {
result.add(grantedAuthority.getAuthority());
}
return result;
}
@Override @Override
public String toString() { public String toString() {
return "AuthorityAuthorizationManager[authorities=" + this.authorities + "]"; return "AuthorityAuthorizationManager[authorities=" + this.authorities + "]";