Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update RoleHierarchy Docs 

Closes gh-12766
This commit is contained in:
Josh Cummings 2023-02-24 12:00:35 -07:00
parent f5a4b520d1
commit eac1f846b3
No known key found for this signature in database
GPG Key ID: A306A51F43B8E5A5
1 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
docs/modules/ROOT/pages/servlet/authorization/architecture.adoc
View File

@ -196,22 +196,25 @@ A typical configuration might look like this:
[source,java,role="primary"]
----
@Bean
AccessDecisionVoter hierarchyVoter() {
static RoleHierarchy roleHierarchy() {
RoleHierarchy hierarchy = new RoleHierarchyImpl();
hierarchy.setHierarchy("ROLE_ADMIN > ROLE_STAFF\n" +
"ROLE_STAFF > ROLE_USER\n" +
"ROLE_USER > ROLE_GUEST");
return new RoleHierarchyVoter(hierarchy);
}
// and, if using method security also add
@Bean
static MethodSecurityExpressionHandler methodSecurityExpressionHandler(RoleHierarchy roleHierarchy) {
DefaultMethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();
expressionHandler.setRoleHierarchy(roleHierarchy);
return expressionHandler;
}
----
.Xml
[source,java,role="secondary"]
----
<bean id="roleVoter" class="org.springframework.security.access.vote.RoleHierarchyVoter">
<constructor-arg ref="roleHierarchy" />
</bean>
<bean id="roleHierarchy"
class="org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl">
<property name="hierarchy">
@ -222,6 +225,12 @@ AccessDecisionVoter hierarchyVoter() {
</value>
</property>
</bean>
<!-- and, if using method security also add -->
<bean id="methodSecurityExpressionHandler"
class="org.springframework.security.access.expression.method.MethodSecurityExpressionHandler">
<property ref="roleHierarchy"/>
</bean>
----
====