iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source
This commit is contained in:
Alex Theedom 2016-07-31 10:49:46 +01:00
commit 6f2ccdf187
6 changed files with 85 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
spring-security-custom-permission/src/main/java/org/baeldung/persistence/model/User.java
View File

@ -1,8 +1,5 @@
package org.baeldung.persistence.model; package org.baeldung.persistence.model;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Set; import java.util.Set;
import javax.persistence.Column; import javax.persistence.Column;
@ -16,14 +13,8 @@ import javax.persistence.JoinTable;
import javax.persistence.ManyToMany; import javax.persistence.ManyToMany;
import javax.persistence.ManyToOne; import javax.persistence.ManyToOne;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
@Entity @Entity
public class User implements UserDetails { public class User {
private static final long serialVersionUID = 1L;
@Id @Id
@GeneratedValue(strategy = GenerationType.AUTO) @GeneratedValue(strategy = GenerationType.AUTO)
@ -57,7 +48,6 @@ public class User implements UserDetails {
this.id = id; this.id = id;
} }
@Override
public String getUsername() { public String getUsername() {
return username; return username;
} }
@ -66,7 +56,6 @@ public class User implements UserDetails {
this.username = username; this.username = username;
} }
@Override
public String getPassword() { public String getPassword() {
return password; return password;
} }
@ -93,37 +82,6 @@ public class User implements UserDetails {
// //
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
final List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (final Privilege privilege : this.getPrivileges()) {
authorities.add(new SimpleGrantedAuthority(privilege.getName()));
}
return authorities;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
//
@Override @Override
public String toString() { public String toString() {
final StringBuilder builder = new StringBuilder(); final StringBuilder builder = new StringBuilder();

2
spring-security-custom-permission/src/main/java/org/baeldung/security/CustomMethodSecurityExpressionRoot.java
View File

@ -16,7 +16,7 @@ public class CustomMethodSecurityExpressionRoot extends SecurityExpressionRoot i
// //
public boolean isMember(Long OrganizationId) { public boolean isMember(Long OrganizationId) {
final User user = (User) this.getPrincipal(); final User user = ((MyUserPrincipal) this.getPrincipal()).getUser();
return user.getOrganization().getId().longValue() == OrganizationId.longValue(); return user.getOrganization().getId().longValue() == OrganizationId.longValue();
} }

16
spring-security-custom-permission/src/main/java/org/baeldung/security/MySecurityExpressionRoot.java
View File

@ -47,6 +47,14 @@ public class MySecurityExpressionRoot implements MethodSecurityExpressionOperati
throw new RuntimeException("method hasAuthority() not allowed"); throw new RuntimeException("method hasAuthority() not allowed");
} }
//
public boolean isMember(Long OrganizationId) {
final User user = ((MyUserPrincipal) this.getPrincipal()).getUser();
return user.getOrganization().getId().longValue() == OrganizationId.longValue();
}
//
@Override @Override
public final boolean hasAnyAuthority(String... authorities) { public final boolean hasAnyAuthority(String... authorities) {
return hasAnyAuthorityName(null, authorities); return hasAnyAuthorityName(null, authorities);
@ -168,14 +176,6 @@ public class MySecurityExpressionRoot implements MethodSecurityExpressionOperati
return defaultRolePrefix + role; return defaultRolePrefix + role;
} }
//
public boolean isMember(Long OrganizationId) {
final User user = (User) this.getPrincipal();
return user.getOrganization().getId().longValue() == OrganizationId.longValue();
}
//
@Override @Override
public Object getFilterObject() { public Object getFilterObject() {
return this.filterObject; return this.filterObject;

2
spring-security-custom-permission/src/main/java/org/baeldung/security/MyUserDetailsService.java
View File

@ -26,6 +26,6 @@ public class MyUserDetailsService implements UserDetailsService {
if (user == null) { if (user == null) {
throw new UsernameNotFoundException(username); throw new UsernameNotFoundException(username);
} }
return user; return new MyUserPrincipal(user);
} }
} }

72
spring-security-custom-permission/src/main/java/org/baeldung/security/MyUserPrincipal.java Normal file
View File

@ -0,0 +1,72 @@
package org.baeldung.security;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.baeldung.persistence.model.Privilege;
import org.baeldung.persistence.model.User;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
public class MyUserPrincipal implements UserDetails {
private static final long serialVersionUID = 1L;
private final User user;
//
public MyUserPrincipal(User user) {
this.user = user;
}
//
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
final List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
for (final Privilege privilege : user.getPrivileges()) {
authorities.add(new SimpleGrantedAuthority(privilege.getName()));
}
return authorities;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
//
public User getUser() {
return user;
}
}

4
spring-security-custom-permission/src/main/java/org/baeldung/web/MainController.java
View File

@ -5,7 +5,6 @@ import org.baeldung.persistence.model.Foo;
import org.baeldung.persistence.model.Organization; import org.baeldung.persistence.model.Organization;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PathVariable;
@ -22,7 +21,8 @@ public class MainController {
@Autowired @Autowired
private OrganizationRepository organizationRepository; private OrganizationRepository organizationRepository;
@PostAuthorize("hasPermission(returnObject, 'read')") // @PostAuthorize("hasPermission(returnObject, 'read')")
@PreAuthorize("hasPermission(#id, 'Foo', 'read')")
@RequestMapping(method = RequestMethod.GET, value = "/foos/{id}") @RequestMapping(method = RequestMethod.GET, value = "/foos/{id}")
@ResponseBody @ResponseBody
public Foo findById(@PathVariable final long id) { public Foo findById(@PathVariable final long id) {