All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.camunda.tasklist.webapp.security.CustomMethodSecurityExpressionHandler Maven / Gradle / Ivy

/*
 * Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH under
 * one or more contributor license agreements. See the NOTICE file distributed
 * with this work for additional information regarding copyright ownership.
 * Licensed under the Camunda License 1.0. You may not use this file
 * except in compliance with the Camunda License 1.0.
 */
package io.camunda.tasklist.webapp.security;

import java.util.function.Supplier;
import org.aopalliance.intercept.MethodInvocation;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.expression.EvaluationContext;
import org.springframework.expression.spel.support.StandardEvaluationContext;
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
import org.springframework.security.access.expression.method.MethodSecurityExpressionOperations;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

@Component
public class CustomMethodSecurityExpressionHandler extends DefaultMethodSecurityExpressionHandler {

  // Used to delay construction of UserService bean
  @Autowired BeanFactory beanFactory;

  @Override
  public EvaluationContext createEvaluationContext(
      final Supplier authentication, final MethodInvocation mi) {
    final StandardEvaluationContext context =
        (StandardEvaluationContext) super.createEvaluationContext(authentication, mi);
    context.setRootObject(createSecurityExpressionRoot(authentication.get(), mi));
    return context;
  }

  @Override
  protected MethodSecurityExpressionOperations createSecurityExpressionRoot(
      final Authentication authentication, final MethodInvocation invocation) {
    final CustomSecurityExpressionRoot root = new CustomSecurityExpressionRoot(authentication);
    root.setUserReader(getUserReader());
    root.setThis(invocation.getThis());
    root.setPermissionEvaluator(getPermissionEvaluator());
    root.setTrustResolver(getTrustResolver());
    root.setRoleHierarchy(getRoleHierarchy());
    root.setDefaultRolePrefix(getDefaultRolePrefix());
    return root;
  }

  private UserReader getUserReader() {
    return beanFactory.getBean(UserReader.class);
  }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy