• Home
• org.springframework.security
• spring-security-core
• 5.8.8
• source code
• AuthorizationManagers.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.springframework.security.authorization.AuthorizationManagers Maven / Gradle / Ivy

/*
 * Copyright 2002-2022 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.security.authorization;

import java.util.ArrayList;
import java.util.List;

/**
 * A factory class to create an {@link AuthorizationManager} instances.
 *
 * @author Evgeniy Cheban
 * @since 5.8
 */
public final class AuthorizationManagers {

	/**
	 * Creates an {@link AuthorizationManager} that grants access if at least one
	 * {@link AuthorizationManager} granted or abstained, if managers are
	 * empty then denied decision is returned.
	 * @param  the type of object that is being authorized
	 * @param managers the {@link AuthorizationManager}s to use
	 * @return the {@link AuthorizationManager} to use
	 */
	@SafeVarargs
	public static  AuthorizationManager anyOf(AuthorizationManager... managers) {
		return (authentication, object) -> {
			List decisions = new ArrayList<>();
			for (AuthorizationManager manager : managers) {
				AuthorizationDecision decision = manager.check(authentication, object);
				if (decision == null) {
					continue;
				}
				if (decision.isGranted()) {
					return decision;
				}
				decisions.add(decision);
			}
			if (decisions.isEmpty()) {
				return new AuthorizationDecision(false);
			}
			return new CompositeAuthorizationDecision(false, decisions);
		};
	}

	/**
	 * Creates an {@link AuthorizationManager} that grants access if all
	 * {@link AuthorizationManager}s granted or abstained, if managers are
	 * empty then granted decision is returned.
	 * @param  the type of object that is being authorized
	 * @param managers the {@link AuthorizationManager}s to use
	 * @return the {@link AuthorizationManager} to use
	 */
	@SafeVarargs
	public static  AuthorizationManager allOf(AuthorizationManager... managers) {
		return (authentication, object) -> {
			List decisions = new ArrayList<>();
			for (AuthorizationManager manager : managers) {
				AuthorizationDecision decision = manager.check(authentication, object);
				if (decision == null) {
					continue;
				}
				if (!decision.isGranted()) {
					return decision;
				}
				decisions.add(decision);
			}
			if (decisions.isEmpty()) {
				return new AuthorizationDecision(true);
			}
			return new CompositeAuthorizationDecision(true, decisions);
		};
	}

	private AuthorizationManagers() {
	}

	private static final class CompositeAuthorizationDecision extends AuthorizationDecision {

		private final List decisions;

		private CompositeAuthorizationDecision(boolean granted, List decisions) {
			super(granted);
			this.decisions = decisions;
		}

		@Override
		public String toString() {
			return "CompositeAuthorizationDecision [decisions=" + this.decisions + ']';
		}

	}

}