本文整理汇总了Java中org.springframework.security.access.prepost.PostAuthorize类的典型用法代码示例。如果您正苦于以下问题:Java PostAuthorize类的具体用法?Java PostAuthorize怎么用?Java PostAuthorize使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
PostAuthorize类属于org.springframework.security.access.prepost包,在下文中一共展示了PostAuthorize类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: testAuthorizationDefined
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@Test
public void testAuthorizationDefined() throws NoSuchMethodException {
assertTrue(PictureController.class.getMethod("getPicture", String.class, String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("latestPicturesMetaByUserLimit", String.class, Integer.class,
Integer.class).isAnnotationPresent(PostFilter.class));
assertTrue(PictureController.class.getMethod("getPictureMeta", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("deletePicture", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("getNext", String.class, String.class).isAnnotationPresent(
PostAuthorize.class));
assertTrue(PictureController.class.getMethod("getNext", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("getPrevious", String.class, String.class).isAnnotationPresent(
PostAuthorize.class));
assertTrue(PictureController.class.getMethod("getPrevious", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
}
开发者ID:cherimojava,项目名称:orchidae,代码行数:20,代码来源:_PictureController.java
示例2: readDataPoint
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
/**
* Reads a data point.
*
* @param id the identifier of the data point to read
* @return a matching data point, if found
*/
// TODO can identifiers be relative, e.g. to a namespace?
// TODO confirm if HEAD handling needs anything additional
// only allow clients with read scope to read a data point
@PreAuthorize("#oauth2.clientHasRole('" + CLIENT_ROLE + "') and #oauth2.hasScope('" + DATA_POINT_READ_SCOPE + "')")
// ensure that the returned data point belongs to the user associated with the access token
@PostAuthorize("returnObject.body == null || returnObject.body.header.userId == principal.username")
@RequestMapping(value = "/dataPoints/{id}", method = {HEAD, GET}, produces = APPLICATION_JSON_VALUE)
public
@ResponseBody
ResponseEntity<DataPoint> readDataPoint(@PathVariable String id) {
Optional<DataPoint> dataPoint = dataPointService.findOne(id);
if (!dataPoint.isPresent()) {
return new ResponseEntity<>(NOT_FOUND);
}
// FIXME test @PostAuthorize
return new ResponseEntity<>(dataPoint.get(), OK);
}
开发者ID:openmhealth,项目名称:omh-dsu-ri,代码行数:27,代码来源:DataPointController.java
示例3: getDefaultForUser
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@PostAuthorize("hasPermission(returnObject,'read')")
public SmartSenseSubscription getDefaultForUser(IdentityUser cbUser) {
SmartSenseSubscription subscription = null;
subscription = repository.findByAccountAndOwner(cbUser.getAccount(), cbUser.getUserId());
if (subscription != null && !StringUtils.isEmpty(defaultSmartsenseId) && !defaultSmartsenseId.equals(subscription.getSubscriptionId())) {
LOGGER.info("Upgrading default SmartSense subscription");
subscription.setSubscriptionId(defaultSmartsenseId);
repository.save(subscription);
}
return Optional.ofNullable(subscription).orElseGet(() -> {
SmartSenseSubscription newSubscription = null;
if (!StringUtils.isEmpty(defaultSmartsenseId)) {
LOGGER.info("Generating default SmartSense subscription");
newSubscription = new SmartSenseSubscription();
newSubscription.setSubscriptionId(defaultSmartsenseId);
newSubscription.setAccount(cbUser.getAccount());
newSubscription.setOwner(cbUser.getUserId());
newSubscription.setPublicInAccount(true);
repository.save(newSubscription);
}
return newSubscription;
});
}
开发者ID:hortonworks,项目名称:cloudbreak,代码行数:24,代码来源:SmartSenseSubscriptionService.java
示例4: getStep
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@PostAuthorize("hasAnyRole('ROLE_ADMIN,ROLE_USER')")
@Override
public Step getStep(Long suid) throws ApplicationException {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
String name = auth.getName();
User user = userDao.getUserByLogin(name);
Step step = null;
Collection<SimpleGrantedAuthority> authorities =
(Collection<SimpleGrantedAuthority>) SecurityContextHolder.getContext().getAuthentication().getAuthorities();
if(authorities.contains(Consts.ROLE_ADMIN)){
step = stepDao.getStep(suid);
} else if(authorities.contains(Consts.ROLE_USER)){
step = stepDao.getStep(suid);
if(!(step.getGame().getBlackUuid() == user.getUuid() || step.getGame().getWhiteUuid() == user.getUuid())){
throw new ApplicationException(1L, "You are not involved in game.");
}
}
return step;
}
开发者ID:pavelkuchin,项目名称:checkers,代码行数:25,代码来源:StepServiceImpl.java
示例5: scan
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
/**
* Scan for {@link PreAuthorize} and {@link PostAuthorize} annotations
* and create {@link Set} of {@link Privilege}.
*
* @return set of privileges
*/
public Set<Privilege> scan() {
StopWatch stopWatch = StopWatch.createStarted();
Set<Privilege> preAuthPrivileges = reflections.getMethodsAnnotatedWith(PreAuthorize.class).stream()
.map(element -> element.getAnnotation(PreAuthorize.class))
.map(PreAuthorize::value)
.map(this::parse)
.collect(Collectors.toSet());
Set<Privilege> postAuthPrivileges = reflections.getMethodsAnnotatedWith(PostAuthorize.class).stream()
.map(element -> element.getAnnotation(PostAuthorize.class))
.map(PostAuthorize::value)
.map(this::parse)
.collect(Collectors.toSet());
Set<Privilege> findPrivileges = reflections.getMethodsAnnotatedWith(FindWithPermission.class).stream()
.map(element -> element.getAnnotation(FindWithPermission.class))
.map(FindWithPermission::value)
.map(this::parse)
.peek(privilege -> privilege.getResources().add("returnObject"))
.collect(Collectors.toSet());
Set<Privilege> postFilterPrivileges = reflections.getMethodsAnnotatedWith(PostFilter.class).stream()
.map(element -> element.getAnnotation(PostFilter.class))
.map(PostFilter::value)
.map(this::parse)
.peek(privilege -> privilege.getResources().add("returnObject"))
.collect(Collectors.toSet());
preAuthPrivileges.addAll(postAuthPrivileges);
preAuthPrivileges.addAll(findPrivileges);
preAuthPrivileges.addAll(postFilterPrivileges);
log.info("Found {} privileges in {} ms", preAuthPrivileges.size(), stopWatch.getTime());
return preAuthPrivileges;
}
开发者ID:xm-online,项目名称:xm-commons,代码行数:41,代码来源:PrivilegeScanner.java
示例6: hasRole
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@ApiOperation(value="获取用户", notes="根据url的id来获取用户详细信息")
@ApiImplicitParam(name = "id", value = "用户ID", required = true, dataType = "String", paramType = "path")
@PostAuthorize("returnObject.username == principal.username or hasRole('ROLE_ADMIN')")
@RequestMapping(value = "/{id}", method = RequestMethod.GET)
public User getUser(@PathVariable String id) {
return repository.findOne(id);
}
开发者ID:DigAg,项目名称:digag-server,代码行数:8,代码来源:UserController.java
示例7: getProject
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@RequestMapping(value = "/{id}", method = RequestMethod.GET, produces = {"application/json"})
@ResponseStatus(HttpStatus.OK)
@PostAuthorize("hasPermission(returnObject,'PROJECTS_VIEW')")
public Project getProject(@PathVariable Integer id) {
logger.info("[getProject({})] started ...", id);
Project result = projectsService.getProject(id);
logger.info("[getProject({})] done, result: {}", id, result);
return result;
}
开发者ID:mostafa8eltaher,项目名称:AbacSpringSecurity,代码行数:10,代码来源:ProjectController.java
示例8: hasPermission
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@PreAuthorize("isAuthenticated() && #id != null")
@PostAuthorize("returnObject == null || hasPermission(returnObject, 'READ')")
private UserViewModel findUserById(Long id) {
User one = userRepository.findOne(id);
UserBuilder userBuilder = Builders.of(one);
UserViewModel userViewModel = userBuilder.buildViewModel();
String ownerOfObject = customSecurityService.getOwnerOfObject(one);
List<String> acls = customSecurityService.getMyAclForObject(one);
userViewModel.setOwner(ownerOfObject);
userViewModel.setAcls(acls);
return userViewModel;
}
开发者ID:Pivopil,项目名称:spring-boot-oauth2-rest-service-password-encoding,代码行数:13,代码来源:CustomUserDetailsService.java
示例9: hasPermission
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
/**
* Finds and returns a layer by it's URL and the layerNames parameter.
*
* @param url
* @param layerNames
* @return
*/
@PostAuthorize("hasRole(@configHolder.getSuperAdminRoleName()) or hasPermission(returnObject, 'READ')")
@Transactional(readOnly = true)
public E findByUrlAndLayerNames(String url, String layerNames) {
if (url == null || layerNames == null) {
return null;
}
return dao.findByUrlAndLayerNames(url, layerNames);
}
开发者ID:terrestris,项目名称:momo3-backend,代码行数:16,代码来源:MomoLayerService.java
示例10: postProcessAfterInitialization
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
/**
* Searches for {@link org.springframework.security.access.prepost.PreAuthorize}
* and {@link org.springframework.security.access.prepost.PostAuthorize} annotations
* representing permissions and parses them. Parsed annotations are used
* to find permissions. After that those permissions are added to
* {@link org.motechproject.security.service.MotechPermissionService}
*
* @param bean to be processed
* @param beanName name of the bean
* @return processed bean
*/
@Override
public Object postProcessAfterInitialization(final Object bean, final String beanName) {
LOGGER.debug("Searching for security annotations in: {}", beanName);
doWithMethods(bean.getClass(), new MethodCallback() {
@Override
public void doWith(Method method) throws IllegalAccessException {
Method methodOfOriginalClassIfProxied = findMethod(getTargetClass(bean), method.getName(), method.getParameterTypes());
if (methodOfOriginalClassIfProxied != null) {
PreAuthorize preAuthorize = findAnnotation(methodOfOriginalClassIfProxied, PreAuthorize.class);
PostAuthorize postAuthorize = findAnnotation(methodOfOriginalClassIfProxied, PostAuthorize.class);
List<String> annotations = new ArrayList<>(2);
List<String> permissions = new ArrayList<>();
if (preAuthorize != null) {
annotations.add(preAuthorize.value());
}
if (postAuthorize != null) {
annotations.add(postAuthorize.value());
}
for (String annotation : annotations) {
SpelExpression expression = (SpelExpression) annotationParser.parseExpression(annotation);
permissions.addAll(findPermissions(expression.getAST()));
}
addRoleAndPermissions(permissions);
}
}
});
LOGGER.debug("Searched for security annotations in: {}", beanName);
return bean;
}
开发者ID:motech,项目名称:motech,代码行数:50,代码来源:SecurityAnnotationBeanPostProcessor.java
示例11: getNext
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@ResponseBody
@RequestMapping( value = PICTURE_URI
+ "/_next", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE )
@PreAuthorize( "@paa.hasAccess(#id)" )
@PostAuthorize( "@paa.hasAccess(returnObject)" )
public ResponseEntity<Picture> getNext( @PathVariable( "user" ) String user, @PathVariable( "id" ) String id)
{
return getAdjacentPicture( user, id, false );
}
开发者ID:cherimojava,项目名称:orchidae,代码行数:10,代码来源:PictureController.java
示例12: getPrevious
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@ResponseBody
@RequestMapping( value = PICTURE_URI
+ "/_previous", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE )
@PreAuthorize( "@paa.hasAccess(#id)" )
@PostAuthorize( "@paa.hasAccess(returnObject)" )
public ResponseEntity<Picture> getPrevious( @PathVariable( "user" ) String user, @PathVariable( "id" ) String id)
{
return getAdjacentPicture( user, id, true );
}
开发者ID:cherimojava,项目名称:orchidae,代码行数:10,代码来源:PictureController.java
示例13: hasPermission
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@PreAuthorize("isAuthenticated()")
@PostAuthorize("hasRole('ROLE_ADMIN') or principal.username == returnObject.teamCode or hasPermission(@submissionEndpoint.getSubmissionGroupCodes(#id), 'submission_view')")
@RequestMapping(value = "/{id}", method = RequestMethod.GET)
public SubmissionDetailView getSubmission(@PathVariable Integer id) throws NotFoundException {
final SubmissionDetailView submissionDetailView = submissionDetailDao.getSubmission(id);
if (submissionDetailView == null) {
throw new NotFoundException();
}
fillSourceCode(id, submissionDetailView);
transformSubmissionResult(submissionDetailView);
return submissionDetailView;
}
开发者ID:kTT,项目名称:adjule,代码行数:13,代码来源:SubmissionEndpoint.java
示例14: getUserByUsername
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@ApiOperation(value="获取用户", notes="通过用户名")
@PostAuthorize("hasRole('ROLE_USER')")
@RequestMapping(value = "/",method = RequestMethod.GET)
public JsonResult<User> getUserByUsername(@RequestParam(value="username") String username) {
return JsonResult.<User>builder().data(repository.findByUsername(username)).build();
}
开发者ID:DigAg,项目名称:digag-server,代码行数:7,代码来源:UserController.java
示例15: getCurrentUser
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@ApiOperation(value="获取当前用户")
@PostAuthorize("hasRole('ROLE_USER')")
@RequestMapping(value = "/current",method = RequestMethod.GET)
public JsonResult<User> getCurrentUser(HttpServletRequest request) {
return userService.getCurrentUser(request);
}
开发者ID:DigAg,项目名称:digag-server,代码行数:7,代码来源:UserController.java
示例16: hasAuthority
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@Override
@EntityGraph(attributePaths = {"users", "contacts", "parent"})
@PostAuthorize("hasRole('POWER_ADMIN_USER') or hasAuthority('CUSTOMER_READ')")
Customer findOne(Long id);
开发者ID:bulktrade,项目名称:SMSC,代码行数:5,代码来源:CustomerRepository.java
示例17: hasAuthority
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@Override
@EntityGraph(attributePaths = {"type", "salutation"})
@PostAuthorize("hasRole('POWER_ADMIN_USER') or hasAuthority('CONTACT_READ')")
Contact findOne(Long id);
开发者ID:bulktrade,项目名称:SMSC,代码行数:5,代码来源:ContactRepository.java
示例18: or
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@Override
@EntityGraph(attributePaths = {"customer"})
@PostAuthorize("hasRole('POWER_ADMIN_USER') or (hasRole('ADMIN_USER') and hasAuthority('CUSTOMER_USER_READ'))")
User findOne(Long id);
开发者ID:bulktrade,项目名称:SMSC,代码行数:5,代码来源:UserRepository.java
示例19: hasAuthority
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@Override
@EntityGraph(attributePaths = {"authorities"})
@PostAuthorize("hasRole('POWER_ADMIN_USER') or hasAuthority('GROUP_READ')")
Group findOne(Long id);
开发者ID:bulktrade,项目名称:SMSC,代码行数:5,代码来源:GroupRepository.java
示例20: hasAuthority
import org.springframework.security.access.prepost.PostAuthorize; //导入依赖的package包/类
@Override
@PostAuthorize("hasRole('POWER_ADMIN_USER') or hasAuthority('ADMIN_USER_ROLE_READ')")
Role findOne(Long id);
开发者ID:bulktrade,项目名称:SMSC,代码行数:4,代码来源:RoleRepository.java
注:本文中的org.springframework.security.access.prepost.PostAuthorize类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论