Satish Bellapu
Reputation: 740
How do i check my object permissions in spring security acl instead of using hasPermission annotation
Is there a way to check my class object permissions directly from my code instead of having the annotation model,
@PostAuthorize("hasPermission(returnObject, 'WRITE')")
public BaseData getSingle(Long id);
Upvotes: 3
Views: 2528
Answers (2)
Satish Bellapu
Reputation: 740
At-last after several tries i could achieve to get the solution, following is the code
acl-conf.xml
...
<bean class="org.springframework.security.acls.AclPermissionEvaluator" id="permissionEvaluator">
<constructor-arg ref="aclService"/>
</bean>
...
samplecontroller.java
@Autowired
private PermissionEvaluator permissionEvaluator ;
Permission permission = BasePermission.WRITE;
permissionEvaluator.hasPermission(authentication,aclObject,permission);
....
Hope this is helpful.
Upvotes: 1
Shaun the Sheep
Reputation: 22742
Assuming you're intending to use the ACL module, the expression is implemented in AclPermissionEvaluator. So you can wire up an instance of that with an AclService, inject it into the classes that need it and call the hasPermission method directly.
Upvotes: 1
Related Questions
- How to check "hasRole" in Java Code with Spring Security?
- How to interpret hasPermission in spring security?
- Spring Security Acl object
- Spring Security hasPermission for Collection<Object>
- Spring security hasPermission is not working
- How to get a List of Objects that a user can access using ACLs related tables
- Getting all available permissions spring security acl
- Spring + Spring Security + hasPermission Not working
- spring security permission programatic check
- How to do that would hasPermission did not check the field id?