SEC-1023: Add hasPermission() support to SecurityExpressionRoot
http://jira.springframework.org/browse/SEC-1023. PermissionEvaluator interface for use by expressions when evaluating hasPermisson() expressions.
This commit is contained in:
parent
7ff5602dbc
commit
dabb719456
|
@ -0,0 +1,25 @@
|
||||||
|
package org.springframework.security.expression;
|
||||||
|
|
||||||
|
import org.springframework.security.Authentication;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Strategy used in expression evaluation to determine whether a user has a permission or permissions
|
||||||
|
* for a given domain object.
|
||||||
|
*
|
||||||
|
*
|
||||||
|
* @author Luke Taylor
|
||||||
|
* @version $Id$
|
||||||
|
* @since 2.5
|
||||||
|
*/
|
||||||
|
public interface PermissionEvaluator {
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* @param authentication represents the user in question. Should not be null.
|
||||||
|
* @param targetDomainObject the domain object for which permissions should be checked. May be null
|
||||||
|
* in which case implementations should return false, as the null condition can be checked explicitly
|
||||||
|
* in the expression.
|
||||||
|
* @param permission a representation of the permission object as supplied by the expression system. Not null.
|
||||||
|
* @return true if the permission is granted, false otherwise
|
||||||
|
*/
|
||||||
|
boolean hasPermission(Authentication authentication, Object targetDomainObject, Object permission);
|
||||||
|
}
|
Loading…
Reference in New Issue