本文整理汇总了Java中org.springframework.security.access.prepost.PostFilter类的典型用法代码示例。如果您正苦于以下问题:Java PostFilter类的具体用法?Java PostFilter怎么用?Java PostFilter使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
PostFilter类属于org.springframework.security.access.prepost包,在下文中一共展示了PostFilter类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: hasAuthority
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PostFilter("hasAuthority(filterObject+'_MANAGE') or hasAuthority('SYS_MANAGE_GROUP')")
public List<DBGroup> getAllGroupsUserIn(String user) {
checkArgument(user != null && !"".equals(user),
"user name could not be empty.");
DBUserGroup condition = new DBUserGroup();
condition.setUserName(user);
List<String> groupNames = FluentIterable
.from(userGroupService.get(condition))
.transform(new Function<DBUserGroup, String>() {
@Override
public String apply(DBUserGroup input) {
return input.getGroupName();
}
}).append(PermissionConst.PUBLICGROUP).toList();// Add "Public"
// Group for all
// users
return getGroupsByNames(groupNames);
}
示例2: hasAuthority
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PostFilter("hasAuthority(filterObject.name+'_MANAGE') or hasAuthority(filterObject.name+'_VIEW') or hasAuthority('SYS_MANAGE_DATASOURCE') or hasAuthority('SYS_VIEW_DATASOURCE')")
public Set<DBDataSource> getAllUserViewedDatasource() {
Set<DBDataSource> datasources = new HashSet<DBDataSource>();
for (Entry<String, DataSourceConfiguration> entry : DataSourceMetaRepo
.getInstance().getActiveDbConfMap().entrySet()) {
if (entry.getValue().isRealOnly() == true) {
DBDataSource datasource = new DBDataSource();
datasource.setName(entry.getKey());
datasource.setType(entry.getValue().getDataSourceType()
.getType());
datasource.setDisplayName(entry.getValue().getDataSourceName());
datasource.setEndpoint((StringUtils.join(entry.getValue()
.getEndPoint(), ",")));
try{
datasource.setProperties(JsonUtil.writeValueAsIndentString(entry.getValue().getProperties()));
}catch(Exception e){
datasource.setProperties(entry.getValue().getProperties().toString());
}
datasource.setReadonly(entry.getValue().isRealOnly());
datasources.add(datasource);
}
}
datasources.addAll(datasourceService.getAll());
return datasources;
}
示例3: latestPicturesMetaByUserLimit
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
/**
* Returns a list (json) with the {number} most recent photos of the given {user}.
*
* @param user to retrieve pictures from
* @param number (optional) number of pictures to ask for. Number is constrained by {@link #latestPictureLimit}
* @param skip number of pictures to skip. Must be non negativ
* @return picture json list with the latest pictures
* @since 1.0.0
*/
@RequestMapping( value = "/{user}/_latest", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE )
@PostFilter( "@paa.hasAccess(filterObject.id)" )
public List<Picture> latestPicturesMetaByUserLimit( @PathVariable( "user" ) String user,
@RequestParam( value = "n", required = false ) Integer number,
@RequestParam( value = "s", required = false ) Integer skip)
{
if ( number == null || number > latestPictureLimit )
{
LOG.info( "latest picture request was ({}) greater than max allowed {}. Only returning max", number,
latestPictureLimit );
number = latestPictureLimit;
}
QueryStart<Picture> query = factory.query( Picture.class );
QuerySort<Picture> querySort = query//
.where( query.e().getUser().getUsername() ).is( user )//
.and( query.e().isDeleted() ).is( false )//
.limit( number ).sort().desc( query.e().getOrder() );
if ( skip != null && skip > 0 )
{
querySort.skip( skip );
}
return Lists.newArrayList( querySort.iterator() );
}
示例4: testAuthorizationDefined
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@Test
public void testAuthorizationDefined() throws NoSuchMethodException {
assertTrue(PictureController.class.getMethod("getPicture", String.class, String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("latestPicturesMetaByUserLimit", String.class, Integer.class,
Integer.class).isAnnotationPresent(PostFilter.class));
assertTrue(PictureController.class.getMethod("getPictureMeta", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("deletePicture", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("getNext", String.class, String.class).isAnnotationPresent(
PostAuthorize.class));
assertTrue(PictureController.class.getMethod("getNext", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
assertTrue(PictureController.class.getMethod("getPrevious", String.class, String.class).isAnnotationPresent(
PostAuthorize.class));
assertTrue(PictureController.class.getMethod("getPrevious", String.class, String.class).isAnnotationPresent(
PreAuthorize.class));
}
示例5: hasPermission
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
/**
*
* @param groupId
* @return
* @throws Exception
*/
@PostFilter("hasRole(@configHolder.getSuperAdminRoleName()) or hasPermission(filterObject, 'READ')")
@Transactional(readOnly = true)
public Set<User> getUsersOfGroup(Integer groupId) throws Exception {
Set<User> groupUsersSet = new HashSet<User>();
UserGroup userGroup = this.findById(groupId);
if (userGroup != null) {
LOG.trace("Found group with ID " + userGroup.getId());
groupUsersSet = userGroup.getMembers();
} else {
throw new Exception("The group with id " + groupId + " could not be found");
}
return groupUsersSet;
}
示例6: hasPermission
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
/**
*
* @param userId
* @return
* @throws Exception
*/
@PostFilter("hasRole(@configHolder.getSuperAdminRoleName()) or hasPermission(filterObject, 'READ')")
@Transactional(readOnly = true)
public Set<UserGroup> getGroupsOfUser(Integer userId) throws Exception {
Set<UserGroup> userGroupsSet = new HashSet<UserGroup>();
E user = this.findById(userId);
if (user != null) {
LOG.trace("Found user with ID " + user.getId());
userGroupsSet = user.getUserGroups();
} else {
throw new Exception("The user with id " + userId + " could not be found");
}
return userGroupsSet;
}
示例7: listAllCubes
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PostFilter(Constant.ACCESS_POST_FILTER_READ)
public List<CubeInstance> listAllCubes(final String cubeName, final String projectName) {
List<CubeInstance> cubeInstances = null;
ProjectInstance project = (null != projectName) ? getProjectManager().getProject(projectName) : null;
if (null == project) {
cubeInstances = getCubeManager().listAllCubes();
} else {
cubeInstances = listAllCubes(projectName);
}
List<CubeInstance> filterCubes = new ArrayList<CubeInstance>();
for (CubeInstance cubeInstance : cubeInstances) {
boolean isCubeMatch = (null == cubeName) || cubeInstance.getName().toLowerCase().contains(cubeName.toLowerCase());
if (isCubeMatch) {
filterCubes.add(cubeInstance);
}
}
return filterCubes;
}
示例8: scan
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
/**
* Scan for {@link PreAuthorize} and {@link PostAuthorize} annotations
* and create {@link Set} of {@link Privilege}.
*
* @return set of privileges
*/
public Set<Privilege> scan() {
StopWatch stopWatch = StopWatch.createStarted();
Set<Privilege> preAuthPrivileges = reflections.getMethodsAnnotatedWith(PreAuthorize.class).stream()
.map(element -> element.getAnnotation(PreAuthorize.class))
.map(PreAuthorize::value)
.map(this::parse)
.collect(Collectors.toSet());
Set<Privilege> postAuthPrivileges = reflections.getMethodsAnnotatedWith(PostAuthorize.class).stream()
.map(element -> element.getAnnotation(PostAuthorize.class))
.map(PostAuthorize::value)
.map(this::parse)
.collect(Collectors.toSet());
Set<Privilege> findPrivileges = reflections.getMethodsAnnotatedWith(FindWithPermission.class).stream()
.map(element -> element.getAnnotation(FindWithPermission.class))
.map(FindWithPermission::value)
.map(this::parse)
.peek(privilege -> privilege.getResources().add("returnObject"))
.collect(Collectors.toSet());
Set<Privilege> postFilterPrivileges = reflections.getMethodsAnnotatedWith(PostFilter.class).stream()
.map(element -> element.getAnnotation(PostFilter.class))
.map(PostFilter::value)
.map(this::parse)
.peek(privilege -> privilege.getResources().add("returnObject"))
.collect(Collectors.toSet());
preAuthPrivileges.addAll(postAuthPrivileges);
preAuthPrivileges.addAll(findPrivileges);
preAuthPrivileges.addAll(postFilterPrivileges);
log.info("Found {} privileges in {} ms", preAuthPrivileges.size(), stopWatch.getTime());
return preAuthPrivileges;
}
示例9: getAllCarsByUserId
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PreAuthorize("@userAccessService.isAccessibleWithUserId(authentication, #userId)")
@PostFilter("filterObject.userId == #userId")
@GetMapping(value = "/users/{userId}", produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.OK)
public List<CarDTO> getAllCarsByUserId(@PathVariable("userId") @Validated @NotNull Long userId) {
GetAllCarsByUserIdRequest request = new GetAllCarsByUserIdRequest();
request.userId = userId;
GetAllCarsByUserIdResponse response = carService.getAllCarsByUserId(request);
return response.carDTOs;
}
示例10: getAllTransactionsByCarId
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PreAuthorize("@carAccessService.isAccessibleWithCarId(authentication, #id)")
@PostFilter("filterObject.carId == #id")
@GetMapping(value = "/cars/{carId}", produces = "application/json")
@ResponseStatus(HttpStatus.OK)
public List<TransactionDTO> getAllTransactionsByCarId(@PathVariable("carId") @Validated @NotNull Long id) {
GetAllTransactionsByCarIdRequest request = new GetAllTransactionsByCarIdRequest();
request.carId = id;
GetAllTransactionsByCarIdResponse response = transactionService.getAllTransactionsByCarId(request);
return response.transactionDTOs;
}
示例11: searchForPersonBy
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PostFilter("hasPermission(filterObject, 'read')")
public List<PersonMatch> searchForPersonBy(final SearchCriteria searchCriteria) {
if (StringUtils.hasText(searchCriteria.getIdentifierValue())) {
final String identifierValue = searchCriteria.getIdentifierValue();
final Person person = this.findPersonByIdentifier(searchCriteria.getIdentifierType().getName(), identifierValue);
if (person != null)
return new ArrayList<PersonMatch>(Arrays.asList(new PersonMatchImpl(person, 100, new ArrayList<FieldMatch>())));
else return new ArrayList<PersonMatch>();
}
final List<Person> persons = this.personRepository.searchByCriteria(searchCriteria);
return createMatches(persons);
}
示例12: getAllUsers
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PostFilter("hasPermission(filterObject, 'READ')")
public List<User> getAllUsers() {
return entityManager.createQuery("SELECT user FROM User user").getResultList();
}
示例13: getAllContacts
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PostFilter("hasPermission(filterObject, 'READ')")
public List<Contact> getAllContacts() {
String query = "SELECT contact FROM Contact contact INNER JOIN FETCH contact.owner user";
return entityManager.createQuery(query).getResultList();
}
示例14: findAll
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PreAuthorize("isAuthenticated()")
@PostFilter("hasPermission(filterObject, 'READ')")
public Iterable<User> findAll() {
return userRepository.findAll();
}
开发者ID:Pivopil,项目名称:spring-boot-oauth2-rest-service-password-encoding,代码行数:6,代码来源:CustomUserDetailsService.java
示例15: getAll
import org.springframework.security.access.prepost.PostFilter; //导入依赖的package包/类
@PreAuthorize("isAuthenticated()")
@PostFilter("hasPermission(filterObject, 'READ')")
public Iterable<Content> getAll(String title) {
return title != null ? contentRepository.findAllByTitle(title) : contentRepository.findAll();
}
开发者ID:Pivopil,项目名称:spring-boot-oauth2-rest-service-password-encoding,代码行数:6,代码来源:ContentService.java