WebSecurityExpressionEvaluator (DSpace Server Webapp 7.0 API)

java.lang.Object
- org.dspace.app.rest.security.WebSecurityExpressionEvaluator

```
@Component
public class WebSecurityExpressionEvaluator
extends Object
```
This class will contain the logic to allow us to evaluate an expression given through a String. This will be used by the ConverterService for parsing the PreAuthorize annotations used on the findOne methods of RestRepositories. A String will be given to the evaluate method and that String will then be parsed and a boolean will be returned based on the condition in the String. For example: "hasPermission(#id, 'ITEM', 'READ')" is such a String This will be evaluated and if the current user has the permission to read an item with the given id, a true will be returned, if not it'll be false. This works on all the methods in SecurityExpressionRoot

Constructor Summary

Constructors
Constructor	Description
`WebSecurityExpressionEvaluator(List<org.springframework.security.access.expression.SecurityExpressionHandler> securityExpressionHandlers)`	Constructor for this class that sets all the `SecurityExpressionHandler` objects in a list

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`boolean`	`evaluate(String securityExpression, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String id)`	This method will have to be used to evaluate the String given.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - WebSecurityExpressionEvaluator
```
public WebSecurityExpressionEvaluator(List<org.springframework.security.access.expression.SecurityExpressionHandler> securityExpressionHandlers)
```
    Constructor for this class that sets all the SecurityExpressionHandler objects in a list
    
    Parameters:
    
    securityExpressionHandlers - The SecurityExpressionHandler for this class
- Method Detail
  - evaluate
```
public boolean evaluate(String securityExpression,
                        javax.servlet.http.HttpServletRequest request,
                        javax.servlet.http.HttpServletResponse response,
                        String id)
```
    This method will have to be used to evaluate the String given. It'll parse the String and resolve it to a method in SecurityExpressionRoot and evaluate it to then return a boolean
    
    Parameters:
    
    securityExpression - The String that resembles the expression that has to be parsed
    
    request - The current request
    
    response - The current response
    
    id - The id for the Object that is the subject of the permission
    
    Returns:
    
    A boolean indicating whether the currentUser adheres to the permissions in the securityExpression String or not