Package org.dspace.app.rest.security

Class WebSecurityExpressionEvaluator

java.lang.Object
org.dspace.app.rest.security.WebSecurityExpressionEvaluator
@Component public class WebSecurityExpressionEvaluator extends Object
This class will contain the logic to allow us to evaluate an expression given through a String. This will be used by the ConverterService for parsing the PreAuthorize annotations used on the findOne methods of RestRepositories. A String will be given to the evaluate method and that String will then be parsed and a boolean will be returned based on the condition in the String. For example: "hasPermission(#id, 'ITEM', 'READ')" is such a String This will be evaluated and if the current user has the permission to read an item with the given id, a true will be returned, if not it'll be false. This works on all the methods in SecurityExpressionRoot

  • Constructor Summary

    Constructors
    Constructor
    Description
    WebSecurityExpressionEvaluator(List<org.springframework.security.access.expression.SecurityExpressionHandler> securityExpressionHandlers)
    Constructor for this class that sets all the SecurityExpressionHandler objects in a list

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    evaluate(String securityExpression, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String id)
    This method will have to be used to evaluate the String given.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • WebSecurityExpressionEvaluator

      public WebSecurityExpressionEvaluator(List<org.springframework.security.access.expression.SecurityExpressionHandler> securityExpressionHandlers)
      Constructor for this class that sets all the SecurityExpressionHandler objects in a list
      Parameters:
      securityExpressionHandlers - The SecurityExpressionHandler for this class

  • Method Details

    • evaluate

      public boolean evaluate(String securityExpression, javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, String id)
      This method will have to be used to evaluate the String given. It'll parse the String and resolve it to a method in SecurityExpressionRoot and evaluate it to then return a boolean
      Parameters:
      securityExpression - The String that resembles the expression that has to be parsed
      request - The current request
      response - The current response
      id - The id for the Object that is the subject of the permission
      Returns:
      A boolean indicating whether the currentUser adheres to the permissions in the securityExpression String or not