Package org.dspace.app.rest.security
Class WebSecurityExpressionEvaluator
java.lang.Object
org.dspace.app.rest.security.WebSecurityExpressionEvaluator
This class will contain the logic to allow us to evaluate an expression given through a String.
This will be used by the
ConverterService for parsing
the PreAuthorize annotations used on the findOne
methods of RestRepositories. A String will be given to the evaluate method and that String will then
be parsed and a boolean will be returned based on the condition in the String.
For example: "hasPermission(#id, 'ITEM', 'READ')" is such a String
This will be evaluated and if the current user has the permission to read an item with the given id,
a true will be returned, if not it'll be false.
This works on all the methods in SecurityExpressionRoot-
Constructor Summary
ConstructorsConstructorDescriptionWebSecurityExpressionEvaluator(List<SecurityExpressionHandler> securityExpressionHandlers) Constructor for this class that sets all theSecurityExpressionHandlerobjects in a list -
Method Summary
-
Constructor Details
-
WebSecurityExpressionEvaluator
Constructor for this class that sets all theSecurityExpressionHandlerobjects in a list- Parameters:
securityExpressionHandlers- TheSecurityExpressionHandlerfor this class
-
-
Method Details
-
evaluate
public boolean evaluate(String securityExpression, jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, String id) This method will have to be used to evaluate the String given. It'll parse the String and resolve it to a method inSecurityExpressionRootand evaluate it to then return a boolean- Parameters:
securityExpression- The String that resembles the expression that has to be parsedrequest- The current requestresponse- The current responseid- The id for the Object that is the subject of the permission- Returns:
- A boolean indicating whether the currentUser adheres to the permissions in the securityExpression String or not
-