Package org.springframework.security.acls

Class AclPermissionEvaluator

java.lang.Object

org.springframework.security.acls.AclPermissionEvaluator

All Implemented Interfaces:

org.springframework.aop.framework.AopInfrastructureBean, org.springframework.security.access.PermissionEvaluator

public class AclPermissionEvaluator
extends java.lang.Object
implements org.springframework.security.access.PermissionEvaluator

Used by Spring Security's expression-based access control implementation to evaluate permissions for a particular object using the ACL module. Similar in behaviour to AclEntryVoter.

Since:

3.0

Constructor Summary

Constructors

Constructor	Description
AclPermissionEvaluator(AclService aclService)

Method Summary

Modifier and Type	Method	Description
boolean	hasPermission(org.springframework.security.core.Authentication authentication, java.io.Serializable targetId, java.lang.String targetType, java.lang.Object permission)
boolean	hasPermission(org.springframework.security.core.Authentication authentication, java.lang.Object domainObject, java.lang.Object permission)	Determines whether the user has the given permission(s) on the domain object using the ACL configuration.
void	setObjectIdentityGenerator(ObjectIdentityGenerator objectIdentityGenerator)
void	setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy)
void	setPermissionFactory(PermissionFactory permissionFactory)
void	setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AclPermissionEvaluator

public AclPermissionEvaluator(AclService aclService)

Method Detail

hasPermission

public boolean hasPermission(org.springframework.security.core.Authentication authentication,
                             java.lang.Object domainObject,
                             java.lang.Object permission)

Determines whether the user has the given permission(s) on the domain object using the ACL configuration. If the domain object is null, returns false (this can always be overridden using a null check in the expression itself).

Specified by:

hasPermission in interface org.springframework.security.access.PermissionEvaluator

hasPermission

public boolean hasPermission(org.springframework.security.core.Authentication authentication,
                             java.io.Serializable targetId,
                             java.lang.String targetType,
                             java.lang.Object permission)

Specified by:

hasPermission in interface org.springframework.security.access.PermissionEvaluator

setObjectIdentityRetrievalStrategy

public void setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy)

setObjectIdentityGenerator

public void setObjectIdentityGenerator(ObjectIdentityGenerator objectIdentityGenerator)

setSidRetrievalStrategy

public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)

setPermissionFactory

public void setPermissionFactory(PermissionFactory permissionFactory)