org.springframework.security.access.PermissionEvaluator |
Known Indirect Subclasses
AclPermissionEvaluator |
Used by Spring Security's expression-based access control implementation to evaluate permissions for a particular
object using the ACL module. |
DenyAllPermissionEvaluator |
A null PermissionEvaluator which denies all access. |
|
Class Overview
Strategy used in expression evaluation to determine whether a user has a permission or permissions
for a given domain object.
Public Methods
public
abstract
boolean
hasPermission
(Authentication authentication, Object targetDomainObject, Object permission)
Parameters
authentication
| represents the user in question. Should not be null. |
targetDomainObject
| the domain object for which permissions should be checked. May be null
in which case implementations should return false, as the null condition can be checked explicitly
in the expression. |
permission
| a representation of the permission object as supplied by the expression system. Not null. |
Returns
- true if the permission is granted, false otherwise
public
abstract
boolean
hasPermission
(Authentication authentication, Serializable targetId, String targetType, Object permission)
Alternative method for evaluating a permission where only the identifier of the target object
is available, rather than the target instance itself.
Parameters
authentication
| represents the user in question. Should not be null. |
targetId
| the identifier for the object instance (usually a Long) |
targetType
| a String representing the target's type (usually a Java classname). Not null. |
permission
| a representation of the permission object as supplied by the expression system. Not null. |
Returns
- true if the permission is granted, false otherwise