Class AllAuthoritiesAuthorizationManager<T>
java.lang.Object
org.springframework.security.authorization.AllAuthoritiesAuthorizationManager<T>
- All Implemented Interfaces:
AuthorizationManager<T>
public final class AllAuthoritiesAuthorizationManager<T>
extends Object
implements AuthorizationManager<T>
An
AuthorizationManager that determines if the current user is authorized by
evaluating if the Authentication contains all the specified authorities.- Since:
- 7.0
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionauthorize(Supplier<? extends @Nullable Authentication> authentication, T object) Determines if the current user is authorized by evaluating if theAuthenticationcontains any of specified authorities.static <T> AllAuthoritiesAuthorizationManager<T>hasAllAuthorities(String... authorities) Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.static <T> AllAuthoritiesAuthorizationManager<T>hasAllAuthorities(List<String> authorities) Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.static <T> AllAuthoritiesAuthorizationManager<T>hasAllPrefixedAuthorities(String prefix, String... authorities) Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.static <T> AllAuthoritiesAuthorizationManager<T>hasAllRoles(String... roles) Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.voidsetRoleHierarchy(RoleHierarchy roleHierarchy) Sets theRoleHierarchyto be used.Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
-
Method Details
-
setRoleHierarchy
Sets theRoleHierarchyto be used. Default isNullRoleHierarchy. Cannot be null.- Parameters:
roleHierarchy- theRoleHierarchyto use
-
authorize
public AuthorityAuthorizationDecision authorize(Supplier<? extends @Nullable Authentication> authentication, T object) Determines if the current user is authorized by evaluating if theAuthenticationcontains any of specified authorities.- Specified by:
authorizein interfaceAuthorizationManager<T>- Parameters:
authentication- theSupplierof theAuthenticationto checkobject- the object to check authorization on (not used).- Returns:
- an
AuthorityAuthorizationDecision
-
hasAllRoles
Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.- Type Parameters:
T- the type of object being authorized- Parameters:
roles- the authorities to check for prefixed with "ROLE_". Each role should not start with "ROLE_" since it is automatically prepended already.- Returns:
- the new instance
-
hasAllPrefixedAuthorities
public static <T> AllAuthoritiesAuthorizationManager<T> hasAllPrefixedAuthorities(String prefix, String... authorities) Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.- Type Parameters:
T- the type of object being authorized- Parameters:
prefix- the prefix forauthoritiesauthorities- the authorities to check for prefixed withprefix- Returns:
- the new instance
-
hasAllAuthorities
Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.- Type Parameters:
T- the type of object being authorized- Parameters:
authorities- the authorities to check for- Returns:
- the new instance
-
hasAllAuthorities
Creates an instance ofAllAuthoritiesAuthorizationManagerwith the provided authorities.- Type Parameters:
T- the type of object being authorized- Parameters:
authorities- the authorities to check for- Returns:
- the new instance
-