Class AuthorityAuthorizationManager<T>
java.lang.Object
org.springframework.security.authorization.AuthorityAuthorizationManager<T>
- Type Parameters:
T- the type of object being authorized.
- All Implemented Interfaces:
AuthorizationManager<T>
public final class AuthorityAuthorizationManager<T>
extends Object
implements AuthorizationManager<T>
An
AuthorizationManager that determines if the current user is authorized by
evaluating if the Authentication contains a specified authority.- Since:
- 5.5
- See Also:
-
Method Summary
Modifier and TypeMethodDescriptionauthorize(Supplier<? extends @Nullable Authentication> authentication, T object) Determines if access is granted for a specific authentication and object.static <T> AuthorityAuthorizationManager<T> hasAnyAuthority(String... authorities) Creates an instance ofAuthorityAuthorizationManagerwith the provided authorities.static <T> AuthorityAuthorizationManager<T> hasAnyRole(String... roles) Creates an instance ofAuthorityAuthorizationManagerwith the provided authorities.static <T> AuthorityAuthorizationManager<T> hasAnyRole(String rolePrefix, String[] roles) Creates an instance ofAuthorityAuthorizationManagerwith the provided authorities.static <T> AuthorityAuthorizationManager<T> hasAuthority(String authority) Creates an instance ofAuthorityAuthorizationManagerwith the provided authority.static <T> AuthorityAuthorizationManager<T> Creates an instance ofAuthorityAuthorizationManagerwith the provided authority.voidsetRoleHierarchy(RoleHierarchy roleHierarchy) Sets theRoleHierarchyto be used.toString()Methods inherited from class Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, waitMethods inherited from interface AuthorizationManager
verify
-
Method Details
-
setRoleHierarchy
Sets theRoleHierarchyto be used. Default isNullRoleHierarchy. Cannot be null.- Parameters:
roleHierarchy- theRoleHierarchyto use- Since:
- 5.8
-
hasRole
Creates an instance ofAuthorityAuthorizationManagerwith the provided authority.- Type Parameters:
T- the type of object being authorized- Parameters:
role- the authority to check for prefixed with "ROLE_". Role should not start with "ROLE_" since it is automatically prepended already.- Returns:
- the new instance
-
hasAuthority
Creates an instance ofAuthorityAuthorizationManagerwith the provided authority.- Type Parameters:
T- the type of object being authorized- Parameters:
authority- the authority to check for- Returns:
- the new instance
-
hasAnyRole
Creates an instance ofAuthorityAuthorizationManagerwith the provided authorities.- Type Parameters:
T- the type of object being authorized- Parameters:
roles- the authorities to check for prefixed with "ROLE_". Each role should not start with "ROLE_" since it is automatically prepended already.- Returns:
- the new instance
-
hasAnyRole
Creates an instance ofAuthorityAuthorizationManagerwith the provided authorities.- Type Parameters:
T- the type of object being authorized- Parameters:
rolePrefix- the role prefix forrolesroles- the authorities to check for prefixed withrolePrefix- Returns:
- the new instance
-
hasAnyAuthority
Creates an instance ofAuthorityAuthorizationManagerwith the provided authorities.- Type Parameters:
T- the type of object being authorized- Parameters:
authorities- the authorities to check for- Returns:
- the new instance
-
authorize
public AuthorizationResult authorize(Supplier<? extends @Nullable Authentication> authentication, T object) Determines if access is granted for a specific authentication and object.- Specified by:
authorizein interfaceAuthorizationManager<T>- Parameters:
authentication- theSupplierof theAuthenticationto authorizeobject- theTobject to authorize- Returns:
- an
AuthorizationResult
-
toString
-