public interface SecurityExpressionOperations
Modifier and Type | Method and Description |
---|---|
boolean |
denyAll()
Always denies access
|
Authentication |
getAuthentication()
Gets the
Authentication used for evaluating the expressions |
boolean |
hasAnyAuthority(String... authorities)
Determines if the
getAuthentication() has any of the specified authorities
within Authentication.getAuthorities() . |
boolean |
hasAnyRole(String... roles)
Determines if the
getAuthentication() has any of the specified authorities
within Authentication.getAuthorities() . |
boolean |
hasAuthority(String authority)
Determines if the
getAuthentication() has a particular authority within
Authentication.getAuthorities() . |
boolean |
hasPermission(Object target,
Object permission)
Determines if the
getAuthentication() has permission to access the target
given the permission |
boolean |
hasPermission(Object targetId,
String targetType,
Object permission)
Determines if the
getAuthentication() has permission to access the domain
object with a given id, type, and permission. |
boolean |
hasRole(String role)
Determines if the
getAuthentication() has a particular authority within
Authentication.getAuthorities() . |
boolean |
isAnonymous()
Determines if the
getAuthentication() is anonymous |
boolean |
isAuthenticated()
Determines ifthe
getAuthentication() is authenticated |
boolean |
isFullyAuthenticated()
Determines if the
getAuthentication() authenticated without the use of
remember me |
boolean |
isRememberMe()
Determines if the
getAuthentication() was authenticated using remember me |
boolean |
permitAll()
Always grants access.
|
Authentication getAuthentication()
Authentication
used for evaluating the expressionsAuthentication
for evaluating the expressionsboolean hasAuthority(String authority)
getAuthentication()
has a particular authority within
Authentication.getAuthorities()
.authority
- the authority to test (i.e. "ROLE_USER")boolean hasAnyAuthority(String... authorities)
getAuthentication()
has any of the specified authorities
within Authentication.getAuthorities()
.authorities
- the authorities to test (i.e. "ROLE_USER", "ROLE_ADMIN")boolean hasRole(String role)
Determines if the getAuthentication()
has a particular authority within
Authentication.getAuthorities()
.
This is similar to hasAuthority(String)
except that this method implies
that the String passed in is a role. For example, if "USER" is passed in the
implementation may convert it to use "ROLE_USER" instead. The way in which the role
is converted may depend on the implementation settings.
role
- the authority to test (i.e. "USER")boolean hasAnyRole(String... roles)
Determines if the getAuthentication()
has any of the specified authorities
within Authentication.getAuthorities()
.
This is a similar to hasAnyAuthority except that this method implies that the String passed in is a role. For example, if "USER" is passed in the implementation may convert it to use "ROLE_USER" instead. The way in which the role is converted may depend on the implementation settings.
roles
- the authorities to test (i.e. "USER", "ADMIN")boolean permitAll()
boolean denyAll()
boolean isAnonymous()
getAuthentication()
is anonymousboolean isAuthenticated()
getAuthentication()
is authenticatedgetAuthentication()
is authenticated, else falseboolean isRememberMe()
getAuthentication()
was authenticated using remember megetAuthentication()
authenticated using remember me,
else falseboolean isFullyAuthenticated()
getAuthentication()
authenticated without the use of
remember megetAuthentication()
authenticated without the use of
remember me, else falseboolean hasPermission(Object target, Object permission)
getAuthentication()
has permission to access the target
given the permissiontarget
- the target domain object to check permission onpermission
- the permission to check on the domain object (i.e. "read",
"write", etc).getAuthentication()
, else
falseboolean hasPermission(Object targetId, String targetType, Object permission)
getAuthentication()
has permission to access the domain
object with a given id, type, and permission.targetId
- the identifier of the domain object to determine accesstargetType
- the type (i.e. com.example.domain.Message)permission
- the perission to check on the domain object (i.e. "read",
"write", etc)getAuthentication()
, else
false