Package org.springframework.security.access.expression

Class DenyAllPermissionEvaluator

  • All Implemented Interfaces:
    org.springframework.aop.framework.AopInfrastructureBean, PermissionEvaluator
    public class DenyAllPermissionEvaluator
extends java.lang.Object
implements PermissionEvaluator
    A null PermissionEvaluator which denies all access. Used by default for situations when permission evaluation should not be required.
    Since:
    3.0

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean hasPermission​(Authentication authentication, java.io.Serializable targetId, java.lang.String targetType, java.lang.Object permission)
      Alternative method for evaluating a permission where only the identifier of the target object is available, rather than the target instance itself.
      boolean hasPermission​(Authentication authentication, java.lang.Object target, java.lang.Object permission)  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • DenyAllPermissionEvaluator

        public DenyAllPermissionEvaluator()

    • Method Detail

      • hasPermission

        public boolean hasPermission​(Authentication authentication,
                             java.lang.Object target,
                             java.lang.Object permission)
        Specified by:
        hasPermission in interface PermissionEvaluator
        Parameters:
        authentication - represents the user in question. Should not be null.
        target - the domain object for which permissions should be checked. May be null in which case implementations should return false, as the null condition can be checked explicitly in the expression.
        permission - a representation of the permission object as supplied by the expression system. Not null.
        Returns:
        false always

      • hasPermission

        public boolean hasPermission​(Authentication authentication,
                             java.io.Serializable targetId,
                             java.lang.String targetType,
                             java.lang.Object permission)
        Description copied from interface: PermissionEvaluator
        Alternative method for evaluating a permission where only the identifier of the target object is available, rather than the target instance itself.
        Specified by:
        hasPermission in interface PermissionEvaluator
        Parameters:
        authentication - represents the user in question. Should not be null.
        targetId - the identifier for the object instance (usually a Long)
        targetType - a String representing the target's type (usually a Java classname). Not null.
        permission - a representation of the permission object as supplied by the expression system. Not null.
        Returns:
        false always