SecurityEvaluationContextExtension (spring-security-docs 5.6.7 API)

java.lang.Object
- org.springframework.security.data.repository.query.SecurityEvaluationContextExtension

All Implemented Interfaces:

org.springframework.data.spel.spi.EvaluationContextExtension, org.springframework.data.spel.spi.ExtensionIdAware
```
public class SecurityEvaluationContextExtension
extends java.lang.Object
implements org.springframework.data.spel.spi.EvaluationContextExtension
```
By defining this object as a Bean, Spring Security is exposed as SpEL expressions for creating Spring Data queries.
With Java based configuration, we can define the bean using the following:
For example, if you return a UserDetails that extends the following User object:
```
 @Entity
 public class User {
     @GeneratedValue(strategy = GenerationType.AUTO)
     @Id
     private Long id;

     ...
 }
 
```
And you have a Message object that looks like the following:
```
 @Entity
 public class Message {
     @Id
     @GeneratedValue(strategy = GenerationType.AUTO)
     private Long id;

     @OneToOne
     private User to;

     ...
 }
 
```
You can use the following Query annotation to search for only messages that are to the current user:
```
 @Repository
 public interface SecurityMessageRepository extends MessageRepository {

        @Query("select m from Message m where m.to.id = ?#{ principal?.id }")
        List<Message> findAll();
 }
 
```
This works because the principal in this instance is a User which has an id field on it.
Since:

4.0

Constructor Summary

Constructors
Constructor	Description
`SecurityEvaluationContextExtension()`	Creates a new instance that uses the current `Authentication` found on the `SecurityContextHolder`.
`SecurityEvaluationContextExtension(Authentication authentication)`	Creates a new instance that always uses the same `Authentication` object.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type Method Description

java.lang.String getExtensionId()

SecurityExpressionRoot getRootObject()
- Methods inherited from class java.lang.Object
  clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
- Methods inherited from interface org.springframework.data.spel.spi.EvaluationContextExtension
  getFunctions, getProperties

- Constructor Detail
  - SecurityEvaluationContextExtension
```
public SecurityEvaluationContextExtension()
```
    Creates a new instance that uses the current Authentication found on the SecurityContextHolder.
  - SecurityEvaluationContextExtension
```
public SecurityEvaluationContextExtension(Authentication authentication)
```
    Creates a new instance that always uses the same Authentication object.
    
    Parameters:
    
    authentication - the Authentication to use
- Method Detail
  - getExtensionId
```
public java.lang.String getExtensionId()
```
    Specified by:
    
    getExtensionId in interface org.springframework.data.spel.spi.ExtensionIdAware
  - getRootObject
```
public SecurityExpressionRoot getRootObject()
```
    Specified by:
    
    getRootObject in interface org.springframework.data.spel.spi.EvaluationContextExtension