Class AclAuthorizationStrategyImpl
- java.lang.Object
-
- org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
-
- All Implemented Interfaces:
AclAuthorizationStrategy
public class AclAuthorizationStrategyImpl extends java.lang.Object implements AclAuthorizationStrategy
Default implementation ofAclAuthorizationStrategy
.Permission will be granted if at least one of the following conditions is true for the current principal.
- is the owner (as defined by the ACL).
- holds the relevant system-wide
GrantedAuthority
injected into the constructor. - has
BasePermission.ADMINISTRATION
permission (as defined by the ACL).
-
-
Field Summary
-
Fields inherited from interface org.springframework.security.acls.domain.AclAuthorizationStrategy
CHANGE_AUDITING, CHANGE_GENERAL, CHANGE_OWNERSHIP
-
-
Constructor Summary
Constructors Constructor Description AclAuthorizationStrategyImpl(GrantedAuthority... auths)
Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected Sid
createCurrentUser(Authentication authentication)
Creates a principal-like sid from the authentication information.void
securityCheck(Acl acl, int changeType)
void
setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy)
Sets theSecurityContextHolderStrategy
to use.void
setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)
-
-
-
Constructor Detail
-
AclAuthorizationStrategyImpl
public AclAuthorizationStrategyImpl(GrantedAuthority... auths)
Constructor. The only mandatory parameter relates to the system-wideGrantedAuthority
instances that can be held to always permit ACL changes.- Parameters:
auths
- theGrantedAuthority
s that have special permissions (index 0 is the authority needed to change ownership, index 1 is the authority needed to modify auditing details, index 2 is the authority needed to change other ACL and ACE details) (required)Alternatively, a single value can be supplied for all three permissions.
-
-
Method Detail
-
securityCheck
public void securityCheck(Acl acl, int changeType)
- Specified by:
securityCheck
in interfaceAclAuthorizationStrategy
-
createCurrentUser
protected Sid createCurrentUser(Authentication authentication)
Creates a principal-like sid from the authentication information.- Parameters:
authentication
- the authentication information that can provide principal and thus the sid's id will be dependant on the value inside- Returns:
- a sid with the ID taken from the authentication information
-
setSidRetrievalStrategy
public void setSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)
-
setSecurityContextHolderStrategy
public void setSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy)
Sets theSecurityContextHolderStrategy
to use. The default action is to use theSecurityContextHolderStrategy
stored inSecurityContextHolder
.- Since:
- 5.8
-
-