Class AuthorityAuthorizationManager<T>
- java.lang.Object
-
- org.springframework.security.authorization.AuthorityAuthorizationManager<T>
-
- Type Parameters:
T
- the type of object being authorized.
- All Implemented Interfaces:
AuthorizationManager<T>
public final class AuthorityAuthorizationManager<T> extends java.lang.Object implements AuthorizationManager<T>
AnAuthorizationManager
that determines if the current user is authorized by evaluating if theAuthentication
contains a specified authority.- Since:
- 5.5
-
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthorizationDecision
check(java.util.function.Supplier<Authentication> authentication, T object)
Determines if the current user is authorized by evaluating if theAuthentication
contains a specified authority.static <T> AuthorityAuthorizationManager<T>
hasAnyAuthority(java.lang.String... authorities)
Creates an instance ofAuthorityAuthorizationManager
with the provided authorities.static <T> AuthorityAuthorizationManager<T>
hasAnyRole(java.lang.String... roles)
Creates an instance ofAuthorityAuthorizationManager
with the provided authorities.static <T> AuthorityAuthorizationManager<T>
hasAnyRole(java.lang.String rolePrefix, java.lang.String[] roles)
Creates an instance ofAuthorityAuthorizationManager
with the provided authorities.static <T> AuthorityAuthorizationManager<T>
hasAuthority(java.lang.String authority)
Creates an instance ofAuthorityAuthorizationManager
with the provided authority.static <T> AuthorityAuthorizationManager<T>
hasRole(java.lang.String role)
Creates an instance ofAuthorityAuthorizationManager
with the provided authority.void
setRoleHierarchy(RoleHierarchy roleHierarchy)
Sets theRoleHierarchy
to be used.java.lang.String
toString()
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
-
Methods inherited from interface org.springframework.security.authorization.AuthorizationManager
verify
-
-
-
-
Method Detail
-
setRoleHierarchy
public void setRoleHierarchy(RoleHierarchy roleHierarchy)
Sets theRoleHierarchy
to be used. Default isNullRoleHierarchy
. Cannot be null.- Parameters:
roleHierarchy
- theRoleHierarchy
to use- Since:
- 5.8
-
hasRole
public static <T> AuthorityAuthorizationManager<T> hasRole(java.lang.String role)
Creates an instance ofAuthorityAuthorizationManager
with the provided authority.- Type Parameters:
T
- the type of object being authorized- Parameters:
role
- the authority to check for prefixed with "ROLE_". Role should not start with "ROLE_" since it is automatically prepended already.- Returns:
- the new instance
-
hasAuthority
public static <T> AuthorityAuthorizationManager<T> hasAuthority(java.lang.String authority)
Creates an instance ofAuthorityAuthorizationManager
with the provided authority.- Type Parameters:
T
- the type of object being authorized- Parameters:
authority
- the authority to check for- Returns:
- the new instance
-
hasAnyRole
public static <T> AuthorityAuthorizationManager<T> hasAnyRole(java.lang.String... roles)
Creates an instance ofAuthorityAuthorizationManager
with the provided authorities.- Type Parameters:
T
- the type of object being authorized- Parameters:
roles
- the authorities to check for prefixed with "ROLE_". Each role should not start with "ROLE_" since it is automatically prepended already.- Returns:
- the new instance
-
hasAnyRole
public static <T> AuthorityAuthorizationManager<T> hasAnyRole(java.lang.String rolePrefix, java.lang.String[] roles)
Creates an instance ofAuthorityAuthorizationManager
with the provided authorities.- Type Parameters:
T
- the type of object being authorized- Parameters:
rolePrefix
- the role prefix forroles
roles
- the authorities to check for prefixed withrolePrefix
- Returns:
- the new instance
-
hasAnyAuthority
public static <T> AuthorityAuthorizationManager<T> hasAnyAuthority(java.lang.String... authorities)
Creates an instance ofAuthorityAuthorizationManager
with the provided authorities.- Type Parameters:
T
- the type of object being authorized- Parameters:
authorities
- the authorities to check for- Returns:
- the new instance
-
check
public AuthorizationDecision check(java.util.function.Supplier<Authentication> authentication, T object)
Determines if the current user is authorized by evaluating if theAuthentication
contains a specified authority.- Specified by:
check
in interfaceAuthorizationManager<T>
- Parameters:
authentication
- theSupplier
of theAuthentication
to checkobject
- theAuthorityAuthorizationManager
object to check- Returns:
- an
AuthorizationDecision
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-