Class AclAuthorizationStrategyImpl
java.lang.Object
org.springframework.security.acls.domain.AclAuthorizationStrategyImpl
- All Implemented Interfaces:
AclAuthorizationStrategy
Default implementation of
AclAuthorizationStrategy.
Permission will be granted if at least one of the following conditions is true for the current principal.
- is the owner (as defined by the ACL).
- holds the relevant system-wide
GrantedAuthorityinjected into the constructor. - has
BasePermission.ADMINISTRATIONpermission (as defined by the ACL).
-
Field Summary
Fields inherited from interface org.springframework.security.acls.domain.AclAuthorizationStrategy
CHANGE_AUDITING, CHANGE_GENERAL, CHANGE_OWNERSHIP -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected SidcreateCurrentUser(Authentication authentication) Creates a principal-like sid from the authentication information.voidsecurityCheck(Acl acl, int changeType) voidsetSidRetrievalStrategy(SidRetrievalStrategy sidRetrievalStrategy)
-
Constructor Details
-
AclAuthorizationStrategyImpl
Constructor. The only mandatory parameter relates to the system-wideGrantedAuthorityinstances that can be held to always permit ACL changes.- Parameters:
auths- theGrantedAuthoritys that have special permissions (index 0 is the authority needed to change ownership, index 1 is the authority needed to modify auditing details, index 2 is the authority needed to change other ACL and ACE details) (required)Alternatively, a single value can be supplied for all three permissions.
-
-
Method Details
-
securityCheck
- Specified by:
securityCheckin interfaceAclAuthorizationStrategy
-
createCurrentUser
Creates a principal-like sid from the authentication information.- Parameters:
authentication- the authentication information that can provide principal and thus the sid's id will be dependant on the value inside- Returns:
- a sid with the ID taken from the authentication information
-
setSidRetrievalStrategy
-