Package com.vaadin.flow.spring.security

Class NavigationAccessControlConfigurer

java.lang.Object

com.vaadin.flow.spring.security.NavigationAccessControlConfigurer

public final class NavigationAccessControlConfigurer
extends Object

Allows to configure the NavigationAccessControl.

To configure Flow navigation access control, a Spring bean on type NavigationAccessControlConfigurer should be defined.

In Spring Boot applications, a default NavigationAccessControlConfigurer bean is provided. It activates AnnotatedViewAccessChecker, but it disables the NavigationAccessControl, for backward compatibility.

However, if Spring Security is configured extending VaadinWebSecurity, the NavigationAccessControl is enabled automatically.

Default settings can be overridden by defining a custom NavigationAccessControlConfigurer bean.

 @Bean
 NavigationAccessControlConfigurer navigationAccessControlConfigurer() {
     return new NavigationAccessControlConfigurer()
             .withRoutePathAccessChecker().withLoginView(LoginView.class);
 }
 
 

NOTE: if the bean in exposed in a configuration class that extends VaadinWebSecurity, the method must be defined static to prevent cyclic dependencies errors.

 @Bean
 class SecurityConfig extends VaadinWebSecurity {
     static NavigationAccessControlConfigurer navigationAccessControlConfigurer() {
         return new NavigationAccessControlConfigurer()
                 .withRoutePathAccessChecker().withLoginView(LoginView.class);
     }
 }
 
 

NavigationAccessControl bean can be configured by:

• activating out-of-the-box navigation access checkers
• providing custom navigation access checkers implementations
• set the login view class or path
• completely disable access control

The NavigationAccessControl will automatically be disabled if no navigation access checkers are provided.

See Also:

• NavigationAccessControl
• VaadinWebSecurity

Constructor Summary

Constructors

Constructor	Description
NavigationAccessControlConfigurer()

Method Summary

Modifier and Type	Method	Description
<T extends NavigationAccessControl> T	build(BiFunction<List<NavigationAccessChecker>,AccessCheckDecisionResolver,T> factory, List<NavigationAccessChecker> availableCheckers)	Builds a NavigationAccessControl instance, configured according to this configurer instance settings.
NavigationAccessControlConfigurer	disabled()	Disables the NavigationAccessControl.
NavigationAccessControlConfigurer	withAnnotatedViewAccessChecker()	Enables the AnnotatedViewAccessChecker.
NavigationAccessControlConfigurer	withAvailableNavigationAccessCheckers(Predicate<NavigationAccessChecker> filter)	Adds to NavigationAccessControl all the registered NavigationAccessChecker beans that matches the given filter.
NavigationAccessControlConfigurer	withDecisionResolver(AccessCheckDecisionResolver resolver)	Sets the AccessCheckDecisionResolver for the navigation access control.
NavigationAccessControlConfigurer	withLoginView(Class<? extends Component> loginView)	Sets the Flow login view to use.
NavigationAccessControlConfigurer	withLoginView(String loginViewPath)	Sets the path of the login view.
NavigationAccessControlConfigurer	withNavigationAccessChecker(NavigationAccessChecker accessChecker)	Adds the given NavigationAccessChecker to the collection of checker that will be used by NavigationAccessControl.
NavigationAccessControlConfigurer	withNavigationAccessCheckers(Collection<NavigationAccessChecker> accessChecker)	Adds the given NavigationAccessChecker to the collection of checker that will be used by NavigationAccessControl.
NavigationAccessControlConfigurer	withRoutePathAccessChecker()	Enables the RoutePathAccessChecker.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

NavigationAccessControlConfigurer

public NavigationAccessControlConfigurer()

Method Details

withAnnotatedViewAccessChecker

public NavigationAccessControlConfigurer withAnnotatedViewAccessChecker()

Enables the AnnotatedViewAccessChecker.

Returns:

this instance for further customization.

withRoutePathAccessChecker

public NavigationAccessControlConfigurer withRoutePathAccessChecker()

Enables the RoutePathAccessChecker.

Returns:

this instance for further customization.

withNavigationAccessChecker

public NavigationAccessControlConfigurer withNavigationAccessChecker(NavigationAccessChecker accessChecker)

Adds the given NavigationAccessChecker to the collection of checker that will be used by NavigationAccessControl.

Custom checker will be executed after out-of-the-box checker, if they are enabled.

Parameters:

accessChecker - the navigation access checker

Returns:

this instance for further customization.

withNavigationAccessCheckers

public NavigationAccessControlConfigurer withNavigationAccessCheckers(Collection<NavigationAccessChecker> accessChecker)

Adds the given NavigationAccessChecker to the collection of checker that will be used by NavigationAccessControl.

Custom checkers will be executed after out-of-the-box checker, if they are enabled.

Parameters:

accessChecker - the navigation access checker

Returns:

this instance for further customization.

withAvailableNavigationAccessCheckers

public NavigationAccessControlConfigurer withAvailableNavigationAccessCheckers(Predicate<NavigationAccessChecker> filter)

Adds to NavigationAccessControl all the registered NavigationAccessChecker beans that matches the given filter.

Note that the filter will not be applied to out-of-the-box checkers enabled with withAnnotatedViewAccessChecker() or withRoutePathAccessChecker(), not to checkers added within this configurer instance through withNavigationAccessChecker(NavigationAccessChecker) and withNavigationAccessCheckers(Collection).

Parameters:

filter - a function to filter the available navigation access checker

Returns:

this instance for further customization.

withDecisionResolver

public NavigationAccessControlConfigurer withDecisionResolver(AccessCheckDecisionResolver resolver)

Sets the AccessCheckDecisionResolver for the navigation access control.

The AccessCheckDecisionResolver is responsible for taking the final decision on target view access grant, based on the response of the navigation access checkers.

Parameters:

resolver - the decision resolver to use for navigation access control.

Returns:

this instance for further customization.

disabled

public NavigationAccessControlConfigurer disabled()

Disables the NavigationAccessControl.

Returns:

this instance for further customization.

withLoginView

public NavigationAccessControlConfigurer withLoginView(Class<? extends Component> loginView)

Sets the Flow login view to use.

Parameters:

loginView - the Flow view to use as login view

Returns:

this instance for further customization.

withLoginView

public NavigationAccessControlConfigurer withLoginView(String loginViewPath)

Sets the path of the login view.

Parameters:

loginViewPath - the path of the login view

Returns:

this instance for further customization.

build

public <T extends NavigationAccessControl> T build(BiFunction<List<NavigationAccessChecker>,AccessCheckDecisionResolver,T> factory,
 List<NavigationAccessChecker> availableCheckers)

Builds a NavigationAccessControl instance, configured according to this configurer instance settings.

Type Parameters:

T - the type of the NavigationAccessControl

Parameters:

factory - a function that build the desired type of navigation access control.

availableCheckers - the list of all available navigation access checkers registered in the system.

Returns:

a configured NavigationAccessControl instance, never null.