Class HasPermissionAnnotationHandler
java.lang.Object
org.craftercms.commons.security.permissions.annotations.AbstractPermissionAnnotationHandler
org.craftercms.commons.security.permissions.annotations.HasPermissionAnnotationHandler
Aspect that handles
HasPermission
annotations,
by doing appropriate permission checking.- Author:
- avasquez
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected final String
Management token to be validated in case aHasPermission
annotation has been configured to accept a management token.Fields inherited from class org.craftercms.commons.security.permissions.annotations.AbstractPermissionAnnotationHandler
permissionEvaluators
-
Constructor Summary
ConstructorsConstructorDescriptionHasPermissionAnnotationHandler
(Map<Class<?>, PermissionEvaluator<?, ?>> permissionEvaluators, String managementToken) -
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
checkManagementToken
(HasPermission hasPermission) Checks if there is a valid management token param in the request.checkPermissions
(org.aspectj.lang.ProceedingJoinPoint pjp) Methods inherited from class org.craftercms.commons.security.permissions.annotations.AbstractPermissionAnnotationHandler
checkPermissions, getAnnotatedProtectedResource, getAnnotatedProtectedResourceIds, getHasPermissionAnnotation
-
Field Details
-
managementToken
Management token to be validated in case aHasPermission
annotation has been configured to accept a management token.
-
-
Constructor Details
-
HasPermissionAnnotationHandler
@ConstructorProperties({"permissionEvaluators","managementToken"}) public HasPermissionAnnotationHandler(Map<Class<?>, PermissionEvaluator<?, ?>> permissionEvaluators, String managementToken)
-
-
Method Details
-
checkPermissions
- Throws:
Throwable
-
checkManagementToken
Checks if there is a valid management token param in the request. This token must match the configured management token for this handler.- Parameters:
hasPermission
- theHasPermission
annotation- Returns:
- true if and only if a valid management token is present in the request AND the
HasPermission
annotation has been configured to accept the token
-