...
Code Block |
---|
|
@Component
public class AccessAuthorizer {
public boolean authorize(Authentication authentication, Category category) {
final AtomicBoolean hasAccess = new AtomicBoolean(false);
authentication.getAuthorities().forEach(auth -> {
GenericGrantedAuthority generic = (GenericGrantedAuthority)auth;
hasAccess.compareAndExchange(false,
generic.hasAuthority("write",
String.format("$.[?(@ ==\"%s\")]", category.name())));
});
return hasAccess.get();
}
} |
Lägg till någon av ovanstående annoteringar för en auktorisering-annotering till den resurs som ska behörighetsskyddas. I detta exempel används @PreAuthorize
.
Code Block |
---|
|
@GetMapping(path = "/cases/{category}", produces = { APPLICATION_JSON_VALUE })
@Operation(summary = "Get agreementscases by category")
@ApiResponse(responseCode = "200", description = "Successful operation")
@ApiResponse(responseCode = "400", description = "Bad request")
@ApiResponse(responseCode = "401", description = "Unauthorized")
@ApiResponse(responseCode = "404", description = "Not found")
@ApiResponse(responseCode = "500", description = "Internal Server error")
@ApiResponse(responseCode = "502", description = "Bad Gateway")
@PreAuthorize("@accessAuthorizer.authorize(authentication, #category)")
public ResponseEntity<CasesResponse> getCasesByCategory(
@Parameter(name = "category") @PathVariable(name = "category") Category category) {
...
} |
...