Package org.springframework.security.data.repository.query

Class SecurityEvaluationContextExtension

  • All Implemented Interfaces:
    org.springframework.data.spel.spi.EvaluationContextExtension, org.springframework.data.spel.spi.ExtensionIdAware
    public class SecurityEvaluationContextExtension
extends java.lang.Object
implements org.springframework.data.spel.spi.EvaluationContextExtension

    By defining this object as a Bean, Spring Security is exposed as SpEL expressions for creating Spring Data queries.

    With Java based configuration, we can define the bean using the following:

    For example, if you return a UserDetails that extends the following User object: 

     @Entity
 public class User {
     @GeneratedValue(strategy = GenerationType.AUTO)
     @Id
     private Long id;

     ...
 }

    And you have a Message object that looks like the following: 

     @Entity
 public class Message {
     @Id
     @GeneratedValue(strategy = GenerationType.AUTO)
     private Long id;

     @OneToOne
     private User to;

     ...
 }
    You can use the following Query annotation to search for only messages that are to the current user: 
     @Repository
 public interface SecurityMessageRepository extends MessageRepository {

        @Query("select m from Message m where m.to.id = ?#{ principal?.id }")
        List<Message> findAll();
 }
    This works because the principal in this instance is a User which has an id field on it.
    Since:
    4.0

    • Constructor Summary

      Constructors 
      Constructor Description
      SecurityEvaluationContextExtension()
      Creates a new instance that uses the current Authentication found on the SecurityContextHolder.
      SecurityEvaluationContextExtension​(org.springframework.security.core.Authentication authentication)
      Creates a new instance that always uses the same Authentication object.

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      java.lang.String getExtensionId()  
      org.springframework.security.access.expression.SecurityExpressionRoot getRootObject()  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

      • Methods inherited from interface org.springframework.data.spel.spi.EvaluationContextExtension

        getFunctions, getProperties

    • Constructor Detail

      • SecurityEvaluationContextExtension

        public SecurityEvaluationContextExtension()
        Creates a new instance that uses the current Authentication found on the SecurityContextHolder.

      • SecurityEvaluationContextExtension

        public SecurityEvaluationContextExtension​(org.springframework.security.core.Authentication authentication)
        Creates a new instance that always uses the same Authentication object.
        Parameters:
        authentication - the Authentication to use

    • Method Detail

      • getExtensionId

        public java.lang.String getExtensionId()
        Specified by:
        getExtensionId in interface org.springframework.data.spel.spi.ExtensionIdAware

      • getRootObject

        public org.springframework.security.access.expression.SecurityExpressionRoot getRootObject()
        Specified by:
        getRootObject in interface org.springframework.data.spel.spi.EvaluationContextExtension