package fr.openwide.core.jpa.security.config.spring;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.core.parameters.AnnotationParameterNameDiscoverer;
import org.springframework.security.core.parameters.DefaultSecurityParameterNameDiscoverer;
import com.google.common.collect.ImmutableList;
import fr.openwide.core.commons.util.security.PermissionObject;
import fr.openwide.core.jpa.security.access.expression.method.CoreMethodSecurityExpressionHandler;
import fr.openwide.core.jpa.security.service.ICorePermissionEvaluator;
/**
* Par rapport à son parent, cette classe active la protection via les
* annotations de sécurité spring.
*
* @see Secured
*/
@Configuration
@ImportResource("classpath:spring/owsi-core-component-jpa-security-context.xml")
// définition des proxys Secured
public abstract class AbstractJpaSecuritySecuredConfig extends AbstractJpaSecurityConfig {
@Override
public MethodSecurityExpressionHandler expressionHandler(ICorePermissionEvaluator corePermissionEvaluator) {
CoreMethodSecurityExpressionHandler methodSecurityExpressionHandler = new CoreMethodSecurityExpressionHandler();
methodSecurityExpressionHandler.setCorePermissionEvaluator(corePermissionEvaluator);
// Discover parameter name using the @PermissionObject annotation, too
methodSecurityExpressionHandler.setParameterNameDiscoverer(new DefaultSecurityParameterNameDiscoverer(
ImmutableList.of(
new AnnotationParameterNameDiscoverer(PermissionObject.class.getName())
)
));
return methodSecurityExpressionHandler;
}
}