Spring Security @PreAuthor使用SpEL语言授权对自动装配的bean的访问

时间:2018-10-29 12:50:52

标签: java spring spring-security annotations spring-el

我想使用SpEL语言在Spring Security @PreAuthorize下访问我的自动装配的bean。

@Component
@Transactional
public class TodoDao implements ITodoDao {

    @Autowired
    private SessionFactory sessionFactory;

    @Autowired
    private AuthenticationFacade authenticationFacade;

    @Override
    @PreAuthorize("...") // I want to access to one of my autowired bean here
    public void changeTodoStatus(Todo todo) {
        Object user = authenticationFacade.getAuthentication().getPrincipal();
        todo.setDone(!todo.isDone());
        sessionFactory.getCurrentSession().update(todo);
    }
}

1 个答案:

答案 0 :(得分:1)

在您的bean名称前使用“ @”:

@Component
@Transactional
public class TodoDao implements ITodoDao {

    @Autowired
    private SessionFactory sessionFactory;

    @Autowired
    private AuthenticationFacade authenticationFacade;

    @Override
    @PreAuthorize("@authenticationFacade.(#toDo)") // I want to access to one of my autowired bean here
    public void changeTodoStatus(Todo todo) {
        Object user = authenticationFacade.getAuthentication().getPrincipal();
        todo.setDone(!todo.isDone());
        sessionFactory.getCurrentSession().update(todo);
    }
}
相关问题
最新问题