|
@@ -2,22 +2,31 @@
|
|
|
= Spring Data Integration
|
|
= Spring Data Integration
|
|
|
|
|
|
|
|
Spring Security provides Spring Data integration that allows referring to the current user within your queries.
|
|
Spring Security provides Spring Data integration that allows referring to the current user within your queries.
|
|
|
-It is not only useful but necessary to include the user in the queries to support paged results, since filtering the results afterwards would not scale.
|
|
|
|
|
|
|
+It is not only useful but necessary to include the user in the queries to support paged results since filtering the results afterwards would not scale.
|
|
|
|
|
|
|
|
[[data-configuration]]
|
|
[[data-configuration]]
|
|
|
== Spring Data & Spring Security Configuration
|
|
== Spring Data & Spring Security Configuration
|
|
|
|
|
|
|
|
-To use this support, add the `org.springframework.security:spring-security-data` dependency and provide a bean of type `SecurityEvaluationContextExtension`.
|
|
|
|
|
-In Java configuration, this would look like:
|
|
|
|
|
|
|
+To use this support, add `org.springframework.security:spring-security-data` dependency and provide a bean of type `SecurityEvaluationContextExtension`:
|
|
|
|
|
|
|
|
====
|
|
====
|
|
|
-[source,java]
|
|
|
|
|
|
|
+.Java
|
|
|
|
|
+[source,java,role="primary"]
|
|
|
----
|
|
----
|
|
|
@Bean
|
|
@Bean
|
|
|
public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
|
|
public SecurityEvaluationContextExtension securityEvaluationContextExtension() {
|
|
|
return new SecurityEvaluationContextExtension();
|
|
return new SecurityEvaluationContextExtension();
|
|
|
}
|
|
}
|
|
|
----
|
|
----
|
|
|
|
|
+
|
|
|
|
|
+.Kotlin
|
|
|
|
|
+[source,kotlin,role="secondary"]
|
|
|
|
|
+----
|
|
|
|
|
+@Bean
|
|
|
|
|
+fun securityEvaluationContextExtension(): SecurityEvaluationContextExtension {
|
|
|
|
|
+ return SecurityEvaluationContextExtension()
|
|
|
|
|
+}
|
|
|
|
|
+----
|
|
|
====
|
|
====
|
|
|
|
|
|
|
|
In XML Configuration, this would look like:
|
|
In XML Configuration, this would look like:
|
|
@@ -35,7 +44,8 @@ In XML Configuration, this would look like:
|
|
|
Now you can use Spring Security within your queries:
|
|
Now you can use Spring Security within your queries:
|
|
|
|
|
|
|
|
====
|
|
====
|
|
|
-[source,java]
|
|
|
|
|
|
|
+.Java
|
|
|
|
|
+[source,java,role="primary"]
|
|
|
----
|
|
----
|
|
|
@Repository
|
|
@Repository
|
|
|
public interface MessageRepository extends PagingAndSortingRepository<Message,Long> {
|
|
public interface MessageRepository extends PagingAndSortingRepository<Message,Long> {
|
|
@@ -43,8 +53,18 @@ public interface MessageRepository extends PagingAndSortingRepository<Message,Lo
|
|
|
Page<Message> findInbox(Pageable pageable);
|
|
Page<Message> findInbox(Pageable pageable);
|
|
|
}
|
|
}
|
|
|
----
|
|
----
|
|
|
|
|
+
|
|
|
|
|
+.Kotlin
|
|
|
|
|
+[source,kotlin,role="secondary"]
|
|
|
|
|
+----
|
|
|
|
|
+@Repository
|
|
|
|
|
+interface MessageRepository : PagingAndSortingRepository<Message,Long> {
|
|
|
|
|
+ @Query("select m from Message m where m.to.id = ?#{ principal?.id }")
|
|
|
|
|
+ fun findInbox(pageable: Pageable): Page<Message>
|
|
|
|
|
+}
|
|
|
|
|
+----
|
|
|
====
|
|
====
|
|
|
|
|
|
|
|
This checks to see if the `Authentication.getPrincipal().getId()` is equal to the recipient of the `Message`.
|
|
This checks to see if the `Authentication.getPrincipal().getId()` is equal to the recipient of the `Message`.
|
|
|
-Note that this example assumes you have customized the principal to be an `Object` that has an `id` property.
|
|
|
|
|
-By exposing the `SecurityEvaluationContextExtension` bean, all of the xref:servlet/authorization/expression-based.adoc#common-expressions[Common Security Expressions] are available within the query.
|
|
|
|
|
|
|
+Note that this example assumes you have customized the principal to be an Object that has an id property.
|
|
|
|
|
+By exposing the `SecurityEvaluationContextExtension` bean, all of the xref:servlet/authorization/expression-based.adoc#common-expressions[Common Security Expressions] are available within the Query.
|
Talerngpong Virojwutikul