|
|
@@ -0,0 +1,101 @@
|
|
|
+package org.springframework.security.core.authority.mapping;
|
|
|
+
|
|
|
+import org.springframework.beans.factory.InitializingBean;
|
|
|
+import org.springframework.security.core.GrantedAuthority;
|
|
|
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
|
+import org.springframework.util.Assert;
|
|
|
+
|
|
|
+import java.util.*;
|
|
|
+
|
|
|
+/**
|
|
|
+ * Simple one-to-one {@code GrantedAuthoritiesMapper} which allows for case conversion of the authority name
|
|
|
+ * and the addition of a string prefix (which defaults to {@code ROLE_}).
|
|
|
+ *
|
|
|
+ * @author Luke Taylor
|
|
|
+ * @since 3.1
|
|
|
+ */
|
|
|
+public final class SimpleAuthorityMapper implements GrantedAuthoritiesMapper, InitializingBean {
|
|
|
+ private GrantedAuthority defaultAuthority;
|
|
|
+ private String prefix = "ROLE_";
|
|
|
+ private boolean convertToUpperCase = false;
|
|
|
+ private boolean convertToLowerCase = false;
|
|
|
+
|
|
|
+ public void afterPropertiesSet() throws Exception {
|
|
|
+ Assert.isTrue(!(convertToUpperCase && convertToLowerCase),
|
|
|
+ "Either convertToUpperCase or convertToLowerCase can be set to true, but not both");
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Creates a mapping of the supplied authorities based on the case-conversion and prefix settings.
|
|
|
+ * The mapping will be one-to-one unless duplicates are produced during the conversion. If a default
|
|
|
+ * authority has been set, this will also be assigned to each mapping.
|
|
|
+ *
|
|
|
+ * @param authorities the original authorities
|
|
|
+ *
|
|
|
+ * @return the converted set of authorities
|
|
|
+ */
|
|
|
+ public Set<GrantedAuthority> mapAuthorities(Collection<? extends GrantedAuthority> authorities) {
|
|
|
+ HashSet<GrantedAuthority> mapped = new HashSet<GrantedAuthority>(authorities.size());
|
|
|
+ for (GrantedAuthority authority : authorities) {
|
|
|
+ mapped.add(mapAuthority(authority.getAuthority()));
|
|
|
+ }
|
|
|
+
|
|
|
+ if (defaultAuthority != null) {
|
|
|
+ mapped.add(defaultAuthority);
|
|
|
+ }
|
|
|
+
|
|
|
+ return mapped;
|
|
|
+ }
|
|
|
+
|
|
|
+ private GrantedAuthority mapAuthority(String name) {
|
|
|
+ if (convertToUpperCase) {
|
|
|
+ name = name.toUpperCase();
|
|
|
+ } else if (convertToLowerCase) {
|
|
|
+ name = name.toLowerCase();
|
|
|
+ }
|
|
|
+
|
|
|
+ if (prefix.length() > 0 && !name.startsWith(prefix)) {
|
|
|
+ name = prefix + name;
|
|
|
+ }
|
|
|
+
|
|
|
+ return new SimpleGrantedAuthority(name);
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Sets the prefix which should be added to the authority name (if it doesn't already exist)
|
|
|
+ *
|
|
|
+ * @param prefix the prefix, typically to satisfy the behaviour of an {@code AccessDecisionVoter}.
|
|
|
+ */
|
|
|
+ public void setPrefix(String prefix) {
|
|
|
+ Assert.notNull(prefix, "prefix cannot be null");
|
|
|
+ this.prefix = prefix;
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Whether to convert the authority value to upper case in the mapping.
|
|
|
+ *
|
|
|
+ * @param convertToUpperCase defaults to {@code false}
|
|
|
+ */
|
|
|
+ public void setConvertToUpperCase(boolean convertToUpperCase) {
|
|
|
+ this.convertToUpperCase = convertToUpperCase;
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Whether to convert the authority value to lower case in the mapping.
|
|
|
+ *
|
|
|
+ * @param convertToLowerCase defaults to {@code false}
|
|
|
+ */
|
|
|
+ public void setConvertToLowerCase(boolean convertToLowerCase) {
|
|
|
+ this.convertToLowerCase = convertToLowerCase;
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * Sets a default authority to be assigned to all users
|
|
|
+ *
|
|
|
+ * @param authority the name of the authority to be assigned to all users.
|
|
|
+ */
|
|
|
+ public void setDefaultAuthority(String authority) {
|
|
|
+ Assert.hasText(authority, "The authority name cannot be set to an empty value");
|
|
|
+ this.defaultAuthority = new SimpleGrantedAuthority(authority);
|
|
|
+ }
|
|
|
+}
|
Luke Taylor