il y a 19 ans · 775840a565
--- a/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserAuthorityChanger.java
+++ b/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserAuthorityChanger.java
@@ -0,0 +1,30 @@
 
				+package org.acegisecurity.ui.switchuser;
			
 
				+
			
 
				+import java.util.List;
			
 
				+
			
 
				+import org.acegisecurity.Authentication;
			
 
				+import org.acegisecurity.GrantedAuthority;
			
 
				+import org.acegisecurity.userdetails.UserDetails;
			
 
				+
			
 
				+/**
			
 
				+ * Allows subclasses to modify the {@link GrantedAuthority} list that will be assigned to the principal
			
 
				+ * when they assume the identity of a different principal.
			
 
				+ * 
			
 
				+ * <p>Configured against the {@link SwitchUserProcessingFilter}.
			
 
				+ * 
			
 
				+ * @author Ben Alex
			
 
				+ * @version $Id$
			
 
				+ *
			
 
				+ */
			
 
				+public interface SwitchUserAuthorityChanger {
			
 
				+    
			
 
				+    /**
			
 
				+     * Allow subclasses to add or remove authorities that will be granted when in switch user mode.
			
 
				+     * 
			
 
				+     * @param targetUser the UserDetails representing the identity being switched to
			
 
				+     * @param currentAuthentication the current Authentication of the principal performing the switching
			
 
				+     * @param authoritiesToBeGranted all {@link GrantedAuthority} instances to be granted to the user,
			
 
				+     * excluding the special "switch user" authority that is used internally (guaranteed never null)
			
 
				+     */
			
 
				+    public void modifyGrantedAuthorities(UserDetails targetUser, Authentication currentAuthentication, List authoritiesToBeGranted);
			
 
				+}
			
--- a/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/switchuser/SwitchUserProcessingFilter.java
@@ -115,6 +115,7 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
				     private String exitUserUrl = "/j_acegi_exit_user";
			
 
				     private String switchUserUrl = "/j_acegi_switch_user";
			
 
				     private String targetUrl;
			
 
				+    private SwitchUserAuthorityChanger switchUserAuthorityChanger;
			
 
				 
			
 
				     // ~ Instance fields
			
 
				     // ========================================================
			
@@ -277,6 +278,11 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
				         // get the original authorities
			
 
				         List orig = Arrays.asList(targetUser.getAuthorities());
			
 
				 
			
 
				+        // Allow subclasses to change the authorities to be granted
			
 
				+        if (switchUserAuthorityChanger != null) {
			
 
				+        	switchUserAuthorityChanger.modifyGrantedAuthorities(targetUser, currentAuth, orig);
			
 
				+        }
			
 
				+        
			
 
				         // add the new switch user authority
			
 
				         List newAuths = new ArrayList(orig);
			
 
				         newAuths.add(switchAuthority);
			
@@ -460,4 +466,12 @@ public class SwitchUserProcessingFilter implements Filter, InitializingBean, App
 
				 
			
 
				         return uri;
			
 
				     }
			
 
				+
			
 
				+    /**
			
 
				+     * @param switchUserAuthorityChanger to use to fine-tune the authorities granted to subclasses (may be null if
			
 
				+     * SwitchUserProcessingFilter shoudl not fine-tune the authorities)
			
 
				+     */
			
 
				+	public void setSwitchUserAuthorityChanger(SwitchUserAuthorityChanger switchUserAuthorityChanger) {
			
 
				+		this.switchUserAuthorityChanger = switchUserAuthorityChanger;
			
 
				+	}
			
 
				 }