Home Esplora Aiuto
Registrati Accedi
github
/
spring-security
mirror da https://github.com/spring-projects/spring-security
2
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

Consider replacing an inner loop with Set of authority strings in AuthorityAuthorizationManager

Closes gh-11188
Evgeniy Cheban 3 anni fa
parent
d86ed6f523
commit
89019fb340
1 ha cambiato i file con 15 aggiunte e 7 eliminazioni
Visualizzazione unificata Mostra Diff Stats
  1. 15 7
      core/src/main/java/org/springframework/security/authorization/AuthorityAuthorizationManager.java

+ 15 - 7
core/src/main/java/org/springframework/security/authorization/AuthorityAuthorizationManager.java
Vedi File 

@@ -1,5 +1,5 @@
 
 /*
 
 /*
 
- * Copyright 2002-2021 the original author or authors.
 
+ * Copyright 2002-2022 the original author or authors.
 
  *
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
  * you may not use this file except in compliance with the License.
 
@@ -17,6 +17,7 @@
 
 package org.springframework.security.authorization;
 
 package org.springframework.security.authorization;
 
 
 
 import java.util.HashSet;
 
 import java.util.HashSet;
 
+import java.util.List;
 
 import java.util.Set;
 
 import java.util.Set;
 
 import java.util.function.Supplier;
 
 import java.util.function.Supplier;
 
 
 
@@ -37,10 +38,10 @@ public final class AuthorityAuthorizationManager<T> implements AuthorizationMana
 
 
 
 	private static final String ROLE_PREFIX = "ROLE_";
 
 	private static final String ROLE_PREFIX = "ROLE_";
 
 
 
-	private final Set<GrantedAuthority> authorities;
 
+	private final List<GrantedAuthority> authorities;
 
 
 
 	private AuthorityAuthorizationManager(String... authorities) {
 
 	private AuthorityAuthorizationManager(String... authorities) {
 
-		this.authorities = new HashSet<>(AuthorityUtils.createAuthorityList(authorities));
 
+		this.authorities = AuthorityUtils.createAuthorityList(authorities);
 
 	}
 
 	}
 
 
 
 	/**
 
 	/**
 
@@ -132,16 +133,23 @@ public final class AuthorityAuthorizationManager<T> implements AuthorizationMana
 
 	}
 
 	}
 
 
 
 	private boolean isAuthorized(Authentication authentication) {
 
 	private boolean isAuthorized(Authentication authentication) {
 
+		Set<String> authorities = getAuthoritySet();
 
 		for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
 
 		for (GrantedAuthority grantedAuthority : authentication.getAuthorities()) {
 
-			for (GrantedAuthority authority : this.authorities) {
 
-				if (authority.getAuthority().equals(grantedAuthority.getAuthority())) {
 
-					return true;
 
-				}
 
+			if (authorities.contains(grantedAuthority.getAuthority())) {
 
+				return true;
 
 			}
 
 			}
 
 		}
 
 		}
 
 		return false;
 
 		return false;
 
 	}
 
 	}
 
 
 
+	private Set<String> getAuthoritySet() {
 
+		Set<String> result = new HashSet<>();
 
+		for (GrantedAuthority grantedAuthority : this.authorities) {
 
+			result.add(grantedAuthority.getAuthority());
 
+		}
 
+		return result;
 
+	}
 
+
 
 	@Override
 
 	@Override
 
 	public String toString() {
 
 	public String toString() {
 
 		return "AuthorityAuthorizationManager[authorities=" + this.authorities + "]";
 
 		return "AuthorityAuthorizationManager[authorities=" + this.authorities + "]";