@PostFilter - brak wywolania :: 4programmers.net

Witam, staram się przefiltrować zbior tak by oczyscil z obiektow domenowych te do ktorych uzytkownik nie ma uprwnien ACL.
Niestety nie nastepuje zadna filtracja.

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:mvc="http://www.springframework.org/schema/mvc" xmlns:context="http://www.springframework.org/schema/context"
	xmlns:security="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="
        http://www.springframework.org/schema/beans     
        http://www.springframework.org/schema/beans/spring-beans.xsd
        http://www.springframework.org/schema/mvc 
        http://www.springframework.org/schema/mvc/spring-mvc.xsd
        http://www.springframework.org/schema/context 
        http://www.springframework.org/schema/context/spring-context.xsd
        http://www.springframework.org/schema/security
        http://www.springframework.org/schema/security/spring-security.xsd">

	<context:component-scan base-package="pl.benq.enrollment.controller" />
	<context:component-scan base-package="pl.benq.enrollment.utils.validation" />
	
	<mvc:annotation-driven />
	<bean id="viewResolver"
		class="org.springframework.web.servlet.view.UrlBasedViewResolver">
		<property name="viewClass"
			value="org.springframework.web.servlet.view.JstlView" />
		<property name="prefix" value="/WEB-INF/jsp/" />
		<property name="suffix" value=".jsp" />
	</bean>
	<bean id="messageSource"
		class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
		<property name="basename" value="classpath:message.properties" />
	</bean>

	<mvc:resources location="/WEB-INF/css/" mapping="/css/**" />
	<mvc:resources location="/WEB-INF/js/" mapping="/js/**" />
	<mvc:view-controller path="/login.html" view-name="login/login-form" />
	<security:global-method-security pre-post-annotations="enabled">
		<security:expression-handler ref="expressionHandler"/> 
	</security:global-method-security>

</beans>

<?xml version="1.0" encoding="UTF-8"?>


<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:p="http://www.springframework.org/schema/p" xmlns:security="http://www.springframework.org/schema/security"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
		http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">

	<bean id="aclCache"
		class="org.springframework.security.acls.domain.EhCacheBasedAclCache">
		<constructor-arg>
			<bean class="org.springframework.cache.ehcache.EhCacheFactoryBean">
				<property name="cacheManager">
					<bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean" />
				</property>
				<property name="cacheName" value="aclCache" />
			</bean>
		</constructor-arg>
		<constructor-arg>
			<bean
				class="org.springframework.security.acls.domain.DefaultPermissionGrantingStrategy">
				<constructor-arg ref="auditLogger" />
			</bean>
		</constructor-arg>
		<constructor-arg ref="authStrategy" />
	</bean>

	<bean id="authStrategy"
		class="org.springframework.security.acls.domain.AclAuthorizationStrategyImpl">
		<constructor-arg>
			<list>
				<ref bean="adminRole" />
				<ref bean="adminRole" />
				<ref bean="adminRole" />
			</list>
		</constructor-arg>
	</bean>

	<bean id="adminRole"
		class="org.springframework.security.core.authority.SimpleGrantedAuthority">
		<constructor-arg value="admin" />
	</bean>

	<bean id="auditLogger"
		class="org.springframework.security.acls.domain.ConsoleAuditLogger" />

	<bean id="lookupStrategy"
		class="org.springframework.security.acls.jdbc.BasicLookupStrategy">
		<constructor-arg ref="dataSource" />
		<constructor-arg ref="aclCache" />
		<constructor-arg ref="authStrategy" />
		<constructor-arg ref="auditLogger" />
	</bean>

	<bean id="aclService"
		class="org.springframework.security.acls.jdbc.JdbcMutableAclService">
		<constructor-arg ref="dataSource" />
		<constructor-arg ref="lookupStrategy" />
		<constructor-arg ref="aclCache" />
		<property name="classIdentityQuery"
			value="select currval(pg_get_serial_sequence('acl_class', 'id'))" />
		<property name="sidIdentityQuery"
			value="select currval(pg_get_serial_sequence('acl_sid', 'id'))" />
	</bean>

	<bean id="permissionEvaluator"
		class="org.springframework.security.acls.AclPermissionEvaluator">
		<constructor-arg ref="aclService" />
	</bean>

	<!-- Supports authorization based on expressions -->
	<bean id="expressionHandler"
			class="org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler">
		
		<property name="permissionEvaluator" ref="permissionEvaluator" />
		<property name="permissionCacheOptimizer">
			<bean class="org.springframework.security.acls.AclPermissionCacheOptimizer">
				<constructor-arg ref="aclService" />
			</bean>
		</property>
	</bean>
</beans>

@Override
	@PostFilter("hasPermission(filterObject,'read')")
	public Set<Enrollment> getEnrollments(){
		Set<Enrollment> enr = enrollmentRepository.findAll().stream().collect(Collectors.toSet());
		return enr;
//		Set<Enrollment> permEnr = new HashSet<Enrollment>();
//		for(Enrollment e:enr)
//			if(evaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), e, "READ"))
//				permEnr.add(e);
//		return permEnr;
	}

Jezeli wykonuje zakomentwany kod to wszystko dziala jak nalezy wiec pewnie problem lezy gdziesz w proxy?

@Edit Problemem bylo nie dopatrzenie a mianowicie <global ...> byl w servlet-context a metoda w serwisach.

@PostFilter - brak wywolania

1 użytkowników online, w tym zalogowanych: 0, gości: 1

Praca dla programistów

Forum dyskusyjne

Sprawy administracyjne

O nas

Skontaktuj się z nami