Spring custom annotation

Question

Spring custom annotation

I read the spring security docs and found out that I can use the following annotation to check if the object had edit access to the user.

@PreAuthorize("hasPermission('USER_EDIT')") public String editUSer(User user);

What I would like to do is write my MyAutorizationCheck annotation and use it as shown below.

 @MyAuthorizationCheck(Application.USER_MANAGEMENT, AccessLevel.EDIT) public String editUSer(User user);

Where Application and AccessLevel are an enumeration.

 enum Application{ USER_MANAGEMENT, ORDER_MANAGEMENT } enum AccessLevel{ READ, CREATE, UPDATE, DELETE }

The handler of this annotation should be able to decide if the user has permission.

Any pointers on how to achieve this?

Thanks.

+1

spring security

Murali Aug 7 '13 at 7:26

source share

1 answer

Maksym demidas · Answer 1 · 2013-08-07T09:05:56+0000

This is not a direct answer to your question.

As a search tool, you can continue to use the built-in annotations:

 @PreAuthorize("hasPermission('USER_MANAGEMENT_READ')") @PreAuthorize("hasPermission('USER_MANAGEMENT_CREATE')") @PreAuthorize("hasPermission('USER_MANAGEMENT_UPDATE')") @PreAuthorize("hasPermission('USER_MANAGEMENT_DELETE')") @PreAuthorize("hasPermission('ORDER_MANAGEMENT_READ')") @PreAuthorize("hasPermission('ORDER_MANAGEMENT_CREATE')") @PreAuthorize("hasPermission('ORDER_MANAGEMENT_UPDATE')") @PreAuthorize("hasPermission('ORDER_MANAGEMENT_DELETE')")

Spring custom annotation

More articles: