@PostAuthorize("hasPermission(#object,'read')") String postHasPermission(String object);
@Override @PostAuthorize("returnObject?.contains(authentication?.name)") public Flux<String> fluxPostAuthorizeFindById( long id) { return delegate.fluxPostAuthorizeFindById(id); }
@Override @PostAuthorize("returnObject?.contains(authentication?.name)") public Mono<String> monoPostAuthorizeFindById( long id) { return delegate.monoPostAuthorizeFindById(id); }
@Override @PostAuthorize("@authz.check(authentication, returnObject)") public Publisher<String> publisherPostAuthorizeBeanFindById( long id) { return delegate.publisherPostAuthorizeBeanFindById(id); } }
@Override @PostAuthorize("returnObject?.contains(authentication?.name)") public Publisher<String> publisherPostAuthorizeFindById( long id) { return delegate.publisherPostAuthorizeFindById(id); }
@Override @PostAuthorize("@authz.check(authentication, returnObject)") public Mono<String> monoPostAuthorizeBeanFindById( long id) { return delegate.monoPostAuthorizeBeanFindById(id); }
@Override @PostAuthorize("@authz.check(authentication, returnObject)") public Flux<String> fluxPostAuthorizeBeanFindById( long id) { return delegate.fluxPostAuthorizeBeanFindById(id); }
@PostAuthorize("#o?.contains('grant')") String postAnnotation(@P("o") String object); }
@PreAuthorize("someExpression") @PreFilter(filterTarget = "param", value = "somePreFilterExpression") @PostFilter("somePostFilterExpression") @PostAuthorize("somePostAuthorizeExpression") public List<?> doSomething(List<?> param) { return param; } }
@PreAuthorize("#id<10 and principal.username.equals(#username) and #user.username.equals('abc')") @PostAuthorize("returnObject%2==0") @RequestMapping("/grep") public Integer test(Integer id, String username, UserEntity user) { // ... return id; }
/** * Creates a new user page with the supplied pageName and pageLayoutCode * * @param pageName the name of the new page * @param pageLayoutCode the page layout code * @return the new Page object */ @PostAuthorize("hasPermission(returnObject, 'create')") Page addNewUserPage(String pageName, String pageLayoutCode);
/** * Gets the RegionWidget with the specified ID. * * @param regionWidgetId The ID of the RegionWidget to fetch. * @return The RegionWidget or null if not found. */ @PostAuthorize("hasPermission(returnObject, 'read')") RegionWidget getRegionWidget(String regionWidgetId);
/** * Gets the detailed metadata for a widget * * @param id the Id of the widget * @return a valid widget if one exists for the given id; null otherwise */ @PostAuthorize("returnObject == null or hasPermission(returnObject, 'read')") Widget getWidget(String id);
/** * Persists a new {@link Widget} if it is not already present in the store * * @param widget new Widget to store * @return Widget if it is new and can be stored */ @PostAuthorize("hasPermission(returnObject, 'create')") Widget registerNewWidget(Widget widget);
/** * Creates a new Category object * @param text the category text value * @param createdUser the user creating this category * @return a Category object representing the new entity */ @PostAuthorize("hasPermission(returnObject, 'create')") Category create(String text, User createdUser);
/** * Gets the profile page for the given user. * * @deprecated method is deprecated in favor of getPages("profile", userId); * * @param userId The user to retrieve the page for. * @return The profile page */ @Deprecated @PostAuthorize("returnObject == null or hasPermission(returnObject, 'read')") Page getPersonProfilePage(String userId);
@Override @Transactional(readOnly = true) @PostAuthorize("returnObject==null or hasRole('ADMINISTRATOR') or hasPermission(#returnObject.objectIdIdentity, #returnObject.aclClass.aclClass, 'READ')") public AclObjectIdentity getObjectIdentity(final long id) { return aclObjectIdentityPersistence.findOne(id); }
@PreAuthorize("hasRole('USER')") @PostAuthorize("returnObject.username == principal.username") Contact getContact(int contactId) { return jdbcTemplate.queryForObject("SELECT * FROM contacts WHERE id = ?", new Object[]{contactId}, (rs, rowNum) -> createContact(rs)); }
@ApiOperation(value="获取当前用户") @PostAuthorize("hasRole('ROLE_USER')") @RequestMapping(value = "/current",method = RequestMethod.GET) public JsonResult<User> getCurrentUser(HttpServletRequest request) { return userService.getCurrentUser(request); } }
@PostAuthorize("hasRole('PERMISSION_ALL_ORDER')") @Transactional public List<Order> getAllOrders() { final CriteriaBuilder builder = this.em.getCriteriaBuilder(); final CriteriaQuery criteria = builder.createQuery(Order.class); Root order = criteria.from(OrderImpl.class); criteria.select(order); TypedQuery query = this.em.createQuery(criteria); query.setHint("org.hibernate.cacheable", Boolean.valueOf(true)); query.setHint("org.hibernate.cacheRegion", "query.Order"); return query.getResultList(); }