com.broadleafcommerce.auth.security.service.DefaultSecurityService

public class DefaultSecurityService extends Object implements SecurityService

Default implementation of the security service that utilizes the security context and various repositories in order to assess the user's privileges.

Constructor Details
- DefaultSecurityService
  
  public DefaultSecurityService(PermissionRepository permissionRepository, ScopeRepository scopeRepository)
Method Details
- checkScopes
  
  public Set<String> checkScopes(Set<String> requestedScopes)
  
  Description copied from interface: SecurityService
  
  Returns the sub-set of requested scopes that the user is permitted to access. This method is used within the SecurityServiceOAuth2RequestFactory to check that the requested scopes are accessible for the current user. If none of the requested scopes are accessible, this will return an empty set.
  
  Specified by:
  
  checkScopes in interface SecurityService
  
  Parameters:
  
  requestedScopes - the set of requested scopes
  
  Returns:
  
  a sub-set of the requested scopes
- extractPermissions
  
  public Set<String> extractPermissions(Set<String> scopes)
  
  Description copied from interface: SecurityService
  
  Returns the set of permissions the user has for the given scopes. This method is used within the SecurityServiceAccessTokenConverter to extract the set of permissions the user has for the requested scopes.
  
  Specified by:
  
  extractPermissions in interface SecurityService
  
  Parameters:
  
  scopes - the scopes
  
  Returns:
  
  a set of permissions
- setSecurityContextAccessor
  
  public void setSecurityContextAccessor(org.springframework.security.oauth2.provider.SecurityContextAccessor securityContextAccessor)

Class DefaultSecurityService

Constructor Summary