Class PrivilegeSummary
DefaultOAuth2UserDetailsService
and PrivilegeService
to
hold all the authorities, restrictions, and restricted authorities of a User
.-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
boolean
All the authorities for the current authentication.All of the restricted authorities for the current authentication.All of theUser.getRestrictions()
for the current authentication.int
hashCode()
void
setAllAuthorities
(Set<String> allAuthorities) All the authorities for the current authentication.void
All of the restricted authorities for the current authentication.void
setRestrictions
(Map<String, Set<String>> restrictions) All of theUser.getRestrictions()
for the current authentication.toString()
-
Constructor Details
-
PrivilegeSummary
-
-
Method Details
-
getAllAuthorities
All the authorities for the current authentication. This includes authorities fromuser's
flat permissions, flat roles and their ancestors, restricted roles and their ancestors, and restricted permissions. This also includes authorities fromserver's
flat permissions, and flat roles and their ancestors.Ultimately, if the authentication was granted an authority anywhere, within restriction(s) or otherwise, it should appear in this set.
-
getRestrictions
All of theUser.getRestrictions()
for the current authentication.This is a map from restriction types to restriction targets.
An empty map indicates the user is unrestricted.
-
getRestrictedAuthorities
All of the restricted authorities for the current authentication.This is a map from authority name to a map of restriction types to targets in which the authority is granted to the authentication. For example: {READ_PRODUCT: {VENDOR: [vendorA]}}.
This includes authorities from
restricted permissions
andrestricted roles and their ancestors
.Additionally, the
User.getRestrictions()
are combined with "flat permissions" sourced from the following places to also form entries in this map:User.getPermissions()
User.getRoles()
and their ancestorsAuthorizationServer.getDefaultUserPermissions()
AuthorizationServer.getDefaultUserRoles()
and their ancestors
-
setAllAuthorities
All the authorities for the current authentication. This includes authorities fromuser's
flat permissions, flat roles and their ancestors, restricted roles and their ancestors, and restricted permissions. This also includes authorities fromserver's
flat permissions, and flat roles and their ancestors.Ultimately, if the authentication was granted an authority anywhere, within restriction(s) or otherwise, it should appear in this set.
-
setRestrictions
All of theUser.getRestrictions()
for the current authentication.This is a map from restriction types to restriction targets.
An empty map indicates the user is unrestricted.
-
setRestrictedAuthorities
All of the restricted authorities for the current authentication.This is a map from authority name to a map of restriction types to targets in which the authority is granted to the authentication. For example: {READ_PRODUCT: {VENDOR: [vendorA]}}.
This includes authorities from
restricted permissions
andrestricted roles and their ancestors
.Additionally, the
User.getRestrictions()
are combined with "flat permissions" sourced from the following places to also form entries in this map:User.getPermissions()
User.getRoles()
and their ancestorsAuthorizationServer.getDefaultUserPermissions()
AuthorizationServer.getDefaultUserRoles()
and their ancestors
-
equals
-
canEqual
-
hashCode
public int hashCode() -
toString
-