Class PolicyOverride
- java.lang.Object
-
- com.broadleafcommerce.data.tracking.core.policy.PolicyOverride
-
- All Implemented Interfaces:
org.springframework.core.Ordered
public class PolicyOverride extends Object implements org.springframework.core.Ordered
An alternative toPolicy
used to introduce, alter or remove policy configuration on one or more component methods. Usually declared as a bean in a Spring application context Configuration class and generally associated with a singleAspect
declaring component, although the latter is not a requirement. The aspect is responsible for declaring pointcuts that are responsible for catching calls to methods that should be protected with policy enforcement. The aspect delegates toPolicyAspectProcessor
, which is responsible for utilizing PolicyOverride instances to define policy enforcement configuration. In the absence of PolicyOverride, any applicablePolicy
annotations are leveraged.When enhancing (altering or removing) existing
Policy
annotated methods in the Broadleaf stack, it is not necessary to declare any aspect, asDefaultPolicyAspect
is already responsible for recognizing these fields. In this case, you may simply declare an instance ofPolicyOverride
with the desired change. Here's an example that alters policy configuration for a Policy annotated method inTrackableRepository
.@Bean
PolicyOverride saveOverride() { return new PolicyOverride("save.*") .withPermissionRoots(new String[] {"OTHER"}) .withOperationTypes(new OperationType[] {OperationType.UPDATE}) .withAspect(DefaultPolicyAspect.class); }When adding policy protection to a method in your own codebase (i.e. extending from Broadleaf), it is generally easiest to add the
Policy
annotation to your methods, which will automatically be picked up byDefaultPolicyAspect
.When adding policy protection to a method in the Broadleaf codebase (or Spring codebase) for which there is not already existing protection, it is necessary to declare an aspect and appropriate supporting
PolicyOverride
instances. SeeCrudPolicyAspect
as an example that catches calls to methods in Spring'sCrudRepository
. Also, reviewCrudPolicyConfiguration
for examples of the supportingPolicyOverride
instances declared against that aspect.PolicyOverride
instances are alsoOrdered
. The first matching override in the ordered list is the one to be used. This means it is easy to replace the behavior introduced by a PolicyOverride instance in the Broadleaf codebase with a different/custom PolicyOverride instance matching on the same method with a higher precedence ordering.- Author:
- Jeff Fischer
-
-
Constructor Summary
Constructors Constructor Description PolicyOverride(Method position)
PolicyOverride(String positionRegex)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected boolean
canEqual(Object other)
boolean
equals(Object o)
Class<?>
getAspect()
Optional parameter used to differentiate which aspect this override should apply against in thePolicyAspectProcessor
.IdentityType[]
getIdentityTypes()
OperationType[]
getOperationTypes()
int
getOrder()
String
getOwnerIdentifier()
int
getOwnerIdentifierParam()
int
getParam()
SeePolicy.param()
.PermissionMatchingStrategy
getPermissionMatchingStrategy()
String[]
getPermissionRoots()
Method
getPosition()
Matches against a specific method name and params encountered via an aspect pointcut.Pattern
getPositionPattern()
Matches against a specific method name encountered via an aspect pointcut.String
getPositionRegex()
Regex string for matching target method.int
hashCode()
boolean
isRemoveTarget()
Whether or not existing policy enforcement configuration at the target method should be removed.PolicyOverride
withAspect(Class<?> aspect)
PolicyOverride
withIdentityTypes(IdentityType[] identityTypes)
PolicyOverride
withOperationTypes(OperationType[] operationTypes)
PolicyOverride
withParam(int param)
PolicyOverride
withPermissionMatchingStrategy(PermissionMatchingStrategy permissionMatchingStrategy)
PolicyOverride
withPermissionRoots(String[] permissionRoots)
PolicyOverride
withRemoveTarget(boolean removeTarget)
-
-
-
Method Detail
-
getOrder
public int getOrder()
- Specified by:
getOrder
in interfaceorg.springframework.core.Ordered
-
withAspect
public PolicyOverride withAspect(Class<?> aspect)
-
withParam
public PolicyOverride withParam(int param)
-
withPermissionRoots
public PolicyOverride withPermissionRoots(String[] permissionRoots)
-
withOperationTypes
public PolicyOverride withOperationTypes(OperationType[] operationTypes)
-
withIdentityTypes
public PolicyOverride withIdentityTypes(IdentityType[] identityTypes)
-
withRemoveTarget
public PolicyOverride withRemoveTarget(boolean removeTarget)
-
withPermissionMatchingStrategy
public PolicyOverride withPermissionMatchingStrategy(PermissionMatchingStrategy permissionMatchingStrategy)
-
canEqual
protected boolean canEqual(Object other)
-
getPosition
public Method getPosition()
Matches against a specific method name and params encountered via an aspect pointcut. This field is primarily used to differentiate between multiple methods in a component sharing the same name.- Returns:
- Matches against a specific method name and params encountered via an aspect pointcut
-
getPositionPattern
public Pattern getPositionPattern()
Matches against a specific method name encountered via an aspect pointcut. This field is primarily used when method name alone can be used to differentiate between multiple methods in a component.- Returns:
- Matches against a specific method name encountered via an aspect pointcut
-
getAspect
public Class<?> getAspect()
Optional parameter used to differentiate which aspect this override should apply against in thePolicyAspectProcessor
. If null, this override will apply against all method pointcuts passed into PolicyAspectProcessor, regardless of the originating aspect. However, this may result in wasted regex computation for inapplicable aspects, so this field is generally set as a performance optimization.- Returns:
- parameter used to differentiate which aspect this override should apply against
-
getParam
public int getParam()
SeePolicy.param()
. Default is -1.- Returns:
- See
Policy.param()
. Default is -1.
-
getOwnerIdentifierParam
public int getOwnerIdentifierParam()
SeePolicy.ownerIdentifierParam()
. Default is -1.- Returns:
- See
Policy.ownerIdentifierParam()
. Default is -1.
-
getPermissionRoots
public String[] getPermissionRoots()
SeePolicy.permissionRoots()
. Default is empty array.- Returns:
- See
Policy.permissionRoots()
. Default is empty array.
-
getPermissionMatchingStrategy
public PermissionMatchingStrategy getPermissionMatchingStrategy()
SeePolicy.permissionMatchingStrategy()
. Deafult isMatchingStrategy#ANY
-
getOperationTypes
public OperationType[] getOperationTypes()
SeePolicy.operationTypes()
. Default isOperationType.UNKNOWN
.- Returns:
- See
Policy.operationTypes()
. Default isOperationType.UNKNOWN
.
-
getIdentityTypes
public IdentityType[] getIdentityTypes()
SeePolicy.identityTypes()
. Default isIdentityType.UNKNOWN
.- Returns:
- See
Policy.identityTypes()
. Default isIdentityType.UNKNOWN
.
-
getOwnerIdentifier
public String getOwnerIdentifier()
SeePolicy.ownerIdentifier()
. Default isPolicyUtils.DEFAULT_AUTH_DETAILS_OWNER_ID
- Returns:
- See
Policy.ownerIdentifier()
. Default isPolicyUtils.DEFAULT_AUTH_DETAILS_OWNER_ID
- See Also:
DefaultTrackablePolicyUtils.getAuthDetailsOwnerIdentifier()
-
isRemoveTarget
public boolean isRemoveTarget()
Whether or not existing policy enforcement configuration at the target method should be removed.- Returns:
- Whether or not existing policy enforcement configuration at the target method should be removed
-
getPositionRegex
public String getPositionRegex()
Regex string for matching target method. SeepositionPattern
.- Returns:
- Regex string for matching target method. See
positionPattern
.
-
-