Package org.craftercms.studio.impl.v2.utils.spring.security.messaging

Class StudioMessageSecurityExpressionRoot

java.lang.Object
org.springframework.security.access.expression.SecurityExpressionRoot
org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot
org.craftercms.studio.impl.v2.utils.spring.security.messaging.StudioMessageSecurityExpressionRoot
All Implemented Interfaces:
org.springframework.security.access.expression.SecurityExpressionOperations
public class StudioMessageSecurityExpressionRoot extends org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot
Extension of MessageSecurityExpressionRoot that adds Studio specific security expressions.
Since:
4.0.0
Author:
joseross

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    protected final SecurityService
    securityService
     

    Fields inherited from class org.springframework.security.messaging.access.expression.MessageSecurityExpressionRoot

    message

    Fields inherited from class org.springframework.security.access.expression.SecurityExpressionRoot

    admin, create, delete, denyAll, permitAll, read, write

  • Constructor Summary

    Constructors
    Constructor
    Description
    StudioMessageSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, org.springframework.messaging.Message<?> message, SecurityService securityService)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    boolean
    isSiteMember(String siteId)
    Checks if the current user belongs to any group in the given site
    boolean
    isSystemAdmin()
    Checks if the current user has the system_admin role

    Methods inherited from class org.springframework.security.access.expression.SecurityExpressionRoot

    denyAll, getAuthentication, getPrincipal, hasAnyAuthority, hasAnyRole, hasAuthority, hasPermission, hasPermission, hasRole, isAnonymous, isAuthenticated, isFullyAuthenticated, isRememberMe, permitAll, setDefaultRolePrefix, setPermissionEvaluator, setRoleHierarchy, setTrustResolver

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • StudioMessageSecurityExpressionRoot

      public StudioMessageSecurityExpressionRoot(org.springframework.security.core.Authentication authentication, org.springframework.messaging.Message<?> message, SecurityService securityService)

  • Method Details

    • isSystemAdmin

      public boolean isSystemAdmin()
      Checks if the current user has the system_admin role

    • isSiteMember

      public boolean isSiteMember(String siteId)
      Checks if the current user belongs to any group in the given site
      Parameters:
      siteId - the id of the site to check