欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

spring security默认访问权限判定源码

程序员文章站 2024-03-19 15:28:34
...

AffirmativeBased

org.springframework.security.access.vote.AffirmativeBased

public class AffirmativeBased extends AbstractAccessDecisionManager {
	/**
	 * @param authentication 调用方认证信息
	 * @param object 被调用的收保护的对象(方法)
	 * @param configAttributes 对象相关的访问控制配置属性
	 *
	 * @throws AccessDeniedException 拒绝访问时抛出此异常
	 */
	public void decide(Authentication authentication, Object object,
			Collection<ConfigAttribute> configAttributes) throws AccessDeniedException {
		int deny = 0;

		for (AccessDecisionVoter voter : getDecisionVoters()) {
			int result = voter.vote(authentication, object, configAttributes);

			if (logger.isDebugEnabled()) {
				logger.debug("Voter: " + voter + ", returned: " + result);
			}

			switch (result) {
			case AccessDecisionVoter.ACCESS_GRANTED:
				return;

			case AccessDecisionVoter.ACCESS_DENIED:
				deny++;

				break;

			default:
				break;
			}
		}

		if (deny > 0) {
			throw new AccessDeniedException(messages.getMessage(
					"AbstractAccessDecisionManager.accessDenied", "Access is denied"));
		}

		checkAllowIfAllAbstainDecisions();
	}
}