Closed EmmanuelDemey closed 6 days ago
Api proposal for Rbac :
@Test void givenTheRoleShouldGrantPrivilege(){ //GIVEN var roles=List.of("A_ROLE"); //WHEN AccessPrivileges accessPrivileges = rbacService.computeRbac(roles); // THEN assertThat(accessPrivileges.isGranted(update).on(serie).withId("s1279")).isTrue(); }
which should give for controlers : @PreAuthorize("canUpdateSerie(#seriesId)")
@PreAuthorize("canUpdateSerie(#seriesId)")
whose implementation (in class SecurityExpressionRootForBauhaus) would be :
public boolean canUpdateSerie(String serieId){ return getAccessPrivileges(getStamp()).isGranted(update).on(serie).withId(serieId); }
commit #7366332f196accb4ad372564396c5e0388eeb5cc make a proposal for internal implementation from configuration maps deserialized from rbac.yaml
Api proposal for Rbac :
which should give for controlers :
@PreAuthorize("canUpdateSerie(#seriesId)")
whose implementation (in class SecurityExpressionRootForBauhaus) would be :