问题
I'd like to add custom SpEL methods in Grails applciation, like it's done for plain Spring-Security application in this question, by overriding EvaluationContext. Will this work?
How do I plug global-method-security into security config? I can configure security, but what to add there? Something like
grails.plugins.springsecurity = {
'global-method-security' {
'expression-handler' {
ref("myMethodSecurityExpressionHandler")
}
}
}
? But what code will interpret it?
Looking into SpringSecurityCoreGrailsPlugin.groovy also gives me no insights.
回答1:
This is only available if you also have the spring-security-acl plugin installed. It configures the expressionHandler bean:
expressionHandler(DefaultMethodSecurityExpressionHandler) {
parameterNameDiscoverer = ref('parameterNameDiscoverer')
permissionEvaluator = ref('permissionEvaluator')
roleHierarchy = ref('roleHierarchy')
trustResolver = ref('authenticationTrustResolver')
}
So if you have your own subclass of DefaultMethodSecurityExpressionHandler you can replace the bean in resources.groovy like this:
import com.mycompany.myapp.MyMethodSecurityExpressionHandler
beans = {
expressionHandler(MyMethodSecurityExpressionHandler) {
parameterNameDiscoverer = ref('parameterNameDiscoverer')
permissionEvaluator = ref('permissionEvaluator')
roleHierarchy = ref('roleHierarchy')
trustResolver = ref('authenticationTrustResolver')
}
}
来源:https://stackoverflow.com/questions/12905090/extending-spel-with-own-methods-in-grails