use of org.springframework.security.core.annotation.AuthenticationPrincipal in project ma-modules-public by infiniteautomation.
the class DataPointRestController method getBulkDataPointOperations.
@ApiOperation(value = "Get a list of current bulk data point operations", notes = "User can only get their own bulk data point operations unless they are an admin")
@RequestMapping(method = RequestMethod.GET, value = "/bulk")
public MappingJacksonValue getBulkDataPointOperations(@AuthenticationPrincipal User user, HttpServletRequest request) {
List<TemporaryResource<DataPointBulkResponse, AbstractRestV2Exception>> preFiltered = this.bulkResourceManager.list().stream().filter((tr) -> user.isAdmin() || user.getId() == tr.getUserId()).collect(Collectors.toList());
List<TemporaryResource<DataPointBulkResponse, AbstractRestV2Exception>> results = preFiltered;
ASTNode query = BaseMangoRestController.parseRQLtoAST(request.getQueryString());
if (query != null) {
results = query.accept(new RQLToObjectListQuery<TemporaryResource<DataPointBulkResponse, AbstractRestV2Exception>>(), preFiltered);
}
PageQueryResultModel<TemporaryResource<DataPointBulkResponse, AbstractRestV2Exception>> result = new PageQueryResultModel<>(results, preFiltered.size());
// hide result property by setting a view
MappingJacksonValue resultWithView = new MappingJacksonValue(result);
resultWithView.setSerializationView(Object.class);
return resultWithView;
}
use of org.springframework.security.core.annotation.AuthenticationPrincipal in project spring-security by spring-projects.
the class AuthenticationPrincipalArgumentResolver method resolveArgument.
@Override
public Object resolveArgument(MethodParameter parameter, ModelAndViewContainer mavContainer, NativeWebRequest webRequest, WebDataBinderFactory binderFactory) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null) {
return null;
}
Object principal = authentication.getPrincipal();
AuthenticationPrincipal annotation = findMethodAnnotation(AuthenticationPrincipal.class, parameter);
String expressionToParse = annotation.expression();
if (StringUtils.hasLength(expressionToParse)) {
StandardEvaluationContext context = new StandardEvaluationContext();
context.setRootObject(principal);
context.setVariable("this", principal);
context.setBeanResolver(this.beanResolver);
Expression expression = this.parser.parseExpression(expressionToParse);
principal = expression.getValue(context);
}
if (principal != null && !ClassUtils.isAssignable(parameter.getParameterType(), principal.getClass())) {
if (annotation.errorOnInvalidType()) {
throw new ClassCastException(principal + " is not assignable to " + parameter.getParameterType());
}
return null;
}
return principal;
}
use of org.springframework.security.core.annotation.AuthenticationPrincipal in project spring-security by spring-projects.
the class AuthenticationPrincipalArgumentResolver method resolvePrincipal.
private Object resolvePrincipal(MethodParameter parameter, Object principal) {
AuthenticationPrincipal annotation = findMethodAnnotation(AuthenticationPrincipal.class, parameter);
String expressionToParse = annotation.expression();
if (StringUtils.hasLength(expressionToParse)) {
StandardEvaluationContext context = new StandardEvaluationContext();
context.setRootObject(principal);
context.setVariable("this", principal);
context.setBeanResolver(this.beanResolver);
Expression expression = this.parser.parseExpression(expressionToParse);
principal = expression.getValue(context);
}
if (isInvalidType(parameter, principal)) {
if (annotation.errorOnInvalidType()) {
throw new ClassCastException(principal + " is not assignable to " + parameter.getParameterType());
}
return null;
}
return principal;
}
use of org.springframework.security.core.annotation.AuthenticationPrincipal in project spring-security by spring-projects.
the class AuthenticationPrincipalArgumentResolver method resolveArgument.
@Override
public Object resolveArgument(MethodParameter parameter, Message<?> message) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null) {
return null;
}
Object principal = authentication.getPrincipal();
AuthenticationPrincipal authPrincipal = findMethodAnnotation(AuthenticationPrincipal.class, parameter);
String expressionToParse = authPrincipal.expression();
if (StringUtils.hasLength(expressionToParse)) {
StandardEvaluationContext context = new StandardEvaluationContext();
context.setRootObject(principal);
context.setVariable("this", principal);
Expression expression = this.parser.parseExpression(expressionToParse);
principal = expression.getValue(context);
}
if (principal != null && !ClassUtils.isAssignable(parameter.getParameterType(), principal.getClass())) {
if (authPrincipal.errorOnInvalidType()) {
throw new ClassCastException(principal + " is not assignable to " + parameter.getParameterType());
}
return null;
}
return principal;
}
use of org.springframework.security.core.annotation.AuthenticationPrincipal in project ma-modules-public by infiniteautomation.
the class DataPointTagsRestController method getBulkDataPointTagOperations.
@ApiOperation(value = "Get a list of current bulk tag operations", notes = "User can only get their own bulk tag operations unless they are an admin")
@RequestMapping(method = RequestMethod.GET, value = "/bulk")
public MappingJacksonValue getBulkDataPointTagOperations(@AuthenticationPrincipal User user, HttpServletRequest request) {
List<TemporaryResource<TagBulkResponse, AbstractRestV2Exception>> preFiltered = this.bulkResourceManager.list().stream().filter((tr) -> user.isAdmin() || user.getId() == tr.getUserId()).collect(Collectors.toList());
List<TemporaryResource<TagBulkResponse, AbstractRestV2Exception>> results = preFiltered;
ASTNode query = BaseMangoRestController.parseRQLtoAST(request.getQueryString());
if (query != null) {
results = query.accept(new RQLToObjectListQuery<TemporaryResource<TagBulkResponse, AbstractRestV2Exception>>(), preFiltered);
}
PageQueryResultModel<TemporaryResource<TagBulkResponse, AbstractRestV2Exception>> result = new PageQueryResultModel<>(results, preFiltered.size());
// hide result property by setting a view
MappingJacksonValue resultWithView = new MappingJacksonValue(result);
resultWithView.setSerializationView(Object.class);
return resultWithView;
}
Aggregations