SecurityAnnotationBeanPostProcessor

public class SecurityAnnotationBeanPostProcessor implements BeanPostProcessor

A BeanPostProcessor used by Motech to load permissions from modules. Given a module context, it looks for PreAuthorize and PostAuthorize annotations. These annotations are then parsed using an ExpressionParser. The permission names are deduced from hasRole and hasAnyRole in the annotation value. The names of permissions are then saved using the MotechPermissionService. The bundle name used to construct the permission is retrieved from the application context.

Constructors

SecurityAnnotationBeanPostProcessor

public SecurityAnnotationBeanPostProcessor(MotechPermissionService permissionService)

Methods

postProcessAfterInitialization

public Object postProcessAfterInitialization(Object bean, String beanName)

Searches for org.springframework.security.access.prepost.PreAuthorize and org.springframework.security.access.prepost.PostAuthorize annotations representing permissions and parses them. Parsed annotations are used to find permissions. After that those permissions are added to org.motechproject.security.service.MotechPermissionService

Parameters:

• bean – to be processed
• beanName – name of the bean

Returns:

processed bean

postProcessBeforeInitialization

public Object postProcessBeforeInitialization(Object bean, String beanName)

processAnnotations

public void processAnnotations(ApplicationContext applicationContext)

Processes security annotations from bundles using postProcessAfterInitialization(Object,String) method

Parameters:

• applicationContext – bundle context used to look for annotations