0

I have a controller and thymeleaf template. Both contain restrictions on the Spring Security roles. I don't like the fact that I write these roles in two places. Can I write an array of roles in one revenge and use it? I tried to do through enum like

@RolesAllowed(ALLOWED_ROLES)

and

public static final String[] ALLOWED_ROLES = {Role.ADMIN.toString(), Role.EDITOR.toString()};

, but the compiler wants a constant (Use Enum type as a value parameter for @RolesAllowed-Annotation). Is there some nice solution to describe the allowed roles in one place?

Controller:

@Controller
@RolesAllowed({"ROLE_ADMIN", "ROLE_EDITOR"})
public class MenuEditorController {
    ...
}

Thymeleaf:

<ul th:fragment = "nav-default">
    <li><a th:href="@{/}">Home</a></li>
    <li sec:authorize="hasAnyRole('ROLE_ADMIN', 'ROLE_EDITOR')"><a th:href="@{/admin/menu}">menu editor</a></li>
</ul>

Role Enum:

public enum Role implements GrantedAuthority {
    ADMIN,
    EDITOR,
    CONSULTANT,
    CLIENT;

    @Override
    public String getAuthority() {
        return "ROLE_" + name();
    }
}
Константин Зубрилин
  • 13
  • 5

1 Answers1

0

Using static variables in Spring annotations

Multiple roles using @PreAuthorize

How to use constant for Spring Security hasRole

@Controller
//@PreAuthorize("hasAnyRole(T(ru.knastnt.prj.web.admin.MenuEditorController).ALLOWED_ROLES)")
@PreAuthorize("hasAnyRole(@menuEditorController.ALLOWED_ROLES)")
public class MenuEditorController {
    public static final String[] ALLOWED_ROLES = {Role.ADMIN.toString(), Role.EDITOR.toString()};
    ...

<ul th:fragment = "nav-default">
    <li sec:authorize="hasAnyRole(@menuEditorController.ALLOWED_ROLES)"><a th:href="@{/admin/menu}">menu editor</a></li>
</ul>
Константин Зубрилин
  • 13
  • 5