List of usage examples for org.springframework.security.acls.afterinvocation Filterer getFilteredObject
Object getFilteredObject();
From source file:org.springframework.security.acls.afterinvocation.AclEntryAfterInvocationCollectionFilteringProvider.java
@SuppressWarnings("unchecked") public Object decide(Authentication authentication, Object object, Collection<ConfigAttribute> config, Object returnedObject) throws AccessDeniedException { if (returnedObject == null) { logger.debug("Return object is null, skipping"); return null; }/*from w w w .ja v a 2s . c om*/ for (ConfigAttribute attr : config) { if (!this.supports(attr)) { continue; } // Need to process the Collection for this invocation Filterer filterer; if (returnedObject instanceof Collection) { filterer = new CollectionFilterer((Collection) returnedObject); } else if (returnedObject.getClass().isArray()) { filterer = new ArrayFilterer((Object[]) returnedObject); } else { throw new AuthorizationServiceException("A Collection or an array (or null) was required as the " + "returnedObject, but the returnedObject was: " + returnedObject); } // Locate unauthorised Collection elements for (Object domainObject : filterer) { // Ignore nulls or entries which aren't instances of the configured domain // object class if (domainObject == null || !getProcessDomainObjectClass().isAssignableFrom(domainObject.getClass())) { continue; } if (!hasPermission(authentication, domainObject)) { filterer.remove(domainObject); if (logger.isDebugEnabled()) { logger.debug("Principal is NOT authorised for element: " + domainObject); } } } return filterer.getFilteredObject(); } return returnedObject; }