Skip to content

Commit 44e142c

Browse files
committed
Interpolating roles with new roleInterpolationMap in Permissions.hasRole() implementation [breaking]
If you were using brackets ({}) in your roles, those will now be interpolated
1 parent a2b5e7f commit 44e142c

File tree

1 file changed

+24
-2
lines changed

1 file changed

+24
-2
lines changed

restx-core/src/main/java/restx/security/Permissions.java

Lines changed: 24 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,12 +4,16 @@
44

55
import java.util.Arrays;
66
import java.util.Map;
7+
import java.util.regex.Matcher;
8+
import java.util.regex.Pattern;
79

810
/**
911
* Provides a set of useful permissions, including the OPEN permission which is the only one that can allow access
1012
* to a resource without being authenticated.
1113
*/
1214
public class Permissions {
15+
private static final Pattern ROLE_PARAM_INTERPOLATOR_REGEX = Pattern.compile("\\{([^}]+)\\}");
16+
1317
private static final Permission OPEN = new Permission() {
1418
@Override
1519
public Optional<? extends Permission> has(RestxPrincipal principal, Map<String, String> roleInterpolationMap) {
@@ -58,8 +62,16 @@ public static Permission hasRole(final String role) {
5862

5963
@Override
6064
public Optional<? extends Permission> has(RestxPrincipal principal, Map<String, String> roleInterpolationMap) {
61-
return principal.getPrincipalRoles().contains(role) || principal.getPrincipalRoles().contains("*")
62-
? Optional.of(this) : Optional.<Permission>absent();
65+
if(principal.getPrincipalRoles().contains("*")) {
66+
return Optional.of(this);
67+
}
68+
69+
String interpolatedRole = interpolateRole(role, roleInterpolationMap);
70+
if(principal.getPrincipalRoles().contains(interpolatedRole)) {
71+
return Optional.of(this);
72+
}
73+
74+
return Optional.absent();
6375
}
6476

6577
@Override
@@ -69,6 +81,16 @@ public String toString() {
6981
};
7082
}
7183

84+
protected static String interpolateRole(String role, Map<String, String> roleInterpolationMap) {
85+
Matcher matcher = ROLE_PARAM_INTERPOLATOR_REGEX.matcher(role);
86+
StringBuffer interpolatedRole = new StringBuffer();
87+
while(matcher.find()){
88+
matcher.appendReplacement(interpolatedRole, roleInterpolationMap.get(matcher.group(1)));
89+
}
90+
matcher.appendTail(interpolatedRole);
91+
return interpolatedRole.toString();
92+
}
93+
7294
/**
7395
* A compound permission which is true if any of the underlying permissions is true
7496
*/

0 commit comments

Comments
 (0)