Secured event handler method invoked twice [DATAREST-582]

[spring-projects-issues]

Endre Czirbesz opened DATAREST-582 and commented

If I annotate my event handler methods with a Pre/Post annotation, it is added to the handlerMethods(…) twice, and as a consequence invoked twice.
I suppose this is not the intended behavior.

@Slf4j
@RepositoryEventHandler(User.class)
public class UserEventHandler {

    @HandleBeforeCreate
    @PreAuthorize("hasRole('ROLE_ADMIN'))
    public void handleNewUser(User newUser) {
        log.debug("Handle user {}", newUser);
       // processing here
    }
}

The two handlers in the map (package names removed) are

EventHandlerMethod{ 
    targetType=class User, 
    method=public final void  UserEventHandler$$EnhancerBySpringCGLIB$$a9872696.handleNewUser(User), 
    handler=UserEventHandler@77e9dca8 
}

and

EventHandlerMethod{ 
    targetType=class User, 
    method=public void UserEventHandler.handleNewUser(User), 
    handler=UserEventHandler@77e9dca8 
}

The EnhancerBySpringCGLIB version is not in the map when @PreAuthorize is removed

---

Affects: 2.3 GA (Fowler)

Backported to: 2.3.1 (Fowler SR1)

[spring-projects-issues]

Oliver Drotbohm commented

This should be fixed. We now make sure we only inspect the user class for handler methods