Add AllRequiredFactorsAuthorizationManager.anyOf#18997
Add AllRequiredFactorsAuthorizationManager.anyOf#18997rwinch merged 2 commits intospring-projects:mainfrom
Conversation
spring-projects-issues
added
the
status: waiting-for-triage
rwinch
added
in: core
ziqin
left a comment
ziqin
left a comment
There was a problem hiding this comment.
It is worth consideration whether we should deduplicate errors caused by RequiredFactors sharing the same authority but having different validDurations.
| /** | ||
| * Creates an {@link AuthorizationManager} that grants access if at least one | ||
| * {@link AllRequiredFactorsAuthorizationManager} granted, collects | ||
| * {@link RequiredFactorError}s omitting duplicate errors of the same factor. | ||
| * @param <T> the type of object that is being authorized | ||
| * @param managers the {@link AllRequiredFactorsAuthorizationManager}s to use | ||
| * @return the {@link AuthorizationManager} to use | ||
| * @since 7.1 | ||
| */ |
There was a problem hiding this comment.
Would you consider adding a @see tag in the Javadoc of AuthorizationManagers#anyOf(AuthorizationManager...) to remind users of the existence of this method?
I also thought about that, and it's a really valid point, let's wait what @rwinch thinks about it. |
Closes spring-projectsgh-18960 Signed-off-by: Evgeniy Cheban <mister.cheban@gmail.com>
- Add validation - Extract to static inner class - Uniqueness determined by Set rather than requiredFactor This is important for the failure with the same RequiredFactor, but a different reason - Add documentation Signed-off-by: Robert Winch <362503+rwinch@users.noreply.github.com>
|
Thanks for the contribution @evgeniycheban I've merged the PR along with some polish into main. In response to uniqueness by the requiredFactory, I did change this to be based upon the a |
4 participants
Closes gh-18960