Commit b89154be authored by Matija Obreza's avatar Matija Obreza

Fix: SecurityContextUtil should re-check context for `permissionEvaluator`

parent f1e08edb
...@@ -48,16 +48,26 @@ public class SecurityContextUtil { ...@@ -48,16 +48,26 @@ public class SecurityContextUtil {
// Context initialization // Context initialization
static { static {
updatePermissionEvaluator();
}
/**
* Try to obtain permissionEvaluator bean from context
* @return true if obtained, false if not obtained.
*/
private static synchronized boolean updatePermissionEvaluator() {
ApplicationContext context = CurrentApplicationContext.getContext(); ApplicationContext context = CurrentApplicationContext.getContext();
if (context != null) { if (context != null) {
try { try {
permissionEvaluator = context.getBean(PermissionEvaluator.class); permissionEvaluator = context.getBean(PermissionEvaluator.class);
return true;
} catch (BeansException e) { } catch (BeansException e) {
LOG.warn("Could not find PermissionEvaluator instance in your context"); LOG.warn("Could not find PermissionEvaluator instance in your context");
} }
} else { } else {
LOG.warn("You should initialize a bean instance of org.genesys.blocks.util.CurrentApplicationContext in your context"); LOG.warn("You should initialize a bean instance of org.genesys.blocks.util.CurrentApplicationContext in your context");
} }
return false;
} }
/** /**
...@@ -146,8 +156,11 @@ public class SecurityContextUtil { ...@@ -146,8 +156,11 @@ public class SecurityContextUtil {
*/ */
public static boolean hasPermission(Object targetDomainObject, Object permission) { public static boolean hasPermission(Object targetDomainObject, Object permission) {
if (permissionEvaluator == null) { if (permissionEvaluator == null) {
LOG.warn("permissionEvaluator not available. No permissions."); LOG.info("permissionEvaluator not available. Checking context again");
return false; if (! updatePermissionEvaluator()) {
LOG.warn("permissionEvaluator not available. No permissions.");
return false;
}
} }
final Authentication auth = SecurityContextHolder.getContext().getAuthentication(); final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
...@@ -167,8 +180,11 @@ public class SecurityContextUtil { ...@@ -167,8 +180,11 @@ public class SecurityContextUtil {
*/ */
public static boolean anyoneHasPermission(Object targetDomainObject, Object permission) { public static boolean anyoneHasPermission(Object targetDomainObject, Object permission) {
if (permissionEvaluator == null) { if (permissionEvaluator == null) {
LOG.warn("permissionEvaluator not available. No permissions."); LOG.info("permissionEvaluator not available. Checking context again");
return false; if (! updatePermissionEvaluator()) {
LOG.warn("permissionEvaluator not available. No permissions.");
return false;
}
} }
if (ANONYMOUS_AUTH != null) { if (ANONYMOUS_AUTH != null) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment