Commit b89154be authored by Matija Obreza's avatar Matija Obreza

Fix: SecurityContextUtil should re-check context for `permissionEvaluator`

parent f1e08edb
......@@ -48,16 +48,26 @@ public class SecurityContextUtil {
// Context initialization
static {
updatePermissionEvaluator();
}
/**
* Try to obtain permissionEvaluator bean from context
* @return true if obtained, false if not obtained.
*/
private static synchronized boolean updatePermissionEvaluator() {
ApplicationContext context = CurrentApplicationContext.getContext();
if (context != null) {
try {
permissionEvaluator = context.getBean(PermissionEvaluator.class);
return true;
} catch (BeansException e) {
LOG.warn("Could not find PermissionEvaluator instance in your context");
}
} else {
LOG.warn("You should initialize a bean instance of org.genesys.blocks.util.CurrentApplicationContext in your context");
}
return false;
}
/**
......@@ -146,8 +156,11 @@ public class SecurityContextUtil {
*/
public static boolean hasPermission(Object targetDomainObject, Object permission) {
if (permissionEvaluator == null) {
LOG.warn("permissionEvaluator not available. No permissions.");
return false;
LOG.info("permissionEvaluator not available. Checking context again");
if (! updatePermissionEvaluator()) {
LOG.warn("permissionEvaluator not available. No permissions.");
return false;
}
}
final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
......@@ -167,8 +180,11 @@ public class SecurityContextUtil {
*/
public static boolean anyoneHasPermission(Object targetDomainObject, Object permission) {
if (permissionEvaluator == null) {
LOG.warn("permissionEvaluator not available. No permissions.");
return false;
LOG.info("permissionEvaluator not available. Checking context again");
if (! updatePermissionEvaluator()) {
LOG.warn("permissionEvaluator not available. No permissions.");
return false;
}
}
if (ANONYMOUS_AUTH != null) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment