I have a controller and thymeleaf template. Both contain restrictions on the Spring Security roles. I don't like the fact that I write these roles in two places. Can I write an array of roles in one revenge and use it? I tried to do through enum like
@RolesAllowed(ALLOWED_ROLES)
and
public static final String[] ALLOWED_ROLES = {Role.ADMIN.toString(), Role.EDITOR.toString()};
, but the compiler wants a constant (Use Enum type as a value parameter for @RolesAllowed-Annotation). Is there some nice solution to describe the allowed roles in one place?
Controller:
@Controller
@RolesAllowed({"ROLE_ADMIN", "ROLE_EDITOR"})
public class MenuEditorController {
...
}
Thymeleaf:
<ul th:fragment = "nav-default">
<li><a th:href="@{/}">Home</a></li>
<li sec:authorize="hasAnyRole('ROLE_ADMIN', 'ROLE_EDITOR')"><a th:href="@{/admin/menu}">menu editor</a></li>
</ul>
Role Enum:
public enum Role implements GrantedAuthority {
ADMIN,
EDITOR,
CONSULTANT,
CLIENT;
@Override
public String getAuthority() {
return "ROLE_" + name();
}
}
Using static variables in Spring annotations
Multiple roles using @PreAuthorize
How to use constant for Spring Security hasRole
@Controller
//@PreAuthorize("hasAnyRole(T(ru.knastnt.prj.web.admin.MenuEditorController).ALLOWED_ROLES)")
@PreAuthorize("hasAnyRole(@menuEditorController.ALLOWED_ROLES)")
public class MenuEditorController {
public static final String[] ALLOWED_ROLES = {Role.ADMIN.toString(), Role.EDITOR.toString()};
...
<ul th:fragment = "nav-default">
<li sec:authorize="hasAnyRole(@menuEditorController.ALLOWED_ROLES)"><a th:href="@{/admin/menu}">menu editor</a></li>
</ul>