Issue #24: Füge Annotationen und Spring-AOP Aspect zum Absichern von Methodenaufrufen hinzu

2025-07-03 09:42:54 +00:00 · 2023-04-06 14:42:35 +02:00
parent dfbcf3186e
commit e0dba6f4ee
7 changed files with 125 additions and 9 deletions
--- a/src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java
+++ b/src/main/java/DNPM/security/PersonPoolBasedPermissionEvaluator.java
@ -6,6 +6,7 @@ import org.springframework.jdbc.core.JdbcTemplate;
 import org.springframework.security.access.PermissionEvaluator;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.stereotype.Component;

 import javax.sql.DataSource;
 import java.io.Serializable;
@ -14,6 +15,7 @@ import java.util.List;
 /**
 * Permission-Evaluator zur Auswertung der Berechtigung auf Objekte aufgrund der Personenstammberechtigung
 */
+@Component
 public class PersonPoolBasedPermissionEvaluator implements PermissionEvaluator {

    private final JdbcTemplate jdbcTemplate;
@ -71,7 +73,7 @@ public class PersonPoolBasedPermissionEvaluator implements PermissionEvaluator {
        var userDetails = (UserDetails)authentication.getPrincipal();

        return jdbcTemplate
-                .query(sql, new Object[]{userDetails.getUsername()}, (rs, rowNum) -> rs.getString("id"));
+                .query(sql, new Object[]{userDetails.getUsername()}, (rs, rowNum) -> rs.getString("kennung"));
    }