(window.webpackJsonp=window.webpackJsonp||[]).push([[624],{1055:function(e,t,a){"use strict";a.r(t);var n=a(56),s=Object(n.a)({},(function(){var e=this,t=e.$createElement,a=e._self._c||t;return a("ContentSlotsDistributor",{attrs:{"slot-key":e.$parent.slotKey}},[a("h1",{attrs:{id:"spring-数据集成"}},[a("a",{staticClass:"header-anchor",attrs:{href:"#spring-数据集成"}},[e._v("#")]),e._v(" Spring 数据集成")]),e._v(" "),a("p",[e._v("Spring 安全性提供了 Spring 数据集成，允许在查询中引用当前用户。将用户包括在查询中以支持分页结果不仅是有用的，而且是必要的，因为在此之后对结果进行过滤将不会扩展。")]),e._v(" "),a("h2",{attrs:{id:"spring-数据和-spring-安全配置"}},[a("a",{staticClass:"header-anchor",attrs:{href:"#spring-数据和-spring-安全配置"}},[e._v("#")]),e._v(" Spring 数据和 Spring 安全配置")]),e._v(" "),a("p",[e._v("要使用此支持，请添加"),a("code",[e._v("org.springframework.security:spring-security-data")]),e._v("依赖项，并提供"),a("code",[e._v("SecurityEvaluationContextExtension")]),e._v("类型的 Bean:")]),e._v(" "),a("p",[e._v("Java")]),e._v(" "),a("div",{staticClass:"language- extra-class"},[a("pre",{pre:!0,attrs:{class:"language-text"}},[a("code",[e._v("@Bean\npublic SecurityEvaluationContextExtension securityEvaluationContextExtension() {\n\treturn new SecurityEvaluationContextExtension();\n}\n")])])]),a("p",[e._v("Kotlin")]),e._v(" "),a("div",{staticClass:"language- extra-class"},[a("pre",{pre:!0,attrs:{class:"language-text"}},[a("code",[e._v("@Bean\nfun securityEvaluationContextExtension(): SecurityEvaluationContextExtension {\n\treturn SecurityEvaluationContextExtension()\n}\n")])])]),a("p",[e._v("在XML配置中，这看起来像是：")]),e._v(" "),a("div",{staticClass:"language- extra-class"},[a("pre",{pre:!0,attrs:{class:"language-text"}},[a("code",[e._v('<bean class="org.springframework.security.data.repository.query.SecurityEvaluationContextExtension"/>\n')])])]),a("h2",{attrs:{id:"query中的安全表达式"}},[a("a",{staticClass:"header-anchor",attrs:{href:"#query中的安全表达式"}},[e._v("#")]),e._v(" @query中的安全表达式")]),e._v(" "),a("p",[e._v("现在，安全性可以在查询中使用。例如：")]),e._v(" "),a("p",[e._v("Java")]),e._v(" "),a("div",{staticClass:"language- extra-class"},[a("pre",{pre:!0,attrs:{class:"language-text"}},[a("code",[e._v('@Repository\npublic interface MessageRepository extends PagingAndSortingRepository<Message,Long> {\n\t@Query("select m from Message m where m.to.id = ?#{ principal?.id }")\n\tPage<Message> findInbox(Pageable pageable);\n}\n')])])]),a("p",[e._v("Kotlin")]),e._v(" "),a("div",{staticClass:"language- extra-class"},[a("pre",{pre:!0,attrs:{class:"language-text"}},[a("code",[e._v('@Repository\ninterface MessageRepository : PagingAndSortingRepository<Message,Long> {\n\t@Query("select m from Message m where m.to.id = ?#{ principal?.id }")\n\tfun findInbox(pageable: Pageable): Page<Message>\n}\n')])])]),a("p",[e._v("这将检查"),a("code",[e._v("Authentication.getPrincipal().getId()")]),e._v("是否等于"),a("code",[e._v("Message")]),e._v("的接收者。请注意，本例假定你已将主体自定义为具有ID属性的对象。通过公开"),a("code",[e._v("SecurityEvaluationContextExtension")]),e._v(" Bean，查询中的所有"),a("RouterLink",{attrs:{to:"/authorization/expression-based.html#common-expressions"}},[e._v("常见的安全表达式")]),e._v("都是可用的。")],1),e._v(" "),a("p",[a("RouterLink",{attrs:{to:"/spring-security/servlet-api.html"}},[e._v("Servlet APIs")]),a("RouterLink",{attrs:{to:"/spring-security/mvc.html"}},[e._v("Spring MVC")])],1)])}),[],!1,null,null,null);t.default=s.exports}}]);