Add ExpressionTemplateValueProvider #17448
Conversation
spring-projects-issues
added
the
status: waiting-for-triage
| void parseMetaSourceAnnotationWithEnumImplementingExpressionTemplateValueProvider() throws Exception { | ||
| Method method = MessageService.class.getDeclaredMethod("process"); | ||
| PreAuthorize preAuthorize = this.scanner.scan(method, method.getDeclaringClass()); | ||
| assertThat(preAuthorize.value()).isEqualTo("hasAnyAuthority(user.READ,user.WRITE)"); |
There was a problem hiding this comment.
The resulting expression may not be useful since SpEL may try and interpret user as a method on the root object. I think it should be:
hasAnyAuthority('user.READ','user.WRITE')which I believe you can achieve by placing single quotes in Permission#getExpressionTemplateValue
| * } | ||
| * </pre> | ||
| * | ||
| * @since 6.5 |
There was a problem hiding this comment.
Will you update this to 7.0 now that that's the target release?
| * @Override | ||
| * public String getExpressionTemplateValue() { | ||
| * return switch (this) { | ||
| * case READ -> "user.permission-read"; |
There was a problem hiding this comment.
While not a guarantee, I imagine that most folks will want to inject a value as a string, which will mean applying single quotes around it. Because it won't work to do '{permissions}' in an expression, it seems preferable to always surround the value in single quotes, thus allowing a template to do {permissions} or {permission} and still have the template compile.
If you agree with that, will you please place single quotes around each returned value?
jzheaux
added
in: core
Implements a simple mechanism for providing custom expression template values from enums used in expression templates.
Closes gh-17447