Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide Runtime Hints for Beans used in Pre/PostAuthorize Expressions #15794

Merged
merged 1 commit into from
Sep 13, 2024
Merged

Provide Runtime Hints for Beans used in Pre/PostAuthorize Expressions #15794

merged 1 commit into from
Sep 13, 2024

Conversation

marcusdacoregio
Copy link
Contributor

Closes gh-14652

@marcusdacoregio marcusdacoregio added in: core An issue in spring-security-core type: enhancement A general enhancement labels Sep 11, 2024
@marcusdacoregio marcusdacoregio added this to the 6.4.0-M4 milestone Sep 11, 2024
@marcusdacoregio marcusdacoregio self-assigned this Sep 11, 2024
@marcusdacoregio marcusdacoregio force-pushed the gh-14652-hints branch 2 times, most recently from 08ce365 to 560d4a6 Compare September 11, 2024 18:38
jzheaux
jzheaux requested changes Sep 12, 2024
View reviewed changes
Copy link
Contributor

@jzheaux jzheaux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So exciting, @marcusdacoregio. I've left a piece of feedback inline.

Also, it's interesting that this class requires searching the object graph recursively as well. I wonder if there is a better abstraction that could work for the handful of use cases that we have.

For example, traversing hierarchies often lends itself to Visitor pattern and following such may unify these currently disparate classes.

There are other things in common about the use cases as well:

  1. There will always be unreachable objects, so there needs to be a way to provide those manually
  2. Spring Data-specific awareness would increase reachability

For now, I think this is a fine start, but perhaps a ticket to explore an improved abstraction for these cross-cutting concerns would be beneficial.

...java/org/springframework/security/aot/hint/PrePostAuthorizeExpressionBeanHintsRegistrar.java Show resolved Hide resolved
@marcusdacoregio marcusdacoregio merged commit 0618d4e into spring-projects:main Sep 13, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jzheaux jzheaux jzheaux approved these changes

Assignees

@marcusdacoregio marcusdacoregio

Labels
in: core An issue in spring-security-core type: enhancement A general enhancement
Projects
None yet
Milestone
6.4.0-M4
Development

Successfully merging this pull request may close these issues.

Provide Native Hints for Beans used in Method Security Annotations
2 participants
@marcusdacoregio @jzheaux