基于安全元信息进行访问决策。
定义
export interface AccessDecisionManager {decide(securityMetadata: SecurityMetadata): Promise<void>;}
默认实现
@Component(AccessDecisionManager)export class AccessDecisionManagerImpl implements AccessDecisionManager {protected prioritized: AccessDecisionVoter[];constructor(@Autowired(AccessDecisionVoter)protected readonly accessDecisionVoters: AccessDecisionVoter[]) {this.prioritized = Prioritizeable.prioritizeAllSync(this.accessDecisionVoters).map(c => c.value);}async decide(securityMetadata: SecurityMetadata): Promise<void> {let grant = 0;for (const voter of this.prioritized) {if (await voter.support(securityMetadata)) {const result = await voter.vote(securityMetadata);if (result === ACCESS_DENIED) {throw new AccessDeniedError('Access is denied');} else if (result === ACCESS_GRANTED) {grant++;}}}if (grant <= 0) {throw new AccessDeniedError('Access is denied');}}}
若有收获,就点个赞吧
0 人点赞
