Class SecurityEvaluationContextExtension

java.lang.Object
org.springframework.security.data.repository.query.SecurityEvaluationContextExtension
All Implemented Interfaces:
org.springframework.data.spel.spi.EvaluationContextExtension, org.springframework.data.spel.spi.ExtensionIdAware

public class SecurityEvaluationContextExtension extends Object implements org.springframework.data.spel.spi.EvaluationContextExtension

By defining this object as a Bean, Spring Security is exposed as SpEL expressions for creating Spring Data queries.

With Java based configuration, we can define the bean using the following:

For example, if you return a UserDetails that extends the following User object:

 @Entity
 public class User {
     @GeneratedValue(strategy = GenerationType.AUTO)
     @Id
     private Long id;

     ...
 }
 

And you have a Message object that looks like the following:

 @Entity
 public class Message {
     @Id
     @GeneratedValue(strategy = GenerationType.AUTO)
     private Long id;

     @OneToOne
     private User to;

     ...
 }
 
You can use the following Query annotation to search for only messages that are to the current user:
 @Repository
 public interface SecurityMessageRepository extends MessageRepository {

        @Query("select m from Message m where m.to.id = ?#{ principal?.id }")
        List<Message> findAll();
 }
 
This works because the principal in this instance is a User which has an id field on it.
Since:
4.0