Using && in Spring MVC @PreAuthorize

StackOverflow https://stackoverflow.com/questions/18225186

  •  24-06-2022
  •  | 
  •  

Question

I need to use an && operator in a spring @PreAuthorize annotation as follows:

@PreAuthorize("hasAuthority('AUTH_ADMIN') && isEnabled(principal.department, #docCat)")
@RequestMapping(value = "/samedept/patient/{pin}/results/{docCat}/{docResultType}/{docId}", method = RequestMethod.GET,
        headers = ContentTypeHeader.HEADER_APPLICATION_PDF)
ModelAndView secureViewResultPdf(@PathVariable(value = "pin") long pin,
                           @PathVariable(value = "docCat") String docCat,
                           @PathVariable(value = "docResultType") String docResultType,
                           @PathVariable(value = "docId") String docId);

I tried this but I'm getting

java.lang.IllegalStateException: Cannot handle (38) '&'
    at org.springframework.expression.spel.standard.Tokenizer.process(Tokenizer.java:193)

I've looked all over the web but can't find an example of an && operator used this way. Is it possible?

Was it helpful?

Solution

Modify && to and, if the meaning of && is and

OTHER TIPS

if you take a look at spel documentation in http://docs.spring.io/spring/docs/3.0.x/reference/expressions.html you will see that Larry.Z is right.

look at

6.5.6.2 Logical operators // -- AND --

// evaluates to false
boolean falseValue = parser.parseExpression("true and false").getValue(Boolean.class);
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top