Issue #5078: Upgrade dependencies

- Upgrade to modern APIs
inception-project · Dec 10, 2024 · 75628ed · 75628ed
1 parent 09f59b7
commit 75628ed
Showing 1 changed file with 25 additions and 8 deletions.
diff --git a/.../de/tudarmstadt/ukp/inception/websocket/config/MessageExpressionAuthorizationManager.java b/.../de/tudarmstadt/ukp/inception/websocket/config/MessageExpressionAuthorizationManager.java
@@ -17,14 +17,15 @@
  */
 package de.tudarmstadt.ukp.inception.websocket.config;
 
-import static org.springframework.util.Assert.notNull;
+import static java.util.Objects.requireNonNull;
 
 import java.util.function.Supplier;
 
 import org.springframework.expression.Expression;
 import org.springframework.security.access.expression.ExpressionUtils;
 import org.springframework.security.access.expression.SecurityExpressionHandler;
 import org.springframework.security.authorization.AuthorizationDecision;
+import org.springframework.security.authorization.AuthorizationDeniedException;
 import org.springframework.security.authorization.AuthorizationManager;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.messaging.access.intercept.MessageAuthorizationContext;
@@ -47,18 +48,34 @@ private MessageExpressionAuthorizationManager(
             SecurityExpressionHandler<MessageAuthorizationContext<?>> aExpressionHandler,
             String aExpression)
     {
-        notNull(aExpressionHandler, "expressionHandler cannot be null");
-        notNull(aExpression, "expression cannot be null");
+        requireNonNull(aExpressionHandler, "expressionHandler cannot be null");
+        requireNonNull(aExpression, "expression cannot be null");
         expressionHandler = aExpressionHandler;
-        expression = this.expressionHandler.getExpressionParser().parseExpression(aExpression);
+        expression = expressionHandler.getExpressionParser().parseExpression(aExpression);
     }
 
     @Override
-    public AuthorizationDecision check(Supplier<Authentication> authentication,
-            MessageAuthorizationContext<?> object)
+    public void verify(Supplier<Authentication> aAuthentication,
+            MessageAuthorizationContext<?> aObject)
     {
-        var context = expressionHandler.createEvaluationContext(authentication, object);
+        var context = expressionHandler.createEvaluationContext(aAuthentication, aObject);
         var granted = ExpressionUtils.evaluateAsBoolean(expression, context);
-        return new AuthorizationDecision(granted);
+        if (!granted) {
+            throw new AuthorizationDeniedException("Access Denied");
+        }
+    }
+
+    @SuppressWarnings("deprecation")
+    @Override
+    public AuthorizationDecision check(Supplier<Authentication> aAuthentication,
+            MessageAuthorizationContext<?> aObject)
+    {
+        try {
+            verify(aAuthentication, aObject);
+            return new AuthorizationDecision(true);
+        }
+        catch (AuthorizationDeniedException e) {
+            return new AuthorizationDecision(false);
+        }
     }
 }