allow the getTargetSecurityToken can be called as system code

Signed-off-by: Michael Hirsch <michael.hirsch@bosch-si.com>
This commit is contained in:
Michael Hirsch
2016-05-13 15:38:52 +02:00
parent 27ffb4c4a7
commit 7a281a8236
3 changed files with 41 additions and 3 deletions

View File

@@ -49,6 +49,21 @@ public class SystemSecurityContext {
this.tenantAware = tenantAware;
}
/**
* Runs a given {@link Callable} within a system security context, which is
* permitted to call secured system code. Often the system needs to call
* secured methods by it's own without relying on the current security
* context e.g. if the current security context does not contain the
* necessary permission it's necessary to execute code as system code to
* execute necessary methods and functionality.
*
* The security context will be switched to the system code and back after
* the callable is called.
*
* @param callable
* the callable to call within the system security context
* @return the return value of the {@link Callable#call()} method.
*/
public <T> T runAsSystem(final Callable<T> callable) {
final SecurityContext oldContext = SecurityContextHolder.getContext();
try {
@@ -68,6 +83,17 @@ public class SystemSecurityContext {
}
}
/**
* @return {@code true} if the current running code is running as system
* code block.
*/
public boolean isCurrentThreadSystemCode() {
if (SecurityContextHolder.getContext().getAuthentication() instanceof SystemCodeAuthentication) {
return true;
}
return false;
}
private static void setSystemContext() {
final SecurityContextImpl securityContextImpl = new SecurityContextImpl();
securityContextImpl.setAuthentication(new SystemCodeAuthentication());