Examples of org.springframework.expression.EvaluationContext

• org.springframework.expression.EvaluationContext
  Expressions are executed in an evaluation context. It is in this context that references are resolved when encountered during expression evaluation.

  There is a default implementation of the EvaluationContext, {@link org.springframework.expression.spel.support.StandardEvaluationContext}that can be extended, rather than having to implement everything. @author Andy Clement @author Juergen Hoeller @since 3.0

                    expr + "\"", e);
        }

        final FilterInvocation filterInvocation = new FilterInvocation(request, response, DUMMY_CHAIN);

        final EvaluationContext evaluationContext = handler.createEvaluationContext(authentication, filterInvocation);

        /*
         * Initialize the context variables map.
         *
         * This will allow SpringSecurity expressions to include any variables from
         * the IContext just by accessing them as properties of the "#vars" utility object.
         */
        Map<String,Object> contextVariables = null;
        if (processingContext instanceof Arguments) {
            // Try to initialize the context variables by asking the SpEL expression
            // evaluator object (which might be a subclass of the standard one) to create
            // this variable map.

            final Arguments arguments = (Arguments) processingContext;
            final IStandardVariableExpressionEvaluator expressionEvaluator =
                    StandardExpressions.getVariableExpressionEvaluator(arguments.getConfiguration());

            contextVariables =
                    SpringVersionSpecificUtils.computeExpressionObjectsFromExpressionEvaluator(arguments, expressionEvaluator);

        }

        if (contextVariables == null) {
            // if we could not create it the more integrated way, just do it the hard-wired way
            contextVariables = new HashMap<String, Object>();

            final Map<String,Object> expressionObjects = processingContext.getExpressionObjects();
            if (expressionObjects != null) {
                contextVariables.putAll(expressionObjects);
            }

        }


        // We add Thymeleaf's wrapper on top of the SpringSecurity basic evaluation context
        final EvaluationContext wrappedEvaluationContext =
                SpringVersionSpecificUtils.wrapEvaluationContext(evaluationContext, contextVariables);


        if (ExpressionUtils.evaluateAsBoolean(expressionObject, wrappedEvaluationContext)) {

  }

  private Object evaluateExpression(String expression, Object[] args) {

    DefaultParameters parameters = new DefaultParameters(method);
    EvaluationContext evaluationContext = provider.getEvaluationContext(parameters, args);
    return new SpelExpressionParser().parseExpression(expression).getValue(evaluationContext);
  }

        SpelExpressionParser parser = new SpelExpressionParser();
        expression = parser.parseExpression(el);
    }

    public boolean matches(HttpServletRequest request) {
        EvaluationContext context = createELContext(request);
        return expression.getValue(context, Boolean.class).booleanValue();
    }

public class ExpressionBasedPreInvocationAdvice implements PreInvocationAuthorizationAdvice {
    private MethodSecurityExpressionHandler expressionHandler = new DefaultMethodSecurityExpressionHandler();

    public boolean before(Authentication authentication, MethodInvocation mi, PreInvocationAttribute attr) {
        PreInvocationExpressionAttribute preAttr = (PreInvocationExpressionAttribute) attr;
        EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, mi);
        Expression preFilter = preAttr.getFilterExpression();
        Expression preAuthorize = preAttr.getAuthorizeExpression();

        if (preFilter != null) {
            Object filterTarget = findFilterTarget(preAttr.getFilterTarget(), ctx, mi);

    }

    public Object after(Authentication authentication, MethodInvocation mi,
            PostInvocationAttribute postAttr, Object returnedObject) throws AccessDeniedException{
        PostInvocationExpressionAttribute pia = (PostInvocationExpressionAttribute) postAttr;
        EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, mi);
        Expression postFilter = pia.getFilterExpression();
        Expression postAuthorize = pia.getAuthorizeExpression();

        if (postFilter != null) {
            if (logger.isDebugEnabled()) {

        RootBeanDefinition bean = new RootBeanDefinition(SecurityConfig.class);
        bean.getConstructorArgumentValues().addGenericArgumentValue("ROLE_A");
        appContext.registerBeanDefinition("role", bean);
        handler.setApplicationContext(appContext);

        EvaluationContext ctx = handler.createEvaluationContext(mock(Authentication.class), mock(FilterInvocation.class));
        ExpressionParser parser = handler.getExpressionParser();
        assertTrue(parser.parseExpression("@role.getAttribute() == 'ROLE_A'").getValue(ctx, Boolean.class));
        assertTrue(parser.parseExpression("@role.attribute == 'ROLE_A'").getValue(ctx, Boolean.class));
    }

    @Test
    public void createEvaluationContextCustomTrustResolver() {
        handler.setTrustResolver(trustResolver);

        Expression expression = handler.getExpressionParser().parseExpression("anonymous");
        EvaluationContext context = handler.createEvaluationContext(authentication, invocation);
        assertThat(expression.getValue(context, Boolean.class)).isFalse();

        verify(trustResolver).isAnonymous(authentication);
    }

    @Test
    public void grantsAccessIfExpressionIsTrueDeniesIfFalse() {
        WebExpressionVoter voter = new WebExpressionVoter();
        Expression ex = mock(Expression.class);
        WebExpressionConfigAttribute weca = new WebExpressionConfigAttribute(ex);
        EvaluationContext ctx = mock(EvaluationContext.class);
        SecurityExpressionHandler eh = mock(SecurityExpressionHandler.class);
        FilterInvocation fi = new FilterInvocation("/path", "GET");
        voter.setExpressionHandler(eh);
        when(eh.createEvaluationContext(user, fi)).thenReturn(ctx);
        when(ex.getValue(ctx, Boolean.class)).thenReturn(Boolean.TRUE).thenReturn(Boolean.FALSE);

        if (attr == null) {
            return ACCESS_ABSTAIN;
        }

        EvaluationContext ctx = expressionHandler.createEvaluationContext(authentication, message);

        return ExpressionUtils.evaluateAsBoolean(attr.getAuthorizeExpression(), ctx) ?
                ACCESS_GRANTED : ACCESS_DENIED;
    }

    @Test
    public void createEvaluationContextCustomTrustResolver() {
        handler.setTrustResolver(trustResolver);

        Expression expression = handler.getExpressionParser().parseExpression("anonymous");
        EvaluationContext context = handler.createEvaluationContext(authentication, methodInvocation);
        expression.getValue(context, Boolean.class);

        verify(trustResolver).isAnonymous(authentication);
    }