问题
I would like to prevent an image having a link if a user does NOT have a certain role. e.g.
<sec:authorize ifNotGranted="ROLE_ACCOUNTS" ><img src="someimage.jpg"/></sec:authorize>
<sec:authorize ifAllGranted="ROLE_ACCOUNTS" ><a href="somelink.htm"><img src="someimage.jpg"/></a></sec:authorize>
However ifNotGranted and ifAllGranted are now deprecated in favour of the access expression. I can see that ifAllGranted can be replicated with:
<sec:authorize access="hasRole('ROLE_ACCOUNTS')"><a href="somelink.htm"><img src="someimage.jpg"/></a></sec:authorize>
But how can ifNotGranted be replicated using the access method? Any help would be greatfully appreciated.
回答1:
SpEL expression can be negated with ! operator:
<sec:authorize access="!hasRole('ROLE_ACCOUNTS')">...</sec:authorize>
See also:
- 6. Spring Language (SpEL)
回答2:
In case if you have many files to update, I recommend use the regular express to search and replace
find
<sec:authorize\s+ifAnyGranted="([^"]+)"
replace with
<sec:authorize access="hasAnyRole('$1')"
and search
<sec:authorize\s+ifNotGranted="([^"]+)"
replace with
<sec:authorize access="!hasAnyRole('$1')"
Hope this can save you time
来源:https://stackoverflow.com/questions/10953194/equivalent-to-the-deprecated-secauthorize-ifnotgranted-attribute