1
|
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
<beans xmlns="http://www.springframework.org/schema/beans"
|
3
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:context="http://www.springframework.org/schema/context"
|
4
|
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:aop="http://www.springframework.org/schema/aop"
|
5
|
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
6
|
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
7
|
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
|
8
|
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
|
9
|
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.0.xsd
|
10
|
">
|
11
|
|
12
|
|
13
|
<!--
|
14
|
============================== SECURITY ==============================
|
15
|
-->
|
16
|
<bean id="accessDecisionManager" class="eu.etaxonomy.cdm.persistence.hibernate.permission.UnanimousBasedUnrevokable">
|
17
|
<property name="decisionVoters">
|
18
|
<list>
|
19
|
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.GrantAlwaysVoter" />
|
20
|
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.TaxonNodeVoter" />
|
21
|
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.TaxonBaseVoter" />
|
22
|
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.DescriptionBaseVoter" />
|
23
|
<bean class="eu.etaxonomy.cdm.persistence.hibernate.permission.voter.DescriptionElementVoter" />
|
24
|
</list>
|
25
|
</property>
|
26
|
</bean>
|
27
|
|
28
|
<!--
|
29
|
CdmPermissionEvaluator.hasPermissions() evaluates the CdmPermissions like TAXONNODE.UPDATE{20c8f083-5870-4cbd-bf56-c5b2b98ab6a7}
|
30
|
-->
|
31
|
<bean id="cdmPermissionEvaluator" class="eu.etaxonomy.cdm.persistence.hibernate.permission.CdmPermissionEvaluator">
|
32
|
<property name="accessDecisionManager" ref="accessDecisionManager" />
|
33
|
</bean>
|
34
|
|
35
|
<!-- The CdmSecurityHibernateInterceptor checks onSave() and on flushDirty() if the currently authenticated principal or token has
|
36
|
sufficient permissions on the entity to be persisted -->
|
37
|
<bean id="securityHibernateInterceptor" class="eu.etaxonomy.cdm.persistence.hibernate.CdmSecurityHibernateInterceptor">
|
38
|
<property name="permissionEvaluator" ref="cdmPermissionEvaluator" />
|
39
|
</bean>
|
40
|
|
41
|
</beans>
|