How to check if authority exists in a collection of GrantedAuthority?

Question

Authentication auth = SecurityContextHolder.getContext().getAuthentication();
Collection<? extends GrantedAuthority> roles = auth.getAuthorities();

How can I check if roles contains a specific authority like "ROLE_ADMIN"?

What version of Spring Security do you use? What `GrantedAuthority` implementation do you use? — Grzegorz Rożniecki, Sep 27 '12 at 07:50

OrangeDog · Answer 1 · 2016-07-29T13:42:36.743

7

Robert's answer is correct if you don't know the implementation of the GrantedAuthority in the list, as is this:

auth.getAuthorities().stream().anyMatch(ga -> ga.getAuthority().equals("ROLE_ADMIN"))

If however, you know they'll all be SimpleGrantedAuthority, then you can do this:

auth.getAuthorities().contains(new SimpleGrantedAuthority("ROLE_ADMIN"))

edited Jul 29 '16 at 13:42

answered Jul 11 '16 at 13:55

OrangeDog

36,653
12
122
207

score 6 · Accepted Answer · answered Sep 27 '12 at 22:07

I don't know of any built-in function, but here is a utility method you could use.

if (userHasAuthority("ROLE_ADMIN")) { ... }

.

public static boolean userHasAuthority(String authority)
{
    List<GrantedAuthority> authorities = getUserAuthorities();

    for (GrantedAuthority grantedAuthority : authorities) {
        if (authority.equals(grantedAuthority.getAuthority())) {
            return true;
        }
    }

    return false;
}

How to check if authority exists in a collection of GrantedAuthority?

2 Answers2