Skip to content

Commit b233e14

Browse files
QwennnnnnnQwennnnnnn
authoredMar 7, 2025··
Merge pull request #13 from theodo-group/update-readme-21
update the readme
·
v2.0.0
2 parents c17bf50 + db600fa commit b233e14

File tree

3 files changed

+77
-66
lines changed

3 files changed

+77
-66
lines changed
 

‎README.md

+77
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,77 @@
1+
# SPRING ACCESS INSPECTOR
2+
3+
This project is composed of two parts:
4+
5+
- The inspector itself.
6+
- The wrapper plugin that allows to easily use spring-access_inspector on any project.
7+
8+
## Inspector itself
9+
10+
This project uses java 21
11+
12+
### What is spring-access-control ?
13+
14+
This tool creates a table report to verify access control on Spring Boot routes.
15+
It uses the [`Preauthorize`, `Secured` or `RolesAllowed`](https://www.baeldung.com/spring-security-method-security) annotation from `spring-security-config`.
16+
It creates a table.html file with a list of your routes and their preauthorize.
17+
18+
![List of your routes with preauthorize annotation](preauthorize-table.png)
19+
20+
### How to use it
21+
22+
If you want to directly use the inspector without the plugin, follow those steps:
23+
24+
- Clone the repository:
25+
26+
`git clone git@github.com:theodo-group/spring-access-inspector.git`
27+
28+
- Go inside the inspector folder:
29+
30+
`cd spring-access-inspector/inspector`
31+
32+
- Compile the code:
33+
34+
`mvn compile exec:java -Dexec.mainClass=com.theodo.inspector.SpringAccessInspector`
35+
36+
- Run the code (using maven exec plugin) and give it the path of the pom you want to analyze :
37+
38+
`mvn exec:java -Dexec.mainClass=com.theodo.inspector.SpringAccessInspector -Dexec.args="/the_path/where/poms/are"`
39+
40+
N.B: You may need to compile your code before:
41+
42+
`mvn clean install -DskipTests`
43+
44+
## The maven plugin
45+
46+
The plugin allows to easily launch the inspector by adding a plugin in the pom.xml of the project you want to inspect.
47+
48+
- First compile the plugin
49+
50+
`mvn clean install`
51+
52+
- In your `./your_project/pom.xml` file, add the plugin in `build/pluginManagement` as follows:
53+
54+
```xml
55+
<build>
56+
57+
... Whatever...
58+
59+
<pluginManagement>
60+
<plugins>
61+
<plugin>
62+
<groupId>com.theodo</groupId>
63+
<artifactId>inspector-maven-plugin</artifactId>
64+
<version>1.0.0</version>
65+
<configuration>
66+
<projectBaseDir>${project.basedir}</projectBaseDir>
67+
<htmlOutputFile>./table.html</htmlOutputFile>
68+
</configuration>
69+
</plugin>
70+
</plugins>
71+
</pluginManagement>
72+
</build>
73+
```
74+
75+
- Then in your Shell or CI, launch the analysis:
76+
77+
`mvn inspector:inspect`

‎inspector-maven-plugin/README.md

-34
This file was deleted.

‎inspector/README.md

-32
This file was deleted.

0 commit comments

Comments
 (0)
Please sign in to comment.