ACL Management#
Gradle module: source/extn/user-access-mgmt. Maven coordinate: com.palmyralabs.palmyra.extn:palmyra-dbacl-mgmt:<version>.
Data-driven access control. Permissions live in ACL tables (roles, permissions, role-permission join, user-role assignments); the extension publishes a Spring Security PermissionEvaluator that consults those tables on every @PreAuthorize("hasPermission(...)") call and on every handler annotated with @Permission — Palmyra evaluates @Permission values through the same Spring PermissionEvaluator seam, so swapping the evaluator swaps the policy for both surfaces.
Module dependencies#
api deps.palmyra.store.base
api deps.spring.web
implementation deps.jakarta.servlet_api
implementation deps.jakarta.persistence
implementation 'org.springframework.data:spring-data-jpa:3.2.1'
implementation 'org.springframework.boot:spring-boot-starter-security:3.2.1'
implementation 'jakarta.transaction:jakarta.transaction-api:2.0.1'
implementation 'org.modelmapper:modelmapper:3.2.0'Pages#
| Page | Role |
|---|---|
| PalmyraPermissionEvaluator | PermissionEvaluator backed by pluggable AclPermissionChecker strategies |