Fix Package Tangle

Issue gh-14598

Author: jzheaux

core/src/main/java/org/springframework/security/access/expression/ExpressionUtils.java

@@ -19,43 +19,12 @@
 import org.springframework.expression.EvaluationContext;
 import org.springframework.expression.EvaluationException;
 import org.springframework.expression.Expression;
-import org.springframework.security.authorization.AuthorizationDecision;
-import org.springframework.security.authorization.AuthorizationResult;
-import org.springframework.security.authorization.ExpressionAuthorizationDecision;
 
 public final class ExpressionUtils {
 
 	private ExpressionUtils() {
 	}
 
-	/**
-	 * Evaluate a SpEL expression and coerce into an {@link AuthorizationDecision}
-	 * @param expr a SpEL expression
-	 * @param ctx an {@link EvaluationContext}
-	 * @return the resulting {@link AuthorizationDecision}
-	 * @since 6.3
-	 */
-	public static AuthorizationResult evaluate(Expression expr, EvaluationContext ctx) {
-		try {
-			Object result = expr.getValue(ctx);
-			if (result instanceof AuthorizationResult decision) {
-				return decision;
-			}
-			if (result instanceof Boolean granted) {
-				return new ExpressionAuthorizationDecision(granted, expr);
-			}
-			if (result == null) {
-				return null;
-			}
-			throw new IllegalArgumentException(
-					"SpEL expression must return either a Boolean or an AuthorizationDecision");
-		}
-		catch (EvaluationException ex) {
-			throw new IllegalArgumentException("Failed to evaluate expression '" + expr.getExpressionString() + "'",
-					ex);
-		}
-	}
-
 	public static boolean evaluateAsBoolean(Expression expr, EvaluationContext ctx) {
 		try {
 			return expr.getValue(ctx, Boolean.class);

core/src/main/java/org/springframework/security/authorization/method/ExpressionUtils.java

@@ -0,0 +1,51 @@
+/*
+ * Copyright 2002-2024 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.springframework.security.authorization.method;
+
+import org.springframework.expression.EvaluationContext;
+import org.springframework.expression.EvaluationException;
+import org.springframework.expression.Expression;
+import org.springframework.security.authorization.AuthorizationResult;
+import org.springframework.security.authorization.ExpressionAuthorizationDecision;
+
+final class ExpressionUtils {
+
+	private ExpressionUtils() {
+	}
+
+	static AuthorizationResult evaluate(Expression expr, EvaluationContext ctx) {
+		try {
+			Object result = expr.getValue(ctx);
+			if (result instanceof AuthorizationResult decision) {
+				return decision;
+			}
+			if (result instanceof Boolean granted) {
+				return new ExpressionAuthorizationDecision(granted, expr);
+			}
+			if (result == null) {
+				return null;
+			}
+			throw new IllegalArgumentException(
+					"SpEL expression must return either a Boolean or an AuthorizationDecision");
+		}
+		catch (EvaluationException ex) {
+			throw new IllegalArgumentException("Failed to evaluate expression '" + expr.getExpressionString() + "'",
+					ex);
+		}
+	}
+
+}

core/src/main/java/org/springframework/security/authorization/method/PostAuthorizeAuthorizationManager.java

@@ -22,7 +22,6 @@
 
 import org.springframework.context.ApplicationContext;
 import org.springframework.expression.EvaluationContext;
-import org.springframework.security.access.expression.ExpressionUtils;
 import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
 import org.springframework.security.access.prepost.PostAuthorize;
 import org.springframework.security.authorization.AuthorizationDecision;

core/src/main/java/org/springframework/security/authorization/method/PreAuthorizeAuthorizationManager.java

@@ -22,7 +22,6 @@
 
 import org.springframework.context.ApplicationContext;
 import org.springframework.expression.EvaluationContext;
-import org.springframework.security.access.expression.ExpressionUtils;
 import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.authorization.AuthorizationDecision;

core/src/test/java/org/springframework/security/access/expression/ExpressionUtilsTests.java renamed to core/src/test/java/org/springframework/security/authorization/method/ExpressionUtilsTests.java

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-package org.springframework.security.access.expression;
+package org.springframework.security.authorization.method;
 
 import org.junit.jupiter.api.Test;