Spring Data REST 覆盖 findBy* 方法
[英]Spring Data REST Override findBy* Method
问题描述
I am using spring-data-rest-webmvc 2.0.0.RELEASE w/ spring-data-jpa 1.5.0.RELEASE.
我正在使用带有 spring-data-jpa 1.5.0.RELEASE 的 spring-data-rest-webmvc 2.0.0.RELEASE。
I have a RoomRepository, RoomRepositoryCustom, and RoomRepositoryImpl class.我有一个 RoomRepository、RoomRepositoryCustom 和 RoomRepositoryImpl 类。
I am trying to override a findBy* method so that I can provide custom logic to do the work of @PostFilter, but return paginated results.我正在尝试覆盖 findBy* 方法,以便我可以提供自定义逻辑来完成 @PostFilter 的工作,但返回分页结果。
I originally had this in RoomRespository:我最初在 RoomRespository 中有这个:
@PostFilter("hasPermission(filterObject, '" + FIND + "')")
@RestResource(rel = "byName", path = "byName")
public List<Room> findByName(@Param("name") String name);
It works well, but due to limitations on @PostFilter I must return a List and cannot return a Page.它运行良好,但由于@PostFilter 的限制,我必须返回一个列表而不能返回一个页面。
I'd like do away with @PostFilter like this:我想像这样取消@PostFilter:
@RestResource(rel = "byName", path = "byName")
public Page<Room> findByName(@Param("name") String name, Pageable p);
But I still need to filter my results by the authenticated user's principal.但是我仍然需要通过经过身份验证的用户的主体来过滤我的结果。 (Which I hoped to do in my custom method) (我希望在我的自定义方法中做到这一点)
So I figured that I could override findByName by providing an implementation in RoomRespositoryImpl, but that doesn't appear to work properly.所以我想我可以通过在 RoomRespositoryImpl 中提供一个实现来覆盖 findByName,但这似乎不能正常工作。 If I attempt to override findByName then Spring Data REST no longer picks up the method and never registers an endpoint for rooms/search/byName?name="test" .如果我尝试覆盖 findByName 则 Spring Data REST 不再采用该方法并且从不为rooms/search/byName?name="test"注册端点。
I also tried using @Query to define a custom query for the finder.我还尝试使用 @Query 为查找器定义自定义查询。 It works, but I don't believe it will work for my purposes since I need to use the authenticated user's principal as a query parameter.它有效,但我不相信它对我的目的有效,因为我需要使用经过身份验证的用户的主体作为查询参数。
In summary: How best to go about implementing a /rooms/search/byName?name="test" endpoint with Spring Data REST that returns a Page of rooms with names that contain the parameter, but is also filtered by my own custom logic based on looking up the currently authenticated user's permissions in a separate table?总结:如何最好地使用 Spring Data REST 实现 /rooms/search/byName?name="test" 端点,该端点返回名称包含参数的房间页面,但也由我自己的基于自定义逻辑过滤在单独的表中查找当前经过身份验证的用户的权限?
Is there a way to add a custom link under /rooms/search/* ?有没有办法在 /rooms/search/* 下添加自定义链接?
1 个解决方案
解决方案1
2 已采纳 2014-04-22 06:55:01
In short: this is currently (version 2.0/2.1) not supported.简而言之:目前不支持(版本 2.0/2.1)。 Pagination is quite a complicated beast when it comes to security as an @PostFilter approach doesn't really work due to the fact that you'd create invalid results if you filtered items from the page after it has been loaded.就安全性而言,分页是一个相当复杂的野兽,因为@PostFilter方法实际上不起作用,因为如果在加载页面后从页面中过滤项目,则会创建无效结果。
A correct solution to this issue requires the security constraint being incorporated into the query executed.此问题的正确解决方案需要将安全约束合并到所执行的查询中。 We have a ticket in Spring Data Commons to keep track of the general infrastructure required for this, as well as a somehow related one on the support for soft deletes in Spring Data JPA which you might wanna track on progress on that topic.我们有票在Spring数据共享跟踪为此所需的一般基础设施,以及一个莫名其妙相关的一个关于在春数据JPA软删除,您可能想跟踪关于该主题的进展支持。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.