堆栈内存溢出
  简体   繁体   English

Jhipster:隐藏非管理员的实体

[英]Jhipster: hide entities from non-admin

 原文  2016-07-14 14:49:37       spring-security/ spring-boot/ jhipster

问题描述

Greetings java hipsters! 问候java赶时髦的人!

I just generated a jhipster project and created some entities. 我刚刚创建了一个jhipster项目并创建了一些实体。 I'd like to hide some entities by restricting them to only the admin user. 我想通过将它们限制为仅限管理员用户来隐藏某些实体。 How do I achieve this ? 我该如何实现这一目标?

Thanks! 谢谢!

2 个解决方案

解决方案1
 7 已采纳  2016-07-15 21:14:36

First read Spring Security doc then look at your project source code that was generated by JHipster: it's full of such examples, pay attention to: 首先阅读Spring Security doc然后看看你的项目源代码是由JHipster生成的:它充满了这样的例子,注意:

  • SecurityConfiguration.java
  • @Secured(AuthoritiesConstants.ADMIN) in UserResource.java @Secured(AuthoritiesConstants.ADMIN)UserResource.java

Then for the angular part, you can add a requirement for admin role in a state's definition like in src/main/webapp/app/admin/configuration/configuration.state.js (search for authorities: ['ROLE_ADMIN'] ). 然后对于角度部分,您可以在状态定义中添加管理角色的要求,例如在src/main/webapp/app/admin/configuration/configuration.state.js (搜索for authorities: ['ROLE_ADMIN'] )。 So for a bank-account entity, main state would be defined in src/main/webapp/app/entities/bank-account/bank-account.state.js . 因此,对于bank-account实体,主要状态将在src/main/webapp/app/entities/bank-account/bank-account.state.js

This is for JHipster 3.x 这是针对JHipster 3.x的

解决方案2
 3  2017-10-10 21:44:24

I just describe how i blocked new entity("folder") on a bit more fresh version (JHipster 4.7.0): 我只是描述了我如何在一个更新鲜的版本(JHipster 4.7.0)上阻止新实体(“文件夹”):

to block access to endpoint I added new line in a file: src/main/java/package path/config/SecurityConfiguration.java : 阻止访问端点我在文件中添加了新行: src / main / java / package path / config / SecurityConfiguration.java 

.antMatchers("/api/profile-info").permitAll()
.antMatchers("/api/folders").hasAuthority(AuthoritiesConstants.ADMIN) //new line
.antMatchers("/api/**").authenticated()

change src/main/webapp/app/entities/folder/folder.route.ts : 更改src / main / webapp / app / entities / folder / folder.route.ts 

 data: {
    authorities: ['ROLE_USER'], // old 
    authorities: ['ROLE_ADMIN'],// new
    pageTitle: 'jmediaApp.folder.home.title'
 },

and to hide item from navbar you need to add *jhiHasAnyAuthority="'ROLE_ADMIN'" in <li> tag in /src/main/webapp/app/layouts/navbar/navbar.component.html : 并从导航栏隐藏的项目,你需要添加*jhiHasAnyAuthority="'ROLE_ADMIN'"<li>标记中/src/main/webapp/app/layouts/navbar/navbar.component.html: 

<li *jhiHasAnyAuthority="'ROLE_ADMIN'">

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 用于查找不在另一组结果中的Grails标准(或在Spring中查找非管理员用户) - Grails criteria for finding not in another set of results (or finding non-admin users in Spring) 如何允许某些实体api授予jhipster中的所有用户 - how to permit certain entities api to all users in jhipster 在Jhipster中创建具有ROLE_ADMIN权限的@Scheduled任务 - Creating a @Scheduled task with ROLE_ADMIN permissions in Jhipster 如何从 jHipster 中的 SecurityContextHolder 检索自定义 UserDetails? - How to retrieve custom UserDetails from SecurityContextHolder in jHipster? 从 JHipster 生成的应用程序中删除授权 - Remove authorization from JHipster-generated application 如何仅向我的jhipster应用程序用户显示他创建的实体? - How to show for the user of my jhipster application only the entities that he had created? jhipster 在使用 keycloak rest admin API (Oauth2) 修改用户姓后重新加载 OIDC 令牌 - jhipster Reload OIDC token after modifying user last name with keycloak rest admin API (Oauth2) JHipster - OAuth2/OIDC 需要从访问令牌中读取组 - JHipster - OAuth2/OIDC need to read groups from access token 登录时 JHipster 未收到来自 Keycloak 用户的角色 - JHipster not receiving roles from Keycloak Users when login Jhipster 4中的角色 - Roles in Jhipster 4
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM