[英]In SpringDataRest, How can i add custom logic when http request received
As we know, In SpringDataRest, the Repository files are only used (not controllers) and we can use build-in methods for It.众所周知,在 SpringDataRest 中,仅使用 Repository 文件(而不是控制器),我们可以为其使用内置方法。
My repository code is:我的存储库代码是:
public interface StudentRepository extends JpaRepository<Student, Integer> {
}
I don't want to add custom methods and add my request processing logic there.我不想添加自定义方法并在那里添加我的请求处理逻辑。 I want some configuration or events overriding where i can process the HttpRequest handler, parse the token and check some data in token and based on that token i'll decide to either process that request or discard it with some error.
我想要一些配置或事件覆盖我可以处理 HttpRequest 处理程序的位置,解析令牌并检查令牌中的一些数据,并基于该令牌我将决定处理该请求或丢弃它并出现一些错误。
Thanks.谢谢。
If you want to restrict access to specific endpoints or operations with spring data rest and you are using spring security then you can use the @PreAuthorize annotation with hasRole
.如果您想使用 spring 数据休息来限制对特定端点或操作的访问,并且您正在使用 spring 安全性,那么您可以将@PreAuthorize 注释与
hasRole
一起hasRole
。 To take an example from 'Securing Spring Data REST PreAuthorize' , you could have a CrudRepository like:以'Securing Spring Data REST PreAuthorize' 为例,您可以拥有一个 CrudRepository,如:
@PreAuthorize("hasRole('ROLE_USER')")
public interface ParkrunCourseRepository extends CrudRepository<ParkrunCourse, Long> {
@Override
@PreAuthorize("hasRole('ROLE_ADMIN')")
ParkrunCourse save(ParkrunCourse parkrunCourse);
}
Then only users with the admin role will be able to do posts to save these entities.然后只有具有管理员角色的用户才能发布帖子以保存这些实体。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.