I am using Grails 3.2.4 and the Grails Spring Security Plugin Core & REST. When a request is made to User#index , I use
params.max = Math.min(max ?: 10, 100)
respond User.list(params), model: [userCount: User.count()]
The response is something like:
[
{
"id": 3,
"accountExpired": false,
"accountLocked": false,
"enabled": true,
"password": "$2a$10$fdWi7i48Kw5tnpzsjKMUMOQDx7nhglp9tRtDaJHTAi5qOTdIL0t3u",
"passwordExpired": false,
"username": "me"
},
{
"id": 4,
"accountExpired": false,
"accountLocked": false,
"enabled": true,
"password": "$2a$10$3uFrDjJ8AwMsdMbKhExece6cJtQ4DS2e1/jFMIdDHrmqgDGpBgkS2",
"passwordExpired": false,
"username": "master"
},
// ...
How can I customize this response and eliminate the password field, for example?
There are couple of ways to achieve this but the simplest would be to register a bean of type JsonRenderer
in resources.groovy
as below:
import grails.rest.render.json.JsonRenderer
beans = {
userRenderer(JsonRenderer, User) {
excludes = ['password']
}
}
Refer https://docs.grails.org/latest/guide/webServices.html#renderers for additional ways.
If you are using the JSON-VIEWS feature in your project and your controller inherits from RestfulController you could also do the following:
Note: I am assuming that your user class is named User
First try and use the command
grails generate-views [yourpackage.]security.User
where [yourpackage.] is optional and represents the name of the package where you created your User class when you executed the s2-quickstart command.
If the generation of the views was succesful, you will find a directory named user in \\grails-app\\views with the following files
These should be your json views for User. Open _user.gson . It should have content like the following
import [yourpackage.]security.User
model {
User user
}
json g.render(user)
edit the code so that it excludes password from the json render
import [yourpackage.]security.Usuario
model {
User user
}
json g.render(user, [excludes: ['password']) //This is where you exclude password
This might seem a bit more complicated than editing the beans, but in my opinion, it might be easier to look for a related view, than check the resources.groovy if someone else wants to edit the project.
For more information on this check the grails reference to json views
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.