I create a Grails REST API
I'm using Spring Security
For create the User and Role domain classes
grails s2-quickstart com.mycompany.myapp User Role
My REST API should support the ability to create users, but I do not know how to do this
@GrailsCompileStatic
@EqualsAndHashCode(includes='username')
@ToString(includes='username', includeNames=true, includePackage=false)
class User implements Serializable {
private static final long serialVersionUID = 1
String username
String password
boolean enabled = true
boolean accountExpired
boolean accountLocked
boolean passwordExpired
User(String username, String password) {
this()
this.username = username
this.password = password
}
Set<Role> getAuthorities() {
(UserRole.findAllByUser(this) as List<UserRole>)*.role as Set<Role>
}
static constraints = {
password nullable: false, blank: false, password: true
username nullable: false, blank: false, unique: true
}
static mapping = {
table '`user`'
password column: '`password`'
}
}
I created a controller
class UserController extends RestfulController {
static responseFormats = ['json', 'xml']
UserController() {
super(User)
}
@Secured(['permitAll'])
@Override
def save() {
super.save()
}
}
And at the moment I can create users, but I can not automatically assign them a role
How can I assign it the role of ROLE_USER when creating a new user?
I use Grails 3.3.5
You can do something like this:
User user = new User(username: params.username, password: params.password).save()
Role role = Role.findOrSaveWhere(authority: "ROLE_USER")
new UserRole(user: user, role: role).save()
// If you want to assign another role to the user
role = Role.findOrSaveWhere(authority: "ROLE_SUBSCRIBED")
new UserRole(user: user, role: role).save()
If your project is solely a REST API, I'd recommend using the Grails rest-api profile. There's a good tutorial on this, you can check it out here .
Spring Security Core delegates the responsibility of managing the relationship between User and Role through the entity UserRole with a series of static methods among which is create
, I share you the definition
static UserRole create(User user, Role role, boolean flush = false) {
def instance = new UserRole(user: user, role: role)
instance.save(flush: flush)
instance
}
As you can see, this static method expects two parameters: an User instance and a role instance and optionally flush. You consume this method in the following way
Role adminRole = new Role(authority: 'ROLE_ADMIN').save() // here makes sense the recommendation of styl3r to first search if the role exists if it is not like that to create it
User testUser = new User(username: 'me', password: 'password').save()
UserRole.create testUser, adminRole
I took this example from the plugin documentation. In the following link.
https://grails-plugins.github.io/grails-spring-security-core/3.2.x/index.html#tutorials
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.