在Spring Boot JPA应用程序中使用角色

时间:2018-03-09 11:20:31

标签: java mysql spring-boot spring-security user-roles

我目前正在使用Spring Boot在Java中开发Web应用程序。

我正在使用的应用程序:

  • MySQL作为数据源
  • 用于ORM的Hibernate JPA
  • Thymeleaf用于模板

目前我的数据库有一个用户和角色表。登录,注册和会话工作正常。

我在网站上创建了一个仅限管理员的页面。

我在为用户创建和使用角色时遇到问题。

  

我希望为数据库中的每个用户创建一个角色,并且能够使用它   在网站上。注册时的默认角色是" USER"和I.   能够手动将用户的角色更改为" ADMIN"在里面   MySQL管理员。

这是我的用户实体类: 

@Entity
@Table(name = "user")
public class User extends Auditable {

@Id
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = "id")
private int id;

@Column(name = "email", nullable = false, unique = true)
@Email(message = "Please provide a valid e-mail")
@NotEmpty(message = "Please provide an e-mail")
private String email;

@Column(name = "password")
@Transient
private String password;

@Column(name = "first_name")
@NotEmpty(message = "Please provide your first name")
private String firstName;

@Column(name = "last_name")
@NotEmpty(message = "Please provide your last name")
private String lastName;

@Column(name = "enabled")
private boolean enabled;

@Column(name = "confirmation_token")
private String confirmationToken;

@OneToOne(mappedBy="user", cascade={CascadeType.ALL})
private Role role;


public User() {
}

public User(String firstName, String lastName, String email, String password, Role role) {
    this.firstName = firstName;
    this.lastName = lastName;
    this.email = email;
    this.password = password;
    this.role = role;
}

/** Getters and setters */

}

这是我的角色实体:

@Entity(name="role")
public class Role {

@Id
private Long id;

@OneToOne
private User user;
private Integer role;

/** Getters and setters */
}

在UserService中按用户名加载:

@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
    User user = userRepository.findByEmail(email);
    if (user == null){
        throw new UsernameNotFoundException("Invalid username or password.");
    }
    return new org.springframework.security.core.userdetails.User(user.getEmail(),
            user.getPassword(), getAuthorities(user.getRole().getRole()));
}

但由于某种原因,这不起作用。它创造了"角色"数据库中的表,它有两行

id name
1 ROLE_USER
2 ADMIN

问题是,当我将用户保存到数据库时,我需要做什么才能为我正在保存的用户设置角色?目前,我的表中没有任何用户行具有角色列。 我怎样才能使其正常工作以便在我的securityconfig中有规则时使用

.hasRole("ADMIN")

它不允许没有该角色的用户访问?目前,当我尝试使用该规则访问该页面时,它始终返回我已配置的无访问权限页面。

1 个答案:

答案 0 :(得分:1)

下面是我用于实现注册并将rolse分配给注册用户的代码。

1)User.java(@Entity)

@Entity
@Table(name = "users")
public class User {

    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private Long user_id;
    private String username;
    private String password;
    private boolean active;
    private String email;

    // user roles
    @ElementCollection(targetClass = Role.class, fetch = FetchType.EAGER)
    @CollectionTable(name = "user_role", joinColumns = @JoinColumn(name = "user_id"))
    @Enumerated(EnumType.STRING)
    private Set<Role> roles;

    // Constructors
    private User() {}

    public User(String username, String password, String email) {
        this.username = username;
        this.password = password;
        this.email = email;
    }

    // if user is admin
    public boolean isAdmin() {
        return roles.contains(Role.ADMIN);
    }


    // Below you can generate getters & setters & toString method.

    // Getter and setter for user roles
    public Set<Role> getRoles() {
        return roles;
    }

    public void setRoles(Set<Role> roles) {
        this.roles = roles;
    }
}

Role.java(枚举类型)

public enum Role {
    USER,
    ADMIN;

}

UserController.java(@Controller)

@Controller
public class UserController{

    //login page
    @GetMapping("/signin")
    public String loginPage() {
        return "frontend/login";
    }

    // registration page
    @GetMapping("/signup")
    public String signUpPage() {
        return "frontend/registration";
    }

    // User Registration
    @PostMapping("/signup")
    public String addUser(User user, Map<String, Object> model) {

        User userFromDB = userRepository.findByUsername(user.getUsername());
        if(userFromDB !=null ) {
            model.put("alreadyexists", "Username already exists!");
            return "frontend/registration";
        }

        // Set user apssword (also you can implement BCrypt)
        user.setPassword(user.getPassword());

        // set user activa
        user.setActive(true);

        // assign Rolr USER to newly registered user
        user.setRoles(Collections.singleton(Role.USER));


        userRepository.save(user);

        return "redirect:/profile";
    }
}

WebsecurityConfig.java(春季安全性)

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private DataSource dataSource;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http

                .authorizeRequests()
                .antMatchers("/","/signup").permitAll()
                .anyRequest().authenticated()
                .and()
                    .formLogin()
                    .loginPage("/signin").defaultSuccessUrl("/profile")
                    .permitAll()
                .and()
                    .logout().logoutRequestMatcher(new AntPathRequestMatcher("/signout")).logoutSuccessUrl("/signin?bye")
                    .permitAll();
    }


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.jdbcAuthentication()
                .dataSource(dataSource)
                .usersByUsernameQuery("SELECT username, password, active FROM users WHERE username=?")
                .authoritiesByUsernameQuery("SELECT u.username, ur.roles FROM users u INNER JOIN user_role ur ON u.user_id = ur.user_id WHERE u.username=?");
    }
}
相关问题
最新问题