Spring Security不会更改角色
我写了一个项目,管理员可以在其中更改用户的角色(从用户到管理员级别)。我有点正确地编写了代码,但是并没有改变角色。您可以看到代码。登录已更改,但是用户的角色与以前相同。
EditUser.JSP
<body>
<center>
<h1>User Edit form</h1>
<form:form method="POST" action="${pageContext.request.contextPath}/admin/editUser">
<table>
<input type="hidden" value="${user.id}" name="id"/>
<tr>
<td><label path="Login">Login</label></td>
<td bgcolor="#000000"><input type="text" name="login" value="${user.login}"/></td>
</tr>
<tr>
<td><label path="Password">Password</label></td>
<td bgcolor="#000000"><input name="password" value="${user.password}"/></td>
</tr>
<tr>
<td>
<select name="role">
<option value="${user.role}" selected>ROLE_ADMIN</option>
<option value="${user.role}">ROLE_USER</option>
</td>
</select>
</tr>
<tr>
<td><input class="btn btn-primary" type="submit" value="Save"/></td>
</tr>
</table>
</form:form>
</center>
UserServiceImpl.JAVA
@Service
@Transactional
public class UserServiceImpl implements UserService {
@Autowired
private UserRepository repository;
@Autowired
public UserServiceImpl(UserRepository repository) {
super();
this.repository = repository;
}
@Override
public List<User> getAll() {
return (List<User>) repository.findAll();
}
@Override
public Optional<User> findUser(Long id) {
return repository.findById(id);
}
@Override
public User saveUser(User user) {
return repository.save(user);
}
@Override
public User updateUser(User user) {
User targetUser = repository.findById(user.getId()).get();
if (user.getLogin() != null) {
targetUser.setLogin(user.getLogin());
}
if (user.getRole() != null) {
targetUser.setRole(user.getRole());
}
if (user.getPassword() != null) {
targetUser.setPassword(user.getPassword());
}
return repository.save(targetUser);
}
}
User.JAVA
@Entity
@Table(name = "users")
public class User implements Serializable, UserDetails {
@Id
@GeneratedValue
private Long id;
private String login;
private String password;
private String role;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public void setId(long id) {
this.id = id;
}
public String getLogin() {
return login;
}
public void setLogin(String login) {
this.login = login;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Collections.singleton(new SchoolAuthority(role));
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return login;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
public void setPassword(String password) {
this.password = password;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
class SchoolAuthority implements GrantedAuthority {
String role;
public SchoolAuthority(String role) {
this.role = role;
}
@Override
public String getAuthority() {
return role;
}
}
@Override
public String toString() {
return "User{" +
"id=" + id +
", login='" + login + '\'' +
", password='" + password + '\'' +
", role='" + role + '\'' +
'}';
}
}
AdminController.JAVA
@Controller
@RequestMapping("/admin")
public class AdminController {
@Autowired
private StudentService studentService;
@Autowired
private UserService userService;
@GetMapping("/allStudentsAdmin")
public ModelAndView allStudentsForUser() {
ModelAndView mv = new ModelAndView();
List<Student> studentList = studentService.getAllStudents();
mv.addObject("studentList", studentList);
mv.setViewName("allStudentsAdmin");
return mv;
}
@GetMapping(value = "/deleteStudent/{id}")
public ModelAndView deleteUserById(@PathVariable Long id) {
studentService.deleteStudentById(id);
ModelAndView mv = new ModelAndView("redirect:/admin/allStudentsAdmin");
return mv;
}
@GetMapping(value = "/editStudent/{id}")
public ModelAndView displayEditUserForm(@PathVariable Long id) {
ModelAndView mv = new ModelAndView("adminEditStudent");
Student student = studentService.getStudentById(id);
mv.addObject("headerMessage", "Редактирование студента");
mv.addObject("student", student);
return mv;
}
@PostMapping(value = "/editStudent")
public String saveEditedUser(
@RequestParam("id") Long id,
@RequestParam("name") String name,
@RequestParam("surname") String surname,
@RequestParam("avatar") MultipartFile file) {
try {
studentService.updateStudent(name, surname, file, studentService.getStudentById(id));
} catch (FileSystemException ex) {
ex.printStackTrace();
} catch (IOException e) {
return "redirect:/errors";
}
return "redirect:/admin/allStudentsAdmin";
}
@GetMapping(value = "/addStudentAdmin")
public ModelAndView displayNewUserForm() {
ModelAndView mv = new ModelAndView("addStudentAdmin");
mv.addObject("headerMessage", "Add Student Details");
mv.addObject("student", new Student());
return mv;
}
@PostMapping(value = "/addStudentAdmin")
public String saveNewStudent(@RequestParam("name") @NonNull String name,
@RequestParam("surname") @NonNull String surname,
@RequestParam("avatar") MultipartFile file)
throws IOException {
Student student = new Student();
student.setSurname(surname);
student.setName(name);
if (file != null && !file.isEmpty()) {
student.setAvatar(studentService.saveAvatarImage(file).getName());
}
studentService.saveStudent(student);
return "redirect:/admin/allStudentsAdmin";
}
@GetMapping(value = "/addUser")
public ModelAndView displayAddUserForm() {
ModelAndView mv = new ModelAndView("addUser");
mv.addObject("user", new User());
return mv;
}
@PostMapping(value = "/addUser", consumes = "multipart/form-data")
public String saveNewUser(@ModelAttribute User user) {
userService.saveUser(user);
return "redirect:/admin/allUsers";
}
@GetMapping("/allUsers")
public ModelAndView allUsers(@ModelAttribute User user) {
ModelAndView mv = new ModelAndView("allUsers");
List<User> users = userService.getAll();
mv.addObject("users", users);
return mv;
}
@GetMapping("/editUser/{id}")
public ModelAndView editUser(@PathVariable Long id) {
Optional<User> user = userService.findUser(id);
if (user.isPresent()) {
ModelAndView mv = new ModelAndView("editUser");
mv.addObject("user", user.get());
return mv;
}
return new ModelAndView("redirect:/admin/allUsers");
}
@PostMapping("/editUser")
public String saveEditedUser(@ModelAttribute User user) {
userService.updateUser(user);
return "redirect:/admin/allUsers";
}
}
1 个答案:
答案 0 :(得分:0)
您的jsp代码在以下代码中包含错误:
<select name="role">
<option value="${user.role}" selected>ROLE_ADMIN</option>
<option value="${user.role}">ROLE_USER</option>
参数角色始终具有相同的值${user.role}。如果选择ROLE_ADMIN或ROLE_USER,则始终将当前用户角色(${user.role})的值发送到控制器。
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?