У меня есть пользовательская база данных с 3 отдельными таблицами: auth__role, auth_user, auth_user_role. На данный момент в моей регистрационной форме все зарегистрированные пользователи простые site_users. Но если я хочу назначить роль администратора пользователю, я могу только посетить мою базу данных MySQL и назначить им роли вручную по таблице. Я хочу добавить user_roles в поле ввода со списком в моей регистрационной форме. Но так как я начинающий весенний разработчик, я не могу найти пути дальнейших шагов, которые мне нужно сделать. Вот что я сделал:
есть3 роли: SUPER_ADMIN, ADMIN, SITE_USER
UserController.class
@Controller
public class UserController {
@Autowired
UserService userService;
@RequestMapping(value = {"/user_add"},method = RequestMethod.GET)
public ModelAndView client_add() {
ModelAndView modelAndView = new ModelAndView();
User user = new User();
modelAndView.addObject("user",user);
modelAndView.setViewName("user_add");
return modelAndView;
}
@RequestMapping(value="/user_add",method=RequestMethod.POST)
public ModelAndView registerUser(@Valid User user,BindingResult bindingResult,ModelMap modelMap)
{
ModelAndView modelAndView = new ModelAndView();
if(bindingResult.hasErrors()) {
modelAndView.addObject("successMessage","Iltimos xatoliklarni to'g'irlang");
modelMap.addAttribute("bindingResult", bindingResult);
}else if(userService.isUserAlreadyPresent(user)){
modelAndView.addObject("successMessage", "Foydalanuvchi mavjud");
}else {
userService.saveUser(user);
modelAndView.addObject("successMessage", "foydalanuvchi yuklandi");
}
modelAndView.addObject("user",new User());
modelAndView.setViewName("user_add");
return modelAndView;
}
UserService.class
package io.javabrains;
import java.util.Arrays;
import java.util.HashSet;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import io.javabrains.Entities.Role;
import io.javabrains.Entities.User;
import io.javabrains.repository.RoleRepository;
import io.javabrains.repository.UserRepository;
@Service
public class UserServicelmp implements UserService {
@Autowired
BCryptPasswordEncoder encoder;
@Autowired
RoleRepository roleRepository;
@Autowired
UserRepository userRepository;
@Override
public void saveUser(User user) {
user.setPassword(encoder.encode(user.getPassword()));
user.setStatus("VERIFIED");
Role userRole = roleRepository.findByRole("SITE_USER");
user.setRoles(new HashSet<Role>(Arrays.asList(userRole)));
userRepository.save(user);
}
@Override
public boolean isUserAlreadyPresent(User user) {
return false;
}
}
WebSecurity.class
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
@Autowired
private CustomLoginSuccessHandler successHandler;
@Autowired
private DataSource dataSource;
@Value("${spring.queries.users-query}")
private String usersQuery;
@Value("${spring.queries.roles-query}")
private String rolesQuery;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication().usersByUsernameQuery(usersQuery).authoritiesByUsernameQuery(rolesQuery)
.dataSource(dataSource).passwordEncoder(bCryptPasswordEncoder);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
// URLs matching for access rights
.antMatchers("/").permitAll()
.antMatchers("/login").permitAll()
.antMatchers("/register").permitAll()
.antMatchers("/home/**").hasAnyAuthority("SUPER_USER", "ADMIN_USER", "SITE_USER")
.antMatchers("/admin/**").hasAnyAuthority("SUPER_USER","ADMIN_USER")
.anyRequest().authenticated()
.and()
// form login
.csrf().disable().formLogin()
.loginPage("/login")
.failureUrl("/login?error=true")
.successHandler(successHandler)
.usernameParameter("email")
.passwordParameter("password")
.and()
// logout
.logout()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/").and()
.exceptionHandling()
.accessDeniedPage("/access-denied");
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**", "/static/**", "/css/**", "/js/**", "/images/**");
}
}
User.Class
@Entity
@Table(name = "auth_user")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "auth_user_id")
private int id;
@NotNull(message = "Ismni kiriting")
@Column(name = "first_name")
private String name;
@NotNull(message = "Familyani kiriting")
@Column(name = "last_name")
private String lastName;
@NotNull(message = "Email is compulsory")
@Email(message = "email is invalid")
@Column(name = "email")
private String email;
@NotNull(message = "password kiriting")
@Column(name = "password")
@Length(min=5,message="Parol eng kamida 5 belgidan iborat bo'lsin")
private String password;
@Column(name = "status")
private String status;
@ManyToMany(cascade = CascadeType.ALL)
@JoinTable(name = "auth_user_role", joinColumns = @JoinColumn(name = "auth_user_id"),
inverseJoinColumns = @JoinColumn(name = "auth_role_id"))
private Set<Role> roles;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getLastName() {
return lastName;
}
public void setLastName(String lastName) {
this.lastName = lastName;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getStatus() {
return status;
}
public void setStatus(String status) {
this.status = status;
}
public Set<Role> getRoles() {
return roles;
}
public void setRoles(Set<Role> roles) {
this.roles = roles;
}
}
Role.class
@Entity
@Table(name = "auth_role")
public class Role {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = "auth_role_id")
private int id;
@Column(name = "role_name")
private String role;
@Column(name = "role_desc")
private String desc;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
public String getDesc() {
return desc;
}
public void setDesc(String desc) {
this.desc = desc;
}
}
user_add.html
<div class="content">
<div class="row">
<div class="col-md-8">
<div class="card card-user">
<div class="card-header">
<h5 class="card-title">Foydalanuvchi qo'shish</h5>
</div>
<div class="card-body">
<form autocomplete="off" action="#" th:action="@{/user_add}" th:object="${user}" method="post" class="form-signin" role="form">
<div>
<div class="">
<div class="">
<label>Familiya</label>
<input type="text" th:field="*{lastName}" class="form-control" placeholder="" value="">
</div>
</div><br>
<div class="">
<div class="">
<label>Ism</label>
<input type="text" th:field="*{name}" class="form-control" placeholder="" value="">
</div>
</div><br>
<div class="col-md-13 pl-0">
<div class="form-group">
<label for="exampleInputEmail1">Email address</label>
<input type="email" th:field="*{email}" class="form-control" placeholder="">
</div>
</div>
</div>
<div class="row">
<div class="col-md-6 pr-1">
<div class="form-group">
<label>Parol</label>
<input type="password" th:field="*{password}" class="form-control" placeholder="" value="">
</div>
</div>
<div class="col-md-6 pl-1">
<div class="form-group">
<label>Foydalanuvchi maqomi</label>
<br>
<select name="example">
<option value="A">Admin_user</option>
</select>
</div>
</div>
</div>
<div class="row">
<div class="update ml-auto mr-auto">
<button type="submit" class="btn btn-primary btn-round">Saqlash</button>
</div>
</div>
<span th:utext="${successMessage}"></span>
<div class = "alert alert-success alert-dismissible col-sm-12"
th:if="${(bindingResult !=null && bindingResult.getAllErrors() != null)}">
<button type = "button" class="close" data-dismiss="alert" aria-hidden="true">x</button>
<ul th:each="data:${bindingResult.getAllErrors()}">
<li th:text="${data.getObjectName() + ' :: ' + data.getDefaultMessage()}"></li>
</ul>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
...