|
|
@@ -1,74 +1,45 @@
|
|
|
-= Spring Data AOT Sample
|
|
|
+= Spring Data Sample
|
|
|
|
|
|
-To compile this project, you will need to use a special Java compiler.
|
|
|
-If you are using SDKMan!, then the version will be correctly selected for you.
|
|
|
-Or, you can do the following:
|
|
|
+After running this sample like so:
|
|
|
|
|
|
-```bash
|
|
|
-sdk use java 23.0.5.r17-nik
|
|
|
-```
|
|
|
-
|
|
|
-After that, you can compile like so:
|
|
|
-
|
|
|
-```bash
|
|
|
-./gradlew nativeCompile
|
|
|
-```
|
|
|
-
|
|
|
-Once compiled, you can run like so:
|
|
|
-
|
|
|
-```bash
|
|
|
-./build/native/nativeCompile/data
|
|
|
-```
|
|
|
+.Java
|
|
|
+[source,java,role="primary"]
|
|
|
+----
|
|
|
+./gradlew :bootRun
|
|
|
+----
|
|
|
|
|
|
Then you can query for messages using `luke/password` and `rob/password`.
|
|
|
|
|
|
-Because the domain objects are secured, you will see a subset of fields with `luke`.
|
|
|
+Because the domain objects are secured by ACLs, Rob will only see Rob's messages, and Luke will only see Luke's.
|
|
|
|
|
|
For example, querying `/` with `luke`, you'll see:
|
|
|
|
|
|
-```json
|
|
|
- ...
|
|
|
+[source,json]
|
|
|
+----
|
|
|
+[
|
|
|
{
|
|
|
- "created": "2014-07-12T16:00:00Z",
|
|
|
- "id": 112,
|
|
|
- "summary": "Is this secure?",
|
|
|
+ "created": "2014-07-12T10:00:00Z",
|
|
|
+ "id": 110,
|
|
|
+ "summary": "Hello Luke",
|
|
|
"text": "This message is for Luke",
|
|
|
- "to": {
|
|
|
- "email": "luke@example.com",
|
|
|
- "id": "luke",
|
|
|
- "password": "password"
|
|
|
- }
|
|
|
- }
|
|
|
- ...
|
|
|
-```
|
|
|
-
|
|
|
-However, with `rob`, you'll also see `firstName` and `lastName` like so:
|
|
|
-
|
|
|
-```json
|
|
|
- ...
|
|
|
+ "to": "luke"
|
|
|
+ },
|
|
|
+ {
|
|
|
+ "created": "2014-07-12T10:00:00Z",
|
|
|
+ "id": 111,
|
|
|
+ "summary": "Greetings Luke",
|
|
|
+ "text": "This message is for Luke",
|
|
|
+ "to": "luke"
|
|
|
+ },
|
|
|
{
|
|
|
- "created": "2014-07-12T04:00:00Z",
|
|
|
- "id": 102,
|
|
|
+ "created": "2014-07-12T10:00:00Z",
|
|
|
+ "id": 112,
|
|
|
"summary": "Is this secure?",
|
|
|
- "text": "This message is for Rob",
|
|
|
- "to": {
|
|
|
- "email": "rob@example.com",
|
|
|
- "firstName": "Rob",
|
|
|
- "id": "rob",
|
|
|
- "lastName": "Winch",
|
|
|
- "password": "password"
|
|
|
- }
|
|
|
+ "text": "This message is for Luke",
|
|
|
+ "to": "luke"
|
|
|
}
|
|
|
- ...
|
|
|
-```
|
|
|
-
|
|
|
-You can also change the message text.
|
|
|
-To do this, copy and paste the `X-CSRF-TOKEN` and `Cookie: JSESSION` headers and include them in a `PUT :8080/102` request.
|
|
|
-
|
|
|
-An example of this request using HTTPie can be seen below:
|
|
|
+]
|
|
|
+----
|
|
|
|
|
|
-```bash
|
|
|
-echo -n "updated message" | http -a rob:password PUT :8080/102 "X-CSRF-TOKEN: {copied from GET request}" "Cookie: JSESSIONID={copied from GET request}"
|
|
|
-```
|
|
|
|
|
|
-Read more about the https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#authorize-object[`@AuthorizeReturnObject`] and https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#fallback-values-authorization-denied[]`@DeniedHandler`] in the Spring Security Reference.
|
|
|
+Read more about https://docs.spring.io/spring-security/reference/servlet/authorization/acls.html[Authorization by ACL] in the Spring Security Reference.
|
Josh Cummings