Josh Cummings
27c1ae56d4
Update :servlet:spring-boot:java:data to 7
|
il y a 1 mois | |
|---|---|---|
| .. | ||
| gradle | il y a 10 mois | |
| src | il y a 1 mois | |
| README.adoc | il y a 1 an | |
| build.gradle | il y a 1 an | |
| gradle.properties | il y a 1 mois | |
| gradlew | il y a 1 an | |
| gradlew.bat | il y a 1 an | |
| settings.gradle | il y a 1 an | |
README.adoc
= Spring Data Sample
After running this sample like so:
.Java
[source,java,role="primary"]
----
./gradlew :bootRun
----
Then you can query for messages using `luke/password` and `rob/password`.
Because the domain objects are secured, you will see a subset of fields with `luke`.
For example, querying `/` with `luke`, you'll see:
```json
...
{
"created": "2014-07-12T16:00:00Z",
"id": 112,
"summary": "Is this secure?",
"text": "This message is for Luke",
"to": {
"email": "luke@example.com",
"id": "luke",
"password": "password"
}
}
...
```
However, with `rob`, you'll also see `firstName` and `lastName` like so:
```json
...
{
"created": "2014-07-12T04:00:00Z",
"id": 102,
"summary": "Is this secure?",
"text": "This message is for Rob",
"to": {
"email": "rob@example.com",
"firstName": "Rob",
"id": "rob",
"lastName": "Winch",
"password": "password"
}
}
...
```
Read more about the https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#authorize-object[`@AuthorizeReturnObject`] and https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#fallback-values-authorization-denied[]`@DeniedHandler`] in the Spring Security Reference.
After running this sample like so:
.Java
[source,java,role="primary"]
----
./gradlew :bootRun
----
Then you can query for messages using `luke/password` and `rob/password`.
Because the domain objects are secured, you will see a subset of fields with `luke`.
For example, querying `/` with `luke`, you'll see:
```json
...
{
"created": "2014-07-12T16:00:00Z",
"id": 112,
"summary": "Is this secure?",
"text": "This message is for Luke",
"to": {
"email": "luke@example.com",
"id": "luke",
"password": "password"
}
}
...
```
However, with `rob`, you'll also see `firstName` and `lastName` like so:
```json
...
{
"created": "2014-07-12T04:00:00Z",
"id": 102,
"summary": "Is this secure?",
"text": "This message is for Rob",
"to": {
"email": "rob@example.com",
"firstName": "Rob",
"id": "rob",
"lastName": "Winch",
"password": "password"
}
}
...
```
Read more about the https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#authorize-object[`@AuthorizeReturnObject`] and https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#fallback-values-authorization-denied[]`@DeniedHandler`] in the Spring Security Reference.