DYNAMIC ROLES with Spring Security?

Asked

Viewed 158 times

0

I have a system where everyone who accesses has a user standard ROLE, but if a user is assigned a secretary type task, the user’s ROLE will be SECRETARIO, users can assign tasks and therefore whoever receives the task will have their ROLE modified. Another "problem" is that a user can participate in more than one task, accumulating different functions. Someone has done similar to this case?

  • Did the answer help you? Do you need any additional information? Do you consider accepting it?

1 answer

0

You need to have a permissions table to be used by Spring Security, as simplified as the example below:

User

@Entity
public class User implements Serializable {

    private static final long serialVersionUID = 1L;

    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private Long id;

    @NotNull
    private String login;

    @ManyToMany
    @JoinTable(
        name = "user_authority",
        joinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "id")},
        inverseJoinColumns = {@JoinColumn(name = "authority_name", referencedColumnName = "name")})
    private Set<Authority> authorities = new HashSet<>();

    // Getters and Settes
}

Authority

@Entity
public class Authority implements Serializable {

    private static final long serialVersionUID = 1L;

    @NotNull
    private String name;

    // Getters and Settes

}

Browser other questions tagged

You are not signed in. Login or sign up in order to post.