0
I have a system where everyone who accesses has a user standard ROLE, but if a user is assigned a secretary type task, the user’s ROLE will be SECRETARIO, users can assign tasks and therefore whoever receives the task will have their ROLE modified. Another "problem" is that a user can participate in more than one task, accumulating different functions. Someone has done similar to this case?
0
You need to have a permissions table to be used by Spring Security, as simplified as the example below:
@Entity
public class User implements Serializable {
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@NotNull
private String login;
@ManyToMany
@JoinTable(
name = "user_authority",
joinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "id")},
inverseJoinColumns = {@JoinColumn(name = "authority_name", referencedColumnName = "name")})
private Set<Authority> authorities = new HashSet<>();
// Getters and Settes
}
@Entity
public class Authority implements Serializable {
private static final long serialVersionUID = 1L;
@NotNull
private String name;
// Getters and Settes
}
Browser other questions tagged spring spring-security
You are not signed in. Login or sign up in order to post.
Did the answer help you? Do you need any additional information? Do you consider accepting it?
– Murillo Goulart