I tried to add and change roles in jhipster. First I just tried to change one use case's role to admin from user. Then I tested it and user can add employee even if the roles is ROLE_ADMIN so it didn't change anything.
I added new role as well, called MANAGER. I edited AuthoritiesConstants.java and added new role to JHI_AUTHORITY-table. Should I do something else or is this enough to get this working?
state('employee.new', {
parent: 'employee',
url: '/new',
data: {
roles: ['ROLE_ADMIN'],
},
onEnter: ['$stateParams', '$state', '$modal', function($stateParams, $state, $modal) {
$modal.open({
templateUrl: 'scripts/app/entities/employee/employee-dialog.html',
controller: 'EmployeeDialogController',
size: 'lg',
resolve: {
entity: function () {
return {nameFirst: null, nameLast: null, taxNumber: null, isFinnish: null, finnishSOTU: null, valtticard: null, birthDate: null, isContactPerson: null, isTiedonantaja: null, cOTARKENNE: null, id: null};
}
}
}).result.then(function(result) {
$state.go('employee', null, { reload: true });
}, function() {
$state.go('employee');
})
}]
})
Edit the following 6 files to include/exclude code specified in blocks to add/remove a role(ROLE_MANAGER as an example)
AuthoritiesConstants.java (constant to be used in java)
public static final String MANAGER = "ROLE_MANAGER";
src/main/resources/config/liquibase/authorities.csv (proper liquidbase update)
ROLE_MANAGER
src/main/resources/config/liquibase/users.csv (add username: manager with password: user)
5;manager;$2a$10$VEjxo0jq2YG9Rbk2HmX9S.k1uZBGYUHdUcid3g/vfiEl7lwWgOH/K;Manager;Manager;manager@localhost;true;en;system
src/main/resources/config/liquibase/users_authorities.csv (another proper liquidbase update)
5;ROLE_MANAGER
src/main/webapp/app/admin/user-management/user-management.controller.js (for role to be available in JavaScript)
$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];
src/main/webapp/app/admin/user-management/user-management-dialog.controller.js (for role to be available in JavaScript)
$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];
Restart the server once everything is in place and double check JHI_AUTHORITY and JHI_USER_AUTHORITY tables after application launch for a new ROLE_MANAGER to be there. Login into system with username: 'manager' and password: 'user'.
You must insert new role into JHI_AUTHORITY table then grant this role to some users in JHI_USER_AUTHORITY table. This means updating authorities.csv and users_authorities.csv file if you re-create your database (e.g. if you use H2).
On client-side, just add new role to roles property of your state definitions.
I have found an easiest way:
Disable liquibase from .gradle file (in my case App>gradle>profile_dev.gradle) by changing the following:
def profiles = 'dev,no-liquibase'
//if (project.hasProperty('no-liquibase')) {
// profiles += ',no-liquibase'
//}
Now change in src/main/webapp/scripts/app/admin/user-management/user-management.controller.js to add your role.
$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "YOUR_ROLE"];
And src/main/webapp/scripts/app/admin/user-management/user-management-dialog.controller.js
$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "YOUR_ROLE"];
Finally add "YOUR_ROLE" in "name" column of "jhi_authority" table in database and save. Now restart application and you will able to create user with your newly created role.
After above instruction I got:
ERROR [...]f.config.liquibase.AsyncSpringLiquibase : Liquibase could not start correctly, your database is NOT ready: Validation Failed:
[...]
To avoid that, run
./mvnw liquibase:clearCheckSums
User with new role, has no access to account settings, so you have to add new roles to
/src/main/webapp/app/account/password/password.state.js
/src/main/webapp/app/account/sessions/sessions.state.js
/src/main/webapp/app/account/settings/settings.state.js
Complete instruction:
https://codefitter2.blogspot.com/2016/11/how-to-create-new-role-in-jhipster.html
Taking a leaf out of @Constantin Zagorsky here are the steps that work.
AuthoritiesConstants.java
(constant to be used in java)
public static final String MANAGER = "ROLE_MANAGER";
2.src/main/resources/config/liquibase/authorities.csv
(proper liquibase update) [This will not run. But important to keep in sync with DB]
ROLE_MANAGER
Update DB [Important because liquibase will not pick up changes made in authorities,csv in step 2]
insert into jhi_authority values ('ROLE_MANAGER');
src/main/webapp/app/admin/user-management/user-management.controller.js
(for role to be available in JavaScript)
$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];
src/main/webapp/app/admin/user-management/user-management-dialog.controller.js
(for role to be available in JavaScript)
$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];
- Modify public User createUser(ManagedUserVM managedUserVM) method in UserService.java (Very Important). Modify default password generation logic
// comment default password generation. In my case I made the default
//user as same as userid
//String encryptedPassword =
passwordEncoder.encode(RandomUtil.generatePassword());
String encryptedPassword = passwordEncoder.encode(managedUserVM.getLogin());
- Log into application as Admin
- Add new user with a new role. Default password would be same as username.