Using ROLES in jhipster?

2019-01-24 12:58发布

问题:

I tried to add and change roles in jhipster. First I just tried to change one use case's role to admin from user. Then I tested it and user can add employee even if the roles is ROLE_ADMIN so it didn't change anything.

I added new role as well, called MANAGER. I edited AuthoritiesConstants.java and added new role to JHI_AUTHORITY-table. Should I do something else or is this enough to get this working?

state('employee.new', {
            parent: 'employee',
            url: '/new',
            data: {
                roles: ['ROLE_ADMIN'],
            },
            onEnter: ['$stateParams', '$state', '$modal', function($stateParams, $state, $modal) {
                $modal.open({
                    templateUrl: 'scripts/app/entities/employee/employee-dialog.html',
                    controller: 'EmployeeDialogController',
                    size: 'lg',
                    resolve: {
                        entity: function () {
                            return {nameFirst: null, nameLast: null, taxNumber: null, isFinnish: null, finnishSOTU: null, valtticard: null, birthDate: null, isContactPerson: null, isTiedonantaja: null, cOTARKENNE: null, id: null};
                        }
                    }
                }).result.then(function(result) {
                    $state.go('employee', null, { reload: true });
                }, function() {
                    $state.go('employee');
                })
            }]
        })

回答1:

Edit the following 6 files to include/exclude code specified in blocks to add/remove a role(ROLE_MANAGER as an example)

  1. AuthoritiesConstants.java (constant to be used in java)

    public static final String MANAGER = "ROLE_MANAGER";

  2. src/main/resources/config/liquibase/authorities.csv (proper liquidbase update)

    ROLE_MANAGER

  3. src/main/resources/config/liquibase/users.csv (add username: manager with password: user)

    5;manager;$2a$10$VEjxo0jq2YG9Rbk2HmX9S.k1uZBGYUHdUcid3g/vfiEl7lwWgOH/K;Manager;Manager;manager@localhost;true;en;system

  4. src/main/resources/config/liquibase/users_authorities.csv (another proper liquidbase update)

    5;ROLE_MANAGER

  5. src/main/webapp/app/admin/user-management/user-management.controller.js (for role to be available in JavaScript)

    $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

  6. src/main/webapp/app/admin/user-management/user-management-dialog.controller.js (for role to be available in JavaScript)

    $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

Restart the server once everything is in place and double check JHI_AUTHORITY and JHI_USER_AUTHORITY tables after application launch for a new ROLE_MANAGER to be there. Login into system with username: 'manager' and password: 'user'.



回答2:

You must insert new role into JHI_AUTHORITY table then grant this role to some users in JHI_USER_AUTHORITY table. This means updating authorities.csv and users_authorities.csv file if you re-create your database (e.g. if you use H2).

On client-side, just add new role to roles property of your state definitions.



回答3:

I have found an easiest way:

  1. Disable liquibase from .gradle file (in my case App>gradle>profile_dev.gradle) by changing the following:

    def profiles = 'dev,no-liquibase' //if (project.hasProperty('no-liquibase')) { // profiles += ',no-liquibase' //}

  2. Now change in src/main/webapp/scripts/app/admin/user-management/user-management.controller.js to add your role.

    $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "YOUR_ROLE"];

  3. And src/main/webapp/scripts/app/admin/user-management/user-management-dialog.controller.js

    $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "YOUR_ROLE"];

  4. Finally add "YOUR_ROLE" in "name" column of "jhi_authority" table in database and save. Now restart application and you will able to create user with your newly created role.



回答4:

After above instruction I got:

ERROR [...]f.config.liquibase.AsyncSpringLiquibase  : Liquibase could not start correctly, your database is NOT ready: Validation Failed:
[...]

To avoid that, run

./mvnw liquibase:clearCheckSums

User with new role, has no access to account settings, so you have to add new roles to

/src/main/webapp/app/account/password/password.state.js
/src/main/webapp/app/account/sessions/sessions.state.js
/src/main/webapp/app/account/settings/settings.state.js

Complete instruction: https://codefitter2.blogspot.com/2016/11/how-to-create-new-role-in-jhipster.html



回答5:

Taking a leaf out of @Constantin Zagorsky here are the steps that work.

  1. AuthoritiesConstants.java (constant to be used in java)

public static final String MANAGER = "ROLE_MANAGER";

2.src/main/resources/config/liquibase/authorities.csv (proper liquibase update) [This will not run. But important to keep in sync with DB]

ROLE_MANAGER

  1. Update DB [Important because liquibase will not pick up changes made in authorities,csv in step 2]

    insert into jhi_authority values ('ROLE_MANAGER');

  2. src/main/webapp/app/admin/user-management/user-management.controller.js(for role to be available in JavaScript)

$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

  1. src/main/webapp/app/admin/user-management/user-management-dialog.controller.js(for role to be available in JavaScript)

$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

  1. Modify public User createUser(ManagedUserVM managedUserVM) method in UserService.java (Very Important). Modify default password generation logic

// comment default password generation. In my case I made the default //user as same as userid

//String encryptedPassword = passwordEncoder.encode(RandomUtil.generatePassword()); String encryptedPassword = passwordEncoder.encode(managedUserVM.getLogin());

  1. Log into application as Admin
  2. Add new user with a new role. Default password would be same as username.