Dynamic ROLES with Spring Security?

0

I have a system where everyone who access has a ROLE default user, but if a user is assigned a task of the type secretary, the ROLE of that user will be SECRETARY, users can assign tasks and by this, whoever receives the task will have their ROLE modified. Another "problem" is that a user can participate in more than one task, accumulating different functions. Has anyone ever done anything like this?

    
asked by anonymous 30.05.2017 / 21:06

1 answer

0

You need to have a table of permissions to be used by Spring Security, as the example below simplifies:

User

@Entity
public class User implements Serializable {

    private static final long serialVersionUID = 1L;

    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private Long id;

    @NotNull
    private String login;

    @ManyToMany
    @JoinTable(
        name = "user_authority",
        joinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "id")},
        inverseJoinColumns = {@JoinColumn(name = "authority_name", referencedColumnName = "name")})
    private Set<Authority> authorities = new HashSet<>();

    // Getters and Settes
}

Authority

@Entity
public class Authority implements Serializable {

    private static final long serialVersionUID = 1L;

    @NotNull
    private String name;

    // Getters and Settes

}
    
09.06.2017 / 15:14