I created a project putting system authentication including login and password directly into the Java code, but I know this is super wrong, the most recommended for implementation of authentication is the system to get the login and password directly from the bank, in addition to authentication the user will also need permission, that is, does not mean that when logging in the user will have direct view of the pages, the navigability rules I will put in Spring Security, what is being complicated for me is to perform the mapping in the entities in the classes Java.
I know how to do the creation of the database through SQL, but I do not know how to abstract this for entity mapping in Java, see the model you build in SQL;
Entity User ;
CREATE TABLE usuario (
codigo BIGINT(20) PRIMARY KEY AUTO_INCREMENT,
nome VARCHAR(50) NOT NULL,
email VARCHAR(50) NOT NULL,
senha VARCHAR(120) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Entity Group ;
CREATE TABLE grupo (
codigo BIGINT(20) PRIMARY KEY,
nome VARCHAR(50) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Entity Permission ;
CREATE TABLE permissao (
codigo BIGINT(20) PRIMARY KEY,
nome VARCHAR(50) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Entity Permission Group ;
CREATE TABLE grupopermissao (
codigo_grupo BIGINT(20) NOT NULL,
codigo_permissao BIGINT(20) NOT NULL,
PRIMARY KEY (codigo_grupo, codigo_permissao),
FOREIGN KEY (codigo_grupo) REFERENCES grupo(codigo),
FOREIGN KEY (codigo_permissao) REFERENCES permissao(codigo)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
Entity GroupUser ;
CREATE TABLE usuariogrupo (
codigo_usuario BIGINT(20) NOT NULL,
codigo_grupo BIGINT(20) NOT NULL,
PRIMARY KEY (codigo_usuario, codigo_grupo),
FOREIGN KEY (codigo_usuario) REFERENCES usuario(codigo),
FOREIGN KEY (codigo_grupo) REFERENCES grupo(codigo)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
I'll explain my intentions in relation to these tables above, the tables would behave as follows.
In the system the user would enter the permissions registry screen and would register only two permissions;
- VIEW_CADASTRO
- VIEW_QUESTION
Then the user would enter the group registration screen and would register only two groups;
- Administrators
- Sellers
Next the user would enter a signup screen to associate the groups to the permissions, then you imagine you enter a screen with two ComboBox , one would list the groups and the other list the permissions , after choosing it would only submit the form on that screen.
If administrators were code 1 and vendors were code 2 then permission to register was code 1 and view searches were code 2 would look like this;
Permission Group
- 1.1
- 1.2
- 2.1
This means that the administrator would be in the group that has permission to search and register and group of sellers only to register.
I'm sorry for the long post, but it was necessary to understand my context.
My only difficulty is that I do not know how to map my entities in relation to the reality described above, I do not even know where to go.