|
1 | | -= Spring Data AOT Sample |
| 1 | += Spring Data Sample |
2 | 2 |
|
3 | | -To compile this project, you will need to use a special Java compiler. |
4 | | -If you are using SDKMan!, then the version will be correctly selected for you. |
5 | | -Or, you can do the following: |
| 3 | +After running this sample like so: |
6 | 4 |
|
7 | | -```bash |
8 | | -sdk use java 23.0.5.r17-nik |
9 | | -``` |
10 | | - |
11 | | -After that, you can compile like so: |
12 | | - |
13 | | -```bash |
14 | | -./gradlew nativeCompile |
15 | | -``` |
16 | | - |
17 | | -Once compiled, you can run like so: |
18 | | - |
19 | | -```bash |
20 | | -./build/native/nativeCompile/data |
21 | | -``` |
| 5 | +.Java |
| 6 | +[source,java,role="primary"] |
| 7 | +---- |
| 8 | +./gradlew :bootRun |
| 9 | +---- |
22 | 10 |
|
23 | 11 | Then you can query for messages using `luke/password` and `rob/password`. |
24 | 12 |
|
25 | | -Because the domain objects are secured, you will see a subset of fields with `luke`. |
| 13 | +Because the domain objects are secured by ACLs, Rob will only see Rob's messages, and Luke will only see Luke's. |
26 | 14 |
|
27 | 15 | For example, querying `/` with `luke`, you'll see: |
28 | 16 |
|
29 | | -```json |
30 | | - ... |
| 17 | +[source,json] |
| 18 | +---- |
| 19 | +[ |
31 | 20 | { |
32 | | - "created": "2014-07-12T16:00:00Z", |
33 | | - "id": 112, |
34 | | - "summary": "Is this secure?", |
| 21 | + "created": "2014-07-12T10:00:00Z", |
| 22 | + "id": 110, |
| 23 | + "summary": "Hello Luke", |
35 | 24 | "text": "This message is for Luke", |
36 | | - "to": { |
37 | | - "email": "luke@example.com", |
38 | | - "id": "luke", |
39 | | - "password": "password" |
40 | | - } |
41 | | - } |
42 | | - ... |
43 | | -``` |
44 | | - |
45 | | -However, with `rob`, you'll also see `firstName` and `lastName` like so: |
46 | | - |
47 | | -```json |
48 | | - ... |
| 25 | + "to": "luke" |
| 26 | + }, |
| 27 | + { |
| 28 | + "created": "2014-07-12T10:00:00Z", |
| 29 | + "id": 111, |
| 30 | + "summary": "Greetings Luke", |
| 31 | + "text": "This message is for Luke", |
| 32 | + "to": "luke" |
| 33 | + }, |
49 | 34 | { |
50 | | - "created": "2014-07-12T04:00:00Z", |
51 | | - "id": 102, |
| 35 | + "created": "2014-07-12T10:00:00Z", |
| 36 | + "id": 112, |
52 | 37 | "summary": "Is this secure?", |
53 | | - "text": "This message is for Rob", |
54 | | - "to": { |
55 | | - "email": "rob@example.com", |
56 | | - "firstName": "Rob", |
57 | | - "id": "rob", |
58 | | - "lastName": "Winch", |
59 | | - "password": "password" |
60 | | - } |
| 38 | + "text": "This message is for Luke", |
| 39 | + "to": "luke" |
61 | 40 | } |
62 | | - ... |
63 | | -``` |
64 | | - |
65 | | -You can also change the message text. |
66 | | -To do this, copy and paste the `X-CSRF-TOKEN` and `Cookie: JSESSION` headers and include them in a `PUT :8080/102` request. |
67 | | - |
68 | | -An example of this request using HTTPie can be seen below: |
| 41 | +] |
| 42 | +---- |
69 | 43 |
|
70 | | -```bash |
71 | | -echo -n "updated message" | http -a rob:password PUT :8080/102 "X-CSRF-TOKEN: {copied from GET request}" "Cookie: JSESSIONID={copied from GET request}" |
72 | | -``` |
73 | 44 |
|
74 | | -Read more about the https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#authorize-object[`@AuthorizeReturnObject`] and https://docs.spring.io/spring-security/reference/servlet/authorization/method-security.html#fallback-values-authorization-denied[]`@DeniedHandler`] in the Spring Security Reference. |
| 45 | +Read more about https://docs.spring.io/spring-security/reference/servlet/authorization/acls.html[Authorization by ACL] in the Spring Security Reference. |
0 commit comments