aboutsummaryrefslogtreecommitdiff
path: root/src/main/java/com/juick/service/security
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/juick/service/security')
-rw-r--r--src/main/java/com/juick/service/security/JuickUserDetailsService.java7
-rw-r--r--src/main/java/com/juick/service/security/entities/JuickUser.java4
2 files changed, 9 insertions, 2 deletions
diff --git a/src/main/java/com/juick/service/security/JuickUserDetailsService.java b/src/main/java/com/juick/service/security/JuickUserDetailsService.java
index a62bdadd..da222539 100644
--- a/src/main/java/com/juick/service/security/JuickUserDetailsService.java
+++ b/src/main/java/com/juick/service/security/JuickUserDetailsService.java
@@ -21,11 +21,14 @@ import com.juick.model.User;
import com.juick.service.UserService;
import com.juick.service.security.entities.JuickUser;
import org.apache.commons.lang3.StringUtils;
+import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.Assert;
+import java.util.List;
+
/**
* Created by aalexeev on 11/28/16.
*/
@@ -46,7 +49,9 @@ public class JuickUserDetailsService implements UserDetailsService {
if (!user.isAnonymous()) {
user.setAuthHash(userService.getHashByUID(user.getUid()));
- return new JuickUser(user);
+ List<GrantedAuthority> authorities = userService.isAdminUser(user) ?
+ JuickUser.ADMIN_AUTHORITY : JuickUser.USER_AUTHORITY;
+ return new JuickUser(user, authorities);
}
throw new UsernameNotFoundException("The username " + username + " is not found");
diff --git a/src/main/java/com/juick/service/security/entities/JuickUser.java b/src/main/java/com/juick/service/security/entities/JuickUser.java
index 062db3a4..dca5fe7d 100644
--- a/src/main/java/com/juick/service/security/entities/JuickUser.java
+++ b/src/main/java/com/juick/service/security/entities/JuickUser.java
@@ -17,8 +17,8 @@
package com.juick.service.security.entities;
-import com.juick.model.User;
import com.juick.model.AnonymousUser;
+import com.juick.model.User;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -33,10 +33,12 @@ import java.util.List;
*/
public class JuickUser implements UserDetails {
static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER");
+ static final GrantedAuthority ROLE_ADMIN = new SimpleGrantedAuthority("ROLE_ADMIN");
static final GrantedAuthority ROLE_ANONYMOUS = new SimpleGrantedAuthority("ROLE_ANONYMOUS");
public static final List<GrantedAuthority> USER_AUTHORITY = Collections.singletonList(ROLE_USER);
public static final List<GrantedAuthority> ANONYMOUS_AUTHORITY = Collections.singletonList(ROLE_ANONYMOUS);
+ public static final List<GrantedAuthority> ADMIN_AUTHORITY = List.of(ROLE_ADMIN, ROLE_USER);
public static final JuickUser ANONYMOUS_USER = new JuickUser(AnonymousUser.INSTANCE, ANONYMOUS_AUTHORITY);