diff options
Diffstat (limited to 'src/main/java/com/juick/service/security')
-rw-r--r-- | src/main/java/com/juick/service/security/JuickUserDetailsService.java | 7 | ||||
-rw-r--r-- | src/main/java/com/juick/service/security/entities/JuickUser.java | 4 |
2 files changed, 9 insertions, 2 deletions
diff --git a/src/main/java/com/juick/service/security/JuickUserDetailsService.java b/src/main/java/com/juick/service/security/JuickUserDetailsService.java index a62bdadd..da222539 100644 --- a/src/main/java/com/juick/service/security/JuickUserDetailsService.java +++ b/src/main/java/com/juick/service/security/JuickUserDetailsService.java @@ -21,11 +21,14 @@ import com.juick.model.User; import com.juick.service.UserService; import com.juick.service.security.entities.JuickUser; import org.apache.commons.lang3.StringUtils; +import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.util.Assert; +import java.util.List; + /** * Created by aalexeev on 11/28/16. */ @@ -46,7 +49,9 @@ public class JuickUserDetailsService implements UserDetailsService { if (!user.isAnonymous()) { user.setAuthHash(userService.getHashByUID(user.getUid())); - return new JuickUser(user); + List<GrantedAuthority> authorities = userService.isAdminUser(user) ? + JuickUser.ADMIN_AUTHORITY : JuickUser.USER_AUTHORITY; + return new JuickUser(user, authorities); } throw new UsernameNotFoundException("The username " + username + " is not found"); diff --git a/src/main/java/com/juick/service/security/entities/JuickUser.java b/src/main/java/com/juick/service/security/entities/JuickUser.java index 062db3a4..dca5fe7d 100644 --- a/src/main/java/com/juick/service/security/entities/JuickUser.java +++ b/src/main/java/com/juick/service/security/entities/JuickUser.java @@ -17,8 +17,8 @@ package com.juick.service.security.entities; -import com.juick.model.User; import com.juick.model.AnonymousUser; +import com.juick.model.User; import org.apache.commons.lang3.StringUtils; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; @@ -33,10 +33,12 @@ import java.util.List; */ public class JuickUser implements UserDetails { static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER"); + static final GrantedAuthority ROLE_ADMIN = new SimpleGrantedAuthority("ROLE_ADMIN"); static final GrantedAuthority ROLE_ANONYMOUS = new SimpleGrantedAuthority("ROLE_ANONYMOUS"); public static final List<GrantedAuthority> USER_AUTHORITY = Collections.singletonList(ROLE_USER); public static final List<GrantedAuthority> ANONYMOUS_AUTHORITY = Collections.singletonList(ROLE_ANONYMOUS); + public static final List<GrantedAuthority> ADMIN_AUTHORITY = List.of(ROLE_ADMIN, ROLE_USER); public static final JuickUser ANONYMOUS_USER = new JuickUser(AnonymousUser.INSTANCE, ANONYMOUS_AUTHORITY); |