0

我的应用程序设置如下:

资源

@Path("/books")
public class BookResource {
    @Inject
    BookService bookService;

    @Context
    SecurityContext securityContext;

    @GET
    public Response getBooks() {
        List<BookDTO> books = bookService.getAllBooks();

        return Response.ok(books).build();
    }
}

服务

public interface BookService {
    List<BookDTO> getAllBooks();
}

服务实现

public class BookServiceImpl implements BookService {

    @Context
    SecurityContext securityContext;

    @Override
    public List<BookDTO> getAllBooks() {
        BookDTO book1 = new BookDTO("Catcher in the Rye");
        BookDTO book2 = new BookDTO("Moby Dick");

        return Arrays.asList(new Book[]{book1,book2});
    }
}

在我的资源中,SecurityContext 被注入,我可以获取当前用户。

有没有办法将 SecurityContext 注入资源之外(我放置路径注释的地方)?如果是这样,我该怎么做?我想将我的安全性移回服务甚至存储库。

更新 我通过以下代码解决了它,但我认为它可以变得更好/更清洁。

基础资源

public class BaseResource {

    @Context
    SecurityContext securityContext;


    public class BaseRequest {

        private Principal principal;

        public BaseRequest() {
            principal = securityContext.getUserPrincipal();
        }

        public Principal getPrincipal() {
            return principal;
        }
    }
}

图书资源

public class BookResource extends BaseResource {

    @Inject
    BookService bookService;

    @Path("/{id}")
    public Response getBookById(@PathParam("id") Long id) {
        BookDTO book = bookService.getBookById(new GetBookRequest(id));

        return Response.ok(book).build();
    }

    public Response getAllBooks() {
        List<BookDTO > books = bookService.getAllBooks(new GetAllBooksRequest());

        return Response.ok(books).build();
    }

    public class GetBookRequest extends BaseRequest {

        private Long id;

        public GetBookRequest(Long id) {
            super();
            this.id = id;
        }

        public Long getId() {
            return id;
        }
    }

    public class GetAllBooksRequest extends BaseRequest {

        public GetAllBooksRequest() {
            super();
        }
    }
}

图书服务

public interface BookService {

    public List<BookDTO> getAllBooks(GetAllBooksRequest request);

    public BookDTO getBookById(GetBookRequest request);
}

BookServiceImpl

@Named
public class BookServiceImpl implements BookService {

    @Override
    public List<BookDTO> getAllBooks(GetAllBooksRequest request) {
        Principal principal = request.getPrincipal();

        BookDTO book1 = new BookDTO();
        book1.setName("Catcher in the Rye");
        book1.setId(1L);

        BookDTO book2 = new BookDTO();
        book2.setName("Moby Dick");
        book2.setId(2L);

        return Arrays.asList( new BookDTO[]{ book1, book2 });
    }

    @Override
    public BookDTO getBookById(GetBookRequest request) {
        Principal principal = request.getPrincipal();

        BookDTO book = new BookDTO();
        book.setName("Catcher in the Rye");
        book.setId(request.getId());

        return book;
    }

}
4

0 回答 0