我的应用程序设置如下:
资源
@Path("/books")
public class BookResource {
@Inject
BookService bookService;
@Context
SecurityContext securityContext;
@GET
public Response getBooks() {
List<BookDTO> books = bookService.getAllBooks();
return Response.ok(books).build();
}
}
服务
public interface BookService {
List<BookDTO> getAllBooks();
}
服务实现
public class BookServiceImpl implements BookService {
@Context
SecurityContext securityContext;
@Override
public List<BookDTO> getAllBooks() {
BookDTO book1 = new BookDTO("Catcher in the Rye");
BookDTO book2 = new BookDTO("Moby Dick");
return Arrays.asList(new Book[]{book1,book2});
}
}
在我的资源中,SecurityContext 被注入,我可以获取当前用户。
有没有办法将 SecurityContext 注入资源之外(我放置路径注释的地方)?如果是这样,我该怎么做?我想将我的安全性移回服务甚至存储库。
更新 我通过以下代码解决了它,但我认为它可以变得更好/更清洁。
基础资源
public class BaseResource {
@Context
SecurityContext securityContext;
public class BaseRequest {
private Principal principal;
public BaseRequest() {
principal = securityContext.getUserPrincipal();
}
public Principal getPrincipal() {
return principal;
}
}
}
图书资源
public class BookResource extends BaseResource {
@Inject
BookService bookService;
@Path("/{id}")
public Response getBookById(@PathParam("id") Long id) {
BookDTO book = bookService.getBookById(new GetBookRequest(id));
return Response.ok(book).build();
}
public Response getAllBooks() {
List<BookDTO > books = bookService.getAllBooks(new GetAllBooksRequest());
return Response.ok(books).build();
}
public class GetBookRequest extends BaseRequest {
private Long id;
public GetBookRequest(Long id) {
super();
this.id = id;
}
public Long getId() {
return id;
}
}
public class GetAllBooksRequest extends BaseRequest {
public GetAllBooksRequest() {
super();
}
}
}
图书服务
public interface BookService {
public List<BookDTO> getAllBooks(GetAllBooksRequest request);
public BookDTO getBookById(GetBookRequest request);
}
BookServiceImpl
@Named
public class BookServiceImpl implements BookService {
@Override
public List<BookDTO> getAllBooks(GetAllBooksRequest request) {
Principal principal = request.getPrincipal();
BookDTO book1 = new BookDTO();
book1.setName("Catcher in the Rye");
book1.setId(1L);
BookDTO book2 = new BookDTO();
book2.setName("Moby Dick");
book2.setId(2L);
return Arrays.asList( new BookDTO[]{ book1, book2 });
}
@Override
public BookDTO getBookById(GetBookRequest request) {
Principal principal = request.getPrincipal();
BookDTO book = new BookDTO();
book.setName("Catcher in the Rye");
book.setId(request.getId());
return book;
}
}