Spring data mongodb @CreatedBy@LastModifiedBy@CreatedBy@LastModifiedBy SpringSecurityAuditorAware,只记

Posted 高因咖啡

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Spring data mongodb @CreatedBy@LastModifiedBy@CreatedBy@LastModifiedBy SpringSecurityAuditorAware,只记相关的知识,希望对你有一定的参考价值。

要在Spring data mongodb 中使用@[email protected]@[email protected]  这四个注解

必须实现 SpringSecurityAuditorAware

官方代码

class SpringSecurityAuditorAware implements AuditorAware<User> {

  public User getCurrentAuditor() {

    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

    if (authentication == null || !authentication.isAuthenticated()) {
      return null;
    }

    return ((MyUserDetails) authentication.getPrincipal()).getUser();
  }
}

添加配置文件 XML

<mongo:auditing mapping-context-ref="customMappingContext" auditor-aware-ref="yourAuditorAwareImpl"/>

SpringBoot 配置方式

@Configuration
@EnableMongoAuditing
class Config {

  @Bean
  public AuditorAware<AuditableUser> myAuditorProvider() {
      return new AuditorAwareImpl();
  }
}

使用注解

    @CreatedDate
    private LocalDateTime createDate;

    @CreatedBy
    private User createdBy;

    @LastModifiedBy
    private User lastModifiedBy;

    @LastModifiedDate
    private LocalDateTime lastModifiedDate;

 

所以,需要在你的用户实体,添加一个方法 

  public User getUser() {
        return new User(this.getUsername(),
                this.getPassword(),
                this.isEnabled(),
                this.isAccountNonExpired(),
                this.isCredentialsNonExpired(),
                this.isAccountNonLocked(),
                this.getAuthorities());
    }

当Springdata insert或者save的时候会生成数据,而且你会发现,很坑爹

    "createDate" : ISODate("2017-10-25T07:06:09.730Z"),
    "createdBy" : {
        "password" : "$2a$10$LceZ8.WHHrsDRBi6NNitJe4oih/xnhJKUsbfkzLnmYuhTKY683qxm",
        "username" : "athos7817",
        "authorities" : [
            {
                "role" : "AUTH_ORDER_UPDATE",
                "_class" : "org.springframework.security.core.authority.SimpleGrantedAuthority"
            },
            {
                "role" : "AUTH_ORDER_ADD",
                "_class" : "org.springframework.security.core.authority.SimpleGrantedAuthority"
            },
            //以下省略一万个权限
        ],
        "accountNonExpired" : true,
        "accountNonLocked" : true,
        "credentialsNonExpired" : true,
        "enabled" : true
},

    "lastModifiedBy" : {
        "password" : "$2a$10$LceZ8.WHHrsDRBi6NNitJe4oih/xnhJKUsbfkzLnmYuhTKY683qxm",
        "username" : "athos7817",
        "authorities" : [
            {
                "role" : "AUTH_ORDER_UPDATE",
                "_class" : "org.springframework.security.core.authority.SimpleGrantedAuthority"
            },
            {
                "role" : "AUTH_ORDER_ADD",
                "_class" : "org.springframework.security.core.authority.SimpleGrantedAuthority"
            },
            //以下省略一万个权限
        ],
        "accountNonExpired" : true,
        "accountNonLocked" : true,
        "credentialsNonExpired" : true,
        "enabled" : true
},

谁需要那么多废数据,而且SpringSecurity User的构造方法,不允许传入null

  public User(String username, String password, Collection<? extends GrantedAuthority> authorities) {
        this(username, password, true, true, true, true, authorities);
    }

    public User(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
        if (username != null && !"".equals(username) && password != null) {
            this.username = username;
            this.password = password;
            this.enabled = enabled;
            this.accountNonExpired = accountNonExpired;
            this.credentialsNonExpired = credentialsNonExpired;
            this.accountNonLocked = accountNonLocked;
            this.authorities = Collections.unmodifiableSet(sortAuthorities(authorities));
        } else {
            throw new IllegalArgumentException("Cannot pass null or empty values to constructor");
        }
    }

 

做出修改 User 修改为 String

    @CreatedDate
    private LocalDateTime createDate;

    @CreatedBy
    private String createdBy;

    @LastModifiedBy
    private String lastModifiedBy;

    @LastModifiedDate
    private LocalDateTime lastModifiedDate;
    @Bean
    public AuditorAware<String> auditorProvider() {
        return new SpringSecurityAuditorAware();
    }
/**
 * Created by laizhenwei on 2017/10/25
 */
public class SpringSecurityAuditorAware  implements AuditorAware<String> {

    public String getCurrentAuditor() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated()) {
            return null;
        }
        return ((MyUser) authentication.getPrincipal()).getUsername();
    }
}

结果

    "createDate" : ISODate("2017-10-25T07:35:46.636Z"),
    "createdBy" : "laizhenwei",
    "lastModifiedBy" : "laizhenwei",
    "lastModifiedDate" : ISODate("2017-10-25T07:35:46.636Z")

 

以上是关于Spring data mongodb @CreatedBy@LastModifiedBy@CreatedBy@LastModifiedBy SpringSecurityAuditorAware,只记的主要内容,如果未能解决你的问题,请参考以下文章

Spring -Data MongoDB问题与作为接口的字段

用Spring data查询mongodb的问题,求解答

使用Spring访问Mongodb的方法大全——Spring Data MongoDB

如何在 spring-boot 中禁用 spring-data-mongodb 自动配置

将 Spring 安全 ACL 与 spring-data-mongodb 一起使用

spring data mongodb Query 及分页