Java 在spring security中删除重复的授权
我正在用spring boot、angularjs、jpa等编写一个用户管理系统。。。所有用户的功能都将分配给Java 在spring security中删除重复的授权,java,spring-boot,hibernate,jpa,spring-security,Java,Spring Boot,Hibernate,Jpa,Spring Security,我正在用spring boot、angularjs、jpa等编写一个用户管理系统。。。所有用户的功能都将分配给授权权限,并将发送回angularjs以相应地设计主页,但即使我将权限分配给ArrayList,而不是HashSet,仍然会删除重复的功能 循环结束时,grandedauthorities的大小为12,一切正常,但当它返回响应时,重复项被删除 @服务 公共类UserDetailsServiceImpl实现UserDetailsService{ @自动连线 私人用户jparepositor
授权权限ArrayListHashSetgrandedauthorities@服务
公共类UserDetailsServiceImpl实现UserDetailsService{
@自动连线
私人用户jparepository用户jparepository;
@自动连线
私人角色特征私人角色特征私人角色特征;
@凌驾
@交易的
public UserDetails loadUserByUsername(字符串用户名)引发UsernameNotFoundException{
User User=userJpaRepository.findByUsername(用户名);
if(user==null){
抛出新UsernameNotFoundException(
“Opps!找不到用户名为:“+用户名”的用户);
}
返回新的org.springframework.security.core.userdetails.User(
user.getUsername(),user.getPassword(),
GetAuthories(用户)
);
}
私有收集权限(用户){
ArrayList GrantedAuthories=新建ArrayList();
Role=user.getRoles();
对于(功能:role.getFeatures()){
RoleFeaturesPK RoleFeaturesPK=新的RoleFeaturesPK();
roleFeaturesPK.setRoleId(role.getId());
roleFeaturesPK.setFeatureId(features.getId());
可选roleFeatures=RoleFeaturesParepository.findById(roleFeaturesPK);
RoleFeatures features_entity=RoleFeatures.get();
添加(新的SimpleGrantedAuthority(features.getName());
添加(新的SimpleGrantedAuthority(features_entity.getReadOption());
添加(新的SimpleGrantedAuthority(features\u entity.getReadWriteOption());
}
返回授权机构;
}
}
方法GetAuthories似乎还可以,它可能会在返回线上被删除
私有收集权限(用户)
返回新的org.springframework.security.core.userdetails.User(
user.getUsername(),user.getPassword(),
GetAuthories(用户)
);
this.authorities = Collections.unmodifiableSet(sortAuthorities(authorities));
private static class AuthorityComparator implements Comparator<GrantedAuthority>,Serializable {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
public int compare(GrantedAuthority g1, GrantedAuthority g2) {
// Neither should ever be null as each entry is checked before adding it to
// the set.
// If the authority is null, it is a custom authority and should precede
// others.
if (g2.getAuthority() == null) {
return -1;
}
if (g1.getAuthority() == null) {
return 1;
}
return g1.getAuthority().compareTo(g2.getAuthority());
}
}
私有静态类AuthorityComparator实现可序列化的Comparator{
私有静态最终长serialVersionUID=SpringSecurityCoreVersion.SERIAL\u VERSION\u UID;
公共整数比较(授权g1、授权g2){
//两者都不应为null,因为在将每个条目添加到中之前都会对其进行检查
//布景。
//如果权限为空,则它是自定义权限,应位于
//其他的。
if(g2.getAuthority()==null){
返回-1;
}
if(g1.getAuthority()==null){
返回1;
}
返回g1.getAuthority().compareTo(g2.getAuthority());
}
}
private static class AuthorityComparator implements Comparator<GrantedAuthority>,Serializable {
private static final long serialVersionUID = SpringSecurityCoreVersion.SERIAL_VERSION_UID;
public int compare(GrantedAuthority g1, GrantedAuthority g2) {
// Neither should ever be null as each entry is checked before adding it to
// the set.
// If the authority is null, it is a custom authority and should precede
// others.
if (g2.getAuthority() == null) {
return -1;
}
if (g1.getAuthority() == null) {
return 1;
}
return g1.getAuthority().compareTo(g2.getAuthority());
}
}