我有一个帖子实体,它可以从SecurityConfig中打开,因此我无需登录即可访问它,但是Jhipster继续带来登录模型(如果用户尝试创建评论,我只是想显示它)。与post.route.ts文件中的canActivate:[UserRouteAccessService]有什么关系?
import { Component, OnInit } from '@angular/core';
import { ActivatedRoute, Router } from '@angular/router';
import { JhiDataUtils } from 'ng-jhipster';
import { HttpErrorResponse, HttpHeaders, HttpResponse } from '@angular/common/http';
import { Observable } from 'rxjs';
import * as moment from 'moment';
import { DATE_TIME_FORMAT } from 'app/shared/constants/input.constants';
import { ITEMS_PER_PAGE } from 'app/shared';
import { JhiEventManager, JhiParseLinks, JhiAlertService } from 'ng-jhipster';
import { Subscription } from 'rxjs';
import { Principal } from 'app/core';
import { IComment } from 'app/shared/model/comment.model';
import { CommentService } from 'app/entities/comment';
import { IPost } from 'app/shared/model/post.model';
import { PostService } from 'app/entities/post';
import { IProfile } from 'app/shared/model/profile.model';
import { ProfileService } from 'app/entities/profile';
@Component({
selector: 'jhi-post-detail',
templateUrl: './post-detail.component.html'
})
export class PostDetailComponent implements OnInit {
id: any;
private _comment: IComment;
isSaving: boolean;
post: any;
posts: IPost[];
profile: IProfile;
profiles: IProfile[];
currentAccount: any;
creationDate: string;
comments: IComment[];
error: any;
success: any;
eventSubscriber: Subscription;
routeData: any;
links: any;
totalItems: any;
queryCount: any;
itemsPerPage: any;
page: any = 1;
predicate: any = 'id';
previousPage: any = 0;
reverse: any = 'asc';
constructor(
private dataUtils: JhiDataUtils,
private parseLinks: JhiParseLinks,
private jhiAlertService: JhiAlertService,
private commentService: CommentService,
private postService: PostService,
private principal: Principal,
private profileService: ProfileService,
private activatedRoute: ActivatedRoute,
private router: Router,
private eventManager: JhiEventManager
) {
this.itemsPerPage = ITEMS_PER_PAGE;
this.routeData = this.activatedRoute.data.subscribe(data => {
this.page = 0;
this.previousPage = 0;
this.reverse = false;
this.predicate = 'id';
});
}
ngOnInit() {
console.log('CONSOLOG: M:ngOnInit & O: this.page : ', this.page);
console.log('CONSOLOG: M:ngOnInit & O: this.predicate : ', this.predicate);
console.log('CONSOLOG: M:ngOnInit & O: this.previousPage : ', this.previousPage);
console.log('CONSOLOG: M:ngOnInit & O: this.reverse : ', this.reverse);
this.isSaving = false;
this.activatedRoute.data.subscribe(({ post }) => {
this.post = post;
console.log('CONSOLOG: M:ngOnInit & O: this.post : ', this.post);
});
this.loadAll();
this.principal.identity().then(account => {
this.currentAccount = account;
});
this.comment = new Object();
this.comment.commentText = '';
this.registerChangeInComments();
}
saveComment() {
this.isSaving = true;
this.comment.creationDate = moment(this.creationDate, DATE_TIME_FORMAT);
if (this.comment.id !== undefined) {
this.subscribeToSaveResponse(this.commentService.update(this.comment));
} else {
this.comment.postId = this.post.id;
this.loggedProfile()
.subscribe(
(res: HttpResponse<IProfile[]>) => {
this.profiles = res.body;
this.comment.profileId = this.profiles[0].id;
this.comment.isOffensive = false;
this.subscribeToSaveResponse(this.commentService.create(this.comment));
},
(res: HttpErrorResponse) => this.onError(res.message)
);
}
}
private loggedProfile() {
const query = {
};
if ( this.currentAccount.id != null) {
query['userId.equals'] = this.currentAccount.id;
}
return this.profileService
.query(query);
}
private subscribeToSaveResponse(result: Observable<HttpResponse<IComment>>) {
result.subscribe((res: HttpResponse<IComment>) => this.onSaveSuccess(), (res: HttpErrorResponse) => this.onSaveError());
}
private onSaveSuccess() {
this.isSaving = false;
this.reload();
}
private onSaveError() {
this.isSaving = false;
}
private onError(errorMessage: string) {
this.jhiAlertService.error(errorMessage, null, null);
}
trackPostById(index: number, item: IPost) {
return item.id;
}
trackProfileById(index: number, item: IProfile) {
return item.id;
}
get comment() {
return this._comment;
}
set comment(comment: IComment) {
this._comment = comment;
this.creationDate = moment(comment.creationDate).format(DATE_TIME_FORMAT);
}
byteSize(field) {
return this.dataUtils.byteSize(field);
}
openFile(contentType, field) {
return this.dataUtils.openFile(contentType, field);
}
previousState() {
window.history.back();
}
reload() {
window.location.reload();
}
loadPage(page) {
this.previousPage = page;
this.page = page;
this.loadAll();
}
loadAll() {
const query = {
page: this.page - 1,
size: this.itemsPerPage,
sort: this.sort()
};
query['postId.equals'] = this.post.id;
this.commentService
.query(query)
.subscribe(
(res: HttpResponse<IComment[]>) => {
console.log('CONSOLOG: M:loadAll & O: query : ', query);
this.paginateComments(res.body, res.headers);
},
(res: HttpErrorResponse) => this.onError(res.message)
);
}
transition() {
this.loadAll();
}
clear() {
this.page = 0;
this.router.navigate([
'/comment',
{
page: this.page,
sort: this.predicate + ',' + (this.reverse ? 'asc' : 'desc')
}
]);
this.loadAll();
}
trackId(index: number, item: IComment) {
return item.id;
}
registerChangeInComments() {
this.eventSubscriber = this.eventManager.subscribe('commentListModification', response => this.loadAll());
}
sort() {
const result = [this.predicate + ',' + (this.reverse ? 'asc' : 'desc')];
if (this.predicate !== 'id') {
result.push('id');
}
return result;
}
private paginateComments(data: IComment[], headers: HttpHeaders) {
this.links = this.parseLinks.parse(headers.get('link'));
this.totalItems = parseInt(headers.get('X-Total-Count'), 10);
this.queryCount = this.totalItems;
this.comments = data;
}
}
这是SecurityConfig:
package com.jhipsterpress.web.config;
import com.jhipsterpress.web.security.*;
import io.github.jhipster.config.JHipsterProperties;
import io.github.jhipster.security.*;
import org.springframework.beans.factory.BeanInitializationException;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.security.web.csrf.CsrfFilter;
import org.springframework.web.filter.CorsFilter;
import org.zalando.problem.spring.web.advice.security.SecurityProblemSupport;
import javax.annotation.PostConstruct;
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
@Import(SecurityProblemSupport.class)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private final AuthenticationManagerBuilder authenticationManagerBuilder;
private final UserDetailsService userDetailsService;
private final JHipsterProperties jHipsterProperties;
private final RememberMeServices rememberMeServices;
private final CorsFilter corsFilter;
private final SecurityProblemSupport problemSupport;
public SecurityConfiguration(AuthenticationManagerBuilder authenticationManagerBuilder, UserDetailsService userDetailsService,
JHipsterProperties jHipsterProperties, RememberMeServices rememberMeServices, CorsFilter corsFilter, SecurityProblemSupport problemSupport) {
this.authenticationManagerBuilder = authenticationManagerBuilder;
this.userDetailsService = userDetailsService;
this.jHipsterProperties = jHipsterProperties;
this.rememberMeServices = rememberMeServices;
this.corsFilter = corsFilter;
this.problemSupport = problemSupport;
}
@PostConstruct
public void init() {
try {
authenticationManagerBuilder
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
} catch (Exception e) {
throw new BeanInitializationException("Security configuration failed", e);
}
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
public AjaxAuthenticationSuccessHandler ajaxAuthenticationSuccessHandler() {
return new AjaxAuthenticationSuccessHandler();
}
@Bean
public AjaxAuthenticationFailureHandler ajaxAuthenticationFailureHandler() {
return new AjaxAuthenticationFailureHandler();
}
@Bean
public AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler() {
return new AjaxLogoutSuccessHandler();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers(HttpMethod.OPTIONS, "/**")
.antMatchers("/app/**/*.{js,html}")
.antMatchers("/i18n/**")
.antMatchers("/content/**")
.antMatchers("/h2-console/**")
.antMatchers("/swagger-ui/index.html")
.antMatchers("/test/**");
}
@Override
public void configure(HttpSecurity http) throws Exception {
http
.csrf()
.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.and()
.addFilterBefore(corsFilter, CsrfFilter.class)
.exceptionHandling()
.authenticationEntryPoint(problemSupport)
.accessDeniedHandler(problemSupport)
.and()
.rememberMe()
.rememberMeServices(rememberMeServices)
.rememberMeParameter("remember-me")
.key(jHipsterProperties.getSecurity().getRememberMe().getKey())
.and()
.formLogin()
.loginProcessingUrl("/api/authentication")
.successHandler(ajaxAuthenticationSuccessHandler())
.failureHandler(ajaxAuthenticationFailureHandler())
.usernameParameter("j_username")
.passwordParameter("j_password")
.permitAll()
.and()
.logout()
.logoutUrl("/api/logout")
.logoutSuccessHandler(ajaxLogoutSuccessHandler())
.permitAll()
.and()
.headers()
.frameOptions()
.disable()
.and()
.authorizeRequests()
.antMatchers("/api/register").permitAll()
.antMatchers("/api/activate").permitAll()
.antMatchers("/api/authenticate").permitAll()
.antMatchers("/api/account/reset-password/init").permitAll()
.antMatchers("/api/account/reset-password/finish").permitAll()
.antMatchers("/api/**").authenticated()
.antMatchers("/management/health").permitAll()
.antMatchers("/management/info").permitAll()
.antMatchers("/management/**").hasAuthority(AuthoritiesConstants.ADMIN);
}
}
我已经玩过canActivate的大部分内容,但仍然无法正常工作。感谢您的帮助!
答案 0 :(得分:1)
乔恩,是对的。在没有权限的情况下并注释掉canActivate即可。
{
path: 'post/:id/view',
component: PostDetailComponent,
resolve: {
post: PostResolve
},
data: {
authorities: [],
pageTitle: 'jhipsterpressApp.post.home.title'
},
// canActivate: [UserRouteAccessService]
},