Versions Compared

Old Version 2

changes.mady.by.user RapidClipse Translator Services

Saved on

compared with

New Version 3

changes.mady.by.user RapidClipse Translator Services

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

To implement the authorization, you need three tables for managing users, roles, and rights in the database, each of which is connected to the others by an n:m relation. The wizard allows you to generate the appropriate entities. In addition, the entities are connected by mapping. This allows RapidClipse to handle entities and attributes of any name. If the default mapping does not match your data structure, you can define custom queries.

...

  • Required data structure in general

    • Users - Save username, password, and any additional user-specific information. The designations used in RapidClipse APIs are User and Subject.

    • Roles - Save the roles/groups to which a user can belong. The designations used in RapidClipse APIs are Roles, Usergroups, and Userroles.

    • Rights - Save rights that can have a role. Here, you can also save the states or conditions that must be met. The designations used in RapidClipse APIs are Permissions and Resources.

  • Data structure generated by RapidClipse 

    • Entities

      EntityAttributeData typeExplanation
      UserusernameStringSaves the username as a string.
      passwordbyte[]Saves the password as a byte array, usually encrypted.
      rolesSet / ListList of all roles.
      Role


      		nameStringSaves the name of the rolls as a string.
      resourcesSet / ListList of all rights.
      childRolesSet / ListList of all roles.
      parentRolesSet / ListList of all roles.
      usersSet / ListList of all users.
      ResourcenameStringSaves the name of the rights as a string..
      rolesSet / ListList of all roles.


    • Data Access

      • UserDAO

      • RoleDAO

      • ResourceDAO

    • Database tables (using the example of MySQL) - Database tables generated by the (Hibernate) entity export function.

      EntityData fieldsData typeExplanation
      USERUSERNAMEvarchar(255)Saves user data, including username and password.

      passwordtinyblob
      ROLENAMEvarchar(255)Saves all roles.
      RESOURCENAMEvarchar(255)Saves all rights.
      ROLERESOURCENMROLEvarchar(255)Saves all role-right combinations. A role can have many rights, a right can occur in many roles.
      RESOURCEvarchar(255)
      ROLEROLENM CHILDROLEvarchar(255)Saves any role-role combination, thus allowing the nesting of roles.
      PARENTROLEvarchar(255)
      USERROLENMUSERvarchar(255)Saves all user-role combinations. A user can have many roles, a role can be taken by many users.
      ROLEvarchar(255)

  • Dealing with an existing USER table: If you have already developed a table for managing users, roles, and rights in your database, make sure there is an appropriate entity with corresponding DAO in Project Management in Entities or Data Access. If not, you can generate the missing entity and DAOs using the Create JPA entities from table import function. It is not a problem if the field and table names are different because mapping is performed later. 

...

  1. Entity for rights already exists: Select your existing entity.
    No Resource Entity available yet: Click New Entity... to create a new Resource entity, including ResourceDAO DAO. 
  2. Select the respective attribute for the user rights Mapping > Resource name.
  3. Click Next >.
Options:

  • Resource name - Select the attribute to which the resource name is mapped for the user rights

Note:

  • Mapping -  Once you have generated the Resource entity, you can apply the specified Resource.name attribute.

Result:

  • Project Management > Entities - The Resource.java entity class is generated or used by selecting an existing entity.

    EntityAttributesData type
    ResourcenameString

  • Project Management > Data Access - The ResourceDAO.java DAO class is generated. When selecting existing entities no new DAO is generated.

...

  1. Table for roles (Roles) already exists - Select your existing Role entity.
    No role entity exists yet - Click New Entity... to create a new Role entity including the RoleDAO
  2. Select the attribute for saving the roles under Mapping > Role name
  3. Select the attribute for saving the rights under Mapping > Resources
  4. Select the attribute for saving the sub roles in Mapping > Child roles.
  5. Click Next >.
Options:

  • Role name - Auswahl des Attributs für die Bezeichnung der Rollen. ResourcesAuswahl des Attributs mit der Liste  Select an attribute for the role names.

  • Resources - Selection of the attribute with the list (Set / List) aller Rechte für eine Rolleof all rights for a role.

  • Child roles - Auswahl des Attributs mit der Liste  Selection of the attribute with the list (Set / List) aller Unterrollen für eine Rolle. 

...

  • of all sub-roles for a role.

Note:

  • Mapping - Wenn Sie das Entity Role generieren lassen, können Sie die vorgegebenen Attribute übernehmen.

...

  •  If you generate the Role entity, you can apply the specified attributes.

Result:

  • Project Management > Entities 

    • Role - Es wird die Entity-Klasse Role.java generiert oder durch Auswahl ein bereits existierendes Entity verwendet The entity class Role.java is generated or used by selecting an existing entity.

      EntityAttributeDatentypData type
      Role


      		nameString
      resourcesSet / List
      childRolesSet / List
      parentRolesSet / List

    • Resource - Die Entity-Klasse  The Resource.java wird um das Attribut roles erweitert entity class is enhanced with the roles attribute.

      EntityAttributeDatentypData type
      ResourcenameString
      rolesSet / List

  • Project Management > Data Access - Es wird die DAO-Klasse It is the DAO class RoleDAO.java generiert. Bei Auswahl eines bereits existierenden Entities wird kein neues DAO generiert. 

Verknüpfung von User und Roles

...

  • generated. When selecting an existing entity, no new DAO is generated.

Connecting Users and Roles

  1. Table for users (User) already exists - Select your already existing User entity.
    No user entity exists yet - Click New Entity... to create a new users entity.
  2. Select the attribute for the user name in Mapping > Subject name.
  3. Click Mapping > Roles and then click Create Attribute, to enhance the entity User with an attribute that connects the  User and Roles attributes to each other.
  4. Click on Finish.
Optionen:

  • Subject name - Auswahl des Attributs für den Benutzernamen Select the attribute for the user name.

  • Roles - Auswahl des Attributs mit der Liste (Set/List) aller Rollen eines BenutzersSelect the attribute with the list of all roles for users. 

Ergebnis
Result:

  • Project Management > Entities

    • Role - Die Entity-Klasse The Role.java wird um das Attribut users erweitert.   entity class is extended with the users attribute.  

      EntityAttributeDatentypData type
      Role


      		nameString
      resourcesSet / List
      childRolesSet / List
      parentRolesSet / List
      usersSet / List

    • User - Die Entity Klasse  The User.java wird um das Attribut roles erweitert entity class is enhanced by the users attribute.

      EntityAttributeDatentypData type
      UserusernameString
      passwordbyte[]
      rolesSet / List

  • Project Management > Data Access - Es wird die DAO-Klasse The RoleDAO.java generiert. Bei Auswahl eines bereits existierenden Entities wird kein neues DAO generiert.  DAO class is generated. When selecting an existing entity, no new DAO is generated.

  • Project Management > Business Objects - Es wird die Klasse  The ExampleAuthorizationProvider.java generiert class is generated.

    Code Block
    languagejava
    themeConfluence
    package com.company.example.business;

import com.company.example.entities.Resource;
import com.company.example.entities.Role;
import com.company.example.entities.User;
import com.xdev.security.authorization.AuthorizationConfiguration;
import com.xdev.security.authorization.AuthorizationConfigurationProvider;
import com.xdev.security.authorization.jpa.JPAAuthorizationConfigurationProvider;

public class ExampleAuthorizationConfigurationProvider implements AuthorizationConfigurationProvider {
	private static ExampleAuthorizationConfigurationProvider INSTANCE;

	public static ExampleAuthorizationConfigurationProvider getInstance() {
		if (INSTANCE == null) {
			INSTANCE = new ExampleAuthorizationConfigurationProvider();
		}

		return INSTANCE;
	}

	private JPAAuthorizationConfigurationProvider provider;

	private ExampleAuthorizationConfigurationProvider() {
	}

	@Override
	public AuthorizationConfiguration provideConfiguration() {
		if (this.provider == null) {
			this.provider = new JPAAuthorizationConfigurationProvider(User.class, Role.class, Resource.class);
		}

		return this.provider.provideConfiguration();
	}
}

Datenbanktabellen anlegen

...

Create database tables

It is necessary to create appropriate tables in the database that match the newly generated User, Role und Resource müssen entsprechende Tabellen in der Datenbank angelegt werden and Resource entities in the database.

Entity > Datenbank Database Export (Create tables)

Default-Daten eingeben

...

Enter default data

For database tables, it is helpful to enter some default data in the UserRole, and Resource entities.

Data Source Explorer