More Related Content
Similar to 認証の標準的な方法は分かった。では認可はどう管理するんだい? #cmdevio (9)
More from 都元ダイスケ Miyamoto (20)
認証の標準的な方法は分かった。では認可はどう管理するんだい? #cmdevio
- 27. #cmdevio #cmdevio2
✦
adf: (adi) ↦ allow/deny (boolean)
@RequestMapping
fun getEmp(param: Any, adi: AccessDicisionInfo) {
if (adf(adi) == false) {
throw AccessDeniedException()
}
val resource = service.getEmp(param)
return Response.ok(resource)
}
- 37. #cmdevio #cmdevio2
postFilter
✦
✦ GetEmp
{
"id": "kaga",
"address": "...",
"name": "Kaga Masaru",
"tel": "090-0000-0006",
"salary": 999999,
"dept": 2
}
{
"id": "kaga",
"name": "Kaga Masaru",
"tel": "090-0000-0006",
"dept": 2
}
by ezaki by takada
- 48. #cmdevio #cmdevio2
✦ { ezaki UpdateEmp }
✦
{
"effect": "allow",
"action": "UpdateEmp",
"authority": "Leader"
}
{
"name": "ezaki",
"authorities": [
"Leader",
// ...
]
}
obj ADI ( ) sub ADI