Hey all,
I'll keep this as short as possible, as my question is effectively "what is
the best/proper approach" to handle this situation.
Our resources are surrounded with both @RolesAllowed and @Auth as
parameters. This allows me to do much of everything I need with regards to
user access and permissions.
However, our system also has a level "on top" of just user roles, namely
account standing (paid vs unpaid).
So a user could take on several different roles:
ROLE_A
ROLE_B
ROLE_C
However, depending on if their account is "in good standing" they will see
a different layout on the front end.
>From the back end, I need to relay this information (similar to how
USER_ROLES are passed on at login), and on the back end I need to protect
access to certain resources that the user in a given role would otherwise
have access to if they were subscribed/in good standing.
I'm unfamiliar with the terminology, but a solution similar to the
following is what i think would be ideal:
@Path("/")
public class SomeResource {
public SomeResource(){}
@GET
@Path("v3/something/{somethingId}")
@AccountActive <-- THIS WOULD BE A NEW ANNOTATION / FILTER PRE-RolesAllowed
@RolesAllowed({DashboardRoles.USER_ROLE_SOMETHINGA,
DashboardRoles.USER_ROLE_SOMETHINGB, DashboardRoles.USER_ROLE_SOMETHINGC})
@Produces(SomeMediaType.APPLICATION_SOMETHING_API_V3_JSON)
public SomethingDTOV3 getTheThing(@JooqInject DSLContext database, @Auth
DashboardUser dashboardUser, @NotNull @PathParam("somethingId") IntParam
somethingId) {
}
Is anyone able to help me determine the proper way to approach this?
Cheers and thanks!
--
You received this message because you are subscribed to the Google Groups
"dropwizard-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
