Skip to content
Snippets Groups Projects
Commit 1b987d8f authored by Remy POCQUERUSSE's avatar Remy POCQUERUSSE
Browse files

restrict blog and post access to specified user

parent 7d360e5d
No related branches found
No related tags found
No related merge requests found
...@@ -25,4 +25,6 @@ public interface PostRepository extends JpaRepository<Post, Long> { ...@@ -25,4 +25,6 @@ public interface PostRepository extends JpaRepository<Post, Long> {
@Query("select post from Post post left join fetch post.tags where post.id =:id") @Query("select post from Post post left join fetch post.tags where post.id =:id")
Optional<Post> findOneWithEagerRelationships(@Param("id") Long id); Optional<Post> findOneWithEagerRelationships(@Param("id") Long id);
Page<Post> findByBlogUserLoginOrderByDateDesc(String currentUserLogin, Pageable pageable);
} }
...@@ -148,7 +148,7 @@ public class BlogResource { ...@@ -148,7 +148,7 @@ public class BlogResource {
@GetMapping("/blogs") @GetMapping("/blogs")
public List<Blog> getAllBlogs() { public List<Blog> getAllBlogs() {
log.debug("REST request to get all Blogs"); log.debug("REST request to get all Blogs");
return blogRepository.findAll(); return blogRepository.findByUserIsCurrentUser();
} }
/** /**
......
...@@ -2,6 +2,7 @@ package com.ippon.belt.web.rest; ...@@ -2,6 +2,7 @@ package com.ippon.belt.web.rest;
import com.ippon.belt.domain.Post; import com.ippon.belt.domain.Post;
import com.ippon.belt.repository.PostRepository; import com.ippon.belt.repository.PostRepository;
import com.ippon.belt.security.SecurityUtils;
import com.ippon.belt.web.rest.errors.BadRequestAlertException; import com.ippon.belt.web.rest.errors.BadRequestAlertException;
import java.net.URI; import java.net.URI;
import java.net.URISyntaxException; import java.net.URISyntaxException;
...@@ -162,12 +163,7 @@ public class PostResource { ...@@ -162,12 +163,7 @@ public class PostResource {
@RequestParam(required = false, defaultValue = "false") boolean eagerload @RequestParam(required = false, defaultValue = "false") boolean eagerload
) { ) {
log.debug("REST request to get a page of Posts"); log.debug("REST request to get a page of Posts");
Page<Post> page; Page<Post> page = postRepository.findByBlogUserLoginOrderByDateDesc(SecurityUtils.getCurrentUserLogin().orElse(null), pageable);
if (eagerload) {
page = postRepository.findAllWithEagerRelationships(pageable);
} else {
page = postRepository.findAll(pageable);
}
HttpHeaders headers = PaginationUtil.generatePaginationHttpHeaders(ServletUriComponentsBuilder.fromCurrentRequest(), page); HttpHeaders headers = PaginationUtil.generatePaginationHttpHeaders(ServletUriComponentsBuilder.fromCurrentRequest(), page);
return ResponseEntity.ok().headers(headers).body(page.getContent()); return ResponseEntity.ok().headers(headers).body(page.getContent());
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment