weixin_33730836 2019-07-18 03:36 采纳率: 0%
浏览 56

休息不必要的电话

I have created a simple rest service in Java for my web application. From what I understand you can make a rest call from a browser. In my app I want a user to choose an option from a list and basen of what he has chosen I want the app to display certain information. I will use JavaScirpt to make an Get call and based on the Json data show the information. How do i stop the user from making a delete call and removing some of the data from my database? I’ve built the server part using Spring Boot with JPA and Rest repositories.

Here’s the code for my repository:

@RepositoryRestResource(collectionResourceRel =     
"people", path = "people")
public interface PersonRepository extends   
CrudRepository<Person, Long> {

    List<Person> findByLastName(@Param("name")  
String name);

}

This interface implements crudRepository which has method for deleting object how can i restrict a user from using it?

  • 写回答

1条回答 默认 最新

  • 7*4 2019-07-18 17:19
    关注

    Alright I've figured it out. To hide some of the unwanted methods from CrudRepository interface I made my repository extend Repository interface ( which is parent to CrudRepository) and I've copied form Crud only those methods that i need:

    public interface RestService extends Repository<Patient,Long>{

Optional<Patient> findById(Id Long);



boolean existsById(Id ong);


Iterable<Patient> findAll();


Iterable<Patient> findAllById(Iterable<Id> ids);


long count();


}

    Any other call then GET thorws a 405 Method Not Allowed

    评论

报告相同问题?