[
https://issues.apache.org/jira/browse/OLINGO-1491?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Mahdi Ansari updated OLINGO-1491:
---------------------------------
Description:
I found an `Olingo` implementation for fetching and modifying data in a
database by using odata protocol in this
[repository|https://github.com/jpenninkhof/odata-boilerplate].
No the question is, if we assume I have a mechanism for detecting the user by
using `JWT` same as
[here|https://github.com/isopropylcyanide/Jwt-Spring-Security-JPA], how can I
implement the access management for `odata` sets as well?
In the other hand, if we could detect the user's role (e.g. Admin, Employee,
...) how can I define, who can do what? I mean who can do each of CURD actions
on each sets? *I am looking for the best practice approach!* For example, maybe
by using annotations? I don't want to implement some stupid sets of *if then
else*!
Also I am very amateur in spring!
was:
I found an `Olingo` implementation for fetching and modifying data in a
database by using odata protocol in this [repository|
[https://github.com/jpenninkhof/odata-boilerplate]].
No the question is, if we assume I have a mechanism for detecting the user by
using `JWT` same as
[here|https://github.com/isopropylcyanide/Jwt-Spring-Security-JPA], how can I
implement the access management for `odata` sets as well?
In the other hand, if we could detect the user's role (e.g. Admin, Employee,
...) how can I define, who can do what? I mean who can do each of CURD actions
on each sets? *I am looking for the best practice approach!* For example, maybe
by using annotations? I don't want to implement some stupid sets of *if then
else*!
Also I am very amateur in spring!
> Role management in Olingo JPA oData
> -----------------------------------
>
> Key: OLINGO-1491
> URL: https://issues.apache.org/jira/browse/OLINGO-1491
> Project: Olingo
> Issue Type: Question
> Components: odata2-jpa
> Affects Versions: V2 2.0.11
> Reporter: Mahdi Ansari
> Priority: Major
>
> I found an `Olingo` implementation for fetching and modifying data in a
> database by using odata protocol in this
> [repository|https://github.com/jpenninkhof/odata-boilerplate].
> No the question is, if we assume I have a mechanism for detecting the user by
> using `JWT` same as
> [here|https://github.com/isopropylcyanide/Jwt-Spring-Security-JPA], how can I
> implement the access management for `odata` sets as well?
> In the other hand, if we could detect the user's role (e.g. Admin, Employee,
> ...) how can I define, who can do what? I mean who can do each of CURD
> actions on each sets? *I am looking for the best practice approach!* For
> example, maybe by using annotations? I don't want to implement some stupid
> sets of *if then else*!
> Also I am very amateur in spring!
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
