When implementing a rest backend, you may be looking for a way to hide the variables of an entity based on the logged in user’s role.
Here’s a sample entity.
And in my application, I have two user roles which are
admin to see all variables of the Movie. But I want
user to see only
Here’s how to filter variables..
In the Movie entity we have
@JsonFilter annotation. This is a Jackson feature. You can check here for more details about it.
This entity is processed in the controller as follows.
Our controller method (getMovies) at Line 12 is executed when we request GET
/movies from browser.
This method is returning
MappingJacksonValue in the response.
There are two String arrays which contain the set of variable names for the limited version and the all version.
In controller method, we inject the current logged.
@AuthenticatedUser TutorialUser user . Check here for the details of this implemantation.
All we do here is (Line 16 – 17) select the String array based on user role, and set as a filter for our MappingJacksonValue object.
You can check the sample project at my github.
Run the app. Open the page at http://localhost:8080
user/pass = admin/admin and user/user
If you log in with
admin, you’ll see this page where all the variables exist in the table.
when you log in with
user, you’ll see