{"id":17132186,"url":"https://github.com/bitsofinfo/spring-boot-data-pre-authorize-issue","last_synced_at":"2025-03-24T05:18:39.443Z","repository":{"id":146759341,"uuid":"69045176","full_name":"bitsofinfo/spring-boot-data-pre-authorize-issue","owner":"bitsofinfo","description":null,"archived":false,"fork":false,"pushed_at":"2016-11-20T03:12:45.000Z","size":56,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-29T11:12:56.220Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bitsofinfo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-09-23T17:10:52.000Z","updated_at":"2016-11-20T03:12:33.000Z","dependencies_parsed_at":null,"dependency_job_id":"b934b3a6-e1a2-4d2f-8f92-48681d8b9973","html_url":"https://github.com/bitsofinfo/spring-boot-data-pre-authorize-issue","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitsofinfo%2Fspring-boot-data-pre-authorize-issue","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitsofinfo%2Fspring-boot-data-pre-authorize-issue/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitsofinfo%2Fspring-boot-data-pre-authorize-issue/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bitsofinfo%2Fspring-boot-data-pre-authorize-issue/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bitsofinfo","download_url":"https://codeload.github.com/bitsofinfo/spring-boot-data-pre-authorize-issue/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245212311,"owners_count":20578443,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-14T19:26:18.619Z","updated_at":"2025-03-24T05:18:39.411Z","avatar_url":"https://github.com/bitsofinfo.png","language":"Java","readme":"# spring-boot-data-pre-authorize-issue\n\n```\n./gradlew bootRun\n```\n\n\n## POST a new record; (MyPermissionEvaluator will be called with NULL targetObject\n\n```\ncurl -X POST -H \"Content-Type: application/json\" -H \"Authorization: Basic dXNlcjoxMjM=\" -H \"Cache-Control: no-cache\" -d '{\n   \"firstname\":\"spring\",\n   \"lastname\":\"buggy\"\n }' \"http://localhost:8080/testrecords\"\n \n```\n\n```\nonBeforeCreate id: null Firstname:spring Lastname: buggy ID:my.test.TestRecord@5b864879\nMyPermissionEvaluator hasPermission_1() called: targetDomainObject=(targetDomainObject=null)\nonAfterCreate id: 1 Firstname:spring Lastname: buggy ID:my.test.TestRecord@5b864879\n```\n\n\n## PATCH the record; (MyPermissionEvaluator will be called with NON-NULL targetObject on `findOne`, followed by NULL targetObject on `save`\n\n```\ncurl -X PATCH -H \"Content-Type: application/json\" -H \"Authorization: Basic dXNlcjoxMjM=\" -H \"Cache-Control: no-cache\" -d '{\n   \"firstname\":\"spring\",\n   \"lastname\":\"buggy\"\n }' \"http://localhost:8080/testrecords/1\"\n \n```\n\n```\nMyPermissionEvaluator hasPermission_1() called: targetDomainObject=my.test.TestRecord\nonBeforeSave id: 1 Firstname:spring Lastname: buggy ID:my.test.TestRecord@a17f455\nMyPermissionEvaluator hasPermission_1() called: targetDomainObject=(targetDomainObject=null)\nonAfterSave id: 1 Firstname:spring Lastname: buggy ID:my.test.TestRecord@a17f455\n```\n\n----------\n\nNote the only way this works if if you have *no-intermediary repository interfaces* between `PagingAndSortingRepository` and your end repository interface... which if we have to do that sort of defeats the purpose of being able to extend our own intermediary interfaces after PagingAndSortingRepository\n\nsuch as this... works as expected\n\n```\n@RepositoryRestResource(collectionResourceRel = \"testrecords\", path = \"testrecords\")\npublic interface TestRecordRepository extends PagingAndSortingRepository\u003cTestRecord,Integer\u003e {\n\n\n    @Override\n    @PostAuthorize(\"hasPermission(returnObject, 'READ')\")\n    TestRecord findOne(Integer id);\n\n\t@Override\n\t@PreAuthorize(\"hasPermission(#c,'CREATE,UPDATE')\")\n\tTestRecord save(@P(\"c\") TestRecord data);\n\t\n}\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitsofinfo%2Fspring-boot-data-pre-authorize-issue","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbitsofinfo%2Fspring-boot-data-pre-authorize-issue","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbitsofinfo%2Fspring-boot-data-pre-authorize-issue/lists"}