如何使用sec:authorize with thymeleaf将html元素授权给特定用户?

owfi6suc  于 2021-09-29  发布在  Java
关注(0)|答案(0)|浏览(260)

我希望某些元素只在前端显示给某些用户(而不是任何具有特定角色的用户)。
为什么这样做有效:

<form sec:authorize="${principal.username.equals('A') }" th:action="@{'/saunojat/' + ${saunoja.username} + '/photo'}" method="POST" enctype="multipart/form-data">
    <input type="file" name="photo" />
    <p>Kuvan tarina: <input type="text" name="description"/></p>
    <p> Asetetaanko kuva profiilikuvaksi?<input type="checkbox" name="isProfilepicture"/></p>
    <input type="submit" value="Send!"/>
</form>

但这并不是:

<form sec:authorize="${principal.username.equals(saunoja.username) }" th:action="@{'/saunojat/' + ${saunoja.username} + '/photo'}" method="POST" enctype="multipart/form-data">
    <input type="file" name="photo" />
    <p>Kuvan tarina: <input type="text" name="description"/></p>
    <p> Asetetaanko kuva profiilikuvaksi?<input type="checkbox" name="isProfilepicture"/></p>
    <input type="submit" value="Send!"/>
</form>

Sanoja是模型中的一个属性。它是一个@实体:

package projekti;

import java.util.List;
import javax.persistence.ElementCollection;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.springframework.data.jpa.domain.AbstractPersistable;

@Entity
@AllArgsConstructor
@NoArgsConstructor
@Data
public class Saunoja extends AbstractPersistable<Long> {

    private String username;

    private String password;

    private String firstName;

    private String lastName;

    @ElementCollection(targetClass = String.class, fetch = FetchType.EAGER)
    private List<String> roles;

}

错误:
白标签错误页此应用程序没有/error的显式Map,因此您将其视为回退。
7月20日星期二15:14:09 eest 2021发生意外错误(类型=内部服务器错误,状态=500)。模板解析期间发生错误(模板:“类路径资源[templates/Sanoja.html]”)org.thymeleaf.exceptions.templateinputexception:模板解析期间发生错误(模板:“类路径资源[templates/Sanoja.html]”)org.thymeleaf.templateparser.markup.abstractmarkuptemplateparser.parse(abstractmarkuptemplateparser.java:241)位于org.thymeleaf.templateparser.markup.abstractmarkuptemplateparser.parsestandalone(abstractmarkuptemplateparser.java:100)位于org.thymeleaf.engine.templatemanager.parseandprocess(templatemanager.java:666)位于org.thymeleaf.templateengine.process(templateengine.java:1098)在org.thymeleaf.templateengine.process(templateengine.java:1072)在org.thymeleaf.spring5.view.thymeleafview.renderfragment(thymeleafview.java:362)在org.thymeleaf.spring5.view.thymeleafview.thymeleafview.render(thymeleafview.java:189)在org.springframework.web.servlet.dispatcherservlet.render(dispatcherservlet.java:1373)位于org.springframework.web.servlet.dispatcherservlet.processdispatchresult(dispatcherservlet.java:1118)位于org.springframework.web.servlet.dispatcherservlet.dodispatch(dispatcherservlet.java:1057)位于org.springframework.web.servlet.dispatcherservlet.doservice(dispatcherservlet.java:943)在org.springframework.web.servlet.frameworkservlet.processrequest(frameworkservlet.java:1006)在org.springframework.web.servlet.frameworkservlet.doget(frameworkservlet.java:898)在javax.servlet.http.httpservlet.service(httpservlet.java:626)在org.springframework.web.servlet.frameworkservlet.service(frameworkservlet.java:883)在javax.servlet.http.httpservlet.service(httpservlet.java:733)在org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:231)在org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:166)在org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:193)org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:166)上的org.apache.tomcat.websocket.server.wsfilter.dofilter(wsfilter.java:53)位于org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:320)位于org.springframework.security.web.access.intercept.filtersecurityinterceptor.invoke(filtersecurityinterceptor.java:126)位于org.springframework.security.web.access.intercept.filtersecurityinterceptor.dofilter(filtersecurityinterceptor.java:90)位于org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:334),位于org.springframework.security.web.access.exceptiontranslationfilter.dofilter(exceptiontranslationfilter.java:118),位于org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filter ChainProxy.java:334)org.springframework.security.web.session.sessionmanagementfilter.dofilter(sessionmanagementfilter.java:137)在org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:334)在org.springframework.security.web.authentication.anonymousauthenticationfilter.dofilter(anonymousauthenticationfilter.java:111)在org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:334)位于org.springframework.security.web.servletapi.securitycontextholderawarerequestfilter.dofilter(securitycontextholderawarerequestfilter.java:158)org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:334)位于org.springframework.security.web.savedrequest.requestcacheawrefilter.dofilter(requestcacheawrefilter.java:63)位于org.springframework.security.web.filterchainproxy$virtualfilter.dofilter(filter.java:334)位于org.springframework.web.filter.onceperrequestfilter.dofilter(onceperrequestfilter.java:119)org.springframework.security.ui.defaultlogoutpagegeneratingfilter.dofilterinternal(defaultlogoutpagegeneratingfilter.java:52)org.springframework.security.web.filterchainproxy$VirtualFilterChainProxy.dofilter(filterchainproxy.java:334)位于org.springframework.security.web.authentication.ui.defaultloginpagegeneratingfilter.dofilter(defaultloginpagegeneratingfilter.java:216),位于org.springframework.security.web.authentication.abstractauthenticationprocessingfilter.dofilter(abstractauthenticationprocessingfilter.java:200)位于org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:334)位于org.springframework.security.web.authentication.logout.logoutfilter.dofilter(logoutfilter.java:116)位于org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:334)位于org.springframework.security.web.header.headerwriterfilter.doheadersafter(headerwriterfilter.java:92)位于org.springframework.security.web.header.headerwriterfilter.dofilternel(headerwriterfilter.java:77)位于org.springframework.web.filter.onceperrequestfilter.dofilter(onceperrequestfilter.java:119)位于org.springframework.security.web.filterchainproxy$virtualfilter.dofilter(filter-chainproxy.java:334)位于org.springframework.security.web.context.securitycontextpersistencefilter.dofilter(securitycontextpersistencefilter.java:105)位于org.springframework.security.web.filterchainproxy$virtualfilterchain.dofilter(filterchainproxy.java:334)位于org.springframework.security.web.context.request.async.webasyncmanagerintegrationfilter.dofilternel(webasyncmanagerintegrationfilter.java:56)位于org.springframework.web.filter.onceperrequestfilter.dofilter(onceperrequestfilter.java:119)位于org.springframework.security.web.filterchainproxy$virtualfilter.dofilter(filter.java:334)位于org.springframework.security.web.filterchainproxy.dofilterinternal(filterchainproxy.java:215),位于org.springframework.security.web.filterchainproxy.dofilter(filterchainproxy.java:178),位于org.springframework.web.filter.delegatingfilterproxy.invokedelegate(delegatingfilterproxy.java:358)org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:193)org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:166)上的org.springframework.web.filter.delegatingfilterproxy.dofilter(delegatingfilterchain.java:271)org.springframework.web.filter.requestcontextfilter.dofilterinternal(requestcontextfilter.java:100)位于org.springframework.web.filter.onceperrequestfilter.dofilter(onceperrequestfilter.java:119)位于org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:193)位于org.springframework.web.filter.formcontentfilter.dofilterinternal(formcontentfilter.java:93)org.springframework.web.filter.onceperrequestfilter.dofilter(onceperrequestfilter.java:119)的org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:166)位于org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:193)位于org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:166)位于org.apache.catalina.core.applicationfilterchain.internaldofilter(applicationfilterchain.java:193)org.apache.catalina.core.applicationfilterchain.dofilter(applicationfilterchain.java:166)的org.springframework.web.filter.onceperrequestfilter.dofilter(onceperrequestfilter.java:119)位于org.apache.catalina.core.standardwrappervalve.invoke(standardwrappervalve.java:202)在org.apache.catalina.core.standardcontextvalve.invoke(standardcontextvalve.java:96)在org.apache.catalina.authenticator.authenticatorbase.invoke(authenticatorbase.java:541)在org.apache.catalina.core.standardhostvalve.invoke(standardhostvalve.java:139)在org.apache.catalina.valves.errorreportvalve.invoke(errorreportvalve.java:92)在org.apache.catalina.core.standardenginevalve.invoke(standardenginevalve.java:74)在org.apache.catalina.connector.coyoteadapter.service(coyoteadapter.java:343)在org.apache.coyote.http11.http11processor.service(http11processor.java:373)在org.apache.coyote.abstractprocessorlight.process(abstractprocessorlight.java:65)在org.apache.coyote.abstractprotocol$connectionhandler.process(abstractprotocol.java:868)在org.apache.tomcat.util.net.socketprocessorbase.run(socketprocessorbase.java:49)在java.base/java.util.concurrent.threadpoolexecutor.runworker(threadpoolexecutor.java:1128)在java.base/java.util.concurrent.threadpoolexecutor$worker.run(threadpoolexecutor.java:628)在org.apache.tomcat.util.threads.taskthread$WrappingRun.run(taskthread.java:61)在java.base/java.lang.thread.run(thread:834)上的javaorg.attoparser.parseexception:执行处理器“org.thymeleaf.extras.springsecurity5.dial.processor.authorizeattrprocessor”时出错(模板:“Sanoja”-第58行,第15列)位于org.attoparser.markupparser.parsedocument(markupparser.java:393)位于org.attoparser.markupparser.parse(markupparser.java:257)位于org.thymeleaf.templateparser.markup.abstractmarkuptemplateparser.parse(abstractmarkuptemplateparser.java:230)。。。86更多原因:org.thymeleaf.exceptions.templateprocessingexception:处理器“org.thymeleaf.extras.springsecurity5.dial.processor.authorizeattrprocessor”(模板:“Sanoja”-第58行,col 15)位于org.thymeleaf.processor.element.abstractattributetagprocessor.doprocess(abstractattributetagprocessor.java:117)的org.thymeleaf.processor

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题