Using ROLES in jhipster?

Question

I tried to add and change roles in jhipster. First I just tried to change one use case's role to admin from user. Then I tested it and user can add employee even if the roles is ROLE_ADMIN so it didn't change anything.

I added new role as well, called MANAGER. I edited AuthoritiesConstants.java and added new role to JHI_AUTHORITY-table. Should I do something else or is this enough to get this working?

state('employee.new', {
            parent: 'employee',
            url: '/new',
            data: {
                roles: ['ROLE_ADMIN'],
            },
            onEnter: ['$stateParams', '$state', '$modal', function($stateParams, $state, $modal) {
                $modal.open({
                    templateUrl: 'scripts/app/entities/employee/employee-dialog.html',
                    controller: 'EmployeeDialogController',
                    size: 'lg',
                    resolve: {
                        entity: function () {
                            return {nameFirst: null, nameLast: null, taxNumber: null, isFinnish: null, finnishSOTU: null, valtticard: null, birthDate: null, isContactPerson: null, isTiedonantaja: null, cOTARKENNE: null, id: null};
                        }
                    }
                }).result.then(function(result) {
                    $state.go('employee', null, { reload: true });
                }, function() {
                    $state.go('employee');
                })
            }]
        })

Answer 1

Edit the following 6 files to include/exclude code specified in blocks to add/remove a role(ROLE_MANAGER as an example)

1. AuthoritiesConstants.java (constant to be used in java)

   public static final String MANAGER = "ROLE_MANAGER";

2. src/main/resources/config/liquibase/authorities.csv (proper liquidbase update)

   ROLE_MANAGER

3. src/main/resources/config/liquibase/users.csv (add username: manager with password: user)

   5;manager;$2a$10$VEjxo0jq2YG9Rbk2HmX9S.k1uZBGYUHdUcid3g/vfiEl7lwWgOH/K;Manager;Manager;manager@localhost;true;en;system

4. src/main/resources/config/liquibase/users_authorities.csv (another proper liquidbase update)

   5;ROLE_MANAGER

5. src/main/webapp/app/admin/user-management/user-management.controller.js (for role to be available in JavaScript)

   $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

6. src/main/webapp/app/admin/user-management/user-management-dialog.controller.js (for role to be available in JavaScript)

   $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

Restart the server once everything is in place and double check JHI_AUTHORITY and JHI_USER_AUTHORITY tables after application launch for a new ROLE_MANAGER to be there. Login into system with username: 'manager' and password: 'user'.

Answer 2

You must insert new role into JHI_AUTHORITY table then grant this role to some users in JHI_USER_AUTHORITY table. This means updating authorities.csv and users_authorities.csv file if you re-create your database (e.g. if you use H2).

On client-side, just add new role to roles property of your state definitions.

Answer 3

I have found an easiest way:

1. Disable liquibase from .gradle file (in my case App>gradle>profile_dev.gradle) by changing the following:

   def profiles = 'dev,no-liquibase' //if (project.hasProperty('no-liquibase')) { // profiles += ',no-liquibase' //}

2. Now change in src/main/webapp/scripts/app/admin/user-management/user-management.controller.js to add your role.

   $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "YOUR_ROLE"];

3. And src/main/webapp/scripts/app/admin/user-management/user-management-dialog.controller.js

   $scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "YOUR_ROLE"];

4. Finally add "YOUR_ROLE" in "name" column of "jhi_authority" table in database and save. Now restart application and you will able to create user with your newly created role.

Answer 4

Taking a leaf out of @Constantin Zagorsky here are the steps that work.

1. AuthoritiesConstants.java (constant to be used in java)

public static final String MANAGER = "ROLE_MANAGER";

2.src/main/resources/config/liquibase/authorities.csv (proper liquibase update) [This will not run. But important to keep in sync with DB]

ROLE_MANAGER

3. Update DB [Important because liquibase will not pick up changes made in authorities,csv in step 2]

   insert into jhi_authority values ('ROLE_MANAGER');

4. src/main/webapp/app/admin/user-management/user-management.controller.js(for role to be available in JavaScript)

$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

5. src/main/webapp/app/admin/user-management/user-management-dialog.controller.js(for role to be available in JavaScript)

$scope.authorities = ["ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"];

6. Modify public User createUser(ManagedUserVM managedUserVM) method in UserService.java (Very Important). Modify default password generation logic

// comment default password generation. In my case I made the default //user as same as userid

//String encryptedPassword = passwordEncoder.encode(RandomUtil.generatePassword()); String encryptedPassword = passwordEncoder.encode(managedUserVM.getLogin());

7. Log into application as Admin
8. Add new user with a new role. Default password would be same as username.

Answer 5

After above instruction I got:

ERROR [...]f.config.liquibase.AsyncSpringLiquibase  : Liquibase could not start correctly, your database is NOT ready: Validation Failed:
[...]

To avoid that, run

./mvnw liquibase:clearCheckSums

User with new role, has no access to account settings, so you have to add new roles to

/src/main/webapp/app/account/password/password.state.js
/src/main/webapp/app/account/sessions/sessions.state.js
/src/main/webapp/app/account/settings/settings.state.js

Complete instruction: https://codefitter2.blogspot.com/2016/11/how-to-create-new-role-in-jhipster.html

Answer 6

In JHipster 6, the csv file is named authority.csv. So change this file along the AuthoritiesConstants.java as described in previous posts.