我的问题是,我有一个使用输入和输出的JavaSpring应用程序 DTO
有几个领域,而且我有一个 api
使用此更新我的数据模型 DTO
. 我的意见 DTO
是这样的:
@Getter
@Setter
public class UpdateUser extends AbstractPortable {
@NotNull
@Size(min = 5, max = 255)
private String address;
@Size(min = 1, max = 10)
@Pattern(regexp = "^[0-9]*$")
private String birthCertificateNumber;
@Size(min = 1, max = 2)
@Pattern(regexp = "^[0-9]*$")
private String birthCertificateSeriesNumber;
@Past
@Schema(description = "{\"validators\":[\"age > 18\"]}")
private LocalDateTime birthDate;
@Size(min = 3, max = 50)
private String englishCompanyName;
@Size(min = 3, max = 255)
private String description;
@NotNull
@Pattern(regexp = "^(.+)@(\\S+)$")
private String emailAddress;
@Size(min = 3, max = 50)
private String englishFatherName;
@Pattern(regexp = "^[1-9][0-9]{3,7}$")
private String faxNumber;
@Size(min = 3, max = 50)
private String englishFirstName;
@Size(min = 3, max = 50)
private String englishLastName;
@NationalCode
private String nationalCode;
@Future
@Schema(description = "{\"validators\":[\"passportExpireDate < now\"]}")
private LocalDateTime passportExpireDate;
@NotNull
@Pattern(regexp = "^(?!^0+$)[a-zA-Z0-9]{3,20}$\n")
private String passportNumber;
@PastOrPresent
private LocalDateTime registerDate;
@Pattern(regexp = "^[1-9][0-9]{3,7}$")
private String telephoneNumber;
private Reference<Long> residenceCity;
private Reference<Long> birthCountry;
}
问题是我想限制更新这个 DTO's
根据我的访问控制。。。我只是希望用户不要看到一些基于访问级别的文件。我不想告诉ui团队不要向用户显示一些字段,我想从我的业务方面把这个限制传递给ui。最后一点是,我检查用户令牌以控制访问控制。如何创建动态 DTO
基于访问控制?实现这一点的最佳实践是什么?
暂无答案!
目前还没有任何答案,快来回答吧!