Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Controller
- @RequestMapping(value = "api/whatever")
- public class WhateverController {
- @Autowired private WhateverService whateverService;
- @RequestMapping(value = "/list", method = GET)
- @Secured({ "ROLE_WHATEVER_CANSEARCH" })
- @ResponseBody
- public List<WhateverDTO> findList(@RequestParam(value = "values") String[] values) {
- return whateverService.findThings(values);
- }
- }
- @Service
- public class WhateverService {
- @Autowired private WhateverDAO whateverDAO;
- public List<WhateverDTO> findThings(String[] values) {
- //...
- validate();
- return whateverDAO.findThings(values);
- }
- @Secured({ "ROLE_SPECIFICPERMISSION" }) // Throws AccessDeniedException
- private void validate() {
- if(thing) throw new RuntimeException("You can't...");
- }
- }
Add Comment
Please, Sign In to add comment