When applying the filter option, JHipster also makes necessary changes to the REST controller. For example, all get methods of REST controller CountryResouce for entity Country are now taking CountryCriteria as a parameter to support filtering operations, as follows:
@GetMapping("/countries")
@Timed
public ResponseEntity<List<CountryDTO>> getAllCountries(
CountryCriteria criteria, Pageable pageable) {
log.debug("REST request to get Countries by criteria: {}", criteria);
Page<CountryDTO> page = countryQueryService.findByCriteria(criteria, pageable);
HttpHeaders headers = PaginationUtil.
generatePaginationHttpHeaders(page, "/api/countries");
return ResponseEntity.ok().headers(headers).body(page.getContent());
}
This is how the filter option impacts the persistence, service, and REST controller layer code generation. With single-filter configuration, JHipster makes all of the necessary changes. However, the REST controllers generated for each entity are protected with Spring Security, by default. You can verify this in the config() method of the com.nilangpatel.config.SecurityConfiguration class, as follows:
public void configure(HttpSecurity http) throws Exception {
....
.and()
.authorizeRequests()
.antMatchers("/api/register").permitAll()
.antMatchers("/api/activate").permitAll()
.antMatchers("/api/authenticate").permitAll()
.antMatchers("/api/account/reset-password/init").permitAll()
.antMatchers("/api/account/reset-password/finish").permitAll()
.antMatchers("/api/**").authenticated()
....
}
Apart from the register, activate, authenticate, and reset password operations, all other URLs (/api/**) are restricted to logged-in users. But, in our case, we want to show the country GDP data to regular users, without logins. For this, we need to create a custom REST controller with a different URL pattern, as follows:
@RestController
@RequestMapping("/api/open")
public class GenericRestResource {
private final Logger log = LoggerFactory.getLogger(GenericRestResource.class);
private final CountryQueryService countryQueryService;
public GenericRestResource(CountryQueryService countryQueryService) {
this.countryQueryService = countryQueryService;
}
@GetMapping("/search-countries")
@Timed
public ResponseEntity<List<CountryDTO>> getAllCountriesForGdp(
CountryCriteria criteria, Pageable pageable) {
log.debug("REST request to get a page of Countries");
Page<CountryDTO> page = countryQueryService.findByCriteria
(criteria, pageable);
HttpHeaders headers = PaginationUtil.generatePaginationHttpHeaders(
page, "/api/open/search-countries");
return ResponseEntity.ok().headers(headers).body(page.getContent());
}
@GetMapping("/show-gdp/{id}")
@Timed
public ResponseEntity<CountryDTO> getCountryDetails(@PathVariable Long id) {
log.debug("Get Country Details to show GDP information");
CountryDTO countryDto = new CountryDTO();
Optional<CountryDTO> countryData = countryService.findOne(id);
return ResponseEntity.ok().body(countryData.orElse(countryDto));
}
}
The first method is similar to what it has auto-generated in CountryResource. The second method will be used to show the GDP data, and we will use it while creating that screen. The URL pattern map to this controller is /api/open. The purpose of creating a separate REST controller is to make it accessible without a login, by configuring its URL pattern with Spring Security in the configure method of SecurityConfiguration, as follows:
public void configure(HttpSecurity http) throws Exception {
....
.antMatchers("/api/activate").permitAll()
.antMatchers("/api/open/**").permitAll()
.antMatchers("/api/authenticate").permitAll()
....
}
This controller is now accessible publicly. We will use the controller methods while constructing a frontend layer with Angular in the Develop custom screens section.