0

I want to limit my REST methods so that users can just use GET and POST. However, @RepositoryRestResource provides exposition of all the methods including DELETE and PUT. So I was just wondering how can I limit it?

@RestController allows to write our own mehtods, but there is lot of boilerplate associated.

I have been looking at documentation and github spring projects for this information, but can't find anything on it.

Any suggestions/help? Thank you!

Yash
  • 85
  • 1
  • 10
  • Possible duplicate of [Spring data rest - Is there a way to restrict the supported operations?](https://stackoverflow.com/questions/42506546/spring-data-rest-is-there-a-way-to-restrict-the-supported-operations) – H4F Oct 17 '19 at 12:19

1 Answers1

0

Edit: Best solution is Hiding certain Repositories, query methods, or fields

According to Spring Data Commons you could fine tune your respositories to selectively expose the methods you desire.

Note: I haven't tested this myself to see if Spring Data Rest indeed honors fine tuning of respositories suggested above.

Other way to look at this is to secure methods with roles using Spring Security so that only authorized users should able to invoke some methods.

Also refer to this thread Implementing/Overriding MongoRepository Keep HATEOAS Formatting

Community
  • 1
  • 1
Stackee007
  • 3,196
  • 1
  • 26
  • 39
  • Thanks! It lead me to some of the other posts which helped me find the perfect solution. You can use @RestResource annotation and set exported false there. Following is the link for exactly what I am looking, if anyone is interested for now or in future:https://github.com/spring-projects/spring-data-rest/wiki/Configuring-the-REST-URL-path – Yash Jan 16 '15 at 19:23