I’m using the Java spring framework for security. My pre-existing table layout differs from spring’s expected, but I’m allowed to specify a custom authorities-by-username query on the jdbc-user-service. The problem is that this query expects only a single parameter (?) in the SQL statement. Basically, if the user exists in the users table at all, they should get ‘ROLE_USER’. If they exist in the auth table as ‘S’, they should get ‘ROLE_USER’, ‘ROLE_LICENSEE’ and ‘ROLE_SYSADMIN’. If they exist in the auth table as ‘L’, they should get both ‘ROLE_LICENSEE’, and ‘ROLE_USER’.
SELECT U.email AS 'username', 'ROLE_USER' AS 'authority' FROM users U WHERE U.email=**?**
UNION
SELECT U.email AS 'username', 'ROLE_LICENSEE' AS 'authority'
FROM users U, auth_sys A
WHERE U.user_id=A.user_id AND A.auth_type IN ('L', 'S') AND U.email=**?**
UNION
SELECT U.email AS 'username', 'ROLE_ADMIN' AS 'authority'
FROM users U, auth_sys A
WHERE U.user_id=A.user_id AND A.auth_type='S' AND U.email=**?**;
My question is how can I reduce this from 3 (?)’s down to 1?
It sounds like you won’t be able to do that; since it sounds like you want a separate row for each user if they’re in multiple roles.
If you can get by with only one row returned per user; and can assume that any Admin is also a licensee (evident by your where clause), you should be able to use a case statement and a left join.
Something like:
Granted; i’m not completely familiar with the table structure, so it might require a little tweaking; but that should be enough to get you started