Uploading an excel file

nourishing-iguana · November 30, 2022, 1:24pm

this is what i assume documentation as to how i’m supposed to call my endpoint

nourishing-iguana · November 30, 2022, 1:24pm

but it doesn’t say how i get the return from the addone function, nor how i pass it its parameter

nourishing-iguana · November 30, 2022, 1:24pm

or am i supposed to instantiate the endpoint class using that link somehow?

nourishing-iguana · November 30, 2022, 1:24pm

(if this is basic hilla stuff, i’m sorry it’s just not that clear to me )

quirky-zebra · November 30, 2022, 1:31pm

More like basic spring stuff you can inject / autowire your database service / repository in your service that provides the endpoint and call your store method on them

nourishing-iguana · November 30, 2022, 1:41pm

don’t really know what that means sorry

nourishing-iguana · November 30, 2022, 1:41pm

i just followed the hilla in depth tutorial

nourishing-iguana · November 30, 2022, 1:41pm

and afaik that never even mentions injecting or autowiring

quirky-zebra · November 30, 2022, 1:47pm

This looks helpful as basis https://www.stackchief.com/blog/The%205%20Minute%20Guide%20to%20Autowire%20in%20Spring

marcushellberg · November 30, 2022, 1:47pm

The tutorial only uses autowiring for injecting the services/repositories that the endpoints need

lighthearted-ibis · January 17, 2023, 3:03pm

I get a 403 error when i follow that guide

quirky-zebra · January 17, 2023, 3:30pm

Please verify that your security configuration is correctly applied.

lighthearted-ibis · January 17, 2023, 3:33pm

after a bit more searching i found out that disabling csrf in HttpSecurity solves that, though im not sure what it does and why its on by default

quirky-zebra · January 17, 2023, 7:39pm

Because it’s normally needed to secure websites even tho it’s not needed for Vaadin based Apps - not sure if it’s the same for Hilla (ping @secure-leopard)

marcushellberg · January 17, 2023, 7:49pm

Hilla takes care of csrf for Hilla endpoint calls. But it doesn’t do anything for spring rest controllers, those would use Spring’s own csrf. I asked the team for some tips.

The long-term solution here should be that hilla endpoints could handle files and not require separate handling of them

quirky-zebra · January 17, 2023, 8:05pm

Flow already does that, so technically speaking the building blocks are already present

lighthearted-ibis · January 18, 2023, 11:55am

Are there any alternatives with more control over the file?
For example, i want to have a file input as part of a form, so that upload only starts after the form is validated and submitted

lighthearted-ibis · January 18, 2023, 11:57am

Also i cant find any hooks for the “remove” button

lighthearted-ibis · January 19, 2023, 7:42am

ok so im not sure what changed but it’s giving me same error again

lighthearted-ibis · January 19, 2023, 7:45am

my current web security config looks like this:```java
protected void configure(HttpSecurity http) throws Exception {
http.logout().logoutSuccessUrl(“/”).logoutUrl(“/logout”).permitAll().and()
.authorizeRequests().antMatchers(“/profile”).permitAll().and()
.authorizeRequests().antMatchers(“/books/“).anonymous().and() //book files X-Frame-Options
.authorizeRequests().antMatchers(”/book/”).anonymous().and() //book page
.authorizeRequests().antMatchers(“/api/fileupload/**”).anonymous().and() //upload 403?

        .oauth2Login().permitAll().and() //auth
        .csrf().disable() //upload 403?
        .headers(headers -> headers.frameOptions(frameOptions -> frameOptions.sameOrigin())); //X-Frame-Options

super.configure(http);
http.csrf().disable();

}