Skip to content

Commit

Permalink
Merge pull request #14 from Throyer/development
Browse files Browse the repository at this point in the history 
Development
  • Loading branch information
@Throyer
Throyer authored Jan 16, 2022
2 parents c70a5f8 + 024ff38 commit c41b35e
Show file tree
Hide file tree
Showing 14 changed files with 194 additions and 391 deletions.
71 changes: 40 additions & 31 deletions ...java/com/github/throyer/common/springboot/configurations/SpringSecurityConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;
import org.springframework.web.cors.CorsConfiguration;

@Component
@EnableWebSecurity
Expand Down Expand Up @@ -70,28 +71,34 @@ protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/api/**")
.authorizeRequests()
.antMatchers(GET, "/api")
.antMatchers(
GET,
"/api",
"/api/documentation/**"
)
.permitAll()
.antMatchers(POST, "/api/users")
.permitAll()
.antMatchers(POST, "/api/sessions/**")
.permitAll()
.antMatchers(POST, "/api/recoveries/**")
.permitAll()
.antMatchers(GET, "/api/documentation/**")
.antMatchers(
POST,
"/api/users",
"/api/sessions/**",
"/api/recoveries/**",
"/api/documentation/**"
)
.permitAll()
.anyRequest()
.authenticated()
.and()
.csrf()
.disable()
.disable()
.exceptionHandling()
.authenticationEntryPoint((request, response, exception) -> forbidden(response))
.authenticationEntryPoint((request, response, exception) -> forbidden(response))
.and()
.sessionManagement()
.sessionCreationPolicy(STATELESS)
.sessionCreationPolicy(STATELESS)
.and()
.addFilterBefore(filter, UsernamePasswordAuthenticationFilter.class);
.addFilterBefore(filter, UsernamePasswordAuthenticationFilter.class)
.cors()
.configurationSource(request -> new CorsConfiguration().applyPermitDefaultValues());
}

@Override
Expand Down Expand Up @@ -124,29 +131,31 @@ protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/app/**")
.authorizeRequests()
.antMatchers(GET, LOGIN_URL)
.permitAll()
.antMatchers(GET, "/app")
.permitAll()
.antMatchers(GET, "/app/register")
.antMatchers(
GET,
LOGIN_URL,
"/app",
"/app/register",
"/app/recovery/**"
)
.permitAll()
.antMatchers(POST, "/app/register")
.permitAll()
.antMatchers(GET, "/app/recovery/**")
.permitAll()
.antMatchers(POST, "/app/recovery/**")
.antMatchers(
POST,
"/app/register",
"/app/recovery/**"
)
.permitAll()
.anyRequest()
.authenticated()
.and()
.csrf()
.disable()
.formLogin()
.loginPage(LOGIN_URL)
.failureUrl(LOGIN_ERROR_URL)
.defaultSuccessUrl(HOME_URL)
.usernameParameter(USERNAME_PARAMETER)
.passwordParameter(PASSWORD_PARAMETER)
.and()
.csrf()
.disable()
.formLogin()
.loginPage(LOGIN_URL)
.failureUrl(LOGIN_ERROR_URL)
.defaultSuccessUrl(HOME_URL)
.usernameParameter(USERNAME_PARAMETER)
.passwordParameter(PASSWORD_PARAMETER)
.and()
.rememberMe()
.key(SECRET)
Expand Down
21 changes: 20 additions & 1 deletion ...main/java/com/github/throyer/common/springboot/configurations/SpringWebConfiguration.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,30 @@
import io.swagger.v3.oas.annotations.OpenAPIDefinition;
import io.swagger.v3.oas.annotations.enums.SecuritySchemeIn;
import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
import io.swagger.v3.oas.annotations.info.Contact;
import io.swagger.v3.oas.annotations.info.Info;
import io.swagger.v3.oas.annotations.info.License;
import io.swagger.v3.oas.annotations.security.SecurityScheme;

@Configuration
@OpenAPIDefinition(info = @Info(title = "Common API", version = "v1"))
@OpenAPIDefinition(info = @Info(
title = "Common CRUD API",
version = "v3.0.4",
description = """
A complete user registry, with access permissions,
JWT token, integration and unit tests, using
the RESTful API pattern.
""",
license = @License(
name = "GNU General Public License v3.0",
url = "https://github.com/Throyer/springboot-api-crud/blob/master/LICENSE"
),
contact = @Contact(
name = "Throyer",
email = "throyer.dev@gmail.com",
url = "https://github.com/Throyer"
)
))
@SecurityScheme(
name = "token",
type = SecuritySchemeType.HTTP,
Expand Down
2 changes: 2 additions & 0 deletions src/main/java/com/github/throyer/common/springboot/controllers/api/RolesController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@

import com.github.throyer.common.springboot.domain.models.entity.Role;
import com.github.throyer.common.springboot.domain.repositories.RoleRepository;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
Expand All @@ -16,6 +17,7 @@

@RestController
@RequestMapping("/api/roles")
@SecurityRequirement(name = "token")
@PreAuthorize("hasAnyAuthority('ADM')")
public class RolesController {

Expand Down
19 changes: 14 additions & 5 deletions src/main/java/com/github/throyer/common/springboot/controllers/api/UsersController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,18 +5,19 @@

import com.github.throyer.common.springboot.domain.models.entity.User;
import com.github.throyer.common.springboot.domain.models.pagination.Page;
import com.github.throyer.common.springboot.domain.models.pagination.Pagination;

import com.github.throyer.common.springboot.domain.services.user.CreateUserService;
import com.github.throyer.common.springboot.domain.services.user.FindUserService;
import com.github.throyer.common.springboot.domain.services.user.RemoveUserService;
import com.github.throyer.common.springboot.domain.services.user.UpdateUserService;
import com.github.throyer.common.springboot.domain.services.user.dto.CreateUserApi;
import com.github.throyer.common.springboot.domain.services.user.dto.SearchUser;
import com.github.throyer.common.springboot.domain.services.user.dto.UpdateUser;
import com.github.throyer.common.springboot.domain.services.user.dto.UserDetails;
import static com.github.throyer.common.springboot.utils.Responses.ok;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import java.util.Optional;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Sort;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.validation.annotation.Validated;
Expand Down Expand Up @@ -47,12 +48,18 @@ public class UsersController {
private FindUserService findService;

@GetMapping
@SecurityRequirement(name = "token")
@PreAuthorize("hasAnyAuthority('ADM')")
public ResponseEntity<Page<UserDetails>> index(Pagination pagination, Sort sort, SearchUser search) {
return findService.find(pagination, sort, search);
public ResponseEntity<Page<UserDetails>> index(
Optional<Integer> page,
Optional<Integer> size
) {
var result = findService.findAll(page, size);
return ok(result);
}

@GetMapping("/{id}")
@SecurityRequirement(name = "token")
@PreAuthorize("hasAnyAuthority('ADM', 'USER')")
public ResponseEntity<UserDetails> show(@PathVariable Long id) {
return findService.find(id);
Expand All @@ -65,6 +72,7 @@ public ResponseEntity<UserDetails> save(@Validated @RequestBody CreateUserApi bo
}

@PutMapping("/{id}")
@SecurityRequirement(name = "token")
@PreAuthorize("hasAnyAuthority('ADM', 'USER')")
public ResponseEntity<UserDetails> update(
@PathVariable Long id,
Expand All @@ -75,6 +83,7 @@ public ResponseEntity<UserDetails> update(

@DeleteMapping("/{id}")
@ResponseStatus(NO_CONTENT)
@SecurityRequirement(name = "token")
@PreAuthorize("hasAnyAuthority('ADM')")
public ResponseEntity<User> destroy(@PathVariable Long id) {
return removeService.remove(id);
Expand Down
19 changes: 10 additions & 9 deletions src/main/java/com/github/throyer/common/springboot/controllers/app/UserController.java
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,11 @@
package com.github.throyer.common.springboot.controllers.app;

import com.github.throyer.common.springboot.domain.models.pagination.Page;
import com.github.throyer.common.springboot.domain.models.pagination.Pagination;
import com.github.throyer.common.springboot.domain.models.shared.Type;
import com.github.throyer.common.springboot.domain.repositories.UserRepository;
import com.github.throyer.common.springboot.domain.services.user.FindUserService;
import com.github.throyer.common.springboot.domain.services.user.RemoveUserService;
import com.github.throyer.common.springboot.domain.services.user.dto.SearchUser;
import com.github.throyer.common.springboot.utils.Toasts;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Sort;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
Expand All @@ -24,17 +21,21 @@
public class UserController {

@Autowired
private UserRepository repository;
private FindUserService findService;

@Autowired
private RemoveUserService removeService;

@GetMapping
public String index(Model model, Pagination pagination, Sort sort, SearchUser search) {
public String index(
Model model,
Optional<Integer> page,
Optional<Integer> size
) {

var page = Page.of(repository.findSimplifiedUsers(pagination.build()));
var result = findService.findAll(page, size);

model.addAttribute("page", page);
model.addAttribute("page", result);

return "app/users/index";
}
Expand Down
4 changes: 0 additions & 4 deletions src/main/java/com/github/throyer/common/springboot/domain/models/entity/Recovery.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,6 @@ public Recovery(User user, Integer minutesToExpire) {
this.code = code();
}

public Recovery(String email, String password_recovery_code, String code) {
throw new UnsupportedOperationException("Not supported yet."); //To change body of generated methods, choose Tools | Templates.
}

public Long getId() {
return id;
}
Expand Down
51 changes: 2 additions & 49 deletions src/main/java/com/github/throyer/common/springboot/domain/models/entity/Role.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,12 @@
import javax.persistence.Table;

import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.Data;

import org.hibernate.annotations.Where;
import org.springframework.security.core.GrantedAuthority;

@Data
@Entity
@Table(name = "role")
@Where(clause = Auditable.NON_DELETED_CLAUSE)
Expand Down Expand Up @@ -57,55 +59,6 @@ public Role(Long id, String initials) {
this.initials = initials;
}

public Long getId() {
return id;
}

public void setId(Long id) {
this.id = id;
}

public String getName() {
return name;
}

public void setName(String name) {
this.name = name;
}

public String getDeletedName() {
return deletedName;
}

public String getInitials() {
return initials;
}

public void setInitials(String initials) {
this.initials = initials;
}

public String getDeletedInitials() {
return deletedInitials;
}

public String getDescription() {
return description;
}

public void setDescription(String description) {
this.description = description;
}

public Boolean compare(String search) {
if (Objects.nonNull(search)) {
return
getName().toLowerCase().equals(search.toLowerCase()) ||
getInitials().toLowerCase().equals(search.toLowerCase());
}
return false;
}

@Override
public boolean equals(Object object) {
if (object == this)
Expand Down
Loading

0 comments on commit c41b35e

Please sign in to comment.