Merge pull request #48 from AhmedMohamedAbdelaty/implement-user-roles…

…-permissions

.github/workflows/gradle.yml

@@ -0,0 +1,49 @@
+name: Java CI with Gradle
+
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up JDK 21
+      uses: actions/setup-java@v4
+      with:
+        java-version: '21'
+        distribution: 'temurin'
+        cache: gradle
+
+    - name: Grant execute permission for gradlew
+      run: chmod +x gradlew
+
+    - name: Build with Gradle
+      run: ./gradlew build -x test
+
+    - name: Run tests
+      run: ./gradlew test
+
+    - name: Publish Test Results
+      uses: actions/upload-artifact@v4
+      if: always()
+      with:
+        name: test-results
+        path: |
+          build/reports/tests/test/
+          build/test-results/test/
+
+    - name: Update status check
+      if: success()
+      run: echo "Tests passed" > status.txt || echo "Tests failed" > status.txt
+
+    - name: Upload status check
+      uses: actions/upload-artifact@v4
+      with:
+        name: status-check
+        path: status.txt

README.md

@@ -1,5 +1,7 @@
 # Upwork-Clone
 
+![Build Status](https://github.com/AhmedMohamedAbdelaty/Upwork/actions/workflows/gradle.yml/badge.svg)
+
 A platform connecting freelancers and clients for job postings, proposals, and real-time chat.
 
 ## Table of Contents
@@ -11,6 +13,7 @@ A platform connecting freelancers and clients for job postings, proposals, and r
     - [User Management](#user-management)
     - [Password Management](#password-management)
     - [Token Management](#token-management)
+    - [Role Management](#role-management)
     - [Test Endpoints](#test-endpoints)
 - [Swagger UI](#swagger-ui)
 - [To-Do](#to-do)
@@ -155,34 +158,36 @@ Flyway is used to manage database migrations. The SQL scripts are located in `sr
     - `id`: The ID of the user to reactivate
 - **Response:** A `ResponseDto` object containing the result of the operation.
 </details>
+
 <details>
    <summary>Get user profile</summary>
 
 - **URL:** `/api/users/profile/{userId}`
 - **Method:** `GET`
 - **Description:** Retrieve the profile information for a specific user.
 - **Path Parameters:**
-  - `id` (required): The ID of the user whose profile is to be retrieved.
-    - **Response:**
-      - **Status Code:** `200 OK`
-      - **Body:**
-        ```json
-        {
-        "status": "OK",
-        "success": true,
-        "data": {
+  - `userId` (required): The ID of the user whose profile is to be retrieved.
+- **Response:**
+  - **Status Code:** `200 OK`
+  - **Body:**
+    ```json
+    {
+      "status": "OK",
+      "success": true,
+      "data": {
         "id": 160,
         "firstName": "Teddy",
         "lastName": "Johnson",
         "title": null,
         "description": null,
         "hourlyRate": null,
         "location": null
-          },
-        "error": null
-        }
-        ```
+      },
+      "error": null
+    }
+    ```
 </details>
+
 <details>
    <summary>Update user profile</summary>
 
@@ -191,39 +196,38 @@ Flyway is used to manage database migrations. The SQL scripts are located in `sr
 - **Description:** Update the profile information for a specific user.
 - **Path Parameters:**
   - `id` (required): The ID of the user whose currently logged in.
-    - **Request Body:**
-      - **Content-Type:** `application/json`
-        - **Body Example:**
-          ```json
-          {
-            "id": 160,
-            "firstName": "string",
-            "lastName": "string",
-            "title": "string",
-            "description": "string",
-            "hourlyRate": 0,
-            "location": "string"
-          }
-          ```
+- **Request Body:**
+  - **Content-Type:** `application/json`
+  - **Body Example:**
+    ```json
+    {
+      "id": 160,
+      "firstName": "string",
+      "lastName": "string",
+      "title": "string",
+      "description": "string",
+      "hourlyRate": 0,
+      "location": "string"
+    }
+    ```
 - **Response:**
   - **Status Code:** `200 OK`
   - **Body Example:**
     ```json
-        {
-        "status": "OK",
-        "success": true,
-        "data": {
+    {
+      "status": "OK",
+      "success": true,
+      "data": {
         "id": 160,
         "firstName": "string",
         "lastName": "string",
         "title": "string",
         "description": "string",
         "hourlyRate": 0,
         "location": "string"
-          },
-        "error": null
-        }
-
+      },
+      "error": null
+    }
     ```
 
 </details>
@@ -301,6 +305,128 @@ Flyway is used to manage database migrations. The SQL scripts are located in `sr
 - **Response:** An object indicating the result of the operation.
 </details>
 
+### Role Management
+
+<details>
+   <summary>Add a new role</summary>
+
+- **URL:** `/api/roles/add`
+- **Method:** `POST`
+- **Description:** Add a new role, accessible only by admins.
+- **Request Body:**
+  ```json
+  {
+    "name": "string"
+  }
+  ```
+- **Response:**
+  ```json
+  {
+    "status": "CREATED",
+    "success": true,
+    "data": {
+      "id": 1,
+      "name": "string"
+    },
+    "error": null
+  }
+  ```
+</details>
+
+<details>
+   <summary>Remove a role</summary>
+
+- **URL:** `/api/roles/remove/{roleId}`
+- **Method:** `DELETE`
+- **Description:** Remove a role, accessible only by admins.
+- **Path Parameters:**
+  - `roleId` (required): The ID of the role to remove.
+- **Response:**
+  ```json
+  {
+    "status": "OK",
+    "success": true,
+    "data": "Role removed successfully.",
+    "error": null
+  }
+  ```
+</details>
+
+<details>
+   <summary>Update a role</summary>
+
+- **URL:** `/api/roles/update/{roleId}`
+- **Method:** `PUT`
+- **Description:** Update a role, accessible only by admins.
+- **Path Parameters:**
+  - `roleId` (required): The ID of the role to update.
+- **Request Body:**
+  ```json
+  {
+    "name": "string"
+  }
+  ```
+- **Response:**
+  ```json
+  {
+    "status": "OK",
+    "success": true,
+    "data": {
+      "id": 1,
+      "name": "string"
+    },
+    "error": null
+  }
+  ```
+</details>
+
+<details>
+   <summary>Get all roles</summary>
+
+- **URL:** `/api/roles/all`
+- **Method:** `GET`
+- **Description:** Retrieve a list of all roles, accessible only by admins.
+- **Response:**
+  ```json
+  {
+    "status": "OK",
+    "success": true,
+    "data": [
+      {
+        "id": 1,
+        "name": "string"
+      }
+    ],
+    "error": null
+  }
+  ```
+</details>
+
+<details>
+   <summary>Assign roles to users</summary>
+
+- **URL:** `/api/roles/{id}/assign-roles`
+- **Method:** `POST`
+- **Description:** Assign roles to users, accessible only by admins.
+- **Path Parameters:**
+  - `id` (required): The ID of the user to assign roles to.
+- **Request Body:**
+  ```json
+  {
+    "roles": ["string"]
+  }
+  ```
+- **Response:**
+  ```json
+  {
+    "status": "OK",
+    "success": true,
+    "data": "Roles assigned successfully.",
+    "error": null
+  }
+  ```
+</details>
+
 ### Test Endpoints
 
 These endpoints are likely for testing purposes and may be removed in production:
@@ -325,4 +451,4 @@ You can access the Swagger UI documentation for this API at: http://localhost:80
 - [ ] Add unit and integration tests for all endpoints.
 - [ ] Implement logging and monitoring solutions.
 - [ ] Create a Dockerfile and build a Docker image for the application.
-- [ ] Set up Docker Compose and document Docker setup for the frontend team.
+- [ ] Set up Docker Compose and document Docker setup for the frontend team.

build.gradle

@@ -51,6 +51,7 @@ dependencies {
     annotationProcessor 'org.projectlombok:lombok'
     testImplementation 'org.springframework.boot:spring-boot-starter-test'
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
+    testImplementation 'com.h2database:h2'
 }
 
 tasks.named('test') {

src/main/java/com/activecourses/upwork/config/security/SecurityConfig.java

@@ -6,7 +6,6 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
@@ -55,23 +54,13 @@ public class SecurityConfig {
             "/api/client/**"
     };
 
-    private final CustomUserDetailsService customUserDetailsService;
-
     private final AuthEntryPointJwt unauthorizedHandler;
 
     @Bean
     public AuthTokenFilter authenticationJwtTokenFilter() {
         return new AuthTokenFilter();
     }
 
-    @Bean
-    public DaoAuthenticationProvider authenticationProvider() {
-        DaoAuthenticationProvider auth = new DaoAuthenticationProvider();
-        auth.setUserDetailsService(customUserDetailsService);
-        auth.setPasswordEncoder(passwordEncoder());
-        return auth;
-    }
-
     @Bean
     public AuthenticationManager authenticationManager(AuthenticationConfiguration config) throws Exception {
         return config.getAuthenticationManager();
@@ -96,12 +85,8 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
                 );
 
         http.httpBasic(Customizer.withDefaults());
-        http.authenticationProvider(authenticationProvider());
         http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class);
 
         return http.build();
-//
-//
-//
     }
 }