diff --git a/spring_online_calculator/src/main/java/premium_store/configuration/SecurityConfiguration.java b/spring_online_calculator/src/main/java/premium_store/configuration/SecurityConfiguration.java index ec9ef44..bf865e4 100644 --- a/spring_online_calculator/src/main/java/premium_store/configuration/SecurityConfiguration.java +++ b/spring_online_calculator/src/main/java/premium_store/configuration/SecurityConfiguration.java @@ -2,26 +2,23 @@ package premium_store.configuration; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.context.annotation.Bean; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; -import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; -import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; -import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.core.userdetails.UserDetailsService; import premium_store.controller.controller.UserSignupMvcController; import premium_store.model.UserRole; import premium_store.service.GameClientService; @Configuration @EnableWebSecurity -@EnableMethodSecurity( +@EnableGlobalMethodSecurity( securedEnabled = true ) public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @@ -29,6 +26,9 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { private static final String LOGIN_URL = "/login"; private final GameClientService clientService; + @Autowired + private UserDetailsService userDetailsService; + public SecurityConfiguration(GameClientService clientService) { this.clientService = clientService; createAdminOnStartup(); @@ -38,7 +38,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { final String admin = "admin"; if (clientService.findByLogin(admin) == null) { log.info("Admin user successfully created"); - clientService.addClient(admin, "adminemail@gmail.com", admin, 0, admin, UserRole.ADMIN); + clientService.addClient(admin, "adminemail@gmail.com", admin, 100, admin, UserRole.ADMIN); } } @@ -47,7 +47,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { http.headers().frameOptions().sameOrigin().and() .cors().and() .csrf().disable() - .authorizeHttpRequests() + .authorizeRequests() .antMatchers(UserSignupMvcController.SIGNUP_URL).permitAll() .antMatchers(HttpMethod.GET, LOGIN_URL).permitAll() .anyRequest().authenticated() diff --git a/spring_online_calculator/src/main/java/premium_store/configuration/WebConfiguration.java b/spring_online_calculator/src/main/java/premium_store/configuration/WebConfiguration.java index 9a66cf5..cdb8ee5 100644 --- a/spring_online_calculator/src/main/java/premium_store/configuration/WebConfiguration.java +++ b/spring_online_calculator/src/main/java/premium_store/configuration/WebConfiguration.java @@ -1,13 +1,7 @@ package premium_store.configuration; -import org.springframework.boot.web.server.ErrorPage; -import org.springframework.boot.web.server.WebServerFactoryCustomizer; -import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory; -import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.http.HttpStatus; import org.springframework.web.servlet.config.annotation.CorsRegistry; -import org.springframework.web.servlet.config.annotation.ViewControllerRegistration; import org.springframework.web.servlet.config.annotation.ViewControllerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @@ -18,7 +12,6 @@ public class WebConfiguration implements WebMvcConfigurer { @Override public void addViewControllers(ViewControllerRegistry registry) { WebMvcConfigurer.super.addViewControllers(registry); - registry.addViewController("rest-test"); registry.addViewController("login"); } diff --git a/spring_online_calculator/src/main/java/premium_store/controller/controller/ClientMvcController.java b/spring_online_calculator/src/main/java/premium_store/controller/controller/ClientMvcController.java index b40d7fe..54a9831 100644 --- a/spring_online_calculator/src/main/java/premium_store/controller/controller/ClientMvcController.java +++ b/spring_online_calculator/src/main/java/premium_store/controller/controller/ClientMvcController.java @@ -106,6 +106,7 @@ public class ClientMvcController { } @GetMapping(value = {"/tanksOfClient", "/tanksOfClient/{id}"}) + @Secured({UserRole.AsString.ADMIN}) public String editTanksOfClient(@PathVariable(required = false) Long id, Model model){ if(id == null || id <= 0){ model.addAttribute("clientDTO", new ClientDTO()); diff --git a/spring_online_calculator/src/main/java/premium_store/controller/controller/UserSignupMvcController.java b/spring_online_calculator/src/main/java/premium_store/controller/controller/UserSignupMvcController.java index 5cb8353..7686b9e 100644 --- a/spring_online_calculator/src/main/java/premium_store/controller/controller/UserSignupMvcController.java +++ b/spring_online_calculator/src/main/java/premium_store/controller/controller/UserSignupMvcController.java @@ -34,7 +34,7 @@ public class UserSignupMvcController { } @PostMapping - public String signup(@ModelAttribute("userDto") @Valid UserSignupDto userSignupDto, + public String signup(@ModelAttribute("clientDto") @Valid UserSignupDto userSignupDto, BindingResult bindingResult, Model model) { if (bindingResult.hasErrors()) { model.addAttribute("errors", bindingResult.getAllErrors()); diff --git a/spring_online_calculator/src/main/resources/application.properties b/spring_online_calculator/src/main/resources/application.properties index ba9eacf..d13319f 100644 --- a/spring_online_calculator/src/main/resources/application.properties +++ b/spring_online_calculator/src/main/resources/application.properties @@ -1,5 +1,7 @@ +#Server spring.main.banner-mode=off server.port=8080 +#JPA server.tomcat.relaxed-query-chars=|,{,},[,] spring.datasource.url=jdbc:h2:file:./data spring.datasource.driverClassName=org.h2.Driver @@ -10,5 +12,3 @@ spring.jpa.hibernate.ddl-auto=update spring.h2.console.enabled=true spring.h2.console.settings.trace=false spring.h2.console.settings.web-allow-others=false -# Security -spring.security.user.password=user diff --git a/spring_online_calculator/src/test/java/premium_store/PremiumStoreApplicationTests.java b/spring_online_calculator/src/test/java/premium_store/PremiumStoreApplicationTests.java index 746acd1..c128888 100644 --- a/spring_online_calculator/src/test/java/premium_store/PremiumStoreApplicationTests.java +++ b/spring_online_calculator/src/test/java/premium_store/PremiumStoreApplicationTests.java @@ -17,7 +17,7 @@ import premium_store.service.exception.ClientNotFoundException; import java.util.*; @SpringBootTest -class PremiumStoreApplicationTests { +public class PremiumStoreApplicationTests { private static final Logger log = LoggerFactory.getLogger(PremiumStoreApplicationTests.class); @Autowired