Compare commits
No commits in common. "757c2d160b1a986f9b18bdb1d066c47d8d973b51" and "5e6d8104dc6413ef2d1a6d9296210d3ad115e997" have entirely different histories.
757c2d160b
...
5e6d8104dc
@ -263,9 +263,9 @@ export default {
|
|||||||
methods: {
|
methods: {
|
||||||
getArtistsInAlbum(id){
|
getArtistsInAlbum(id){
|
||||||
axios .create({
|
axios .create({
|
||||||
headers: {
|
headers: {
|
||||||
'Authorization': 'Bearer ' + localStorage.getItem("token")
|
'Authorization': 'Bearer ' + localStorage.getItem("token")
|
||||||
}}).get(this.URL + `album/${id}/getAllArtists`)
|
}}).get(this.URL + `album/${id}/getAllArtists`)
|
||||||
.then(response => {
|
.then(response => {
|
||||||
this.artistsInAlbum = response.data;
|
this.artistsInAlbum = response.data;
|
||||||
console.log(response.data);
|
console.log(response.data);
|
||||||
@ -300,26 +300,19 @@ export default {
|
|||||||
console.log(error);
|
console.log(error);
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
addAlbum(album) {
|
addAlbum(album){
|
||||||
console.log(this.album);
|
console.log(this.album);
|
||||||
axios
|
axios .create({
|
||||||
.create({
|
headers: {
|
||||||
headers: {
|
'Authorization': 'Bearer ' + localStorage.getItem("token")
|
||||||
'Authorization': 'Bearer ' + localStorage.getItem("token")
|
}}).post(this.URL + "album", album)
|
||||||
}
|
.then(() => {
|
||||||
})
|
this.getAlbums();
|
||||||
.post(this.URL + "album", album)
|
this.closeModal();
|
||||||
.then(() => {
|
})
|
||||||
this.getAlbums();
|
.catch(error => {
|
||||||
this.closeModal();
|
console.log(error);
|
||||||
})
|
});
|
||||||
.catch(error => {
|
|
||||||
if (error.response && error.response.status === 403) {
|
|
||||||
console.error("Forbidden: User does not have permission to perform this operation");
|
|
||||||
} else {
|
|
||||||
console.error(error);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
},
|
||||||
deleteAlbum(id){
|
deleteAlbum(id){
|
||||||
axios .create({
|
axios .create({
|
||||||
|
|||||||
@ -7,7 +7,6 @@
|
|||||||
<div class="form__password">
|
<div class="form__password">
|
||||||
<input class="password-input form-control" v-model="password" id="password" required="" validate="false" placeholder="Пароль" type="password" name="Пароль">
|
<input class="password-input form-control" v-model="password" id="password" required="" validate="false" placeholder="Пароль" type="password" name="Пароль">
|
||||||
</div>
|
</div>
|
||||||
<br>
|
|
||||||
<div class="registration__buttons">
|
<div class="registration__buttons">
|
||||||
<button class="registration__confirm btn btn-primary" id="reg_btn" type="submit">Зарегестрироваться</button><a class="registration__login" href="/login">Уже есть аккаунт</a>
|
<button class="registration__confirm btn btn-primary" id="reg_btn" type="submit">Зарегестрироваться</button><a class="registration__login" href="/login">Уже есть аккаунт</a>
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -60,8 +60,6 @@ import 'axios';
|
|||||||
import axios from "axios";
|
import axios from "axios";
|
||||||
import Song from "@/models/Song";
|
import Song from "@/models/Song";
|
||||||
export default {
|
export default {
|
||||||
name: 'Songs',
|
|
||||||
emits: ['login'],
|
|
||||||
created() {
|
created() {
|
||||||
this.getSongs();
|
this.getSongs();
|
||||||
this.getAlbums();
|
this.getAlbums();
|
||||||
|
|||||||
@ -46,13 +46,9 @@ export default {
|
|||||||
.then(response => {
|
.then(response => {
|
||||||
this.users = response.data;
|
this.users = response.data;
|
||||||
})
|
})
|
||||||
.catch(error => {
|
.catch(error => {
|
||||||
if (error.response && error.response.status === 403) {
|
console.log(error);
|
||||||
console.error("Forbidden: User does not have permission to perform this operation");
|
});
|
||||||
} else {
|
|
||||||
console.log(error);
|
|
||||||
}
|
|
||||||
});
|
|
||||||
},
|
},
|
||||||
methods:{
|
methods:{
|
||||||
|
|
||||||
|
|||||||
@ -18,7 +18,7 @@ import ru.ulstu.is.sbapp.database.service.UserService;
|
|||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@EnableMethodSecurity(securedEnabled = true, proxyTargetClass = true)
|
@EnableMethodSecurity(securedEnabled = true)
|
||||||
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
||||||
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
|
private final Logger log = LoggerFactory.getLogger(SecurityConfiguration.class);
|
||||||
public static final String SPA_URL_MASK = "/{path:[^\\.]*}";
|
public static final String SPA_URL_MASK = "/{path:[^\\.]*}";
|
||||||
@ -42,17 +42,16 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|||||||
http.cors()
|
http.cors()
|
||||||
.and()
|
.and()
|
||||||
.csrf().disable()
|
.csrf().disable()
|
||||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.NEVER)
|
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||||
.and()
|
.and()
|
||||||
.authorizeRequests()
|
.authorizeRequests()
|
||||||
.antMatchers("/", SPA_URL_MASK).permitAll()
|
.antMatchers("/", SPA_URL_MASK).permitAll()
|
||||||
.antMatchers("/who_i_am").permitAll()
|
|
||||||
.antMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
|
.antMatchers(HttpMethod.POST, UserController.URL_LOGIN).permitAll()
|
||||||
.anyRequest()
|
.anyRequest()
|
||||||
.authenticated()
|
.authenticated()
|
||||||
.and()
|
.and()
|
||||||
.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
|
.addFilterBefore(jwtFilter, UsernamePasswordAuthenticationFilter.class)
|
||||||
.anonymous().and().logout().permitAll();
|
.anonymous();
|
||||||
}
|
}
|
||||||
@Override
|
@Override
|
||||||
protected void configure(AuthenticationManagerBuilder builder) throws Exception {
|
protected void configure(AuthenticationManagerBuilder builder) throws Exception {
|
||||||
|
|||||||
@ -1,12 +1,9 @@
|
|||||||
package ru.ulstu.is.sbapp.controllers;
|
package ru.ulstu.is.sbapp.controllers;
|
||||||
|
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.security.access.annotation.Secured;
|
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
||||||
import ru.ulstu.is.sbapp.database.model.Artist;
|
import ru.ulstu.is.sbapp.database.model.Artist;
|
||||||
import ru.ulstu.is.sbapp.database.model.Role;
|
|
||||||
import ru.ulstu.is.sbapp.database.model.Song;
|
import ru.ulstu.is.sbapp.database.model.Song;
|
||||||
import ru.ulstu.is.sbapp.database.service.AlbumService;
|
import ru.ulstu.is.sbapp.database.service.AlbumService;
|
||||||
|
|
||||||
@ -36,7 +33,6 @@ public class AlbumController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping
|
@PostMapping
|
||||||
@PreAuthorize("hasAuthority('ROLE_ADMIN')")
|
|
||||||
public AlbumDTO createAlbum(@RequestBody @Valid AlbumDTO albumDTO){
|
public AlbumDTO createAlbum(@RequestBody @Valid AlbumDTO albumDTO){
|
||||||
return new AlbumDTO(albumService.addAlbum(albumDTO.getAlbumName(), albumDTO.getArtistIds()));
|
return new AlbumDTO(albumService.addAlbum(albumDTO.getAlbumName(), albumDTO.getArtistIds()));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,12 +1,8 @@
|
|||||||
package ru.ulstu.is.sbapp.controllers;
|
package ru.ulstu.is.sbapp.controllers;
|
||||||
|
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
|
|
||||||
import org.springframework.security.access.annotation.Secured;
|
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
||||||
import ru.ulstu.is.sbapp.database.model.Role;
|
|
||||||
import ru.ulstu.is.sbapp.database.service.ArtistService;
|
import ru.ulstu.is.sbapp.database.service.ArtistService;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@ -33,7 +29,6 @@ public class ArtistController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping
|
@PostMapping
|
||||||
@PreAuthorize("hasAuthority('ROLE_ADMIN')")
|
|
||||||
public ArtistDTO createArtist(@RequestBody @Valid ArtistDTO artistDTO){
|
public ArtistDTO createArtist(@RequestBody @Valid ArtistDTO artistDTO){
|
||||||
return new ArtistDTO(artistService.addArtist(artistDTO.getArtistName(), artistDTO.getGenre()));
|
return new ArtistDTO(artistService.addArtist(artistDTO.getArtistName(), artistDTO.getGenre()));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,12 +1,8 @@
|
|||||||
package ru.ulstu.is.sbapp.controllers;
|
package ru.ulstu.is.sbapp.controllers;
|
||||||
|
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
|
|
||||||
import org.springframework.security.access.annotation.Secured;
|
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
import ru.ulstu.is.sbapp.configuration.OpenAPI30Configuration;
|
||||||
import ru.ulstu.is.sbapp.database.model.Role;
|
|
||||||
import ru.ulstu.is.sbapp.database.service.AlbumService;
|
import ru.ulstu.is.sbapp.database.service.AlbumService;
|
||||||
import ru.ulstu.is.sbapp.database.service.SongService;
|
import ru.ulstu.is.sbapp.database.service.SongService;
|
||||||
|
|
||||||
@ -36,7 +32,6 @@ public class SongController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping
|
@PostMapping
|
||||||
@PreAuthorize("hasAuthority('ROLE_ADMIN')")
|
|
||||||
public SongDTO createSong(@RequestBody @Valid SongDTO songDTO){
|
public SongDTO createSong(@RequestBody @Valid SongDTO songDTO){
|
||||||
return new SongDTO(songService.addSong(songDTO.getSongName(), songDTO.getDuration()));
|
return new SongDTO(songService.addSong(songDTO.getSongName(), songDTO.getDuration()));
|
||||||
}
|
}
|
||||||
|
|||||||
@ -2,7 +2,6 @@ package ru.ulstu.is.sbapp.controllers;
|
|||||||
|
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
import org.springframework.security.access.annotation.Secured;
|
import org.springframework.security.access.annotation.Secured;
|
||||||
import org.springframework.security.access.prepost.PreAuthorize;
|
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import ru.ulstu.is.sbapp.database.model.User;
|
import ru.ulstu.is.sbapp.database.model.User;
|
||||||
import ru.ulstu.is.sbapp.database.model.Role;
|
import ru.ulstu.is.sbapp.database.model.Role;
|
||||||
@ -40,11 +39,12 @@ public class UserController {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
@GetMapping("/{id}")
|
@GetMapping("/{id}")
|
||||||
|
@Secured({Role.AsString.ADMIN})
|
||||||
public UserDTO getUser(@PathVariable Long id) {
|
public UserDTO getUser(@PathVariable Long id) {
|
||||||
return new UserDTO(userService.findUser(id));
|
return new UserDTO(userService.findUser(id));
|
||||||
}
|
}
|
||||||
@GetMapping("/")
|
@GetMapping("/")
|
||||||
@PreAuthorize("hasAuthority('ROLE_ADMIN')")
|
@Secured({Role.AsString.ADMIN})
|
||||||
public List<UserDTO> getUsers() {
|
public List<UserDTO> getUsers() {
|
||||||
return userService.findAllUsers().stream()
|
return userService.findAllUsers().stream()
|
||||||
.map(UserDTO::new)
|
.map(UserDTO::new)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user