diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index bc4593a..e0e0654 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -5,8 +5,12 @@
+
+
+
+
@@ -36,13 +40,13 @@
file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/EmployeeController.java
- 34
+ 36
file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/EmployeeController.java
- 15
+ 17
file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 51
+ 58
file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 59
+ 70
- file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 52
-
+ file://$PROJECT_DIR$/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java
+ 49
+
- file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 54
-
-
-
- file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 55
-
-
-
- file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 56
-
-
-
- file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 57
-
-
-
- file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java
- 58
-
+ file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AdminController.java
+ 79
+
diff --git a/README.md b/README.md
index f4778b9..2a65cfe 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,8 @@
# Minipigs-Back
-минипиги solution
\ No newline at end of file
+минипиги solution
+
+
+
+{"login": "pivanov", "password": "admin"} - админ
+{"login": "ipetrov", "password": "user"} - user
\ No newline at end of file
diff --git a/src/main/java/com/example/nto/controller/AdminController.java b/src/main/java/com/example/nto/controller/AdminController.java
new file mode 100644
index 0000000..5c54e01
--- /dev/null
+++ b/src/main/java/com/example/nto/controller/AdminController.java
@@ -0,0 +1,97 @@
+package com.example.nto.controller;
+
+import com.example.nto.entity.Employee;
+import com.example.nto.service.EmployeeService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+
+@Controller
+@RequestMapping("/api/admin/")
+public class AdminController {
+
+ @Autowired
+ private EmployeeService employeeService;
+
+
+ public static class DeleteEmployeeRequest {
+ private Long id;
+
+
+ public Long getId() {
+ return id;
+ }
+
+ public void setId(Long id) {
+ this.id = id;
+ }
+ }
+
+ public static class UpdateEmployeeRequest {
+ private Long id;
+ private String field;
+
+ public Long getId() {
+ return id;
+ }
+
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ public String getField() {
+ return field;
+ }
+
+ public void setField(String field) {
+ this.field = field;
+ }
+ }
+
+ /**
+ * Такой же метод, как и getEmployeeInfo, только для админов по логину
+ * @return
+ */
+ @PreAuthorize("hasAnyRole('ADMIN')")
+ @GetMapping("/{value}/info")
+ public Employee getEmployeeInfoAdmin(@PathVariable String value) {
+ return employeeService.getEmployeeInfoById(Long.parseLong(value));
+ }
+
+ @PreAuthorize("hasAnyRole('ADMIN')")
+ @DeleteMapping("/employee/delete/")
+ public ResponseEntity deleteEmployee(@RequestBody DeleteEmployeeRequest deleteEmployeeRequest) {
+ employeeService.deleteEmployee(deleteEmployeeRequest.id);
+ return ResponseEntity.status(HttpStatus.OK).build();
+ }
+
+ @PreAuthorize("hasRole('DOLBOEB')")
+ @PutMapping("/employee/update/login/")
+ public ResponseEntity updateEmployeeLogin(@RequestBody UpdateEmployeeRequest updateEmployeeRequest) {
+
+ Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+ employeeService.updateEmployeeLogin(updateEmployeeRequest.id, updateEmployeeRequest.field);
+ return ResponseEntity.status(HttpStatus.OK).build();
+ }
+
+ @PreAuthorize("hasAnyRole('ADMIN')")
+ @PutMapping("/employee/update/avatar/")
+ public ResponseEntity updateEmployeeAvatar(@RequestBody UpdateEmployeeRequest updateEmployeeRequest) {
+ employeeService.updateEmployeeAvatar(updateEmployeeRequest.id, updateEmployeeRequest.field);
+ return ResponseEntity.status(HttpStatus.OK).build();
+ }
+
+ @PreAuthorize("hasAnyRole('ADMIN')")
+ @PutMapping("/employee/update/position/")
+ public ResponseEntity updatePosition(@RequestBody UpdateEmployeeRequest updateEmployeeRequest) {
+ employeeService.updateEmployeePosition(updateEmployeeRequest.id, updateEmployeeRequest.field);
+ return ResponseEntity.status(HttpStatus.OK).build();
+ }
+}
diff --git a/src/main/java/com/example/nto/controller/AuthController.java b/src/main/java/com/example/nto/controller/AuthController.java
index 313c3b1..8f3b796 100644
--- a/src/main/java/com/example/nto/controller/AuthController.java
+++ b/src/main/java/com/example/nto/controller/AuthController.java
@@ -1,24 +1,31 @@
package com.example.nto.controller;
+import com.example.nto.entity.Employee;
+import com.example.nto.repository.EmployeeRepository;
import lombok.AllArgsConstructor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
+import java.util.ArrayList;
+import java.util.List;
@RestController
public class AuthController {
+ @Autowired
+ private EmployeeRepository employeeRepository;
+
@AllArgsConstructor
private static class LoginBody {
private String login;
@@ -50,8 +57,12 @@ public class AuthController {
*/
@PostMapping("/api/login/")
private ResponseEntity login(HttpServletRequest request, @RequestBody LoginBody loginBody) { //, @RequestParam String login, @RequestParam String password) {
+
+ Employee employee = employeeRepository.getByLogin(loginBody.login).get();
+ List authorities = new ArrayList<>();
+ authorities.add(new SimpleGrantedAuthority(employee.getRole()));
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
- loginBody.getLogin(), loginBody.getPassword());
+ loginBody.getLogin(), loginBody.getPassword(), authorities);
Authentication authentication = authenticationManager.authenticate(authRequest);
SecurityContext securityContext = SecurityContextHolder.getContext();
securityContext.setAuthentication(authentication);
diff --git a/src/main/java/com/example/nto/controller/EmployeeController.java b/src/main/java/com/example/nto/controller/EmployeeController.java
index abce26c..6a1322b 100644
--- a/src/main/java/com/example/nto/controller/EmployeeController.java
+++ b/src/main/java/com/example/nto/controller/EmployeeController.java
@@ -3,9 +3,11 @@ package com.example.nto.controller;
import com.example.nto.entity.Employee;
import com.example.nto.repository.CodeRepository;
import com.example.nto.service.EmployeeService;
+import org.springframework.boot.autoconfigure.ldap.embedded.EmbeddedLdapProperties;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.*;
@@ -45,15 +47,6 @@ public class EmployeeController {
}
}
- /**
- * Такой же метод, как и getEmployeeInfo, только для админов по логину
- * @return
- */
- @Secured("ADMIN")
- @GetMapping("/api/admin/{value}/info")
- public Employee getEmployeeInfoAdmin(@PathVariable String value) {
- return employeeService.getEmployeeInfoById(Long.parseLong(value));
- }
/**
* Получить информацию по емплоеееее
*
diff --git a/src/main/java/com/example/nto/repository/EmployeeRepository.java b/src/main/java/com/example/nto/repository/EmployeeRepository.java
index 2cf302a..a64bebc 100644
--- a/src/main/java/com/example/nto/repository/EmployeeRepository.java
+++ b/src/main/java/com/example/nto/repository/EmployeeRepository.java
@@ -10,4 +10,5 @@ public interface EmployeeRepository extends JpaRepository {
boolean existsByLogin(String login);
Optional getByLogin(String login);
Optional findByLogin(String login);
+
}
diff --git a/src/main/java/com/example/nto/service/EmployeeService.java b/src/main/java/com/example/nto/service/EmployeeService.java
index 29506f1..03ace10 100644
--- a/src/main/java/com/example/nto/service/EmployeeService.java
+++ b/src/main/java/com/example/nto/service/EmployeeService.java
@@ -10,4 +10,8 @@ public interface EmployeeService {
boolean doorIsOpen(String login, long code);
void updateLastVisit(String login);
Employee getEmployeeInfoById(Long id);
+ void deleteEmployee(Long id);
+ Employee updateEmployeeLogin(Long id, String newLogin);
+ Employee updateEmployeeAvatar(Long id, String newAvatar);
+ Employee updateEmployeePosition(Long id, String newPosition);
}
diff --git a/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java b/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java
index 1322ca3..2156760 100644
--- a/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java
+++ b/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java
@@ -5,6 +5,7 @@ import com.example.nto.entity.Employee;
import com.example.nto.repository.CodeRepository;
import com.example.nto.repository.EmployeeRepository;
import com.example.nto.service.EmployeeService;
+import org.hibernate.sql.Update;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -74,4 +75,32 @@ public class EmployeeServiceImpl implements EmployeeService {
public Employee getEmployeeInfoById(Long id) {
return employeeRepository.findById(id).get();
}
+
+ @Override
+ public void deleteEmployee(Long id) {
+ employeeRepository.deleteById(id);
+ }
+
+ @Override
+ public Employee updateEmployeeLogin(Long id, String newLogin) {
+ Employee employee = employeeRepository.getById(id);
+ employee.setLogin(newLogin);
+ employeeRepository.save(employee);
+ return employee;
+ }
+
+ @Override
+ public Employee updateEmployeeAvatar(Long id, String newAvatar) {
+ Employee employee = employeeRepository.getById(id);
+ employee.setPhoto(newAvatar);
+ employeeRepository.save(employee);
+ return employee;
+ }
+
+ @Override
+ public Employee updateEmployeePosition(Long id, String newPosition) {
+ Employee employee = employeeRepository.getById(id);
+ employee.setPosition(newPosition);
+ employeeRepository.save(employee);
+ return employee; }
}