diff --git a/src/main/java/com/example/nto/config/WebSecurityConfig.java b/src/main/java/com/example/nto/config/WebSecurityConfig.java index d1eb63e..c34f180 100644 --- a/src/main/java/com/example/nto/config/WebSecurityConfig.java +++ b/src/main/java/com/example/nto/config/WebSecurityConfig.java @@ -25,11 +25,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { .csrf().disable() .authorizeRequests() .antMatchers("/h2-console/**").permitAll() -// .antMatchers("/api/auth").permitAll() -// .antMatchers("/api/users/username/{username}").permitAll() -// .antMatchers("/api/volunteer/one/1").hasAnyAuthority("ROLE_ADMIN") -// .antMatchers("/api/authority/**").hasAnyAuthority("ROLE_ADMIN") - .antMatchers("/api/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN") + .antMatchers("/api/user/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN") + .antMatchers("/api/admin/**").hasAnyAuthority("ROLE_ADMIN") .anyRequest().authenticated() .and() .httpBasic() diff --git a/src/main/java/com/example/nto/controller/EmployeeController.java b/src/main/java/com/example/nto/controller/EmployeeController.java index a569b57..fa6ef78 100644 --- a/src/main/java/com/example/nto/controller/EmployeeController.java +++ b/src/main/java/com/example/nto/controller/EmployeeController.java @@ -3,9 +3,7 @@ package com.example.nto.controller; import com.example.nto.dto.EmployeeDTO; import com.example.nto.dto.EnterDTO; -import com.example.nto.entity.Code; -import com.example.nto.entity.Employee; -import com.example.nto.entity.EnterType; +import com.example.nto.entity.*; import com.example.nto.service.impl.EmployeeServiceImpl; import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; @@ -22,23 +20,28 @@ public class EmployeeController { private final EmployeeServiceImpl employeeService; - @GetMapping("/login") + @GetMapping("/user/login") public ResponseEntity login(Authentication authentication){ return ResponseEntity.ok(employeeService.getEmployeeByUsername(authentication.getName())); } - @GetMapping("/info/{login}") + @GetMapping("/user/info/{login}") public ResponseEntity info(@PathVariable("login") String username){ return ResponseEntity.ok(employeeService.getInfo(username)); } - @PostMapping("/add/{login}") + @PostMapping("/user/add/{login}") public ResponseEntity add(@PathVariable("login") String login, @RequestBody EnterDTO enterDTO){ return ResponseEntity.ok(employeeService.addEnter(login, enterDTO)); } - @GetMapping("/list/{login}") + @GetMapping("/user/list/{login}") public List list(@PathVariable("login") String username){ return employeeService.getAllEmployeeEnters(username); } + + @PatchMapping("/admin/authority/change/{login}") + public ResponseEntity authChange(@PathVariable("login") String username, @RequestBody Authority authority){ + return ResponseEntity.ok(employeeService.changeAuthority(username, authority)); + } } diff --git a/src/main/java/com/example/nto/dto/AuthorityDTO.java b/src/main/java/com/example/nto/dto/AuthorityDTO.java new file mode 100644 index 0000000..4f2a227 --- /dev/null +++ b/src/main/java/com/example/nto/dto/AuthorityDTO.java @@ -0,0 +1,8 @@ +package com.example.nto.dto; + +import lombok.Data; + +@Data +public class AuthorityDTO { + private String authority; +} diff --git a/src/main/java/com/example/nto/dto/EmployeeDTO.java b/src/main/java/com/example/nto/dto/EmployeeDTO.java index 0b88212..a685bb7 100644 --- a/src/main/java/com/example/nto/dto/EmployeeDTO.java +++ b/src/main/java/com/example/nto/dto/EmployeeDTO.java @@ -1,8 +1,10 @@ package com.example.nto.dto; +import com.example.nto.entity.Authority; import lombok.Data; import java.time.LocalDateTime; +import java.util.Set; @Data public class EmployeeDTO { @@ -12,4 +14,5 @@ public class EmployeeDTO { private String photoUrl; private String position; private LocalDateTime lastVisit; + private Set authority; } diff --git a/src/main/java/com/example/nto/entity/EmployeeAuthority.java b/src/main/java/com/example/nto/entity/EmployeeAuthority.java new file mode 100644 index 0000000..bf48fb7 --- /dev/null +++ b/src/main/java/com/example/nto/entity/EmployeeAuthority.java @@ -0,0 +1,22 @@ +package com.example.nto.entity; + +import lombok.Data; + +import javax.persistence.*; + +@Data +@Entity +@Table(name="employee_authorities") +public class EmployeeAuthority { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private long id; + + @ManyToOne + @JoinColumn(name="employee_id") + private Employee empId; + + @ManyToOne + @JoinColumn(name="authorities_id") + private Authority authId; +} diff --git a/src/main/java/com/example/nto/exception/IncorrectAuthority.java b/src/main/java/com/example/nto/exception/IncorrectAuthority.java new file mode 100644 index 0000000..0e7119e --- /dev/null +++ b/src/main/java/com/example/nto/exception/IncorrectAuthority.java @@ -0,0 +1,7 @@ +package com.example.nto.exception; + +public class IncorrectAuthority extends RuntimeException { + public IncorrectAuthority(String message) { + super(message); + } +} diff --git a/src/main/java/com/example/nto/exception/handler/GlobalExceptionHandler.java b/src/main/java/com/example/nto/exception/handler/GlobalExceptionHandler.java index 4a482e8..9c8b7bd 100644 --- a/src/main/java/com/example/nto/exception/handler/GlobalExceptionHandler.java +++ b/src/main/java/com/example/nto/exception/handler/GlobalExceptionHandler.java @@ -1,9 +1,6 @@ package com.example.nto.exception.handler; -import com.example.nto.exception.EmployeeNotFoundException; -import com.example.nto.exception.IncorrectCodeException; -import com.example.nto.exception.IncorrectPasswordException; -import com.example.nto.exception.IncorrectTypeException; +import com.example.nto.exception.*; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.ControllerAdvice; @@ -25,4 +22,9 @@ public class GlobalExceptionHandler { public ResponseEntity handlerIncorrectTypeException(IncorrectTypeException e) { return new ResponseEntity<>(e.getMessage(), HttpStatus.CONFLICT); } + + @ExceptionHandler(IncorrectAuthority.class) + public ResponseEntity handlerIncorrectAuthority(IncorrectAuthority e) { + return new ResponseEntity<>(e.getMessage(), HttpStatus.CONFLICT); + } } diff --git a/src/main/java/com/example/nto/repository/AuthorityRepository.java b/src/main/java/com/example/nto/repository/AuthorityRepository.java new file mode 100644 index 0000000..96984c2 --- /dev/null +++ b/src/main/java/com/example/nto/repository/AuthorityRepository.java @@ -0,0 +1,12 @@ +package com.example.nto.repository; + +import com.example.nto.entity.Authority; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +import java.util.Optional; + +@Repository +public interface AuthorityRepository extends JpaRepository { + Optional findByAuthority(String authority); +} diff --git a/src/main/java/com/example/nto/repository/EmployeeAuthorityRepository.java b/src/main/java/com/example/nto/repository/EmployeeAuthorityRepository.java new file mode 100644 index 0000000..57f9aca --- /dev/null +++ b/src/main/java/com/example/nto/repository/EmployeeAuthorityRepository.java @@ -0,0 +1,11 @@ +package com.example.nto.repository; + +import com.example.nto.entity.Employee; +import com.example.nto.entity.EmployeeAuthority; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +@Repository +public interface EmployeeAuthorityRepository extends JpaRepository { + EmployeeAuthority findByEmpId(Employee id); +} diff --git a/src/main/java/com/example/nto/service/EmployeeService.java b/src/main/java/com/example/nto/service/EmployeeService.java index 16fb1fb..6a82a6e 100644 --- a/src/main/java/com/example/nto/service/EmployeeService.java +++ b/src/main/java/com/example/nto/service/EmployeeService.java @@ -2,6 +2,8 @@ package com.example.nto.service; import com.example.nto.dto.EmployeeDTO; import com.example.nto.dto.EnterDTO; +import com.example.nto.entity.Authority; +import com.example.nto.entity.EmployeeAuthority; import java.util.List; @@ -10,4 +12,5 @@ public interface EmployeeService { EmployeeDTO getInfo(String username); EnterDTO addEnter(String username, EnterDTO enterDTO); List getAllEmployeeEnters(String username); + EmployeeAuthority changeAuthority(String username, Authority auth); } diff --git a/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java b/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java index 0ca317f..918c2e1 100644 --- a/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java +++ b/src/main/java/com/example/nto/service/impl/EmployeeServiceImpl.java @@ -2,17 +2,12 @@ package com.example.nto.service.impl; import com.example.nto.dto.EmployeeDTO; import com.example.nto.dto.EnterDTO; -import com.example.nto.entity.Code; -import com.example.nto.entity.Employee; -import com.example.nto.entity.Enter; -import com.example.nto.entity.EnterType; +import com.example.nto.entity.*; import com.example.nto.exception.EmployeeNotFoundException; +import com.example.nto.exception.IncorrectAuthority; import com.example.nto.exception.IncorrectCodeException; import com.example.nto.exception.IncorrectTypeException; -import com.example.nto.repository.CodeRepository; -import com.example.nto.repository.EmployeeRepository; -import com.example.nto.repository.EnterRepository; -import com.example.nto.repository.EnterTypeRepository; +import com.example.nto.repository.*; import com.example.nto.service.EmployeeService; import com.example.nto.util.EmployeeMapper; import com.example.nto.util.EnterMapper; @@ -33,6 +28,8 @@ public class EmployeeServiceImpl implements EmployeeService { private final CodeRepository codeRepository; private final EnterTypeRepository enterTypeRepository; private final EnterRepository enterRepository; + private final AuthorityRepository authorityRepository; + private final EmployeeAuthorityRepository employeeAuthorityRepository; @Override public EmployeeDTO getEmployeeByUsername(String username) { @@ -84,5 +81,20 @@ public class EmployeeServiceImpl implements EmployeeService { .collect(Collectors.toList()); } + @Override + public EmployeeAuthority changeAuthority(String username, Authority auth) { + Optional optionalEmployee = employeeRepository.findByUsername(username); + if(optionalEmployee.isEmpty()) + throw new EmployeeNotFoundException("Employee with username: " + username + " not found"); + Optional optionalAuthority = authorityRepository.findByAuthority(auth.getAuthority()); + if(optionalAuthority.isEmpty()) + throw new IncorrectAuthority("Incorrect authority"); + + EmployeeAuthority employeeAuthority = employeeAuthorityRepository.findByEmpId(optionalEmployee.get()); + employeeAuthority.setAuthId(optionalAuthority.get()); + + return employeeAuthorityRepository.save(employeeAuthority); + } + } diff --git a/src/main/java/com/example/nto/util/AuthorityMapper.java b/src/main/java/com/example/nto/util/AuthorityMapper.java new file mode 100644 index 0000000..fb5b9de --- /dev/null +++ b/src/main/java/com/example/nto/util/AuthorityMapper.java @@ -0,0 +1,17 @@ +package com.example.nto.util; + +import com.example.nto.dto.AuthorityDTO; +import com.example.nto.dto.EnterDTO; +import com.example.nto.entity.Authority; +import com.example.nto.entity.Enter; +import lombok.experimental.UtilityClass; + +@UtilityClass +public class AuthorityMapper { + public AuthorityDTO convertToDTO(Authority authority){ + AuthorityDTO authorityDTO = new AuthorityDTO(); + authorityDTO.setAuthority(authority.getAuthority()); + + return authorityDTO; + } +} diff --git a/src/main/java/com/example/nto/util/EmployeeMapper.java b/src/main/java/com/example/nto/util/EmployeeMapper.java index b44da0c..70e7939 100644 --- a/src/main/java/com/example/nto/util/EmployeeMapper.java +++ b/src/main/java/com/example/nto/util/EmployeeMapper.java @@ -1,5 +1,6 @@ package com.example.nto.util; +import com.example.nto.dto.AuthorityDTO; import com.example.nto.dto.EmployeeDTO; import com.example.nto.entity.Employee; import lombok.experimental.UtilityClass; @@ -14,6 +15,7 @@ public class EmployeeMapper { employeeDTO.setPosition(employee.getPosition()); employeeDTO.setPhotoUrl(employee.getPhotoUrl()); employeeDTO.setLastVisit(employee.getLastVisit()); + employeeDTO.setAuthority(employee.getAuthorities()); return employeeDTO; } diff --git a/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0003-authority-data.csv b/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0003-authority-data.csv index 2de6959..ad11883 100644 --- a/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0003-authority-data.csv +++ b/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0003-authority-data.csv @@ -1,3 +1,4 @@ authorities ROLE_USER -ROLE_ADMIN \ No newline at end of file +ROLE_ADMIN +ROLE_BLOCK \ No newline at end of file diff --git a/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0004-employee-authority-data.csv b/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0004-employee-authority-data.csv index 5828070..251c878 100644 --- a/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0004-employee-authority-data.csv +++ b/src/main/resources/db.changelog/1.0/data/csv/2025-02-18-0004-employee-authority-data.csv @@ -1,5 +1,5 @@ employee_id;authorities_id 1;1 -2;1 -3;1 +2;2 +3;3 4;1 \ No newline at end of file