Добавление роли админа и функции блокировки пользователя
This commit is contained in:
parent
dc19aee368
commit
99249e4055
@ -25,11 +25,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
.csrf().disable()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/h2-console/**").permitAll()
|
||||
// .antMatchers("/api/auth").permitAll()
|
||||
// .antMatchers("/api/users/username/{username}").permitAll()
|
||||
// .antMatchers("/api/volunteer/one/1").hasAnyAuthority("ROLE_ADMIN")
|
||||
// .antMatchers("/api/authority/**").hasAnyAuthority("ROLE_ADMIN")
|
||||
.antMatchers("/api/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN")
|
||||
.antMatchers("/api/user/**").hasAnyAuthority("ROLE_USER", "ROLE_ADMIN")
|
||||
.antMatchers("/api/admin/**").hasAnyAuthority("ROLE_ADMIN")
|
||||
.anyRequest().authenticated()
|
||||
.and()
|
||||
.httpBasic()
|
||||
|
||||
@ -3,9 +3,7 @@ package com.example.nto.controller;
|
||||
|
||||
import com.example.nto.dto.EmployeeDTO;
|
||||
import com.example.nto.dto.EnterDTO;
|
||||
import com.example.nto.entity.Code;
|
||||
import com.example.nto.entity.Employee;
|
||||
import com.example.nto.entity.EnterType;
|
||||
import com.example.nto.entity.*;
|
||||
import com.example.nto.service.impl.EmployeeServiceImpl;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
@ -22,23 +20,28 @@ public class EmployeeController {
|
||||
|
||||
private final EmployeeServiceImpl employeeService;
|
||||
|
||||
@GetMapping("/login")
|
||||
@GetMapping("/user/login")
|
||||
public ResponseEntity<EmployeeDTO> login(Authentication authentication){
|
||||
return ResponseEntity.ok(employeeService.getEmployeeByUsername(authentication.getName()));
|
||||
}
|
||||
|
||||
@GetMapping("/info/{login}")
|
||||
@GetMapping("/user/info/{login}")
|
||||
public ResponseEntity<EmployeeDTO> info(@PathVariable("login") String username){
|
||||
return ResponseEntity.ok(employeeService.getInfo(username));
|
||||
}
|
||||
|
||||
@PostMapping("/add/{login}")
|
||||
@PostMapping("/user/add/{login}")
|
||||
public ResponseEntity<EnterDTO> add(@PathVariable("login") String login, @RequestBody EnterDTO enterDTO){
|
||||
return ResponseEntity.ok(employeeService.addEnter(login, enterDTO));
|
||||
}
|
||||
|
||||
@GetMapping("/list/{login}")
|
||||
@GetMapping("/user/list/{login}")
|
||||
public List<EnterDTO> list(@PathVariable("login") String username){
|
||||
return employeeService.getAllEmployeeEnters(username);
|
||||
}
|
||||
|
||||
@PatchMapping("/admin/authority/change/{login}")
|
||||
public ResponseEntity<EmployeeAuthority> authChange(@PathVariable("login") String username, @RequestBody Authority authority){
|
||||
return ResponseEntity.ok(employeeService.changeAuthority(username, authority));
|
||||
}
|
||||
}
|
||||
|
||||
8
src/main/java/com/example/nto/dto/AuthorityDTO.java
Normal file
8
src/main/java/com/example/nto/dto/AuthorityDTO.java
Normal file
@ -0,0 +1,8 @@
|
||||
package com.example.nto.dto;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
@Data
|
||||
public class AuthorityDTO {
|
||||
private String authority;
|
||||
}
|
||||
@ -1,8 +1,10 @@
|
||||
package com.example.nto.dto;
|
||||
|
||||
import com.example.nto.entity.Authority;
|
||||
import lombok.Data;
|
||||
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.Set;
|
||||
|
||||
@Data
|
||||
public class EmployeeDTO {
|
||||
@ -12,4 +14,5 @@ public class EmployeeDTO {
|
||||
private String photoUrl;
|
||||
private String position;
|
||||
private LocalDateTime lastVisit;
|
||||
private Set<Authority> authority;
|
||||
}
|
||||
|
||||
22
src/main/java/com/example/nto/entity/EmployeeAuthority.java
Normal file
22
src/main/java/com/example/nto/entity/EmployeeAuthority.java
Normal file
@ -0,0 +1,22 @@
|
||||
package com.example.nto.entity;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import javax.persistence.*;
|
||||
|
||||
@Data
|
||||
@Entity
|
||||
@Table(name="employee_authorities")
|
||||
public class EmployeeAuthority {
|
||||
@Id
|
||||
@GeneratedValue(strategy = GenerationType.IDENTITY)
|
||||
private long id;
|
||||
|
||||
@ManyToOne
|
||||
@JoinColumn(name="employee_id")
|
||||
private Employee empId;
|
||||
|
||||
@ManyToOne
|
||||
@JoinColumn(name="authorities_id")
|
||||
private Authority authId;
|
||||
}
|
||||
@ -0,0 +1,7 @@
|
||||
package com.example.nto.exception;
|
||||
|
||||
public class IncorrectAuthority extends RuntimeException {
|
||||
public IncorrectAuthority(String message) {
|
||||
super(message);
|
||||
}
|
||||
}
|
||||
@ -1,9 +1,6 @@
|
||||
package com.example.nto.exception.handler;
|
||||
|
||||
import com.example.nto.exception.EmployeeNotFoundException;
|
||||
import com.example.nto.exception.IncorrectCodeException;
|
||||
import com.example.nto.exception.IncorrectPasswordException;
|
||||
import com.example.nto.exception.IncorrectTypeException;
|
||||
import com.example.nto.exception.*;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.ControllerAdvice;
|
||||
@ -25,4 +22,9 @@ public class GlobalExceptionHandler {
|
||||
public ResponseEntity<String> handlerIncorrectTypeException(IncorrectTypeException e) {
|
||||
return new ResponseEntity<>(e.getMessage(), HttpStatus.CONFLICT);
|
||||
}
|
||||
|
||||
@ExceptionHandler(IncorrectAuthority.class)
|
||||
public ResponseEntity<String> handlerIncorrectAuthority(IncorrectAuthority e) {
|
||||
return new ResponseEntity<>(e.getMessage(), HttpStatus.CONFLICT);
|
||||
}
|
||||
}
|
||||
|
||||
@ -0,0 +1,12 @@
|
||||
package com.example.nto.repository;
|
||||
|
||||
import com.example.nto.entity.Authority;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
import java.util.Optional;
|
||||
|
||||
@Repository
|
||||
public interface AuthorityRepository extends JpaRepository<Authority, Long> {
|
||||
Optional<Authority> findByAuthority(String authority);
|
||||
}
|
||||
@ -0,0 +1,11 @@
|
||||
package com.example.nto.repository;
|
||||
|
||||
import com.example.nto.entity.Employee;
|
||||
import com.example.nto.entity.EmployeeAuthority;
|
||||
import org.springframework.data.jpa.repository.JpaRepository;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
@Repository
|
||||
public interface EmployeeAuthorityRepository extends JpaRepository<EmployeeAuthority, Long> {
|
||||
EmployeeAuthority findByEmpId(Employee id);
|
||||
}
|
||||
@ -2,6 +2,8 @@ package com.example.nto.service;
|
||||
|
||||
import com.example.nto.dto.EmployeeDTO;
|
||||
import com.example.nto.dto.EnterDTO;
|
||||
import com.example.nto.entity.Authority;
|
||||
import com.example.nto.entity.EmployeeAuthority;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
@ -10,4 +12,5 @@ public interface EmployeeService {
|
||||
EmployeeDTO getInfo(String username);
|
||||
EnterDTO addEnter(String username, EnterDTO enterDTO);
|
||||
List<EnterDTO> getAllEmployeeEnters(String username);
|
||||
EmployeeAuthority changeAuthority(String username, Authority auth);
|
||||
}
|
||||
|
||||
@ -2,17 +2,12 @@ package com.example.nto.service.impl;
|
||||
|
||||
import com.example.nto.dto.EmployeeDTO;
|
||||
import com.example.nto.dto.EnterDTO;
|
||||
import com.example.nto.entity.Code;
|
||||
import com.example.nto.entity.Employee;
|
||||
import com.example.nto.entity.Enter;
|
||||
import com.example.nto.entity.EnterType;
|
||||
import com.example.nto.entity.*;
|
||||
import com.example.nto.exception.EmployeeNotFoundException;
|
||||
import com.example.nto.exception.IncorrectAuthority;
|
||||
import com.example.nto.exception.IncorrectCodeException;
|
||||
import com.example.nto.exception.IncorrectTypeException;
|
||||
import com.example.nto.repository.CodeRepository;
|
||||
import com.example.nto.repository.EmployeeRepository;
|
||||
import com.example.nto.repository.EnterRepository;
|
||||
import com.example.nto.repository.EnterTypeRepository;
|
||||
import com.example.nto.repository.*;
|
||||
import com.example.nto.service.EmployeeService;
|
||||
import com.example.nto.util.EmployeeMapper;
|
||||
import com.example.nto.util.EnterMapper;
|
||||
@ -33,6 +28,8 @@ public class EmployeeServiceImpl implements EmployeeService {
|
||||
private final CodeRepository codeRepository;
|
||||
private final EnterTypeRepository enterTypeRepository;
|
||||
private final EnterRepository enterRepository;
|
||||
private final AuthorityRepository authorityRepository;
|
||||
private final EmployeeAuthorityRepository employeeAuthorityRepository;
|
||||
|
||||
@Override
|
||||
public EmployeeDTO getEmployeeByUsername(String username) {
|
||||
@ -84,5 +81,20 @@ public class EmployeeServiceImpl implements EmployeeService {
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
@Override
|
||||
public EmployeeAuthority changeAuthority(String username, Authority auth) {
|
||||
Optional<Employee> optionalEmployee = employeeRepository.findByUsername(username);
|
||||
if(optionalEmployee.isEmpty())
|
||||
throw new EmployeeNotFoundException("Employee with username: " + username + " not found");
|
||||
Optional<Authority> optionalAuthority = authorityRepository.findByAuthority(auth.getAuthority());
|
||||
if(optionalAuthority.isEmpty())
|
||||
throw new IncorrectAuthority("Incorrect authority");
|
||||
|
||||
EmployeeAuthority employeeAuthority = employeeAuthorityRepository.findByEmpId(optionalEmployee.get());
|
||||
employeeAuthority.setAuthId(optionalAuthority.get());
|
||||
|
||||
return employeeAuthorityRepository.save(employeeAuthority);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
17
src/main/java/com/example/nto/util/AuthorityMapper.java
Normal file
17
src/main/java/com/example/nto/util/AuthorityMapper.java
Normal file
@ -0,0 +1,17 @@
|
||||
package com.example.nto.util;
|
||||
|
||||
import com.example.nto.dto.AuthorityDTO;
|
||||
import com.example.nto.dto.EnterDTO;
|
||||
import com.example.nto.entity.Authority;
|
||||
import com.example.nto.entity.Enter;
|
||||
import lombok.experimental.UtilityClass;
|
||||
|
||||
@UtilityClass
|
||||
public class AuthorityMapper {
|
||||
public AuthorityDTO convertToDTO(Authority authority){
|
||||
AuthorityDTO authorityDTO = new AuthorityDTO();
|
||||
authorityDTO.setAuthority(authority.getAuthority());
|
||||
|
||||
return authorityDTO;
|
||||
}
|
||||
}
|
||||
@ -1,5 +1,6 @@
|
||||
package com.example.nto.util;
|
||||
|
||||
import com.example.nto.dto.AuthorityDTO;
|
||||
import com.example.nto.dto.EmployeeDTO;
|
||||
import com.example.nto.entity.Employee;
|
||||
import lombok.experimental.UtilityClass;
|
||||
@ -14,6 +15,7 @@ public class EmployeeMapper {
|
||||
employeeDTO.setPosition(employee.getPosition());
|
||||
employeeDTO.setPhotoUrl(employee.getPhotoUrl());
|
||||
employeeDTO.setLastVisit(employee.getLastVisit());
|
||||
employeeDTO.setAuthority(employee.getAuthorities());
|
||||
|
||||
return employeeDTO;
|
||||
}
|
||||
|
||||
@ -1,3 +1,4 @@
|
||||
authorities
|
||||
ROLE_USER
|
||||
ROLE_ADMIN
|
||||
ROLE_BLOCK
|
||||
|
@ -1,5 +1,5 @@
|
||||
employee_id;authorities_id
|
||||
1;1
|
||||
2;1
|
||||
3;1
|
||||
2;2
|
||||
3;3
|
||||
4;1
|
||||
|
Loading…
x
Reference in New Issue
Block a user