From 5fd688fc7ab88c8bbaf6d4dcd747015eef0dc04b Mon Sep 17 00:00:00 2001
From: Filip Izydorczyk <filip@arch.localdomain>
Date: Fri, 16 Oct 2020 16:31:10 +0200
Subject: [PATCH] Added roles

---
 .../src/main/java/com/plannaplan/App.java     |  2 +-
 .../controllers/ConfigController.java         |  5 +++
 .../security/AuthenticationProvider.java      |  8 +++-
 .../plannaplan/security/AuthorityRoles.java   | 38 +++++++++++++++++++
 4 files changed, 50 insertions(+), 3 deletions(-)
 create mode 100755 restservice/src/main/java/com/plannaplan/security/AuthorityRoles.java

diff --git a/restservice/src/main/java/com/plannaplan/App.java b/restservice/src/main/java/com/plannaplan/App.java
index b85cbb9..6e91104 100755
--- a/restservice/src/main/java/com/plannaplan/App.java
+++ b/restservice/src/main/java/com/plannaplan/App.java
@@ -32,7 +32,7 @@ public class App {
                 filip.setEmail("filizy@st.amu.edu.pl");
                 filip.setName("Filip");
                 filip.setSurname("Izydorczyk");
-                filip.setRole(UserRoles.STUDENT);
+                filip.setRole(UserRoles.ADMIN);
                 this.userService.save(filip);
 
                 User hub = new User();
diff --git a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
index 5682e78..5d5456b 100755
--- a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
+++ b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
@@ -12,6 +12,8 @@ import com.plannaplan.services.ConfiguratorService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
@@ -20,12 +22,15 @@ import org.springframework.web.multipart.MultipartFile;
 @RestController
 @CrossOrigin
 @RequestMapping("/api/" + App.API_VERSION + "/configurator")
+@EnableGlobalMethodSecurity(prePostEnabled = true)
 public class ConfigController {
 
     @Autowired
     private ConfiguratorService contrl;
 
     @PostMapping("/config")
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+
     public ResponseEntity<String> configApp(@RequestParam("file") MultipartFile file) {
         try {
             final ConfigData data = new ConfigData(null, null, file.getInputStream());
diff --git a/restservice/src/main/java/com/plannaplan/security/AuthenticationProvider.java b/restservice/src/main/java/com/plannaplan/security/AuthenticationProvider.java
index 110098d..ee27492 100755
--- a/restservice/src/main/java/com/plannaplan/security/AuthenticationProvider.java
+++ b/restservice/src/main/java/com/plannaplan/security/AuthenticationProvider.java
@@ -1,6 +1,8 @@
 package com.plannaplan.security;
 
+import java.util.Arrays;
 import java.util.Collection;
+import java.util.List;
 
 import com.plannaplan.entities.User;
 import com.plannaplan.services.UserService;
@@ -40,8 +42,10 @@ public class AuthenticationProvider extends AbstractUserDetailsAuthenticationPro
 
             @Override
             public Collection<? extends GrantedAuthority> getAuthorities() {
-                // is being done in other task
-                return null;
+                final AuthorityRoles role = AuthorityRoles.getAuthorityRole(user.getRole())
+                        .orElseThrow(() -> new NullPointerException("Failed to get user role"));
+                final List<AuthorityRoles> response = Arrays.asList(role);
+                return response;
             }
 
             @Override
diff --git a/restservice/src/main/java/com/plannaplan/security/AuthorityRoles.java b/restservice/src/main/java/com/plannaplan/security/AuthorityRoles.java
new file mode 100755
index 0000000..7005438
--- /dev/null
+++ b/restservice/src/main/java/com/plannaplan/security/AuthorityRoles.java
@@ -0,0 +1,38 @@
+package com.plannaplan.security;
+
+import java.util.Optional;
+
+import com.plannaplan.types.UserRoles;
+
+import org.springframework.security.core.GrantedAuthority;
+
+public enum AuthorityRoles implements GrantedAuthority {
+    STUDENT("ROLE_STUDENT"), DEANERY("ROLE_DEANERY"), ADMIN("ROLE_ADMIN"), TEST_USER("ROLE_TESTUSER");
+
+    private String role;
+
+    AuthorityRoles(String role) {
+        this.role = role;
+    }
+
+    @Override
+    public String getAuthority() {
+        return this.role;
+    }
+
+    public static final Optional<AuthorityRoles> getAuthorityRole(UserRoles role) {
+        switch (role) {
+            case ADMIN:
+                return Optional.of(AuthorityRoles.ADMIN);
+            case DEANERY:
+                return Optional.of(AuthorityRoles.DEANERY);
+            case STUDENT:
+                return Optional.of(AuthorityRoles.STUDENT);
+            case TEST_USER:
+                return Optional.of(AuthorityRoles.TEST_USER);
+            default:
+                return Optional.empty();
+        }
+    }
+
+}