Added roles

This commit is contained in:
Filip Izydorczyk 2020-10-16 16:31:10 +02:00
parent 9c02a0b596
commit 5fd688fc7a
4 changed files with 50 additions and 3 deletions

View File

@ -32,7 +32,7 @@ public class App {
filip.setEmail("filizy@st.amu.edu.pl"); filip.setEmail("filizy@st.amu.edu.pl");
filip.setName("Filip"); filip.setName("Filip");
filip.setSurname("Izydorczyk"); filip.setSurname("Izydorczyk");
filip.setRole(UserRoles.STUDENT); filip.setRole(UserRoles.ADMIN);
this.userService.save(filip); this.userService.save(filip);
User hub = new User(); User hub = new User();

View File

@ -12,6 +12,8 @@ import com.plannaplan.services.ConfiguratorService;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
@ -20,12 +22,15 @@ import org.springframework.web.multipart.MultipartFile;
@RestController @RestController
@CrossOrigin @CrossOrigin
@RequestMapping("/api/" + App.API_VERSION + "/configurator") @RequestMapping("/api/" + App.API_VERSION + "/configurator")
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ConfigController { public class ConfigController {
@Autowired @Autowired
private ConfiguratorService contrl; private ConfiguratorService contrl;
@PostMapping("/config") @PostMapping("/config")
@PreAuthorize("hasRole('ROLE_ADMIN')")
public ResponseEntity<String> configApp(@RequestParam("file") MultipartFile file) { public ResponseEntity<String> configApp(@RequestParam("file") MultipartFile file) {
try { try {
final ConfigData data = new ConfigData(null, null, file.getInputStream()); final ConfigData data = new ConfigData(null, null, file.getInputStream());

View File

@ -1,6 +1,8 @@
package com.plannaplan.security; package com.plannaplan.security;
import java.util.Arrays;
import java.util.Collection; import java.util.Collection;
import java.util.List;
import com.plannaplan.entities.User; import com.plannaplan.entities.User;
import com.plannaplan.services.UserService; import com.plannaplan.services.UserService;
@ -40,8 +42,10 @@ public class AuthenticationProvider extends AbstractUserDetailsAuthenticationPro
@Override @Override
public Collection<? extends GrantedAuthority> getAuthorities() { public Collection<? extends GrantedAuthority> getAuthorities() {
// is being done in other task final AuthorityRoles role = AuthorityRoles.getAuthorityRole(user.getRole())
return null; .orElseThrow(() -> new NullPointerException("Failed to get user role"));
final List<AuthorityRoles> response = Arrays.asList(role);
return response;
} }
@Override @Override

View File

@ -0,0 +1,38 @@
package com.plannaplan.security;
import java.util.Optional;
import com.plannaplan.types.UserRoles;
import org.springframework.security.core.GrantedAuthority;
public enum AuthorityRoles implements GrantedAuthority {
STUDENT("ROLE_STUDENT"), DEANERY("ROLE_DEANERY"), ADMIN("ROLE_ADMIN"), TEST_USER("ROLE_TESTUSER");
private String role;
AuthorityRoles(String role) {
this.role = role;
}
@Override
public String getAuthority() {
return this.role;
}
public static final Optional<AuthorityRoles> getAuthorityRole(UserRoles role) {
switch (role) {
case ADMIN:
return Optional.of(AuthorityRoles.ADMIN);
case DEANERY:
return Optional.of(AuthorityRoles.DEANERY);
case STUDENT:
return Optional.of(AuthorityRoles.STUDENT);
case TEST_USER:
return Optional.of(AuthorityRoles.TEST_USER);
default:
return Optional.empty();
}
}
}