diff --git a/modules/core/src/main/java/io/smsc/Application.java b/modules/core/src/main/java/io/smsc/Application.java index 77fb9c46..d26705c0 100644 --- a/modules/core/src/main/java/io/smsc/Application.java +++ b/modules/core/src/main/java/io/smsc/Application.java @@ -11,7 +11,7 @@ @PropertySource(value = "classpath:application.properties") @PropertySource(value = "classpath:${smsc.database.dialect:hsqldb}.properties") @ComponentScan("io.smsc") -class Application { +public class Application { public static void main(String[] args) { // Solution of JCE problem for JDK 9 (reflection is not more needed) diff --git a/modules/core/src/main/java/io/smsc/controller/AuthController.java b/modules/core/src/main/java/io/smsc/controller/AuthController.java index 8270c5a1..988cfb3b 100644 --- a/modules/core/src/main/java/io/smsc/controller/AuthController.java +++ b/modules/core/src/main/java/io/smsc/controller/AuthController.java @@ -58,7 +58,7 @@ public ResponseEntity token(@RequestBody JWTAuthentic return new ResponseEntity<>(token, HttpStatus.OK); } } catch (Exception ex) { - LOG.info("Some exception occurred", ex); + LOG.debug("Some exception occurred", ex); // going to send error } response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Credentials are invalid. Please enter valid username and password"); @@ -87,7 +87,7 @@ public ResponseEntity token(@RequestBody JWTRefreshToke return new ResponseEntity<>(token, HttpStatus.OK); } } catch (Exception ex) { - LOG.info("Some exception occurred", ex); + LOG.debug("Some exception occurred", ex); // going to send error } response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Refresh or expired access token is invalid. Please enter valid tokens"); diff --git a/modules/core/src/main/java/io/smsc/model/CustomerUser.java b/modules/core/src/main/java/io/smsc/model/CustomerUser.java index 62f6267c..dcf262da 100644 --- a/modules/core/src/main/java/io/smsc/model/CustomerUser.java +++ b/modules/core/src/main/java/io/smsc/model/CustomerUser.java @@ -172,6 +172,32 @@ public void setCustomer(Customer customer) { this.customer = customer; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + CustomerUser that = (CustomerUser) o; + + if (!getId().equals(that.getId())) return false; + if (!getUsername().equals(that.getUsername())) return false; + if (!getFirstname().equals(that.getFirstname())) return false; + if (!getSurname().equals(that.getSurname())) return false; + if (!getEmail().equals(that.getEmail())) return false; + return getCreated().equals(that.getCreated()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getUsername().hashCode(); + result = 31 * result + getFirstname().hashCode(); + result = 31 * result + getSurname().hashCode(); + result = 31 * result + getEmail().hashCode(); + result = 31 * result + getCreated().hashCode(); + return result; + } + @Override public String toString() { return "CustomerUser{" + diff --git a/modules/core/src/main/java/io/smsc/model/Role.java b/modules/core/src/main/java/io/smsc/model/Role.java index dd5db5ab..684cd881 100644 --- a/modules/core/src/main/java/io/smsc/model/Role.java +++ b/modules/core/src/main/java/io/smsc/model/Role.java @@ -1,6 +1,5 @@ package io.smsc.model; -import com.fasterxml.jackson.annotation.JsonBackReference; import com.fasterxml.jackson.annotation.JsonIgnore; import org.hibernate.validator.constraints.NotEmpty; @@ -34,22 +33,33 @@ public class Role extends BaseEntity { @Pattern(regexp = "[A-Z_]+", message = "{role.name.validation}") private String name; - @ManyToMany(mappedBy = "roles") + @ManyToMany(cascade = + { + CascadeType.DETACH, + CascadeType.MERGE, + CascadeType.REFRESH, + CascadeType.PERSIST + }, + targetEntity = User.class) + @JoinTable( + name = "USER_ROLE", + joinColumns = @JoinColumn(name = "ROLE_ID", referencedColumnName = "ID"), + inverseJoinColumns = @JoinColumn(name = "USER_ID", referencedColumnName = "ID") + ) @OrderBy("id asc") - @JsonBackReference() private Set users; - /** - * This method is used for removing all links on Role entity from - * appropriate User entities before entity is removed. Without - * it deleting entity can cause ConstraintViolationException - */ - @PreRemove - private void removeRolesFromUsers() { - for (User user : users) { - user.getRoles().remove(this); - } - } +// /** +// * This method is used for removing all links on Role entity from +// * appropriate User entities before entity is removed. Without +// * it deleting entity can cause ConstraintViolationException +// */ +// @PreRemove +// private void removeRolesFromUsers() { +// for (User user : users) { +// user.getRoles().remove(this); +// } +// } @JsonIgnore public boolean isNew() { @@ -80,6 +90,24 @@ public void setUsers(Set users) { this.users = users; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + Role role = (Role) o; + + if (!getId().equals(role.getId())) return false; + return getName().equals(role.getName()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getName().hashCode(); + return result; + } + @Override public String toString() { return "Role{" + diff --git a/modules/core/src/main/java/io/smsc/model/User.java b/modules/core/src/main/java/io/smsc/model/User.java index 8ab7f604..8d4167b0 100644 --- a/modules/core/src/main/java/io/smsc/model/User.java +++ b/modules/core/src/main/java/io/smsc/model/User.java @@ -74,7 +74,14 @@ public class User extends BaseEntity { @Column(name = "BLOCKED", nullable = false) private Boolean blocked = false; - @ManyToMany(fetch = FetchType.EAGER) + @ManyToMany(cascade = + { + CascadeType.DETACH, + CascadeType.MERGE, + CascadeType.REFRESH, + CascadeType.PERSIST + }, + targetEntity = Role.class) @JoinTable( name = "USER_ROLE", joinColumns = @JoinColumn(name = "USER_ID", referencedColumnName = "ID"), @@ -83,6 +90,18 @@ public class User extends BaseEntity { @OrderBy("id asc") private Set roles; +// /** +// * This method is used for removing all links on User entity from +// * appropriate Role entities before entity is removed. Without +// * it deleting entity can cause ConstraintViolationException +// */ +// @PreRemove +// private void removeRolesFromUsers() { +// for (Role role : roles) { +// role.getUsers().remove(this); +// } +// } + @OneToMany( mappedBy = "user", cascade = CascadeType.ALL, @@ -198,6 +217,32 @@ public void setDashboards(Set dashboards) { this.dashboards = dashboards; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + User user = (User) o; + + if (!getId().equals(user.getId())) return false; + if (!getUsername().equals(user.getUsername())) return false; + if (!getFirstname().equals(user.getFirstname())) return false; + if (!getSurname().equals(user.getSurname())) return false; + if (!getEmail().equals(user.getEmail())) return false; + return getCreated().equals(user.getCreated()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getUsername().hashCode(); + result = 31 * result + getFirstname().hashCode(); + result = 31 * result + getSurname().hashCode(); + result = 31 * result + getEmail().hashCode(); + result = 31 * result + getCreated().hashCode(); + return result; + } + @Override public String toString() { return "User{" + diff --git a/modules/core/src/main/java/io/smsc/model/acl/AclClass.java b/modules/core/src/main/java/io/smsc/model/acl/AclClass.java index c15a4987..1210c632 100644 --- a/modules/core/src/main/java/io/smsc/model/acl/AclClass.java +++ b/modules/core/src/main/java/io/smsc/model/acl/AclClass.java @@ -67,6 +67,24 @@ public void setAclObjectIdentities(Set aclObjectIdentities) { this.aclObjectIdentities = aclObjectIdentities; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + AclClass aclClass = (AclClass) o; + + if (!getId().equals(aclClass.getId())) return false; + return getClassName().equals(aclClass.getClassName()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getClassName().hashCode(); + return result; + } + @Override public String toString() { return "AclClass{" + diff --git a/modules/core/src/main/java/io/smsc/model/acl/AclEntry.java b/modules/core/src/main/java/io/smsc/model/acl/AclEntry.java index fc0c8317..d556af26 100644 --- a/modules/core/src/main/java/io/smsc/model/acl/AclEntry.java +++ b/modules/core/src/main/java/io/smsc/model/acl/AclEntry.java @@ -146,6 +146,32 @@ public void setAuditFailure(Boolean auditFailure) { this.auditFailure = auditFailure; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + AclEntry aclEntry = (AclEntry) o; + + if (!getId().equals(aclEntry.getId())) return false; + if (!aceOrder.equals(aclEntry.aceOrder)) return false; + if (!getMask().equals(aclEntry.getMask())) return false; + if (!getGranting().equals(aclEntry.getGranting())) return false; + if (!getAuditSuccess().equals(aclEntry.getAuditSuccess())) return false; + return getAuditFailure().equals(aclEntry.getAuditFailure()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + aceOrder.hashCode(); + result = 31 * result + getMask().hashCode(); + result = 31 * result + getGranting().hashCode(); + result = 31 * result + getAuditSuccess().hashCode(); + result = 31 * result + getAuditFailure().hashCode(); + return result; + } + @Override public String toString() { return "AclEntry{" + diff --git a/modules/core/src/main/java/io/smsc/model/acl/AclObjectIdentity.java b/modules/core/src/main/java/io/smsc/model/acl/AclObjectIdentity.java index 3fbd2330..d16c9e49 100644 --- a/modules/core/src/main/java/io/smsc/model/acl/AclObjectIdentity.java +++ b/modules/core/src/main/java/io/smsc/model/acl/AclObjectIdentity.java @@ -131,6 +131,26 @@ public void setAclEntries(Set aclEntries) { this.aclEntries = aclEntries; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + AclObjectIdentity that = (AclObjectIdentity) o; + + if (!getId().equals(that.getId())) return false; + if (!getObjectIdIdentity().equals(that.getObjectIdIdentity())) return false; + return getEntriesInheriting().equals(that.getEntriesInheriting()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getObjectIdIdentity().hashCode(); + result = 31 * result + getEntriesInheriting().hashCode(); + return result; + } + @Override public String toString() { return "AclObjectIdentity{" + diff --git a/modules/core/src/main/java/io/smsc/model/acl/AclSid.java b/modules/core/src/main/java/io/smsc/model/acl/AclSid.java index da7dd75e..9aaff8a5 100644 --- a/modules/core/src/main/java/io/smsc/model/acl/AclSid.java +++ b/modules/core/src/main/java/io/smsc/model/acl/AclSid.java @@ -95,6 +95,26 @@ public void setAclObjectIdentities(Set aclObjectIdentities) { this.aclObjectIdentities = aclObjectIdentities; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + AclSid aclSid = (AclSid) o; + + if (!getId().equals(aclSid.getId())) return false; + if (!getPrincipal().equals(aclSid.getPrincipal())) return false; + return getSid().equals(aclSid.getSid()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getPrincipal().hashCode(); + result = 31 * result + getSid().hashCode(); + return result; + } + @Override public String toString() { return "AclSid{" + diff --git a/modules/core/src/main/java/io/smsc/model/customer/Customer.java b/modules/core/src/main/java/io/smsc/model/customer/Customer.java index bbaa6b6b..5a310170 100644 --- a/modules/core/src/main/java/io/smsc/model/customer/Customer.java +++ b/modules/core/src/main/java/io/smsc/model/customer/Customer.java @@ -182,6 +182,36 @@ public void setCustomerUsers(Set customerUsers) { this.customerUsers = customerUsers; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + Customer customer = (Customer) o; + + if (!getId().equals(customer.getId())) return false; + if (!getCompanyName().equals(customer.getCompanyName())) return false; + if (!getStreet().equals(customer.getStreet())) return false; + if (!getStreet2().equals(customer.getStreet2())) return false; + if (!getPostcode().equals(customer.getPostcode())) return false; + if (!getCountry().equals(customer.getCountry())) return false; + if (!getCity().equals(customer.getCity())) return false; + return getVatid() != null ? getVatid().equals(customer.getVatid()) : customer.getVatid() == null; + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getCompanyName().hashCode(); + result = 31 * result + getStreet().hashCode(); + result = 31 * result + getStreet2().hashCode(); + result = 31 * result + getPostcode().hashCode(); + result = 31 * result + getCountry().hashCode(); + result = 31 * result + getCity().hashCode(); + result = 31 * result + (getVatid() != null ? getVatid().hashCode() : 0); + return result; + } + @Override public String toString() { return "Customer{" + diff --git a/modules/core/src/main/java/io/smsc/model/customer/CustomerContact.java b/modules/core/src/main/java/io/smsc/model/customer/CustomerContact.java index 19124c36..1e4c3b85 100644 --- a/modules/core/src/main/java/io/smsc/model/customer/CustomerContact.java +++ b/modules/core/src/main/java/io/smsc/model/customer/CustomerContact.java @@ -156,6 +156,38 @@ public void setSalutation(Salutation salutation) { this.salutation = salutation; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + CustomerContact contact = (CustomerContact) o; + + if (!getId().equals(contact.getId())) return false; + if (!getFirstname().equals(contact.getFirstname())) return false; + if (!getSurname().equals(contact.getSurname())) return false; + if (!getPhone().equals(contact.getPhone())) return false; + if (!getMobilePhone().equals(contact.getMobilePhone())) return false; + if (!getFax().equals(contact.getFax())) return false; + if (!getEmailAddress().equals(contact.getEmailAddress())) return false; + if (getType() != contact.getType()) return false; + return getSalutation() == contact.getSalutation(); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getFirstname().hashCode(); + result = 31 * result + getSurname().hashCode(); + result = 31 * result + getPhone().hashCode(); + result = 31 * result + getMobilePhone().hashCode(); + result = 31 * result + getFax().hashCode(); + result = 31 * result + getEmailAddress().hashCode(); + result = 31 * result + getType().hashCode(); + result = 31 * result + getSalutation().hashCode(); + return result; + } + @Override public String toString() { return "CustomerContact{" + diff --git a/modules/core/src/main/java/io/smsc/model/dashboard/Dashboard.java b/modules/core/src/main/java/io/smsc/model/dashboard/Dashboard.java index 8e7b0b85..fa504ed3 100644 --- a/modules/core/src/main/java/io/smsc/model/dashboard/Dashboard.java +++ b/modules/core/src/main/java/io/smsc/model/dashboard/Dashboard.java @@ -98,6 +98,26 @@ public void setDashboardBoxes(Set dashboardBoxes) { this.dashboardBoxes = dashboardBoxes; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + Dashboard dashboard = (Dashboard) o; + + if (!getId().equals(dashboard.getId())) return false; + if (!getName().equals(dashboard.getName())) return false; + return getIcon().equals(dashboard.getIcon()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getName().hashCode(); + result = 31 * result + getIcon().hashCode(); + return result; + } + @Override public String toString() { return "Dashboard{" + diff --git a/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBox.java b/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBox.java index bf4008bc..606da92e 100644 --- a/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBox.java +++ b/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBox.java @@ -132,6 +132,32 @@ public void setDashboardBoxType(DashboardBoxType dashboardBoxType) { this.dashboardBoxType = dashboardBoxType; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + DashboardBox that = (DashboardBox) o; + + if (!getId().equals(that.getId())) return false; + if (getWidth() != that.getWidth()) return false; + if (getHeight() != that.getHeight()) return false; + if (!getOrder().equals(that.getOrder())) return false; + if (!getName().equals(that.getName())) return false; + return getDescription().equals(that.getDescription()); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getWidth().hashCode(); + result = 31 * result + getHeight().hashCode(); + result = 31 * result + getOrder().hashCode(); + result = 31 * result + getName().hashCode(); + result = 31 * result + getDescription().hashCode(); + return result; + } + @Override public String toString() { return "DashboardBox{" + diff --git a/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBoxType.java b/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBoxType.java index f3ebc289..f26854b7 100644 --- a/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBoxType.java +++ b/modules/core/src/main/java/io/smsc/model/dashboard/DashboardBoxType.java @@ -99,6 +99,28 @@ public void setDashboardBoxes(Set dashboardBoxes) { this.dashboardBoxes = dashboardBoxes; } + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + DashboardBoxType that = (DashboardBoxType) o; + + if (!getId().equals(that.getId())) return false; + if (!getName().equals(that.getName())) return false; + if (getType() != that.getType()) return false; + return getKind() == that.getKind(); + } + + @Override + public int hashCode() { + int result = getId().hashCode(); + result = 31 * result + getName().hashCode(); + result = 31 * result + getType().hashCode(); + result = 31 * result + getKind().hashCode(); + return result; + } + @Override public String toString() { return "DashboardBoxType{" + diff --git a/modules/core/src/main/java/io/smsc/model/projections/AclClassProjection.java b/modules/core/src/main/java/io/smsc/model/projections/AclClassProjection.java deleted file mode 100644 index 2432beed..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/AclClassProjection.java +++ /dev/null @@ -1,25 +0,0 @@ -package io.smsc.model.projections; - -import io.smsc.model.acl.AclClass; -import io.smsc.model.acl.AclObjectIdentity; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Set; - -/** - * This interface is describing excerpting projection for {@link AclClass} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withObjectIdentities", types = {AclClass.class}) -public interface AclClassProjection { - - Long getId(); - - String getClassName(); - - Set getAclObjectIdentities(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/AclEntryProjection.java b/modules/core/src/main/java/io/smsc/model/projections/AclEntryProjection.java deleted file mode 100644 index 5a4d0311..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/AclEntryProjection.java +++ /dev/null @@ -1,34 +0,0 @@ -package io.smsc.model.projections; - -import io.smsc.model.acl.AclEntry; -import io.smsc.model.acl.AclObjectIdentity; -import io.smsc.model.acl.AclSid; -import org.springframework.data.rest.core.config.Projection; - -/** - * This interface is describing excerpting projection for {@link AclEntry} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withObjectIdentityAndSid", types = {AclEntry.class}) -public interface AclEntryProjection { - - Long getId(); - - AclObjectIdentity getAclObjectIdentity(); - - Integer getAclOrder(); - - AclSid getSid(); - - Integer getMask(); - - Boolean getGranting(); - - Boolean getAuditSuccess(); - - Boolean getAuditFailure(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/AclObjectIdentityProjection.java b/modules/core/src/main/java/io/smsc/model/projections/AclObjectIdentityProjection.java deleted file mode 100644 index b556c3ed..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/AclObjectIdentityProjection.java +++ /dev/null @@ -1,35 +0,0 @@ -package io.smsc.model.projections; - -import io.smsc.model.acl.AclClass; -import io.smsc.model.acl.AclEntry; -import io.smsc.model.acl.AclObjectIdentity; -import io.smsc.model.acl.AclSid; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Set; - -/** - * This interface is describing excerpting projection for {@link AclObjectIdentity} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withObjectIdClassAndParentObjectAndOwnerSid", types = {AclObjectIdentity.class}) -public interface AclObjectIdentityProjection { - - Long getId(); - - AclClass getObjectIdClass(); - - Long getObjectIdIdentity(); - - AclObjectIdentity getParentObject(); - - AclSid getOwnerSid(); - - Boolean getEntriesInheriting(); - - Set getAclEntries(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/AclSidProjection.java b/modules/core/src/main/java/io/smsc/model/projections/AclSidProjection.java deleted file mode 100644 index e3f96c60..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/AclSidProjection.java +++ /dev/null @@ -1,30 +0,0 @@ -package io.smsc.model.projections; - -import io.smsc.model.acl.AclEntry; -import io.smsc.model.acl.AclObjectIdentity; -import io.smsc.model.acl.AclSid; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Set; - -/** - * This interface is describing excerpting projection for {@link AclSid} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withEntriesAndObjectIdentities", types = {AclSid.class}) -public interface AclSidProjection { - - Long getId(); - - Boolean getPrincipal(); - - String getSid(); - - Set getAclEntries(); - - Set getAclObjectIdentities(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/CustomerContactProjection.java b/modules/core/src/main/java/io/smsc/model/projections/CustomerContactProjection.java deleted file mode 100644 index 3da3b01d..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/CustomerContactProjection.java +++ /dev/null @@ -1,47 +0,0 @@ -package io.smsc.model.projections; - -import com.fasterxml.jackson.annotation.JsonFormat; -import io.smsc.model.customer.Customer; -import io.smsc.model.customer.CustomerContact; -import io.smsc.model.customer.Salutation; -import io.smsc.model.customer.Type; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Date; - -/** - * This interface is describing excerpting projection for {@link CustomerContact} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withCustomer", types = {CustomerContact.class}) -public interface CustomerContactProjection { - - Long getId(); - - Long getVersion(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getLastModifiedDate(); - - String getFirstname(); - - String getSurname(); - - String getPhone(); - - String getMobilePhone(); - - String getFax(); - - String getEmailAddress(); - - Customer getCustomer(); - - Type getType(); - - Salutation getSalutation(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/CustomerProjection.java b/modules/core/src/main/java/io/smsc/model/projections/CustomerProjection.java deleted file mode 100644 index 7fc977fe..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/CustomerProjection.java +++ /dev/null @@ -1,49 +0,0 @@ -package io.smsc.model.projections; - -import com.fasterxml.jackson.annotation.JsonFormat; -import io.smsc.model.CustomerUser; -import io.smsc.model.customer.Customer; -import io.smsc.model.customer.CustomerContact; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Date; -import java.util.Set; - -/** - * This interface is describing excerpting projection for {@link Customer} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withContactsAndUsers", types = {Customer.class}) -public interface CustomerProjection { - - Long getId(); - - Long getVersion(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getLastModifiedDate(); - - String getCompanyName(); - - String getStreet(); - - String getStreet2(); - - String getPostcode(); - - String getCountry(); - - String getCity(); - - Double getVatid(); - - Customer getParent(); - - Set getContacts(); - - Set getCustomerUsers(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/CustomerUserProjection.java b/modules/core/src/main/java/io/smsc/model/projections/CustomerUserProjection.java deleted file mode 100644 index c6ce2ca2..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/CustomerUserProjection.java +++ /dev/null @@ -1,47 +0,0 @@ -package io.smsc.model.projections; - -import com.fasterxml.jackson.annotation.JsonFormat; -import io.smsc.model.CustomerUser; -import io.smsc.model.User; -import io.smsc.model.customer.Customer; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Date; - -/** - * This interface is describing excerpting projection for {@link User} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withRoles", types = {CustomerUser.class}) -public interface CustomerUserProjection { - - Long getId(); - - Long getVersion(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getLastModifiedDate(); - - String getUsername(); - - String getFirstname(); - - String getSurname(); - - String getEmail(); - - boolean isActive(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getCreated(); - - boolean isBlocked(); - - String getSalt(); - - Customer getCustomer(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/DashboardBoxProjection.java b/modules/core/src/main/java/io/smsc/model/projections/DashboardBoxProjection.java deleted file mode 100644 index b392a359..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/DashboardBoxProjection.java +++ /dev/null @@ -1,40 +0,0 @@ -package io.smsc.model.projections; - -import com.fasterxml.jackson.annotation.JsonFormat; -import io.smsc.model.dashboard.*; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Date; - -/** - * This interface is describing excerpting projection for {@link DashboardBox} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withDashboardsAndDashboardBoxType", types = {DashboardBox.class}) -public interface DashboardBoxProjection { - - Long getId(); - - Long getVersion(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getLastModifiedDate(); - - Width getWidth(); - - Height getHeight(); - - Integer getOrder(); - - String getName(); - - String getDescription(); - - Dashboard getDashboard(); - - DashboardBoxType getDashboardBoxType(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/DashboardBoxTypeProjection.java b/modules/core/src/main/java/io/smsc/model/projections/DashboardBoxTypeProjection.java deleted file mode 100644 index 543aa12e..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/DashboardBoxTypeProjection.java +++ /dev/null @@ -1,35 +0,0 @@ -package io.smsc.model.projections; - -import com.fasterxml.jackson.annotation.JsonFormat; -import io.smsc.model.dashboard.*; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Date; -import java.util.Set; - -/** - * This interface is describing excerpting projection for {@link DashboardBoxType} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withDashboardBoxes", types = {DashboardBoxType.class}) -public interface DashboardBoxTypeProjection { - - Long getId(); - - Long getVersion(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getLastModifiedDate(); - - String getName(); - - Type getType(); - - Kind getKind(); - - Set getDashboardBoxes(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/DashboardProjection.java b/modules/core/src/main/java/io/smsc/model/projections/DashboardProjection.java deleted file mode 100644 index 4bf559b7..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/DashboardProjection.java +++ /dev/null @@ -1,34 +0,0 @@ -package io.smsc.model.projections; - -import com.fasterxml.jackson.annotation.JsonFormat; -import io.smsc.model.dashboard.Dashboard; -import io.smsc.model.dashboard.DashboardBox; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Date; -import java.util.Set; - -/** - * This interface is describing excerpting projection for {@link Dashboard} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withUserAndDashboardBoxes", types = {Dashboard.class}) -public interface DashboardProjection { - - Long getId(); - - Long getVersion(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getLastModifiedDate(); - - String getName(); - - String getIcon(); - - Set getDashboardBoxes(); -} diff --git a/modules/core/src/main/java/io/smsc/model/projections/UserProjection.java b/modules/core/src/main/java/io/smsc/model/projections/UserProjection.java deleted file mode 100644 index c8b05f13..00000000 --- a/modules/core/src/main/java/io/smsc/model/projections/UserProjection.java +++ /dev/null @@ -1,48 +0,0 @@ -package io.smsc.model.projections; - -import com.fasterxml.jackson.annotation.JsonFormat; -import io.smsc.model.Role; -import io.smsc.model.User; -import io.smsc.model.dashboard.Dashboard; -import org.springframework.data.rest.core.config.Projection; - -import java.util.Date; -import java.util.Set; - -/** - * This interface is describing excerpting projection for {@link User} - * entity and is used for fetching relation properties in JSON response. - * - * @author Nazar Lipkovskyy - * @see Projection - * @since 0.0.1-SNAPSHOT - */ -@Projection(name = "withRoles", types = {User.class}) -public interface UserProjection { - - Long getId(); - - Long getVersion(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getLastModifiedDate(); - - String getUsername(); - - String getFirstname(); - - String getSurname(); - - String getEmail(); - - boolean isActive(); - - @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd HH:mm:ss", timezone = "UTC") - Date getCreated(); - - boolean isBlocked(); - - Set getRoles(); - - Set getDashboards(); -} diff --git a/modules/core/src/main/java/io/smsc/repository/CustomerUserRepository.java b/modules/core/src/main/java/io/smsc/repository/CustomerUserRepository.java index 955ebd80..7ca31d22 100644 --- a/modules/core/src/main/java/io/smsc/repository/CustomerUserRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/CustomerUserRepository.java @@ -2,13 +2,12 @@ import io.smsc.model.CustomerUser; import io.smsc.model.User; -import io.smsc.model.projections.CustomerUserProjection; -import io.smsc.model.projections.UserProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -19,7 +18,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "customer-users", path = "customer-users", excerptProjection = CustomerUserProjection.class) +@RepositoryRestResource(collectionResourceRel = "customer-users", path = "customer-users") @Transactional(readOnly = true) public interface CustomerUserRepository extends JpaRepository { @@ -27,19 +26,24 @@ public interface CustomerUserRepository extends JpaRepository findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/RoleRepository.java b/modules/core/src/main/java/io/smsc/repository/RoleRepository.java index 77433892..0c3f99fd 100644 --- a/modules/core/src/main/java/io/smsc/repository/RoleRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/RoleRepository.java @@ -6,6 +6,7 @@ import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -24,18 +25,22 @@ public interface RoleRepository extends JpaRepository { @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") void delete(Long id); @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") Role save(Role role); @Override + @PreAuthorize("hasRole('ROLE_ADMIN')") Role findOne(Long id); + @PreAuthorize("hasRole('ROLE_ADMIN')") Role findByName(@Param("name") String name); - @Override - Page findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/UserRepository.java b/modules/core/src/main/java/io/smsc/repository/UserRepository.java index 786c8608..83da897a 100644 --- a/modules/core/src/main/java/io/smsc/repository/UserRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/UserRepository.java @@ -1,12 +1,13 @@ package io.smsc.repository; import io.smsc.model.User; -import io.smsc.model.projections.UserProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; +import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -17,7 +18,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "users", path = "users", excerptProjection = UserProjection.class) +@RepositoryRestResource(collectionResourceRel = "users", path = "users") @Transactional(readOnly = true) public interface UserRepository extends JpaRepository { @@ -25,19 +26,26 @@ public interface UserRepository extends JpaRepository { @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") void delete(Long id); @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") User save(User user); @Override + @EntityGraph(attributePaths = {"roles", "dashboards"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") User findOne(Long id); + @EntityGraph(attributePaths = {"roles", "dashboards"}) User findByUsername(@Param("username") String userName); + @EntityGraph(attributePaths = {"roles", "dashboards"}) User findByEmail(@Param("email") String email); - @Override - Page findAll(Pageable pageable); + @EntityGraph(attributePaths = {"roles", "dashboards"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/acl/AclClassRepository.java b/modules/core/src/main/java/io/smsc/repository/acl/AclClassRepository.java index 560e1174..f63ec2c0 100644 --- a/modules/core/src/main/java/io/smsc/repository/acl/AclClassRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/acl/AclClassRepository.java @@ -1,13 +1,13 @@ package io.smsc.repository.acl; import io.smsc.model.acl.AclClass; -import io.smsc.model.projections.AclClassProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -18,7 +18,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "acl-classes", path = "acl-classes", excerptProjection = AclClassProjection.class) +@RepositoryRestResource(collectionResourceRel = "acl-classes", path = "acl-classes") @Transactional(readOnly = true) public interface AclClassRepository extends JpaRepository { @@ -26,20 +26,24 @@ public interface AclClassRepository extends JpaRepository { @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") void delete(Long id); @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") AclClass save(AclClass aclClass); @Override @EntityGraph(attributePaths = {"aclObjectIdentities"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") AclClass findOne(Long id); @EntityGraph(attributePaths = {"aclObjectIdentities"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") AclClass findByClassName(@Param("className") String className); - @Override @EntityGraph(attributePaths = {"aclObjectIdentities"}) - Page findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/acl/AclEntryRepository.java b/modules/core/src/main/java/io/smsc/repository/acl/AclEntryRepository.java index 4dd9e7e4..073b75ec 100644 --- a/modules/core/src/main/java/io/smsc/repository/acl/AclEntryRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/acl/AclEntryRepository.java @@ -2,13 +2,13 @@ import io.smsc.model.acl.AclEntry; import io.smsc.model.acl.AclObjectIdentity; -import io.smsc.model.projections.AclEntryProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -19,7 +19,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "acl-entries", path = "acl-entries", excerptProjection = AclEntryProjection.class) +@RepositoryRestResource(collectionResourceRel = "acl-entries", path = "acl-entries") @Transactional(readOnly = true) public interface AclEntryRepository extends JpaRepository { @@ -27,23 +27,28 @@ public interface AclEntryRepository extends JpaRepository { @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") void delete(Long id); @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") AclEntry save(AclEntry aclEntry); @Override @EntityGraph(attributePaths = {"aclObjectIdentity", "sid", "objectIdClass", ""}) + @PreAuthorize("hasRole('ROLE_ADMIN')") AclEntry findOne(Long id); @EntityGraph(attributePaths = {"aclObjectIdentity", "sid"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") AclEntry findByAceOrder(@Param("aceOrder") Integer aceOrder); @EntityGraph(attributePaths = {"aclObjectIdentity", "sid"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") AclEntry findByAclObjectIdentity(@Param("aclObjectIdentity") AclObjectIdentity aclObjectIdentity); - @Override @EntityGraph(attributePaths = {"aclObjectIdentity", "sid"}) - Page findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/acl/AclObjectIdentityRepository.java b/modules/core/src/main/java/io/smsc/repository/acl/AclObjectIdentityRepository.java index 4b8f3060..2042dcb1 100644 --- a/modules/core/src/main/java/io/smsc/repository/acl/AclObjectIdentityRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/acl/AclObjectIdentityRepository.java @@ -2,13 +2,13 @@ import io.smsc.model.acl.AclClass; import io.smsc.model.acl.AclObjectIdentity; -import io.smsc.model.projections.AclObjectIdentityProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -19,7 +19,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "acl-object-identities", path = "acl-object-identities", excerptProjection = AclObjectIdentityProjection.class) +@RepositoryRestResource(collectionResourceRel = "acl-object-identities", path = "acl-object-identities") @Transactional(readOnly = true) public interface AclObjectIdentityRepository extends JpaRepository { @@ -27,23 +27,28 @@ public interface AclObjectIdentityRepository extends JpaRepository findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/acl/AclSidRepository.java b/modules/core/src/main/java/io/smsc/repository/acl/AclSidRepository.java index fc26fbf7..794ef382 100644 --- a/modules/core/src/main/java/io/smsc/repository/acl/AclSidRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/acl/AclSidRepository.java @@ -1,13 +1,13 @@ package io.smsc.repository.acl; import io.smsc.model.acl.AclSid; -import io.smsc.model.projections.AclSidProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -18,7 +18,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "acl-sid", path = "acl-sid", excerptProjection = AclSidProjection.class) +@RepositoryRestResource(collectionResourceRel = "acl-sid", path = "acl-sid") @Transactional(readOnly = true) public interface AclSidRepository extends JpaRepository { @@ -26,20 +26,24 @@ public interface AclSidRepository extends JpaRepository { @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") void delete(Long id); @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") AclSid save(AclSid aclSid); @Override @EntityGraph(attributePaths = {"aclEntries", "aclObjectIdentities"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") AclSid findOne(Long id); @EntityGraph(attributePaths = {"aclEntries", "aclObjectIdentities"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") AclSid findBySid(@Param("sid") String sid); - @Override @EntityGraph(attributePaths = {"aclEntries", "aclObjectIdentities"}) - Page findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/customer/CustomerContactRepository.java b/modules/core/src/main/java/io/smsc/repository/customer/CustomerContactRepository.java index 8c327268..d5832014 100644 --- a/modules/core/src/main/java/io/smsc/repository/customer/CustomerContactRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/customer/CustomerContactRepository.java @@ -1,13 +1,13 @@ package io.smsc.repository.customer; import io.smsc.model.customer.CustomerContact; -import io.smsc.model.projections.CustomerContactProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -18,7 +18,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "customer-contacts", path = "customer-contacts", excerptProjection = CustomerContactProjection.class) +@RepositoryRestResource(collectionResourceRel = "customer-contacts", path = "customer-contacts") @Transactional(readOnly = true) public interface CustomerContactRepository extends JpaRepository { @@ -26,20 +26,24 @@ public interface CustomerContactRepository extends JpaRepository findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/customer/CustomerRepository.java b/modules/core/src/main/java/io/smsc/repository/customer/CustomerRepository.java index 14709aee..c17deb65 100644 --- a/modules/core/src/main/java/io/smsc/repository/customer/CustomerRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/customer/CustomerRepository.java @@ -1,11 +1,12 @@ package io.smsc.repository.customer; import io.smsc.model.customer.Customer; -import io.smsc.model.projections.CustomerProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; +import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -16,7 +17,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "customers", path = "customers", excerptProjection = CustomerProjection.class) +@RepositoryRestResource(collectionResourceRel = "customers", path = "customers") @Transactional(readOnly = true) public interface CustomerRepository extends JpaRepository { @@ -24,16 +25,21 @@ public interface CustomerRepository extends JpaRepository { @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") Customer save(Customer customer); @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") void delete(Long id); @Override + @EntityGraph(attributePaths = {"customerUsers", "contacts", "parent"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") Customer findOne(Long id); - @Override - Page findAll(Pageable pageable); + @EntityGraph(attributePaths = {"customerUsers", "contacts", "parent"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxRepository.java b/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxRepository.java index 7557ea83..f0712c38 100644 --- a/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxRepository.java @@ -3,13 +3,13 @@ import io.smsc.model.dashboard.Dashboard; import io.smsc.model.dashboard.DashboardBox; import io.smsc.model.dashboard.DashboardBoxType; -import io.smsc.model.projections.DashboardBoxProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.web.bind.annotation.RequestBody; @@ -23,7 +23,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "dashboard-boxes", path = "dashboard-boxes", excerptProjection = DashboardBoxProjection.class) +@RepositoryRestResource(collectionResourceRel = "dashboard-boxes", path = "dashboard-boxes") @Transactional(readOnly = true) public interface DashboardBoxRepository extends JpaRepository { @@ -31,26 +31,32 @@ public interface DashboardBoxRepository extends JpaRepository findAllByName(@Param("name") String name); @EntityGraph(attributePaths = {"dashboardBoxType", "width", "height"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") List findAllByDashboard(@RequestBody Dashboard dashboard); @EntityGraph(attributePaths = {"dashboardBoxType", "width", "height"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") List findAllByDashboardBoxType(@RequestBody DashboardBoxType dashboardBoxType); - @Override @EntityGraph(attributePaths = {"dashboardBoxType", "width", "height"}) - Page findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxTypeRepository.java b/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxTypeRepository.java index 772e2e71..5b2a16c9 100644 --- a/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxTypeRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardBoxTypeRepository.java @@ -1,13 +1,13 @@ package io.smsc.repository.dashboard; import io.smsc.model.dashboard.DashboardBoxType; -import io.smsc.model.projections.DashboardBoxTypeProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; /** @@ -18,7 +18,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "dashboard-box-types", path = "dashboard-box-types", excerptProjection = DashboardBoxTypeProjection.class) +@RepositoryRestResource(collectionResourceRel = "dashboard-box-types", path = "dashboard-box-types") @Transactional(readOnly = true) public interface DashboardBoxTypeRepository extends JpaRepository { @@ -26,21 +26,25 @@ public interface DashboardBoxTypeRepository extends JpaRepository findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardRepository.java b/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardRepository.java index d7836bfc..dcbf9f47 100644 --- a/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardRepository.java +++ b/modules/core/src/main/java/io/smsc/repository/dashboard/DashboardRepository.java @@ -2,7 +2,6 @@ import io.smsc.model.User; import io.smsc.model.dashboard.Dashboard; -import io.smsc.model.projections.DashboardProjection; import org.springframework.data.domain.Page; import org.springframework.data.domain.Pageable; import org.springframework.data.jpa.repository.EntityGraph; @@ -10,6 +9,7 @@ import org.springframework.data.repository.query.Param; import org.springframework.data.rest.core.annotation.RepositoryRestResource; import org.springframework.data.rest.core.annotation.RestResource; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; import org.springframework.web.bind.annotation.RequestBody; @@ -23,7 +23,7 @@ * @author Nazar Lipkovskyy * @since 0.0.1-SNAPSHOT */ -@RepositoryRestResource(collectionResourceRel = "dashboards", path = "dashboards", excerptProjection = DashboardProjection.class) +@RepositoryRestResource(collectionResourceRel = "dashboards", path = "dashboards") @Transactional(readOnly = true) public interface DashboardRepository extends JpaRepository { @@ -31,25 +31,30 @@ public interface DashboardRepository extends JpaRepository { @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") void delete(Long id); @Override @Transactional + @PreAuthorize("hasRole('ROLE_ADMIN')") Dashboard save(Dashboard dashboard); @Override @EntityGraph(attributePaths = {"dashboardBoxes"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") Dashboard findOne(Long id); // /rest/repository/dashboards/search/findByUser @EntityGraph(attributePaths = {"dashboardBoxes"}) @RestResource(path = "findByUser") + @PreAuthorize("hasRole('ROLE_ADMIN')") List findAllDistinctByUser(@RequestBody User user); @EntityGraph(attributePaths = {"dashboardBoxes"}) + @PreAuthorize("hasRole('ROLE_ADMIN')") Dashboard findByName(@Param("name") String name); - @Override @EntityGraph(attributePaths = {"dashboardBoxes"}) - Page findAll(Pageable pageable); + @PreAuthorize("hasRole('ROLE_ADMIN')") + Page findAllByOrderByIdAsc(Pageable pageable); } diff --git a/modules/core/src/main/java/io/smsc/security/JWTAuthenticationTokenFilter.java b/modules/core/src/main/java/io/smsc/security/JWTAuthenticationTokenFilter.java index 30785982..f5c6c4a9 100644 --- a/modules/core/src/main/java/io/smsc/security/JWTAuthenticationTokenFilter.java +++ b/modules/core/src/main/java/io/smsc/security/JWTAuthenticationTokenFilter.java @@ -70,15 +70,15 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse String authToken = request.getHeader(this.tokenHeader); String username = jwtTokenGenerationService.getUsernameFromToken(authToken); if (username != null) { - LOG.info("Checking authentication for user %s ", username); + LOG.info(String.format("Checking authentication for user %s ", username)); if (SecurityContextHolder.getContext().getAuthentication() == null) { JWTUser jwtUser = this.userDetailsService.loadUserByUsername(username); if (jwtTokenGenerationService.validateToken(authToken, jwtUser)) { UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(jwtUser, null, jwtUser.getAuthorities()); authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - LOG.info("Authenticated user %s, setting security context", username); - LOG.info("%s has authorities: %s", username, jwtUser.getAuthorities()); + LOG.info(String.format("Authenticated user %s, setting security context", username)); + LOG.info(String.format("%s has authorities: %s", username, jwtUser.getAuthorities())); SecurityContextHolder.getContext().setAuthentication(authentication); } } diff --git a/modules/core/src/main/java/io/smsc/security/service/JWTTokenGenerationServiceImpl.java b/modules/core/src/main/java/io/smsc/security/service/JWTTokenGenerationServiceImpl.java index d8a190eb..37d7ce96 100644 --- a/modules/core/src/main/java/io/smsc/security/service/JWTTokenGenerationServiceImpl.java +++ b/modules/core/src/main/java/io/smsc/security/service/JWTTokenGenerationServiceImpl.java @@ -3,7 +3,6 @@ import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; -import io.smsc.security.JWTAuthenticationTokenFilter; import io.smsc.security.model.JWTUser; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -30,6 +29,8 @@ public class JWTTokenGenerationServiceImpl implements JWTTokenGenerationService public static final long serialVersionUID = -3301605591108950415L; + public static final String TOKEN_EXCEPTION_MESSAGE = "Token is empty or null"; + public static final String CLAIM_KEY_USERNAME = "sub"; public static final String CLAIM_KEY_CREATED = "created"; @@ -47,27 +48,28 @@ public class JWTTokenGenerationServiceImpl implements JWTTokenGenerationService @Override public String getUsernameFromToken(String token) { - String username; - Claims claims; + String username = null; try { - claims = getClaimsFromToken(token); - username = claims.getSubject(); + Claims claims = getClaimsFromToken(token); + if(claims != null) { + username = claims.getSubject(); + } } catch (Exception e) { - LOG.debug("Token is empty or null", e); - username = null; + LOG.debug(TOKEN_EXCEPTION_MESSAGE, e); } return username; } private Date getExpirationDateFromToken(String token) { - Date expirationDate; + Date expirationDate = null; Claims claims; try { claims = getClaimsFromToken(token); - expirationDate = claims.getExpiration(); + if(claims != null) { + expirationDate = claims.getExpiration(); + } } catch (Exception e) { - LOG.debug("Token is empty or null", e); - expirationDate = null; + LOG.debug(TOKEN_EXCEPTION_MESSAGE, e); } return expirationDate; } @@ -80,7 +82,7 @@ private Claims getClaimsFromToken(String token) { .parseClaimsJws(token) .getBody(); } catch (Exception e) { - LOG.debug("Token is empty or null", e); + LOG.debug(TOKEN_EXCEPTION_MESSAGE, e); claims = null; } return claims; @@ -98,24 +100,28 @@ private Boolean isTokenExpired(String token) { Date expirationDate; try { expirationDate = getExpirationDateFromToken(token); - return expirationDate.before(new Date()); + if(expirationDate != null) { + return expirationDate.before(new Date()); + } } catch (Exception e) { - LOG.debug("Token is empty or null", e); + LOG.debug(TOKEN_EXCEPTION_MESSAGE, e); } return true; } @Override public String refreshToken(String token) { - String refreshedToken; + String refreshedToken = null; Claims claims; try { claims = getClaimsFromToken(token); - claims.put(CLAIM_KEY_CREATED, new Date()); - refreshedToken = generateAccessToken(claims); + if(claims != null) { + claims.put(CLAIM_KEY_CREATED, new Date()); + refreshedToken = generateAccessToken(claims); + } } catch (Exception e) { - LOG.debug("Token is empty or null", e); + LOG.debug(TOKEN_EXCEPTION_MESSAGE, e); refreshedToken = null; } return refreshedToken; diff --git a/modules/core/src/main/resources/logback.xml b/modules/core/src/main/resources/logback.xml index 6953c8d9..7e02c735 100644 --- a/modules/core/src/main/resources/logback.xml +++ b/modules/core/src/main/resources/logback.xml @@ -11,10 +11,10 @@ - + - + diff --git a/modules/core/src/test/java/io/smsc/repository/customer/rest/CustomerRestTest.java b/modules/core/src/test/java/io/smsc/repository/customer/rest/CustomerRestTest.java index fcc6f2f5..40493b35 100644 --- a/modules/core/src/test/java/io/smsc/repository/customer/rest/CustomerRestTest.java +++ b/modules/core/src/test/java/io/smsc/repository/customer/rest/CustomerRestTest.java @@ -2,8 +2,10 @@ import io.smsc.AbstractTest; import io.smsc.model.customer.Customer; +import org.apache.catalina.connector.Response; import org.junit.Test; import org.springframework.security.test.context.support.WithMockUser; +import org.springframework.test.web.servlet.ResultMatcher; import static org.hamcrest.Matchers.*; import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.*; @@ -112,19 +114,17 @@ public void testSetAndDeleteParent() throws Exception { .contentType("application/json;charset=UTF-8") .content("{\"parent\" : \"/rest/repository/customers/40001\"}")) .andExpect(status().isOk()); - mockMvc.perform(get("/rest/repository/customers/40000?projection=withContactsAndUsers")) + mockMvc.perform(get("/rest/repository/customers/40000/parent")) .andExpect(status().isOk()) .andExpect(content().contentType(contentType)) - .andExpect(jsonPath("$.parent", notNullValue())); + .andExpect(jsonPath("$.id", is(40001))); mockMvc.perform(patch("/rest/repository/customers/40000") .contentType("application/json;charset=UTF-8") .content("{\"parent\" : null}")) .andExpect(status().isOk()); - mockMvc.perform(get("/rest/repository/customers/40000?projection=withContactsAndUsers")) - .andExpect(status().isOk()) - .andExpect(content().contentType(contentType)) - .andExpect(jsonPath("$.parent", nullValue())); + mockMvc.perform(get("/rest/repository/customers/40000/parent")) + .andExpect(status().isNotFound()); } }