Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
C
CONF
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
UvA
CONF
Commits
46398f36
Commit
46398f36
authored
Mar 11, 2017
by
Spiros Koulouzis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed admin scurtiy bug
parent
ea439ac8
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
40 additions
and
13 deletions
+40
-13
NOTES
doc/NOTES
+1
-1
SecurityConfig.java
...rc/main/java/nl/uva/sne/drip/api/conf/SecurityConfig.java
+2
-3
UserService.java
...rc/main/java/nl/uva/sne/drip/api/service/UserService.java
+19
-2
UserController0.java
...ain/java/nl/uva/sne/drip/api/v0/rest/UserController0.java
+11
-1
UserController.java
...main/java/nl/uva/sne/drip/api/v1/rest/UserController.java
+7
-6
No files found.
doc/NOTES
View file @
46398f36
...
@@ -4,4 +4,4 @@ docker run --name mongo-inst -p 127.0.0.1:27017:27017 -d mongo:3
...
@@ -4,4 +4,4 @@ docker run --name mongo-inst -p 127.0.0.1:27017:27017 -d mongo:3
#--------Add admin-----------------
#--------Add admin-----------------
docker exec -t mongo-inst mongo -eval 'db.user.insert({"password":"
1234","roles":["USER,ADMIN"],"username":"user
","accountNonExpired":true,"accountNonLocked":true,"credentialsNonExpired":true,"enabled":true})' localhost/drip
docker exec -t mongo-inst mongo -eval 'db.user.insert({"password":"
$2a$10$QdysFgsH0sl6Y4BD84UhGO7yyNfoDPXjjEHkDJ3pX6cRfHDj2Q0BO","roles":["ADMIN"],"username":"admin
","accountNonExpired":true,"accountNonLocked":true,"credentialsNonExpired":true,"enabled":true})' localhost/drip
drip-api/src/main/java/nl/uva/sne/drip/api/conf/SecurityConfig.java
View file @
46398f36
...
@@ -21,7 +21,6 @@ import nl.uva.sne.drip.api.service.UserService;
...
@@ -21,7 +21,6 @@ import nl.uva.sne.drip.api.service.UserService;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.security.access.expression.method.MethodSecurityExpressionHandler
;
import
org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
;
import
org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
;
import
org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
import
org.springframework.security.config.annotation.web.builders.HttpSecurity
;
...
@@ -37,8 +36,8 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationFi
...
@@ -37,8 +36,8 @@ import org.springframework.security.web.authentication.www.BasicAuthenticationFi
*/
*/
@Configuration
@Configuration
@EnableWebSecurity
@EnableWebSecurity
//
@EnableGlobalMethodSecurity(jsr250Enabled = true, prePostEnabled = true)
@EnableGlobalMethodSecurity
(
jsr250Enabled
=
true
,
prePostEnabled
=
true
)
@EnableGlobalMethodSecurity
(
prePostEnabled
=
true
)
//
@EnableGlobalMethodSecurity(prePostEnabled = true)
public
class
SecurityConfig
extends
WebSecurityConfigurerAdapter
{
public
class
SecurityConfig
extends
WebSecurityConfigurerAdapter
{
@Autowired
@Autowired
...
...
drip-api/src/main/java/nl/uva/sne/drip/api/service/UserService.java
View file @
46398f36
...
@@ -15,6 +15,7 @@
...
@@ -15,6 +15,7 @@
*/
*/
package
nl
.
uva
.
sne
.
drip
.
api
.
service
;
package
nl
.
uva
.
sne
.
drip
.
api
.
service
;
import
java.util.List
;
import
java.util.logging.Level
;
import
java.util.logging.Level
;
import
java.util.logging.Logger
;
import
java.util.logging.Logger
;
import
nl.uva.sne.drip.api.dao.UserDao
;
import
nl.uva.sne.drip.api.dao.UserDao
;
...
@@ -49,7 +50,23 @@ public class UserService implements UserDetailsService {
...
@@ -49,7 +50,23 @@ public class UserService implements UserDetailsService {
return
null
;
return
null
;
}
}
public
UserDao
getDao
()
{
public
User
save
(
User
user
)
{
return
dao
;
return
dao
.
save
(
user
);
}
public
User
findOne
(
String
id
)
{
return
dao
.
findOne
(
id
);
}
public
void
delete
(
User
user
)
{
dao
.
delete
(
user
);
}
public
List
<
User
>
findAll
()
{
return
dao
.
findAll
();
}
public
void
deleteAll
()
{
dao
.
deleteAll
();
}
}
}
}
drip-api/src/main/java/nl/uva/sne/drip/api/v0/rest/UserController0.java
View file @
46398f36
...
@@ -15,6 +15,8 @@
...
@@ -15,6 +15,8 @@
*/
*/
package
nl
.
uva
.
sne
.
drip
.
api
.
v0
.
rest
;
package
nl
.
uva
.
sne
.
drip
.
api
.
v0
.
rest
;
import
java.util.ArrayList
;
import
java.util.Collection
;
import
javax.annotation.security.RolesAllowed
;
import
javax.annotation.security.RolesAllowed
;
import
nl.uva.sne.drip.api.exception.PasswordNullException
;
import
nl.uva.sne.drip.api.exception.PasswordNullException
;
import
nl.uva.sne.drip.api.exception.UserExistsException
;
import
nl.uva.sne.drip.api.exception.UserExistsException
;
...
@@ -29,6 +31,7 @@ import org.springframework.web.bind.annotation.RestController;
...
@@ -29,6 +31,7 @@ import org.springframework.web.bind.annotation.RestController;
import
nl.uva.sne.drip.api.service.UserService
;
import
nl.uva.sne.drip.api.service.UserService
;
import
nl.uva.sne.drip.commons.v0.types.Register
;
import
nl.uva.sne.drip.commons.v0.types.Register
;
import
org.springframework.http.MediaType
;
import
org.springframework.http.MediaType
;
import
org.springframework.security.access.prepost.PreAuthorize
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
;
import
org.springframework.web.bind.annotation.RequestBody
;
import
org.springframework.web.bind.annotation.RequestBody
;
...
@@ -62,8 +65,15 @@ public class UserController0 {
...
@@ -62,8 +65,15 @@ public class UserController0 {
}
}
User
user
=
new
User
();
User
user
=
new
User
();
user
.
setUsername
(
register
.
user
);
user
.
setUsername
(
register
.
user
);
user
.
setAccountNonExpired
(
true
);
user
.
setAccountNonLocked
(
true
);
user
.
setEnabled
(
true
);
user
.
setCredentialsNonExpired
(
true
);
Collection
<
String
>
roles
=
new
ArrayList
<>();
roles
.
add
(
"USER"
);
user
.
setRoles
(
roles
);
user
.
setPassword
(
new
BCryptPasswordEncoder
().
encode
(
register
.
pwd
));
user
.
setPassword
(
new
BCryptPasswordEncoder
().
encode
(
register
.
pwd
));
service
.
getDao
()
.
save
(
user
);
user
=
service
.
save
(
user
);
return
"Success: "
+
user
.
getId
();
return
"Success: "
+
user
.
getId
();
}
}
}
}
drip-api/src/main/java/nl/uva/sne/drip/api/v1/rest/UserController.java
View file @
46398f36
...
@@ -33,6 +33,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
...
@@ -33,6 +33,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
import
org.springframework.web.bind.annotation.ResponseBody
;
import
org.springframework.web.bind.annotation.ResponseBody
;
import
org.springframework.web.bind.annotation.RestController
;
import
org.springframework.web.bind.annotation.RestController
;
import
nl.uva.sne.drip.api.service.UserService
;
import
nl.uva.sne.drip.api.service.UserService
;
import
org.springframework.security.access.prepost.PostAuthorize
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.security.core.userdetails.UserDetails
;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
;
import
org.springframework.web.bind.annotation.RequestBody
;
import
org.springframework.web.bind.annotation.RequestBody
;
...
@@ -75,7 +76,7 @@ public class UserController {
...
@@ -75,7 +76,7 @@ public class UserController {
throw
new
UserExistsException
(
"Username "
+
user
.
getUsername
()
+
" is used"
);
throw
new
UserExistsException
(
"Username "
+
user
.
getUsername
()
+
" is used"
);
}
}
user
.
setPassword
(
new
BCryptPasswordEncoder
().
encode
(
user
.
getPassword
()));
user
.
setPassword
(
new
BCryptPasswordEncoder
().
encode
(
user
.
getPassword
()));
service
.
getDao
()
.
save
(
user
);
user
=
service
.
save
(
user
);
return
user
.
getId
();
return
user
.
getId
();
}
}
...
@@ -101,7 +102,7 @@ public class UserController {
...
@@ -101,7 +102,7 @@ public class UserController {
public
@ResponseBody
public
@ResponseBody
User
get
(
@PathVariable
(
"id"
)
String
id
)
{
User
get
(
@PathVariable
(
"id"
)
String
id
)
{
try
{
try
{
User
user
=
service
.
getDao
().
findOne
(
id
);
User
user
=
service
.
findOne
(
id
);
if
(
user
==
null
)
{
if
(
user
==
null
)
{
throw
new
UserNotFoundException
(
"User "
+
id
+
" not found"
);
throw
new
UserNotFoundException
(
"User "
+
id
+
" not found"
);
}
}
...
@@ -123,11 +124,11 @@ public class UserController {
...
@@ -123,11 +124,11 @@ public class UserController {
public
@ResponseBody
public
@ResponseBody
String
remove
(
@PathVariable
(
"id"
)
String
id
)
{
String
remove
(
@PathVariable
(
"id"
)
String
id
)
{
try
{
try
{
User
user
=
service
.
getDao
().
findOne
(
id
);
User
user
=
service
.
findOne
(
id
);
if
(
user
==
null
)
{
if
(
user
==
null
)
{
throw
new
UserNotFoundException
(
"User "
+
id
+
" not found"
);
throw
new
UserNotFoundException
(
"User "
+
id
+
" not found"
);
}
}
service
.
getDao
().
delete
(
user
);
service
.
delete
(
user
);
return
"Deleted : "
+
id
;
return
"Deleted : "
+
id
;
}
catch
(
Exception
ex
)
{
}
catch
(
Exception
ex
)
{
Logger
.
getLogger
(
UserController
.
class
.
getName
()).
log
(
Level
.
SEVERE
,
null
,
ex
);
Logger
.
getLogger
(
UserController
.
class
.
getName
()).
log
(
Level
.
SEVERE
,
null
,
ex
);
...
@@ -145,7 +146,7 @@ public class UserController {
...
@@ -145,7 +146,7 @@ public class UserController {
public
@ResponseBody
public
@ResponseBody
List
<
String
>
getIds
()
{
List
<
String
>
getIds
()
{
try
{
try
{
List
<
User
>
all
=
service
.
getDao
().
findAll
();
List
<
User
>
all
=
service
.
findAll
();
List
<
String
>
ids
=
new
ArrayList
<>();
List
<
String
>
ids
=
new
ArrayList
<>();
for
(
User
tr
:
all
)
{
for
(
User
tr
:
all
)
{
ids
.
add
(
tr
.
getId
());
ids
.
add
(
tr
.
getId
());
...
@@ -162,7 +163,7 @@ public class UserController {
...
@@ -162,7 +163,7 @@ public class UserController {
public
@ResponseBody
public
@ResponseBody
List
<
User
>
getAll
()
{
List
<
User
>
getAll
()
{
try
{
try
{
return
service
.
getDao
().
findAll
();
return
service
.
findAll
();
}
catch
(
Exception
ex
)
{
}
catch
(
Exception
ex
)
{
Logger
.
getLogger
(
UserController
.
class
.
getName
()).
log
(
Level
.
SEVERE
,
null
,
ex
);
Logger
.
getLogger
(
UserController
.
class
.
getName
()).
log
(
Level
.
SEVERE
,
null
,
ex
);
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment