diff --git a/src/main/java/catering/Application.java b/src/main/java/catering/Application.java index bdc6763..774ba2c 100644 --- a/src/main/java/catering/Application.java +++ b/src/main/java/catering/Application.java @@ -51,6 +51,7 @@ public class Application { .csrf(csrf -> csrf.disable()) .formLogin(login -> login.loginPage("/login").loginProcessingUrl("/login")) .logout(logout -> logout.logoutUrl("/logout").logoutSuccessUrl("/")) + .exceptionHandling(exceptionHandling -> exceptionHandling.accessDeniedPage("/unauthorized")) .build(); } } diff --git a/src/main/java/catering/customer/Customer.java b/src/main/java/catering/customer/Customer.java deleted file mode 100644 index f33ca1d..0000000 --- a/src/main/java/catering/customer/Customer.java +++ /dev/null @@ -1,40 +0,0 @@ -package catering.customer; - -public class Customer { - - private int id; - private String surname; - private String name; - - public Customer(String name, String surname) { - this.id = (int) (Math.random() * 10 * Math.random() * 10 + Math.random() * 10); - this.name = name; - this.surname = surname; - - } - - public int getId() { - return id; - } - - public String getSurname() { - return surname; - } - - public String getName() { - return name; - } - - public void setId(int id) { - this.id = id; - } - - public void setSurname(String surname) { - this.surname = surname; - } - - public void setName(String name) { - this.name = name; - } - -} diff --git a/src/main/java/catering/customer/CustomerController.java b/src/main/java/catering/customer/CustomerController.java deleted file mode 100644 index 2252ca9..0000000 --- a/src/main/java/catering/customer/CustomerController.java +++ /dev/null @@ -1,65 +0,0 @@ -package catering.customer; - -import org.salespointframework.useraccount.Password; -import org.salespointframework.useraccount.UserAccountManagement; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestParam; - -@Controller -public class CustomerController { - private final CustomerRepository customerRepository; - private UserAccountManagement userAccountManagement; - - CustomerController(UserAccountManagement userAccountManagement, CustomerRepository customerRepository) { - - this.userAccountManagement = userAccountManagement; - this.customerRepository = customerRepository; - } - - @GetMapping("/register") - String register() { - return "register"; - } - - @GetMapping("/login") - public String loginPage(){ - - return "login"; - } - - @PostMapping("/register") - String register(@RequestParam String username, @RequestParam String password) { - userAccountManagement.create(username, Password.UnencryptedPassword.of(password)); - return "redirect:/"; - } - - @GetMapping("/customer") - public String getCustomer(Model model) { - model.addAttribute("title", "Kundenverwaltung"); - model.addAttribute("customers", customerRepository.getCustomers()); - return "customer"; - } - - @PostMapping("/customer/remove") - public String removeCustomer(@RequestParam("customerID") int customerID, Model model) { - customerRepository.removeCustomer(customerID); - return "redirect:/customer"; - } - - @GetMapping("/customer/edit/{id}") - public String editCustomer(@PathVariable("id") int id, Model model) { - customerRepository.findById(id).ifPresent(customer -> model.addAttribute("customer", customer)); - return "edit-customer"; - } - - @PostMapping("/customer/update") - public String updateCustomer(@ModelAttribute Customer customer) { - customerRepository.save(customer); - return "redirect:/customer"; - } -} diff --git a/src/main/java/catering/customer/CustomerDataInitializer.java b/src/main/java/catering/customer/CustomerDataInitializer.java deleted file mode 100644 index f437a9a..0000000 --- a/src/main/java/catering/customer/CustomerDataInitializer.java +++ /dev/null @@ -1,35 +0,0 @@ -package catering.customer; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import org.springframework.stereotype.Component; -import org.springframework.util.Assert; - -import jakarta.annotation.PostConstruct; - -@Component - -public class CustomerDataInitializer { - - private static final Logger LOG = LoggerFactory.getLogger(CustomerDataInitializer.class); - - private final CustomerRepository customerRepository; - - public CustomerDataInitializer(CustomerRepository customerRepository) { - Assert.notNull(customerRepository, "CustomerRepository must not be null!"); - this.customerRepository = customerRepository; - } - - @PostConstruct - public void initialize() { - - LOG.info("Creating default customer."); - - customerRepository.save(new Customer("Hans", "Essen")); - customerRepository.save(new Customer("Angela", "Cook")); - - LOG.info("Default customer created"); - - } -} diff --git a/src/main/java/catering/customer/CustomerRepository.java b/src/main/java/catering/customer/CustomerRepository.java deleted file mode 100644 index 1983072..0000000 --- a/src/main/java/catering/customer/CustomerRepository.java +++ /dev/null @@ -1,53 +0,0 @@ -package catering.customer; - -import org.springframework.stereotype.Component; - -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashSet; -import java.util.Optional; -import java.util.Set; - -@Component -public class CustomerRepository { - - private Set customers = new HashSet<>(); - - public CustomerRepository() { - } - - public boolean addCustomer(Customer customer) { - return this.customers.add(customer); - } - - private int nextId = (int) (Math.random() * 10 * Math.random() * 10 + Math.random() * 10); - - public void save(Customer customer) { - - if (customer.getId() == 0) { - customer.setId(nextId++); - } else { - - this.customers.removeIf(p -> p.getId() == customer.getId()); - } - - this.customers.add(customer); - } - - public long count() { - return this.customers.size(); - } - - public boolean removeCustomer(int customerID) { - return this.customers.removeIf(customer -> customer.getId() == customerID); - } - - public Collection getCustomers() { - return new ArrayList<>(this.customers); - } - - public Optional findById(int id) { - return this.customers.stream().filter(customer -> customer.getId() == id).findFirst(); - } - -} diff --git a/src/main/java/catering/customer/RegistrationForm.java b/src/main/java/catering/users/RegistrationForm.java similarity index 58% rename from src/main/java/catering/customer/RegistrationForm.java rename to src/main/java/catering/users/RegistrationForm.java index 53a3e07..d1e4eb5 100644 --- a/src/main/java/catering/customer/RegistrationForm.java +++ b/src/main/java/catering/users/RegistrationForm.java @@ -1,21 +1,21 @@ -package catering.customer; +package catering.users; import jakarta.validation.constraints.NotEmpty; import org.springframework.validation.Errors; public class RegistrationForm { - private final @NotEmpty String name, password, address; + private final @NotEmpty String username, password, address; - public RegistrationForm(String name, String password, String address) { + public RegistrationForm(String username, String password, String address) { - this.name = name; + this.username = username; this.password = password; this.address = address; } - public String getName() { - return name; + public String getUsername() { + return username; } public String getPassword() { diff --git a/src/main/java/catering/users/User.java b/src/main/java/catering/users/User.java index 800a0f5..3a0de8b 100644 --- a/src/main/java/catering/users/User.java +++ b/src/main/java/catering/users/User.java @@ -63,7 +63,7 @@ public class User extends AbstractAggregateRoot { public static final class UserIdentifier implements Identifier, Serializable { private static final long serialVersionUID = 7740660930809051850L; - private final @SuppressWarnings("unused") UUID identifier; + private final UUID identifier; UserIdentifier() { this(UUID.randomUUID()); @@ -97,6 +97,11 @@ public class User extends AbstractAggregateRoot { return this.identifier.equals(that.identifier); } + + @Override + public String toString(){ + return identifier.toString(); + } } } diff --git a/src/main/java/catering/users/UserController.java b/src/main/java/catering/users/UserController.java index d6694ab..ea2aca0 100644 --- a/src/main/java/catering/users/UserController.java +++ b/src/main/java/catering/users/UserController.java @@ -1,11 +1,20 @@ package catering.users; import org.springframework.ui.Model; +import org.springframework.validation.Errors; + +import org.salespointframework.useraccount.Role; +import org.salespointframework.useraccount.UserAccount; +import org.salespointframework.useraccount.web.LoggedIn; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestParam; +import jakarta.validation.Valid; + @Controller public class UserController { @@ -15,40 +24,96 @@ public class UserController { this.userManagement = userManagerment; }; + @GetMapping("/unauthorized") + String unauthorized(){ + return "unauthorized"; + } + + @GetMapping("/register") + String register() { + return "register"; + } + + @PostMapping("/register") + String register(@Valid RegistrationForm form, Errors result) { + if (result.hasErrors()){ + return "register"; + } + userManagement.createCustomer(form.getUsername(),form.getAddress(),form.getPassword()); + return "redirect:/login"; + } + + @GetMapping("/login") + public String loginPage(){ + return "login"; + } + @GetMapping("/profile") - public String index(Model model) { - - model.addAttribute("user", userManagement.getUsers().findAll().toList().get(0)); - + @PreAuthorize("isAuthenticated()") + public String viewProfile(Model model, @LoggedIn UserAccount userAccount) { + if (userAccount == null) { + return "redirect:/"; + } + User user = userManagement.getUserByAccount(userAccount).get(); + model.addAttribute("user", user); return "profile"; } @PostMapping("/profile") - public String editProfile(@RequestParam String password, @RequestParam String address, @RequestParam String username) { + @PreAuthorize("isAuthenticated()") + public String editProfile(@LoggedIn UserAccount userAccount, @RequestParam String password, @RequestParam String address, @RequestParam String username) { + User user = userManagement.getUserByAccount(userAccount).get(); - User userAccount = userManagement.getUsers().findAll().toList().get(0); - - if (!username.isBlank()){ - userAccount.setUsername(username); + if (!username.isBlank()) { + user.setUsername(username); + } + if (!address.isBlank()) { + user.setAddress(address); + } + if (!password.isBlank()) { + userManagement.setPassword(password, user.getUserAccount()); } - if (!address.isBlank()){ - userAccount.setAddress(address); - } - - if (!password.isBlank()){ - userManagement.setPassword(password, userAccount.getUserAccount()); - } - - userManagement.save(userAccount); + userManagement.save(user); return "redirect:/profile"; } - @GetMapping("/profile/delete") - public String deleteUser() { - User userAccount = userManagement.getUsers().findAll().toList().get(0); - userManagement.deleteUser(userAccount); + @GetMapping("/profile/disable") + @PreAuthorize("hasRole('CUSTOMER')") + public String disableUser(@LoggedIn UserAccount userAccount) { + userManagement.disableUserAccount(userAccount); return "redirect:/"; } + + @GetMapping("/customers") + @PreAuthorize("hasRole('ADMIN')") + public String getCustomer(Model model) { + model.addAttribute("title", "Kundenverwaltung"); + model.addAttribute("customers", userManagement.getUsers().findAll().stream().filter(customer -> customer.getUserAccount().hasRole(Role.of("CUSTOMER"))).toList()); + return "customers"; + } + + @GetMapping("/customers/remove/{id}") + @PreAuthorize("hasRole('ADMIN')") + public String removeCustomer(@PathVariable("id") User user, Model model) { + userManagement.disableUserAccount(user.getUserAccount()); + return "redirect:/customers"; + } + + @GetMapping("/customers/edit/{id}") + @PreAuthorize("hasRole('ADMIN')") + public String editCustomer(@PathVariable("id") User user, Model model) { + model.addAttribute("customer", user); + return "edit-customer"; + } + + @PostMapping("/customers/edit/{id}") + @PreAuthorize("hasRole('ADMIN')") + public String updateCustomer(@PathVariable("id") User user, @RequestParam String username, @RequestParam String address, Model model) { + user.setUsername(username); + user.setAddress(address); + userManagement.save(user); + return "redirect:/customers"; + } } diff --git a/src/main/java/catering/users/UserDataInitializer.java b/src/main/java/catering/users/UserDataInitializer.java index c092ff8..a7cecf4 100644 --- a/src/main/java/catering/users/UserDataInitializer.java +++ b/src/main/java/catering/users/UserDataInitializer.java @@ -1,37 +1,28 @@ package catering.users; import org.salespointframework.core.DataInitializer; +import org.salespointframework.useraccount.AuthenticationManagement; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.core.annotation.Order; import org.springframework.stereotype.Component; import org.springframework.util.Assert; -import org.salespointframework.useraccount.AuthenticationManagement; import org.springframework.web.bind.annotation.SessionAttributes; @Component -@Order(10) @SessionAttributes("profile") class UserDataInitializer implements DataInitializer { private static final Logger LOG = LoggerFactory.getLogger(UserDataInitializer.class); - private final UserManagement userManagement; UserDataInitializer(UserManagement userManagement, AuthenticationManagement auth) { - Assert.notNull(userManagement, "UserRepository must not be null!"); - this.userManagement = userManagement; } @Override public void initialize() { - LOG.info("Creating default user."); - - userManagement.createUser("Hans","123","Baum Weg"); - + userManagement.createAdmin("admin", "admin", "admin"); } - } diff --git a/src/main/java/catering/users/UserManagement.java b/src/main/java/catering/users/UserManagement.java index 18e11a8..a9bec49 100644 --- a/src/main/java/catering/users/UserManagement.java +++ b/src/main/java/catering/users/UserManagement.java @@ -1,13 +1,14 @@ package catering.users; -import org.springframework.web.bind.annotation.SessionAttributes; -import org.salespointframework.useraccount.UserAccount; +import java.util.Optional; import org.salespointframework.useraccount.Password.UnencryptedPassword; import org.salespointframework.useraccount.Role; +import org.salespointframework.useraccount.UserAccount; import org.salespointframework.useraccount.UserAccountManagement; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import org.springframework.web.bind.annotation.SessionAttributes; @Service @Transactional @@ -18,20 +19,19 @@ public class UserManagement { private final UserAccountManagement userAccounts; UserManagement(UserRepository users, UserAccountManagement userAccounts) { - this.users = users; this.userAccounts = userAccounts; } - public User createUser(String name, String Password, String address) { - - var password = UnencryptedPassword.of(Password); - var userAccount = userAccounts.create(name, password, Role.of("CUSTOMER")); - - return users.save(new User(userAccount, address)); + public User createCustomer(String name, String address, String password) { + return users.save(new User(userAccounts.create(name,UnencryptedPassword.of(password),Role.of("CUSTOMER")), address)); } - public User save(User user){ + public User createAdmin(String name, String address, String password) { + return users.save(new User(userAccounts.create(name,UnencryptedPassword.of(password),Role.of("ADMIN")), address)); + } + + public User save(User user) { return users.save(user); } @@ -40,11 +40,15 @@ public class UserManagement { return true; }; - public UserRepository getUsers(){ + public UserRepository getUsers() { return users; } - public void deleteUser(User user){ - users.deleteById(user.getId()); + public void disableUserAccount(UserAccount userAccount) { + userAccounts.disable(userAccount.getId()); + } + + public Optional getUserByAccount(UserAccount userAccount) { + return users.findAll().stream().filter(u -> u.getUserAccount().equals(userAccount)).findFirst(); } } diff --git a/src/main/resources/templates/customer.html b/src/main/resources/templates/customer.html deleted file mode 100644 index c0eb464..0000000 --- a/src/main/resources/templates/customer.html +++ /dev/null @@ -1,43 +0,0 @@ - - - - -
-
-

Kundenübersicht

- - - - - - - - - - - - - - - -
IDNachnameVornameAufträge
01MusterkochMaxAufträge - Bearbeiten - -
- - -
-
-
-
- - diff --git a/src/main/resources/templates/customers.html b/src/main/resources/templates/customers.html new file mode 100644 index 0000000..78cf17a --- /dev/null +++ b/src/main/resources/templates/customers.html @@ -0,0 +1,33 @@ + + + + + + + + +
+
+

Kundenverwaltung

+ + + + + + + + + + + + + + +
NutzernameAufträgeBearbeitenEntfernen
MusterkochAufträgeBearbeitenEntfernen
+
+
+ + diff --git a/src/main/resources/templates/edit-customer.html b/src/main/resources/templates/edit-customer.html index 0e822b5..38734bf 100644 --- a/src/main/resources/templates/edit-customer.html +++ b/src/main/resources/templates/edit-customer.html @@ -16,22 +16,13 @@

Kunde Bearbeiten

-
- - - - - - - - + +

Nutzername

+ +

Addresse

+
- Cancel
diff --git a/src/main/resources/templates/navigation.html b/src/main/resources/templates/navigation.html index 336bf63..309759b 100644 --- a/src/main/resources/templates/navigation.html +++ b/src/main/resources/templates/navigation.html @@ -10,7 +10,7 @@ Inventar Katalog Angestellte - Kunden + Kunden Bestellungen Event planen Kalender @@ -22,7 +22,7 @@ Logout -
+
diff --git a/src/main/resources/templates/profile.html b/src/main/resources/templates/profile.html index 1b74753..99ebf19 100644 --- a/src/main/resources/templates/profile.html +++ b/src/main/resources/templates/profile.html @@ -34,7 +34,7 @@

diff --git a/src/main/resources/templates/unauthorized.html b/src/main/resources/templates/unauthorized.html new file mode 100644 index 0000000..c1adeeb --- /dev/null +++ b/src/main/resources/templates/unauthorized.html @@ -0,0 +1,6 @@ + +

Access Denied

+