diff --git a/src/main/java/org/cerberus/controllers/ConfigurationFileController.java b/src/main/java/org/cerberus/controllers/ConfigurationFileController.java new file mode 100644 index 0000000..ca19dad --- /dev/null +++ b/src/main/java/org/cerberus/controllers/ConfigurationFileController.java @@ -0,0 +1,33 @@ +package org.cerberus.controllers; + +import org.cerberus.entities.persistence.ConfigurationFile; +import org.cerberus.services.ConfigurationFileService; +import org.cerberus.services.SecurityService; +import org.springframework.web.bind.annotation.*; + +import java.security.Principal; +import java.util.UUID; + +import static org.cerberus.core.constant.RoleSecurity.ADMIN; +import static org.cerberus.core.constant.RoleSecurity.MAINTAINER; + +@RestController +@RequestMapping("/api/applications/{applicationId}/configurationFile") +public class ConfigurationFileController { + private ConfigurationFileService configurationFileService; + private SecurityService securityService; + + ConfigurationFileController(ConfigurationFileService configurationFileService, + SecurityService securityService) { + this.configurationFileService = configurationFileService; + this.securityService = securityService; + } + + @PostMapping + public void create(@PathVariable("applicationId") UUID applicationId, + @RequestBody ConfigurationFile configurationFile, + Principal connectedUser) { + securityService.checkHasAnyRole(connectedUser, applicationId, ADMIN, MAINTAINER); + configurationFileService.create(applicationId, configurationFile); + } +} diff --git a/src/main/java/org/cerberus/core/config/security/SecurityConfiguration.java b/src/main/java/org/cerberus/core/config/security/SecurityConfiguration.java index 03135fa..5f503ea 100755 --- a/src/main/java/org/cerberus/core/config/security/SecurityConfiguration.java +++ b/src/main/java/org/cerberus/core/config/security/SecurityConfiguration.java @@ -56,8 +56,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { ).permitAll() .antMatchers(POST, "/api/users/login", - "/api/users/signup", - "/api/applications" + "/api/users/signup" ).permitAll() .antMatchers("/api/**").authenticated() .anyRequest().permitAll() diff --git a/src/main/java/org/cerberus/repositories/ConfigurationFileRepository.java b/src/main/java/org/cerberus/repositories/ConfigurationFileRepository.java new file mode 100644 index 0000000..0ed0785 --- /dev/null +++ b/src/main/java/org/cerberus/repositories/ConfigurationFileRepository.java @@ -0,0 +1,12 @@ +package org.cerberus.repositories; + +import org.cerberus.entities.persistence.ConfigurationFile; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +import java.util.UUID; + +@Repository +public interface ConfigurationFileRepository extends JpaRepository { + +} diff --git a/src/main/java/org/cerberus/services/ApplicationService.java b/src/main/java/org/cerberus/services/ApplicationService.java index 3994cde..fb76907 100644 --- a/src/main/java/org/cerberus/services/ApplicationService.java +++ b/src/main/java/org/cerberus/services/ApplicationService.java @@ -8,6 +8,9 @@ import org.cerberus.validators.ApplicationValidator; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import java.util.Optional; +import java.util.UUID; + import static org.cerberus.core.constant.Role.MAINTAINER; import static org.cerberus.core.utils.StringUtils.concat; @@ -28,7 +31,7 @@ public class ApplicationService { @Transactional public Application create(Application application, User user) { - applicationValidator.checkAllAttributsConstraints(application); + applicationValidator.validate(application); if(applicationRepository.alreadyExists(application.getName())) { throw new BadRequestException(concat("The application ", application.getName(), " already exists.")); @@ -42,9 +45,13 @@ public class ApplicationService { } public Application update(Application application) { - applicationValidator.checkAllAttributsConstraints(application); + applicationValidator.validate(application); applicationValidator.sanitize(application); applicationRepository.save(application); return application; } + + public Optional findById(UUID id) { + return applicationRepository.findById(id); + } } diff --git a/src/main/java/org/cerberus/services/ConfigurationFileService.java b/src/main/java/org/cerberus/services/ConfigurationFileService.java new file mode 100644 index 0000000..a19842f --- /dev/null +++ b/src/main/java/org/cerberus/services/ConfigurationFileService.java @@ -0,0 +1,37 @@ +package org.cerberus.services; + +import org.cerberus.core.exceptions.BadRequestException; +import org.cerberus.core.utils.StringUtils; +import org.cerberus.entities.persistence.ConfigurationFile; +import org.cerberus.repositories.ConfigurationFileRepository; +import org.cerberus.validators.ConfigurationFileValidator; +import org.springframework.stereotype.Service; + +import java.util.UUID; + +@Service +public class ConfigurationFileService { + private ApplicationService applicationService; + private ConfigurationFileRepository configurationFileRepository; + private ConfigurationFileValidator configurationFileValidator; + + ConfigurationFileService(ApplicationService applicationService, + ConfigurationFileRepository configurationFileRepository, + ConfigurationFileValidator configurationFileValidator) { + this.applicationService = applicationService; + this.configurationFileRepository = configurationFileRepository; + this.configurationFileValidator = configurationFileValidator; + } + + public void create(UUID applicationId, ConfigurationFile configurationFile) { + if(applicationId == null || StringUtils.isNull(applicationId.toString())) { + throw new BadRequestException("Application id is required."); + } + configurationFileValidator.validate(configurationFile); + + configurationFile.setApplication(applicationService.findById(applicationId) + .orElseThrow(() -> new BadRequestException("The application doesn't exist.")) + ); + configurationFileRepository.save(configurationFile); + } +} diff --git a/src/main/java/org/cerberus/services/SecurityService.java b/src/main/java/org/cerberus/services/SecurityService.java index ea26476..429c761 100644 --- a/src/main/java/org/cerberus/services/SecurityService.java +++ b/src/main/java/org/cerberus/services/SecurityService.java @@ -10,6 +10,7 @@ import java.security.Principal; import java.util.Arrays; import java.util.List; import java.util.Optional; +import java.util.UUID; import java.util.stream.Collectors; import static org.cerberus.core.constant.RoleSecurity.ADMIN; @@ -19,7 +20,7 @@ public class SecurityService { private UserService userService; - public SecurityService(UserService userService) { + SecurityService(UserService userService) { this.userService = userService; } @@ -42,6 +43,10 @@ public class SecurityService { * @param roles Allowed role to check. */ public void checkHasAnyRole(Principal connectedUser, Application application, String... roles) { + checkHasAnyRole(connectedUser, application.getId(), roles); + } + + public void checkHasAnyRole(Principal connectedUser, UUID applicationId, String... roles) { Optional user = getUserByPrincipal(connectedUser); List roleList = Arrays.stream(roles).collect(Collectors.toList()); @@ -55,7 +60,7 @@ public class SecurityService { // Application role required ? userHasRole = userService.getApplicationRolesByEmail(user.get().getEmail()).stream() .anyMatch(appRole -> - appRole.getApplication().getId().equals(application.getId()) + appRole.getApplication().getId().equals(applicationId) && roleList.contains(appRole.getRole().name()) ); } diff --git a/src/main/java/org/cerberus/services/UserService.java b/src/main/java/org/cerberus/services/UserService.java index 98ecd06..97daf6e 100644 --- a/src/main/java/org/cerberus/services/UserService.java +++ b/src/main/java/org/cerberus/services/UserService.java @@ -77,7 +77,7 @@ public class UserService { } public void signUp(SignUpDTO inputData) { - signUpValidator.checkAllAttributsConstraints(inputData); + signUpValidator.validate(inputData); if(userRepository.isEmailAlreadyExists(inputData.getEmail())) { throw new BadRequestException("Email is already assigned to another user."); diff --git a/src/main/java/org/cerberus/validators/AbstractValidator.java b/src/main/java/org/cerberus/validators/AbstractValidator.java new file mode 100644 index 0000000..6c752ef --- /dev/null +++ b/src/main/java/org/cerberus/validators/AbstractValidator.java @@ -0,0 +1,20 @@ +package org.cerberus.validators; + +import org.cerberus.core.exceptions.BadRequestException; + +interface AbstractValidator { + /** + * Checks if all defaults contraints of the POJO {@link E} are respected, + * otherwise a {@link BadRequestException} will be thrown. + * @param element The element to check and validate. + */ + void validate(E element) throws BadRequestException; + + /** + * Remove, format, transform {@code element} attributes or do something else to sanitize it. + * @param element The element to sanitize. + */ + default void sanitize(E element) { + // Do nothing + } +} diff --git a/src/main/java/org/cerberus/validators/ApplicationValidator.java b/src/main/java/org/cerberus/validators/ApplicationValidator.java index 3d4b653..2b7971f 100644 --- a/src/main/java/org/cerberus/validators/ApplicationValidator.java +++ b/src/main/java/org/cerberus/validators/ApplicationValidator.java @@ -6,11 +6,12 @@ import org.cerberus.entities.persistence.Application; import org.springframework.stereotype.Component; @Component -public class ApplicationValidator { - - public void checkAllAttributsConstraints(Application application) { - if(StringUtils.isNull(application.getName()) - || StringUtils.isNull(application.getServiceName())) { +public class ApplicationValidator implements AbstractValidator { + @Override + public void validate(Application element) throws BadRequestException { + if(element == null + || StringUtils.isNull(element.getName()) + || StringUtils.isNull(element.getServiceName())) { throw new BadRequestException("Please fill up all required fields."); } } diff --git a/src/main/java/org/cerberus/validators/ConfigurationFileValidator.java b/src/main/java/org/cerberus/validators/ConfigurationFileValidator.java new file mode 100644 index 0000000..9177dd9 --- /dev/null +++ b/src/main/java/org/cerberus/validators/ConfigurationFileValidator.java @@ -0,0 +1,16 @@ +package org.cerberus.validators; + +import org.cerberus.core.exceptions.BadRequestException; +import org.cerberus.core.utils.StringUtils; +import org.cerberus.entities.persistence.ConfigurationFile; +import org.springframework.stereotype.Component; + +@Component +public class ConfigurationFileValidator implements AbstractValidator { + @Override + public void validate(ConfigurationFile element) throws BadRequestException { + if(element == null || StringUtils.isNull(element.getPath())) { + throw new BadRequestException("Please fill up all required fields."); + } + } +} diff --git a/src/main/java/org/cerberus/validators/SignUpValidator.java b/src/main/java/org/cerberus/validators/SignUpValidator.java index 8e2fd71..667b343 100644 --- a/src/main/java/org/cerberus/validators/SignUpValidator.java +++ b/src/main/java/org/cerberus/validators/SignUpValidator.java @@ -4,14 +4,14 @@ import org.cerberus.core.exceptions.BadRequestException; import org.cerberus.core.utils.RegexUtils; import org.cerberus.core.utils.StringUtils; import org.cerberus.entities.dto.SignUpDTO; -import org.cerberus.entities.persistence.User; import org.springframework.stereotype.Component; @Component -public class SignUpValidator { - - public void checkAllAttributsConstraints(SignUpDTO inputData) { - if(StringUtils.isNull(inputData.getName()) +public class SignUpValidator implements AbstractValidator { + @Override + public void validate(SignUpDTO inputData) throws BadRequestException { + if(inputData == null + || StringUtils.isNull(inputData.getName()) || StringUtils.isNull(inputData.getEmail()) || StringUtils.isNull(inputData.getPassword()) || StringUtils.isNull(inputData.getConfirmPassword())) {