From eed646c64e5547a0632a5363ae850f4a81a9475b Mon Sep 17 00:00:00 2001
From: Thomas <gltron3000@gmail.com>
Date: Sun, 17 May 2020 12:49:52 +0200
Subject: [PATCH] Added user roles
---
.../mozen/auth/JwtAuthenticationFilter.java | 5 +++++
.../mozen/auth/JwtUserDetailsService.java | 20 +++++++++++++++++--
.../main/java/mozen/business/UserManager.java | 3 ++-
mozen/src/main/java/mozen/model/Role.java | 5 +++++
mozen/src/main/java/mozen/model/User.java | 11 ++++++----
.../main/java/mozen/utils/DatabaseFiller.java | 5 +++--
6 files changed, 40 insertions(+), 9 deletions(-)
create mode 100644 mozen/src/main/java/mozen/model/Role.java
diff --git a/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java b/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java
index 1a46cd4..6feaf4b 100644
--- a/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java
+++ b/mozen/src/main/java/mozen/auth/JwtAuthenticationFilter.java
@@ -18,6 +18,7 @@ import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@@ -53,10 +54,14 @@ public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilte
throws IOException, ServletException {
User user = (User) auth.getPrincipal();
Key key = KeyGenerator.generateKey();
+
+ // ! A modifier si gestion multi roles (cf UserDetailsService)
+ SimpleGrantedAuthority authority = (SimpleGrantedAuthority) user.getAuthorities().toArray()[0];
String token = Jwts.builder()
.setSubject(user.getUsername())
.claim("username",user.getUsername())
+ .claim("role",authority.getAuthority())
.setIssuedAt(new Date())
.setExpiration(toDate(LocalDateTime.now().plusDays(1L)))
.signWith(SignatureAlgorithm.HS512, key)
diff --git a/mozen/src/main/java/mozen/auth/JwtUserDetailsService.java b/mozen/src/main/java/mozen/auth/JwtUserDetailsService.java
index a6bc4da..56e3b53 100644
--- a/mozen/src/main/java/mozen/auth/JwtUserDetailsService.java
+++ b/mozen/src/main/java/mozen/auth/JwtUserDetailsService.java
@@ -1,8 +1,11 @@
package mozen.auth;
-import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Set;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
@@ -20,7 +23,20 @@ public class JwtUserDetailsService implements UserDetailsService {
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
mozen.model.User user = manager.getUserByUsername(username);
if(user == null) throw new UsernameNotFoundException(username);
- return new User(user.getUsername(), user.getPassword(), new ArrayList<>());
+
+ Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
+
+ /*
+ // Gestion multi roles
+ // Plus propre (Transformer model.Role en Entity et model.User.role en liste de Role)
+ for(Role role : user.getRoles()){
+ grantedAuthorities.add(new SimpleGrantedAuthority(role.getName()));
+ }
+ */
+
+ grantedAuthorities.add(new SimpleGrantedAuthority(user.getRole().toString()));
+
+ return new User(user.getUsername(), user.getPassword(), grantedAuthorities);
}
}
\ No newline at end of file
diff --git a/mozen/src/main/java/mozen/business/UserManager.java b/mozen/src/main/java/mozen/business/UserManager.java
index 266da3d..fe5a497 100644
--- a/mozen/src/main/java/mozen/business/UserManager.java
+++ b/mozen/src/main/java/mozen/business/UserManager.java
@@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
+import mozen.model.Role;
import mozen.model.SignupMessage;
import mozen.model.User;
@@ -22,7 +23,7 @@ public class UserManager implements IUserManager {
u.setEmail(message.getEmail());
u.setUsername(message.getUsername());
u.setPassword(bCryptPasswordEncoder.encode(message.getPassword()));
- u.setRole("DEFAULT");
+ u.setRole(Role.Default);
dao.addUser(u);
return u.getId();
diff --git a/mozen/src/main/java/mozen/model/Role.java b/mozen/src/main/java/mozen/model/Role.java
new file mode 100644
index 0000000..1db11ea
--- /dev/null
+++ b/mozen/src/main/java/mozen/model/Role.java
@@ -0,0 +1,5 @@
+package mozen.model;
+
+public enum Role {
+ Default, Admin
+}
\ No newline at end of file
diff --git a/mozen/src/main/java/mozen/model/User.java b/mozen/src/main/java/mozen/model/User.java
index b8db2c7..14330d2 100644
--- a/mozen/src/main/java/mozen/model/User.java
+++ b/mozen/src/main/java/mozen/model/User.java
@@ -7,6 +7,8 @@ import javax.persistence.Basic;
import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
+import javax.persistence.EnumType;
+import javax.persistence.Enumerated;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
@@ -52,7 +54,8 @@ public class User implements Serializable{
@Basic
@Column(nullable = false)
@NotNull
- private String role;
+ @Enumerated(EnumType.STRING)
+ private Role role;
@Basic
@OneToMany(mappedBy = "author", fetch = FetchType.LAZY, cascade = CascadeType.ALL)
@@ -62,7 +65,7 @@ public class User implements Serializable{
public User() {
}
- public User(Long id, String username, String email, String password, String role, Set<Model> models) {
+ public User(Long id, String username, String email, String password, Role role, Set<Model> models) {
this.id = id;
this.username = username;
this.email = email;
@@ -114,11 +117,11 @@ public class User implements Serializable{
}
@JsonIgnore
- public String getRole() {
+ public Role getRole() {
return this.role;
}
- public void setRole(String role) {
+ public void setRole(Role role) {
this.role = role;
}
diff --git a/mozen/src/main/java/mozen/utils/DatabaseFiller.java b/mozen/src/main/java/mozen/utils/DatabaseFiller.java
index 6754eac..5d54c98 100644
--- a/mozen/src/main/java/mozen/utils/DatabaseFiller.java
+++ b/mozen/src/main/java/mozen/utils/DatabaseFiller.java
@@ -13,6 +13,7 @@ import mozen.business.IModelDao;
import mozen.business.IUserDao;
import mozen.model.CustomLayer;
import mozen.model.Model;
+import mozen.model.Role;
import mozen.model.Tag;
import mozen.model.TagCategory;
import mozen.model.User;
@@ -37,13 +38,13 @@ public class DatabaseFiller {
u1.setEmail("user1@email.com");
u1.setPassword("1234");
u1.setUsername("user 1");
- u1.setRole("DEFAULT");
+ u1.setRole(Role.Default);
User u2 = new User();
u2.setEmail("user2@email.com");
u2.setPassword("1234");
u2.setUsername("user 2");
- u2.setRole("ADMIN");
+ u2.setRole(Role.Admin);
Model m1 = new Model();
m1.setAuthor(u1);
--
GitLab