From 442148cc62df3cc82f08ba5c12ab4507f3bdbcab Mon Sep 17 00:00:00 2001 From: furknbulbul Date: Tue, 12 Dec 2023 15:34:19 +0300 Subject: [PATCH] removing X-Selected-Role from header in auth --- .../groupa1/resq/auth/UserDetailsImpl.java | 17 +---------------- .../resq/auth/UserDetailsServiceImpl.java | 7 ------- .../groupa1/resq/config/OpenApiConfig.java | 19 ------------------- .../java/com/groupa1/resq/entity/User.java | 8 ++++---- .../com/groupa1/resq/entity/UserProfile.java | 5 +++-- .../resq/security/AuthTokenFilter.java | 5 +---- .../resq/service/UserProfileService.java | 3 +++ 7 files changed, 12 insertions(+), 52 deletions(-) diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsImpl.java b/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsImpl.java index 292d5d63..d6fc3e0e 100644 --- a/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsImpl.java +++ b/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsImpl.java @@ -4,7 +4,6 @@ import com.groupa1.resq.entity.User; import lombok.Data; import lombok.EqualsAndHashCode; -import lombok.Getter; import lombok.NoArgsConstructor; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; @@ -41,21 +40,7 @@ public UserDetailsImpl(Long id, String name, String surname, String email, Strin public static UserDetailsImpl build(User user) { List authorities = user.getRoles().stream() - .map(role -> new SimpleGrantedAuthority(role.name())) - .collect(Collectors.toList()); - - return new UserDetailsImpl(user.getId(), - user.getName(), - user.getSurname(), - user.getEmail(), - user.getPassword(), - authorities); - } - - public static UserDetailsImpl build(User user, String userRole) { - List authorities = user.getRoles().stream() - .filter(role -> role.name().toUpperCase().equals(userRole.toUpperCase())) - .map(role -> new SimpleGrantedAuthority("ROLE_"+role.name())) + .map(role ->new SimpleGrantedAuthority("ROLE_"+role.name())) .collect(Collectors.toList()); return new UserDetailsImpl(user.getId(), diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsServiceImpl.java b/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsServiceImpl.java index 25da36e8..7f43dd17 100644 --- a/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsServiceImpl.java +++ b/resq/backend/resq/src/main/java/com/groupa1/resq/auth/UserDetailsServiceImpl.java @@ -16,7 +16,6 @@ public class UserDetailsServiceImpl implements UserDetailsService { UserService userService; - // Since the methods shoul override the UserDetailsService interface, method name is loadUserByUsername, but it uses email @Override @Transactional public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException { @@ -26,10 +25,4 @@ public UserDetails loadUserByUsername(String email) throws UsernameNotFoundExcep return UserDetailsImpl.build(user); } - public UserDetails loadUserByUsername(String email, String selectedRole) { - User user = userService.findByEmail(email) - .orElseThrow(() -> new UsernameNotFoundException("User Not Found with email: " + email)); - - return UserDetailsImpl.build(user, selectedRole); - } } diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/config/OpenApiConfig.java b/resq/backend/resq/src/main/java/com/groupa1/resq/config/OpenApiConfig.java index d3ac2739..4199ffdb 100644 --- a/resq/backend/resq/src/main/java/com/groupa1/resq/config/OpenApiConfig.java +++ b/resq/backend/resq/src/main/java/com/groupa1/resq/config/OpenApiConfig.java @@ -1,33 +1,14 @@ package com.groupa1.resq.config; -import io.swagger.v3.oas.annotations.enums.ParameterIn; import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.OpenAPI; -import io.swagger.v3.oas.models.media.StringSchema; -import io.swagger.v3.oas.models.parameters.Parameter; import io.swagger.v3.oas.models.security.SecurityRequirement; import io.swagger.v3.oas.models.security.SecurityScheme; -import org.springdoc.core.customizers.OperationCustomizer; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @Configuration public class OpenApiConfig { - @Bean - public OperationCustomizer customGlobalHeaders() { - return (operation, handlerMethod) -> { - - // Add role to all endpoints - Parameter missingParam2 = new Parameter().in(ParameterIn.HEADER.toString()) - .name("X-Selected-Role") - .schema(new StringSchema()) - .description("ROLE"); - - operation.addParametersItem(missingParam2); - - return operation; - }; - } @Bean public OpenAPI customizeOpenAPI() { diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/entity/User.java b/resq/backend/resq/src/main/java/com/groupa1/resq/entity/User.java index 8f523e81..cf968108 100644 --- a/resq/backend/resq/src/main/java/com/groupa1/resq/entity/User.java +++ b/resq/backend/resq/src/main/java/com/groupa1/resq/entity/User.java @@ -1,5 +1,6 @@ package com.groupa1.resq.entity; +import com.fasterxml.jackson.annotation.JsonManagedReference; import com.groupa1.resq.entity.enums.EUserRole; import jakarta.persistence.*; import jakarta.validation.constraints.Email; @@ -7,9 +8,7 @@ import jakarta.validation.constraints.Size; import lombok.Data; import lombok.EqualsAndHashCode; -import lombok.NoArgsConstructor; import lombok.ToString; - import java.util.HashSet; import java.util.Set; @@ -20,7 +19,7 @@ }) @Data @EqualsAndHashCode(callSuper = true, exclude = {"userProfile", "requests", "needs", "resourcesReceived","resourcesSent", "tasksAssigned", "tasksAssignedTo", "feedbacks", "actions", "infos", "notifications"}) -@ToString(callSuper = true) +@ToString(callSuper = true, exclude = {"userProfile"}) public class User extends BaseEntity { @NotBlank @@ -45,7 +44,8 @@ public class User extends BaseEntity { @Enumerated(EnumType.STRING) private Set roles = new HashSet<>(); - @OneToOne(mappedBy = "user") + @OneToOne(fetch= FetchType.LAZY, mappedBy = "user") + @JsonManagedReference private UserProfile userProfile; @OneToMany(fetch = FetchType.LAZY, mappedBy="requester") diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/entity/UserProfile.java b/resq/backend/resq/src/main/java/com/groupa1/resq/entity/UserProfile.java index f80b3717..3aee42a5 100644 --- a/resq/backend/resq/src/main/java/com/groupa1/resq/entity/UserProfile.java +++ b/resq/backend/resq/src/main/java/com/groupa1/resq/entity/UserProfile.java @@ -1,10 +1,10 @@ package com.groupa1.resq.entity; +import com.fasterxml.jackson.annotation.JsonBackReference; import com.groupa1.resq.entity.enums.EGender; import jakarta.persistence.*; import lombok.Data; import lombok.NoArgsConstructor; - import java.time.LocalDate; @@ -22,8 +22,9 @@ public class UserProfile extends BaseEntity{ @Enumerated(EnumType.STRING) private EGender gender; - @OneToOne(cascade = CascadeType.ALL) + @OneToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL) @JoinColumn(name = "user_id") + @JsonBackReference private User user; private boolean isEmailConfirmed; diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/security/AuthTokenFilter.java b/resq/backend/resq/src/main/java/com/groupa1/resq/security/AuthTokenFilter.java index ea05871b..733b8252 100644 --- a/resq/backend/resq/src/main/java/com/groupa1/resq/security/AuthTokenFilter.java +++ b/resq/backend/resq/src/main/java/com/groupa1/resq/security/AuthTokenFilter.java @@ -1,7 +1,6 @@ package com.groupa1.resq.security; import com.groupa1.resq.auth.UserDetailsServiceImpl; -import com.groupa1.resq.entity.enums.EUserRole; import com.groupa1.resq.security.jwt.JwtUtils; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; @@ -34,10 +33,8 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse if (jwt != null && jwtUtils.validateJwtToken(jwt)) { String username = jwtUtils.getUserNameFromJwtToken(jwt); - String selectedRole = request.getHeader("X-Selected-Role"); - EUserRole userRole = EUserRole.getEnumByStr(selectedRole.toUpperCase()); // If not found, throws error. - UserDetails userDetails = userDetailsService.loadUserByUsername(username, selectedRole); + UserDetails userDetails = userDetailsService.loadUserByUsername(username); UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/service/UserProfileService.java b/resq/backend/resq/src/main/java/com/groupa1/resq/service/UserProfileService.java index 1482cf83..299b4b5d 100644 --- a/resq/backend/resq/src/main/java/com/groupa1/resq/service/UserProfileService.java +++ b/resq/backend/resq/src/main/java/com/groupa1/resq/service/UserProfileService.java @@ -50,7 +50,10 @@ public String updateProfile(Long userId, ProfileDto profileDto) UserProfile updatedProfile = profileConverter.convertToEntity(updatedProfileDto); beanUtils.copyProperties(userProfile, updatedProfile); user.setUserProfile(userProfile); + user.setName(userProfile.getName()); + user.setSurname(userProfile.getSurname()); userRepository.save(user); + return "Profile successfully updated."; }