Commit 7590f1a0 authored by Sreenidhi Iyangar's avatar Sreenidhi Iyangar
Browse files

User class name to RegistryUser and corresponding changes

parent cf33772f
...@@ -20,8 +20,8 @@ package uk.ac.ebi.ampt2d.registry.config.security; ...@@ -20,8 +20,8 @@ package uk.ac.ebi.ampt2d.registry.config.security;
import org.springframework.boot.autoconfigure.security.oauth2.resource.AuthoritiesExtractor; import org.springframework.boot.autoconfigure.security.oauth2.resource.AuthoritiesExtractor;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority;
import uk.ac.ebi.ampt2d.registry.entities.User; import uk.ac.ebi.ampt2d.registry.entities.RegistryUser;
import uk.ac.ebi.ampt2d.registry.repositories.UserRepository; import uk.ac.ebi.ampt2d.registry.repositories.RegistryUserRepository;
import java.util.Arrays; import java.util.Arrays;
import java.util.List; import java.util.List;
...@@ -29,20 +29,20 @@ import java.util.Map; ...@@ -29,20 +29,20 @@ import java.util.Map;
public class CustomAuthoritiesExtractor implements AuthoritiesExtractor { public class CustomAuthoritiesExtractor implements AuthoritiesExtractor {
private UserRepository userRepository; private RegistryUserRepository registryUserRepository;
public CustomAuthoritiesExtractor(UserRepository userRepository) { public CustomAuthoritiesExtractor(RegistryUserRepository registryUserRepository) {
this.userRepository = userRepository; this.registryUserRepository = registryUserRepository;
} }
@Override @Override
public List<GrantedAuthority> extractAuthorities(Map<String, Object> map) { public List<GrantedAuthority> extractAuthorities(Map<String, Object> map) {
String email = (String) map.get("email"); String email = (String) map.get("email");
User user = userRepository.findByEmail(email); RegistryUser user = registryUserRepository.findByEmail(email);
if (user == null) { if (user == null) {
user = new User(email, User.Role.ROLE_USER); user = new RegistryUser(email, RegistryUser.Role.ROLE_USER);
userRepository.save(user); registryUserRepository.save(user);
return Arrays.asList(new SimpleGrantedAuthority(User.Role.ROLE_USER.name())); return Arrays.asList(new SimpleGrantedAuthority(RegistryUser.Role.ROLE_USER.name()));
} }
return Arrays.asList(new SimpleGrantedAuthority(user.getRole().toString())); return Arrays.asList(new SimpleGrantedAuthority(user.getRole().toString()));
} }
......
...@@ -17,7 +17,6 @@ ...@@ -17,7 +17,6 @@
*/ */
package uk.ac.ebi.ampt2d.registry.config.security; package uk.ac.ebi.ampt2d.registry.config.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.security.oauth2.resource.AuthoritiesExtractor; import org.springframework.boot.autoconfigure.security.oauth2.resource.AuthoritiesExtractor;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
...@@ -26,7 +25,7 @@ import org.springframework.http.HttpMethod; ...@@ -26,7 +25,7 @@ import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import uk.ac.ebi.ampt2d.registry.repositories.UserRepository; import uk.ac.ebi.ampt2d.registry.repositories.RegistryUserRepository;
@ConditionalOnProperty(value = "security.enabled", havingValue = "true") @ConditionalOnProperty(value = "security.enabled", havingValue = "true")
@Configuration @Configuration
...@@ -47,7 +46,7 @@ public class EnableSecurityConfig extends ResourceServerConfigurerAdapter { ...@@ -47,7 +46,7 @@ public class EnableSecurityConfig extends ResourceServerConfigurerAdapter {
public void configure(HttpSecurity http) throws Exception { public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests() http.authorizeRequests()
.antMatchers(AUTH_WHITELIST).permitAll() .antMatchers(AUTH_WHITELIST).permitAll()
.antMatchers("/users/**").hasRole("ADMIN") .antMatchers("/registryUsers/**").hasRole("ADMIN")
.antMatchers(HttpMethod.POST).hasAnyRole("EDITOR", "ADMIN") .antMatchers(HttpMethod.POST).hasAnyRole("EDITOR", "ADMIN")
.antMatchers(HttpMethod.PUT).hasAnyRole("EDITOR", "ADMIN") .antMatchers(HttpMethod.PUT).hasAnyRole("EDITOR", "ADMIN")
.antMatchers(HttpMethod.PATCH).hasAnyRole("EDITOR", "ADMIN") .antMatchers(HttpMethod.PATCH).hasAnyRole("EDITOR", "ADMIN")
...@@ -57,7 +56,7 @@ public class EnableSecurityConfig extends ResourceServerConfigurerAdapter { ...@@ -57,7 +56,7 @@ public class EnableSecurityConfig extends ResourceServerConfigurerAdapter {
} }
@Bean @Bean
public AuthoritiesExtractor authoritiesExtractor(UserRepository userRepository) { public AuthoritiesExtractor authoritiesExtractor(RegistryUserRepository registryUserRepository) {
return new CustomAuthoritiesExtractor(userRepository); return new CustomAuthoritiesExtractor(registryUserRepository);
} }
} }
\ No newline at end of file
...@@ -27,8 +27,8 @@ import javax.persistence.Id; ...@@ -27,8 +27,8 @@ import javax.persistence.Id;
/* /*
User is a reserved word in PostgreSQL. Hence defining a new name RegistryUser User is a reserved word in PostgreSQL. Hence defining a new name RegistryUser
*/ */
@Entity(name = "RegistryUser") @Entity
public class User { public class RegistryUser {
public enum Role { public enum Role {
...@@ -46,10 +46,10 @@ public class User { ...@@ -46,10 +46,10 @@ public class User {
@Enumerated(EnumType.STRING) @Enumerated(EnumType.STRING)
private Role role; private Role role;
public User() { public RegistryUser() {
} }
public User(String email, Role role) { public RegistryUser(String email, Role role) {
this.email = email; this.email = email;
this.role = role; this.role = role;
} }
......
...@@ -20,10 +20,10 @@ package uk.ac.ebi.ampt2d.registry.repositories; ...@@ -20,10 +20,10 @@ package uk.ac.ebi.ampt2d.registry.repositories;
import org.springframework.data.repository.PagingAndSortingRepository; import org.springframework.data.repository.PagingAndSortingRepository;
import org.springframework.data.repository.query.Param; import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository; import org.springframework.stereotype.Repository;
import uk.ac.ebi.ampt2d.registry.entities.User; import uk.ac.ebi.ampt2d.registry.entities.RegistryUser;
@Repository @Repository
public interface UserRepository extends PagingAndSortingRepository<User, String> { public interface RegistryUserRepository extends PagingAndSortingRepository<RegistryUser, String> {
User findByEmail(@Param("email") String email); RegistryUser findByEmail(@Param("email") String email);
} }
...@@ -35,7 +35,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok ...@@ -35,7 +35,7 @@ import org.springframework.security.oauth2.provider.token.AuthorizationServerTok
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.test.web.servlet.request.RequestPostProcessor; import org.springframework.test.web.servlet.request.RequestPostProcessor;
import uk.ac.ebi.ampt2d.registry.config.security.CustomAuthoritiesExtractor; import uk.ac.ebi.ampt2d.registry.config.security.CustomAuthoritiesExtractor;
import uk.ac.ebi.ampt2d.registry.repositories.UserRepository; import uk.ac.ebi.ampt2d.registry.repositories.RegistryUserRepository;
import java.io.Serializable; import java.io.Serializable;
import java.util.Collection; import java.util.Collection;
...@@ -55,7 +55,7 @@ public class OAuthHelper extends AuthorizationServerConfigurerAdapter { ...@@ -55,7 +55,7 @@ public class OAuthHelper extends AuthorizationServerConfigurerAdapter {
private ClientDetailsService clientDetailsService; private ClientDetailsService clientDetailsService;
@Autowired @Autowired
private UserRepository userRepository; private RegistryUserRepository registryUserRepository;
public RequestPostProcessor bearerToken(final String clientid) { public RequestPostProcessor bearerToken(final String clientid) {
return mockRequest -> { return mockRequest -> {
...@@ -69,7 +69,7 @@ public class OAuthHelper extends AuthorizationServerConfigurerAdapter { ...@@ -69,7 +69,7 @@ public class OAuthHelper extends AuthorizationServerConfigurerAdapter {
ClientDetails client = clientDetailsService.loadClientByClientId(clientId); ClientDetails client = clientDetailsService.loadClientByClientId(clientId);
Map<String, Object> clientEmailMap = new HashMap<>(); Map<String, Object> clientEmailMap = new HashMap<>();
clientEmailMap.put("email", clientId); clientEmailMap.put("email", clientId);
Collection<GrantedAuthority> authorities = authoritiesExtractor(userRepository).extractAuthorities(clientEmailMap); Collection<GrantedAuthority> authorities = authoritiesExtractor(registryUserRepository).extractAuthorities(clientEmailMap);
Set<String> resourceIds = client.getResourceIds(); Set<String> resourceIds = client.getResourceIds();
Set<String> scopes = client.getScope(); Set<String> scopes = client.getScope();
...@@ -99,7 +99,7 @@ public class OAuthHelper extends AuthorizationServerConfigurerAdapter { ...@@ -99,7 +99,7 @@ public class OAuthHelper extends AuthorizationServerConfigurerAdapter {
} }
@Bean @Bean
public AuthoritiesExtractor authoritiesExtractor(UserRepository userRepository) { public AuthoritiesExtractor authoritiesExtractor(RegistryUserRepository registryUserRepository) {
return new CustomAuthoritiesExtractor(userRepository); return new CustomAuthoritiesExtractor(registryUserRepository);
} }
} }
\ No newline at end of file
...@@ -272,7 +272,7 @@ public class PropertyRegistryServiceApplicationTests { ...@@ -272,7 +272,7 @@ public class PropertyRegistryServiceApplicationTests {
mockMvc.perform(get("/phenotypes")).andExpect(status().isUnauthorized()); mockMvc.perform(get("/phenotypes")).andExpect(status().isUnauthorized());
mockMvc.perform(get("/properties")).andExpect(status().isUnauthorized()); mockMvc.perform(get("/properties")).andExpect(status().isUnauthorized());
//AUTH_WHITELIST URLs not secured // AUTH_WHITELIST URLs not secured
mockMvc.perform(get("/")).andExpect(status().isOk()); mockMvc.perform(get("/")).andExpect(status().isOk());
mockMvc.perform(get("/swagger-ui.html")).andExpect(status().isOk()); mockMvc.perform(get("/swagger-ui.html")).andExpect(status().isOk());
mockMvc.perform(get("/v2/api-docs")).andExpect(status().isOk()); mockMvc.perform(get("/v2/api-docs")).andExpect(status().isOk());
...@@ -318,10 +318,10 @@ public class PropertyRegistryServiceApplicationTests { ...@@ -318,10 +318,10 @@ public class PropertyRegistryServiceApplicationTests {
.andExpect(status().isNoContent()); .andExpect(status().isNoContent());
//Change of Role can be performed by ADMIN only //Change of Role can be performed by ADMIN only
mockMvc.perform(put("/users/testUser@gmail.com") mockMvc.perform(put("/registryUsers/testUser@gmail.com")
.content("{\"role\": \"ROLE_EDITOR\"}").with(oAuthHelper.bearerToken("testEditor@gmail.com"))) .content("{\"role\": \"ROLE_EDITOR\"}").with(oAuthHelper.bearerToken("testEditor@gmail.com")))
.andExpect(status().isForbidden()); .andExpect(status().isForbidden());
mockMvc.perform(put("/users/testUser@gmail.com") mockMvc.perform(put("/registryUsers/testUser@gmail.com")
.content("{\"role\": \"ROLE_EDITOR\"}").with(oAuthHelper.bearerToken("testAdmin@gmail.com"))) .content("{\"role\": \"ROLE_EDITOR\"}").with(oAuthHelper.bearerToken("testAdmin@gmail.com")))
.andExpect(status().isNoContent()); .andExpect(status().isNoContent());
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment