From 8d5313dc6afacabe849d2b832ab2df18840648ea Mon Sep 17 00:00:00 2001 From: Linda Do Date: Fri, 22 Aug 2025 09:42:34 +0200 Subject: [PATCH 1/6] core --- .gitignore | 2 + build.gradle | 39 +++++--- .../java/com/booleanuk/api/cinema/.gitkeep | 0 .../java/com/booleanuk/api/cinema/Main.java | 11 +++ .../controllers/CustomerController.java | 89 ++++++++++++++++++ .../cinema/controllers/MovieController.java | 93 +++++++++++++++++++ .../controllers/ScreeningController.java | 53 +++++++++++ .../booleanuk/api/cinema/models/Customer.java | 63 +++++++++++++ .../booleanuk/api/cinema/models/Movie.java | 77 +++++++++++++++ .../api/cinema/models/Screening.java | 66 +++++++++++++ .../response/CustomerListResponse.java | 8 ++ .../payload/response/CustomerResponse.java | 6 ++ .../payload/response/ErrorResponse.java | 19 ++++ .../payload/response/MovieListResponse.java | 8 ++ .../payload/response/MovieResponse.java | 6 ++ .../api/cinema/payload/response/Response.java | 15 +++ .../response/ScreeningListResponse.java | 8 ++ .../payload/response/ScreeningResponse.java | 6 ++ .../repositories/CustomerRepository.java | 7 ++ .../cinema/repositories/MovieRepository.java | 8 ++ .../repositories/ScreeningRepository.java | 7 ++ src/main/resources/application.yml.example | 23 ----- 22 files changed, 576 insertions(+), 38 deletions(-) delete mode 100644 src/main/java/com/booleanuk/api/cinema/.gitkeep create mode 100644 src/main/java/com/booleanuk/api/cinema/Main.java create mode 100644 src/main/java/com/booleanuk/api/cinema/controllers/CustomerController.java create mode 100644 src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java create mode 100644 src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java create mode 100644 src/main/java/com/booleanuk/api/cinema/models/Customer.java create mode 100644 src/main/java/com/booleanuk/api/cinema/models/Movie.java create mode 100644 src/main/java/com/booleanuk/api/cinema/models/Screening.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/CustomerListResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/CustomerResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/ErrorResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/MovieListResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/MovieResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/Response.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningListResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/repositories/CustomerRepository.java create mode 100644 src/main/java/com/booleanuk/api/cinema/repositories/MovieRepository.java create mode 100644 src/main/java/com/booleanuk/api/cinema/repositories/ScreeningRepository.java delete mode 100644 src/main/resources/application.yml.example diff --git a/.gitignore b/.gitignore index dc01f204..4d6c7236 100644 --- a/.gitignore +++ b/.gitignore @@ -36,3 +36,5 @@ out/ ### VS Code ### .vscode/ + +application.yml diff --git a/build.gradle b/build.gradle index 3d7f7607..4678cd8c 100644 --- a/build.gradle +++ b/build.gradle @@ -1,31 +1,40 @@ plugins { - id 'java' - id 'org.springframework.boot' version '3.3.1' - id 'io.spring.dependency-management' version '1.1.5' + id 'java' + id 'org.springframework.boot' version '3.5.4' + id 'io.spring.dependency-management' version '1.1.7' } group = 'com.booleanuk' version = '0.0.1-SNAPSHOT' +description = 'Employees and Departments example' java { - toolchain { - languageVersion = JavaLanguageVersion.of(21) - } + toolchain { + languageVersion = JavaLanguageVersion.of(21) + } +} + +configurations { + compileOnly { + extendsFrom annotationProcessor + } } repositories { - mavenCentral() + mavenCentral() } dependencies { - implementation 'org.springframework.boot:spring-boot-starter-data-jpa' - implementation 'org.springframework.boot:spring-boot-starter-web' - developmentOnly 'org.springframework.boot:spring-boot-devtools' - runtimeOnly 'org.postgresql:postgresql' - testImplementation 'org.springframework.boot:spring-boot-starter-test' - testRuntimeOnly 'org.junit.platform:junit-platform-launcher' + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + implementation 'org.springframework.boot:spring-boot-starter-web' + compileOnly 'org.projectlombok:lombok' + developmentOnly 'org.springframework.boot:spring-boot-devtools' + runtimeOnly 'org.postgresql:postgresql' + annotationProcessor 'org.projectlombok:lombok' + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testRuntimeOnly 'org.junit.platform:junit-platform-launcher' } tasks.named('test') { - useJUnitPlatform() -} \ No newline at end of file + useJUnitPlatform() +} diff --git a/src/main/java/com/booleanuk/api/cinema/.gitkeep b/src/main/java/com/booleanuk/api/cinema/.gitkeep deleted file mode 100644 index e69de29b..00000000 diff --git a/src/main/java/com/booleanuk/api/cinema/Main.java b/src/main/java/com/booleanuk/api/cinema/Main.java new file mode 100644 index 00000000..c4fb60ea --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/Main.java @@ -0,0 +1,11 @@ +package com.booleanuk.api.cinema; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; + +@SpringBootApplication +public class Main { + public static void main(String[] args) { + SpringApplication.run(Main.class, args); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/CustomerController.java b/src/main/java/com/booleanuk/api/cinema/controllers/CustomerController.java new file mode 100644 index 00000000..4569abf0 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/CustomerController.java @@ -0,0 +1,89 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Customer; +import com.booleanuk.api.cinema.payload.response.CustomerListResponse; +import com.booleanuk.api.cinema.payload.response.CustomerResponse; +import com.booleanuk.api.cinema.payload.response.ErrorResponse; +import com.booleanuk.api.cinema.payload.response.Response; +import com.booleanuk.api.cinema.repositories.CustomerRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +import java.time.OffsetDateTime; + +@RestController +@RequestMapping("customers") +public class CustomerController { + + @Autowired + private CustomerRepository customerRepository; + + @GetMapping + public ResponseEntity getAllCustomers() { + CustomerListResponse customerListResponse = new CustomerListResponse(); + customerListResponse.set(this.customerRepository.findAll()); + return ResponseEntity.ok(customerListResponse); + } + + @PostMapping + public ResponseEntity> createCustomer(@RequestBody Customer customer) { + CustomerResponse customerResponse = new CustomerResponse(); + try { + customerResponse.set(this.customerRepository.save(customer)); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + return new ResponseEntity<>(customerResponse, HttpStatus.CREATED); + } + + @PutMapping("/{id}") + public ResponseEntity> updateCustomer (@PathVariable int id, @RequestBody Customer customer) { + Customer customerToUpdate = this.customerRepository.findById(id).orElse(null); + if (customerToUpdate == null) { + ErrorResponse error = new ErrorResponse(); + error.set("No customer with that ID found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + + if (customer.getName() == null && customer.getEmail() == null && customer.getPhone() == null) { + ErrorResponse error = new ErrorResponse(); + error.set("Could not update the customer, please check all fields are correct"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + + if (customer.getName() != null){ + customerToUpdate.setName(customer.getName()); + } + if(customer.getEmail() != null) { + customerToUpdate.setEmail(customer.getEmail()); + } + if(customer.getPhone() != null) { + customerToUpdate.setPhone(customer.getPhone()); + } + customerToUpdate.setUpdatedAt(OffsetDateTime.now()); + + CustomerResponse customerResponse = new CustomerResponse(); + customerResponse.set(this.customerRepository.save(customerToUpdate)); + return new ResponseEntity<>(customerResponse, HttpStatus.CREATED); + } + + + @DeleteMapping("/{id}") + public ResponseEntity> deleteCustomer(@PathVariable int id) { + Customer customerToDelete = this.customerRepository.findById(id).orElse(null); + if (customerToDelete == null) { + ErrorResponse error = new ErrorResponse(); + error.set("No customer with that ID found to delete"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + + this.customerRepository.delete(customerToDelete); + CustomerResponse customerResponse = new CustomerResponse(); + customerResponse.set(customerToDelete); + return new ResponseEntity<>(customerResponse, HttpStatus.CREATED); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java new file mode 100644 index 00000000..8c35d464 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java @@ -0,0 +1,93 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Movie; +import com.booleanuk.api.cinema.payload.response.*; +import com.booleanuk.api.cinema.repositories.MovieRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +import java.time.OffsetDateTime; + +@RestController +@RequestMapping("movies") +public class MovieController { + + @Autowired + private MovieRepository movieRepository; + + + @GetMapping + public ResponseEntity getAllMovies() { + MovieListResponse movieListResponse = new MovieListResponse(); + movieListResponse.set(this.movieRepository.findAll()); + return ResponseEntity.ok(movieListResponse); + } + + @PostMapping + public ResponseEntity> createMovie(@RequestBody Movie movie) { + MovieResponse movieResponse = new MovieResponse(); + try { + movieResponse.set(this.movieRepository.save(movie)); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + return new ResponseEntity<>(movieResponse, HttpStatus.CREATED); + } + + + @PutMapping("/{id}") + public ResponseEntity> updateMovie (@PathVariable int id, @RequestBody Movie movie) { + Movie movieToUpdate = this.movieRepository.findById(id).orElse(null); + if (movieToUpdate == null) { + ErrorResponse error = new ErrorResponse(); + error.set("No movie with that ID found"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + + if (movie.getTitle() == null && movie.getRating() == null && movie.getDescription() == null) { + ErrorResponse error = new ErrorResponse(); + error.set("Could not update the movie, please check all fields are correct"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + + if (movie.getTitle() != null){ + movieToUpdate.setTitle(movie.getTitle()); + } + if(movie.getRating() != null) { + movieToUpdate.setRating(movie.getRating()); + } + if(movie.getDescription() != null) { + movieToUpdate.setDescription(movie.getDescription()); + } + + if (movie.getRuntimeMins() > 0) { + movieToUpdate.setRuntimeMins(movie.getRuntimeMins()); + } + + movieToUpdate.setUpdatedAt(OffsetDateTime.now()); + + MovieResponse movieResponse = new MovieResponse(); + movieResponse.set(this.movieRepository.save(movieToUpdate)); + return new ResponseEntity<>(movieResponse, HttpStatus.CREATED); + } + + @DeleteMapping("/{id}") + public ResponseEntity> deleteMovie(@PathVariable int id) { + Movie movieToDelete = this.movieRepository.findById(id).orElse(null); + if (movieToDelete == null) { + ErrorResponse error = new ErrorResponse(); + error.set("No movie with that ID found to delete"); + return new ResponseEntity<>(error, HttpStatus.NOT_FOUND); + } + + this.movieRepository.delete(movieToDelete); + MovieResponse movieResponse = new MovieResponse(); + movieResponse.set(movieToDelete); + return new ResponseEntity<>(movieResponse, HttpStatus.CREATED); + } + +} diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java b/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java new file mode 100644 index 00000000..50d47eca --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java @@ -0,0 +1,53 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Movie; +import com.booleanuk.api.cinema.models.Screening; +import com.booleanuk.api.cinema.payload.response.ErrorResponse; +import com.booleanuk.api.cinema.payload.response.Response; +import com.booleanuk.api.cinema.payload.response.ScreeningListResponse; +import com.booleanuk.api.cinema.payload.response.ScreeningResponse; +import com.booleanuk.api.cinema.repositories.MovieRepository; +import com.booleanuk.api.cinema.repositories.ScreeningRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; +import org.springframework.web.server.ResponseStatusException; + + +@RestController +@RequestMapping("movies/{id}/screenings") +public class ScreeningController { + + @Autowired + private ScreeningRepository screeningRepository; + + @Autowired + private MovieRepository movieRepository; + + @GetMapping + public ResponseEntity getAllScreenings() { + ScreeningListResponse screeningListResponse = new ScreeningListResponse(); + screeningListResponse.set(this.screeningRepository.findAll()); + return ResponseEntity.ok(screeningListResponse); + } + + @PostMapping + public ResponseEntity> createScreening(@PathVariable int id, @RequestBody Screening screening) { + ScreeningResponse screeningResponse = new ScreeningResponse(); + Movie movie = this.movieRepository.findById(id).orElseThrow( + () -> new ResponseStatusException(HttpStatus.NOT_FOUND, "No movie with that id were found")); + screening.setMovie(movie); + try { + screeningResponse.set(this.screeningRepository.save(screening)); + movie.addScreening(screening); + screening.setMovie(movie); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + return new ResponseEntity<>(screeningResponse, HttpStatus.CREATED); + } + +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Customer.java b/src/main/java/com/booleanuk/api/cinema/models/Customer.java new file mode 100644 index 00000000..21dadf93 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Customer.java @@ -0,0 +1,63 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import jakarta.persistence.*; + +import lombok.Data; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +import java.time.OffsetDateTime; + + +@NoArgsConstructor +@Getter +@Setter +@Data +@Entity +@Table(name = "customers", + uniqueConstraints = { + @UniqueConstraint(columnNames = "email"), @UniqueConstraint(columnNames = "phone" ) + }) + +public class Customer { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column + private String name; + + @Column + private String email; + + @Column + private String phone; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + public Customer(String name, String email, String phone) { + this.name = name; + this.email = email; + this.phone = phone; + } + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Movie.java b/src/main/java/com/booleanuk/api/cinema/models/Movie.java new file mode 100644 index 00000000..d95dad0a --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Movie.java @@ -0,0 +1,77 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonIncludeProperties; +import jakarta.persistence.*; +import lombok.Data; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +import java.time.OffsetDateTime; +import java.util.List; + +@NoArgsConstructor +@Data +@Getter +@Setter +@Entity +@Table(name = "movies") +public class Movie { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column(nullable = false) + private String title; + + @Column + private String rating; + + @Column + private String description; + + @Column + private int runtimeMins; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + @JsonIgnore + @OneToMany(mappedBy = "movie", fetch = FetchType.LAZY) + //@JsonIncludeProperties (value = {"screenNumber", "capacity", "startsAt"}) + private List screenings; + + public Movie(String title, String rating, String description, int runtimeMins, List screenings) { + this.title = title; + this.rating = rating; + this.description = description; + this.runtimeMins = runtimeMins; + this.screenings = screenings; + } + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } + + public void addScreening(Screening screening){ + this.screenings.add(screening); + } + + + +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Screening.java b/src/main/java/com/booleanuk/api/cinema/models/Screening.java new file mode 100644 index 00000000..9cfe090c --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Screening.java @@ -0,0 +1,66 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnore; +import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import jakarta.persistence.*; +import lombok.Data; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +import java.time.OffsetDateTime; + +@NoArgsConstructor +@Data +@Getter +@Setter +@Entity +@Table(name = "screenings") +public class Screening { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column + private int screenNumber; + + @Column + private int capacity; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime startsAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + @ManyToOne + @JoinColumn(name = "movie_id", nullable = false) + @JsonIgnore + private Movie movie; + + public Screening(int screenNumber, int capacity, String startsAt) { + this.screenNumber = screenNumber; + this.capacity = capacity; + this.startsAt = OffsetDateTime.parse(startsAt) ; + } + + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerListResponse.java new file mode 100644 index 00000000..8892a8cf --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Customer; + +import java.util.List; + +public class CustomerListResponse extends Response> { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerResponse.java new file mode 100644 index 00000000..bb8bc970 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/CustomerResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Customer; + +public class CustomerResponse extends Response { +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/ErrorResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/ErrorResponse.java new file mode 100644 index 00000000..90029965 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/ErrorResponse.java @@ -0,0 +1,19 @@ +package com.booleanuk.api.cinema.payload.response; + +import lombok.Getter; +import lombok.NoArgsConstructor; + +import java.util.HashMap; +import java.util.Map; + +@Getter +@NoArgsConstructor +public class ErrorResponse extends Response> { + public void set(String message) { + this.status = "error"; + + Map reply = new HashMap<>(); + reply.put("message", message); + this.data = reply; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/MovieListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieListResponse.java new file mode 100644 index 00000000..b1e2172e --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Movie; + +import java.util.List; + +public class MovieListResponse extends Response>{ +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/MovieResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieResponse.java new file mode 100644 index 00000000..6893c68a --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/MovieResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Movie; + +public class MovieResponse extends Response{ +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/Response.java b/src/main/java/com/booleanuk/api/cinema/payload/response/Response.java new file mode 100644 index 00000000..745f3625 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/Response.java @@ -0,0 +1,15 @@ +package com.booleanuk.api.cinema.payload.response; + + +import lombok.Getter; + +@Getter +public class Response { + protected String status; + protected T data; + + public void set(T data) { + this.status = "success"; + this.data = data; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningListResponse.java new file mode 100644 index 00000000..0c659731 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Screening; + +import java.util.List; + +public class ScreeningListResponse extends Response>{ +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningResponse.java new file mode 100644 index 00000000..7a25d718 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/ScreeningResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Screening; + +public class ScreeningResponse extends Response{ +} diff --git a/src/main/java/com/booleanuk/api/cinema/repositories/CustomerRepository.java b/src/main/java/com/booleanuk/api/cinema/repositories/CustomerRepository.java new file mode 100644 index 00000000..5caab27f --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repositories/CustomerRepository.java @@ -0,0 +1,7 @@ +package com.booleanuk.api.cinema.repositories; + +import com.booleanuk.api.cinema.models.Customer; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface CustomerRepository extends JpaRepository { +} \ No newline at end of file diff --git a/src/main/java/com/booleanuk/api/cinema/repositories/MovieRepository.java b/src/main/java/com/booleanuk/api/cinema/repositories/MovieRepository.java new file mode 100644 index 00000000..821a63be --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repositories/MovieRepository.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.repositories; + +import org.springframework.data.jpa.repository.JpaRepository; +import com.booleanuk.api.cinema.models.Movie; + + +public interface MovieRepository extends JpaRepository { +} diff --git a/src/main/java/com/booleanuk/api/cinema/repositories/ScreeningRepository.java b/src/main/java/com/booleanuk/api/cinema/repositories/ScreeningRepository.java new file mode 100644 index 00000000..e22648bc --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repositories/ScreeningRepository.java @@ -0,0 +1,7 @@ +package com.booleanuk.api.cinema.repositories; + +import com.booleanuk.api.cinema.models.Screening; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface ScreeningRepository extends JpaRepository { +} diff --git a/src/main/resources/application.yml.example b/src/main/resources/application.yml.example deleted file mode 100644 index 275ec30f..00000000 --- a/src/main/resources/application.yml.example +++ /dev/null @@ -1,23 +0,0 @@ -server: - port: 4000 - error: - include-message: always - include-binding-errors: always - include-stacktrace: never - include-exception: false - -spring: - datasource: - url: jdbc:postgresql://DATABASE_URL:5432/DATABASE_NAME - username: DATABASE_USERNAME - password: DATABASE_PASSWORD - max-active: 3 - max-idle: 3 - jpa: - hibernate: - ddl-auto: update - properties: - hibernate: - dialect: org.hibernate.dialect.PostgreSQLDialect - format_sql: true - show-sql: true From c762b7715501eeb52a802047e0fc541eacba6f54 Mon Sep 17 00:00:00 2001 From: Linda Do Date: Fri, 22 Aug 2025 10:48:02 +0200 Subject: [PATCH 2/6] extension --- .../controllers/ScreeningController.java | 4 +- .../cinema/controllers/TicketController.java | 76 +++++++++++++++++++ .../booleanuk/api/cinema/models/Customer.java | 10 +++ .../booleanuk/api/cinema/models/Movie.java | 2 - .../api/cinema/models/Screening.java | 10 +++ .../booleanuk/api/cinema/models/Ticket.java | 60 +++++++++++++++ .../payload/response/TicketListResponse.java | 8 ++ .../payload/response/TicketResponse.java | 6 ++ .../cinema/repositories/TicketRepository.java | 7 ++ 9 files changed, 179 insertions(+), 4 deletions(-) create mode 100644 src/main/java/com/booleanuk/api/cinema/controllers/TicketController.java create mode 100644 src/main/java/com/booleanuk/api/cinema/models/Ticket.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/TicketListResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/TicketResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/repositories/TicketRepository.java diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java b/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java index 50d47eca..c9496aa5 100644 --- a/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java +++ b/src/main/java/com/booleanuk/api/cinema/controllers/ScreeningController.java @@ -34,14 +34,14 @@ public ResponseEntity getAllScreenings() { @PostMapping public ResponseEntity> createScreening(@PathVariable int id, @RequestBody Screening screening) { - ScreeningResponse screeningResponse = new ScreeningResponse(); Movie movie = this.movieRepository.findById(id).orElseThrow( () -> new ResponseStatusException(HttpStatus.NOT_FOUND, "No movie with that id were found")); screening.setMovie(movie); + + ScreeningResponse screeningResponse = new ScreeningResponse(); try { screeningResponse.set(this.screeningRepository.save(screening)); movie.addScreening(screening); - screening.setMovie(movie); } catch (Exception e) { ErrorResponse error = new ErrorResponse(); error.set("Bad request"); diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/TicketController.java b/src/main/java/com/booleanuk/api/cinema/controllers/TicketController.java new file mode 100644 index 00000000..71583788 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/TicketController.java @@ -0,0 +1,76 @@ +package com.booleanuk.api.cinema.controllers; + +import com.booleanuk.api.cinema.models.Customer; +import com.booleanuk.api.cinema.models.Screening; +import com.booleanuk.api.cinema.models.Ticket; +import com.booleanuk.api.cinema.payload.response.*; +import com.booleanuk.api.cinema.repositories.CustomerRepository; +import com.booleanuk.api.cinema.repositories.ScreeningRepository; +import com.booleanuk.api.cinema.repositories.TicketRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; +import org.springframework.web.server.ResponseStatusException; + +import java.util.ArrayList; +import java.util.List; + +@RestController +@RequestMapping("customers/{customerId}/screenings/{screeningId}") +public class TicketController { + + @Autowired + private TicketRepository ticketRepository; + + @Autowired + private CustomerRepository customerRepository; + + @Autowired + private ScreeningRepository screeningRepository; + + @GetMapping + public ResponseEntity getAllTickets(@PathVariable int customerId, @PathVariable int screeningId){ + Customer customer = this.customerRepository.findById(customerId).orElseThrow( + () -> new ResponseStatusException(HttpStatus.NOT_FOUND, "No customer with that id were found")); + + Screening screening = this.screeningRepository.findById(screeningId).orElseThrow( + () -> new ResponseStatusException(HttpStatus.NOT_FOUND, "No screening with that id were found")); + + List customerTickets = new ArrayList<>(); + + for (Ticket ticket: this.ticketRepository.findAll()){ + if(ticket.getCustomer() == customer && ticket.getScreening() == screening){ + customerTickets.add(ticket); + } + } + TicketListResponse ticketListResponse = new TicketListResponse(); + ticketListResponse.set(customerTickets); + return ResponseEntity.ok(ticketListResponse); + } + + + @PostMapping + public ResponseEntity> createTicket(@PathVariable int customerId, @PathVariable int screeningId, @RequestBody Ticket ticket) { + Customer customer = customerRepository.findById(customerId).orElseThrow( + () -> new ResponseStatusException(HttpStatus.NOT_FOUND, "No customer with that id were found")); + + Screening screening = screeningRepository.findById(screeningId).orElseThrow( + () -> new ResponseStatusException(HttpStatus.NOT_FOUND, "No screening with that id were found")); + + ticket.setCustomer(customer); + ticket.setScreening(screening); + + TicketResponse ticketResponse = new TicketResponse(); + try{ + ticketResponse.set(this.ticketRepository.save(ticket)); + customer.addTicket(ticket); + screening.addTicket(ticket); + } catch (Exception e) { + ErrorResponse error = new ErrorResponse(); + error.set("Bad request"); + return new ResponseEntity<>(error, HttpStatus.BAD_REQUEST); + } + return new ResponseEntity<>(ticketResponse, HttpStatus.CREATED); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Customer.java b/src/main/java/com/booleanuk/api/cinema/models/Customer.java index 21dadf93..f8afc524 100644 --- a/src/main/java/com/booleanuk/api/cinema/models/Customer.java +++ b/src/main/java/com/booleanuk/api/cinema/models/Customer.java @@ -1,6 +1,7 @@ package com.booleanuk.api.cinema.models; import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnore; import jakarta.persistence.*; import lombok.Data; @@ -9,6 +10,7 @@ import lombok.Setter; import java.time.OffsetDateTime; +import java.util.List; @NoArgsConstructor @@ -44,6 +46,10 @@ public class Customer { @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") private OffsetDateTime updatedAt; + @JsonIgnore + @OneToMany(mappedBy = "customer", fetch = FetchType.LAZY) + private List tickets; + public Customer(String name, String email, String phone) { this.name = name; this.email = email; @@ -60,4 +66,8 @@ protected void onCreate() { protected void onUpdate() { this.updatedAt = OffsetDateTime.now(); } + + public void addTicket(Ticket ticket) { + this.tickets.add(ticket); + } } diff --git a/src/main/java/com/booleanuk/api/cinema/models/Movie.java b/src/main/java/com/booleanuk/api/cinema/models/Movie.java index d95dad0a..1fd8f618 100644 --- a/src/main/java/com/booleanuk/api/cinema/models/Movie.java +++ b/src/main/java/com/booleanuk/api/cinema/models/Movie.java @@ -2,8 +2,6 @@ import com.fasterxml.jackson.annotation.JsonFormat; import com.fasterxml.jackson.annotation.JsonIgnore; -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonIncludeProperties; import jakarta.persistence.*; import lombok.Data; import lombok.Getter; diff --git a/src/main/java/com/booleanuk/api/cinema/models/Screening.java b/src/main/java/com/booleanuk/api/cinema/models/Screening.java index 9cfe090c..f3c8c1ff 100644 --- a/src/main/java/com/booleanuk/api/cinema/models/Screening.java +++ b/src/main/java/com/booleanuk/api/cinema/models/Screening.java @@ -3,6 +3,7 @@ import com.fasterxml.jackson.annotation.JsonFormat; import com.fasterxml.jackson.annotation.JsonIgnore; import com.fasterxml.jackson.annotation.JsonIgnoreProperties; +import com.fasterxml.jackson.annotation.JsonIncludeProperties; import jakarta.persistence.*; import lombok.Data; import lombok.Getter; @@ -10,6 +11,7 @@ import lombok.Setter; import java.time.OffsetDateTime; +import java.util.List; @NoArgsConstructor @Data @@ -46,6 +48,10 @@ public class Screening { @JsonIgnore private Movie movie; + @JsonIgnore + @OneToMany(mappedBy = "screening", fetch = FetchType.LAZY) + private List tickets; + public Screening(int screenNumber, int capacity, String startsAt) { this.screenNumber = screenNumber; this.capacity = capacity; @@ -63,4 +69,8 @@ protected void onCreate() { protected void onUpdate() { this.updatedAt = OffsetDateTime.now(); } + + public void addTicket(Ticket ticket) { + this.tickets.add(ticket); + } } diff --git a/src/main/java/com/booleanuk/api/cinema/models/Ticket.java b/src/main/java/com/booleanuk/api/cinema/models/Ticket.java new file mode 100644 index 00000000..477b464d --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Ticket.java @@ -0,0 +1,60 @@ +package com.booleanuk.api.cinema.models; + +import com.fasterxml.jackson.annotation.JsonFormat; +import com.fasterxml.jackson.annotation.JsonIgnore; +import jakarta.persistence.*; +import lombok.Data; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +import java.time.OffsetDateTime; + +@NoArgsConstructor +@Data +@Getter +@Setter +@Entity +@Table(name = "tickets") +public class Ticket { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Column + private int numSeats; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime createdAt; + + @Column + @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ssXXX") + private OffsetDateTime updatedAt; + + @ManyToOne + @JoinColumn(name = "customer_id", nullable = false) + @JsonIgnore + private Customer customer; + + @ManyToOne + @JoinColumn(name = "screening_id", nullable = false) + @JsonIgnore + private Screening screening; + + public Ticket(int numSeats) { + this.numSeats = numSeats; + } + + @PrePersist + protected void onCreate() { + this.createdAt = OffsetDateTime.now(); + this.updatedAt = OffsetDateTime.now(); + } + + @PreUpdate + protected void onUpdate() { + this.updatedAt = OffsetDateTime.now(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/TicketListResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketListResponse.java new file mode 100644 index 00000000..56b24bbb --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketListResponse.java @@ -0,0 +1,8 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Ticket; + +import java.util.List; + +public class TicketListResponse extends Response>{ +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/TicketResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketResponse.java new file mode 100644 index 00000000..b86bd96f --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/TicketResponse.java @@ -0,0 +1,6 @@ +package com.booleanuk.api.cinema.payload.response; + +import com.booleanuk.api.cinema.models.Ticket; + +public class TicketResponse extends Response{ +} diff --git a/src/main/java/com/booleanuk/api/cinema/repositories/TicketRepository.java b/src/main/java/com/booleanuk/api/cinema/repositories/TicketRepository.java new file mode 100644 index 00000000..b214e16a --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repositories/TicketRepository.java @@ -0,0 +1,7 @@ +package com.booleanuk.api.cinema.repositories; + +import com.booleanuk.api.cinema.models.Ticket; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface TicketRepository extends JpaRepository { +} From bb8832f2155e609606d3a741729ba93053f75c44 Mon Sep 17 00:00:00 2001 From: Linda Do Date: Fri, 22 Aug 2025 11:27:18 +0200 Subject: [PATCH 3/6] security --- build.gradle | 14 ++- .../cinema/controllers/AuthController.java | 102 ++++++++++++++++++ .../cinema/controllers/MovieController.java | 2 +- .../booleanuk/api/cinema/models/ERole.java | 7 ++ .../com/booleanuk/api/cinema/models/Role.java | 23 ++++ .../com/booleanuk/api/cinema/models/User.java | 49 +++++++++ .../cinema/payload/request/LoginRequest.java | 15 +++ .../cinema/payload/request/SignupRequest.java | 29 +++++ .../cinema/payload/response/JwtResponse.java | 25 +++++ .../payload/response/MessageResponse.java | 14 +++ .../cinema/repositories/RoleRepository.java | 11 ++ .../cinema/repositories/UserRepository.java | 15 +++ .../cinema/security/WebSecurityConfig.java | 72 +++++++++++++ .../security/jwt/AuthEntryPointJwt.java | 24 +++++ .../cinema/security/jwt/AuthTokenFilter.java | 54 ++++++++++ .../api/cinema/security/jwt/JwtUtils.java | 63 +++++++++++ .../security/services/UserDetailsImpl.java | 59 ++++++++++ .../services/UserDetailsServiceImpl.java | 26 +++++ 18 files changed, 601 insertions(+), 3 deletions(-) create mode 100644 src/main/java/com/booleanuk/api/cinema/controllers/AuthController.java create mode 100644 src/main/java/com/booleanuk/api/cinema/models/ERole.java create mode 100644 src/main/java/com/booleanuk/api/cinema/models/Role.java create mode 100644 src/main/java/com/booleanuk/api/cinema/models/User.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/request/LoginRequest.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/request/SignupRequest.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/JwtResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/payload/response/MessageResponse.java create mode 100644 src/main/java/com/booleanuk/api/cinema/repositories/RoleRepository.java create mode 100644 src/main/java/com/booleanuk/api/cinema/repositories/UserRepository.java create mode 100644 src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java create mode 100644 src/main/java/com/booleanuk/api/cinema/security/jwt/AuthEntryPointJwt.java create mode 100644 src/main/java/com/booleanuk/api/cinema/security/jwt/AuthTokenFilter.java create mode 100644 src/main/java/com/booleanuk/api/cinema/security/jwt/JwtUtils.java create mode 100644 src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsImpl.java create mode 100644 src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsServiceImpl.java diff --git a/build.gradle b/build.gradle index 4678cd8c..810781a9 100644 --- a/build.gradle +++ b/build.gradle @@ -6,7 +6,6 @@ plugins { group = 'com.booleanuk' version = '0.0.1-SNAPSHOT' -description = 'Employees and Departments example' java { toolchain { @@ -26,13 +25,24 @@ repositories { dependencies { implementation 'org.springframework.boot:spring-boot-starter-data-jpa' + implementation 'org.springframework.boot:spring-boot-starter-security' implementation 'org.springframework.boot:spring-boot-starter-web' + implementation 'io.jsonwebtoken:jjwt-api:0.12.7' + implementation 'io.jsonwebtoken:jjwt-impl:0.12.7' + runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.12.7' + compileOnly 'org.projectlombok:lombok' developmentOnly 'org.springframework.boot:spring-boot-devtools' runtimeOnly 'org.postgresql:postgresql' annotationProcessor 'org.projectlombok:lombok' testImplementation 'org.springframework.boot:spring-boot-starter-test' - testRuntimeOnly 'org.junit.platform:junit-platform-launcher' + testImplementation 'org.springframework.security:spring-security-test' + + implementation 'jakarta.validation:jakarta.validation-api:3.1.1' +} + +tasks.named('bootBuildImage') { + builder = 'paketobuildpacks/builder-jammy-base:latest' } tasks.named('test') { diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/AuthController.java b/src/main/java/com/booleanuk/api/cinema/controllers/AuthController.java new file mode 100644 index 00000000..9708c7bd --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/controllers/AuthController.java @@ -0,0 +1,102 @@ +package com.booleanuk.api.cinema.controllers; + + +import com.booleanuk.api.cinema.models.ERole; +import com.booleanuk.api.cinema.models.Role; +import com.booleanuk.api.cinema.models.User; +import com.booleanuk.api.cinema.payload.request.LoginRequest; +import com.booleanuk.api.cinema.payload.request.SignupRequest; +import com.booleanuk.api.cinema.payload.response.JwtResponse; +import com.booleanuk.api.cinema.payload.response.MessageResponse; +import com.booleanuk.api.cinema.repositories.RoleRepository; +import com.booleanuk.api.cinema.repositories.UserRepository; +import com.booleanuk.api.cinema.security.jwt.JwtUtils; +import com.booleanuk.api.cinema.security.services.UserDetailsImpl; +import jakarta.validation.Valid; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.ResponseEntity; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.web.bind.annotation.*; + +import java.util.HashSet; +import java.util.List; +import java.util.Set; +import java.util.stream.Collectors; + +@CrossOrigin(origins = "*", maxAge = 3600) +@RestController +@RequestMapping("auth") +public class AuthController { + @Autowired + AuthenticationManager authenticationManager; + + @Autowired + UserRepository userRepository; + + @Autowired + RoleRepository roleRepository; + + @Autowired + PasswordEncoder encoder; + + @Autowired + JwtUtils jwtUtils; + + @PostMapping("/signin") + public ResponseEntity authenticateUser(@Valid @RequestBody LoginRequest loginRequest) { + // If using a salt for password use it here + Authentication authentication = authenticationManager + .authenticate(new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword())); + SecurityContextHolder.getContext().setAuthentication(authentication); + String jwt = jwtUtils.generateJwtToken(authentication); + + UserDetailsImpl userDetails = (UserDetailsImpl) authentication.getPrincipal(); + List roles = userDetails.getAuthorities().stream().map((item) -> item.getAuthority()) + .collect(Collectors.toList()); + return ResponseEntity + .ok(new JwtResponse(jwt, userDetails.getId(), userDetails.getUsername(), userDetails.getEmail(), roles)); + } + + @PostMapping("/signup") + public ResponseEntity registerUser(@Valid @RequestBody SignupRequest signupRequest) { + if (userRepository.existsByUsername(signupRequest.getUsername())) { + return ResponseEntity.badRequest().body(new MessageResponse("Error: Username is already taken")); + } + if (userRepository.existsByEmail(signupRequest.getEmail())) { + return ResponseEntity.badRequest().body(new MessageResponse("Error: Email is already in use!")); + } + // Create a new user add salt here if using one + User user = new User(signupRequest.getUsername(), signupRequest.getEmail(), encoder.encode(signupRequest.getPassword())); + Set strRoles = signupRequest.getRole(); + Set roles = new HashSet<>(); + + if (strRoles == null) { + Role userRole = roleRepository.findByName(ERole.ROLE_CUSTOMER).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(userRole); + } else { + strRoles.forEach((role) -> { + switch (role) { + case "admin": + Role adminRole = roleRepository.findByName(ERole.ROLE_ADMIN).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(adminRole); + break; + case "ticketseller": + Role modRole = roleRepository.findByName(ERole.ROLE_TICKETSELLER).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(modRole); + break; + default: + Role userRole = roleRepository.findByName(ERole.ROLE_CUSTOMER).orElseThrow(() -> new RuntimeException("Error: Role is not found")); + roles.add(userRole); + break; + } + }); + } + user.setRoles(roles); + userRepository.save(user); + return ResponseEntity.ok((new MessageResponse("User registered successfully"))); + } +} \ No newline at end of file diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java index 8c35d464..011be170 100644 --- a/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java +++ b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java @@ -3,6 +3,7 @@ import com.booleanuk.api.cinema.models.Movie; import com.booleanuk.api.cinema.payload.response.*; import com.booleanuk.api.cinema.repositories.MovieRepository; +import com.booleanuk.api.cinema.repositories.ScreeningRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -17,7 +18,6 @@ public class MovieController { @Autowired private MovieRepository movieRepository; - @GetMapping public ResponseEntity getAllMovies() { MovieListResponse movieListResponse = new MovieListResponse(); diff --git a/src/main/java/com/booleanuk/api/cinema/models/ERole.java b/src/main/java/com/booleanuk/api/cinema/models/ERole.java new file mode 100644 index 00000000..a0ba78b2 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/ERole.java @@ -0,0 +1,7 @@ +package com.booleanuk.api.cinema.models; + +public enum ERole { + ROLE_CUSTOMER, + ROLE_ADMIN, + ROLE_TICKETSELLER +} diff --git a/src/main/java/com/booleanuk/api/cinema/models/Role.java b/src/main/java/com/booleanuk/api/cinema/models/Role.java new file mode 100644 index 00000000..a9aaa080 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/Role.java @@ -0,0 +1,23 @@ +package com.booleanuk.api.cinema.models; + +import jakarta.persistence.*; +import lombok.Data; +import lombok.NoArgsConstructor; + +@NoArgsConstructor +@Data +@Entity +@Table(name = "roles") +public class Role { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @Enumerated(EnumType.STRING) + @Column(length = 20) + private ERole name; + + public Role(ERole name) { + this.name = name; + } +} \ No newline at end of file diff --git a/src/main/java/com/booleanuk/api/cinema/models/User.java b/src/main/java/com/booleanuk/api/cinema/models/User.java new file mode 100644 index 00000000..c781bd41 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/models/User.java @@ -0,0 +1,49 @@ +package com.booleanuk.api.cinema.models; + + +import jakarta.persistence.*; +import jakarta.validation.constraints.Email; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.Size; +import lombok.Data; +import lombok.NoArgsConstructor; + +import java.util.HashSet; +import java.util.Set; + +@NoArgsConstructor +@Data +@Entity +@Table(name = "users", + uniqueConstraints = { + @UniqueConstraint(columnNames = "username"), + @UniqueConstraint(columnNames = "email") + }) +public class User { + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + private int id; + + @NotBlank + @Size(max = 20) + private String username; + + @NotBlank + @Size(max = 50) + @Email + private String email; + + @NotBlank + @Size(max = 120) + private String password; + + @ManyToMany(fetch = FetchType.LAZY) + @JoinTable(name = "user_roles", joinColumns = @JoinColumn(name = "user_id"), inverseJoinColumns = @JoinColumn(name = "role_id")) + private Set roles = new HashSet<>(); + + public User(String username, String email, String password) { + this.username = username; + this.email = email; + this.password = password; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/request/LoginRequest.java b/src/main/java/com/booleanuk/api/cinema/payload/request/LoginRequest.java new file mode 100644 index 00000000..c16393fe --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/request/LoginRequest.java @@ -0,0 +1,15 @@ +package com.booleanuk.api.cinema.payload.request; + +import jakarta.validation.constraints.NotBlank; +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class LoginRequest { + @NotBlank + private String username; + + @NotBlank + private String password; +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/request/SignupRequest.java b/src/main/java/com/booleanuk/api/cinema/payload/request/SignupRequest.java new file mode 100644 index 00000000..f9f4d5d3 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/request/SignupRequest.java @@ -0,0 +1,29 @@ +package com.booleanuk.api.cinema.payload.request; + +import jakarta.validation.constraints.Email; +import jakarta.validation.constraints.NotBlank; +import jakarta.validation.constraints.Size; +import lombok.Getter; +import lombok.Setter; + +import java.util.Set; + +@Getter +@Setter +public class SignupRequest { + @NotBlank + @Size(min = 3, max = 20) + private String username; + + @NotBlank + @Size(max = 50) + @Email + private String email; + + private Set role; + + @NotBlank + @Size(min = 6, max = 40) + private String password; + +} diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/JwtResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/JwtResponse.java new file mode 100644 index 00000000..ff6d7bb8 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/JwtResponse.java @@ -0,0 +1,25 @@ +package com.booleanuk.api.cinema.payload.response; + + +import lombok.Getter; +import lombok.Setter; +import java.util.List; + +@Getter +@Setter +public class JwtResponse { + private String token; + private String type = "Bearer"; + private int id; + private String username; + private String email; + private List roles; + + public JwtResponse(String token, int id, String username, String email, List roles) { + this.token = token; + this.id = id; + this.username = username; + this.email = email; + this.roles = roles; + } +} \ No newline at end of file diff --git a/src/main/java/com/booleanuk/api/cinema/payload/response/MessageResponse.java b/src/main/java/com/booleanuk/api/cinema/payload/response/MessageResponse.java new file mode 100644 index 00000000..3e8e6785 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/payload/response/MessageResponse.java @@ -0,0 +1,14 @@ +package com.booleanuk.api.cinema.payload.response; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class MessageResponse { + private String message; + + public MessageResponse(String message) { + this.message = message; + } +} \ No newline at end of file diff --git a/src/main/java/com/booleanuk/api/cinema/repositories/RoleRepository.java b/src/main/java/com/booleanuk/api/cinema/repositories/RoleRepository.java new file mode 100644 index 00000000..f999d480 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repositories/RoleRepository.java @@ -0,0 +1,11 @@ +package com.booleanuk.api.cinema.repositories; + +import com.booleanuk.api.cinema.models.ERole; +import com.booleanuk.api.cinema.models.Role; +import org.springframework.data.jpa.repository.JpaRepository; + +import java.util.Optional; + +public interface RoleRepository extends JpaRepository { + Optional findByName(ERole name); +} diff --git a/src/main/java/com/booleanuk/api/cinema/repositories/UserRepository.java b/src/main/java/com/booleanuk/api/cinema/repositories/UserRepository.java new file mode 100644 index 00000000..4a7a2f15 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/repositories/UserRepository.java @@ -0,0 +1,15 @@ +package com.booleanuk.api.cinema.repositories; + +import com.booleanuk.api.cinema.models.User; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.stereotype.Repository; + +import java.util.Optional; + +@Repository +public interface UserRepository extends JpaRepository { + Optional findByUsername(String username); + + Boolean existsByUsername(String username); + Boolean existsByEmail(String email); +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java new file mode 100644 index 00000000..2130d8e4 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java @@ -0,0 +1,72 @@ +package com.booleanuk.api.cinema.security; + + +import com.booleanuk.api.cinema.security.jwt.AuthEntryPointJwt; +import com.booleanuk.api.cinema.security.jwt.AuthTokenFilter; +import com.booleanuk.api.cinema.security.services.UserDetailsServiceImpl; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; +import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; + +@Configuration +@EnableWebSecurity +public class WebSecurityConfig { + @Autowired + private UserDetailsServiceImpl userDetailsService; + + @Autowired + private AuthEntryPointJwt unauthorizedHandler; + + @Bean + public AuthTokenFilter authenticationJwtTokenFilter() { + return new AuthTokenFilter(); + } + + @Bean + public DaoAuthenticationProvider authenticationProvider() { + DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); + + authProvider.setUserDetailsService(userDetailsService); + authProvider.setPasswordEncoder(passwordEncoder()); + + return authProvider; + } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } + + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { + http + .csrf((csrf) -> csrf.disable()) + .exceptionHandling((exception) -> exception.authenticationEntryPoint(unauthorizedHandler)) + .sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .authorizeHttpRequests((requests) -> requests + .requestMatchers("/auth/**").permitAll() + .requestMatchers("/customers", "/customers/**").authenticated() + .requestMatchers("/movies", "/movies/**").authenticated() + .requestMatchers("/screenings", "/screenings/**").authenticated() + .requestMatchers("/tickets", "/tickets/**").authenticated() + ); + http.authenticationProvider(authenticationProvider()); + http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); + return http.build(); + } + + @Bean + public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception { + return authenticationConfiguration.getAuthenticationManager(); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthEntryPointJwt.java b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthEntryPointJwt.java new file mode 100644 index 00000000..1a5d63c2 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthEntryPointJwt.java @@ -0,0 +1,24 @@ +package com.booleanuk.api.cinema.security.jwt; + +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Component +public class AuthEntryPointJwt implements AuthenticationEntryPoint { + private static final Logger logger = LoggerFactory.getLogger(AuthEntryPointJwt.class); + + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { + logger.error("Unauthorized error: {}", authException.getMessage()); + response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Error: Unauthorized"); + } + +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthTokenFilter.java b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthTokenFilter.java new file mode 100644 index 00000000..192f22c2 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/jwt/AuthTokenFilter.java @@ -0,0 +1,54 @@ +package com.booleanuk.api.cinema.security.jwt; + +import com.booleanuk.api.cinema.security.services.UserDetailsServiceImpl; +import jakarta.servlet.FilterChain; +import jakarta.servlet.ServletException; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +import org.springframework.util.StringUtils; +import org.springframework.web.filter.OncePerRequestFilter; + +import java.io.IOException; + +public class AuthTokenFilter extends OncePerRequestFilter { + @Autowired + private JwtUtils jwtUtils; + + @Autowired + private UserDetailsServiceImpl userDetailsService; + + private static final Logger logger = LoggerFactory.getLogger(AuthTokenFilter.class); + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + try { + String jwt = parseJwt(request); + if (jwt != null && jwtUtils.validateJwtToken(jwt)) { + String username = jwtUtils.getUserNameFromJwtToken(jwt); + UserDetails userDetails = userDetailsService.loadUserByUsername(username); + UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); + authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + SecurityContextHolder.getContext().setAuthentication(authentication); + } + } catch (Exception e) { + logger.error("Cannot set user authentication: {}", e.getMessage()); + } + filterChain.doFilter(request, response); + } + + private String parseJwt(HttpServletRequest request) { + String headerAuth = request.getHeader("Authorization"); + if (StringUtils.hasText(headerAuth) && headerAuth.startsWith("Bearer ")) { + return headerAuth.substring(7); + } + return null; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/jwt/JwtUtils.java b/src/main/java/com/booleanuk/api/cinema/security/jwt/JwtUtils.java new file mode 100644 index 00000000..a780c3d6 --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/jwt/JwtUtils.java @@ -0,0 +1,63 @@ +package com.booleanuk.api.cinema.security.jwt; + +import com.booleanuk.api.cinema.security.services.UserDetailsImpl; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.Jwts; +import io.jsonwebtoken.MalformedJwtException; +import io.jsonwebtoken.UnsupportedJwtException; +import io.jsonwebtoken.io.Decoders; +import io.jsonwebtoken.security.Keys; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.core.Authentication; +import org.springframework.stereotype.Component; + +import javax.crypto.SecretKey; +import java.util.Date; + +@Component +public class JwtUtils { + private static final Logger logger = LoggerFactory.getLogger(JwtUtils.class); + + @Value("${booleanuk.app.jwtSecret}") + private String jwtSecret; + + @Value("${booleanuk.app.jwtExpirationMs}") + private int jwtExpirationMs; + + public String generateJwtToken(Authentication authentication) { + UserDetailsImpl userPrincipal = (UserDetailsImpl) authentication.getPrincipal(); + + return Jwts.builder() + .subject((userPrincipal.getUsername())) + .issuedAt(new Date()) + .expiration(new Date((new Date()).getTime() + this.jwtExpirationMs)) + .signWith(this.key()) + .compact(); + } + + private SecretKey key() { + return Keys.hmacShaKeyFor(Decoders.BASE64.decode(this.jwtSecret)); + } + + public String getUserNameFromJwtToken(String token) { + return Jwts.parser().verifyWith(this.key()).build().parseSignedClaims(token).getPayload().getSubject(); + } + + public boolean validateJwtToken(String authToken) { + try { + Jwts.parser().verifyWith(this.key()).build().parse(authToken); + return true; + } catch (MalformedJwtException e) { + logger.error("Invalid JWT token: {}", e.getMessage()); + } catch (ExpiredJwtException e) { + logger.error("JWT token has expired: {}", e.getMessage()); + } catch (UnsupportedJwtException e) { + logger.error("JWT token is unsupported: {}", e.getMessage()); + } catch (IllegalArgumentException e) { + logger.error("JWT claims string is empty: {}", e.getMessage()); + } + return false; + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsImpl.java b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsImpl.java new file mode 100644 index 00000000..268543bf --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsImpl.java @@ -0,0 +1,59 @@ +package com.booleanuk.api.cinema.security.services; + +import com.booleanuk.api.cinema.models.User; +import com.fasterxml.jackson.annotation.JsonIgnore; +import lombok.Getter; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; + +import java.util.Collection; +import java.util.List; +import java.util.Objects; +import java.util.stream.Collectors; + +@Getter +public class UserDetailsImpl implements UserDetails { + private static final long serialVersionUID = 1L; + + private int id; + private String username; + private String email; + + @JsonIgnore + private String password; + + private Collection authorities; + + public UserDetailsImpl(int id, String username, String email, String password, Collection authorities) { + this.id = id; + this.username = username; + this.email = email; + this.password = password; + this.authorities = authorities; + } + + public static UserDetailsImpl build(User user) { + List authorities = user.getRoles().stream() + .map(role -> new SimpleGrantedAuthority(role.getName().name())) + .collect(Collectors.toList()); + return new UserDetailsImpl( + user.getId(), + user.getUsername(), + user.getEmail(), + user.getPassword(), + authorities); + } + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + if (o == null || getClass() != o.getClass()) { + return false; + } + UserDetailsImpl user = (UserDetailsImpl) o; + return Objects.equals(id, user.id); + } +} diff --git a/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsServiceImpl.java b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsServiceImpl.java new file mode 100644 index 00000000..f445c5eb --- /dev/null +++ b/src/main/java/com/booleanuk/api/cinema/security/services/UserDetailsServiceImpl.java @@ -0,0 +1,26 @@ +package com.booleanuk.api.cinema.security.services; + +import com.booleanuk.api.cinema.models.User; +import com.booleanuk.api.cinema.repositories.UserRepository; +import jakarta.transaction.Transactional; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +@Service +public class UserDetailsServiceImpl implements UserDetailsService { + @Autowired + UserRepository userRepository; + + @Override + @Transactional + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + User user = userRepository.findByUsername(username).orElseThrow( + () -> new UsernameNotFoundException("User not found with username: " + username) + ); + return UserDetailsImpl.build(user); + + } +} From 0d069499c24de92a20cceb646dd4da4a31896044 Mon Sep 17 00:00:00 2001 From: Linda Do Date: Fri, 22 Aug 2025 12:40:24 +0200 Subject: [PATCH 4/6] completed security and extension --- .../api/cinema/controllers/MovieController.java | 1 + .../api/cinema/security/WebSecurityConfig.java | 16 ++++++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java index 011be170..ac8dd284 100644 --- a/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java +++ b/src/main/java/com/booleanuk/api/cinema/controllers/MovieController.java @@ -7,6 +7,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import java.time.OffsetDateTime; diff --git a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java index 2130d8e4..e929a86e 100644 --- a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java +++ b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java @@ -7,6 +7,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; @@ -55,10 +56,17 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) .authorizeHttpRequests((requests) -> requests .requestMatchers("/auth/**").permitAll() - .requestMatchers("/customers", "/customers/**").authenticated() - .requestMatchers("/movies", "/movies/**").authenticated() - .requestMatchers("/screenings", "/screenings/**").authenticated() - .requestMatchers("/tickets", "/tickets/**").authenticated() + .requestMatchers("/customers", "/customers/**").hasAnyRole("ADMIN","TICKETSELLER") + + .requestMatchers(HttpMethod.GET,"/movies").hasAnyRole("CUSTOMER", "ADMIN", "TICKETSELLER") + .requestMatchers(HttpMethod.POST,"/movies").hasRole("ADMIN") + .requestMatchers(HttpMethod.PUT,"/movies").hasRole("ADMIN") + .requestMatchers(HttpMethod.DELETE,"/movies").hasRole("ADMIN") + + .requestMatchers(HttpMethod.GET,"movies/{id}/screenings").hasAnyRole("CUSTOMER", "ADMIN", "TICKETSELLER") + .requestMatchers(HttpMethod.POST,"movies/{id}/screenings").hasRole("ADMIN") + + .requestMatchers("/tickets", "/tickets/**").hasRole("TICKETSELLER") ); http.authenticationProvider(authenticationProvider()); http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); From 2dd639a2e92abcae5cf66fcaab7012659c46b093 Mon Sep 17 00:00:00 2001 From: Linda Do Date: Fri, 22 Aug 2025 14:21:45 +0200 Subject: [PATCH 5/6] fixed role in security --- .../com/booleanuk/api/cinema/security/WebSecurityConfig.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java index e929a86e..8b0bbed1 100644 --- a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java +++ b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java @@ -66,7 +66,10 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers(HttpMethod.GET,"movies/{id}/screenings").hasAnyRole("CUSTOMER", "ADMIN", "TICKETSELLER") .requestMatchers(HttpMethod.POST,"movies/{id}/screenings").hasRole("ADMIN") - .requestMatchers("/tickets", "/tickets/**").hasRole("TICKETSELLER") + .requestMatchers(HttpMethod.GET,"customers/{customerId}/screenings/{screeningId}").hasAnyRole("CUSTOMER", "ADMIN", "TICKETSELLER") + .requestMatchers(HttpMethod.POST,"customers/{customerId}/screenings/{screeningId}").hasAnyRole( "TICKETSELLER") + + ); http.authenticationProvider(authenticationProvider()); http.addFilterBefore(authenticationJwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); From e1b607c150a966066913ed4fc6031fedc35c7aa6 Mon Sep 17 00:00:00 2001 From: Linda Do Date: Fri, 22 Aug 2025 14:22:44 +0200 Subject: [PATCH 6/6] fixed role in security --- .../com/booleanuk/api/cinema/security/WebSecurityConfig.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java index 8b0bbed1..e9cbc94f 100644 --- a/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java +++ b/src/main/java/com/booleanuk/api/cinema/security/WebSecurityConfig.java @@ -66,7 +66,7 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { .requestMatchers(HttpMethod.GET,"movies/{id}/screenings").hasAnyRole("CUSTOMER", "ADMIN", "TICKETSELLER") .requestMatchers(HttpMethod.POST,"movies/{id}/screenings").hasRole("ADMIN") - .requestMatchers(HttpMethod.GET,"customers/{customerId}/screenings/{screeningId}").hasAnyRole("CUSTOMER", "ADMIN", "TICKETSELLER") + .requestMatchers(HttpMethod.GET,"customers/{customerId}/screenings/{screeningId}").hasAnyRole("ADMIN", "TICKETSELLER") .requestMatchers(HttpMethod.POST,"customers/{customerId}/screenings/{screeningId}").hasAnyRole( "TICKETSELLER")