Spring security pull

README.md

@@ -1,3 +1,7 @@
 # BasicSpringBootAPI
 
-Efficient REST API crafted using Core Java and Spring Boot, enabling smooth CRUD operations on an employee database. 
+Efficient REST API crafted using Core Java and Spring Boot, enabling smooth CRUD operations on an employee database, that includes the incorporation of a Spring Security layer, using bcrypt-hashed passwords, and executed through the adept utilization of JDBC technology.
+
+# Database Preview
+
+![DatabaseFinalPreview](https://github.com/manumiguezz/CompanySpringBootRESTAPI/assets/111899370/a97b153a-3a62-447e-99fb-258f90be4019)

mysqlscripts/employee-directory.sql

@@ -0,0 +1,22 @@
+CREATE DATABASE  IF NOT EXISTS `employee_directory`;
+USE `employee_directory`;
+
+
+DROP TABLE IF EXISTS `employee`;
+
+CREATE TABLE `employee` (
+  `id` int NOT NULL AUTO_INCREMENT,
+  `first_name` varchar(45) DEFAULT NULL,
+  `last_name` varchar(45) DEFAULT NULL,
+  `email` varchar(45) DEFAULT NULL,
+  PRIMARY KEY (`id`)
+) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
+
+
+INSERT INTO `employee` VALUES 
+	(1,'Manuel','Miguez','manum@mail.com'),
+	(2,'Luca','Vinelli','lucav@mail.com'),
+	(3,'Iñaki','Mariño','iñakim@mail.com'),
+	(4,'Manfiu','Puerto','manfiudp@mail.com'),
+	(5,'Juani','Pucheta','juanip@mail.com');
+

mysqlscripts/spring-security-finished.sql

@@ -0,0 +1,36 @@
+USE `employee_directory`;
+
+DROP TABLE IF EXISTS `roles`;
+DROP TABLE IF EXISTS `members`;
+
+
+CREATE TABLE `members` (
+  `user` varchar(50) NOT NULL,
+  `psw` char(68) NOT NULL,
+  `active` tinyint NOT NULL,
+  PRIMARY KEY (`user`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+INSERT INTO `members`
+VALUES
+('ramiro','{bcrypt}$2a$10$S7GTZIc/KfegnP9H4GNaCOxHkvu0M32H7f9wg/lHl/c97VQtIoVvm',1),
+('matias','{bcrypt}$2a$10$DWG0SGnfxqDIjx.LrywatevHjod2EbepV0W3t5d1aOoRLjSQuvszS',1),
+('alejo','{bcrypt}$2a$10$0tqmRxOQufHIrIuQWNHa6.M4ei4LbE4NhN6gfUEOOnxpkbzLABGc6',1);
+
+
+CREATE TABLE `roles` (
+  `user` varchar(50) NOT NULL,
+  `role` varchar(50) NOT NULL,
+  UNIQUE KEY `authorities5_idx_1` (`user`,`role`),
+  CONSTRAINT `authorities5_ibfk_1` FOREIGN KEY (`user`) REFERENCES `members` (`user`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+
+INSERT INTO `roles`
+VALUES
+('ramiro','ROLE_EMPLOYEE'),
+('matias','ROLE_EMPLOYEE'),
+('matias','ROLE_MANAGER'),
+('alejo','ROLE_EMPLOYEE'),
+('alejo','ROLE_MANAGER'),
+('alejo','ROLE_ADMIN');

mysqlscripts/spring-security-users-bcrypt.sql

@@ -0,0 +1,36 @@
+USE `employee_directory`;
+
+DROP TABLE IF EXISTS `authorities`;
+DROP TABLE IF EXISTS `users`;
+
+
+CREATE TABLE `users` (
+  `username` varchar(50) NOT NULL,
+  `password` char(68) NOT NULL,
+  `enabled` tinyint NOT NULL,
+  PRIMARY KEY (`username`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+INSERT INTO `users` 
+VALUES 
+('ramiro','{bcrypt}$2a$10$S7GTZIc/KfegnP9H4GNaCOxHkvu0M32H7f9wg/lHl/c97VQtIoVvm',1),
+('matias','{bcrypt}$2a$10$DWG0SGnfxqDIjx.LrywatevHjod2EbepV0W3t5d1aOoRLjSQuvszS',1),
+('alejo','{bcrypt}$2a$10$0tqmRxOQufHIrIuQWNHa6.M4ei4LbE4NhN6gfUEOOnxpkbzLABGc6',1);
+
+
+CREATE TABLE `authorities` (
+  `username` varchar(50) NOT NULL,
+  `authority` varchar(50) NOT NULL,
+  UNIQUE KEY `authorities4_idx_1` (`username`,`authority`),
+  CONSTRAINT `authorities4_ibfk_1` FOREIGN KEY (`username`) REFERENCES `users` (`username`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+
+INSERT INTO `authorities` 
+VALUES 
+('ramiro','ROLE_EMPLOYEE'),
+('matias','ROLE_EMPLOYEE'),
+('matias','ROLE_MANAGER'),
+('alejo','ROLE_EMPLOYEE'),
+('alejo','ROLE_MANAGER'),
+('alejo','ROLE_ADMIN');

mysqlscripts/spring-security-users.sql

@@ -0,0 +1,39 @@
+USE `employee_directory`;
+
+DROP TABLE IF EXISTS `authorities`;
+DROP TABLE IF EXISTS `users`;
+
+
+CREATE TABLE `users` (
+  `username` varchar(50) NOT NULL,
+  `password` varchar(50) NOT NULL,
+  `enabled` tinyint NOT NULL,
+  PRIMARY KEY (`username`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+
+INSERT INTO `users` 
+VALUES 
+('ramiro','{noop}examplepass',1),
+('matias','{noop}examplepass',1),
+('alejo','{noop}examplepass',1);
+
+
+CREATE TABLE `authorities` (
+  `username` varchar(50) NOT NULL,
+  `authority` varchar(50) NOT NULL,
+  UNIQUE KEY `authorities_idx_1` (`username`,`authority`),
+  CONSTRAINT `authorities_ibfk_1` FOREIGN KEY (`username`) REFERENCES `users` (`username`)
+) ENGINE=InnoDB DEFAULT CHARSET=latin1;
+
+
+INSERT INTO `authorities` 
+VALUES 
+('ramiro','ROLE_EMPLOYEE'),
+('matias','ROLE_EMPLOYEE'),
+('matias','ROLE_MANAGER'),
+('alejo','ROLE_EMPLOYEE'),
+('alejo','ROLE_MANAGER'),
+('alejo','ROLE_ADMIN');
+
+

pom.xml

@@ -17,10 +17,22 @@
 		<java.version>17</java.version>
 	</properties>
 	<dependencies>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-rest</artifactId>
+		</dependency>
+
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-jpa</artifactId>
 		</dependency>
+
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
@@ -32,16 +44,19 @@
 			<scope>runtime</scope>
 			<optional>true</optional>
 		</dependency>
+
 		<dependency>
 			<groupId>com.mysql</groupId>
 			<artifactId>mysql-connector-j</artifactId>
 			<scope>runtime</scope>
 		</dependency>
+
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>
 			<scope>test</scope>
 		</dependency>
+
 	</dependencies>
 
 	<build>

src/main/java/com/manumiguezz/crudapplication/rest/EmployeeRestController.java

@@ -1,9 +1,8 @@
 package com.manumiguezz.crudapplication.rest;
 
-import com.manumiguezz.crudapplication.dao.EmployeeDAO;
 import com.manumiguezz.crudapplication.entity.Employee;
 import com.manumiguezz.crudapplication.service.EmployeeService;
-import com.manumiguezz.crudapplication.service.EmployeeServiceImpl;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -14,17 +13,20 @@ public class EmployeeRestController {
 
     private EmployeeService employeeService;
 
-    public EmployeeRestController (EmployeeService theEmployeeService) {
+    @Autowired
+    public EmployeeRestController(EmployeeService theEmployeeService) {
         employeeService = theEmployeeService;
     }
 
     @GetMapping("/employees")
-    public List<Employee> findAll(){
+    public List<Employee> findAll() {
         return employeeService.findAll();
     }
 
+
     @GetMapping("/employees/{employeeId}")
     public Employee getEmployee(@PathVariable int employeeId) {
+
         Employee theEmployee = employeeService.findById(employeeId);
 
         if (theEmployee == null) {
@@ -34,35 +36,52 @@ public Employee getEmployee(@PathVariable int employeeId) {
         return theEmployee;
     }
 
-    @PostMapping ("/employees")
+
+    @PostMapping("/employees")
     public Employee addEmployee(@RequestBody Employee theEmployee) {
 
+
         theEmployee.setId(0);
 
         Employee dbEmployee = employeeService.save(theEmployee);
+
         return dbEmployee;
     }
 
     @PutMapping("/employees")
     public Employee updateEmployee(@RequestBody Employee theEmployee) {
+
         Employee dbEmployee = employeeService.save(theEmployee);
+
         return dbEmployee;
     }
 
-    @DeleteMapping("/employees/{employeeId} ")
+    @DeleteMapping("/employees/{employeeId}")
     public String deleteEmployee(@PathVariable int employeeId) {
+
         Employee tempEmployee = employeeService.findById(employeeId);
 
         if (tempEmployee == null) {
-            throw new RuntimeException("Employee id: " + employeeId + " not found");
+            throw new RuntimeException("Employee id not found - " + employeeId);
         }
 
-        employeeService.deleteByID(employeeId);
+        employeeService.deleteById(employeeId);
 
-        return "Employee with id: " + employeeId + " was deleted";
+        return "Deleted employee id - " + employeeId;
     }
 
+}
+
+
+
+
+
+
+
+
+
+
+
 
 
 
-}

src/main/java/com/manumiguezz/crudapplication/security/SecurityConfig.java

@@ -0,0 +1,49 @@
+package com.manumiguezz.crudapplication.security;
+
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.config.Customizer;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.provisioning.JdbcUserDetailsManager;
+import org.springframework.security.provisioning.UserDetailsManager;
+import org.springframework.security.web.SecurityFilterChain;
+
+import javax.sql.DataSource;
+
+@Configuration
+public class SecurityConfig {
+
+    @Bean
+    public UserDetailsManager userDetailsManager (DataSource dataSource){
+        JdbcUserDetailsManager jdbcUserDetailsManager = new JdbcUserDetailsManager(dataSource);
+
+        jdbcUserDetailsManager
+                .setUsersByUsernameQuery("select user, psw, active from members where user=?");
+
+        jdbcUserDetailsManager
+                .setAuthoritiesByUsernameQuery("select user, role from roles where user=?");
+
+        return jdbcUserDetailsManager;
+    }
+
+
+    @Bean
+    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
+
+        http.authorizeHttpRequests(configurer ->
+                configurer
+                        .requestMatchers(HttpMethod.GET, "/api/employees").hasRole("EMPLOYEE")
+                        .requestMatchers(HttpMethod.GET, "/api/employees/**").hasRole("EMPLOYEE")
+                        .requestMatchers(HttpMethod.POST, "/api/employees").hasRole("TL")
+                        .requestMatchers(HttpMethod.PUT, "/api/employees").hasRole("TL")
+                        .requestMatchers(HttpMethod.DELETE, "/api/employees/**").hasRole("ADMIN")
+        );
+
+        http.httpBasic(Customizer.withDefaults());
+        http.csrf(csrf -> csrf.disable());
+
+        return http.build();
+    }
+}