diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
index 06a72940e3fd919bc9ffc5bd81a3916fc08268d6..48ca6fbb5d1debf221a15c1bc2606816109255fc 100644
--- a/.trunk/trunk.yaml
+++ b/.trunk/trunk.yaml
@@ -20,7 +20,7 @@ lint:
disabled:
- git-diff-check
enabled:
- - checkov@3.2.334
+ - checkov@3.2.336
- dotenv-linter@3.3.0
- hadolint@2.12.1-beta
- markdownlint@0.43.0
diff --git a/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java b/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
index 6a4354944b6062bc9d3bf8832f18edeeb761d619..d61a328f4353b10ee58bec766bb2ba24b047cd82 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
@@ -53,6 +53,7 @@ public class UserAPI {
*/
public User registerUser(RegisterRequest registerRequest) {
String url = USER_API_URL;
+ System.out.println(registerRequest + " " + registerRequest.getPassword());
ResponseEntity<User> userResponse = restTemplate.postForEntity(url, registerRequest, User.class);
if (!userResponse.getStatusCode().is2xxSuccessful()) {
String errorMessage = "Failed to register user: " + userResponse.getStatusCode() + ". " + userResponse.getBody();
diff --git a/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java b/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
index 0e3bf83b3ba3fc97248f318d25618027973f77c8..83041cc56f5019ea047e41c56dae8224828f792a 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
@@ -42,7 +42,7 @@ public class AuthController {
if (e.getStatusCode() == HttpStatus.CONFLICT) {
return new ResponseEntity<String>(e.getMessage(), HttpStatus.CONFLICT);
}
- e.fillInStackTrace();
+ e.printStackTrace(System.err);
}
return new ResponseEntity<String>("Algo no fue bien", HttpStatus.UNAUTHORIZED);
@@ -63,7 +63,7 @@ public class AuthController {
String actualPassword = json.get("actual");
String newPassword = json.get("new");
- if (validStrings(email, actualPassword, newPassword))
+ if (!validStrings(email, actualPassword, newPassword))
return new ResponseEntity<Void>(HttpStatus.BAD_REQUEST);
try {
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java b/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java
index e943a69108d5da38d4956509242935a6e4eb659e..148730189d6c5a29df507bc3cd10eef7a9b274e6 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java
@@ -2,52 +2,19 @@ package com.uva.authentication.models;
import com.uva.authentication.models.remote.UserRol;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@AllArgsConstructor
+@NoArgsConstructor
+@Setter
+@Getter
public class AuthResponse {
-
private int id;
- private String username;
+ private String name;
private String email;
private String password;
private UserRol rol;
-
- public int getId() {
- return this.id;
- }
-
- public void setId(int id) {
- this.id = id;
- }
-
- public String getUsername() {
- return this.username;
- }
-
- public void setUsername(String username) {
- this.username = username;
- }
-
- public String getEmail() {
- return this.email;
- }
-
- public void setEmail(String email) {
- this.email = email;
- }
-
- public String getPassword() {
- return this.password;
- }
-
- public void setPassword(String password) {
- this.password = password;
- }
-
- public UserRol getRol() {
- return this.rol;
- }
-
- public void setRol(UserRol rol) {
- this.rol = rol;
- }
-
}
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java b/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
index 648abd1c807a8c368ca058f1d6f8f6cf840b13bf..4ef2db20a9b6b3e4fa34d713c6b4b4b529b4fa33 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
@@ -8,7 +8,7 @@ import lombok.NoArgsConstructor;
import lombok.ToString;
@Data
-@ToString
+@ToString(callSuper = true)
@EqualsAndHashCode(callSuper = true)
@NoArgsConstructor
public class RegisterRequest extends LoginRequest {
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java b/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java
index b03ee5fd9103fc33f4572b698026428aea3601e0..2cb39bb4f6174faf20c7174269c835f7c6b80cc2 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java
@@ -1,5 +1,5 @@
package com.uva.authentication.models.remote;
public enum UserRol {
- ADMIN, AUTH
+ ADMIN, AUTH, HOTEL_ADMIN, CLIENT
}
diff --git a/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java b/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
index f8a793f5efea0a508a6b298f8d722c14441b558f..67cf0b7308c3979274697da16bc0f0f103227aa9 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
@@ -46,14 +46,17 @@ public class AuthService {
}
public String register(RegisterRequest registerRequest) {
+ String plainTextPassword = registerRequest.getPassword();
// Ciframos la contraseña
- String hashPass = SecurityUtils.encrypt(registerRequest.getPassword());
+ String hashPass = SecurityUtils.encrypt(plainTextPassword);
registerRequest.setPassword(hashPass);
// Registramos el usuario
User user = userAPI.registerUser(registerRequest);
LoginRequest logReq = new LoginRequest();
BeanUtils.copyProperties(user, logReq);
-
+ // Recuperamos la contraseña y lo loggeamos
+ logReq.setPassword(plainTextPassword);
+ System.err.println(logReq);
return login(logReq);
}
diff --git a/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java b/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java
index 3a6395d1c3711b44c5fb16726c90380169b15448..1b2ffd6bf039fc0d70efb5b918ecda0b8236433f 100644
--- a/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java
+++ b/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java
@@ -22,32 +22,33 @@ public class SecurityConfig {
}
@Bean
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http.csrf(csrf -> csrf.disable())
- .authorizeHttpRequests(authorize -> authorize
- // Permitir OPTIONS sin autenticación
- .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
- // Acceso restringido a usuarios y administradores
- .requestMatchers("users", "users/**").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
- // Acceso restringido a gestores de hoteles y administradores
- .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
-
- .requestMatchers("hotels", "hotels/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
- // Acceso restringido a cualquier usuario del sistema
- .requestMatchers("bookings", "bookings/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
- UserRol.CLIENT.toString())
- // Rechazar el resto
- .anyRequest().denyAll())
- // Registra el filtro antes del filtro estándar de autenticación
- .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http.csrf(csrf -> csrf.disable());
+ // .authorizeHttpRequests(authorize -> authorize
+ // // Permitir OPTIONS sin autenticación
+ // .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+ // // Acceso restringido a usuarios y administradores
+ // .requestMatchers("users", "users/**").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+ // // Acceso restringido a gestores de hoteles y administradores
+ // .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+
+ // .requestMatchers("hotels", "hotels/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
+ // // Acceso restringido a cualquier usuario del sistema
+ // .requestMatchers("bookings", "bookings/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.CLIENT.toString())
+ // // Rechazar el resto
+ // .anyRequest().denyAll())
+ // // Registra el filtro antes del filtro estándar de autenticación
+ // .addFilterBefore(jwtAuthenticationFilter,
+ // UsernamePasswordAuthenticationFilter.class);
return http.build();
}
diff --git a/java/services/bookings/src/main/resources/application.properties b/java/services/bookings/src/main/resources/application.properties
index 9a73adc5e892125d53f8821a2fd2bbc82a9036d8..9ea8ffad1265e6413ef92d11b6787e8d891ef811 100644
--- a/java/services/bookings/src/main/resources/application.properties
+++ b/java/services/bookings/src/main/resources/application.properties
@@ -7,6 +7,8 @@ spring.datasource.username=user
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.security.user.enabled=false
+
security.jwt.secret-key=MiClaveDeSeguridadMuyLargaParaQueNoFalleSpringBoot
# 1h in millisecond
security.jwt.expiration-time=3600000
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java b/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java
index 6ee7d9ae662e6a08cb6b8fffc9cf2004af230ed6..f4b0c18bb3fdfbadd919807368121500b92153ce 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java
@@ -21,7 +21,7 @@ public class HotelManagerAPI {
public Boolean existsHotelManagerById(int id) {
try {
String url = MANAGERS_API_URL + "/{id}";
- return restTemplate.getForEntity(url, Map.class, id).getBody().containsKey("id");
+ return restTemplate.getForObject(url, Map.class, id).containsKey("id");
} catch (HttpClientErrorException e) {
if (e.getStatusCode() != HttpStatus.NOT_FOUND)
throw e;
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java b/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java
index e5f12202347395ebdec519f8b64386dd46b2695f..6a82598aa46c5f8cb07566677d88d6cd7aa5dffc 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java
@@ -22,27 +22,31 @@ public class SecurityConfig {
}
@Bean
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http.csrf(csrf -> csrf.disable())
- .authorizeHttpRequests(authorize -> authorize
- // Permitir OPTIONS sin autenticación
- .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
- // Acceso restringido a usuarios y administradores
- .requestMatchers("users", "users/**").hasAnyRole(
- UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(), UserRol.ADMIN.toString())
- // Acceso restringido a gestores de hoteles y administradores
- .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
- UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(), UserRol.ADMIN.toString())
-
- .requestMatchers("hotels", "hotels/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
- // Acceso restringido a cualquier usuario del sistema
- .requestMatchers("bookings", "bookings/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(), UserRol.CLIENT.toString())
- // Rechazar el resto
- .anyRequest().denyAll())
- // Registra el filtro antes del filtro estándar de autenticación
- .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http.csrf(csrf -> csrf.disable());
+ // .authorizeHttpRequests(authorize -> authorize
+ // // Permitir OPTIONS sin autenticación
+ // .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+ // // Acceso restringido a usuarios y administradores
+ // .requestMatchers("users", "users/**").hasAnyRole(
+ // UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+ // // Acceso restringido a gestores de hoteles y administradores
+ // .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
+ // UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+
+ // .requestMatchers("hotels", "hotels/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
+ // // Acceso restringido a cualquier usuario del sistema
+ // .requestMatchers("bookings", "bookings/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.CLIENT.toString())
+ // // Rechazar el resto
+ // .anyRequest().denyAll())
+ // // Registra el filtro antes del filtro estándar de autenticación
+ // .addFilterBefore(jwtAuthenticationFilter,
+ // UsernamePasswordAuthenticationFilter.class);
return http.build();
}
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java
index 8f16c254366f133060daecb8036064945d86a154..39c1b314c15ad3f49a9fad76dde88f45cc9b7458 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java
@@ -61,10 +61,11 @@ public class HotelController {
// Añadir un hotel con sus habitaciones
@PostMapping
- public ResponseEntity<Hotel> addHotel(@RequestBody Hotel hotel) {
+ public ResponseEntity<?> addHotel(@RequestBody Hotel hotel) {
boolean exist = hotelManagerAPI.existsHotelManagerById(hotel.getManagerId());
- if (exist) {
- return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+ if (!exist) {
+ return new ResponseEntity<>(
+ "No existe el manager con id " + String.valueOf(hotel.getManagerId()), HttpStatus.BAD_REQUEST);
}
Hotel savedHotel = hotelRepository.save(hotel);
return new ResponseEntity<>(savedHotel, HttpStatus.CREATED);
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java
index 72c6e660529e5ebd86cf55b875513b4e5763d5c3..0d2a207cb5511995a96b0bf6a30413ac036bc8ca 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java
@@ -46,4 +46,9 @@ public class Hotel {
@Column(name = "manager_id")
private int managerId;
+
+ public void setRooms(List<Room> rooms) {
+ this.rooms = rooms;
+ rooms.forEach(r -> r.setHotel(this));
+ }
}
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java
index be0918fe486d1b7e9e441f5cb321fce61c30ac7c..559fcc8a0fccd4f3c7eb767c9ba156091fc332f1 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java
@@ -32,10 +32,13 @@ public class Room {
@JoinColumn(name = "hotel_id", referencedColumnName = "id")
@JsonIgnore
private Hotel hotel;
+
@Column(name = "room_number", nullable = false)
private String roomNumber;
+
@Column(name = "type", nullable = false)
private RoomType type;
+
@Column(name = "available", nullable = false)
private boolean available;
}
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java
index 7ee4149afc9c8c660048494230a6ea9311bd08d7..35ee8ebfcf11c0510159b29f3916de0d5931be45 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java
@@ -15,22 +15,4 @@ public interface RoomRepository extends JpaRepository<Room, Integer> {
// Encontrar todas las habitaciones de un hotel
List<Room> findAllByHotelId(int hotelId);
-
- // Encontrar habitaciones disponibles de un hotel en un rango de fechas
- @Query("""
- SELECT r FROM Room r
- WHERE r.hotel.id = ?1
- AND r.available = true
- AND NOT EXISTS (
- SELECT b FROM Booking b
- WHERE b.roomId.id = r.id
- AND (
- b.endDate >= ?2
- OR
- ?3 >= b.startDate
- )
- )
- """)
- List<Room> findAvailableRoomsByHotelAndDates_(
- int hotelId, LocalDate startDate, LocalDate endDate);
}
diff --git a/java/services/hotels/src/main/resources/application.properties b/java/services/hotels/src/main/resources/application.properties
index 67cdabd859a6c238679cc643340616462f2f3a76..5c3e0ad95b9cd28ed4c2dcbc55f5d8c14f9ee7a1 100644
--- a/java/services/hotels/src/main/resources/application.properties
+++ b/java/services/hotels/src/main/resources/application.properties
@@ -7,10 +7,12 @@ spring.datasource.username=user
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.security.user.enabled=false
+
security.jwt.secret-key=MiClaveDeSeguridadMuyLargaParaQueNoFalleSpringBoot
# 1h in millisecond
security.jwt.expiration-time=3600000
security.jwt.kid=cYz3kNRLAirxVhHXQ5rh5xKrOwHwZVui
-external.services.managers.url="http://localhost:8201/users/managers"
-external.services.bookings.url="http://localhost:8401/bookings"
\ No newline at end of file
+external.services.managers.url=http://localhost:8201/users/managers
+external.services.bookings.url=http://localhost:8401/bookings
\ No newline at end of file
diff --git a/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java b/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java
index bc2bbdfa533b407a5fab5b97e63116a0f2214019..6dad693f2215a1b0c0614e2d99a7ecb3ca88227a 100644
--- a/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java
+++ b/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java
@@ -16,7 +16,7 @@ public class BookingAPI {
@Autowired
private RestTemplate restTemplate;
- @Value("${external.services.booking.url}")
+ @Value("${external.services.bookings.url}")
private String BOOKING_API_URL;
public List<Booking> getAllBookingsByUserId(int id) {
diff --git a/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java b/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java
index 854ec7a52bf9dc9d1b9e1631aa9969a8ce391ede..5aa0f6e0f22a1b524146320a77777881415510c9 100644
--- a/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java
+++ b/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java
@@ -22,32 +22,33 @@ public class SecurityConfig {
}
@Bean
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http.csrf(csrf -> csrf.disable())
- .authorizeHttpRequests(authorize -> authorize
- // Permitir OPTIONS sin autenticación
- .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
- // Acceso restringido a usuarios y administradores
- .requestMatchers("users", "users/**").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
- // Acceso restringido a gestores de hoteles y administradores
- .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
-
- .requestMatchers("hotels", "hotels/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
- // Acceso restringido a cualquier usuario del sistema
- .requestMatchers("bookings", "bookings/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
- UserRol.CLIENT.toString())
- // Rechazar el resto
- .anyRequest().denyAll())
- // Registra el filtro antes del filtro estándar de autenticación
- .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http.csrf(csrf -> csrf.disable());
+ // .authorizeHttpRequests(authorize -> authorize
+ // // Permitir OPTIONS sin autenticación
+ // .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+ // // Acceso restringido a usuarios y administradores
+ // .requestMatchers("users", "users/**").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+ // // Acceso restringido a gestores de hoteles y administradores
+ // .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+
+ // .requestMatchers("hotels", "hotels/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
+ // // Acceso restringido a cualquier usuario del sistema
+ // .requestMatchers("bookings", "bookings/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.CLIENT.toString())
+ // // Rechazar el resto
+ // .anyRequest().denyAll())
+ // // Registra el filtro antes del filtro estándar de autenticación
+ // .addFilterBefore(jwtAuthenticationFilter,
+ // UsernamePasswordAuthenticationFilter.class);
return http.build();
}
diff --git a/java/services/users/src/main/java/com/uva/api/controllers/UserController.java b/java/services/users/src/main/java/com/uva/api/controllers/UserController.java
index 287c8bdf429a7255a3cddca286af7010045d7a90..121670cb98bb3e26a6e9f49b3d5914d70f0b3863 100644
--- a/java/services/users/src/main/java/com/uva/api/controllers/UserController.java
+++ b/java/services/users/src/main/java/com/uva/api/controllers/UserController.java
@@ -3,6 +3,7 @@ package com.uva.api.controllers;
import java.util.List;
import java.util.Map;
+import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
@@ -20,6 +21,7 @@ import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.HttpClientErrorException;
import com.fasterxml.jackson.databind.JsonNode;
+import com.uva.api.models.AuthResponse;
import com.uva.api.models.Client;
import com.uva.api.models.Manager;
import com.uva.api.models.User;
@@ -45,9 +47,11 @@ public class UserController {
// Common
@PostMapping
- public ResponseEntity<?> addUser(@RequestBody User user) {
+ public ResponseEntity<?> addUser(@RequestBody AuthResponse body) {
+ User user = new User();
+ BeanUtils.copyProperties(body, user);
userService.registerNewUser(user);
- return new ResponseEntity<>(HttpStatus.ACCEPTED);
+ return new ResponseEntity<User>(user, HttpStatus.ACCEPTED);
}
@PutMapping("/{id}")
diff --git a/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java b/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java
index d7ea088093c98d14b3e18e593d8753d877ccf813..ca8edf2a813699de08326948c55306d2dfbf567e 100644
--- a/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java
+++ b/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java
@@ -1,51 +1,19 @@
package com.uva.api.models;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@NoArgsConstructor
+@AllArgsConstructor
+@Getter
+@Setter
public class AuthResponse {
private int id;
- private String username;
+ private String name;
private String email;
private String password;
private UserRol rol;
-
- public int getId() {
- return this.id;
- }
-
- public void setId(int id) {
- this.id = id;
- }
-
- public String getUsername() {
- return this.username;
- }
-
- public void setUsername(String username) {
- this.username = username;
- }
-
- public String getEmail() {
- return this.email;
- }
-
- public void setEmail(String email) {
- this.email = email;
- }
-
- public String getPassword() {
- return this.password;
- }
-
- public void setPassword(String password) {
- this.password = password;
- }
-
- public UserRol getRol() {
- return this.rol;
- }
-
- public void setRol(UserRol rol) {
- this.rol = rol;
- }
-
}
diff --git a/java/services/users/src/main/resources/application.properties b/java/services/users/src/main/resources/application.properties
index b03d1885b1b51e6c711b07a8caa66a5ece74c1fb..3d3c5062f7694a2d5cfda9e7f09371cbee1358bf 100644
--- a/java/services/users/src/main/resources/application.properties
+++ b/java/services/users/src/main/resources/application.properties
@@ -7,6 +7,10 @@ spring.datasource.username=user
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.neo4j.security.hostname-verification-enabled=false
+spring.security.user.name=user
+spring.security.user.password=password
+
security.jwt.secret-key=MiClaveDeSeguridadMuyLargaParaQueNoFalleSpringBoot
# 1h in millisecond
security.jwt.expiration-time=3600000