From 9d629449914d2e4b8b778495ea14498de83a8d29 Mon Sep 17 00:00:00 2001
From: migudel <miguel.moras@estudiantes.uva.es>
Date: Tue, 17 Dec 2024 16:52:17 +0100
Subject: [PATCH] Avance con las conexiones
---
.trunk/trunk.yaml | 2 +-
.../com/uva/authentication/api/UserAPI.java | 1 +
.../controllers/AuthController.java | 4 +-
.../authentication/models/AuthResponse.java | 53 ++++---------------
.../models/RegisterRequest.java | 2 +-
.../authentication/models/remote/UserRol.java | 2 +-
.../authentication/services/AuthService.java | 7 ++-
.../apis/bookings/config/SecurityConfig.java | 53 ++++++++++---------
.../src/main/resources/application.properties | 2 +
.../com/uva/monolith/api/HotelManagerAPI.java | 2 +-
.../uva/monolith/config/SecurityConfig.java | 46 ++++++++--------
.../hotels/controllers/HotelController.java | 7 +--
.../services/hotels/models/Hotel.java | 5 ++
.../monolith/services/hotels/models/Room.java | 3 ++
.../hotels/repositories/RoomRepository.java | 18 -------
.../src/main/resources/application.properties | 6 ++-
.../java/com/uva/api/apis/BookingAPI.java | 2 +-
.../com/uva/api/config/SecurityConfig.java | 53 ++++++++++---------
.../uva/api/controllers/UserController.java | 8 ++-
.../java/com/uva/api/models/AuthResponse.java | 52 ++++--------------
.../src/main/resources/application.properties | 4 ++
21 files changed, 140 insertions(+), 192 deletions(-)
diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
index 06a7294..48ca6fb 100644
--- a/.trunk/trunk.yaml
+++ b/.trunk/trunk.yaml
@@ -20,7 +20,7 @@ lint:
disabled:
- git-diff-check
enabled:
- - checkov@3.2.334
+ - checkov@3.2.336
- dotenv-linter@3.3.0
- hadolint@2.12.1-beta
- markdownlint@0.43.0
diff --git a/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java b/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
index 6a43549..d61a328 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/api/UserAPI.java
@@ -53,6 +53,7 @@ public class UserAPI {
*/
public User registerUser(RegisterRequest registerRequest) {
String url = USER_API_URL;
+ System.out.println(registerRequest + " " + registerRequest.getPassword());
ResponseEntity<User> userResponse = restTemplate.postForEntity(url, registerRequest, User.class);
if (!userResponse.getStatusCode().is2xxSuccessful()) {
String errorMessage = "Failed to register user: " + userResponse.getStatusCode() + ". " + userResponse.getBody();
diff --git a/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java b/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
index 0e3bf83..83041cc 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/controllers/AuthController.java
@@ -42,7 +42,7 @@ public class AuthController {
if (e.getStatusCode() == HttpStatus.CONFLICT) {
return new ResponseEntity<String>(e.getMessage(), HttpStatus.CONFLICT);
}
- e.fillInStackTrace();
+ e.printStackTrace(System.err);
}
return new ResponseEntity<String>("Algo no fue bien", HttpStatus.UNAUTHORIZED);
@@ -63,7 +63,7 @@ public class AuthController {
String actualPassword = json.get("actual");
String newPassword = json.get("new");
- if (validStrings(email, actualPassword, newPassword))
+ if (!validStrings(email, actualPassword, newPassword))
return new ResponseEntity<Void>(HttpStatus.BAD_REQUEST);
try {
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java b/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java
index e943a69..1487301 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/AuthResponse.java
@@ -2,52 +2,19 @@ package com.uva.authentication.models;
import com.uva.authentication.models.remote.UserRol;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@AllArgsConstructor
+@NoArgsConstructor
+@Setter
+@Getter
public class AuthResponse {
-
private int id;
- private String username;
+ private String name;
private String email;
private String password;
private UserRol rol;
-
- public int getId() {
- return this.id;
- }
-
- public void setId(int id) {
- this.id = id;
- }
-
- public String getUsername() {
- return this.username;
- }
-
- public void setUsername(String username) {
- this.username = username;
- }
-
- public String getEmail() {
- return this.email;
- }
-
- public void setEmail(String email) {
- this.email = email;
- }
-
- public String getPassword() {
- return this.password;
- }
-
- public void setPassword(String password) {
- this.password = password;
- }
-
- public UserRol getRol() {
- return this.rol;
- }
-
- public void setRol(UserRol rol) {
- this.rol = rol;
- }
-
}
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java b/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
index 648abd1..4ef2db2 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/RegisterRequest.java
@@ -8,7 +8,7 @@ import lombok.NoArgsConstructor;
import lombok.ToString;
@Data
-@ToString
+@ToString(callSuper = true)
@EqualsAndHashCode(callSuper = true)
@NoArgsConstructor
public class RegisterRequest extends LoginRequest {
diff --git a/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java b/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java
index b03ee5f..2cb39bb 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/models/remote/UserRol.java
@@ -1,5 +1,5 @@
package com.uva.authentication.models.remote;
public enum UserRol {
- ADMIN, AUTH
+ ADMIN, AUTH, HOTEL_ADMIN, CLIENT
}
diff --git a/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java b/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
index f8a793f..67cf0b7 100644
--- a/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
+++ b/java/services/auth/src/main/java/com/uva/authentication/services/AuthService.java
@@ -46,14 +46,17 @@ public class AuthService {
}
public String register(RegisterRequest registerRequest) {
+ String plainTextPassword = registerRequest.getPassword();
// Ciframos la contraseña
- String hashPass = SecurityUtils.encrypt(registerRequest.getPassword());
+ String hashPass = SecurityUtils.encrypt(plainTextPassword);
registerRequest.setPassword(hashPass);
// Registramos el usuario
User user = userAPI.registerUser(registerRequest);
LoginRequest logReq = new LoginRequest();
BeanUtils.copyProperties(user, logReq);
-
+ // Recuperamos la contraseña y lo loggeamos
+ logReq.setPassword(plainTextPassword);
+ System.err.println(logReq);
return login(logReq);
}
diff --git a/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java b/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java
index 3a6395d..1b2ffd6 100644
--- a/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java
+++ b/java/services/bookings/src/main/java/com/uva/apis/bookings/config/SecurityConfig.java
@@ -22,32 +22,33 @@ public class SecurityConfig {
}
@Bean
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http.csrf(csrf -> csrf.disable())
- .authorizeHttpRequests(authorize -> authorize
- // Permitir OPTIONS sin autenticación
- .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
- // Acceso restringido a usuarios y administradores
- .requestMatchers("users", "users/**").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
- // Acceso restringido a gestores de hoteles y administradores
- .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
-
- .requestMatchers("hotels", "hotels/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
- // Acceso restringido a cualquier usuario del sistema
- .requestMatchers("bookings", "bookings/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
- UserRol.CLIENT.toString())
- // Rechazar el resto
- .anyRequest().denyAll())
- // Registra el filtro antes del filtro estándar de autenticación
- .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http.csrf(csrf -> csrf.disable());
+ // .authorizeHttpRequests(authorize -> authorize
+ // // Permitir OPTIONS sin autenticación
+ // .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+ // // Acceso restringido a usuarios y administradores
+ // .requestMatchers("users", "users/**").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+ // // Acceso restringido a gestores de hoteles y administradores
+ // .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+
+ // .requestMatchers("hotels", "hotels/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
+ // // Acceso restringido a cualquier usuario del sistema
+ // .requestMatchers("bookings", "bookings/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.CLIENT.toString())
+ // // Rechazar el resto
+ // .anyRequest().denyAll())
+ // // Registra el filtro antes del filtro estándar de autenticación
+ // .addFilterBefore(jwtAuthenticationFilter,
+ // UsernamePasswordAuthenticationFilter.class);
return http.build();
}
diff --git a/java/services/bookings/src/main/resources/application.properties b/java/services/bookings/src/main/resources/application.properties
index 9a73adc..9ea8ffa 100644
--- a/java/services/bookings/src/main/resources/application.properties
+++ b/java/services/bookings/src/main/resources/application.properties
@@ -7,6 +7,8 @@ spring.datasource.username=user
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.security.user.enabled=false
+
security.jwt.secret-key=MiClaveDeSeguridadMuyLargaParaQueNoFalleSpringBoot
# 1h in millisecond
security.jwt.expiration-time=3600000
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java b/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java
index 6ee7d9a..f4b0c18 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/api/HotelManagerAPI.java
@@ -21,7 +21,7 @@ public class HotelManagerAPI {
public Boolean existsHotelManagerById(int id) {
try {
String url = MANAGERS_API_URL + "/{id}";
- return restTemplate.getForEntity(url, Map.class, id).getBody().containsKey("id");
+ return restTemplate.getForObject(url, Map.class, id).containsKey("id");
} catch (HttpClientErrorException e) {
if (e.getStatusCode() != HttpStatus.NOT_FOUND)
throw e;
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java b/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java
index e5f1220..6a82598 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/config/SecurityConfig.java
@@ -22,27 +22,31 @@ public class SecurityConfig {
}
@Bean
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http.csrf(csrf -> csrf.disable())
- .authorizeHttpRequests(authorize -> authorize
- // Permitir OPTIONS sin autenticación
- .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
- // Acceso restringido a usuarios y administradores
- .requestMatchers("users", "users/**").hasAnyRole(
- UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(), UserRol.ADMIN.toString())
- // Acceso restringido a gestores de hoteles y administradores
- .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
- UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(), UserRol.ADMIN.toString())
-
- .requestMatchers("hotels", "hotels/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
- // Acceso restringido a cualquier usuario del sistema
- .requestMatchers("bookings", "bookings/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(), UserRol.CLIENT.toString())
- // Rechazar el resto
- .anyRequest().denyAll())
- // Registra el filtro antes del filtro estándar de autenticación
- .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http.csrf(csrf -> csrf.disable());
+ // .authorizeHttpRequests(authorize -> authorize
+ // // Permitir OPTIONS sin autenticación
+ // .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+ // // Acceso restringido a usuarios y administradores
+ // .requestMatchers("users", "users/**").hasAnyRole(
+ // UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+ // // Acceso restringido a gestores de hoteles y administradores
+ // .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
+ // UserRol.CLIENT.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+
+ // .requestMatchers("hotels", "hotels/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
+ // // Acceso restringido a cualquier usuario del sistema
+ // .requestMatchers("bookings", "bookings/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.CLIENT.toString())
+ // // Rechazar el resto
+ // .anyRequest().denyAll())
+ // // Registra el filtro antes del filtro estándar de autenticación
+ // .addFilterBefore(jwtAuthenticationFilter,
+ // UsernamePasswordAuthenticationFilter.class);
return http.build();
}
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java
index 8f16c25..39c1b31 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/controllers/HotelController.java
@@ -61,10 +61,11 @@ public class HotelController {
// Añadir un hotel con sus habitaciones
@PostMapping
- public ResponseEntity<Hotel> addHotel(@RequestBody Hotel hotel) {
+ public ResponseEntity<?> addHotel(@RequestBody Hotel hotel) {
boolean exist = hotelManagerAPI.existsHotelManagerById(hotel.getManagerId());
- if (exist) {
- return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+ if (!exist) {
+ return new ResponseEntity<>(
+ "No existe el manager con id " + String.valueOf(hotel.getManagerId()), HttpStatus.BAD_REQUEST);
}
Hotel savedHotel = hotelRepository.save(hotel);
return new ResponseEntity<>(savedHotel, HttpStatus.CREATED);
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java
index 72c6e66..0d2a207 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Hotel.java
@@ -46,4 +46,9 @@ public class Hotel {
@Column(name = "manager_id")
private int managerId;
+
+ public void setRooms(List<Room> rooms) {
+ this.rooms = rooms;
+ rooms.forEach(r -> r.setHotel(this));
+ }
}
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java
index be0918f..559fcc8 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/models/Room.java
@@ -32,10 +32,13 @@ public class Room {
@JoinColumn(name = "hotel_id", referencedColumnName = "id")
@JsonIgnore
private Hotel hotel;
+
@Column(name = "room_number", nullable = false)
private String roomNumber;
+
@Column(name = "type", nullable = false)
private RoomType type;
+
@Column(name = "available", nullable = false)
private boolean available;
}
diff --git a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java
index 7ee4149..35ee8eb 100644
--- a/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java
+++ b/java/services/hotels/src/main/java/com/uva/monolith/services/hotels/repositories/RoomRepository.java
@@ -15,22 +15,4 @@ public interface RoomRepository extends JpaRepository<Room, Integer> {
// Encontrar todas las habitaciones de un hotel
List<Room> findAllByHotelId(int hotelId);
-
- // Encontrar habitaciones disponibles de un hotel en un rango de fechas
- @Query("""
- SELECT r FROM Room r
- WHERE r.hotel.id = ?1
- AND r.available = true
- AND NOT EXISTS (
- SELECT b FROM Booking b
- WHERE b.roomId.id = r.id
- AND (
- b.endDate >= ?2
- OR
- ?3 >= b.startDate
- )
- )
- """)
- List<Room> findAvailableRoomsByHotelAndDates_(
- int hotelId, LocalDate startDate, LocalDate endDate);
}
diff --git a/java/services/hotels/src/main/resources/application.properties b/java/services/hotels/src/main/resources/application.properties
index 67cdabd..5c3e0ad 100644
--- a/java/services/hotels/src/main/resources/application.properties
+++ b/java/services/hotels/src/main/resources/application.properties
@@ -7,10 +7,12 @@ spring.datasource.username=user
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.security.user.enabled=false
+
security.jwt.secret-key=MiClaveDeSeguridadMuyLargaParaQueNoFalleSpringBoot
# 1h in millisecond
security.jwt.expiration-time=3600000
security.jwt.kid=cYz3kNRLAirxVhHXQ5rh5xKrOwHwZVui
-external.services.managers.url="http://localhost:8201/users/managers"
-external.services.bookings.url="http://localhost:8401/bookings"
\ No newline at end of file
+external.services.managers.url=http://localhost:8201/users/managers
+external.services.bookings.url=http://localhost:8401/bookings
\ No newline at end of file
diff --git a/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java b/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java
index bc2bbdf..6dad693 100644
--- a/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java
+++ b/java/services/users/src/main/java/com/uva/api/apis/BookingAPI.java
@@ -16,7 +16,7 @@ public class BookingAPI {
@Autowired
private RestTemplate restTemplate;
- @Value("${external.services.booking.url}")
+ @Value("${external.services.bookings.url}")
private String BOOKING_API_URL;
public List<Booking> getAllBookingsByUserId(int id) {
diff --git a/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java b/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java
index 854ec7a..5aa0f6e 100644
--- a/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java
+++ b/java/services/users/src/main/java/com/uva/api/config/SecurityConfig.java
@@ -22,32 +22,33 @@ public class SecurityConfig {
}
@Bean
- public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
- http.csrf(csrf -> csrf.disable())
- .authorizeHttpRequests(authorize -> authorize
- // Permitir OPTIONS sin autenticación
- .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
- // Acceso restringido a usuarios y administradores
- .requestMatchers("users", "users/**").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
- // Acceso restringido a gestores de hoteles y administradores
- .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
- UserRol.CLIENT.toString(),
- UserRol.HOTEL_ADMIN.toString(),
- UserRol.ADMIN.toString())
-
- .requestMatchers("hotels", "hotels/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
- // Acceso restringido a cualquier usuario del sistema
- .requestMatchers("bookings", "bookings/**")
- .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
- UserRol.CLIENT.toString())
- // Rechazar el resto
- .anyRequest().denyAll())
- // Registra el filtro antes del filtro estándar de autenticación
- .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+ http.csrf(csrf -> csrf.disable());
+ // .authorizeHttpRequests(authorize -> authorize
+ // // Permitir OPTIONS sin autenticación
+ // .requestMatchers(HttpMethod.OPTIONS, "/**").permitAll()
+ // // Acceso restringido a usuarios y administradores
+ // .requestMatchers("users", "users/**").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+ // // Acceso restringido a gestores de hoteles y administradores
+ // .requestMatchers(HttpMethod.GET, "hotels", "hotels/*").hasAnyRole(
+ // UserRol.CLIENT.toString(),
+ // UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.ADMIN.toString())
+
+ // .requestMatchers("hotels", "hotels/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString())
+ // // Acceso restringido a cualquier usuario del sistema
+ // .requestMatchers("bookings", "bookings/**")
+ // .hasAnyRole(UserRol.ADMIN.toString(), UserRol.HOTEL_ADMIN.toString(),
+ // UserRol.CLIENT.toString())
+ // // Rechazar el resto
+ // .anyRequest().denyAll())
+ // // Registra el filtro antes del filtro estándar de autenticación
+ // .addFilterBefore(jwtAuthenticationFilter,
+ // UsernamePasswordAuthenticationFilter.class);
return http.build();
}
diff --git a/java/services/users/src/main/java/com/uva/api/controllers/UserController.java b/java/services/users/src/main/java/com/uva/api/controllers/UserController.java
index 287c8bd..121670c 100644
--- a/java/services/users/src/main/java/com/uva/api/controllers/UserController.java
+++ b/java/services/users/src/main/java/com/uva/api/controllers/UserController.java
@@ -3,6 +3,7 @@ package com.uva.api.controllers;
import java.util.List;
import java.util.Map;
+import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
@@ -20,6 +21,7 @@ import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.HttpClientErrorException;
import com.fasterxml.jackson.databind.JsonNode;
+import com.uva.api.models.AuthResponse;
import com.uva.api.models.Client;
import com.uva.api.models.Manager;
import com.uva.api.models.User;
@@ -45,9 +47,11 @@ public class UserController {
// Common
@PostMapping
- public ResponseEntity<?> addUser(@RequestBody User user) {
+ public ResponseEntity<?> addUser(@RequestBody AuthResponse body) {
+ User user = new User();
+ BeanUtils.copyProperties(body, user);
userService.registerNewUser(user);
- return new ResponseEntity<>(HttpStatus.ACCEPTED);
+ return new ResponseEntity<User>(user, HttpStatus.ACCEPTED);
}
@PutMapping("/{id}")
diff --git a/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java b/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java
index d7ea088..ca8edf2 100644
--- a/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java
+++ b/java/services/users/src/main/java/com/uva/api/models/AuthResponse.java
@@ -1,51 +1,19 @@
package com.uva.api.models;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@NoArgsConstructor
+@AllArgsConstructor
+@Getter
+@Setter
public class AuthResponse {
private int id;
- private String username;
+ private String name;
private String email;
private String password;
private UserRol rol;
-
- public int getId() {
- return this.id;
- }
-
- public void setId(int id) {
- this.id = id;
- }
-
- public String getUsername() {
- return this.username;
- }
-
- public void setUsername(String username) {
- this.username = username;
- }
-
- public String getEmail() {
- return this.email;
- }
-
- public void setEmail(String email) {
- this.email = email;
- }
-
- public String getPassword() {
- return this.password;
- }
-
- public void setPassword(String password) {
- this.password = password;
- }
-
- public UserRol getRol() {
- return this.rol;
- }
-
- public void setRol(UserRol rol) {
- this.rol = rol;
- }
-
}
diff --git a/java/services/users/src/main/resources/application.properties b/java/services/users/src/main/resources/application.properties
index b03d188..3d3c506 100644
--- a/java/services/users/src/main/resources/application.properties
+++ b/java/services/users/src/main/resources/application.properties
@@ -7,6 +7,10 @@ spring.datasource.username=user
spring.datasource.password=password
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
+spring.neo4j.security.hostname-verification-enabled=false
+spring.security.user.name=user
+spring.security.user.password=password
+
security.jwt.secret-key=MiClaveDeSeguridadMuyLargaParaQueNoFalleSpringBoot
# 1h in millisecond
security.jwt.expiration-time=3600000
--
GitLab