diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/dao/PrivilegeRepository.java b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/dao/PrivilegeRepository.java new file mode 100644 index 0000000000..f45baf28ba --- /dev/null +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/dao/PrivilegeRepository.java @@ -0,0 +1,8 @@ +package org.baeldung.persistence.dao; + +import org.baeldung.persistence.model.Privilege; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface PrivilegeRepository extends JpaRepository { + public Privilege findByName(String name); +} diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/dao/RoleRepository.java b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/dao/RoleRepository.java new file mode 100644 index 0000000000..cf4b46d41d --- /dev/null +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/dao/RoleRepository.java @@ -0,0 +1,8 @@ +package org.baeldung.persistence.dao; + +import org.baeldung.persistence.model.Role; +import org.springframework.data.jpa.repository.JpaRepository; + +public interface RoleRepository extends JpaRepository { + public Role findByName(String name); +} diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/Privilege.java b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/Privilege.java new file mode 100644 index 0000000000..b8b1266aff --- /dev/null +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/Privilege.java @@ -0,0 +1,85 @@ +package org.baeldung.persistence.model; + +import java.util.Collection; + +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.ManyToMany; +import javax.persistence.Table; + +@Entity +@Table +public class Privilege { + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long id; + + private String name; + + @ManyToMany(mappedBy = "privileges") + private Collection roles; + + public Privilege() { + super(); + } + + public Privilege(String name) { + super(); + this.name = name; + } + + public Long getId() { + return id; + } + + public void setId(Long id) { + this.id = id; + } + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public Collection getRoles() { + return roles; + } + + public void setRoles(Collection roles) { + this.roles = roles; + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((name == null) ? 0 : name.hashCode()); + return result; + } + + @Override + public boolean equals(final Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + final Privilege privilege = (Privilege) obj; + if (!privilege.equals(privilege.name)) + return false; + return true; + } + + @Override + public String toString() { + final StringBuilder builder = new StringBuilder(); + builder.append("Privilege [name=").append(name).append("]").append("[id=").append(id).append("]"); + return builder.toString(); + } +} diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/Role.java b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/Role.java index b6d495a266..9bea890ff5 100644 --- a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/Role.java +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/Role.java @@ -1,14 +1,17 @@ package org.baeldung.persistence.model; +import java.util.Collection; + import javax.persistence.CascadeType; import javax.persistence.Entity; -import javax.persistence.FetchType; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; -import javax.persistence.JoinColumn; -import javax.persistence.OneToOne; +import javax.persistence.JoinTable; +import javax.persistence.ManyToMany; +import javax.persistence.OneToMany; import javax.persistence.Table; +import javax.persistence.JoinColumn; @Entity @Table @@ -18,25 +21,22 @@ public class Role { @GeneratedValue(strategy = GenerationType.AUTO) private Long id; - @OneToOne(targetEntity = User.class, fetch = FetchType.EAGER, cascade = CascadeType.ALL) - @JoinColumn(name = "user_id") - private User user; + @OneToMany(mappedBy = "role") + private Collection users; - private Integer role; + @ManyToMany(cascade = CascadeType.ALL) + @JoinTable(name = "roles_privileges", joinColumns = @JoinColumn(name = "role_id", referencedColumnName = "id"), inverseJoinColumns = @JoinColumn(name = "privilege_id", referencedColumnName = "id")) + private Collection privileges; + + private String name; public Role() { super(); } - public Role(Integer role) { + public Role(String name) { super(); - this.role = role; - } - - public Role(Integer role, User user) { - super(); - this.role = role; - this.user = user; + this.name = name; } public Long getId() { @@ -47,27 +47,35 @@ public class Role { this.id = id; } - public User getUser() { - return user; + public String getName() { + return name; } - public void setUser(User user) { - this.user = user; + public void setName(String name) { + this.name = name; } - public Integer getRole() { - return role; + public Collection getUsers() { + return users; } - public void setRole(Integer role) { - this.role = role; + public void setUsers(Collection users) { + this.users = users; + } + + public Collection getPrivileges() { + return privileges; + } + + public void setPrivileges(Collection privileges) { + this.privileges = privileges; } @Override public int hashCode() { final int prime = 31; int result = 1; - result = prime * result + ((role == null) ? 0 : role.hashCode()); + result = prime * result + ((name == null) ? 0 : name.hashCode()); return result; } @@ -80,7 +88,7 @@ public class Role { if (getClass() != obj.getClass()) return false; final Role role = (Role) obj; - if (!role.equals(role.role)) + if (!role.equals(role.name)) return false; return true; } @@ -88,7 +96,7 @@ public class Role { @Override public String toString() { final StringBuilder builder = new StringBuilder(); - builder.append("Role [role=").append(role).append("]").append("[id=").append(id).append("]"); + builder.append("Role [name=").append(name).append("]").append("[id=").append(id).append("]"); return builder.toString(); } } \ No newline at end of file diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/User.java b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/User.java index 08bb005e63..881b5dd988 100644 --- a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/User.java +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/User.java @@ -1,16 +1,16 @@ package org.baeldung.persistence.model; -import javax.persistence.CascadeType; -//ERASE -import javax.persistence.Column; + import javax.persistence.Entity; -import javax.persistence.FetchType; import javax.persistence.GeneratedValue; import javax.persistence.GenerationType; import javax.persistence.Id; -import javax.persistence.OneToOne; +import javax.persistence.JoinColumn; +import javax.persistence.ManyToOne; +import javax.persistence.Table; @Entity +@Table public class User { @Id @@ -29,7 +29,8 @@ public class User { private boolean tokenExpired; - @OneToOne(mappedBy = "user", fetch = FetchType.EAGER, cascade = CascadeType.ALL) + @ManyToOne(optional = false) + @JoinColumn(name = "role_id") private Role role; public User() { diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserService.java b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserService.java index 997b4846f7..ab1a728b12 100644 --- a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserService.java +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserService.java @@ -2,9 +2,9 @@ package org.baeldung.persistence.service; import javax.transaction.Transactional; +import org.baeldung.persistence.dao.RoleRepository; import org.baeldung.persistence.dao.UserRepository; import org.baeldung.persistence.dao.VerificationTokenRepository; -import org.baeldung.persistence.model.Role; import org.baeldung.persistence.model.User; import org.baeldung.persistence.model.VerificationToken; import org.baeldung.validation.EmailExistsException; @@ -24,6 +24,9 @@ public class UserService implements IUserService { @Autowired private PasswordEncoder passwordEncoder; + @Autowired + private RoleRepository roleRepository; + // API @Override @@ -38,7 +41,7 @@ public class UserService implements IUserService { user.setPassword(passwordEncoder.encode(accountDto.getPassword())); user.setEmail(accountDto.getEmail()); - user.setRole(new Role(Integer.valueOf(1), user)); + user.setRole(roleRepository.findByName("ROLE_USER")); return repository.save(user); } @@ -77,4 +80,4 @@ public class UserService implements IUserService { return false; } -} +} \ No newline at end of file diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java b/spring-security-login-and-registration/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java index 64c28d70c3..09b22064b7 100644 --- a/spring-security-login-and-registration/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/security/MySimpleUrlAuthenticationSuccessHandler.java @@ -48,11 +48,11 @@ public class MySimpleUrlAuthenticationSuccessHandler implements AuthenticationSu boolean isAdmin = false; Collection authorities = authentication.getAuthorities(); for (GrantedAuthority grantedAuthority : authorities) { - if (grantedAuthority.getAuthority().equals("ROLE_USER")) { + if (grantedAuthority.getAuthority().equals("READ_PRIVILEGE")) { isUser = true; - break; - } else if (grantedAuthority.getAuthority().equals("ROLE_ADMIN")) { + } else if (grantedAuthority.getAuthority().equals("WRITE_PRIVILEGE")) { isAdmin = true; + isUser = false; break; } } diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/security/MyUserDetailsService.java b/spring-security-login-and-registration/src/main/java/org/baeldung/security/MyUserDetailsService.java index 9de15b85e4..6dfcdb64ac 100644 --- a/spring-security-login-and-registration/src/main/java/org/baeldung/security/MyUserDetailsService.java +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/security/MyUserDetailsService.java @@ -7,7 +7,10 @@ import java.util.List; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.baeldung.persistence.dao.RoleRepository; import org.baeldung.persistence.dao.UserRepository; +import org.baeldung.persistence.model.Privilege; +import org.baeldung.persistence.model.Role; import org.baeldung.persistence.model.User; import org.baeldung.persistence.service.IUserService; import org.springframework.beans.factory.annotation.Autowired; @@ -27,7 +30,9 @@ public class MyUserDetailsService implements UserDetailsService { private IUserService service; @Autowired private MessageSource messages; - + @Autowired + private RoleRepository roleRepository; + public MyUserDetailsService() { } @@ -40,34 +45,33 @@ public class MyUserDetailsService implements UserDetailsService { try { User user = userRepository.findByEmail(email); if (user == null) { - return new org.springframework.security.core.userdetails.User(" ", " ", enabled, true, true, true, getAuthorities(new Integer(1))); + return new org.springframework.security.core.userdetails.User(" ", " ", enabled, true, true, true, getAuthorities(roleRepository.findByName("ROLE_USER"))); } - return new org.springframework.security.core.userdetails.User(user.getEmail(), user.getPassword(), user.isEnabled(), accountNonExpired, credentialsNonExpired, accountNonLocked, getAuthorities(user.getRole().getRole())); + return new org.springframework.security.core.userdetails.User(user.getEmail(), user.getPassword(), user.isEnabled(), accountNonExpired, credentialsNonExpired, accountNonLocked, getAuthorities(user.getRole())); } catch (Exception e) { throw new RuntimeException(e); } } - private Collection getAuthorities(Integer role) { - List authList = getGrantedAuthorities(getRoles(role)); + private Collection getAuthorities(Role roleName) { + List authList = getGrantedAuthorities(getPrivileges(roleName)); return authList; } - public List getRoles(Integer role) { - List roles = new ArrayList(); - if (role.intValue() == 2) { - roles.add("ROLE_ADMIN"); - } else if (role.intValue() == 1) { - roles.add("ROLE_USER"); + public List getPrivileges(Role role) { + List privileges = new ArrayList(); + Collection collection = role.getPrivileges(); + for (Privilege item : collection) { + privileges.add(item.getName()); } - return roles; + return privileges; } - private static List getGrantedAuthorities(List roles) { + private static List getGrantedAuthorities(List privileges) { List authorities = new ArrayList(); - for (String role : roles) { - authorities.add(new SimpleGrantedAuthority(role)); + for (String privilege : privileges) { + authorities.add(new SimpleGrantedAuthority(privilege)); } return authorities; } diff --git a/spring-security-login-and-registration/src/main/java/org/baeldung/spring/InitialDataLoader.java b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/InitialDataLoader.java new file mode 100644 index 0000000000..afe7d8b774 --- /dev/null +++ b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/InitialDataLoader.java @@ -0,0 +1,58 @@ +package org.baeldung.spring; + +import java.util.Arrays; + +import org.baeldung.persistence.dao.PrivilegeRepository; +import org.baeldung.persistence.dao.RoleRepository; +import org.baeldung.persistence.model.Privilege; +import org.baeldung.persistence.model.Role; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationListener; +import org.springframework.context.event.ContextRefreshedEvent; +import org.springframework.stereotype.Component; +import org.springframework.transaction.annotation.Transactional; + +@Component +public class InitialDataLoader implements ApplicationListener{ + + boolean alreadyExist = false; + + @Autowired + private RoleRepository roleRepository; + + @Autowired + private PrivilegeRepository privilegeRepository; + + @Override + @Transactional + public void onApplicationEvent(ContextRefreshedEvent event) { + if(alreadyExist) + return; + if(roleRepository.findAll().size() > 0 || privilegeRepository.findAll().size() > 0) + return; + + //== create initial roles + Role admin = new Role("ROLE_ADMIN"); + Role user = new Role("ROLE_USER"); + + //== create initial privileges + Privilege readPrivilege = new Privilege("READ_PRIVILEGE"); + Privilege writePrivilege = new Privilege("WRITE_PRIVILEGE"); + + //== link roles and privileges + Privilege[] adminPrivileges = {readPrivilege, writePrivilege}; + admin.setPrivileges(Arrays.asList(adminPrivileges)); + + Privilege[] userPrivileges = {readPrivilege}; + user.setPrivileges(Arrays.asList(userPrivileges)); + + //== save to database + privilegeRepository.save(readPrivilege); + privilegeRepository.save(writePrivilege); + roleRepository.save(admin); + roleRepository.save(user); + + alreadyExist = true; + } + +} \ No newline at end of file diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/admin.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/admin.jsp index 7456f2ebae..a5d9c0e765 100644 --- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/admin.jsp +++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/admin.jsp @@ -11,10 +11,10 @@
- + - +

diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/console.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/console.jsp index da04eac57d..cd3146914d 100644 --- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/console.jsp +++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/console.jsp @@ -10,11 +10,11 @@

This is the landing page for the admin

- + This text is only visible to a user
- + This text is only visible to an admin
diff --git a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/homepage.jsp b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/homepage.jsp index 2d2942b44e..433de08b84 100644 --- a/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/homepage.jsp +++ b/spring-security-login-and-registration/src/main/webapp/WEB-INF/view/homepage.jsp @@ -13,12 +13,12 @@
- +
- +