Spring Boot Web Security Maven

Author: Urunov

Chapter4_Securing Spring/src/main/java/spring/security/Ingredient.java

@@ -9,14 +9,14 @@
 import javax.persistence.Id;
 
 /**
- * @Created 17 / 03 / 2020 - 6:43 PM
+ * @Created 23 / 03 / 2020 - 5:17 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
 
 @Data
 @RequiredArgsConstructor
-@NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
+//@NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
 @Entity
 public class Ingredient {
     //
@@ -25,7 +25,7 @@ public class Ingredient {
     private final String name;
     private final Type type;
 
-    public static enum Type{
+    public static enum Type {
         WRAP, PROTEIN, VEGGIES, CHEESE, SAUCE
     }
 }

Chapter4_Securing Spring/src/main/java/spring/security/Taco.java

@@ -16,6 +16,7 @@
 
 @Data
 @Entity
+
 public class Taco {
     //
 
@@ -31,7 +32,7 @@ public class Taco {
 
     @ManyToMany(targetEntity = Ingredient.class)
     @Size(min=1, message = "You must choose at least 1 ingredient")
-    private List <Ingredient> ingredients;
+    private List<Ingredient> ingredients;
 
     @PrePersist
     void createAt(){

Chapter4_Securing Spring/src/main/java/spring/security/data/IngredientRepository.java

@@ -1,7 +1,6 @@
 package spring.security.data;
 
 import org.springframework.data.repository.CrudRepository;
-import spring.security.Ingredient;
 
 /**
  * @Created 17 / 03 / 2020 - 6:45 PM

Chapter4_Securing Spring/src/main/java/spring/security/web/DesignTacoController.java

@@ -1,14 +1,32 @@
 package spring.security.web;
 
-import lombok.extern.slf4j.Slf4j;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import javax.validation.Valid;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.User;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
+import org.springframework.validation.Errors;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.SessionAttributes;
+
+import lombok.extern.slf4j.Slf4j;
 import spring.security.Ingredient;
+import spring.security.Order;
+import spring.security.Taco;
+import spring.security.data.IngredientRepository;
+import spring.security.data.TacoRepository;
+import spring.security.data.UserRepository;
 
-import java.util.Arrays;
-import java.util.List;
 
 /**
  * @Created 17 / 03 / 2020 - 6:44 PM
@@ -19,30 +37,79 @@
 @Slf4j
 @Controller
 @RequestMapping("/design")
+@SessionAttributes("order")
+
 public class DesignTacoController {
     //
+    private final IngredientRepository ingredientRepo;
+
+    private TacoRepository tacoRepo;
 
-    GetMapping
-    public String showDesignForm(Model model) {
-        List<Ingredient> ingredients = Arrays.asList(
-                new Ingredient("FLTO", "Flour Tortilla", Ingredient.Type.WRAP),
-                new Ingredient("COTO", "Corn Tortilla", Ingredient.Type.WRAP),
-                new Ingredient("GRBF", "Ground Beef", Ingredient.Type.PROTEIN),
-                new Ingredient("CARN", "Carnitas", Ingredient.Type.PROTEIN),
-                new Ingredient("TMTO", "Diced Tomatoes", Ingredient.Type.VEGGIES),
-                new Ingredient("LETC", "Lettuce", Ingredient.Type.VEGGIES),
-                new Ingredient("CHED", "Cheddar", Ingredient.Type.CHEESE),
-                new Ingredient("JACK", "Monterrey Jack", Ingredient.Type.CHEESE),
-                new Ingredient("SLSA", "Salsa", Ingredient.Type.SAUCE),
-                new Ingredient("SRCR", "Sour Cream", Ingredient.Type.SAUCE)
-        );
+    private UserRepository userRepo;
+
+    @Autowired
+    public DesignTacoController(
+            IngredientRepository ingredientRepo,
+            TacoRepository tacoRepo,
+            UserRepository userRepo) {
+        this.ingredientRepo = ingredientRepo;
+        this.tacoRepo = tacoRepo;
+        this.userRepo = userRepo;
+    }
+
+    @ModelAttribute(name = "order")
+    public Order order() {
+        return new Order();
+    }
+
+    @ModelAttribute(name = "design")
+    public Taco design() {
+        return new Taco();
+    }
+
+    @GetMapping
+    public String showDesignForm(Model model, Principal principal) {
+        log.info("   --- Designing taco");
+        List<Ingredient> ingredients = new ArrayList<>();
+        ingredientRepo.findAll().forEach(i -> ingredients.add(i));
 
         Ingredient.Type[] types = Ingredient.Type.values();
-        for (Type type : types) {
-            model.addAttribute(type.toString().toLowerCase(), filterByType(ingredients, type));
+        for (Ingredient.Type type : types) {
+            model.addAttribute(type.toString().toLowerCase(),
+                    filterByType(ingredients, type));
         }
-        model.addAttribute("design", new Taco());
+
+        String username = principal.getName();
+        User user = userRepo.findByUsername(username);
+        model.addAttribute("user", user);
+
         return "design";
     }
+
+    @PostMapping
+    public String processDesign(
+            @Valid Taco taco, Errors errors,
+            @ModelAttribute Order order) {
+
+        log.info("   --- Saving taco");
+
+        if (errors.hasErrors()) {
+            return "design";
+        }
+
+        Taco saved = tacoRepo.save(taco);
+        order.addDesign(saved);
+
+        return "redirect:/orders/current";
+    }
+
+    private List<Ingredient> filterByType(
+            List<Ingredient> ingredients, Ingredient.Type type) {
+        return ingredients
+                .stream()
+                .filter(x -> x.getType().equals(type))
+                .collect(Collectors.toList());
     }
+
+
 }

Chapter4_Securing Spring/src/main/java/spring/security/web/IngredientByIdConverter.java

@@ -1,9 +1,33 @@
 package spring.security.web;
 
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.convert.converter.Converter;
+import org.springframework.stereotype.Component;
+
+
+import spring.security.Ingredient;
+import spring.security.data.IngredientRepository;
+
+import java.util.Optional;
+
 /**
  * @Created 17 / 03 / 2020 - 6:44 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
-public class IngredientByIdConverter {
+
+@Component
+public class IngredientByIdConverter implements Converter<String, Ingredient> {
+
+    private IngredientRepository ingredientRepo;
+    @Autowired
+    private IngredientByIdConverter(IngredientRepository ingredientRepository) {
+        this.ingredientRepo = ingredientRepository;
+    }
+    @Override
+    public Ingredient convert(String id) {
+        Optional<Ingredient> optionalIngredient = ingredientRepo.findById(id);
+        return optionalIngredient.isPresent() ?
+                optionalIngredient.get() : null;
+    }
 }

Chapter4_Securing Spring/src/main/java/spring/security/web/OrderController.java

@@ -1,9 +1,74 @@
 package spring.security.web;
 
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.validation.Errors;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.support.SessionStatus;
+import spring.security.Order;
+import spring.security.data.OrderRepository;
+import spring.security.User;
+
+import javax.validation.Valid;
+
+
 /**
  * @Created 17 / 03 / 2020 - 6:44 PM
  * @project BootSecure
  * @Author Hamdamboy
  */
+
+@Controller
+@RequestMapping("/orders")
+@SessionAttributes("order")
+
 public class OrderController {
+
+    private OrderRepository orderRepo;
+
+    public OrderController(OrderRepository orderRepo) {
+        this.orderRepo = orderRepo;
+    }
+
+    @GetMapping("/current")
+    public String orderForm(@AuthenticationPrincipal User user,
+                            @ModelAttribute Order order) {
+        if (order.getDeliveryName() == null) {
+            order.setDeliveryName(user.getFullname());
+        }
+        if (order.getDeliveryStreet() == null) {
+            order.setDeliveryStreet(user.getStreet());
+        }
+        if (order.getDeliveryCity() == null) {
+            order.setDeliveryCity(user.getCity());
+        }
+        if (order.getDeliveryState() == null) {
+            order.setDeliveryState(user.getState());
+        }
+        if (order.getDeliveryZip() == null) {
+            order.setDeliveryZip(user.getZip());
+        }
+
+        return "orderForm";
+    }
+
+    // tag::processOrderWithAuthenticationPrincipal[]
+    @PostMapping
+    public String processOrder(@Valid Order order, Errors errors,
+                               SessionStatus sessionStatus,
+                               @AuthenticationPrincipal User user) {
+
+        if (errors.hasErrors()) {
+            return "orderForm";
+        }
+
+        order.setUser(user);
+
+        orderRepo.save(order);
+        sessionStatus.setComplete();
+
+        return "redirect:/";
+    }
+    // end::processOrderWithAuthenticationPrincipal[]
 }

Chapter4_Securing Spring/src/main/java/spring/security/web/WebConfig.java

@@ -14,6 +14,7 @@ public class WebConfig extends WebMvcConfigurerAdapter {
     @Override
     public void addViewControllers(ViewControllerRegistry registry) {
         registry.addViewController("/").setViewName("home");
+        registry.addViewController("/abc").setViewName("home");
         registry.addViewController("/login");
     }
 }

Chapter4_Securing Spring/src/main/resources/META-INF/configuration-metadata.json

@@ -0,0 +1,12 @@
+{"properties": [
+  {
+    "name": "taco.orders.page-size",
+    "type": "java.lang.String",
+    "description": "Sets the maximum number of orders to display in a list."
+  },
+  {
+    "name": "taco.discount.codes",
+    "type": "java.util.Map<String, Integer>",
+    "description": "A map of discount codes to a discount percentage."
+  }
+]}