Commit 353d9d4f7b2a906f1be6785edb33c74c8ed54423
1 parent
77c18061
désactivation des token csrf pour pouvoir appeller les requêtes POST
Showing
16 changed files
with
306 additions
and
22 deletions
Show diff stats
... | ... | @@ -0,0 +1,25 @@ |
1 | +<?xml version="1.0" encoding="UTF-8"?> | |
2 | +<actions> | |
3 | + <action> | |
4 | + <actionName>CUSTOM-spb</actionName> | |
5 | + <displayName>spb</displayName> | |
6 | + <goals> | |
7 | + <goal>spring-boot:run</goal> | |
8 | + </goals> | |
9 | + </action> | |
10 | + <action> | |
11 | + <actionName>debug</actionName> | |
12 | + <packagings> | |
13 | + <packaging>war</packaging> | |
14 | + <packaging>ear</packaging> | |
15 | + <packaging>ejb</packaging> | |
16 | + </packagings> | |
17 | + <goals> | |
18 | + <goal>spring-boot:run</goal> | |
19 | + </goals> | |
20 | + <properties> | |
21 | + <run.jvmArguments>-Xdebug -Xrunjdwp:transport=dt_socket,server=n,address=${jpda.address}</run.jvmArguments> | |
22 | + <jpda.listen>true</jpda.listen> | |
23 | + </properties> | |
24 | + </action> | |
25 | + </actions> | |
... | ... |
pom.xml
... | ... | @@ -28,6 +28,10 @@ |
28 | 28 | <groupId>org.springframework.boot</groupId> |
29 | 29 | <artifactId>spring-boot-starter-data-jpa</artifactId> |
30 | 30 | </dependency> |
31 | + <dependency> | |
32 | + <groupId>org.springframework.boot</groupId> | |
33 | + <artifactId>spring-boot-devtools</artifactId> | |
34 | + </dependency> | |
31 | 35 | <dependency> |
32 | 36 | <groupId>org.springframework.boot</groupId> |
33 | 37 | <artifactId>spring-boot-starter-web</artifactId> |
... | ... |
src/main/java/fr/plil/sio/web/mvc/ApplicationSecurityConfiguration.java
... | ... | @@ -28,6 +28,7 @@ public class ApplicationSecurityConfiguration extends WebSecurityConfigurerAdapt |
28 | 28 | http |
29 | 29 | .authorizeRequests() |
30 | 30 | .antMatchers("/webjars/**").permitAll() |
31 | + .antMatchers("/js/**").permitAll() | |
31 | 32 | .anyRequest().authenticated() |
32 | 33 | .and() |
33 | 34 | .formLogin() |
... | ... | @@ -36,6 +37,7 @@ public class ApplicationSecurityConfiguration extends WebSecurityConfigurerAdapt |
36 | 37 | .and() |
37 | 38 | .logout() |
38 | 39 | .permitAll(); |
40 | + http.csrf().disable(); | |
39 | 41 | } |
40 | 42 | |
41 | 43 | @Autowired |
... | ... |
... | ... | @@ -0,0 +1,86 @@ |
1 | +package fr.plil.sio.web.mvc; | |
2 | + | |
3 | +import java.util.Objects; | |
4 | +import javax.persistence.*; | |
5 | + | |
6 | + | |
7 | +@Entity | |
8 | +public class Dette { | |
9 | + | |
10 | + @Id | |
11 | + @GeneratedValue(strategy= GenerationType.AUTO) | |
12 | + private Long id; | |
13 | + | |
14 | + @Column | |
15 | + private Double sommeDette; | |
16 | + | |
17 | + | |
18 | + @ManyToOne(optional = false) | |
19 | + private User dueToUser; | |
20 | + | |
21 | + @ManyToOne(optional = false) | |
22 | + private User holderOfDebt; | |
23 | + | |
24 | + public Double getSommeDette() { | |
25 | + return sommeDette; | |
26 | + } | |
27 | + | |
28 | + public void setSommeDette(Double sommeDette) { | |
29 | + this.sommeDette = sommeDette; | |
30 | + } | |
31 | + | |
32 | + | |
33 | + public User getDueToUser() { | |
34 | + return dueToUser; | |
35 | + } | |
36 | + | |
37 | + public void setDueToUser(User dueToUser) { | |
38 | + this.dueToUser = dueToUser; | |
39 | + } | |
40 | + | |
41 | + public User getHolderOfDebt() { | |
42 | + return holderOfDebt; | |
43 | + } | |
44 | + | |
45 | + public void setHolderOfDebt(User holderOfDebt) { | |
46 | + this.holderOfDebt = holderOfDebt; | |
47 | + } | |
48 | + | |
49 | + | |
50 | + | |
51 | + @Override | |
52 | + public int hashCode() { | |
53 | + int hash = 5; | |
54 | + hash = 71 * hash + Objects.hashCode(this.sommeDette); | |
55 | + return hash; | |
56 | + } | |
57 | + | |
58 | + @Override | |
59 | + public boolean equals(Object obj) { | |
60 | + if (obj == null) { | |
61 | + return false; | |
62 | + } | |
63 | + if (getClass() != obj.getClass()) { | |
64 | + return false; | |
65 | + } | |
66 | + final Dette other = (Dette) obj; | |
67 | + if (!Objects.equals(this.sommeDette, other.sommeDette)) { | |
68 | + return false; | |
69 | + } | |
70 | + if (!Objects.equals(this.dueToUser, other.dueToUser)) { | |
71 | + return false; | |
72 | + } | |
73 | + if (!Objects.equals(this.holderOfDebt, other.holderOfDebt)) { | |
74 | + return false; | |
75 | + } | |
76 | + return true; | |
77 | + } | |
78 | + | |
79 | + | |
80 | + | |
81 | + | |
82 | + | |
83 | + | |
84 | + | |
85 | + | |
86 | +} | |
... | ... |
... | ... | @@ -0,0 +1,33 @@ |
1 | +/* | |
2 | + * To change this license header, choose License Headers in Project Properties. | |
3 | + * To change this template file, choose Tools | Templates | |
4 | + * and open the template in the editor. | |
5 | + */ | |
6 | +package fr.plil.sio.web.mvc; | |
7 | + | |
8 | +/** | |
9 | + * | |
10 | + * @author msahmane | |
11 | + */ | |
12 | +public class DetteForm { | |
13 | + | |
14 | + private String username; | |
15 | + private String sommeDette; | |
16 | + | |
17 | + public String getUsername() { | |
18 | + return username; | |
19 | + } | |
20 | + | |
21 | + public void setUsername(String username) { | |
22 | + this.username = username; | |
23 | + } | |
24 | + | |
25 | + public String getSommeDette() { | |
26 | + return sommeDette; | |
27 | + } | |
28 | + | |
29 | + public void setSommeDette(String sommeDette) { | |
30 | + this.sommeDette = sommeDette; | |
31 | + } | |
32 | + | |
33 | +} | |
... | ... |
src/main/java/fr/plil/sio/web/mvc/User.java
... | ... | @@ -2,11 +2,13 @@ package fr.plil.sio.web.mvc; |
2 | 2 | |
3 | 3 | |
4 | 4 | import com.fasterxml.jackson.annotation.JsonManagedReference; |
5 | +import java.util.ArrayList; | |
5 | 6 | import org.springframework.security.core.GrantedAuthority; |
6 | 7 | import org.springframework.security.core.userdetails.UserDetails; |
7 | 8 | |
8 | 9 | import javax.persistence.*; |
9 | 10 | import java.util.Collection; |
11 | +import java.util.List; | |
10 | 12 | import java.util.Set; |
11 | 13 | import java.util.TreeSet; |
12 | 14 | |
... | ... | @@ -25,6 +27,18 @@ public class User implements UserDetails { |
25 | 27 | @Column(name = "PASSWORD_F") |
26 | 28 | private String password; |
27 | 29 | |
30 | + @OneToMany(mappedBy="holderOfDebt",cascade = CascadeType.REMOVE) | |
31 | + private List<Dette> dettes = new ArrayList<Dette>(); | |
32 | + | |
33 | + public List<Dette> getDettes() { | |
34 | + return dettes; | |
35 | + } | |
36 | + | |
37 | + public void setDettes(List<Dette> dettes) { | |
38 | + this.dettes = dettes; | |
39 | + } | |
40 | + | |
41 | + | |
28 | 42 | @ManyToMany(mappedBy = "users", fetch = FetchType.EAGER) |
29 | 43 | @JsonManagedReference |
30 | 44 | private Set<Role> roles = new TreeSet<>(); |
... | ... |
src/main/java/fr/plil/sio/web/mvc/UserRepository.java
1 | 1 | package fr.plil.sio.web.mvc; |
2 | 2 | |
3 | +import java.util.List; | |
3 | 4 | import org.springframework.data.jpa.repository.JpaRepository; |
4 | 5 | |
5 | 6 | public interface UserRepository extends JpaRepository<User, Long> { |
6 | 7 | |
7 | 8 | User findByUsername(String username); |
9 | + List<Dette> findDettesByUsername(String username); | |
10 | + | |
11 | + | |
8 | 12 | } |
... | ... |
src/main/java/fr/plil/sio/web/mvc/UserRestController.java
... | ... | @@ -7,6 +7,7 @@ import org.springframework.web.bind.annotation.RestController; |
7 | 7 | |
8 | 8 | import javax.annotation.Resource; |
9 | 9 | import java.util.List; |
10 | +import org.springframework.web.bind.annotation.RequestParam; | |
10 | 11 | |
11 | 12 | @RestController |
12 | 13 | public class UserRestController { |
... | ... | @@ -23,4 +24,15 @@ public class UserRestController { |
23 | 24 | public User listUsers(@PathVariable String username) { |
24 | 25 | return userService.findByUsername(username); |
25 | 26 | } |
26 | -} | |
27 | 27 | \ No newline at end of file |
28 | + | |
29 | + @RequestMapping(value = "/api/debts/{username}/", method = RequestMethod.GET) | |
30 | + public List<Dette> listDettes(@PathVariable String username) { | |
31 | + return userService.findDettesByUsername(username); | |
32 | + } | |
33 | + | |
34 | + @RequestMapping(value = "/api/addDette/", method = RequestMethod.POST) | |
35 | + public boolean addDette(@RequestParam(value="username",required=false) String username,@RequestParam(value="sommeDette",required=false) String sommeDette) { | |
36 | + return userService.addDette(username,sommeDette); | |
37 | + } | |
38 | + | |
39 | +} | |
... | ... |
src/main/java/fr/plil/sio/web/mvc/UserService.java
1 | 1 | package fr.plil.sio.web.mvc; |
2 | 2 | |
3 | 3 | import java.util.List; |
4 | +import org.springframework.web.bind.annotation.ResponseBody; | |
4 | 5 | |
5 | 6 | public interface UserService { |
6 | 7 | |
7 | 8 | User createUser(String username, String password); |
8 | 9 | |
9 | 10 | User findByUsername(String username); |
11 | + | |
12 | + List<Dette> findDettesByUsername(String username); | |
10 | 13 | |
11 | 14 | List<User> findAll(); |
15 | + | |
16 | + boolean addDette(String username,String sommeDette); | |
12 | 17 | } |
... | ... |
src/main/java/fr/plil/sio/web/mvc/UserServiceImpl.java
... | ... | @@ -8,6 +8,7 @@ import javax.annotation.Resource; |
8 | 8 | import java.util.HashSet; |
9 | 9 | import java.util.List; |
10 | 10 | import java.util.Set; |
11 | +import org.springframework.web.bind.annotation.ResponseBody; | |
11 | 12 | |
12 | 13 | @Service("userService") |
13 | 14 | public class UserServiceImpl implements UserService { |
... | ... | @@ -21,6 +22,9 @@ public class UserServiceImpl implements UserService { |
21 | 22 | @Resource |
22 | 23 | private PasswordEncoder passwordEncoder; |
23 | 24 | |
25 | + @Resource | |
26 | + private SecurityService securityService; | |
27 | + | |
24 | 28 | @Override |
25 | 29 | @Transactional |
26 | 30 | public User createUser(String username, String password) { |
... | ... | @@ -42,7 +46,39 @@ public class UserServiceImpl implements UserService { |
42 | 46 | |
43 | 47 | @Override |
44 | 48 | @Transactional(readOnly = true) |
49 | + public List<Dette> findDettesByUsername(String username) { | |
50 | + return userRepository.findDettesByUsername(username); | |
51 | + } | |
52 | + | |
53 | + @Override | |
54 | + @Transactional(readOnly = true) | |
45 | 55 | public List<User> findAll() { |
46 | 56 | return userRepository.findAll(); |
47 | 57 | } |
58 | + | |
59 | + @Override | |
60 | + @Transactional | |
61 | + public boolean addDette(String username, String sommeDette) { | |
62 | + //Get the holder of debt | |
63 | + User user = userRepository.findByUsername(username); | |
64 | + | |
65 | + //Get connected user | |
66 | + // Authentication auth = SecurityContextHolder.getContext().getAuthentication(); | |
67 | + String connectedUsername = securityService.findLoggedInUsername(); | |
68 | + User connectedUser = userRepository.findByUsername(connectedUsername); | |
69 | + | |
70 | + //Set dette | |
71 | + List<Dette> dettes = user.getDettes(); | |
72 | + List<Dette> newDettes = user.getDettes(); | |
73 | + Dette d = new Dette(); | |
74 | + Double dSomme = Double.parseDouble(sommeDette); | |
75 | + d.setSommeDette(dSomme); | |
76 | + d.setHolderOfDebt(connectedUser); | |
77 | + d.setDueToUser(user); | |
78 | + newDettes.add(d); | |
79 | + connectedUser.setDettes(newDettes); | |
80 | + | |
81 | + return true; | |
82 | + } | |
83 | + | |
48 | 84 | } |
... | ... |
src/main/resources/import.sql
1 | 1 | INSERT INTO USER_T (USERNAME_F, PASSWORD_F) VALUES ('admin', '$2a$04$/87gxfQlNqMNRvI/ILyZ/.F8Bk2/t2RuWoZXE1upQHeUglbjTYIIa'); |
2 | +INSERT INTO USER_T (USERNAME_F, PASSWORD_F) VALUES ('test', '$2a$04$/87gxfQlNqMNRvI/ILyZ/.F8Bk2/t2RuWoZXE1upQHeUglbjTYIIa'); | |
3 | +INSERT INTO USER_T (USERNAME_F, PASSWORD_F) VALUES ('test1', '$2a$04$/87gxfQlNqMNRvI/ILyZ/.F8Bk2/t2RuWoZXE1upQHeUglbjTYIIa'); | |
4 | +INSERT INTO USER_T (USERNAME_F, PASSWORD_F) VALUES ('test2', '$2a$04$/87gxfQlNqMNRvI/ILyZ/.F8Bk2/t2RuWoZXE1upQHeUglbjTYIIa'); | |
5 | +INSERT INTO USER_T (USERNAME_F, PASSWORD_F) VALUES ('test3', '$2a$04$/87gxfQlNqMNRvI/ILyZ/.F8Bk2/t2RuWoZXE1upQHeUglbjTYIIa'); | |
6 | +INSERT INTO USER_T (USERNAME_F, PASSWORD_F) VALUES ('test4', '$2a$04$/87gxfQlNqMNRvI/ILyZ/.F8Bk2/t2RuWoZXE1upQHeUglbjTYIIa'); | |
2 | 7 | INSERT INTO ROLE_T (NAME_F) VALUES ('ROLE_ADMIN'); |
3 | 8 | INSERT INTO ROLE_T (NAME_F) VALUES ('ROLE_USER'); |
4 | 9 | INSERT INTO USER_ROLE_T (USER_ID, ROLE_ID) VALUES ((SELECT USER_ID FROM USER_T WHERE USERNAME_F = 'admin'), (SELECT ROLE_ID FROM ROLE_T WHERE NAME_F = 'ROLE_ADMIN')); |
5 | 10 | \ No newline at end of file |
... | ... |
src/main/webapp/WEB-INF/pages/footer.jsp
src/main/webapp/WEB-INF/pages/header.jsp
src/main/webapp/WEB-INF/pages/viewUsers.jsp
... | ... | @@ -5,29 +5,28 @@ |
5 | 5 | <jsp:include page="header.jsp"> |
6 | 6 | <jsp:param name="pageTitle" value="View users page"/> |
7 | 7 | </jsp:include> |
8 | - | |
9 | - <h1><spring:message code="view.users.main.header"/></h1> | |
10 | - | |
11 | - <h4><spring:message code="view.users.greetings"/> ${userSession.username} !</h4> | |
12 | - | |
13 | - <table> | |
14 | - <thead> | |
15 | - <tr> | |
16 | - <td><spring:message code="domain.user.username"/></td> | |
17 | - </tr> | |
18 | - </thead> | |
19 | - <tbody> | |
20 | - <c:forEach items="${users}" var="user"> | |
21 | - <tr> | |
22 | - <td>${user.username}</td> | |
23 | - </tr> | |
24 | - </c:forEach> | |
25 | - </tbody> | |
26 | - </table> | |
27 | - | |
8 | +<body> | |
9 | + | |
10 | + <form> | |
11 | + <div class="form-group"> | |
12 | + <label for="debt">Somme de la dette</label> | |
13 | + <input type="number" class="form-control" id="sommeDette"/> | |
14 | + <label for="debtFor">A : </label> | |
15 | + <input type="text" class="form-control" id="username"/> | |
16 | + | |
17 | + </div> | |
18 | + <button type="submit" onclick="updateDebtOfUser()">Update</button> | |
19 | + </form> | |
20 | + | |
21 | + | |
22 | + | |
23 | + | |
28 | 24 | <ul> |
29 | 25 | <li><a href="newUser"><spring:message code="new.user.main.header"/></a></li> |
30 | 26 | <li><a href="login?logout"><spring:message code="view.users.main.logout"/></a></li> |
31 | 27 | </ul> |
28 | +</body> | |
29 | + | |
30 | + | |
32 | 31 | |
33 | 32 | <jsp:include page="footer.jsp"/> |
34 | 33 | \ No newline at end of file |
... | ... |
... | ... | @@ -0,0 +1,57 @@ |
1 | +var debtsOfUser = []; | |
2 | + | |
3 | +function getDebtsOfUser(username){ | |
4 | + var url = "/api/userDebts"+username; | |
5 | + | |
6 | + $.getJson(url,function(d){ | |
7 | + debtsOfUser = d; | |
8 | + }); | |
9 | +} | |
10 | + | |
11 | +function updateDebtOfUser(){ | |
12 | + | |
13 | + var url ="/api/addDette/"; | |
14 | + | |
15 | + | |
16 | + | |
17 | + | |
18 | + var user = $("#username").val(); | |
19 | + var dette = $("#sommeDette").val(); | |
20 | + | |
21 | + var requestData = { | |
22 | + 'username':user, | |
23 | + 'sommeDette':dette | |
24 | + }; | |
25 | + | |
26 | + | |
27 | + | |
28 | + | |
29 | +// var dette = { | |
30 | +// username:$("#username").val(), | |
31 | +// sommeDette : $("#sommeDette").val() | |
32 | +// }; | |
33 | +// console.log(dette); | |
34 | +// var url ="/api/addDette/"; | |
35 | +// | |
36 | + $.ajax({ | |
37 | + url:url, | |
38 | + method:"POST", | |
39 | + data:requestData | |
40 | + }).done(function(d){ | |
41 | + alert("Ok"); | |
42 | + }).success(function(d){ | |
43 | + console.log(d); | |
44 | + }); | |
45 | +// | |
46 | +} | |
47 | + | |
48 | + | |
49 | +(function(){ | |
50 | + 'use strict'; | |
51 | + | |
52 | + | |
53 | + | |
54 | + | |
55 | + | |
56 | +})(); | |
57 | + | |
... | ... |
src/test/java/fr/plil/sio/web/mvc/UserRepositoryTest.java
... | ... | @@ -21,7 +21,7 @@ public class UserRepositoryTest { |
21 | 21 | |
22 | 22 | @Test |
23 | 23 | public void testAdminPresent() { |
24 | - assertEquals(1, userRepository.findAll().size()); | |
24 | + assertEquals(6, userRepository.findAll().size()); | |
25 | 25 | assertNotNull(userRepository.findByUsername("admin")); |
26 | 26 | assertEquals("admin", userRepository.findByUsername("admin").getUsername()); |
27 | 27 | } |
... | ... |