Added Authorization

Ahmad45123 · May 13, 2024 · 89ee9af · 89ee9af
1 parent fa6802c
commit 89ee9af
Show file tree

Hide file tree

Showing 10 changed files with 78 additions and 6 deletions.
diff --git a/services/users/.env b/services/users/.env
@@ -1,4 +1,8 @@
 USERS_DB_URI=mongodb://user:password@users_db:27017/mydatabase?authSource=admin
 
 USERS_MQ_HOST=service_mq
-USERS_SECRET_KEY=j4#BbFGfoc^2k*Bz
+USERS_SECRET_KEY=j4#BbFGfoc^2k*Bz
+
+ADMIN_EMAIL=admin@workup.com
+ADMIN_PASSWORD=admin
+ADMIN_ID=admin
diff --git a/services/users/src/main/java/com/workup/users/commands/LoginCommand.java b/services/users/src/main/java/com/workup/users/commands/LoginCommand.java
@@ -10,12 +10,21 @@
 import java.util.Optional;
 
 public class LoginCommand extends UserCommand<LoginRequest, SignUpAndInResponse> {
-
   @Override
   public SignUpAndInResponse Run(LoginRequest request) {
     String email = request.getEmail();
     String password = request.getPassword();
     try {
+      if (email.equals(adminUserCredentials.getADMIN_EMAIL())
+          && password.equals(adminUserCredentials.getADMIN_PASSWORD())) {
+        return SignUpAndInResponse.builder()
+            .withSuccess(true)
+            .withUserName(adminUserCredentials.getADMIN_EMAIL())
+            .withUserId(adminUserCredentials.getADMIN_USERID())
+            .withUserType(UserType.ADMIN)
+            .withStatusCode(HttpStatusCode.OK)
+            .build();
+      }
       Optional<Client> client = clientRepository.findByEmail(email);
       if (client.isPresent()) {
         if (PasswordHasher.checkPassword(password, client.get().getPassword_hash())) {

diff --git a/services/users/src/main/java/com/workup/users/commands/UserCommand.java b/services/users/src/main/java/com/workup/users/commands/UserCommand.java
@@ -1,6 +1,7 @@
 package com.workup.users.commands;
 
 import com.workup.shared.commands.Command;
+import com.workup.users.config.AdminUserCredentials;
 import com.workup.users.repositories.AchievementRepository;
 import com.workup.users.repositories.ClientRepository;
 import com.workup.users.repositories.EducationRepository;
@@ -30,5 +31,6 @@ public abstract class UserCommand<
   @Setter ClientRepository clientRepository;
 
   @Setter AmqpTemplate rabbitTemplate;
+  @Setter AdminUserCredentials adminUserCredentials;
   @Autowired GridFsTemplate gridFsTemplate;
 }
diff --git a/services/users/src/main/java/com/workup/users/commands/UserCommandMap.java b/services/users/src/main/java/com/workup/users/commands/UserCommandMap.java
@@ -3,6 +3,7 @@
 import com.workup.shared.commands.CommandMap;
 import com.workup.shared.commands.CommandRequest;
 import com.workup.shared.commands.CommandResponse;
+import com.workup.users.config.AdminUserCredentials;
 import com.workup.users.repositories.*;
 import org.springframework.amqp.core.AmqpTemplate;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -17,6 +18,7 @@ public class UserCommandMap
   @Autowired EducationRepository educationRepository;
   @Autowired AchievementRepository achievementRepository;
   @Autowired AmqpTemplate rabbitTemplate;
+  @Autowired AdminUserCredentials adminUserCredentials;
 
   public void registerCommands() {
 
@@ -74,5 +76,6 @@ public void setupCommand(
     command.setEducationRepository(educationRepository);
     command.setAchievementRepository(achievementRepository);
     command.setRabbitTemplate(rabbitTemplate);
+    command.setAdminUserCredentials(adminUserCredentials);
   }
 }
diff --git a/services/users/src/main/java/com/workup/users/config/AdminUserCredentials.java b/services/users/src/main/java/com/workup/users/config/AdminUserCredentials.java
@@ -0,0 +1,19 @@
+package com.workup.users.config;
+
+import lombok.Getter;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+@Getter
+public class AdminUserCredentials {
+  // autowire ADMIN_EMAIL and ADMIN_PASSWORD from environment variables
+  @Value("${ADMIN_EMAIL}")
+  String ADMIN_EMAIL;
+
+  @Value("${ADMIN_PASSWORD}")
+  String ADMIN_PASSWORD;
+
+  @Value("${ADMIN_USERID}")
+  String ADMIN_USERID;
+}
diff --git a/services/users/src/main/resources/application.properties b/services/users/src/main/resources/application.properties
@@ -6,3 +6,7 @@ spring.rabbitmq.port=5672
 spring.rabbitmq.username=guest
 spring.rabbitmq.password=guest
 SECRET_KEY=${USERS_SECRET_KEY}
+
+ADMIN_EMAIL=${ADMIN_EMAIL}
+ADMIN_PASSWORD=${ADMIN_PASSWORD}
+ADMIN_USERID=${ADMIN_USERID}
diff --git a/shared/src/main/java/com/workup/shared/enums/users/UserType.java b/shared/src/main/java/com/workup/shared/enums/users/UserType.java
@@ -2,5 +2,6 @@
 
 public enum UserType {
   FREELANCER,
-  CLIENT
+  CLIENT,
+  ADMIN
 }
diff --git a/webserver/src/main/java/com/workup/webserver/config/JwtAuthFilter.java b/webserver/src/main/java/com/workup/webserver/config/JwtAuthFilter.java
@@ -44,7 +44,7 @@ protected void doFilterInternal(
           // Create a simple authentication token based on the username
           String role = jwtService.extractClaim(token, claims -> claims.get("role", String.class));
           List<GrantedAuthority> authorities =
-              Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role));
+              Collections.singletonList(new SimpleGrantedAuthority(role));
 
           UsernamePasswordAuthenticationToken authToken =
               new UsernamePasswordAuthenticationToken(

diff --git a/webserver/src/main/java/com/workup/webserver/config/SecurityConfig.java b/webserver/src/main/java/com/workup/webserver/config/SecurityConfig.java
@@ -1,5 +1,6 @@
 package com.workup.webserver.config;
 
+import com.workup.shared.enums.users.UserType;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -17,6 +18,9 @@
 public class SecurityConfig {
 
   @Autowired private JwtAuthFilter authFilter;
+  static final String ROLE_CLIENT = UserType.CLIENT.toString();
+  static final String ROLE_FREELANCER = UserType.FREELANCER.toString();
+  static final String ROLE_ADMIN = UserType.ADMIN.toString();
 
   @Bean
   SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
@@ -36,7 +40,33 @@ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
                     .requestMatchers(HttpMethod.GET, "/api/v1/jobs/search")
                     .permitAll()
                     .requestMatchers(HttpMethod.POST, "/api/v1/jobs")
-                    .hasAuthority("ROLE_CLIENT")
+                    .hasAuthority(ROLE_CLIENT)
+                    .requestMatchers(HttpMethod.GET, "/api/v1/jobs/me")
+                    .hasAuthority(ROLE_CLIENT)
+                    .requestMatchers(HttpMethod.POST, "/api/v1/jobs/{id}/proposals")
+                    .hasAuthority(ROLE_FREELANCER)
+                    .requestMatchers(HttpMethod.GET, "/api/v1/jobs/me/proposals")
+                    .hasAuthority(ROLE_FREELANCER)
+                    .requestMatchers(HttpMethod.POST, "/api/v1/jobs/proposals/{id}/accept")
+                    .hasAuthority(ROLE_CLIENT)
+                    .requestMatchers("/api/v1/payments/clients/**")
+                    .hasAuthority(ROLE_CLIENT)
+                    .requestMatchers("/api/v1/payments/freelancers/**")
+                    .hasAuthority(ROLE_FREELANCER)
+                    .requestMatchers(HttpMethod.POST, "/api/v1/payments/requests/{requestId}/pay")
+                    .hasAuthority(ROLE_CLIENT)
+                    .requestMatchers(HttpMethod.POST, "/api/v1/contracts/milestones/{id}/progress")
+                    .hasAuthority(ROLE_FREELANCER)
+                    .requestMatchers(HttpMethod.POST, "/api/v1/contracts/milestones/{id}/evaluate")
+                    .hasAuthority(ROLE_CLIENT)
+                    .requestMatchers(HttpMethod.POST, "/api/v1/contracts/terminations/{id}/handle")
+                    .hasAuthority(ROLE_ADMIN)
+                    .requestMatchers(HttpMethod.POST, "/api/v1/contracts/{id}/terminations/request")
+                    .hasAnyAuthority(ROLE_CLIENT, ROLE_FREELANCER)
+                    .requestMatchers("/api/v1/users/freelancer/**")
+                    .hasAuthority(ROLE_FREELANCER)
+                    .requestMatchers("/api/v1/users/client/**")
+                    .hasAuthority(ROLE_CLIENT)
                     .anyRequest()
                     .authenticated())
         .addFilterBefore(authFilter, UsernamePasswordAuthenticationFilter.class)

diff --git a/webserver/src/main/java/com/workup/webserver/controller/ContractsController.java b/webserver/src/main/java/com/workup/webserver/controller/ContractsController.java
@@ -77,7 +77,7 @@ public ResponseEntity<GetPendingTerminationsResponse> getContractTermination(
     return ResponseEntity.status(response.getStatusCode().getValue()).body(response);
   }
 
-  @PostMapping("/{id}/termination/handle")
+  @PostMapping("/{id}/terminations/request")
   public ResponseEntity<ContractTerminationResponse> submitTerminationRequest(
       @RequestBody ContractTerminationRequest request,
       @PathVariable String id,
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,5 +2,6 @@ @@
     public enum UserType {
       FREELANCER,
-      CLIENT
+      CLIENT,
+      ADMIN
     }