diff --git a/services/users/.env b/services/users/.env index fcf2364e..64db5d17 100644 --- a/services/users/.env +++ b/services/users/.env @@ -1,4 +1,8 @@ USERS_DB_URI=mongodb://user:password@users_db:27017/mydatabase?authSource=admin USERS_MQ_HOST=service_mq -USERS_SECRET_KEY=j4#BbFGfoc^2k*Bz \ No newline at end of file +USERS_SECRET_KEY=j4#BbFGfoc^2k*Bz + +ADMIN_EMAIL=admin@workup.com +ADMIN_PASSWORD=admin +ADMIN_ID=admin \ No newline at end of file diff --git a/services/users/src/main/java/com/workup/users/commands/LoginCommand.java b/services/users/src/main/java/com/workup/users/commands/LoginCommand.java index 78c90b9c..bab50cad 100644 --- a/services/users/src/main/java/com/workup/users/commands/LoginCommand.java +++ b/services/users/src/main/java/com/workup/users/commands/LoginCommand.java @@ -10,12 +10,21 @@ import java.util.Optional; public class LoginCommand extends UserCommand { - @Override public SignUpAndInResponse Run(LoginRequest request) { String email = request.getEmail(); String password = request.getPassword(); try { + if (email.equals(adminUserCredentials.getADMIN_EMAIL()) + && password.equals(adminUserCredentials.getADMIN_PASSWORD())) { + return SignUpAndInResponse.builder() + .withSuccess(true) + .withUserName(adminUserCredentials.getADMIN_EMAIL()) + .withUserId(adminUserCredentials.getADMIN_USERID()) + .withUserType(UserType.ADMIN) + .withStatusCode(HttpStatusCode.OK) + .build(); + } Optional client = clientRepository.findByEmail(email); if (client.isPresent()) { if (PasswordHasher.checkPassword(password, client.get().getPassword_hash())) { diff --git a/services/users/src/main/java/com/workup/users/commands/UserCommand.java b/services/users/src/main/java/com/workup/users/commands/UserCommand.java index 0f7d7f5c..d0591575 100644 --- a/services/users/src/main/java/com/workup/users/commands/UserCommand.java +++ b/services/users/src/main/java/com/workup/users/commands/UserCommand.java @@ -1,6 +1,7 @@ package com.workup.users.commands; import com.workup.shared.commands.Command; +import com.workup.users.config.AdminUserCredentials; import com.workup.users.repositories.AchievementRepository; import com.workup.users.repositories.ClientRepository; import com.workup.users.repositories.EducationRepository; @@ -30,5 +31,6 @@ public abstract class UserCommand< @Setter ClientRepository clientRepository; @Setter AmqpTemplate rabbitTemplate; + @Setter AdminUserCredentials adminUserCredentials; @Autowired GridFsTemplate gridFsTemplate; } diff --git a/services/users/src/main/java/com/workup/users/commands/UserCommandMap.java b/services/users/src/main/java/com/workup/users/commands/UserCommandMap.java index 70e4139f..9ba7d175 100644 --- a/services/users/src/main/java/com/workup/users/commands/UserCommandMap.java +++ b/services/users/src/main/java/com/workup/users/commands/UserCommandMap.java @@ -3,6 +3,7 @@ import com.workup.shared.commands.CommandMap; import com.workup.shared.commands.CommandRequest; import com.workup.shared.commands.CommandResponse; +import com.workup.users.config.AdminUserCredentials; import com.workup.users.repositories.*; import org.springframework.amqp.core.AmqpTemplate; import org.springframework.beans.factory.annotation.Autowired; @@ -17,6 +18,7 @@ public class UserCommandMap @Autowired EducationRepository educationRepository; @Autowired AchievementRepository achievementRepository; @Autowired AmqpTemplate rabbitTemplate; + @Autowired AdminUserCredentials adminUserCredentials; public void registerCommands() { @@ -74,5 +76,6 @@ public void setupCommand( command.setEducationRepository(educationRepository); command.setAchievementRepository(achievementRepository); command.setRabbitTemplate(rabbitTemplate); + command.setAdminUserCredentials(adminUserCredentials); } } diff --git a/services/users/src/main/java/com/workup/users/config/AdminUserCredentials.java b/services/users/src/main/java/com/workup/users/config/AdminUserCredentials.java new file mode 100644 index 00000000..f0e487ce --- /dev/null +++ b/services/users/src/main/java/com/workup/users/config/AdminUserCredentials.java @@ -0,0 +1,19 @@ +package com.workup.users.config; + +import lombok.Getter; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Configuration; + +@Configuration +@Getter +public class AdminUserCredentials { + // autowire ADMIN_EMAIL and ADMIN_PASSWORD from environment variables + @Value("${ADMIN_EMAIL}") + String ADMIN_EMAIL; + + @Value("${ADMIN_PASSWORD}") + String ADMIN_PASSWORD; + + @Value("${ADMIN_USERID}") + String ADMIN_USERID; +} diff --git a/services/users/src/main/resources/application.properties b/services/users/src/main/resources/application.properties index 49ccdcda..b54ea8bb 100644 --- a/services/users/src/main/resources/application.properties +++ b/services/users/src/main/resources/application.properties @@ -6,3 +6,7 @@ spring.rabbitmq.port=5672 spring.rabbitmq.username=guest spring.rabbitmq.password=guest SECRET_KEY=${USERS_SECRET_KEY} + +ADMIN_EMAIL=${ADMIN_EMAIL} +ADMIN_PASSWORD=${ADMIN_PASSWORD} +ADMIN_USERID=${ADMIN_USERID} diff --git a/shared/src/main/java/com/workup/shared/enums/users/UserType.java b/shared/src/main/java/com/workup/shared/enums/users/UserType.java index 0654d83d..c42758c4 100644 --- a/shared/src/main/java/com/workup/shared/enums/users/UserType.java +++ b/shared/src/main/java/com/workup/shared/enums/users/UserType.java @@ -2,5 +2,6 @@ public enum UserType { FREELANCER, - CLIENT + CLIENT, + ADMIN } diff --git a/webserver/src/main/java/com/workup/webserver/config/JwtAuthFilter.java b/webserver/src/main/java/com/workup/webserver/config/JwtAuthFilter.java index 203a250d..113a8d47 100644 --- a/webserver/src/main/java/com/workup/webserver/config/JwtAuthFilter.java +++ b/webserver/src/main/java/com/workup/webserver/config/JwtAuthFilter.java @@ -44,7 +44,7 @@ protected void doFilterInternal( // Create a simple authentication token based on the username String role = jwtService.extractClaim(token, claims -> claims.get("role", String.class)); List authorities = - Collections.singletonList(new SimpleGrantedAuthority("ROLE_" + role)); + Collections.singletonList(new SimpleGrantedAuthority(role)); UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken( diff --git a/webserver/src/main/java/com/workup/webserver/config/SecurityConfig.java b/webserver/src/main/java/com/workup/webserver/config/SecurityConfig.java index a77b8d10..466ea801 100644 --- a/webserver/src/main/java/com/workup/webserver/config/SecurityConfig.java +++ b/webserver/src/main/java/com/workup/webserver/config/SecurityConfig.java @@ -1,5 +1,6 @@ package com.workup.webserver.config; +import com.workup.shared.enums.users.UserType; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -17,6 +18,9 @@ public class SecurityConfig { @Autowired private JwtAuthFilter authFilter; + static final String ROLE_CLIENT = UserType.CLIENT.toString(); + static final String ROLE_FREELANCER = UserType.FREELANCER.toString(); + static final String ROLE_ADMIN = UserType.ADMIN.toString(); @Bean SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { @@ -36,7 +40,33 @@ SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { .requestMatchers(HttpMethod.GET, "/api/v1/jobs/search") .permitAll() .requestMatchers(HttpMethod.POST, "/api/v1/jobs") - .hasAuthority("ROLE_CLIENT") + .hasAuthority(ROLE_CLIENT) + .requestMatchers(HttpMethod.GET, "/api/v1/jobs/me") + .hasAuthority(ROLE_CLIENT) + .requestMatchers(HttpMethod.POST, "/api/v1/jobs/{id}/proposals") + .hasAuthority(ROLE_FREELANCER) + .requestMatchers(HttpMethod.GET, "/api/v1/jobs/me/proposals") + .hasAuthority(ROLE_FREELANCER) + .requestMatchers(HttpMethod.POST, "/api/v1/jobs/proposals/{id}/accept") + .hasAuthority(ROLE_CLIENT) + .requestMatchers("/api/v1/payments/clients/**") + .hasAuthority(ROLE_CLIENT) + .requestMatchers("/api/v1/payments/freelancers/**") + .hasAuthority(ROLE_FREELANCER) + .requestMatchers(HttpMethod.POST, "/api/v1/payments/requests/{requestId}/pay") + .hasAuthority(ROLE_CLIENT) + .requestMatchers(HttpMethod.POST, "/api/v1/contracts/milestones/{id}/progress") + .hasAuthority(ROLE_FREELANCER) + .requestMatchers(HttpMethod.POST, "/api/v1/contracts/milestones/{id}/evaluate") + .hasAuthority(ROLE_CLIENT) + .requestMatchers(HttpMethod.POST, "/api/v1/contracts/terminations/{id}/handle") + .hasAuthority(ROLE_ADMIN) + .requestMatchers(HttpMethod.POST, "/api/v1/contracts/{id}/terminations/request") + .hasAnyAuthority(ROLE_CLIENT, ROLE_FREELANCER) + .requestMatchers("/api/v1/users/freelancer/**") + .hasAuthority(ROLE_FREELANCER) + .requestMatchers("/api/v1/users/client/**") + .hasAuthority(ROLE_CLIENT) .anyRequest() .authenticated()) .addFilterBefore(authFilter, UsernamePasswordAuthenticationFilter.class) diff --git a/webserver/src/main/java/com/workup/webserver/controller/ContractsController.java b/webserver/src/main/java/com/workup/webserver/controller/ContractsController.java index a4350c7e..a0f9114a 100644 --- a/webserver/src/main/java/com/workup/webserver/controller/ContractsController.java +++ b/webserver/src/main/java/com/workup/webserver/controller/ContractsController.java @@ -77,7 +77,7 @@ public ResponseEntity getContractTermination( return ResponseEntity.status(response.getStatusCode().getValue()).body(response); } - @PostMapping("/{id}/termination/handle") + @PostMapping("/{id}/terminations/request") public ResponseEntity submitTerminationRequest( @RequestBody ContractTerminationRequest request, @PathVariable String id,