trebol-ecommerce · bglamadrid · Aug 29, 2024 · Aug 18, 2024 · Aug 18, 2024 · Aug 29, 2024
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -14,10 +14,10 @@ jobs:
         uses: actions/checkout@v3
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-      - name: Set up & cache Temurin JDK 11
+      - name: Set up & cache Temurin JDK 17
         uses: actions/setup-java@v3
         with:
-          java-version: 11
+          java-version: 17
           distribution: temurin
           cache: maven
       - name: Cache SonarCloud packages

diff --git a/.idea/runConfigurations/All_tests.xml b/.idea/runConfigurations/All_tests.xml
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,30 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [v0.2.4] - 2024-28-08
+
+### Changed
+
+- **BREAKING CHANGE:** Updated supported Java version to [17 LTS](https://openjdk.org/projects/jdk/17/)
+  (although the folks at [whichjdk.com](https://whichjdk.com/#tldr) recommend migrating to 21, this is the best choice
+  compatibility-wise, also supported by SonarQube static analysis)
+  - Artifact Id was given suffix `-java17` to reflect this change in base Java version
+- Updated project dependencies
+  - spring boot starter parent pom `2.7.18` -> `3.2.9`
+  - lombok `1.18.26` -> `1.18.34` (version inherited from `spring-boot-dependencies`)
+  - h2 database `2.1.214` -> `2.1.220`
+- Many minor changes required to keep things running under these new dependencies
+  - Most `javax`-prefixed libraries now use the `jakarta`-prefix instead (with the exception of `javax.crypto`)
+    - `querydsl` also needed to be aware of this as a "classifier"
+  - Migrate `SecurityConfig` following the official guides by Spring Security
+    ([1](https://docs.spring.io/spring-security/reference/5.8/migration/index.html))
+    ([2](https://docs.spring.io/spring-security/reference/6.0/migration/index.html))
+    ([3](https://docs.spring.io/spring-security/reference/6.2/migration/index.html))
+    - Drop `WebSecurityConfigurerAdapter` interface
+      - Instead of implement `configure` method; declare a bean of type `SecurityFilterChain`
+    - Include `AuthenticationManager` and `DaoAuthenticationProvider` beans
+    - Configure `HttpSecurity` with newer arrow function-based syntax
+
 ## [v0.2.2] - 2023-06-09
 
 ### Changed

diff --git a/README.md b/README.md
@@ -15,28 +15,26 @@
 [![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=trebol-ecommerce_spring-boot-backend&metric=reliability_rating)](https://sonarcloud.io/summary/new_code?id=trebol-ecommerce_spring-boot-backend)
 [![Coverage](https://sonarcloud.io/api/project_badges/measure?project=trebol-ecommerce_spring-boot-backend&metric=coverage)](https://sonarcloud.io/summary/new_code?id=trebol-ecommerce_spring-boot-backend)
 
-A monolithic backend web application for the eCommerce project Trébol
-built using [Spring Boot v2.6](https://docs.spring.io/spring-boot/docs/2.6.12/reference/html/).
+A monolithic backend web application for the eCommerce project Trébol,
+built using [Spring Boot v2.6](https://docs.spring.io/spring-boot/docs/2.6.x/reference/html/)
+and since then migrated to [Spring Boot v3.2](https://docs.spring.io/spring-boot/docs/3.2.x/reference/html/).
 
 </div>
 
 ## Current Status
 
-Although some time has passed since I started working on Trébol, it is still in an early version.
-I have learned many things in the process: design patterns and their limits; several details and how-to's going
-about Spring Boot; and also usage of other libraries (see [Features](#features) below) and even Git itself.
+Although some time has passed since I started working on Trébol, it is still far from a complete project.
+I have learned many things in the process: from design patterns to working with the intricacies of
+Spring Boot Web application. I've also gotten better at Git itself.
+
+Recently, this project has been set up to work with Java 17, and as such, the artifact id of the project was changed too.
 
 Currently, this backend implementation is aligned to
 [Trébol API v1.7.2](https://github.com/trebol-ecommerce/api/blob/v1.7.2/src/trebol-api.json).
+It is planned to migrate towards
+[version 3.0](https://github.com/trebol-ecommerce/api/blob/v3.0.0/src/trebol-api.json).
 
-Recently, the artifact, group and version of the project as described in the
-[Project Object Model file](pom.xml) were changed.
-The roadmap from here on isn't totally defined, but conditions to reach `v1.0` are certainly stricter than before.
-
-If anything, the foremost priority as of now is to warrant that the basic functionality is implemented correctly,
-with the aid of thorough unit testing.
-
-Please take a look at the [changelog file](CHANGELOG.md) to review the most recent changes, additions and fixes.
+Please take a look at the [CHANGELOG file](CHANGELOG.md) to review the most recent changes, additions and fixes.
 
 ## Features
 
@@ -57,7 +55,7 @@ Please take a look at the [changelog file](CHANGELOG.md) to review the most rece
   * Implements stateless session authentication/autorization through [JSON Web Tokens](https://jwt.io/)
     with aid from the [JJWT](https://github.com/jwtk/jjwt) library
     * Paired with `users`, `roles`, and `permissions` database tables
-      * See `/src/main/resources/data.sql` for an example setup with 4 roles and users)
+      * See [data.sql](/src/main/resources/data.sql) for an example setup with 4 roles and users)
     * Do note that Authorities required in some controllers are hard-coded
       These must match entries in the `permissions` database table
   * Passwords encoded with BCrypt by default
@@ -79,27 +77,28 @@ Please take a look at the [changelog file](CHANGELOG.md) to review the most rece
 
 ![Schema](./schema.png)
 
-This Entity-Relationship model diagram was designed very quickly using
+This Entity-Relationship model diagram was designed quickly using
 [Azimutt](https://github.com/azimuttapp/azimutt).
 
 ## Getting started 👍
 
-### Supported JDK versions
+### Requirements
 
-| Java version | Supported? |
-|--------------|------------|
-| < 11         | no         |
-| 11 ... 18    | yes        |
-| > 18         | no         |
+* [A supported version of the JDK](https://whichjdk.com)
+* [Apache Maven 3](https://maven.apache.org)
 
-### Requirements
+#### Supported JDK versions
 
-* JDK 11+
-* Apache Maven 3.6.0
+| Java version | Supported? |
+|--------------|------------|
+| < 17         | no         |
+| 17           | yes        |
+| 19           | compatible |
+| 21           | compatible |
 
 ### Installation
 
-First, don't forget to download, install and enable
+First and foremost, don't forget to download, install and enable
 [the correct Project Lombok plugin for your IDE](https://projectlombok.org/setup/)
 if you haven't done so by the time you read this.
 
@@ -114,12 +113,12 @@ That command will:
 - Run unit tests
 - Check code coverage
 
-**The important step here that may confuse some people is to generate some of the source code**.
-It is made this way because some classes (QueryDSL types such as `QUser`, `QProduct` and so on)
-are unversioned and only included through a Maven plugin within the project dependencies.
+**An important step here that may confuse some people is the generation of source code**.
+We have set up type-safe queries by relying on dynamically created QueryDSL classes such as `QUser` and `QProduct`,
+which are un-versioned and only included through a Maven plugin within the project dependencies.
 
 If for any reason you fail to compile the project,
-please run `mvn clean generate-sources` instead and then try the former command again.
+please try running `mvn clean generate-sources` instead and then try the former command again.
 
 ### How to use
 
@@ -133,15 +132,17 @@ to know how to proceed about said Spring profile.
 
 ### Configuration
 
-The default configuration properties are located at `/src/main/resources/application.properties`.
-These are sane, briefly documented defaults. Play around if you'd like.
-
-You _can_ run the application out-of-the-box with these, though you should have a good look at it.
+The default configuration properties are located in the
+[default properties file](src/main/resources/application.properties).
+These are sane, briefly documented defaults. You _can_ run the application out-of-the-box with these.
+You can also totally play around with them.
 
 Also remember, that Spring Boot does support using more than one profile at once.
-[This](https://docs.spring.io/spring-boot/docs/2.6.12/reference/html/features.html#features.external-config) and
-[this](https://docs.spring.io/spring-boot/docs/2.6.12/reference/html/features.html#features.profiles) section of the
-Spring Boot guide can help you understand these mechanisms.
+The sections in the official guide that explain
+[External configuration](https://docs.spring.io/spring-boot/docs/2.6.12/reference/html/features.html#features.external-config)
+and
+[Profiles](https://docs.spring.io/spring-boot/docs/2.6.12/reference/html/features.html#features.profiles)
+can help you understand these mechanisms.
 
 ## Contributing to this repository 😍
 
@@ -184,5 +185,3 @@ Thanks goes to these wonderful people ([emoji key](https://allcontributors.org/d
 
 This project follows the [all-contributors](https://github.com/all-contributors/all-contributors) specification.
 Contributions of any kind welcome!
-
-[spring-boot-docs]: https://docs.spring.io/spring-boot/docs/2.6.12/reference/html
diff --git a/pom.xml b/pom.xml
@@ -27,32 +27,29 @@
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>2.6.12</version>
+    <version>3.2.9</version>
     <relativePath/> <!-- lookup parent from repository -->
   </parent>
   <groupId>org.trebolecommerce</groupId>
-  <artifactId>trebol-backend-monolith</artifactId>
+  <artifactId>trebol-backend-monolith-java17</artifactId>
   <packaging>war</packaging>
-  <version>0.2.3-SNAPSHOT</version>
+  <version>0.2.4</version>
 
   <name>Trébol Backend Monolith</name>
   <description>Monolithic eCommerce backend web application that exposes a RESTful API compliant with the Trebol API v1.5.0 specification.</description>
 
   <properties>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <java.version>11</java.version>
+    <java.version>17</java.version>
 
     <!-- Dependencies -->
-    <maven.compiler.version>3.9.0</maven.compiler.version>
-    <maven.war-packaging.version>3.3.2</maven.war-packaging.version>
     <jjwt.version>0.11.5</jjwt.version>
     <unirest.version>3.13.8</unirest.version>
 
     <!-- Plugins configuration -->
     <java.endorsed-api.dir>${project.build.directory}/endorsed</java.endorsed-api.dir>
     <querydsl.classes.dir>${project.build.directory}/generated-sources/querydsl/</querydsl.classes.dir>
     <jacoco.codeCoverage.minRatio>0.20</jacoco.codeCoverage.minRatio>
-    <groovy.version>3.0.7</groovy.version> <!-- temp fix for inconsistent use of API in REST Assured -->
 
     <trebol.coverage-exclusions>
       **/trebol/api/models/**.*,
@@ -101,13 +98,16 @@
     </dependency>
     <dependency>
       <groupId>com.querydsl</groupId>
-      <artifactId>querydsl-core</artifactId>
-      <type>jar</type>
+      <artifactId>querydsl-apt</artifactId>
+      <version>${querydsl.version}</version>
+      <classifier>jakarta</classifier>
+      <scope>provided</scope>
     </dependency>
     <dependency>
       <groupId>com.querydsl</groupId>
       <artifactId>querydsl-jpa</artifactId>
-      <type>jar</type>
+      <version>${querydsl.version}</version>
+      <classifier>jakarta</classifier>
     </dependency>
 
     <!-- Security / Auth -->
@@ -145,8 +145,7 @@
     <dependency>
       <groupId>org.projectlombok</groupId>
       <artifactId>lombok</artifactId>
-      <version>1.18.26</version>
-      <scope>provided</scope>
+      <version>${lombok.version}</version>
     </dependency>
     <dependency>
       <groupId>org.apache.commons</groupId>
@@ -170,12 +169,6 @@
       <artifactId>spring-security-test</artifactId>
       <scope>test</scope>
     </dependency>
-    <dependency>
-      <groupId>org.mockito</groupId>
-      <artifactId>mockito-inline</artifactId>
-      <version>4.0.0</version>
-      <scope>test</scope>
-    </dependency>
     <dependency>
       <groupId>com.konghq</groupId>
       <artifactId>unirest-mocks</artifactId>
@@ -191,7 +184,6 @@
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-compiler-plugin</artifactId>
-        <version>${maven.compiler.version}</version>
         <configuration>
           <source>${java.version}</source>
           <target>${java.version}</target>
@@ -202,7 +194,7 @@
             <path>
               <groupId>org.projectlombok</groupId>
               <artifactId>lombok</artifactId>
-              <version>1.18.26</version>
+              <version>${lombok.version}</version>
             </path>
           </annotationProcessorPaths>
         </configuration>
@@ -219,7 +211,7 @@
               <goal>process</goal>
             </goals>
             <configuration>
-              <outputDirectory>${querydsl.classes.dir}</outputDirectory>
+              <outputDirectory>target/generated-sources/java</outputDirectory>
               <processor>com.querydsl.apt.jpa.JPAAnnotationProcessor</processor>
             </configuration>
           </execution>
@@ -228,7 +220,7 @@
           <dependency>
             <groupId>com.querydsl</groupId>
             <artifactId>querydsl-apt</artifactId>
-            <version>4.2.2</version>
+            <version>${querydsl.version}</version>
           </dependency>
         </dependencies>
       </plugin>
@@ -237,7 +229,6 @@
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-war-plugin</artifactId>
-        <version>${maven.war-packaging.version}</version>
         <configuration>
           <failOnMissingWebXml>false</failOnMissingWebXml>
         </configuration>

diff --git a/src/main/java/org/trebol/api/DataController.java b/src/main/java/org/trebol/api/DataController.java
@@ -22,7 +22,7 @@
 
 import org.trebol.api.models.DataPagePojo;
 
-import javax.validation.constraints.NotNull;
+import jakarta.validation.constraints.NotNull;
 import java.util.Map;
 
 /**

diff --git a/src/main/java/org/trebol/api/DataCrudController.java b/src/main/java/org/trebol/api/DataCrudController.java
@@ -22,8 +22,8 @@
 
 import org.trebol.common.exceptions.BadInputException;
 
-import javax.persistence.EntityExistsException;
-import javax.persistence.EntityNotFoundException;
+import jakarta.persistence.EntityExistsException;
+import jakarta.persistence.EntityNotFoundException;
 import java.util.Map;
 
 public interface DataCrudController<M> {

diff --git a/src/main/java/org/trebol/api/DataCrudGenericController.java b/src/main/java/org/trebol/api/DataCrudGenericController.java
@@ -27,7 +27,7 @@
 import org.trebol.jpa.services.PredicateService;
 import org.trebol.jpa.services.SortSpecParserService;
 
-import javax.persistence.EntityNotFoundException;
+import jakarta.persistence.EntityNotFoundException;
 import java.util.Map;
 
 /**

diff --git a/src/main/java/org/trebol/api/ExceptionsControllerAdvice.java b/src/main/java/org/trebol/api/ExceptionsControllerAdvice.java
@@ -27,8 +27,8 @@
 import org.springframework.web.bind.annotation.RestControllerAdvice;
 import org.trebol.common.exceptions.BadInputException;
 
-import javax.persistence.EntityExistsException;
-import javax.persistence.EntityNotFoundException;
+import jakarta.persistence.EntityExistsException;
+import jakarta.persistence.EntityNotFoundException;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -40,8 +40,8 @@
  * Then it sends custom responses to consumers of the REST API.<br/>
  * Supports:
  * <ul>
- * <li>{@link javax.persistence.EntityNotFoundException}</li> -> 404 NOT FOUND
- * <li>{@link javax.persistence.EntityExistsException}</li> ->
+ * <li>{@link jakarta.persistence.EntityNotFoundException}</li> -> 404 NOT FOUND
+ * <li>{@link jakarta.persistence.EntityExistsException}</li> ->
  * <li>{@link org.trebol.common.exceptions.BadInputException}</li>
  * <li>{@link org.springframework.web.bind.MethodArgumentNotValidException}</li>
  * </ul>

diff --git a/src/main/java/org/trebol/api/controllers/AccountProfileController.java b/src/main/java/org/trebol/api/controllers/AccountProfileController.java
@@ -31,7 +31,7 @@
 import org.trebol.api.services.ProfileService;
 import org.trebol.common.exceptions.BadInputException;
 
-import javax.persistence.EntityNotFoundException;
+import jakarta.persistence.EntityNotFoundException;
 import java.security.Principal;
 
 @RestController

diff --git a/src/main/java/org/trebol/api/controllers/DataCustomersController.java b/src/main/java/org/trebol/api/controllers/DataCustomersController.java
@@ -42,9 +42,9 @@
 import org.trebol.jpa.services.predicates.CustomersPredicateService;
 import org.trebol.jpa.sortspecs.CustomersSortSpec;
 
-import javax.persistence.EntityExistsException;
-import javax.persistence.EntityNotFoundException;
-import javax.validation.Valid;
+import jakarta.persistence.EntityExistsException;
+import jakarta.persistence.EntityNotFoundException;
+import jakarta.validation.Valid;
 import java.util.Map;
 
 @RestController

diff --git a/src/main/java/org/trebol/api/controllers/DataImagesController.java b/src/main/java/org/trebol/api/controllers/DataImagesController.java
@@ -43,9 +43,9 @@
 import org.trebol.jpa.services.predicates.ImagesPredicateService;
 import org.trebol.jpa.sortspecs.ImagesSortSpec;
 
-import javax.persistence.EntityExistsException;
-import javax.persistence.EntityNotFoundException;
-import javax.validation.Valid;
+import jakarta.persistence.EntityExistsException;
+import jakarta.persistence.EntityNotFoundException;
+import jakarta.validation.Valid;
 import java.util.Map;
 
 @RestController