403 fix

66a9e279 · Denis · Denis Ligin · 73ff187e · 66a9e279 · 66a9e279
Commit 66a9e279 authored Dec 25, 2023 by Denis Committed by Denis Ligin Dec 25, 2023
3 changed files
--- a/src/main/java/kz/project/printedFormsService/config/SecurityConfiguration.java
+++ b/src/main/java/kz/project/printedFormsService/config/SecurityConfiguration.java
@@ -30,12 +30,9 @@ import static kz.project.printedFormsService.controller.TemplateController.BASE_
 @EnableMethodSecurity
 public class SecurityConfiguration {

-    private static final String PROJECT_A_CREATOR = "projecta_creator";
-    private static final String PROJECT_B_CREATOR = "projectb_creator";
-    private static final String PROJECT_A_DELETE = "projecta_delete";
-    private static final String PROJECT_B_DELETE = "projectb_delete";
-    private static final String PROJECT_A_EDITOR = "projecta_editor";
-    private static final String PROJECT_B_EDITOR = "projectb_editor";
+    private static final String CREATOR = "creator";
+    private static final String DELETE = "delete";
+    private static final String EDITOR = "editor";
    private static final String ADMIN = "admin";

    @Bean
@@ -66,36 +63,29 @@ public class SecurityConfiguration {
                .permitAll()

                .requestMatchers(BASE_PATH + TemplateController.SAVE)
-                .hasAnyRole(PROJECT_A_CREATOR, PROJECT_B_CREATOR, ADMIN)
+                .hasAnyRole(CREATOR, ADMIN)

                .requestMatchers(BASE_PATH + TemplateController.GET_TEMPLATE_DATA)
-                .hasAnyRole(PROJECT_A_CREATOR, PROJECT_B_CREATOR, PROJECT_A_EDITOR, PROJECT_B_EDITOR,
-                        PROJECT_A_DELETE, PROJECT_B_DELETE, ADMIN)
+                .hasAnyRole(CREATOR, EDITOR, DELETE, ADMIN)

                .requestMatchers(BASE_PATH + TemplateController.EDIT)
-                .hasAnyRole(PROJECT_A_EDITOR, PROJECT_B_EDITOR, ADMIN)
+                .hasAnyRole(EDITOR, ADMIN)

                .requestMatchers(BASE_PATH + TemplateController.DELETE)
-                .hasAnyRole(PROJECT_A_DELETE, PROJECT_B_DELETE, ADMIN)
+                .hasAnyRole(DELETE, ADMIN)

                .requestMatchers(BASE_PATH + TemplateController.GET_ALL)
-                .hasAnyRole(PROJECT_A_CREATOR, PROJECT_B_CREATOR, PROJECT_A_EDITOR, PROJECT_B_EDITOR,
-                        PROJECT_A_DELETE, PROJECT_B_DELETE, ADMIN)
+                .hasAnyRole(CREATOR, EDITOR, DELETE, ADMIN)

                .requestMatchers(BASE_PATH + TemplateController.GET_ALL_BY_CODE)
-                .hasAnyRole(PROJECT_A_CREATOR, PROJECT_B_CREATOR, PROJECT_A_EDITOR, PROJECT_B_EDITOR,
-                        PROJECT_A_DELETE, PROJECT_B_DELETE, ADMIN)
+                .hasAnyRole(CREATOR, EDITOR, DELETE, ADMIN)

                .requestMatchers(DocumentsController.BY_DAY)
-                .hasAnyRole(PROJECT_A_CREATOR, PROJECT_B_CREATOR, PROJECT_A_EDITOR, PROJECT_B_EDITOR,
-                        PROJECT_A_DELETE, PROJECT_B_DELETE, ADMIN)
+                .hasAnyRole(CREATOR, EDITOR, DELETE, ADMIN)

                .requestMatchers(DocumentsController.BY_TEMPLATE)
-                .hasAnyRole(PROJECT_A_CREATOR, PROJECT_B_CREATOR, PROJECT_A_EDITOR, PROJECT_B_EDITOR,
-                        PROJECT_A_DELETE, PROJECT_B_DELETE, ADMIN)
+                .hasAnyRole(CREATOR, EDITOR, DELETE, ADMIN)

-                .requestMatchers(BASE_PATH + "/**")
-                .hasAnyRole(ADMIN)
                .anyRequest().authenticated()
        );


--- a/src/main/java/kz/project/printedFormsService/converter/JwtAuthConverter.java
+++ b/src/main/java/kz/project/printedFormsService/converter/JwtAuthConverter.java
@@ -11,10 +11,7 @@ import org.springframework.security.oauth2.jwt.Jwt;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
 import org.springframework.stereotype.Component;

-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
+import java.util.*;

 @Component
 public class JwtAuthConverter implements Converter<Jwt, AbstractAuthenticationToken> {
@@ -34,10 +31,10 @@ public class JwtAuthConverter implements Converter<Jwt, AbstractAuthenticationTo
                ObjectMapper mapper = new ObjectMapper();
                List<String> roles = mapper.convertValue(resourceAccess.get("print_form").get("roles"), new TypeReference<>() {
                });
-                List<GrantedAuthority> authorities = new ArrayList<>();
+                Set<GrantedAuthority> authorities = new HashSet<>();

                for (String role : roles) {
-                    authorities.add(new SimpleGrantedAuthority("ROLE_" + role));
+                    authorities.add(new SimpleGrantedAuthority("ROLE_" + role.substring(role.lastIndexOf('_')+1)));
                }

                return authorities;

--- a/src/main/java/kz/project/printedFormsService/data/repository/DocumentJdbcRepository.java
+++ b/src/main/java/kz/project/printedFormsService/data/repository/DocumentJdbcRepository.java
@@ -33,7 +33,7 @@ public class DocumentJdbcRepository {
                                WHERE
                                    DATE_TRUNC('day',created_at) >= :startDate
                                    AND  DATE_TRUNC('day',created_at) <= :endDate
-                                    AND project in(:projects)
+                                    --AND project in(:projects)
                                GROUP BY
                                    date
                                ORDER BY
@@ -65,7 +65,7 @@ public class DocumentJdbcRepository {
                        WHERE
                            DATE_TRUNC('day',created_at) >= :startDate
                          AND DATE_TRUNC('day',created_at) <= :endDate
-                          AND d.project in(:projects)
+                          --AND d.project in(:projects)
                        GROUP BY
                            d.template_id, t.name
                        ORDER BY