From 53307c6addc9bbc2696286d12b8dc52c3f0b5eb0 Mon Sep 17 00:00:00 2001 From: "Artem.Arefev" Date: Fri, 31 May 2019 22:42:59 +0400 Subject: [PATCH 01/10] #95 init --- .../ru/ulstu/user/error/UserBlockedException.java | 7 +++++++ .../db/changelog-20190531_000002-schema.xml | 12 ++++++++++++ 2 files changed, 19 insertions(+) create mode 100644 src/main/java/ru/ulstu/user/error/UserBlockedException.java create mode 100644 src/main/resources/db/changelog-20190531_000002-schema.xml diff --git a/src/main/java/ru/ulstu/user/error/UserBlockedException.java b/src/main/java/ru/ulstu/user/error/UserBlockedException.java new file mode 100644 index 0000000..6de97e9 --- /dev/null +++ b/src/main/java/ru/ulstu/user/error/UserBlockedException.java @@ -0,0 +1,7 @@ +package ru.ulstu.user.error; + +public class UserBlockedException extends RuntimeException { + public UserBlockedException(String message) { + super(message); + } +} diff --git a/src/main/resources/db/changelog-20190531_000002-schema.xml b/src/main/resources/db/changelog-20190531_000002-schema.xml new file mode 100644 index 0000000..9531c87 --- /dev/null +++ b/src/main/resources/db/changelog-20190531_000002-schema.xml @@ -0,0 +1,12 @@ + + + + + + + + + From 22abf6a27d64b851a40d76e51013e08d8a7b6f2b Mon Sep 17 00:00:00 2001 From: "Artem.Arefev" Date: Mon, 3 Jun 2019 02:11:35 +0400 Subject: [PATCH 02/10] #95 blocking user --- .../configuration/SecurityConfiguration.java | 8 +++++++- .../core/controller/AdviceController.java | 1 + .../RestAuthenticationFailureHandler.java | 20 +++++++++++++++++++ .../ulstu/user/controller/UserController.java | 5 +++++ .../user/error/UserBlockedException.java | 4 +++- src/main/java/ru/ulstu/user/model/User.java | 13 ++++++++++++ .../ru/ulstu/user/service/UserService.java | 14 ++++++++++++- src/main/resources/db/changelog-master.xml | 1 + src/main/resources/public/js/users.js | 14 +++++++++++++ src/main/resources/templates/default.html | 1 + .../fragments/userDashboardFragment.html | 2 ++ 11 files changed, 80 insertions(+), 3 deletions(-) create mode 100644 src/main/java/ru/ulstu/core/model/RestAuthenticationFailureHandler.java diff --git a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java index 894cf39..2feb8ba 100644 --- a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java +++ b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java @@ -13,8 +13,10 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.web.authentication.AuthenticationFailureHandler; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; +import ru.ulstu.core.model.RestAuthenticationFailureHandler; import ru.ulstu.user.controller.UserController; import ru.ulstu.user.model.UserRoleConstants; import ru.ulstu.user.service.UserService; @@ -35,17 +37,20 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { private final AuthenticationSuccessHandler authenticationSuccessHandler; private final LogoutSuccessHandler logoutSuccessHandler; private final ApplicationProperties applicationProperties; + private final AuthenticationFailureHandler authenticationFailureHandler; public SecurityConfiguration(UserService userService, BCryptPasswordEncoder bCryptPasswordEncoder, AuthenticationSuccessHandler authenticationSuccessHandler, LogoutSuccessHandler logoutSuccessHandler, - ApplicationProperties applicationProperties) { + ApplicationProperties applicationProperties, + RestAuthenticationFailureHandler authenticationFailureHandler) { this.userService = userService; this.bCryptPasswordEncoder = bCryptPasswordEncoder; this.authenticationSuccessHandler = authenticationSuccessHandler; this.logoutSuccessHandler = logoutSuccessHandler; this.applicationProperties = applicationProperties; + this.authenticationFailureHandler = authenticationFailureHandler; } @Override @@ -76,6 +81,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { .formLogin() .loginPage("/login") .successHandler(authenticationSuccessHandler) + .failureHandler(authenticationFailureHandler) .permitAll() .and() .logout() diff --git a/src/main/java/ru/ulstu/core/controller/AdviceController.java b/src/main/java/ru/ulstu/core/controller/AdviceController.java index f89001a..78a7771 100644 --- a/src/main/java/ru/ulstu/core/controller/AdviceController.java +++ b/src/main/java/ru/ulstu/core/controller/AdviceController.java @@ -12,6 +12,7 @@ import ru.ulstu.core.model.ErrorConstants; import ru.ulstu.core.model.response.Response; import ru.ulstu.core.model.response.ResponseExtended; import ru.ulstu.user.error.UserActivationError; +import ru.ulstu.user.error.UserBlockedException; import ru.ulstu.user.error.UserEmailExistsException; import ru.ulstu.user.error.UserIdExistsException; import ru.ulstu.user.error.UserIsUndeadException; diff --git a/src/main/java/ru/ulstu/core/model/RestAuthenticationFailureHandler.java b/src/main/java/ru/ulstu/core/model/RestAuthenticationFailureHandler.java new file mode 100644 index 0000000..4e07d0d --- /dev/null +++ b/src/main/java/ru/ulstu/core/model/RestAuthenticationFailureHandler.java @@ -0,0 +1,20 @@ +package ru.ulstu.core.model; + +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.authentication.AuthenticationFailureHandler; +import org.springframework.stereotype.Component; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +@Component +public class RestAuthenticationFailureHandler implements AuthenticationFailureHandler { + @Override + public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, + AuthenticationException ex) throws IOException, ServletException { + + response.sendRedirect("/login.html?error=fail"); + } +} \ No newline at end of file diff --git a/src/main/java/ru/ulstu/user/controller/UserController.java b/src/main/java/ru/ulstu/user/controller/UserController.java index c40ed8f..8b63264 100644 --- a/src/main/java/ru/ulstu/user/controller/UserController.java +++ b/src/main/java/ru/ulstu/user/controller/UserController.java @@ -171,4 +171,9 @@ public class UserController extends OdinController { public void inviteUser(@RequestParam("email") String email) { userService.inviteUser(email); } + + @PostMapping("/block") + public void blockUser(@RequestParam("userId") Integer userId) { + userService.blockUser(userId); + } } diff --git a/src/main/java/ru/ulstu/user/error/UserBlockedException.java b/src/main/java/ru/ulstu/user/error/UserBlockedException.java index 6de97e9..23b9b3a 100644 --- a/src/main/java/ru/ulstu/user/error/UserBlockedException.java +++ b/src/main/java/ru/ulstu/user/error/UserBlockedException.java @@ -1,6 +1,8 @@ package ru.ulstu.user.error; -public class UserBlockedException extends RuntimeException { +import org.springframework.security.core.AuthenticationException; + +public class UserBlockedException extends AuthenticationException { public UserBlockedException(String message) { super(message); } diff --git a/src/main/java/ru/ulstu/user/model/User.java b/src/main/java/ru/ulstu/user/model/User.java index 520b439..bb76618 100644 --- a/src/main/java/ru/ulstu/user/model/User.java +++ b/src/main/java/ru/ulstu/user/model/User.java @@ -12,6 +12,7 @@ import javax.persistence.Enumerated; import javax.persistence.JoinColumn; import javax.persistence.JoinTable; import javax.persistence.ManyToMany; +import javax.persistence.ManyToOne; import javax.persistence.Table; import javax.persistence.Temporal; import javax.persistence.TemporalType; @@ -91,6 +92,10 @@ public class User extends BaseEntity { @Temporal(TemporalType.TIMESTAMP) private Date birthDate; + @ManyToOne() + @JoinColumn(name = "blocker_id") + private User blocker; + public enum UserDegree { CANDIDATE("Кандидат технических наук"), DOCTOR("Доктор технических наук"); @@ -229,6 +234,14 @@ public class User extends BaseEntity { this.degree = degree; } + public User getBlocker() { + return blocker; + } + + public void setBlocker(User blocker) { + this.blocker = blocker; + } + public String getUserAbbreviate() { return String.format(USER_ABBREVIATE_TEMPLATE, lastName == null ? "" : lastName, diff --git a/src/main/java/ru/ulstu/user/service/UserService.java b/src/main/java/ru/ulstu/user/service/UserService.java index 217215b..a58b6db 100644 --- a/src/main/java/ru/ulstu/user/service/UserService.java +++ b/src/main/java/ru/ulstu/user/service/UserService.java @@ -14,13 +14,16 @@ import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils; +import org.springframework.web.bind.annotation.ExceptionHandler; import ru.ulstu.conference.service.ConferenceService; import ru.ulstu.configuration.ApplicationProperties; import ru.ulstu.core.error.EntityIdIsNullException; import ru.ulstu.core.jpa.OffsetablePageRequest; import ru.ulstu.core.model.BaseEntity; import ru.ulstu.core.model.response.PageableItems; +import ru.ulstu.core.model.response.Response; import ru.ulstu.user.error.UserActivationError; +import ru.ulstu.user.error.UserBlockedException; import ru.ulstu.user.error.UserEmailExistsException; import ru.ulstu.user.error.UserIdExistsException; import ru.ulstu.user.error.UserIsUndeadException; @@ -252,7 +255,7 @@ public class UserService implements UserDetailsService { mailService.sendChangePasswordMail(user); } - public boolean requestUserPasswordReset(String email) { + public boolean requestUserPasswordReset(String email) { User user = userRepository.findOneByEmailIgnoreCase(email); if (user == null) { throw new UserNotFoundException(email); @@ -313,6 +316,9 @@ public class UserService implements UserDetailsService { if (!user.getActivated()) { throw new UserNotActivatedException(); } + if (user.getBlocker() != null) { + throw new UserBlockedException(String.format("Вы заблокированы пользователем %s", user.getBlocker().getUserAbbreviate())); + } return new org.springframework.security.core.userdetails.User(user.getLogin(), user.getPassword(), Optional.ofNullable(user.getRoles()).orElse(Collections.emptySet()).stream() @@ -389,4 +395,10 @@ public class UserService implements UserDetailsService { } return ImmutableMap.of("users", usersInfoNow, "error", err); } + + public void blockUser(int userId) { + User userToBlock = findById(userId); + userToBlock.setBlocker(getCurrentUser()); + userRepository.save(userToBlock); + } } diff --git a/src/main/resources/db/changelog-master.xml b/src/main/resources/db/changelog-master.xml index c8a6e63..3719ac5 100644 --- a/src/main/resources/db/changelog-master.xml +++ b/src/main/resources/db/changelog-master.xml @@ -49,4 +49,5 @@ + \ No newline at end of file diff --git a/src/main/resources/public/js/users.js b/src/main/resources/public/js/users.js index e31d3ad..68fbf55 100644 --- a/src/main/resources/public/js/users.js +++ b/src/main/resources/public/js/users.js @@ -120,6 +120,20 @@ function resetPassword() { }) } +function blockUser() { + userId = $('#userId').val(); + $.ajax({ + url:"/api/1.0/users/block?userId=" + userId, + contentType: "application/json; charset=utf-8", + method: "POST", + success: function() { + showFeedbackMessage("Пользователь заблокирован", MessageTypesEnum.SUCCESS) + }, + error: function(errorData) { + showFeedbackMessage(errorData.responseJSON.error.message, MessageTypesEnum.WARNING) + } + }) +} function isEmailValid(email) { re = /\S+@\S+\.\S+/; diff --git a/src/main/resources/templates/default.html b/src/main/resources/templates/default.html index 32939e7..d3c49dd 100644 --- a/src/main/resources/templates/default.html +++ b/src/main/resources/templates/default.html @@ -109,6 +109,7 @@ +