Merge branch '95-block-user' into 'dev'
Resolve "Блокировка пользователя" Closes #95 See merge request romanov73/ng-tracker!110
This commit is contained in:
commit
b44bbaec75
@ -13,8 +13,10 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
|||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||||
|
import ru.ulstu.core.model.AuthFailureHandler;
|
||||||
import ru.ulstu.user.controller.UserController;
|
import ru.ulstu.user.controller.UserController;
|
||||||
import ru.ulstu.user.model.UserRoleConstants;
|
import ru.ulstu.user.model.UserRoleConstants;
|
||||||
import ru.ulstu.user.service.UserService;
|
import ru.ulstu.user.service.UserService;
|
||||||
@ -35,17 +37,20 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|||||||
private final AuthenticationSuccessHandler authenticationSuccessHandler;
|
private final AuthenticationSuccessHandler authenticationSuccessHandler;
|
||||||
private final LogoutSuccessHandler logoutSuccessHandler;
|
private final LogoutSuccessHandler logoutSuccessHandler;
|
||||||
private final ApplicationProperties applicationProperties;
|
private final ApplicationProperties applicationProperties;
|
||||||
|
private final AuthenticationFailureHandler authenticationFailureHandler;
|
||||||
|
|
||||||
public SecurityConfiguration(UserService userService,
|
public SecurityConfiguration(UserService userService,
|
||||||
BCryptPasswordEncoder bCryptPasswordEncoder,
|
BCryptPasswordEncoder bCryptPasswordEncoder,
|
||||||
AuthenticationSuccessHandler authenticationSuccessHandler,
|
AuthenticationSuccessHandler authenticationSuccessHandler,
|
||||||
LogoutSuccessHandler logoutSuccessHandler,
|
LogoutSuccessHandler logoutSuccessHandler,
|
||||||
ApplicationProperties applicationProperties) {
|
ApplicationProperties applicationProperties,
|
||||||
|
AuthFailureHandler authenticationFailureHandler) {
|
||||||
this.userService = userService;
|
this.userService = userService;
|
||||||
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
|
this.bCryptPasswordEncoder = bCryptPasswordEncoder;
|
||||||
this.authenticationSuccessHandler = authenticationSuccessHandler;
|
this.authenticationSuccessHandler = authenticationSuccessHandler;
|
||||||
this.logoutSuccessHandler = logoutSuccessHandler;
|
this.logoutSuccessHandler = logoutSuccessHandler;
|
||||||
this.applicationProperties = applicationProperties;
|
this.applicationProperties = applicationProperties;
|
||||||
|
this.authenticationFailureHandler = authenticationFailureHandler;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@ -66,6 +71,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|||||||
.antMatchers(UserController.ACTIVATE_URL).permitAll()
|
.antMatchers(UserController.ACTIVATE_URL).permitAll()
|
||||||
.antMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll()
|
.antMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll()
|
||||||
.antMatchers(Constants.PASSWORD_RESET_PAGE).permitAll()
|
.antMatchers(Constants.PASSWORD_RESET_PAGE).permitAll()
|
||||||
|
.antMatchers("/users/block").permitAll()
|
||||||
.antMatchers(UserController.URL + UserController.REGISTER_URL).permitAll()
|
.antMatchers(UserController.URL + UserController.REGISTER_URL).permitAll()
|
||||||
.antMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll()
|
.antMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll()
|
||||||
.antMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll()
|
.antMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll()
|
||||||
@ -76,6 +82,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|||||||
.formLogin()
|
.formLogin()
|
||||||
.loginPage("/login")
|
.loginPage("/login")
|
||||||
.successHandler(authenticationSuccessHandler)
|
.successHandler(authenticationSuccessHandler)
|
||||||
|
.failureHandler(authenticationFailureHandler)
|
||||||
.permitAll()
|
.permitAll()
|
||||||
.and()
|
.and()
|
||||||
.logout()
|
.logout()
|
||||||
|
21
src/main/java/ru/ulstu/core/model/AuthFailureHandler.java
Normal file
21
src/main/java/ru/ulstu/core/model/AuthFailureHandler.java
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
package ru.ulstu.core.model;
|
||||||
|
|
||||||
|
import org.springframework.security.core.AuthenticationException;
|
||||||
|
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import ru.ulstu.user.error.UserBlockedException;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import java.io.IOException;
|
||||||
|
|
||||||
|
@Component
|
||||||
|
public class AuthFailureHandler implements AuthenticationFailureHandler {
|
||||||
|
@Override
|
||||||
|
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
|
||||||
|
AuthenticationException ex) throws IOException {
|
||||||
|
if (ex.getClass() == UserBlockedException.class) {
|
||||||
|
response.sendRedirect("/users/block");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
@ -175,4 +175,9 @@ public class UserController extends OdinController<UserListDto, UserDto> {
|
|||||||
@RequestParam(value = "activity", required = false) String activity) {
|
@RequestParam(value = "activity", required = false) String activity) {
|
||||||
return new Response<>(userService.getActivitiesPings(userId, activity));
|
return new Response<>(userService.getActivitiesPings(userId, activity));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@PostMapping("/block")
|
||||||
|
public void blockUser(@RequestParam("userId") Integer userId) {
|
||||||
|
userService.blockUser(userId);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -74,4 +74,8 @@ public class UserMvcController extends OdinController<UserListDto, UserDto> {
|
|||||||
@GetMapping("/pings")
|
@GetMapping("/pings")
|
||||||
public void getPings() {
|
public void getPings() {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@GetMapping("/block")
|
||||||
|
public void getBlock() {
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -0,0 +1,9 @@
|
|||||||
|
package ru.ulstu.user.error;
|
||||||
|
|
||||||
|
import org.springframework.security.core.AuthenticationException;
|
||||||
|
|
||||||
|
public class UserBlockedException extends AuthenticationException {
|
||||||
|
public UserBlockedException(String message) {
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
}
|
@ -12,6 +12,7 @@ import javax.persistence.Enumerated;
|
|||||||
import javax.persistence.JoinColumn;
|
import javax.persistence.JoinColumn;
|
||||||
import javax.persistence.JoinTable;
|
import javax.persistence.JoinTable;
|
||||||
import javax.persistence.ManyToMany;
|
import javax.persistence.ManyToMany;
|
||||||
|
import javax.persistence.ManyToOne;
|
||||||
import javax.persistence.Table;
|
import javax.persistence.Table;
|
||||||
import javax.persistence.Temporal;
|
import javax.persistence.Temporal;
|
||||||
import javax.persistence.TemporalType;
|
import javax.persistence.TemporalType;
|
||||||
@ -91,6 +92,10 @@ public class User extends BaseEntity {
|
|||||||
@Temporal(TemporalType.TIMESTAMP)
|
@Temporal(TemporalType.TIMESTAMP)
|
||||||
private Date birthDate;
|
private Date birthDate;
|
||||||
|
|
||||||
|
@ManyToOne()
|
||||||
|
@JoinColumn(name = "blocker_id")
|
||||||
|
private User blocker;
|
||||||
|
|
||||||
public enum UserDegree {
|
public enum UserDegree {
|
||||||
CANDIDATE("Кандидат технических наук"),
|
CANDIDATE("Кандидат технических наук"),
|
||||||
DOCTOR("Доктор технических наук");
|
DOCTOR("Доктор технических наук");
|
||||||
@ -229,6 +234,14 @@ public class User extends BaseEntity {
|
|||||||
this.degree = degree;
|
this.degree = degree;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public User getBlocker() {
|
||||||
|
return blocker;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setBlocker(User blocker) {
|
||||||
|
this.blocker = blocker;
|
||||||
|
}
|
||||||
|
|
||||||
public String getUserAbbreviate() {
|
public String getUserAbbreviate() {
|
||||||
return String.format(USER_ABBREVIATE_TEMPLATE,
|
return String.format(USER_ABBREVIATE_TEMPLATE,
|
||||||
lastName == null ? "" : lastName,
|
lastName == null ? "" : lastName,
|
||||||
|
@ -21,12 +21,10 @@ import ru.ulstu.core.jpa.OffsetablePageRequest;
|
|||||||
import ru.ulstu.core.model.BaseEntity;
|
import ru.ulstu.core.model.BaseEntity;
|
||||||
import ru.ulstu.core.model.UserActivity;
|
import ru.ulstu.core.model.UserActivity;
|
||||||
import ru.ulstu.core.model.response.PageableItems;
|
import ru.ulstu.core.model.response.PageableItems;
|
||||||
import ru.ulstu.grant.service.GrantService;
|
|
||||||
import ru.ulstu.paper.service.PaperService;
|
|
||||||
import ru.ulstu.ping.model.Ping;
|
import ru.ulstu.ping.model.Ping;
|
||||||
import ru.ulstu.ping.service.PingService;
|
import ru.ulstu.ping.service.PingService;
|
||||||
import ru.ulstu.project.service.ProjectService;
|
|
||||||
import ru.ulstu.user.error.UserActivationError;
|
import ru.ulstu.user.error.UserActivationError;
|
||||||
|
import ru.ulstu.user.error.UserBlockedException;
|
||||||
import ru.ulstu.user.error.UserEmailExistsException;
|
import ru.ulstu.user.error.UserEmailExistsException;
|
||||||
import ru.ulstu.user.error.UserIdExistsException;
|
import ru.ulstu.user.error.UserIdExistsException;
|
||||||
import ru.ulstu.user.error.UserIsUndeadException;
|
import ru.ulstu.user.error.UserIsUndeadException;
|
||||||
@ -323,6 +321,9 @@ public class UserService implements UserDetailsService {
|
|||||||
if (!user.getActivated()) {
|
if (!user.getActivated()) {
|
||||||
throw new UserNotActivatedException();
|
throw new UserNotActivatedException();
|
||||||
}
|
}
|
||||||
|
if (user.getBlocker() != null) {
|
||||||
|
throw new UserBlockedException(String.format("Вы заблокированы пользователем %s", user.getBlocker().getUserAbbreviate()));
|
||||||
|
}
|
||||||
return new org.springframework.security.core.userdetails.User(user.getLogin(),
|
return new org.springframework.security.core.userdetails.User(user.getLogin(),
|
||||||
user.getPassword(),
|
user.getPassword(),
|
||||||
Optional.ofNullable(user.getRoles()).orElse(Collections.emptySet()).stream()
|
Optional.ofNullable(user.getRoles()).orElse(Collections.emptySet()).stream()
|
||||||
@ -424,4 +425,10 @@ public class UserService implements UserDetailsService {
|
|||||||
}
|
}
|
||||||
return activitiesPings;
|
return activitiesPings;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void blockUser(int userId) {
|
||||||
|
User userToBlock = findById(userId);
|
||||||
|
userToBlock.setBlocker(getCurrentUser());
|
||||||
|
userRepository.save(userToBlock);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
12
src/main/resources/db/changelog-20190607_000002-schema.xml
Normal file
12
src/main/resources/db/changelog-20190607_000002-schema.xml
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
<?xml version="1.1" encoding="UTF-8" standalone="no"?>
|
||||||
|
<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.1.xsd">
|
||||||
|
<changeSet author="arefyev" id="20190528_000000-3">
|
||||||
|
<addColumn tableName="users">
|
||||||
|
<column name="blocker_id" type="integer"/>
|
||||||
|
</addColumn>
|
||||||
|
<addForeignKeyConstraint baseTableName="users" baseColumnNames="blocker_id" constraintName="fk_blocker"
|
||||||
|
referencedTableName="users" referencedColumnNames="id"/>
|
||||||
|
</changeSet>
|
||||||
|
</databaseChangeLog>
|
@ -53,4 +53,5 @@
|
|||||||
<include file="db/changelog-20190529_000001-schema.xml"/>
|
<include file="db/changelog-20190529_000001-schema.xml"/>
|
||||||
<include file="db/changelog-20190601_000001-schema.xml"/>
|
<include file="db/changelog-20190601_000001-schema.xml"/>
|
||||||
<include file="db/changelog-20190605_000000-schema.xml"/>
|
<include file="db/changelog-20190605_000000-schema.xml"/>
|
||||||
|
<include file="db/changelog-20190607_000002-schema.xml"/>
|
||||||
</databaseChangeLog>
|
</databaseChangeLog>
|
@ -120,6 +120,20 @@ function resetPassword() {
|
|||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function blockUser() {
|
||||||
|
userId = $('#userId').val();
|
||||||
|
$.ajax({
|
||||||
|
url:"/api/1.0/users/block?userId=" + userId,
|
||||||
|
contentType: "application/json; charset=utf-8",
|
||||||
|
method: "POST",
|
||||||
|
success: function() {
|
||||||
|
showFeedbackMessage("Пользователь заблокирован", MessageTypesEnum.SUCCESS)
|
||||||
|
},
|
||||||
|
error: function(errorData) {
|
||||||
|
showFeedbackMessage(errorData.responseJSON.error.message, MessageTypesEnum.WARNING)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
function isEmailValid(email) {
|
function isEmailValid(email) {
|
||||||
re = /\S+@\S+\.\S+/;
|
re = /\S+@\S+\.\S+/;
|
||||||
|
@ -109,6 +109,7 @@
|
|||||||
<script src="/js/core.js"></script>
|
<script src="/js/core.js"></script>
|
||||||
<script src="/js/config.js"></script>
|
<script src="/js/config.js"></script>
|
||||||
<script src="/js/odin.js"></script>
|
<script src="/js/odin.js"></script>
|
||||||
|
<script src="/js/users.js"></script>
|
||||||
<script th:inline="javascript">
|
<script th:inline="javascript">
|
||||||
|
|
||||||
/*<![CDATA[*/
|
/*<![CDATA[*/
|
||||||
|
21
src/main/resources/templates/users/block.html
Normal file
21
src/main/resources/templates/users/block.html
Normal file
@ -0,0 +1,21 @@
|
|||||||
|
<!DOCTYPE html>
|
||||||
|
<html lang="en"
|
||||||
|
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
|
||||||
|
layout:decorator="default">
|
||||||
|
<head>
|
||||||
|
</head>
|
||||||
|
<body>
|
||||||
|
<div class="container" layout:fragment="content">
|
||||||
|
<section id="services">
|
||||||
|
<div class="container">
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-lg-12 text-center">
|
||||||
|
<h2 class="section-heading text-uppercase">Ваш аккаунт заблокирован</h2>
|
||||||
|
<a href="/"><h3>Вернуться на страницу авторизации</h3></a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</section>
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
@ -7,6 +7,7 @@
|
|||||||
<div th:fragment="userDashboard (user)" class="col-12 col-sm-12 col-md-12 col-lg-4 col-xl-3 dashboard-card">
|
<div th:fragment="userDashboard (user)" class="col-12 col-sm-12 col-md-12 col-lg-4 col-xl-3 dashboard-card">
|
||||||
<div class="row">
|
<div class="row">
|
||||||
<div class="col col-10">
|
<div class="col col-10">
|
||||||
|
<input type="hidden" id="userId" th:value="${user.user.id}"/>
|
||||||
<b><p th:text="${user.user.lastName} + ' ' + ${user.user.firstName} + ' ' + ${user.user.patronymic}"></p>
|
<b><p th:text="${user.user.lastName} + ' ' + ${user.user.firstName} + ' ' + ${user.user.patronymic}"></p>
|
||||||
</b>
|
</b>
|
||||||
<i><p th:if="${user.conference != null}" th:text="'Сейчас на конференции ' + ${user.conference.title}"></p>
|
<i><p th:if="${user.conference != null}" th:text="'Сейчас на конференции ' + ${user.conference.title}"></p>
|
||||||
@ -15,6 +16,7 @@
|
|||||||
th:text="'Сейчас на паре ' + ${user.lesson.nameOfLesson} + ' в аудитории ' + ${user.lesson.room}"></p>
|
th:text="'Сейчас на паре ' + ${user.lesson.nameOfLesson} + ' в аудитории ' + ${user.lesson.room}"></p>
|
||||||
</i>
|
</i>
|
||||||
<p th:if="${user.isOnline()}">Онлайн</p>
|
<p th:if="${user.isOnline()}">Онлайн</p>
|
||||||
|
<button onclick="blockUser()">Заблокировать</button>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
Loading…
Reference in New Issue
Block a user