Merge pull request #60 from JimTheCat/CU-8696fxakg_EPIC---API-v2---Se…

…curity_Kinga-Traczyk

Cu 8696fxakg epic   api v2   security kinga traczyk

backend/pom.xml

@@ -26,6 +26,11 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-jpa</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>com.oracle.database.jdbc</groupId>
+			<artifactId>ojdbc8</artifactId>
+			<version>19.8.0.0</version>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-security</artifactId>
@@ -44,6 +49,36 @@
 			<artifactId>spring-security-test</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-validation</artifactId>
+			<version>3.3.5</version>
+		</dependency>
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<scope>provided</scope>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-api</artifactId>
+			<version>0.12.6</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-impl</artifactId>
+			<version>0.12.6</version>
+		</dependency>
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt-jackson</artifactId>
+			<version>0.12.6</version>
+		</dependency>
+		<dependency>
+			<groupId>org.springdoc</groupId>
+			<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
+			<version>2.0.2</version>
+		</dependency>
 	</dependencies>
 
 	<build>

backend/src/main/java/meowhub/backend/controllers/PostController.java

@@ -0,0 +1,34 @@
+package meowhub.backend.controllers;
+
+import lombok.RequiredArgsConstructor;
+import meowhub.backend.dtos.PostDto;
+import meowhub.backend.services.PostService;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.List;
+
+@RestController
+@RequestMapping("api/posts")
+@RequiredArgsConstructor
+public class PostController {
+    private final PostService postService;
+
+    @GetMapping("/get-all")
+    public ResponseEntity<List<PostDto>> getAllUsersPosts(@AuthenticationPrincipal UserDetails userDetails) {
+        List<PostDto> posts = postService.getPostsForUser(userDetails.getUsername());
+        return ResponseEntity.ok(posts);
+    }
+
+    @PostMapping("/create")
+    public ResponseEntity<PostDto> createPost(@RequestParam String content, @AuthenticationPrincipal UserDetails userDetails) {
+        PostDto postDto = postService.createPost(content, userDetails.getUsername());
+        return ResponseEntity.ok(postDto);
+    }
+}

backend/src/main/java/meowhub/backend/dtos/PostDto.java

@@ -0,0 +1,14 @@
+package meowhub.backend.dtos;
+
+import lombok.Builder;
+import lombok.Data;
+
+import java.time.LocalDate;
+
+@Builder
+@Data
+public class PostDto {
+    private String content;
+    private String ownerLogin;
+    private LocalDate createdAt;
+}

backend/src/main/java/meowhub/backend/dtos/UserDto.java

@@ -0,0 +1,24 @@
+package meowhub.backend.dtos;
+
+import lombok.Builder;
+import lombok.Data;
+import meowhub.backend.models.ApplicationRole;
+import meowhub.backend.models.Gender;
+
+import java.time.LocalDate;
+import java.time.LocalDateTime;
+
+@Data
+@Builder
+public class UserDto {
+    private String userId;
+    private String login;
+    private String email;
+    private String name;
+    private String surname;
+    private LocalDate birthdate;
+    private Gender gender;
+    private LocalDateTime createdAt;
+    private ApplicationRole applicationRole;
+    private boolean isAccountNonExpired;
+}

backend/src/main/java/meowhub/backend/models/ApplicationRole.java

@@ -0,0 +1,5 @@
+package meowhub.backend.models;
+
+public enum ApplicationRole {
+    ROLE_USER, ROLE_ADMIN
+}

backend/src/main/java/meowhub/backend/models/Gender.java

@@ -0,0 +1,5 @@
+package meowhub.backend.models;
+
+public enum Gender {
+    FEMALE, MALE, OTHER
+}

backend/src/main/java/meowhub/backend/models/Post.java

@@ -0,0 +1,42 @@
+package meowhub.backend.models;
+
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.Lob;
+import jakarta.persistence.Table;
+import jakarta.validation.constraints.NotBlank;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import org.hibernate.annotations.CreationTimestamp;
+import org.hibernate.annotations.UpdateTimestamp;
+
+import java.time.LocalDate;
+
+@Entity
+@NoArgsConstructor
+@Data
+@Table(name = "posts")
+public class Post {
+    @Id
+    @GeneratedValue(strategy = GenerationType.UUID)
+    @Column(name = "post_id")
+    private String postId;
+
+    @NotBlank
+    @Lob
+    @Column(name = "content_html")
+    private String contentHtml;
+
+    @CreationTimestamp
+    @Column(name = "created_at", updatable = false)
+    private LocalDate createdAt;
+
+    @UpdateTimestamp
+    @Column(name = "modified_at")
+    private LocalDate modifiedAt;
+
+    private String ownerLogin;
+}

backend/src/main/java/meowhub/backend/models/Role.java

@@ -0,0 +1,48 @@
+package meowhub.backend.models;
+
+import com.fasterxml.jackson.annotation.JsonBackReference;
+import jakarta.persistence.CascadeType;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.OneToMany;
+import jakarta.persistence.Table;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.ToString;
+
+import java.util.HashSet;
+import java.util.Set;
+
+@Entity
+@NoArgsConstructor
+@Data
+@Table(name = "roles")
+public class Role {
+    @Id
+    @GeneratedValue(strategy = GenerationType.UUID)
+    @Column(name = "role_id")
+    private String roleId;
+
+    @ToString.Exclude
+    @Enumerated(EnumType.STRING)
+    @Column(length = 20, name = "role_name")
+    private ApplicationRole roleName;
+
+    @Column(length = 50, name = "description")
+    private String description;
+
+    @OneToMany(mappedBy = "role", fetch = FetchType.LAZY, cascade = CascadeType.MERGE)
+    @JsonBackReference
+    @ToString.Exclude
+    private Set<User> users = new HashSet<>();
+
+    public Role(ApplicationRole roleName) {
+        this.roleName = roleName;
+    }
+}

backend/src/main/java/meowhub/backend/models/User.java

@@ -0,0 +1,129 @@
+package meowhub.backend.models;
+
+import com.fasterxml.jackson.annotation.JsonBackReference;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import jakarta.persistence.CascadeType;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+import jakarta.persistence.UniqueConstraint;
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.ToString;
+import org.hibernate.annotations.CreationTimestamp;
+import org.hibernate.annotations.UpdateTimestamp;
+
+import java.time.LocalDate;
+import java.time.LocalDateTime;
+
+@Entity
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+@Table(name = "users", uniqueConstraints = {@UniqueConstraint(columnNames = "username"), @UniqueConstraint(columnNames = "email")})
+public class User {
+    @Id
+    @GeneratedValue(strategy = GenerationType.UUID)
+    @Column(name = "user_id")
+    private String userId;
+
+    @NotBlank
+    @Size(max = 40)
+    @Column(name = "name")
+    private String name;
+
+    @NotBlank
+    @Size(max = 40)
+    @Column(name = "surname")
+    private String surname;
+
+    @NotBlank
+    @Size(max = 20)
+    @Column(name = "login")
+    private String login;
+
+    @NotBlank
+    @Size(max = 50)
+    @Email
+    @Column(name = "email")
+    private String email;
+
+    @Size(max = 120)
+    @Column(name = "password")
+    @JsonIgnore
+    private String password;
+
+    @Size(max = 20)
+    @Column(name = "salt")
+    private String salt;
+
+    @Enumerated(EnumType.STRING)
+    @Column(length = 20, name = "gender")
+    private Gender gender;
+
+    private LocalDate birthdate;
+
+    private boolean accountNonLocked = true;
+
+    private boolean accountNonExpired = true;
+
+    private boolean credentialsNonExpired = true;
+
+    private boolean enabled = true;
+
+    private LocalDate credentialsExpiryDate;
+
+    private LocalDate accountExpiryDate;
+
+    private String signUpMethod;
+
+    @ManyToOne(fetch = FetchType.EAGER, cascade = CascadeType.MERGE)
+    @JoinColumn(name = "role_id", referencedColumnName = "role_id")
+    @JsonBackReference
+    @ToString.Exclude
+    private Role role;
+
+    @CreationTimestamp
+    @Column(updatable = false)
+    private LocalDateTime createdDate;
+
+    @UpdateTimestamp
+    private LocalDateTime updatedDate;
+
+    public User(String login, String email, String password) {
+        this.login = login;
+        this.email = email;
+        this.password = password;
+    }
+
+    public User(String login, String email) {
+        this.login = login;
+        this.email = email;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (!(o instanceof User)) return false;
+        return userId != null && userId.equals(((User) o).getUserId());
+    }
+
+    @Override
+    public int hashCode() {
+        return getClass().hashCode();
+    }
+}

backend/src/main/java/meowhub/backend/repositories/PostRepository.java

@@ -0,0 +1,12 @@
+package meowhub.backend.repositories;
+
+import meowhub.backend.models.Post;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.List;
+
+@Repository
+public interface PostRepository extends JpaRepository<Post, String> {
+    List<Post> findByOwnerLogin(String login);
+}

backend/src/main/java/meowhub/backend/repositories/RoleRepository.java

@@ -0,0 +1,13 @@
+package meowhub.backend.repositories;
+
+import meowhub.backend.models.ApplicationRole;
+import meowhub.backend.models.Role;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
+
+import java.util.Optional;
+
+@Repository
+public interface RoleRepository extends JpaRepository<Role, String> {
+    Optional<Role> findByRoleName(ApplicationRole role);
+}