OpenClassrooms-Student-Center · fabou35 · Feb 22, 2022 · Feb 22, 2022 · Feb 28, 2022 · Feb 28, 2022
diff --git a/Poseiden-skeleton/doc/data.sql b/Poseiden-skeleton/doc/data.sql
@@ -1,3 +1,6 @@
+DROP database demo;
+CREATE database demo;
+USE demo;
 
 CREATE TABLE BidList (
   BidListId tinyint(4) NOT NULL AUTO_INCREMENT,
@@ -24,7 +27,7 @@ CREATE TABLE BidList (
   side VARCHAR(125),
 
   PRIMARY KEY (BidListId)
-)
+);
 
 CREATE TABLE Trade (
   TradeId tinyint(4) NOT NULL AUTO_INCREMENT,
@@ -50,7 +53,7 @@ CREATE TABLE Trade (
   side VARCHAR(125),
 
   PRIMARY KEY (TradeId)
-)
+);
 
 CREATE TABLE CurvePoint (
   Id tinyint(4) NOT NULL AUTO_INCREMENT,
@@ -61,7 +64,7 @@ CREATE TABLE CurvePoint (
   creationDate TIMESTAMP ,
 
   PRIMARY KEY (Id)
-)
+);
 
 CREATE TABLE Rating (
   Id tinyint(4) NOT NULL AUTO_INCREMENT,
@@ -71,7 +74,7 @@ CREATE TABLE Rating (
   orderNumber tinyint,
 
   PRIMARY KEY (Id)
-)
+);
 
 CREATE TABLE RuleName (
   Id tinyint(4) NOT NULL AUTO_INCREMENT,
@@ -83,7 +86,7 @@ CREATE TABLE RuleName (
   sqlPart VARCHAR(125),
 
   PRIMARY KEY (Id)
-)
+);
 
 CREATE TABLE Users (
   Id tinyint(4) NOT NULL AUTO_INCREMENT,
@@ -93,7 +96,7 @@ CREATE TABLE Users (
   role VARCHAR(125),
 
   PRIMARY KEY (Id)
-)
+);
 
-insert into Users(fullname, username, password, role) values("Administrator", "admin", "$2a$10$pBV8ILO/s/nao4wVnGLrh.sa/rnr5pDpbeC4E.KNzQWoy8obFZdaa", "ADMIN")
-insert into Users(fullname, username, password, role) values("User", "user", "$2a$10$pBV8ILO/s/nao4wVnGLrh.sa/rnr5pDpbeC4E.KNzQWoy8obFZdaa", "USER")
+insert into Users(fullname, username, password, role) values("Administrator", "admin", "$2a$10$pBV8ILO/s/nao4wVnGLrh.sa/rnr5pDpbeC4E.KNzQWoy8obFZdaa", "ADMIN");
+insert into Users(fullname, username, password, role) values("User", "user", "$2a$10$pBV8ILO/s/nao4wVnGLrh.sa/rnr5pDpbeC4E.KNzQWoy8obFZdaa", "USER");
diff --git a/Poseiden-skeleton/pom.xml b/Poseiden-skeleton/pom.xml
@@ -28,25 +28,27 @@
 	<dependencies>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-test</artifactId>
-			<scope>test</scope>
+			<artifactId>spring-boot-starter-oauth2-client</artifactId>
+			<version>2.6.4</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-data-jpa</artifactId>
+			<artifactId>spring-boot-starter-security</artifactId>
 		</dependency>
+
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-web</artifactId>
+			<artifactId>spring-boot-starter-data-jpa</artifactId>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-thymeleaf</artifactId>
+			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-security</artifactId>
+			<artifactId>spring-boot-starter-thymeleaf</artifactId>
 		</dependency>
+
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-devtools</artifactId>
@@ -60,6 +62,32 @@
 			<groupId>com.h2database</groupId>
 			<artifactId>h2</artifactId>
 		</dependency>
+
+		<dependency>
+			<groupId>javax.xml.bind</groupId>
+			<artifactId>jaxb-api</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.javassist</groupId>
+			<artifactId>javassist</artifactId>
+			<version>3.23.1-GA</version>
+		</dependency>
+
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<optional>true</optional>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
 	</dependencies>
 
 	<build>
@@ -68,6 +96,25 @@
 				<groupId>org.springframework.boot</groupId>
 				<artifactId>spring-boot-maven-plugin</artifactId>
 			</plugin>
+			<plugin>
+				<groupId>org.jacoco</groupId>
+				<artifactId>jacoco-maven-plugin</artifactId>
+				<version>0.8.7</version>
+				<executions>
+					<execution>
+						<goals>
+							<goal>prepare-agent</goal>
+						</goals>
+					</execution>
+					<execution>
+						<id>jacoco-report</id>
+						<phase>test</phase>
+						<goals>
+							<goal>report</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
 		</plugins>
 	</build>
 

diff --git a/Poseiden-skeleton/src/main/java/com/nnk/springboot/configurations/SpringSecurityConfig.java b/Poseiden-skeleton/src/main/java/com/nnk/springboot/configurations/SpringSecurityConfig.java
@@ -0,0 +1,60 @@
+package com.nnk.springboot.configurations;
+
+import javax.sql.DataSource;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {
+
+	@Autowired
+	private DataSource dataSource;
+
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+
+	@Override
+	public void configure(HttpSecurity http) throws Exception {
+		http
+				.csrf().disable()
+				.authorizeRequests()
+				.antMatchers("/", "/login").permitAll()
+				.antMatchers("/css/**").permitAll()
+				.antMatchers("/user/**").hasAuthority("ADMIN")
+				.antMatchers("/app/**").hasAuthority("ADMIN")
+				.antMatchers("/admin/home").hasAuthority("ADMIN")
+				.anyRequest().authenticated()
+				.and()
+				.exceptionHandling().accessDeniedPage("/app/error")
+				.and()
+				.formLogin()
+				.defaultSuccessUrl("/bidList/list")
+				.and()
+				.oauth2Login()
+				.defaultSuccessUrl("/bidList/list");
+	}
+
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+
+		auth
+				.jdbcAuthentication()
+				.dataSource(dataSource)
+				.passwordEncoder(passwordEncoder())
+				.usersByUsernameQuery(
+						"SELECT username as username, password as password, 1 FROM Users WHERE username =?")
+				.authoritiesByUsernameQuery(
+						"SELECT username, role FROM Users WHERE username=?");
+	}
+}
diff --git a/Poseiden-skeleton/src/main/java/com/nnk/springboot/controllers/BidListController.java b/Poseiden-skeleton/src/main/java/com/nnk/springboot/controllers/BidListController.java
@@ -1,6 +1,11 @@
 package com.nnk.springboot.controllers;
 
 import com.nnk.springboot.domain.BidList;
+
+
+import com.nnk.springboot.services.BidListService;
+
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.validation.BindingResult;
@@ -11,45 +16,92 @@
 
 import javax.validation.Valid;
 
-
 @Controller
 public class BidListController {
-    // TODO: Inject Bid service
-
-    @RequestMapping("/bidList/list")
-    public String home(Model model)
-    {
-        // TODO: call service find all bids to show to the view
-        return "bidList/list";
-    }
-
-    @GetMapping("/bidList/add")
-    public String addBidForm(BidList bid) {
-        return "bidList/add";
-    }
-
-    @PostMapping("/bidList/validate")
-    public String validate(@Valid BidList bid, BindingResult result, Model model) {
-        // TODO: check data valid and save to db, after saving return bid list
-        return "bidList/add";
-    }
-
-    @GetMapping("/bidList/update/{id}")
-    public String showUpdateForm(@PathVariable("id") Integer id, Model model) {
-        // TODO: get Bid by Id and to model then show to the form
-        return "bidList/update";
-    }
-
-    @PostMapping("/bidList/update/{id}")
-    public String updateBid(@PathVariable("id") Integer id, @Valid BidList bidList,
-                             BindingResult result, Model model) {
-        // TODO: check required fields, if valid call service to update Bid and return list Bid
-        return "redirect:/bidList/list";
-    }
-
-    @GetMapping("/bidList/delete/{id}")
-    public String deleteBid(@PathVariable("id") Integer id, Model model) {
-        // TODO: Find Bid by Id and delete the bid, return to Bid list
-        return "redirect:/bidList/list";
-    }
+
+	@Autowired
+	private BidListService bidListService;
+
+	/**
+	 * displays BidList list retrieved from database
+	 */
+	@RequestMapping("/bidList/list")
+	public String home(Model model) {
+		model.addAttribute("bidLists", bidListService.findAllBidLists());
+		return "bidList/list";
+	}
+
+	/**
+	 * displays form for new BidList to add
+	 */
+	@GetMapping("/bidList/add")
+	public String addBidForm(BidList bid) {
+		return "bidList/add";
+	}
+
+	/**
+	 * validates new BidList
+	 * 
+	 * @param bid:    BidList to create and save
+	 * @param result: form result to validate
+	 * @return BidList list displayed if validated, new add form with errors
+	 *         displayed else
+	 */
+	@PostMapping("/bidList/validate")
+	public String validate(@Valid BidList bid, BindingResult result, Model model) {
+		if(!result.hasErrors()) {
+			bidListService.saveBidList(bid);
+			model.addAttribute("bidLists", bidListService.findAllBidLists());
+			return "redirect:/bidList/list";
+		}
+		return "/bidList/add";
+	}
+
+	/**
+	 * displays BidList form to update
+	 * 
+	 * @param id : id of the BidList to update
+	 * @return return BidList form to update
+	 */
+	@GetMapping("/bidList/update/{id}")
+	public String showUpdateForm(@PathVariable("id") Integer id, Model model) {
+		BidList bidList = bidListService.findBidListById(id).orElseThrow(() -> new IllegalArgumentException("Invalid bidList Id:" + id));
+		model.addAttribute("bidList", bidList);
+		return "bidList/update";
+	}
+
+	/**
+	 * validates updated BidList
+	 * 
+	 * @param id      : id of the BidList to update
+	 * @param bidList : BidList to validate
+	 * @param result  : form result to validate
+	 * @return BidList list with this BidList updated, BidList to update form
+	 *         with errors displayed else
+	 */
+	@PostMapping("/bidList/update/{id}")
+	public String updateBid(@PathVariable("id") Integer id, @Valid BidList bidList,
+			BindingResult result, Model model) {
+		if(result.hasErrors()) {
+			return "/bidList/update";
+		}
+		bidList.setBidListId(id);
+		bidListService.saveBidList(bidList);
+		model.addAttribute("bidLists", bidListService.findAllBidLists());
+		return "redirect:/bidList/list";
+	}
+
+	/**
+	 * deletes selected BidList from database
+	 * 
+	 * @param id: id of the BidList to delete
+	 * @return the BidList list after selected BidList deleted
+	 */
+	@GetMapping("/bidList/delete/{id}")
+	public String deleteBid(@PathVariable("id") Integer id, Model model) {
+		BidList bidList = bidListService.findBidListById(id).orElseThrow(() -> new IllegalArgumentException("Invalid bidList Id:" + id));
+		bidListService.deleteBidList(bidList);
+		model.addAttribute("bidLists", bidListService.findAllBidLists());
+		return "redirect:/bidList/list";
+	}
 }