new commit

pom.xml

@@ -62,7 +62,13 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-jpa</artifactId>
         </dependency>
-    </dependencies>
+		<dependency>
+			<groupId>org.webjars</groupId>
+			<artifactId>bootstrap</artifactId>
+			<version>3.3.7</version>
+		</dependency>
+
+	</dependencies>
 
 	<build>
 		<plugins>

src/main/java/feedback/Application.java

@@ -1,9 +1,14 @@
 package feedback;
 
 import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 @SpringBootApplication
+@EnableAutoConfiguration
+//@ComponentScan(basePackages = {"feedback.controllers","feedback.services" } )
+//@EntityScan("feedback.models")
+//@EnableJpaRepositories("feedback.repositories")
 public class Application {
 	public static void main(String[] args) {
 		SpringApplication.run(Application.class, args);

src/main/java/feedback/security/WebSecurityConfig.java → src/main/java/feedback/config/WebSecurityConfig.java

@@ -1,16 +1,19 @@
-package feedback.security;
+package feedback.config;
 
+import feedback.security.JWTAuthenticationFilter;
+import feedback.security.JWTLoginFilter;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 @Configuration
-@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.csrf().disable().authorizeRequests()

src/main/java/feedback/controllers/BusinessController.java

@@ -1,30 +1,45 @@
 package feedback.controllers;
 
+import feedback.models.Business;
 import feedback.services.BusinessService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import java.util.List;
+
+import static org.springframework.web.bind.annotation.RequestMethod.GET;
+
 @RestController
 public class BusinessController {
-    @Autowired BusinessService businessService;
+    @Autowired
+    BusinessService businessService;
 
-//    @RequestMapping(value = "/business/", method = RequestMethod.GET)
-//    public ResponseEntity<List<Business>> listAllUsers() {
-//        List<Business> businesses = businessService.getAll()  ;
-//        if (businesses.isEmpty()) {
-//            return new ResponseEntity(HttpStatus.NO_CONTENT);
-//            // You many decide to return HttpStatus.NOT_FOUND
-//        }
-//        return new ResponseEntity<List<Business>>(businesses, HttpStatus.OK);
-//    }
 
+    @RequestMapping(method = GET, value = "/bus/{userId}")
+    public Business loadById(@PathVariable Long busiessId) {
+        return this.businessService.findById(busiessId);
+    }
 
+    @RequestMapping(method = GET, value = "/bus/all")
+    public List<Business> loadAll() {
+        return this.businessService.findAll();
+    }
 
+    @RequestMapping("/whoami")
+    @PreAuthorize("hasRole('USER')")
+    public Business business() {
+        return (Business) SecurityContextHolder
+                .getContext()
+                .getAuthentication()
+                .getPrincipal();
 
 
-    @RequestMapping("/")
-    String hello() {
-        return "hello world";
+//    @RequestMapping("/")
+//    String hello() {
+//        return "hello world";
     }
 }

src/main/java/feedback/controllers/UserController.java

@@ -1,16 +1,12 @@
 package feedback.controllers;
 
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.ResponseBody;
-import org.springframework.web.bind.annotation.RestController;
-
-@RestController
-public class UserController {
-    @RequestMapping("/users")
-    public
-    @ResponseBody
-    String getUsers() {
-        return "{\"users\":[{\"firstname\":\"Richard\", \"lastname\":\"Feynman\"}," +
-                "{\"firstname\":\"Marie\",\"lastname\":\"Curie\"}]}";
-    }
-}
+//@RestController
+//public class UserController {
+//    @RequestMapping("/users")
+//    public
+//    @ResponseBody
+//    String getUsers() {
+//        return "{\"users\":[{\"firstname\":\"Richard\", \"lastname\":\"Feynman\"}," +
+//                "{\"firstname\":\"Marie\",\"lastname\":\"Curie\"}]}";
+//    }
+//}

src/main/java/feedback/models/Authority.java

@@ -0,0 +1,24 @@
+package feedback.models;
+
+import org.springframework.security.core.GrantedAuthority;
+
+import javax.persistence.*;
+
+@Entity
+@Table(name = "authority")
+public class Authority implements GrantedAuthority {
+
+    @Id
+    @Column(name = "id")
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    Long id;
+
+    @Column(name = "name")
+    String name;
+
+    @Override
+    public String getAuthority() {
+        return name;
+    }
+
+}

src/main/java/feedback/models/Business.java

@@ -1,5 +1,6 @@
 package feedback.models;
 
+import com.fasterxml.jackson.annotation.JsonIgnore;
 import lombok.Data;
 
 import javax.persistence.*;
@@ -15,17 +16,24 @@ public class Business {
     private Long id;
 
     @Column(name = "person_name")
-    private String name;
+    private String businessname;
+
+    @JsonIgnore
+    @Column(name = "password")
+    private String password;
 
     @Column(name = "description")
     private String description;
 
 
-    private Business() {
-    }
+//    @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
+//    @JoinTable(name = "user_authority",
+//            joinColumns = @JoinColumn(name = "business_id", referencedColumnName = "id"),
+//            inverseJoinColumns = @JoinColumn(name = "authority_id", referencedColumnName = "id"))
+//    private List<Authority> authorities;
+
+//    public void setAuthorities(List<Authority> authorities) {
+//        this.authorities = authorities;
+//    }
 
-    public Business(String name, String description) {
-        this.name = name;
-        this.description = description;
-    }
 }

src/main/java/feedback/repositories/BusinessRepository.java

@@ -1,11 +1,11 @@
 package feedback.repositories;
 
 
-import org.springframework.data.repository.CrudRepository;
 import feedback.models.Business;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.stereotype.Repository;
 
-import java.util.List;
-
-public interface BusinessRepository extends CrudRepository<Business, Long> {
-    List<Business> findAll();
+@Repository
+public interface BusinessRepository extends JpaRepository<Business, Long> {
+   Business findByBusinessname(String username);
 }

src/main/java/feedback/security/TokenAuthenticationService.java

@@ -13,7 +13,7 @@
 import static java.util.Collections.emptyList;
 
 class TokenAuthenticationService {
-    static final long EXPIRATIONTIME = 864_000_000; // 10 days
+    static final long EXPIRATIONTIME = 864_000_000;
     static final String SECRET = "ThisIsASecret";
     static final String TOKEN_PREFIX = "Bearer";
     static final String HEADER_STRING = "Authorization";
@@ -30,7 +30,6 @@ static void addAuthentication(HttpServletResponse res, String username) {
     static Authentication getAuthentication(HttpServletRequest request) {
         String token = request.getHeader(HEADER_STRING);
         if (token != null) {
-            // parse the token.
             String user = Jwts.parser()
                     .setSigningKey(SECRET)
                     .parseClaimsJws(token.replace(TOKEN_PREFIX, ""))

src/main/java/feedback/services/BusinessService.java

@@ -2,12 +2,10 @@
 
 import feedback.models.Business;
 
-import java.sql.SQLException;
 import java.util.List;
 
 public interface BusinessService {
-    List<Business> getAll() throws SQLException;
-
-    Business getBusinessById(Integer id) throws SQLException;
-
+    Business findById(Long id);
+    Business findByBusinessname(String username);
+    List<Business> findAll();
 }

src/main/java/feedback/services/BusinessServiceImpl.java

@@ -0,0 +1,38 @@
+package feedback.services;
+
+import feedback.models.Business;
+import feedback.repositories.BusinessRepository;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.AccessDeniedException;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+public class BusinessServiceImpl implements BusinessService {
+    @Autowired
+    BusinessRepository businessRepository;
+
+    @Override
+    @PreAuthorize("hasRole('USER')")
+    public Business findByBusinessname(String businessname) throws UsernameNotFoundException {
+        Business business = businessRepository.findByBusinessname(businessname);
+        return business;
+    }
+
+    @Override
+    @PreAuthorize("hasRole('ADMIN')")
+    public Business findById(Long id) throws AccessDeniedException {
+        Business business = businessRepository.findOne(id);
+        return business;
+    }
+
+    @Override
+    @PreAuthorize("hasRole('ADMIN')")
+    public List<Business> findAll() throws AccessDeniedException {
+        List<Business> result = businessRepository.findAll();
+        return result;
+    }
+}

src/main/resources/application.properties

@@ -2,7 +2,6 @@ server.port=8080
 server.context-path=/springboot
 management.security.enabled=false
 
-
 spring.jpa.database=POSTGRESQL
 spring.datasource.platform=postgres
 spring.jpa.show-sql=true

src/main/resources/create.sql

@@ -1,5 +1,11 @@
-CREATE TABLE business
-( id SERIAL NOT NULL PRIMARY KEY,
-  person_name varchar(200) NOT NULL ,
-  description varchar(200) NOT NULL
-);
+-- CREATE TABLE business
+-- ( id SERIAL NOT NULL PRIMARY KEY,
+--   person_name varchar(200) NOT NULL ,
+--   description varchar(200) NOT NULL
+-- );
+
+
+-- CREATE TABLE authority
+-- ( id SERIAL NOT NULL PRIMARY KEY,
+--  name varchar(200) NOT NULL ,
+-- );

src/main/resources/static/index.html

@@ -0,0 +1,35 @@
+<!DOCTYPE html>
+<html>
+
+    <head>
+        <base href="/">
+        <title>springboot-starter</title>
+        <link rel="stylesheet" href="webjars/bootstrap/3.3.7/css/bootstrap.css">
+        <style type="text/css">
+            [ng\:cloak], [ng-cloak], .ng-cloak {
+            display: none !important;
+            }
+        </style>
+    </head>
+    <body ng-app="myApp">
+        <div class="container" ng-controller="NavigationCtrl" ng-cloak class="ng-cloak">
+            <ul style="margin-bottom: 20px;" class="nav nav-pills" role="tablist">
+                <li ng-class="tabClass('/')"><a href="#/" ng-click="setSelectedTab('/')">Home</a></li>
+                <li ng-class="tabClass('/login')" ng-hide="authenticated"><a href="#/login" ng-click="setSelectedTab('/login')">Login</a></li>
+                <li ng-show="authenticated"><a href="" ng-click="logout()">logout</a></li>
+            </ul>
+            <div ng-view ></div>
+        </div>
+        <!--<script src="webjars/jquery/2.1.1/jquery.js"></script>-->
+        <!--<script src="webjars/bootstrap/3.3.7/js/bootstrap.js"></script>-->
+        <!--<script src="webjars/angularjs/1.5.8/angular.js"></script>-->
+        <!--<script src="webjars/angular-route/1.5.9/angular-route.js"></script>-->
+        <!--<script src="webjars/angular-cookies/1.6.0/angular-cookies.js"></script>-->
+
+        <!--<script src="app.js"></script>-->
+        <!--<script src="dashboard/dashboard.js"></script>-->
+        <!--<script src="login/login.js"></script>-->
+        <!--<script src="services/auth.js"></script>-->
+    </body>
+
+</html>