added Spring Security roles ✨

README.md

@@ -57,11 +57,16 @@ by providing a user-friendly interface and incorporating the latest Java technol
  <summary>Show</summary>
  <ul>
  <li><a>Java 17</a></li>
- <li><a>Spring boot</a></li>
+ <li><a>Spring 3.0.6</a></li>
  <li><a>Maven 3.8.1</a></li>
  <li><a>Postgresql 42.6.0</a></li>
  <li><a>Lombok 1.18.24</a></li>
  <li><a>Modelmapper 3.1.1</a></li>
+ <li><a>FlyWay 9.19.1</a></li>
+ <li><a>ThymeLeaf 3.0.6</a></li>
+ <li><a>Hibernate 6.1.7</a></li>
+ <li><a>Spring data JPA 3.0.5</a></li>
+ <li><a>JUnit 5</a></li>
  </ul>
 </details>
 
@@ -86,7 +91,7 @@ to populate the database tables.
 <!-- Database struct -->
 ### :key: Database structure
 
-![DB_structure](src/main/resources/static/st/img/DB_structure.png)
+![DB_structure](src/main/resources/static/img/DB_structure.png)
 
 <!-- Roadmap -->
 ## :compass: roadmap:
@@ -106,6 +111,8 @@ to populate the database tables.
 * [x] add the ability to view the list of products of each user order
 * [x] add admin page with user's list
 * [x] add Spring Security with In-Memory Authentication
+* [x] add Spring Security authentication form Login custom page with Database
+* [x] add Spring Security roles
 
 ## :handshake: Contact
 
@@ -119,5 +126,6 @@ Use this section to mention useful resources and libraries that you have used in
 
 - [Shields.io](https://shields.io/)
 - [Awesome README](https://github.com/matiassingers/awesome-readme)
-- [Emoji Cheat Sheet](https://github.com/ikatyang/emoji-cheat-sheet/blob/master/README.md#travel--places)
+- [Templates for UI](https://www.w3schools.com/howto/default.asp)
+- [Git Emoji for your commit messages](https://gitmoji.dev)
 - [Readme Template](https://github.com/othneildrew/Best-README-Template)

src/main/java/by/petrovich/eshop/entity/model/CustomUserDetail.java

@@ -0,0 +1,74 @@
+package by.petrovich.eshop.entity.model;
+
+import by.petrovich.eshop.entity.User;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.math.BigDecimal;
+import java.time.LocalDate;
+import java.util.Collection;
+import java.util.Collections;
+
+public class CustomUserDetail implements UserDetails {
+ private final User user;
+
+ public CustomUserDetail(User user) {
+ this.user = user;
+ }
+
+ @Override
+ public Collection<? extends GrantedAuthority> getAuthorities() {
+ return Collections.singletonList(new SimpleGrantedAuthority(user.getRole().getName()));
+ }
+
+ @Override
+ public String getPassword() {
+ return user.getPassword();
+ }
+
+ @Override
+ public String getUsername() {
+ return user.getName();
+ }
+
+ @Override
+ public boolean isAccountNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isAccountNonLocked() {
+ return true;
+ }
+
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return true;
+ }
+
+ public Integer getUserId() {
+ return user.getUserId();
+ }
+
+ public String getEmail() {
+ return user.getEmail();
+ }
+
+ public String getRole() {
+ return user.getRole().getName();
+ }
+
+ public BigDecimal getBalance() {
+ return user.getBalance();
+ }
+
+ public LocalDate getBirthDate() {
+ return user.getBirthDate();
+ }
+}

src/main/java/by/petrovich/eshop/service/impl/UserServiceImpl.java

@@ -6,7 +6,7 @@
 import by.petrovich.eshop.exceptions.UserNotFoundException;
 import by.petrovich.eshop.repository.RoleRepository;
 import by.petrovich.eshop.repository.UserRepository;
-import by.petrovich.eshop.security.CustomUserDetails;
+import by.petrovich.eshop.entity.model.CustomUserDetail;
 import by.petrovich.eshop.service.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.BadCredentialsException;
@@ -58,16 +58,7 @@ public void register(RegistrationFormDto registrationFormDto) {
  public UserDetails loadUserByUsername(String name) throws UserNotFoundException {
  User user = userRepository.findByName(name).orElseThrow(()
  -> new UserNotFoundException("User not found"));
- return new CustomUserDetails(
- user.getUserId(),
- user.getName(),
- user.getPassword(),
- user.getEmail(),
- user.getBirthDate(),
- user.getBalance(),
- user.getOrders(),
- user.getRole()
- );
+ return new CustomUserDetail(user);
  }
 
  private boolean isExist(String email) {

src/main/resources/db/migration/V1__Create_Eshop_tables.sql

@@ -1,3 +1,12 @@
+-- ROLES
+--
+CREATE TABLE IF NOT EXISTS roles
+(
+ role_id SERIAL NOT NULL,
+ name varchar(20) NOT NULL,
+ PRIMARY KEY (role_id)
+);
+
 -- USERS
 --
 CREATE TABLE IF NOT EXISTS users
@@ -9,7 +18,9 @@ CREATE TABLE IF NOT EXISTS users
  birth_date date NOT NULL,
  balance NUMERIC(10, 2) DEFAULT '0.00',
  role_id INTEGER,
- PRIMARY KEY (user_id)
+ PRIMARY KEY (user_id),
+ CONSTRAINT fk_role_id FOREIGN KEY (role_id) REFERENCES roles (role_id)
+
 );
 
 -- CATEGORIES
@@ -58,13 +69,4 @@ CREATE TABLE IF NOT EXISTS carts
  user_id INTEGER,
  PRIMARY KEY (cart_id),
  CONSTRAINT fk_user_id FOREIGN KEY (user_id) REFERENCES users (user_id)
-);
-
--- ROLES
---
-CREATE TABLE IF NOT EXISTS roles
-(
- role_id SERIAL NOT NULL,
- name varchar(20) NOT NULL,
- PRIMARY KEY (role_id)
 );

src/main/resources/db/migration/V2__Populate_Eshop_tables.sql

@@ -1,3 +1,7 @@
+INSERT INTO roles (name)
+VALUES ('ROLE_USER'),
+ ('ROLE_ADMIN');
+
 INSERT INTO users (name, password, email, birth_date, balance, role_id)
 values ('Wade', '$2a$10$0ZrU1zZA2gx9lBm2MQ1Id.gN7Itm8a8Xi3AComXN2CZXZzHCclh..', '[email protected]', '01-01-1990', 0.5, 1),
  ('Dave', '$2a$10$XtGZF/tA.hNaFsDN6MEKYOTcFS.52OFv0U0UZUWjCl34SgDJVenBG', '[email protected]', '01-01-1990', 0.5, 1),
@@ -65,15 +69,14 @@ VALUES ('product name1',
  16.50, 5);
 
 INSERT INTO orders (price, user_id, created_at)
-VALUES (0.10, 1, CURRENT_TIMESTAMP),
- (0.20, 2, CURRENT_TIMESTAMP),
+VALUES (100.00, 1, CURRENT_TIMESTAMP),
+ (19.99, 1, CURRENT_TIMESTAMP),
+ (200.00, 2, CURRENT_TIMESTAMP),
+ (25.00, 2, CURRENT_TIMESTAMP),
+ (50.00, 2, CURRENT_TIMESTAMP),
  (0.30, 3, CURRENT_TIMESTAMP);
 
 INSERT INTO carts (price, created_at, user_id)
 VALUES (50.55, CURRENT_TIMESTAMP, 1),
  (10.99, CURRENT_TIMESTAMP, 2),
- (0.5, CURRENT_TIMESTAMP, 3);
-
-INSERT INTO roles (name)
-VALUES ('ROLE_USER'),
- ('ROLE_ADMIN');
+ (0.5, CURRENT_TIMESTAMP, 3);

src/main/resources/templates/include/topnav.html

@@ -9,10 +9,9 @@
  <a class="fa badge fa-5x" href="/logout">&#xf08b Log out</a>
  <a class="fa badge fa-5x" href="/profile">&#xf007 Profile</a>
  <a class="fa badge-cart fa-5x" href="/cart" th:value="${session.cartDto.quantity}">&#xf07a Cart</a>
- <a class="fa badge fa-5x" href="/admin">Admin</a>
  </div>
  <div sec:authorize="hasRole('ADMIN')">
- <a class="fa badge fa-5x" href="/admin">Admin Role</a>
+ <a class="fa badge fa-5x" href="/admin">Admin</a>
  </div>
  <div class="search-container">
  <form class="search-form" th:action="@{/product/search}">

src/main/resources/templates/order.html

@@ -14,7 +14,7 @@
 <div class="order-content">
  <h1 th:text="${order.orderId}">Order</h1>
  <h3 th:text="${order.createdAt}">createdAt</h3>
- <h3 sec:authentication="principal.name">Name</h3>
+ <h3 sec:authentication="principal.username">Name</h3>
 
  <div class="header">
  <label class="product-image">Image</label>

src/main/resources/templates/profile.html

@@ -14,15 +14,15 @@
  <h2 style="text-align:center">User Profile Card</h2>
  <img src="https://www.w3schools.com/w3images/team2.jpg" alt="John" style="width:100%">
  <span>name: </span>
- <span sec:authentication="principal.name"></span>
+ <span sec:authentication="principal.username"></span>
  <span>id: </span>
  <span sec:authentication="principal.userId"></span>
  <h6></h6>
  <span>email: </span>
  <span sec:authentication="principal.email"></span>
  <h6></h6>
  <span>role: </span>
- <span sec:authentication="principal.role.name"></span>
+ <span sec:authentication="principal.role"></span>
  <h6></h6>
  <span>balance: </span>
  <span sec:authentication="principal.balance"></span>