adding security

This commit is contained in:
alex 2024-08-06 22:01:50 -04:00
parent 2aeeb016fd
commit cd7ea79e95
13 changed files with 246 additions and 15 deletions

13
pom.xml
View File

@ -68,7 +68,18 @@
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId> <artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.ldap</groupId>
<artifactId>spring-ldap-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-ldap</artifactId>
</dependency>
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId> <artifactId>spring-boot-starter-validation</artifactId>

View File

@ -0,0 +1,38 @@
package com.primefactorsolutions.config;
import com.primefactorsolutions.views.LoginView;
import com.vaadin.flow.spring.security.VaadinWebSecurity;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.ldap.LdapBindAuthenticationManagerFactory;
import org.springframework.security.ldap.DefaultSpringSecurityContextSource;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
@EnableWebSecurity
@Configuration
public class SecurityConfig extends VaadinWebSecurity {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeHttpRequests(auth ->
auth.requestMatchers(
AntPathRequestMatcher.antMatcher(HttpMethod.GET, "/images/*.png")).permitAll());
super.configure(http);
setLoginView(http, LoginView.class);
}
@Bean
public AuthenticationManager authenticationManager() {
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource("ldap://ldap.primefactorsolutions.com:389/dc=primefactorsolutions,dc=com");
contextSource.setCacheEnvironmentProperties(false);
LdapBindAuthenticationManagerFactory factory = new LdapBindAuthenticationManagerFactory(contextSource);
factory.setUserDnPatterns("uid={0},ou=users");
return factory.createAuthenticationManager();
}
}

View File

@ -6,13 +6,22 @@ import lombok.Data;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import java.util.List; import java.util.List;
import java.util.UUID;
@Service @Service
@Data @Data
public class QuestionService { public class QuestionService {
private final QuestionRepository questionRepository; private final QuestionRepository questionRepository;
public Question getQuestion(UUID id) {
return questionRepository.findById(id).get();
}
public List<Question> getQuestions() { public List<Question> getQuestions() {
return questionRepository.findAll(); return questionRepository.findAll();
} }
public void createOrUpdate(Question question) {
questionRepository.save(question);
}
} }

View File

@ -15,6 +15,7 @@ import com.vaadin.flow.router.HasUrlParameter;
import com.vaadin.flow.router.PageTitle; import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route; import com.vaadin.flow.router.Route;
import com.vaadin.flow.spring.annotation.SpringComponent; import com.vaadin.flow.spring.annotation.SpringComponent;
import jakarta.annotation.security.PermitAll;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.springframework.context.annotation.Scope; import org.springframework.context.annotation.Scope;
import org.vaadin.firitin.fields.SubListSelector; import org.vaadin.firitin.fields.SubListSelector;
@ -24,6 +25,7 @@ import java.util.List;
import java.util.UUID; import java.util.UUID;
@SpringComponent @SpringComponent
@PermitAll
@Scope("prototype") @Scope("prototype")
@PageTitle("Assessments") @PageTitle("Assessments")
@Route(value = "/assessments", layout = MainLayout.class) @Route(value = "/assessments", layout = MainLayout.class)

View File

@ -14,6 +14,7 @@ import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route; import com.vaadin.flow.router.Route;
import com.vaadin.flow.shared.Registration; import com.vaadin.flow.shared.Registration;
import com.vaadin.flow.spring.annotation.SpringComponent; import com.vaadin.flow.spring.annotation.SpringComponent;
import jakarta.annotation.security.PermitAll;
import org.springframework.context.annotation.Scope; import org.springframework.context.annotation.Scope;
import org.vaadin.addon.stefan.clipboard.ClientsideClipboard; import org.vaadin.addon.stefan.clipboard.ClientsideClipboard;
import org.vaadin.firitin.components.grid.VGrid; import org.vaadin.firitin.components.grid.VGrid;
@ -24,6 +25,7 @@ import java.util.stream.Stream;
@Scope("prototype") @Scope("prototype")
@PageTitle("Assessments") @PageTitle("Assessments")
@Route(value = "/assessments", layout = MainLayout.class) @Route(value = "/assessments", layout = MainLayout.class)
@PermitAll
public class AssessmentsListView extends Main { public class AssessmentsListView extends Main {
public AssessmentsListView(final AssessmentService assessmentService) { public AssessmentsListView(final AssessmentService assessmentService) {

View File

@ -1,14 +0,0 @@
package com.primefactorsolutions.views;
import com.vaadin.flow.component.Text;
import com.vaadin.flow.component.html.Main;
import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route;
@PageTitle("Assessment")
@Route(value = "/evaluation/completed", layout = MainLayout.class)
public class EvaluationCompletedView extends Main {
public EvaluationCompletedView() {
add(new Text("La evaluacion ha sido completada. Nos contactaremos con usted."));
}
}

View File

@ -25,6 +25,7 @@ import com.vaadin.flow.component.orderedlayout.HorizontalLayout;
import com.vaadin.flow.component.orderedlayout.VerticalLayout; import com.vaadin.flow.component.orderedlayout.VerticalLayout;
import com.vaadin.flow.component.textfield.TextField; import com.vaadin.flow.component.textfield.TextField;
import com.vaadin.flow.router.*; import com.vaadin.flow.router.*;
import com.vaadin.flow.server.auth.AnonymousAllowed;
import com.vaadin.flow.spring.annotation.SpringComponent; import com.vaadin.flow.spring.annotation.SpringComponent;
import com.vaadin.flow.theme.lumo.LumoUtility.Background; import com.vaadin.flow.theme.lumo.LumoUtility.Background;
import com.vaadin.flow.theme.lumo.LumoUtility.BoxSizing; import com.vaadin.flow.theme.lumo.LumoUtility.BoxSizing;
@ -53,6 +54,7 @@ import java.util.stream.Collectors;
@SpringComponent @SpringComponent
@Scope("prototype") @Scope("prototype")
@Route(value = "/evaluation", layout = MainLayout.class) @Route(value = "/evaluation", layout = MainLayout.class)
@AnonymousAllowed
public class EvaluationView extends Main implements HasUrlParameter<String> { public class EvaluationView extends Main implements HasUrlParameter<String> {
final CompilerService compilerService; final CompilerService compilerService;

View File

@ -0,0 +1,41 @@
package com.primefactorsolutions.views;
import com.vaadin.flow.component.html.H1;
import com.vaadin.flow.component.login.LoginForm;
import com.vaadin.flow.component.orderedlayout.VerticalLayout;
import com.vaadin.flow.router.BeforeEnterEvent;
import com.vaadin.flow.router.BeforeEnterObserver;
import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route;
import com.vaadin.flow.server.auth.AnonymousAllowed;
@Route("login")
@PageTitle("PFS Recruiting")
@AnonymousAllowed
public class LoginView extends VerticalLayout implements BeforeEnterObserver {
private final LoginForm login = new LoginForm();
public LoginView() {
addClassName("login-view");
setSizeFull();
setAlignItems(Alignment.CENTER);
setJustifyContentMode(JustifyContentMode.CENTER);
login.setAction("login");
add(new H1("PFS Recruiting"));
add(login);
}
@Override
public void beforeEnter(final BeforeEnterEvent beforeEnterEvent) {
// inform the user about an authentication error
if (beforeEnterEvent.getLocation()
.getQueryParameters()
.getParameters()
.containsKey("error")) {
login.setError(true);
}
}
}

View File

@ -4,9 +4,11 @@ import com.vaadin.flow.component.Text;
import com.vaadin.flow.component.html.Main; import com.vaadin.flow.component.html.Main;
import com.vaadin.flow.router.PageTitle; import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route; import com.vaadin.flow.router.Route;
import jakarta.annotation.security.PermitAll;
@PageTitle("Assessment") @PageTitle("Assessment")
@Route(value = "", layout = MainLayout.class) @Route(value = "", layout = MainLayout.class)
@PermitAll
public class MainView extends Main { public class MainView extends Main {
public MainView() { public MainView() {
add(new Text("welcome")); add(new Text("welcome"));

View File

@ -0,0 +1,63 @@
package com.primefactorsolutions.views;
import com.primefactorsolutions.model.Question;
import com.primefactorsolutions.service.QuestionService;
import com.vaadin.flow.component.Component;
import com.vaadin.flow.component.textfield.TextArea;
import com.vaadin.flow.component.textfield.TextField;
import com.vaadin.flow.router.BeforeEvent;
import com.vaadin.flow.router.HasUrlParameter;
import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route;
import com.vaadin.flow.spring.annotation.SpringComponent;
import jakarta.annotation.security.PermitAll;
import org.apache.commons.lang3.StringUtils;
import org.springframework.context.annotation.Scope;
import org.vaadin.firitin.form.BeanValidationForm;
import java.util.List;
import java.util.UUID;
@SpringComponent
@Scope("prototype")
@PageTitle("Assessments")
@Route(value = "/questions", layout = MainLayout.class)
@PermitAll
public class QuestionView extends BeanValidationForm<Question> implements HasUrlParameter<String> {
private final QuestionService questionService;
private TextField title = null;
private TextArea description = null;
private TextArea content = null;
public QuestionView(final QuestionService questionService) {
super(Question.class);
this.questionService = questionService;
title = new TextField();
title.setLabel("Title");
description = new TextArea();
description.setLabel("Description");
content = new TextArea();
content.setLabel("Content");
setSavedHandler((SavedHandler<Question>) questionService::createOrUpdate);
}
@Override
public void setParameter(final BeforeEvent beforeEvent, final String s) {
if (StringUtils.isNotBlank(s) && !"new".equals(s)) {
var user = questionService.getQuestion(UUID.fromString(s));
setEntityWithEnabledSave(user);
} else {
setEntityWithEnabledSave(new Question());
}
}
@Override
protected List<Component> getFormComponents() {
return List.of(title, description, content);
}
}

View File

@ -0,0 +1,71 @@
package com.primefactorsolutions.views;
import com.primefactorsolutions.model.AppUser;
import com.primefactorsolutions.model.Question;
import com.primefactorsolutions.service.QuestionService;
import com.primefactorsolutions.service.UserService;
import com.vaadin.flow.component.html.Main;
import com.vaadin.flow.data.provider.DataProvider;
import com.vaadin.flow.data.provider.DataProviderListener;
import com.vaadin.flow.data.provider.Query;
import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route;
import com.vaadin.flow.shared.Registration;
import com.vaadin.flow.spring.annotation.SpringComponent;
import jakarta.annotation.security.PermitAll;
import org.springframework.context.annotation.Scope;
import org.vaadin.firitin.components.grid.VGrid;
import java.util.stream.Stream;
@SpringComponent
@Scope("prototype")
@PageTitle("Questions")
@Route(value = "/questions", layout = MainLayout.class)
@PermitAll
public class QuestionsListView extends Main {
final QuestionService questionService;
public QuestionsListView(final QuestionService questionService) {
this.questionService = questionService;
final VGrid<Question> grid = new VGrid<>(Question.class);
grid.setColumns("id", "title");
grid.setDataProvider(new DataProvider<>() {
@Override
public boolean isInMemory() {
return false;
}
@Override
public int size(Query<Question, Object> query) {
return questionService.getQuestions().size();
}
@Override
public Stream<Question> fetch(Query<Question, Object> query) {
int limit = query.getLimit();
int pagerSize = query.getPageSize();
int page = query.getPage();
return questionService.getQuestions().stream();
}
@Override
public void refreshItem(Question question) {
}
@Override
public void refreshAll() {
}
@Override
public Registration addDataProviderListener(DataProviderListener<Question> dataProviderListener) {
return null;
}
});
add(grid);
}
}

View File

@ -9,6 +9,7 @@ import com.vaadin.flow.router.HasUrlParameter;
import com.vaadin.flow.router.PageTitle; import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route; import com.vaadin.flow.router.Route;
import com.vaadin.flow.spring.annotation.SpringComponent; import com.vaadin.flow.spring.annotation.SpringComponent;
import jakarta.annotation.security.PermitAll;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.springframework.context.annotation.Scope; import org.springframework.context.annotation.Scope;
import org.vaadin.firitin.form.BeanValidationForm; import org.vaadin.firitin.form.BeanValidationForm;
@ -20,6 +21,7 @@ import java.util.UUID;
@Scope("prototype") @Scope("prototype")
@PageTitle("Assessments") @PageTitle("Assessments")
@Route(value = "/users", layout = MainLayout.class) @Route(value = "/users", layout = MainLayout.class)
@PermitAll
public class UserView extends BeanValidationForm<AppUser> implements HasUrlParameter<String> { public class UserView extends BeanValidationForm<AppUser> implements HasUrlParameter<String> {
private final UserService userService; private final UserService userService;

View File

@ -10,6 +10,7 @@ import com.vaadin.flow.router.PageTitle;
import com.vaadin.flow.router.Route; import com.vaadin.flow.router.Route;
import com.vaadin.flow.shared.Registration; import com.vaadin.flow.shared.Registration;
import com.vaadin.flow.spring.annotation.SpringComponent; import com.vaadin.flow.spring.annotation.SpringComponent;
import jakarta.annotation.security.PermitAll;
import org.springframework.context.annotation.Scope; import org.springframework.context.annotation.Scope;
import org.vaadin.firitin.components.grid.VGrid; import org.vaadin.firitin.components.grid.VGrid;
@ -20,6 +21,7 @@ import java.util.stream.Stream;
@Scope("prototype") @Scope("prototype")
@PageTitle("Users") @PageTitle("Users")
@Route(value = "/users", layout = MainLayout.class) @Route(value = "/users", layout = MainLayout.class)
@PermitAll
public class UsersListView extends Main { public class UsersListView extends Main {
final UserService userService; final UserService userService;