Security example

server/data/src/main/kotlin/hu/bsstudio/bssweb/member/repository/MemberRepository.kt

@@ -2,6 +2,9 @@ package hu.bsstudio.bssweb.member.repository
 
 import hu.bsstudio.bssweb.member.entity.MemberEntity
 import org.springframework.data.repository.CrudRepository
+import java.util.Optional
 import java.util.UUID
 
-interface MemberRepository : CrudRepository<MemberEntity, UUID>
+interface MemberRepository : CrudRepository<MemberEntity, UUID> {
+    fun findByNickname(nickName: String): Optional<MemberEntity>
+}

server/service/src/main/kotlin/hu/bsstudio/bssweb/member/service/DefaultMemberService.kt

@@ -42,7 +42,12 @@ class DefaultMemberService(
 
     override fun findMemberById(memberIds: UUID): Optional<Member> {
         return repository.findById(memberIds)
-            .map(mapper::entityToModel)
+                .map(mapper::entityToModel)
+    }
+
+    override fun findMemberByNickname(nickName: String): Optional<Member> {
+        return repository.findByNickname(nickName)
+                .map(mapper::entityToModel)
     }
 
     override fun removeMember(memberId: UUID) = repository.deleteById(memberId)

server/service/src/main/kotlin/hu/bsstudio/bssweb/member/service/FileUpdatingMemberService.kt

@@ -27,6 +27,10 @@ class FileUpdatingMemberService(private val server: MemberService, private val f
         return this.server.findMemberById(memberIds)
     }
 
+    override fun findMemberByNickname(nickName: String): Optional<Member> {
+        return this.server.findMemberByNickname(nickName)
+    }
+
     override fun updateMember(memberId: UUID, updateMember: UpdateMember): Optional<Member> {
         return this.server.updateMember(memberId, updateMember)
             .map { fileClient.updateMemberFolder(FileUpdate(it.id, it.url)); it }

server/service/src/main/kotlin/hu/bsstudio/bssweb/member/service/MemberService.kt

@@ -11,6 +11,7 @@ interface MemberService {
     fun insertMember(createMember: CreateMember): Member
     fun archiveMembers(memberIds: List<UUID>, archive: Boolean = true): List<UUID>
     fun findMemberById(memberIds: UUID): Optional<Member>
+    fun findMemberByNickname(nickName: String): Optional<Member>
     fun updateMember(memberId: UUID, updateMember: UpdateMember): Optional<Member>
     fun removeMember(memberId: UUID)
 }

server/web/src/main/kotlin/hu/bsstudio/bssweb/event/controller/EventController.kt

@@ -7,6 +7,8 @@ import hu.bsstudio.bssweb.event.model.UpdateEvent
 import hu.bsstudio.bssweb.event.operation.EventOperation
 import hu.bsstudio.bssweb.event.service.EventService
 import org.springframework.http.ResponseEntity
+import org.springframework.security.access.prepost.PreAuthorize
+import org.springframework.security.core.context.SecurityContextHolder
 import org.springframework.web.bind.annotation.RestController
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder
 import java.util.UUID
@@ -19,7 +21,9 @@ class EventController(private val service: EventService) : EventOperation {
             .let { ResponseEntity.ok(it) }
     }
 
+    @PreAuthorize("!hasAnyRole('STATUS_MEMBER_CANDIDATE_CANDIDATE')")
     override fun createEvent(createEvent: CreateEvent): ResponseEntity<Event> {
+        println(SecurityContextHolder.getContext().authentication)
         return service.insertEvent(createEvent)
             .let { ResponseEntity.created(locationUri(it.id)).body(it) }
     }

server/web/src/main/kotlin/hu/bsstudio/bssweb/security/config/SecurityConfig.kt

@@ -1,16 +1,36 @@
 package hu.bsstudio.bssweb.security.config
 
+import hu.bsstudio.bssweb.member.service.MemberService
+import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
+import org.springframework.security.authentication.AuthenticationManager
 import org.springframework.security.config.Customizer
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
+import org.springframework.security.provisioning.JdbcUserDetailsManager
 import org.springframework.security.web.SecurityFilterChain
 
+
 @Configuration
 @EnableWebSecurity
 class SecurityConfig {
 
+    @Bean
+    fun bssAuthenticationProvider() : BssAuthenticationProvider {
+        return BssAuthenticationProvider()
+    }
+
+    @Bean
+    fun authManager(http: HttpSecurity, bssAuthenticationProvider: BssAuthenticationProvider): AuthenticationManager? {
+        return http
+                .getSharedObject(AuthenticationManagerBuilder::class.java)
+                .authenticationProvider(bssAuthenticationProvider)
+                .build()
+    }
+
+
     @Bean
     fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
         return http

server/web/src/main/kotlin/hu/bsstudio/bssweb/video/controller/VideoController.kt

@@ -9,6 +9,7 @@ import hu.bsstudio.bssweb.video.service.VideoService
 import org.springframework.data.domain.Page
 import org.springframework.data.domain.Pageable
 import org.springframework.http.ResponseEntity
+import org.springframework.security.access.prepost.PreAuthorize
 import org.springframework.web.bind.annotation.RestController
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder
 import java.util.UUID
@@ -26,6 +27,7 @@ class VideoController(private val service: VideoService) : VideoOperation {
             .let { ResponseEntity.ok(it) }
     }
 
+    @PreAuthorize("hasAnyRole('asd', 'asd')")
     override fun createVideo(createVideo: CreateVideo): ResponseEntity<Video> {
         return service.insertVideo(createVideo)
             .let { ResponseEntity.created(locationUri(it.id)).body(it) }