/ - Diff - Vylepšení funkcí a rozhraní frameworku SPADe (Pícha) - PRO_grammers. - Redmine

pom.xml
124	124	<version>${org.junit.jupiter.version}</version>
125	125	<scope>test</scope>
126	126	</dependency>
127
128	127	<!-- json library with minimal overhead -->
129	128	<dependency>
130	129	<groupId>com.googlecode.json-simple</groupId>

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.controller;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.Configuration;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.User;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfigKey;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfiguration;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository.UserConfigurationRepository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.*;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository.ConfigRepository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository.UserConfigurationJoinRepository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.service.ConfigurationService;
     import org.springframework.beans.factory.annotation.Autowired;
     import org.springframework.web.bind.annotation.GetMapping;
     import org.springframework.web.bind.annotation.RequestMapping;
     import org.springframework.web.bind.annotation.RestController;
     import org.springframework.http.ResponseEntity;
     import org.springframework.web.bind.annotation.*;
     import java.util.List;
     /**
      * @Author Jiri Trefil
-...
     @RequestMapping("v2/configuration")
     public class ConfigurationController {
         @Autowired
         private UserConfigurationRepository userConfigurationRepository ;
         private ConfigurationService configurationService;
         @PostMapping(value="/upload_configuration")
         public ResponseEntity<String> test(@RequestBody UserConfiguration userConfiguration) {
             ResponseEntity<String> response = configurationService.addConfiguration(userConfiguration);
         @GetMapping(value="/test")
         public String test(){
             UserConfigKey key = new UserConfigKey(1,1);
             UserConfiguration tmp = userConfigurationRepository.save(new UserConfiguration(key));
             return "test";
             return null;
+        }
         @GetMapping(value="/get_configuration")
         public ResponseEntity<String> getUserConfigurations(@RequestParam(name="name") String userName){
             User user = new User(userName);
             ResponseEntity<String> response = this.configurationService.getUserConfigurations(user);
             return response;
+        }

     import javax.persistence.*;
     @Entity
     @Table(name="configuration")
     @Table(name="configurations")
     public class Configuration {
         @Id
         @GeneratedValue(strategy = GenerationType.IDENTITY)
-...
         //hash of the configuration so users cant upload duplicates
         private String configHash;
         // 'Y' if the configuration is accessible to everyone, 'N' if its user defined
         private char isDefault;
         private String isDefault;
         public Configuration(){}
         public Configuration(String config, String configHash, boolean isDefault){
         public Configuration(String config, String configHash, String isDefault){
             this.config = config;
             this.configHash = configHash;
             this.isDefault = isDefault?'Y':'N';
             this.isDefault = isDefault;
+        }
         public Configuration(int id){
             this.id = id;
+        }
         public Configuration(String config, String isDefault){
             this.config = config;
             this.configHash = null;
             this.isDefault = isDefault;
+        }
         public int getId() {
             return id;
-...
             return configHash;
+        }
         public char getIsDefault() {
         public String getIsDefault() {
             return isDefault;
+        }
         public void setHash(String hash){
             this.configHash = hash;
+        }
+    }

             this.name = name;
             this.token = token;
+        }
         public User(String name){
             this.name = name;
+        }
         public User(String name, String email, String password){
             this.name = name;
             this.email = email;

     import javax.persistence.Embeddable;
     import java.io.Serializable;
     /**
      * @Author Jiri Trefil
      * primary key of table user_configuration is compound (userId,configurationId) pair is unique
      * @Deprecated not being used (29.04.2023)
      * the business logic involving this table is in ConfigurationRepository interface
      */
     @Embeddable
     public class UserConfigKey implements Serializable {
-...
         this.configId = configId;
+    }
         public int getUserId() {
             return userId;
+        }
         public int getConfigId() {
             return configId;
+        }
         public void setUserId(int userId) {
             this.userId = userId;
+        }
         public void setConfigId(int configId) {
             this.configId = configId;
+        }
         public UserConfigKey() {

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.model;
     import javax.persistence.*;
     import java.io.Serializable;
     /**
      * @Author Jiri Trefil
      * Join table between user and configuration
      * One user can have multiple (or none) configurations associated with him
      * One configuration can have associated multiple users
      * there this Many:Many relationship has to be decomposed with this table
      * Primary key is a Composite key (userId+configId is always a unique pair)
      * @author Jiri Trefil
      * Wrapper for http request for uploading a new configuration by user
      */
     @Entity
     @Table(name="user_configurations")
     public class UserConfiguration {
         @EmbeddedId
         private UserConfigKey id;
         private User user;
         private Configuration configuration;
         public UserConfiguration(){
         public UserConfiguration(User user, Configuration configuration){
             this.user = user;
             this.configuration = configuration;
+        }
         public UserConfiguration(){}
         public UserConfiguration(UserConfigKey id){
             this.id = id;
         public User getUser() {
             return user;
+        }
         public Configuration getConfiguration() {
             return configuration;
+        }
         public UserConfigKey getUserConfigKey(){
             return this.id;
         public void setUser(User user) {
             this.user = user;
+        }
         public void setConfiguration(Configuration configuration) {
             this.configuration = configuration;
+        }
+    }

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.model;
     import javax.persistence.*;
     /**
      * @Author Jiri Trefil
      * Join table between user and configuration
      * One user can have multiple (or none) configurations associated with him
      * One configuration can have associated multiple users
      * there this Many:Many relationship has to be decomposed with this table
      * Primary key is a Composite key (userId+configId is always a unique pair)
      */
     @Entity
     @Table(name="user_configurations")
     public class UserConfigurationJoin {
         @EmbeddedId
         private UserConfigKey id;
         public UserConfigurationJoin(){
+        }
         public UserConfigurationJoin(UserConfigKey id){
             this.id = id;
+        }
         public UserConfigKey getUserConfigKey(){
             return this.id;
+        }
+    }

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.Configuration;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfigKey;
     import org.springframework.data.jpa.repository.JpaRepository;
     import org.springframework.data.jpa.repository.Modifying;
     import org.springframework.data.jpa.repository.Query;
     import org.springframework.stereotype.Repository;
     import java.util.List;
     @Repository
     public interface ConfigRepository extends JpaRepository<Configuration,Integer> {
         Configuration findConfigurationById(int id);
         Configuration findConfigurationByConfigHash(String hash);
         //query to get all public configurations
         @Query("Select config from Configuration config where config.isDefault = 'Y'")
         List<Configuration> getPublicConfigurations();
         //retrieve all public configurations and configurations available to the user
         //assumption - default configurations are not assigned to any user explicitly
         @Query("select config from Configuration config where config.isDefault = 'Y' " +
                 "or config.id in (select userconfig.id.userId from UserConfigurationJoin userconfig where userconfig.id.userId = ?1)")
         List<Configuration> getAllUserConfigurations(int userId);
+    }

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfigKey;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfigurationJoin;
     import org.springframework.data.jpa.repository.JpaRepository;
     /**
      * this repository is not being used (29.04.2023)
      * but it provides and API to work with Join table user_configurations
      * the logic is contained in ConfigurationRepository interface (the pairing of user and configuration)
      */
     public interface UserConfigurationJoinRepository extends JpaRepository<UserConfigurationJoin, UserConfigKey> {
+    }

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfigKey;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfiguration;
     import org.springframework.data.jpa.repository.JpaRepository;
     public interface UserConfigurationRepository extends JpaRepository<UserConfiguration, UserConfigKey> {
+    }

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.security;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.httpExceptions.CustomExceptionHandler;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.service.OAuthService;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.utils.JSONBuilder;
     import org.json.simple.JSONObject;
     import org.json.simple.parser.ParseException;
     import org.springframework.http.*;
     import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
     import org.springframework.security.core.Authentication;
-...
             String authorizationHeader = request.getHeader("Authorization");
             if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) {
     //            chain.doFilter(request, response);
                 SecurityContextHolder.clearContext();
                 response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
                 response.getOutputStream().println("{\"error\" : \"Some other error related to jwt token!\"}");
-...
                     Authentication auth = new UsernamePasswordAuthenticationToken(userDetails, token, userDetails.getAuthorities());
                     SecurityContextHolder.getContext().setAuthentication(auth);
         /*
                 else {
                     SecurityContextHolder.clearContext();
                     response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
                     response.getOutputStream().println("{\"error\" : \"Token timed out!\"}");
                     return;
                 }*/
+            }
             //4xx or 5xx http response from auth application
             //basically copies the response from auth app and send it to client
-...
+        }
         @Override
         protected boolean shouldNotFilter(HttpServletRequest request) throws ServletException {
         protected boolean shouldNotFilter(HttpServletRequest request) {
                 String path = request.getRequestURI().substring(request.getContextPath().length());
             return path.startsWith("/v2/user/login") || path.startsWith("/v2/user/register");
+        }

     import org.springframework.security.core.userdetails.UserDetailsService;
     import org.springframework.security.web.SecurityFilterChain;
     import org.springframework.security.web.access.channel.ChannelProcessingFilter;
     import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
     import org.springframework.web.client.RestTemplate;
     import org.springframework.web.cors.CorsConfiguration;
     import org.springframework.web.cors.CorsConfigurationSource;
-...
         @Override
         protected void configure(HttpSecurity httpSecurity) throws Exception {
             httpSecurity
                     .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
                     .cors().configurationSource(corsConfigurationSource())
                     .and()
                     .csrf().disable()
                     .authorizeRequests()
                     .mvcMatchers("/v2/user/register", "/v2/user/login", "/v2/user/refresh", "/v2/user/logout","/v2/configuration//test").permitAll()
                     .mvcMatchers("/v2/user/register", "/v2/user/login", "/v2/user/refresh", "/v2/user/logout","/v2/configuration//get_configuration","v2/configuration/upload_configuration").permitAll()
                     .anyRequest().authenticated()
                     .and()
                     .sessionManagement()

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.service;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.Configuration;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.User;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.UserConfiguration;
     import org.springframework.http.ResponseEntity;
     public interface ConfigurationService {
         //upload configuration
         ResponseEntity<String> addConfiguration(Configuration cfg);
         ResponseEntity<String> addConfiguration(UserConfiguration cfg);
         ResponseEntity<String> pairConfigurationWithUser(User user, Configuration configuration);
         //get all configurations available to user
         ResponseEntity<String> getUserConfigurations(User user);
+    }

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.service;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.*;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository.ConfigRepository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository.UserConfigurationJoinRepository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository.UserRepository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.utils.Crypto;
     import org.springframework.beans.factory.annotation.Autowired;
     import org.springframework.http.ResponseEntity;
     import org.springframework.stereotype.Service;
     import java.util.List;
     @Service
     public class ConfigurationServiceImplementation implements ConfigurationService{
         @Autowired
         private ConfigRepository configurationRepository;
         @Autowired
         private UserConfigurationJoinRepository userConfigurationJoinRepository;
         @Autowired
         private UserService userService;
         /**
          * Saves configuration to database
          * the configuration is default to everyone
          * @param cfg Configuration - JSON format of configuration with antipatterns and thresholds
          * @return ResponseEntity with status code and message with more information about operation
          */
         @Override
         public ResponseEntity<String> addConfiguration(Configuration cfg) {
             return null;
+        }
         /**
          * Saves configuration to database
          * the configuration is available to the user who sent the request
          * @param cfg Configuration - JSON format of configuration with antipatterns and thresholds
          * @return ResponseEntity with status code and message with more information about operation
          */
         @Override
         public ResponseEntity<String> addConfiguration(UserConfiguration cfg) {
             User user = cfg.getUser();
             Configuration configuration = cfg.getConfiguration();
             String userName = user.getName();
             user = this.userService.getUserByName(userName);
             String configurationDefinition = configuration.getConfig();
             if(configurationDefinition == null){
                 //todo konfigurace neni poslana, chyba requestu
+            }
             String configHash = Crypto.hashString(configurationDefinition);
             Configuration existingConfiguration = this.configurationRepository.findConfigurationByConfigHash(configHash);
             //configuration definition does not exist => upload the configuration into database
             if(existingConfiguration == null){
                 configuration.setHash(configHash);
                 //save the configuration itself
                 Configuration tmp = this.configurationRepository.save(configuration);
                 if(tmp == null){
                     //todo selhal insert do databaze
+                }
+            }
             //pair the configuration to the user
             return pairConfigurationWithUser(user,configuration);
+        }
         @Override
         public ResponseEntity<String> pairConfigurationWithUser(User user, Configuration configuration) {
             final UserConfigKey key = new UserConfigKey(user.getId(),configuration.getId());
             boolean exists = this.userConfigurationJoinRepository.existsById(key);
             if(exists){
                 //todo uzivatel se chce sparovat s konfiguraci se kterou je jiz sparovan, jenom poslat ok nebo error
+            }
             //save the relation between user and configuration
             this.userConfigurationJoinRepository.save(new UserConfigurationJoin(key));
             return null;
+        }
         @Override
         public ResponseEntity<String> getUserConfigurations(User user) {
             final String userName = user.getName();
             //client can only send his name - he obviously does not know his id in db, we have to query that
             User userInfo = this.userService.getUserByName(userName);
             //fetch all configurations this particular user can see
             //ie all public configs + configurations uploaded by this particular user
             List<Configuration> configurations = this.configurationRepository.getAllUserConfigurations(userInfo.getId());
             return null;
+        }
+    }

     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.dials.UserModelStatusCodes;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.model.User;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.repository.UserRepository;
     import cz.zcu.fav.kiv.antipatterndetectionapp.v2.utils.Crypto;
     import org.springframework.beans.factory.annotation.Autowired;
     import org.springframework.stereotype.Service;
-...
                 return UserModelStatusCodes.USER_EXISTS;
+            }
             String passwordHash = hashPassword(password);
             String passwordHash = Crypto.hashString(password);
             //server side fault
             if (passwordHash == null) {
                 return UserModelStatusCodes.HASH_FAILED;
-...
             return emailPattern.matcher(email).find();
+        }
         /**
          * Method to hash password
          * @param password  password from client
          * @return          hashed password for database
          */
         public String hashPassword(String password) {
             //standard java security encryption module
             MessageDigest digest = null;
             try {
                 //try to instance the class - throws an error if algorithm
                 digest = MessageDigest.getInstance("SHA3-256");
+            }
             catch(NoSuchAlgorithmException exception){
                 exception.printStackTrace();
                 return null;
+            }
             byte [] tmp = digest.digest(password.getBytes(StandardCharsets.UTF_8));
             //convert byte array into string
             return (new HexBinaryAdapter()).marshal(tmp);
+        }
         /**
          * Method
-...
             if (u == null) {
                 return UserModelStatusCodes.USER_LOGIN_FAILED;
+            }
             final boolean passwordMatches = comparePassword(password,u.getPassword());
             final boolean passwordMatches = Crypto.compareHashes(password, u.getPassword());
             return (!passwordMatches ? UserModelStatusCodes.USER_LOGIN_FAILED : UserModelStatusCodes.USER_LOGGED_IN);
+        }
         /**
          * Method compares user password with stored hash
          * @param password String user provided password
          * @param hash String hash saved in database
          * @return true if hashes are the same
          */
         boolean comparePassword(String password, String hash) {
             final String passwordHash = this.hashPassword(password);
             return hash.equals(passwordHash);
+        }
         @Override
         public User getUserByName(String name) {

     package cz.zcu.fav.kiv.antipatterndetectionapp.v2.utils;
     import javax.xml.bind.annotation.adapters.HexBinaryAdapter;
     import java.nio.charset.StandardCharsets;
     import java.security.MessageDigest;
     import java.security.NoSuchAlgorithmException;
     public class Crypto {
         /**
          * Method to hash password
          * @param password  password from client
          * @return          hashed password for database
          */
         public static String hashString(String password) {
             //standard java security encryption module
             MessageDigest digest = null;
             try {
                 //try to instance the class - throws an error if algorithm
                 digest = MessageDigest.getInstance("SHA3-256");
+            }
             catch(NoSuchAlgorithmException exception){
                 exception.printStackTrace();
                 return null;
+            }
             byte [] tmp = digest.digest(password.getBytes(StandardCharsets.UTF_8));
             //convert byte array into string
             return (new HexBinaryAdapter()).marshal(tmp);
+        }
         /**
          * Method compares user password with stored hash
          * @param password String user provided password
          * @param hash String hash saved in database
          * @return true if hashes are the same
          */
         public static boolean compareHashes(String password, String hash) {
             final String passwordHash = hashString(password);
             return hash.equals(passwordHash);
+        }
+    }

Projekt

Obecné

Profil

ASWI - Pokročilé softwarové inženýrství » ASWI 2023 » Vylepšení funkcí a rozhraní frameworku SPADe (Pícha) - PRO_grammers.

Revize 9e82bc8a

Přidáno uživatelem Jiri Trefil před téměř 2 roky(ů)