diff --git a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/config/WebSecurityConfig.java b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/config/WebSecurityConfig.java index 38901ab..877ac1d 100644 --- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/config/WebSecurityConfig.java +++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/config/WebSecurityConfig.java @@ -22,7 +22,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(final AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(this.userDetailsService); + auth.userDetailsService(this.userDetailsService) + .passwordEncoder(passwordEncoder()); } @Override @@ -32,8 +33,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { .authorizeRequests() // Let anyone view the login and logout pages. .antMatchers("/login*", "/logout*", "/register*") - .permitAll() - .and() + .permitAll() + .and() .authorizeRequests() .antMatchers("/css/**") @@ -41,8 +42,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { .and() .authorizeRequests() // Only logged in users should be able to see site content. - .antMatchers("/**") - .hasRole("USER") + .antMatchers("/**").authenticated() .anyRequest().authenticated() .and() diff --git a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/Role.java b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/Role.java new file mode 100644 index 0000000..1b2271e --- /dev/null +++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/Role.java @@ -0,0 +1,43 @@ +package nl.andrewlalis.teaching_assistant_assistant.model.security; + +import nl.andrewlalis.teaching_assistant_assistant.model.BasicEntity; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.ManyToMany; +import java.util.List; + +/** + * Represents a role that a user has, which gives the user access to certain resources. + */ +@Entity +public class Role extends BasicEntity { + + /** + * The name of this role. + */ + @Column(nullable = false, unique = true) + private String name; + + /** + * The list of users with this role. + */ + @ManyToMany(mappedBy = "roles") + private List users; + + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + public List getUsers() { + return users; + } + + public void setUsers(List users) { + this.users = users; + } +} diff --git a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/User.java b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/User.java index 35fc71b..af543b9 100644 --- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/User.java +++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/User.java @@ -3,10 +3,8 @@ package nl.andrewlalis.teaching_assistant_assistant.model.security; import nl.andrewlalis.teaching_assistant_assistant.model.BasicEntity; import nl.andrewlalis.teaching_assistant_assistant.model.people.Person; -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.JoinColumn; -import javax.persistence.OneToOne; +import javax.persistence.*; +import java.util.List; /** * Represents a user of the website with some credentials. @@ -23,9 +21,31 @@ public class User extends BasicEntity { /** * The password for this user. */ - @Column + @Column(nullable = false) private String password; + /** + * Whether or not this user has been activated. + */ + @Column(nullable = false) + private boolean activated = false; + + /** + * Whether or not this user has been locked (no more access). + */ + @Column(nullable = false) + private boolean locked = false; + + @ManyToMany( + fetch = FetchType.EAGER + ) + @JoinTable( + name = "user_roles", + joinColumns = @JoinColumn(name = "user_id", referencedColumnName = "id"), + inverseJoinColumns = @JoinColumn(name = "role_id", referencedColumnName = "id") + ) + private List roles; + @OneToOne @JoinColumn( name = "person_id", @@ -46,4 +66,27 @@ public class User extends BasicEntity { return this.person; } + public boolean isActivated() { + return activated; + } + + public void setActivated(boolean activated) { + this.activated = activated; + } + + public boolean isLocked() { + return locked; + } + + public void setLocked(boolean locked) { + this.locked = locked; + } + + public List getRoles() { + return roles; + } + + public void setRoles(List roles) { + this.roles = roles; + } } diff --git a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/UserDetails.java b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/UserDetails.java index 9c4e391..8a6d8dd 100644 --- a/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/UserDetails.java +++ b/src/main/java/nl/andrewlalis/teaching_assistant_assistant/model/security/UserDetails.java @@ -3,9 +3,13 @@ package nl.andrewlalis.teaching_assistant_assistant.model.security; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; +import java.util.ArrayList; import java.util.Collection; -import java.util.Collections; +import java.util.List; +/** + * TAA-specific implementation of Spring's UserDetails interface to supply user authentication data. + */ public class UserDetails implements org.springframework.security.core.userdetails.UserDetails { private User user; @@ -20,7 +24,12 @@ public class UserDetails implements org.springframework.security.core.userdetail @Override public Collection getAuthorities() { - return Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")); + List roles = this.user.getRoles(); + List authorities = new ArrayList<>(); + for (Role role : roles) { + authorities.add(new SimpleGrantedAuthority(role.getName())); + } + return authorities; } @Override @@ -40,7 +49,7 @@ public class UserDetails implements org.springframework.security.core.userdetail @Override public boolean isAccountNonLocked() { - return true; + return !this.user.isLocked(); } @Override @@ -50,6 +59,6 @@ public class UserDetails implements org.springframework.security.core.userdetail @Override public boolean isEnabled() { - return true; + return this.user.isActivated(); } } diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html index a6bd269..a55927d 100644 --- a/src/main/resources/templates/index.html +++ b/src/main/resources/templates/index.html @@ -10,8 +10,7 @@

- Welcome to the Teaching Assistant Assistant, . To find the courses in this application please follow the link to - courses. + Welcome to the Teaching Assistant Assistant, . To find the courses in this application please follow the link to courses.

diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html index 372ea6f..27976ce 100644 --- a/src/main/resources/templates/login.html +++ b/src/main/resources/templates/login.html @@ -3,61 +3,77 @@ Login - - + -

-
+
+

Teaching Assistant Assistant

-
-
+
+
Invalid username or password!
-
+
You have been logged out!
-
-

Login

+

- Please log in to access this application. + Please log in to access to the world's most advanced course organization tool ever created. With the ability to manipulate large groups of students with ease, you might actually enjoy teaching a course.

-
-
+ +
+
+
+
+
Quick Links
+
+
+
More links
+
+
+
Yet more links
+
+
+
+
+ Social media icons go here. +
+
+
+
+

+ © 2019 Andrew Lalis, all rights reserved. +

+
+
+
+
\ No newline at end of file