Add settings page with 'allow/disallow registration' option for admin. Allowed for first run.

2024-01-03 20:05:53 +03:00 · 2024-01-03 20:05:53 +03:00 · 583682106d
commit 583682106d
parent 52dd7f509a
13 changed files with 176 additions and 11 deletions
--- a/src/main/java/ru/redrise/marinesco/RootController.java
+++ b/src/main/java/ru/redrise/marinesco/RootController.java
@ -1,10 +1,8 @@
 package ru.redrise.marinesco;

-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;

-//@PreAuthorize("hasRole('USER')")
@Controller
 public class RootController {

--- a/src/main/java/ru/redrise/marinesco/ShinyApplicationRunner.java
+++ b/src/main/java/ru/redrise/marinesco/ShinyApplicationRunner.java
@ -13,16 +13,19 @@ import lombok.extern.slf4j.Slf4j;
 import ru.redrise.marinesco.data.RolesRepository;
 import ru.redrise.marinesco.data.UserRepository;
 import ru.redrise.marinesco.security.UserRole;
+import ru.redrise.marinesco.settings.ApplicationSettings;

@Slf4j
@Configuration
 public class ShinyApplicationRunner {
    private UserRepository users;
    private RolesRepository roles;
+    private ApplicationSettings settings;
    
-    public ShinyApplicationRunner(UserRepository users, RolesRepository roles) {
+    public ShinyApplicationRunner(UserRepository users, RolesRepository roles, ApplicationSettings settings) {
        this.users = users;
        this.roles = roles;
+        this.settings = settings;
    }

    @Bean
@ -32,6 +35,7 @@ public class ShinyApplicationRunner {
                log.info("Application first run");
                setRoles();
                setAdmin(args, encoder);
+                settings.setAllowRegistraion(true);
            } else
                log.info("Regular run");
        };
--- a/src/main/java/ru/redrise/marinesco/security/AdministatorAddUserForm.java
+++ b/src/main/java/ru/redrise/marinesco/security/AdministatorAddUserForm.java
@ -1,4 +1,4 @@
-package ru.redrise.marinesco;
+package ru.redrise.marinesco.security;

 import java.util.List;

@ -8,7 +8,7 @@ import jakarta.validation.constraints.NotEmpty;
 import jakarta.validation.constraints.NotNull;
 import jakarta.validation.constraints.Size;
 import lombok.Data;
-import ru.redrise.marinesco.security.UserRole;
+import ru.redrise.marinesco.User;

 //TODO: refactor along with RegistrationForm.java
@Data
--- a/src/main/java/ru/redrise/marinesco/security/ManageUsersController.java
+++ b/src/main/java/ru/redrise/marinesco/security/ManageUsersController.java
@ -16,7 +16,6 @@ import org.springframework.web.bind.annotation.RequestMapping;

 import jakarta.validation.Valid;
 import lombok.extern.slf4j.Slf4j;
-import ru.redrise.marinesco.AdministatorAddUserForm;
 import ru.redrise.marinesco.User;
 import ru.redrise.marinesco.UserGenerified;
 import ru.redrise.marinesco.data.RolesRepository;
--- a/src/main/java/ru/redrise/marinesco/security/RegistrationController.java
+++ b/src/main/java/ru/redrise/marinesco/security/RegistrationController.java
@ -15,6 +15,8 @@ import lombok.extern.slf4j.Slf4j;
 import ru.redrise.marinesco.User;
 import ru.redrise.marinesco.data.RolesRepository;
 import ru.redrise.marinesco.data.UserRepository;
+import ru.redrise.marinesco.settings.ApplicationSettings;
+import ru.redrise.marinesco.settings.KeyValueRepository;

@Slf4j
@Controller
@ -25,14 +27,18 @@ public class RegistrationController {
    private PasswordEncoder passwordEncoder;
    private HttpServletRequest request;

+    private ApplicationSettings applicationSettings;
+
    public RegistrationController(UserRepository userRepo,
            RolesRepository rolesRepo,
            PasswordEncoder passwordEncoder,
-            HttpServletRequest request) {
+            HttpServletRequest request,
+            ApplicationSettings applicationSettings) {
        this.userRepo = userRepo;
        this.rolesRepo = rolesRepo;
        this.passwordEncoder = passwordEncoder;
        this.request = request;
+        this.applicationSettings = applicationSettings;
    }

    @ModelAttribute(name = "registrationForm")
@ -42,11 +48,15 @@ public class RegistrationController {

    @GetMapping
    public String registerForm() {
-        return "registration";
+        if (applicationSettings.isRegistrationAllowed())
+            return "registration";
+        return "registration_forbidden";
    }

    @PostMapping
    public String postMethodName(@Valid RegistrationForm form, Errors errors, Model model) {
+        if (!applicationSettings.isRegistrationAllowed())
+            return "redirect:/";
        if (form.isPasswordsNotEqual()) {
            model.addAttribute("passwordsMismatch", "Passwords must be the same.");
            return "registration";
--- a/src/main/java/ru/redrise/marinesco/security/SecurityConfig.java
+++ b/src/main/java/ru/redrise/marinesco/security/SecurityConfig.java
@ -54,8 +54,8 @@ public class SecurityConfig {
                        .requestMatchers(mvc.pattern("/login")).anonymous()
                        .requestMatchers(mvc.pattern("/error")).permitAll()
                        .requestMatchers(PathRequest.toH2Console()).permitAll()
-                        .requestMatchers(mvc.pattern("/")).hasAnyRole("ADMIN", "USER")
-                        .requestMatchers(mvc.pattern("/profile/**")).hasAnyRole("ADMIN", "USER")
+                        .requestMatchers(mvc.pattern("/")).authenticated()
+                        .requestMatchers(mvc.pattern("/profile/**")).authenticated()//.hasAnyRole("ADMIN", "USER")
                        //.requestMatchers(mvc.pattern("/design/**")).hasRole("USER")
                        .anyRequest().authenticated())
                        //.anyRequest().permitAll())
--- a/src/main/java/ru/redrise/marinesco/settings/ApplicationSettings.java
+++ b/src/main/java/ru/redrise/marinesco/settings/ApplicationSettings.java
@ -0,0 +1,37 @@
+package ru.redrise.marinesco.settings;
+
+import org.springframework.stereotype.Component;
+
+@Component
+public class ApplicationSettings {
+    private static final String ALLOW_REGISTRATION = "allow_registration";
+
+    private KeyValueRepository keyValueRepository;
+
+    private boolean registrationAllowed;
+
+    public ApplicationSettings(KeyValueRepository keyValueRepository) {
+        this.keyValueRepository = keyValueRepository;
+        initAllowRegistraionValue();
+    }
+
+    private void initAllowRegistraionValue() {
+        try{
+            this.registrationAllowed = keyValueRepository.findById(ApplicationSettings.ALLOW_REGISTRATION).get().getM_value();
+        }
+        catch (Exception e){
+            // Application first run, thus no data on the DB
+            registrationAllowed = true;
+        }
+        
+    }
+
+    public synchronized void setAllowRegistraion(boolean value) {
+        keyValueRepository.save(new KeyValue(ApplicationSettings.ALLOW_REGISTRATION, value));
+        this.registrationAllowed = value;
+    }
+
+    public synchronized boolean isRegistrationAllowed() {
+        return registrationAllowed;
+    }
+}
--- a/src/main/java/ru/redrise/marinesco/settings/KeyValue.java
+++ b/src/main/java/ru/redrise/marinesco/settings/KeyValue.java
@ -0,0 +1,19 @@
+package ru.redrise.marinesco.settings;
+
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Entity
+@AllArgsConstructor
+@NoArgsConstructor(access = AccessLevel.PRIVATE, force = true)
+public class KeyValue {
+
+    @Id
+    private String m_key;
+    private Boolean m_value;
+}
--- a/src/main/java/ru/redrise/marinesco/settings/KeyValueRepository.java
+++ b/src/main/java/ru/redrise/marinesco/settings/KeyValueRepository.java
@ -0,0 +1,11 @@
+package ru.redrise.marinesco.settings;
+
+
+import org.springframework.data.repository.CrudRepository;
+import org.springframework.stereotype.Repository;
+
+
+@Repository
+public interface KeyValueRepository extends CrudRepository<KeyValue, String>{   
+
+}
--- a/src/main/java/ru/redrise/marinesco/settings/SettingsController.java
+++ b/src/main/java/ru/redrise/marinesco/settings/SettingsController.java
@ -0,0 +1,42 @@
+package ru.redrise.marinesco.settings;
+
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+//@Slf4j
+@Controller
+@RequestMapping("/settings")
+@PreAuthorize("hasRole('ADMIN')")
+public class SettingsController {
+    private KeyValueRepository keyValueRepository;
+    private ApplicationSettings applicationSettings;
+
+    public SettingsController(KeyValueRepository keyValueRepository, ApplicationSettings applicationSettings){
+        this.keyValueRepository = keyValueRepository;
+        this.applicationSettings = applicationSettings;
+    }
+
+    @GetMapping
+    public String getPage() {
+        
+        return "settings";
+    }
+    @ModelAttribute(name = "allowRegistration")
+    public Boolean setRegistrationSetting(){
+        return applicationSettings.isRegistrationAllowed();
+        //return keyValueRepository.findById(ApplicationSettings.ALLOW_REGISTRATION).get().getM_value();
+    }
+    
+    @GetMapping("/allow_registration/{sw}")
+    public String switchRegistration(@PathVariable("sw") Boolean sw){
+        //log.info("{}", sw);
+        //keyValueRepository.save(new KeyValue(ApplicationSettings.ALLOW_REGISTRATION, sw));
+        applicationSettings.setAllowRegistraion(sw);
+        
+        return "redirect:/settings";
+    }
+}
--- a/src/main/resources/templates/registration_forbidden.html
+++ b/src/main/resources/templates/registration_forbidden.html
@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
+
+<head>
+    <title>Marinesco - registration form</title>
+    <link rel="icon" href="/favicon.svg" type="image/svg+xml">
+	<link rel="alternate icon" href="/favicon.png" type="image/png">
+    <link rel="stylesheet" th:href="@{/styles/styles.css}" />
+    <script src="/jquery.js"></script>
+</head>
+
+<body>
+    <div class="page">
+        <div th:replace="~{fragments/header :: 'header'}"></div>
+        <div class="container base">
+            <h1>Currently we're close to new registrations</h1>
+        </div>
+    </div>
+    <div th:replace="~{fragments/footer :: 'footer'}"></div>
+</body>
+
+</html>
--- a/src/main/resources/templates/root.html
+++ b/src/main/resources/templates/root.html
@ -15,6 +15,7 @@
            <br /><a href="/login">Login</a>
            <br /><a href="/profile">/profile</a>
            <br /><a href="/manage_users">/manage_users</a>
+            <br /><a href="/settings">/settings</a>
            <br /><a href="/h2">H2</a>
        </div>
    </div>
--- a/src/main/resources/templates/settings.html
+++ b/src/main/resources/templates/settings.html
@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
+
+<head>
+    <title>Marinesco - Application settings</title>
+    <link rel="icon" href="/favicon.svg" type="image/svg+xml">
+	<link rel="alternate icon" href="/favicon.png" type="image/png">
+    <link rel="stylesheet" th:href="@{/styles/styles.css}" />
+</head>
+
+<body>
+    <div class="page">
+        <div th:replace="~{fragments/header :: 'header'}"></div>
+        <div class="container base">
+            <span  th:text="${'New users registration is now ' + (allowRegistration ? 'enabled. ' : 'disabled. ' )}"></span>
+            <a th:href="${'/settings/allow_registration/' + !allowRegistration }" th:text="${'Click here to ' + (allowRegistration ? 'disable' : 'enable' )}"></a>
+        </div>
+    </div>
+    <div th:replace="~{fragments/footer :: 'footer'}"></div>
+</body>
+
+</html>